github.com/RevenueMonster/sqlike@v1.0.6/examples/casbin.go (about) 1 package examples 2 3 import ( 4 "context" 5 "testing" 6 7 plugin "github.com/RevenueMonster/sqlike/plugin/casbin" 8 "github.com/RevenueMonster/sqlike/sql/expr" 9 "github.com/RevenueMonster/sqlike/sqlike" 10 "github.com/casbin/casbin/v2" 11 "github.com/casbin/casbin/v2/persist" 12 "github.com/stretchr/testify/require" 13 ) 14 15 // CasbinExamples : 16 func CasbinExamples(ctx context.Context, t *testing.T, db *sqlike.Database) { 17 var ( 18 a persist.FilteredAdapter 19 e *casbin.Enforcer 20 err error 21 ok bool 22 ) 23 24 table := db.Table("AccessPolicy") 25 // Init policy 26 { 27 err = table.DropIfExists(ctx) 28 require.NoError(t, err) 29 a = plugin.MustNew(ctx, table) 30 e, err = casbin.NewEnforcer("./rbac_model.conf", a) 31 require.NoError(t, err) 32 err = e.LoadModel() 33 require.NoError(t, err) 34 err = e.LoadPolicy() 35 require.NoError(t, err) 36 } 37 38 adminRules := [...][]string{ 39 {"admin", "/login", "POST"}, 40 {"admin", "/logout", "POST"}, 41 {"admin", "/dashboard", "GET"}, 42 } 43 44 marketingRules := [...][]string{ 45 {"marketing", "/dashboard", "GET"}, 46 } 47 48 // Create policy 49 { 50 ok, err = e.AddNamedPolicy("p", "casbin", "/*", "GET") 51 require.True(t, ok) 52 require.NoError(t, err) 53 _, err = e.AddNamedPolicy("p", "username", "/*", "*") 54 require.True(t, ok) 55 require.NoError(t, err) 56 _, err = e.AddGroupingPolicy("admin", "tester", "/*") 57 require.NoError(t, err) 58 _, err = e.AddPolicy(adminRules[0]) 59 require.NoError(t, err) 60 _, err = e.AddPolicy(adminRules[1]) 61 require.NoError(t, err) 62 _, err = e.AddPolicy(adminRules[2]) 63 require.NoError(t, err) 64 _, err = e.AddPolicy(marketingRules[0]) 65 require.NoError(t, err) 66 _, err = e.AddNamedPolicy("p", "admin", "/login", "POST") 67 require.NoError(t, err) 68 _, err = e.AddNamedPolicy("p", "admin", "/login", "POST") 69 require.NoError(t, err) 70 71 adminPolicies := e.GetFilteredPolicy(0, "admin") 72 require.ElementsMatch(t, adminRules, adminPolicies) 73 74 err = e.SavePolicy() 75 require.NoError(t, err) 76 } 77 78 // Check success access 79 { 80 ok, err = e.Enforce("username", "/*", "*") 81 require.True(t, ok) 82 require.NoError(t, err) 83 } 84 85 // Check failed access 86 { 87 ok, err = e.Enforce("s1", "/*", "*") 88 require.False(t, ok) 89 require.NoError(t, err) 90 } 91 92 // check permission 93 { 94 ok, err = e.Enforce("admin", "/login", "POST") 95 require.True(t, ok) 96 require.NoError(t, err) 97 98 ok, err = e.Enforce("admin", "/login", "GET") 99 require.False(t, ok) 100 require.NoError(t, err) 101 102 ok, err = e.Enforce("admin", "/logout", "*") 103 require.False(t, ok) 104 require.NoError(t, err) 105 } 106 107 // Remove Policy 108 { 109 110 } 111 112 // Query Policy with where conditions 113 { 114 e.ClearPolicy() 115 err = e.LoadFilteredPolicy( 116 plugin.Filter( 117 expr.Equal("V0", "admin"), 118 ), 119 ) 120 require.NoError(t, err) 121 require.ElementsMatch(t, adminRules, e.GetPolicy()) 122 123 err = e.LoadFilteredPolicy( 124 plugin.Filter( 125 expr.Equal("V0", "marketing"), 126 ), 127 ) 128 require.NoError(t, err) 129 require.ElementsMatch(t, marketingRules, e.GetPolicy()) 130 } 131 132 }