fix: escape assertion bug (#394)

Author: Shivansh-yadav13

examples/abac_attr_model.conf

@@ -0,0 +1,11 @@
+[request_definition]
+r = sub_data, act
+
+[policy_definition]
+p = sub, act
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = r.sub_data.attr.id == p.sub && r.act == p.act

examples/abac_attr_policy.csv

@@ -0,0 +1,2 @@
+p, alice, read
+p, bob, write

src/util/util.ts

@@ -17,8 +17,10 @@ import * as fs from 'fs';
 // escapeAssertion escapes the dots in the assertion,
 // because the expression evaluation doesn't support such variable names.
 function escapeAssertion(s: string): string {
-  s = s.replace(/r\./g, 'r_');
-  s = s.replace(/p\./g, 'p_');
+  s = ' ' + s;
+  s = s.replace(/(?<=[\(| ])r\./g, 'r_');
+  s = s.replace(/(?<=[\(| ])p\./g, 'p_');
+  s = s.trim();
   return s;
 }
 

test/enforcer.test.ts

@@ -697,3 +697,17 @@ test('TestEnforceExWithPriorityModel', async () => {
   testEnforceEx(e, 'bob', 'data2', 'read', [true, ['data2_allow_group', 'data2', 'read', 'allow']]);
   testEnforceEx(e, 'alice', 'data2', 'read', [false, []]);
 });
+
+test('TestABACAtrrModel', async () => {
+  const e = await newEnforcer('examples/abac_attr_model.conf', 'examples/abac_attr_policy.csv');
+  expect(
+    await e.enforce(
+      {
+        attr: {
+          id: 'alice',
+        },
+      },
+      'read'
+    )
+  ).toBe(true);
+});