diff --git a/Casbin.UnitTests/PersistTests/AdapterTest.cs b/Casbin.UnitTests/PersistTests/AdapterTest.cs index 784691f..87cb030 100644 --- a/Casbin.UnitTests/PersistTests/AdapterTest.cs +++ b/Casbin.UnitTests/PersistTests/AdapterTest.cs @@ -1,5 +1,7 @@ using System.IO; using System.Threading.Tasks; +using Casbin.Model; +using Casbin.Persist; using Casbin.Persist.Adapter.File; using Casbin.Persist.Adapter.Stream; using Casbin.Persist.Adapter.Text; @@ -49,13 +51,54 @@ public async Task TestFileAdapterAsync() Assert.True(await e.EnforceAsync("bob", "data2", "write")); } + [Fact] + public void TestFilteredFileAdapter() + { + Enforcer e = new("Examples/basic_model.conf"); + Assert.False(e.Enforce("alice", "data1", "read")); + + FileAdapter a = new("Examples/basic_policy.csv"); + e.SetAdapter(a); + e.LoadFilteredPolicy(new PolicyFilter(PermConstants.DefaultPolicyType, 0, Policy.ValuesFrom(["bob"]))); + + Assert.False(e.Enforce("alice", "data1", "read")); // because "alice" is not in the filtered policy + Assert.False(e.Enforce("alice", "data1", "write")); + Assert.False(e.Enforce("alice", "data2", "read")); + Assert.False(e.Enforce("alice", "data2", "write")); + Assert.False(e.Enforce("bob", "data1", "read")); + Assert.False(e.Enforce("bob", "data1", "write")); + Assert.False(e.Enforce("bob", "data2", "read")); + Assert.True(e.Enforce("bob", "data2", "write")); + } + + [Fact] + public async Task TestFilteredFileAdapterAsync() + { + Enforcer e = new("Examples/basic_model.conf"); + Assert.False(await e.EnforceAsync("alice", "data1", "read")); + + FileAdapter a = new("Examples/basic_policy.csv"); + e.SetAdapter(a); + await e.LoadFilteredPolicyAsync(new PolicyFilter(PermConstants.DefaultPolicyType, 0, Policy.ValuesFrom(["bob"]))); + + Assert.False(await e.EnforceAsync("alice", "data1", "read")); // because "alice" is not in the filtered policy + Assert.False(await e.EnforceAsync("alice", "data1", "write")); + Assert.False(await e.EnforceAsync("alice", "data2", "read")); + Assert.False(await e.EnforceAsync("alice", "data2", "write")); + Assert.False(await e.EnforceAsync("bob", "data1", "read")); + Assert.False(await e.EnforceAsync("bob", "data1", "write")); + Assert.False(await e.EnforceAsync("bob", "data2", "read")); + Assert.True(await e.EnforceAsync("bob", "data2", "write")); + } + [Fact] public void TestStreamAdapter() { Enforcer e = new("Examples/basic_model.conf"); Assert.False(e.Enforce("alice", "data1", "read")); - StreamAdapter a = new(File.OpenRead("Examples/basic_policy.csv")); + using FileStream stream = File.OpenRead("Examples/basic_policy.csv"); + StreamAdapter a = new(stream); e.SetAdapter(a); e.LoadPolicy(); @@ -75,7 +118,8 @@ public async Task TestStreamAdapterAsync() Enforcer e = new("Examples/basic_model.conf"); Assert.False(await e.EnforceAsync("alice", "data1", "read")); - StreamAdapter a = new(File.OpenRead("Examples/basic_policy.csv")); + using FileStream stream = File.OpenRead("Examples/basic_policy.csv"); + StreamAdapter a = new(stream); e.SetAdapter(a); await e.LoadPolicyAsync(); @@ -89,6 +133,48 @@ public async Task TestStreamAdapterAsync() Assert.True(await e.EnforceAsync("bob", "data2", "write")); } + [Fact] + public void TestFilteredStreamAdapter() + { + Enforcer e = new("Examples/basic_model.conf"); + Assert.False(e.Enforce("alice", "data1", "read")); + + using FileStream stream = File.OpenRead("Examples/basic_policy.csv"); + StreamAdapter a = new(stream); + e.SetAdapter(a); + e.LoadFilteredPolicy(new PolicyFilter(PermConstants.DefaultPolicyType, 0, Policy.ValuesFrom(["bob"]))); + + Assert.False(e.Enforce("alice", "data1", "read")); // because "alice" is not in the filtered policy + Assert.False(e.Enforce("alice", "data1", "write")); + Assert.False(e.Enforce("alice", "data2", "read")); + Assert.False(e.Enforce("alice", "data2", "write")); + Assert.False(e.Enforce("bob", "data1", "read")); + Assert.False(e.Enforce("bob", "data1", "write")); + Assert.False(e.Enforce("bob", "data2", "read")); + Assert.True(e.Enforce("bob", "data2", "write")); + } + + [Fact] + public async Task TestFilteredStreamAdapterAsync() + { + Enforcer e = new("Examples/basic_model.conf"); + Assert.False(await e.EnforceAsync("alice", "data1", "read")); + + using FileStream stream = File.OpenRead("Examples/basic_policy.csv"); + StreamAdapter a = new(stream); + e.SetAdapter(a); + await e.LoadFilteredPolicyAsync(new PolicyFilter(PermConstants.DefaultPolicyType, 0, Policy.ValuesFrom(["bob"]))); + + Assert.False(await e.EnforceAsync("alice", "data1", "read")); // because "alice" is not in the filtered policy + Assert.False(await e.EnforceAsync("alice", "data1", "write")); + Assert.False(await e.EnforceAsync("alice", "data2", "read")); + Assert.False(await e.EnforceAsync("alice", "data2", "write")); + Assert.False(await e.EnforceAsync("bob", "data1", "read")); + Assert.False(await e.EnforceAsync("bob", "data1", "write")); + Assert.False(await e.EnforceAsync("bob", "data2", "read")); + Assert.True(await e.EnforceAsync("bob", "data2", "write")); + } + [Fact] public void TestTextAdapter() { @@ -132,4 +218,48 @@ public async Task TestTextAdapterAsync() Assert.False(await e.EnforceAsync("bob", "data2", "read")); Assert.True(await e.EnforceAsync("bob", "data2", "write")); } + + [Fact] + public void TestFilteredTextAdapter() + { + Enforcer e = new("Examples/basic_model.conf"); + Assert.False(e.Enforce("alice", "data1", "read")); + + TextAdapter a = new(File.ReadAllText("Examples/basic_policy.csv")); + e.SetAdapter(a); + e.LoadFilteredPolicy(new PolicyFilter(PermConstants.DefaultPolicyType, 0, Policy.ValuesFrom(["bob"]))); + + Assert.False(e.Enforce("alice", "data1", "read")); // because "alice" is not in the filtered policy + Assert.False(e.Enforce("alice", "data1", "write")); + Assert.False(e.Enforce("alice", "data2", "read")); + Assert.False(e.Enforce("alice", "data2", "write")); + Assert.False(e.Enforce("bob", "data1", "read")); + Assert.False(e.Enforce("bob", "data1", "write")); + Assert.False(e.Enforce("bob", "data2", "read")); + Assert.True(e.Enforce("bob", "data2", "write")); + } + + [Fact] + public async Task TestFilteredTextAdapterAsync() + { + Enforcer e = new("Examples/basic_model.conf"); + Assert.False(await e.EnforceAsync("alice", "data1", "read")); + +#if NET452 || NET461 || NET462 + TextAdapter a = new(File.ReadAllText("Examples/basic_policy.csv")); +#else + TextAdapter a = new(await File.ReadAllTextAsync("Examples/basic_policy.csv")); +#endif + e.SetAdapter(a); + await e.LoadFilteredPolicyAsync(new PolicyFilter(PermConstants.DefaultPolicyType, 0, Policy.ValuesFrom(["bob"]))); + + Assert.False(await e.EnforceAsync("alice", "data1", "read")); // because "alice" is not in the filtered policy + Assert.False(await e.EnforceAsync("alice", "data1", "write")); + Assert.False(await e.EnforceAsync("alice", "data2", "read")); + Assert.False(await e.EnforceAsync("alice", "data2", "write")); + Assert.False(await e.EnforceAsync("bob", "data1", "read")); + Assert.False(await e.EnforceAsync("bob", "data1", "write")); + Assert.False(await e.EnforceAsync("bob", "data2", "read")); + Assert.True(await e.EnforceAsync("bob", "data2", "write")); + } } diff --git a/Casbin/Persist/PolicyFilter.cs b/Casbin/Persist/PolicyFilter.cs index 9dad1dd..8a51917 100644 --- a/Casbin/Persist/PolicyFilter.cs +++ b/Casbin/Persist/PolicyFilter.cs @@ -4,7 +4,7 @@ namespace Casbin.Persist; -public class PolicyFilter +public class PolicyFilter : IPolicyFilter { public static readonly PolicyFilter Empty = new(); private readonly int _fieldIndex;