fix: wrong domain length judge and bug in build_incremental_role_links() (#139)

Signed-off-by: Jon Lee <techlee@qq.com>

Author: leeqvip

casbin/model/assertion.py

@@ -1,6 +1,7 @@
 import logging
 from casbin.model.policy_op import PolicyOp
 
+
 class Assertion:
     def __init__(self):
         self.logger = logging.getLogger()
@@ -19,6 +20,8 @@ def build_role_links(self, rm):
         for rule in self.policy:
             if len(rule) < count:
                 raise RuntimeError("grouping policy elements do not meet role definition")
+            if len(rule) > count:
+                rule = rule[:count]
 
             self.rm.add_link(*rule[:count])
 
@@ -27,21 +30,17 @@ def build_role_links(self, rm):
 
     def build_incremental_role_links(self, rm, op, rules):
         self.rm = rm
-        count = 0
-        for i in range(len(self.value)):
-            if self.value[i] == "_":
-                count += 1
-
+        count = self.value.count("_")
+        if count < 2:
+            raise RuntimeError('the number of "_" in role definition should be at least 2')
         for rule in rules:
-            if count < 2:
-                raise TypeError("the number of \"_\" in role definition should be at least 2")
             if len(rule) < count:
                 raise TypeError("grouping policy elements do not meet role definition")
-            if(len(rule) > count):
-                rule = rule[0, count]
+            if len(rule) > count:
+                rule = rule[:count]
             if op == PolicyOp.Policy_add:
-                rm.add_link(rule[0], rule[1], rule[2: len(rule)])
+                rm.add_link(rule[0], rule[1], *rule[2:])
             elif op == PolicyOp.Policy_remove:
-                rm.delete_link(rule[0], rule[1], rule[2: len(rule)])
+                rm.delete_link(rule[0], rule[1], *rule[2:])
             else:
-                raise TypeError("Invalid operation: " + str(op))
+                raise TypeError("Invalid operation: " + str(op))

casbin/rbac/default_role_manager/role_manager.py

@@ -9,7 +9,6 @@ class RoleManager(RoleManager):
     all_roles = dict()
     max_hierarchy_level = 0
 
-
     def __init__(self, max_hierarchy_level):
         self.logger = logging.getLogger()
         self.all_roles = dict()
@@ -47,9 +46,8 @@ def clear(self):
 
     def add_link(self, name1, name2, *domain):
         if len(domain) == 1:
-            if len(domain[0]) > 1:
-                name1 = domain[0] + "::" + name1
-                name2 = domain[0] + "::" + name2
+            name1 = domain[0] + "::" + name1
+            name2 = domain[0] + "::" + name2
         elif len(domain) > 1:
             raise RuntimeError("error: domain should be 1 parameter")
 
@@ -70,9 +68,8 @@ def add_link(self, name1, name2, *domain):
 
     def delete_link(self, name1, name2, *domain):
         if len(domain) == 1:
-            if len(domain[0]) > 1:
-                name1 = domain[0] + "::" + name1
-                name2 = domain[0] + "::" + name2
+            name1 = domain[0] + "::" + name1
+            name2 = domain[0] + "::" + name2
         elif len(domain) > 1:
             raise RuntimeError("error: domain should be 1 parameter")
 
@@ -101,9 +98,10 @@ def has_link(self, name1, name2, *domain):
             return role1.has_role(name2, self.max_hierarchy_level)
         else:
             for key, role in self.all_roles.items():
-                if self.matching_func(name1, key) and role.has_role(name2, self.max_hierarchy_level, self.matching_func):
+                if self.matching_func(name1, key) and role.has_role(name2, self.max_hierarchy_level,
+                                                                    self.matching_func):
                     return True
-            return False        
+            return False
 
     def get_roles(self, name, domain=None):
         """