Merge pull request #126 from shy1st/master

hsluoyz · web-flow · commit dc122cd5aadd · 2021-01-13T18:12:13.000+08:00
Add globMatch pattern.
diff --git a/examples/glob_model.conf b/examples/glob_model.conf
@@ -0,0 +1,11 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, obj, act
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = r.sub == p.sub && globMatch(r.obj, p.obj) && r.act == p.act
diff --git a/examples/glob_policy.csv b/examples/glob_policy.csv
@@ -0,0 +1,4 @@
+p, u1, /foo/*, read
+p, u2, /foo*, read
+p, u3, /*/foo/*, read
+p, u4, *, read
diff --git a/src/main/java/org/casbin/jcasbin/main/Enforcer.java b/src/main/java/org/casbin/jcasbin/main/Enforcer.java
@@ -52,7 +52,6 @@ public Enforcer(String modelPath, String policyFile) {
      */
     public Enforcer(String modelPath, Adapter adapter) {
         this(newModel(modelPath, ""), adapter);
-
         this.modelPath = modelPath;
     }
 
diff --git a/src/main/java/org/casbin/jcasbin/model/FunctionMap.java b/src/main/java/org/casbin/jcasbin/model/FunctionMap.java
@@ -55,6 +55,7 @@ public static FunctionMap loadFunctionMap() {
         fm.addFunction("regexMatch", new RegexMatchFunc());
         fm.addFunction("ipMatch", new IPMatchFunc());
         fm.addFunction("eval", new EvalFunc());
+        fm.addFunction("globMatch", new GlobMatchFunc());
 
         return fm;
     }
diff --git a/src/main/java/org/casbin/jcasbin/util/BuiltInFunctions.java b/src/main/java/org/casbin/jcasbin/util/BuiltInFunctions.java
@@ -14,29 +14,22 @@
 
 package org.casbin.jcasbin.util;
 
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Map.Entry;
-import java.util.Set;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import org.casbin.jcasbin.rbac.RoleManager;
-
+import bsh.EvalError;
+import bsh.Interpreter;
 import com.googlecode.aviator.runtime.function.AbstractFunction;
 import com.googlecode.aviator.runtime.function.FunctionUtils;
 import com.googlecode.aviator.runtime.type.AviatorBoolean;
 import com.googlecode.aviator.runtime.type.AviatorFunction;
 import com.googlecode.aviator.runtime.type.AviatorObject;
-
-import bsh.EvalError;
-import bsh.Interpreter;
 import inet.ipaddr.AddressStringException;
 import inet.ipaddr.IPAddress;
 import inet.ipaddr.IPAddressString;
+import org.casbin.jcasbin.rbac.RoleManager;
+
+import java.util.*;
+import java.util.Map.Entry;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 public class BuiltInFunctions {
 
@@ -243,6 +236,17 @@ public static boolean ipMatch(String ip1, String ip2) {
         return ipa1.mask(mask).equals(ipas2.getHostAddress());
     }
 
+    /**
+     * globMatch determines whether key1 matches the pattern of key2 in glob expression.
+     *
+     * @param key1 the first argument.
+     * @param key2 the second argument.
+     * @return whether key1 matches key2.
+     */
+    public static boolean globMatch(String key1, String key2) {
+        return Pattern.matches(Glob.toRegexPattern(key2), key1);
+    }
+
     /**
      * allMatch determines whether key1 matches the pattern of key2 , key2 can contain a *.
      *
diff --git a/src/main/java/org/casbin/jcasbin/util/Glob.java b/src/main/java/org/casbin/jcasbin/util/Glob.java
@@ -0,0 +1,183 @@
+// Copyright 2021 The casbin Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+
+package org.casbin.jcasbin.util;
+import java.util.regex.PatternSyntaxException;
+
+/**
+ *
+ *
+ * @author shy
+ * @since 2021/1/13
+ */
+public class Glob {
+
+    private static final String REGEX_META_CHARS = ".^$+{[]|()";
+    private static final String GLOB_META_CHARS = "\\*?[{";
+
+    /**
+     * Creates a regex pattern from the given glob expression.
+     *
+     * @param globPattern the given glob expression
+     * @return the regex pattern
+     */
+    public static String toRegexPattern(String globPattern) {
+        boolean inGroup = false;
+        StringBuilder regex = new StringBuilder("^");
+
+        int i = 0;
+        while (i < globPattern.length()) {
+            char c = globPattern.charAt(i++);
+            switch (c) {
+                case '\\':
+                    // escape special characters
+                    if (i == globPattern.length()) {
+                        throw new PatternSyntaxException("No character to escape",
+                            globPattern, i - 1);
+                    }
+                    char next = globPattern.charAt(i++);
+                    if (isGlobMeta(next) || isRegexMeta(next)) {
+                        regex.append('\\');
+                    }
+                    regex.append(next);
+                    break;
+                case '/':
+                    regex.append(c);
+                    break;
+                case '[':
+                    // don't match name separator in class
+                    regex.append("[[^/]&&[");
+                    if (next(globPattern, i) == '^') {
+                        // escape the regex negation char if it appears
+                        regex.append("\\^");
+                        i++;
+                    } else {
+                        // negation
+                        if (next(globPattern, i) == '!') {
+                            regex.append('^');
+                            i++;
+                        }
+                        // hyphen allowed at start
+                        if (next(globPattern, i) == '-') {
+                            regex.append('-');
+                            i++;
+                        }
+                    }
+                    boolean hasRangeStart = false;
+                    char last = 0;
+                    while (i < globPattern.length()) {
+                        c = globPattern.charAt(i++);
+                        if (c == ']') {
+                            break;
+                        }
+                        if (c == '/') {
+                            throw new PatternSyntaxException("Explicit 'name separator' in class",
+                                globPattern, i - 1);
+                        }
+                        // TBD: how to specify ']' in a class?
+                        if (c == '\\' || c == '[' || c == '&' && next(globPattern, i) == '&') {
+                            // escape '\', '[' or "&&" for regex class
+                            regex.append('\\');
+                        }
+                        regex.append(c);
+
+                        if (c == '-') {
+                            if (!hasRangeStart) {
+                                throw new PatternSyntaxException("Invalid range",
+                                    globPattern, i - 1);
+                            }
+                            if ((c = next(globPattern, i++)) == 0 || c == ']') {
+                                break;
+                            }
+                            if (c < last) {
+                                throw new PatternSyntaxException("Invalid range",
+                                    globPattern, i - 3);
+                            }
+                            regex.append(c);
+                            hasRangeStart = false;
+                        } else {
+                            hasRangeStart = true;
+                            last = c;
+                        }
+                    }
+                    if (c != ']') {
+                        throw new PatternSyntaxException("Missing ']", globPattern, i - 1);
+                    }
+                    regex.append("]]");
+                    break;
+                case '{':
+                    if (inGroup) {
+                        throw new PatternSyntaxException("Cannot nest groups",
+                            globPattern, i - 1);
+                    }
+                    regex.append("(?:(?:");
+                    inGroup = true;
+                    break;
+                case '}':
+                    if (inGroup) {
+                        regex.append("))");
+                        inGroup = false;
+                    } else {
+                        regex.append('}');
+                    }
+                    break;
+                case ',':
+                    if (inGroup) {
+                        regex.append(")|(?:");
+                    } else {
+                        regex.append(',');
+                    }
+                    break;
+                case '*':
+                    if (next(globPattern, i) == '*') {
+                        // crosses directory boundaries
+                        regex.append(".*");
+                        i++;
+                    } else {
+                        // within directory boundary
+                        regex.append("[^/]*");
+                    }
+                    break;
+                case '?':
+                    regex.append("[^/]");
+                    break;
+
+                default:
+                    if (isRegexMeta(c)) {
+                        regex.append('\\');
+                    }
+                    regex.append(c);
+            }
+        }
+
+        if (inGroup) {
+            throw new PatternSyntaxException("Missing '}", globPattern, i - 1);
+        }
+
+        return regex.append('$').toString();
+    }
+
+    private static boolean isRegexMeta(char c) {
+        return REGEX_META_CHARS.indexOf(c) != -1;
+    }
+
+    private static boolean isGlobMeta(char c) {
+        return GLOB_META_CHARS.indexOf(c) != -1;
+    }
+
+    private static char next(String glob, int i) {
+        return i < glob.length() ? glob.charAt(i) : 0;
+    }
+}
diff --git a/src/main/java/org/casbin/jcasbin/util/function/GlobMatchFunc.java b/src/main/java/org/casbin/jcasbin/util/function/GlobMatchFunc.java
@@ -0,0 +1,44 @@
+// Copyright 2021 The casbin Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package org.casbin.jcasbin.util.function;
+
+import com.googlecode.aviator.runtime.function.AbstractFunction;
+import com.googlecode.aviator.runtime.function.FunctionUtils;
+import com.googlecode.aviator.runtime.type.AviatorBoolean;
+import com.googlecode.aviator.runtime.type.AviatorObject;
+import org.casbin.jcasbin.util.BuiltInFunctions;
+
+import java.util.Map;
+
+/**
+ * GlobMatchFunc is the wrapper for globMatch.
+ *
+ * @author shy
+ * @since 2021/1/12
+ */
+public class GlobMatchFunc extends AbstractFunction {
+    @Override
+    public AviatorObject call(Map<String, Object> env, AviatorObject arg1, AviatorObject arg2) {
+        String key1 = FunctionUtils.getStringValue(arg1, env);
+        String key2 = FunctionUtils.getStringValue(arg2, env);
+
+        return AviatorBoolean.valueOf(BuiltInFunctions.globMatch(key1, key2));
+    }
+
+    @Override
+    public String getName() {
+        return "globMatch";
+    }
+}
diff --git a/src/test/java/org/casbin/jcasbin/main/BuiltInFunctionsUnitTest.java b/src/test/java/org/casbin/jcasbin/main/BuiltInFunctionsUnitTest.java
@@ -0,0 +1,64 @@
+// Copyright 2021 The casbin Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package org.casbin.jcasbin.main;
+
+import org.junit.Test;
+import static org.casbin.jcasbin.main.TestUtil.testGlobMatch;
+
+public class BuiltInFunctionsUnitTest {
+
+    @Test
+    public void testGlobMatchFunc() {
+        testGlobMatch("/foo", "/foo", true);
+        testGlobMatch("/foo", "/foo*", true);
+        testGlobMatch("/foo", "/foo/*", false);
+        testGlobMatch("/foo/bar", "/foo", false);
+        testGlobMatch("/foo/bar", "/foo*", false);
+        testGlobMatch("/foo/bar", "/foo/*", true);
+        testGlobMatch("/foobar", "/foo", false);
+        testGlobMatch("/foobar", "/foo*", true);
+        testGlobMatch("/foobar", "/foo/*", false);
+
+        testGlobMatch("/foo", "*/foo", true);
+        testGlobMatch("/foo", "*/foo*", true);
+        testGlobMatch("/foo", "*/foo/*", false);
+        testGlobMatch("/foo/bar", "*/foo", false);
+        testGlobMatch("/foo/bar", "*/foo*", false);
+        testGlobMatch("/foo/bar", "*/foo/*", true);
+        testGlobMatch("/foobar", "*/foo", false);
+        testGlobMatch("/foobar", "*/foo*", true);
+        testGlobMatch("/foobar", "*/foo/*", false);
+
+        testGlobMatch("/prefix/foo", "*/foo", false);
+        testGlobMatch("/prefix/foo", "*/foo*", false);
+        testGlobMatch("/prefix/foo", "*/foo/*", false);
+        testGlobMatch("/prefix/foo/bar", "*/foo", false);
+        testGlobMatch("/prefix/foo/bar", "*/foo*", false);
+        testGlobMatch("/prefix/foo/bar", "*/foo/*", false);
+        testGlobMatch("/prefix/foobar", "*/foo", false);
+        testGlobMatch("/prefix/foobar", "*/foo*", false);
+        testGlobMatch("/prefix/foobar", "*/foo/*", false);
+
+        testGlobMatch("/prefix/subprefix/foo", "*/foo", false);
+        testGlobMatch("/prefix/subprefix/foo", "*/foo*", false);
+        testGlobMatch("/prefix/subprefix/foo", "*/foo/*", false);
+        testGlobMatch("/prefix/subprefix/foo/bar", "*/foo", false);
+        testGlobMatch("/prefix/subprefix/foo/bar", "*/foo*", false);
+        testGlobMatch("/prefix/subprefix/foo/bar", "*/foo/*", false);
+        testGlobMatch("/prefix/subprefix/foobar", "*/foo", false);
+        testGlobMatch("/prefix/subprefix/foobar", "*/foo*", false);
+        testGlobMatch("/prefix/subprefix/foobar", "*/foo/*", false);
+    }
+}
diff --git a/src/test/java/org/casbin/jcasbin/main/ModelUnitTest.java b/src/test/java/org/casbin/jcasbin/main/ModelUnitTest.java
diff --git a/src/test/java/org/casbin/jcasbin/main/TestUtil.java b/src/test/java/org/casbin/jcasbin/main/TestUtil.java

Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,6 @@ public Enforcer(String modelPath, String policyFile) {`
`52`	`52`	`*/`
`53`	`53`	`public Enforcer(String modelPath, Adapter adapter) {`
`54`	`54`	`this(newModel(modelPath, ""), adapter);`
`55`		`-`
`56`	`55`	`this.modelPath = modelPath;`
`57`	`56`	`}`
`58`	`57`
Original file line number	Diff line number	Diff line change
`@@ -55,6 +55,7 @@ public static FunctionMap loadFunctionMap() {`
`55`	`55`	`fm.addFunction("regexMatch", new RegexMatchFunc());`
`56`	`56`	`fm.addFunction("ipMatch", new IPMatchFunc());`
`57`	`57`	`fm.addFunction("eval", new EvalFunc());`
	`58`	`+ fm.addFunction("globMatch", new GlobMatchFunc());`
`58`	`59`
`59`	`60`	`return fm;`
`60`	`61`	`}`