Merge pull request #1 from TripleDogDare/master

 Fix bug in save policy line

Author: leeqvip

casbin_sqlalchemy_adapter/__init__.py

@@ -1 +1 @@
-from .adapter import CasbinRule, Adapter
+from .adapter import CasbinRule, Adapter, Base

casbin_sqlalchemy_adapter/adapter.py

@@ -1,7 +1,7 @@
 from casbin import persist
-from sqlalchemy.ext.declarative import declarative_base
 from sqlalchemy import Column, Integer, String
 from sqlalchemy import create_engine
+from sqlalchemy.ext.declarative import declarative_base
 from sqlalchemy.orm import sessionmaker
 
 Base = declarative_base()
@@ -19,12 +19,36 @@ class CasbinRule(Base):
     v4 = Column(String(255))
     v5 = Column(String(255))
 
+    def __str__(self):
+        text = self.ptype
+
+        if self.v0:
+            text = text + ', ' + self.v0
+        if self.v1:
+            text = text + ', ' + self.v1
+        if self.v2:
+            text = text + ', ' + self.v2
+        if self.v3:
+            text = text + ', ' + self.v3
+        if self.v4:
+            text = text + ', ' + self.v4
+        if self.v5:
+            text = text + ', ' + self.v5
+        return text
+
+    def __repr__(self):
+        return '<CasbinRule {}: "{}">'.format(self.id, str(self))
+
 
 class Adapter(persist.Adapter):
     """the interface for Casbin adapters."""
 
-    def __init__(self, dsn):
-        self._engine = create_engine(dsn)
+    def __init__(self, engine):
+        if isinstance(engine, str):
+            self._engine = create_engine(engine)
+        else:
+            self._engine = engine
+
         session = sessionmaker(bind=self._engine)
         self._session = session()
 
@@ -34,37 +58,22 @@ def load_policy(self, model):
         """loads all policy rules from the storage."""
         lines = self._session.query(CasbinRule).all()
         for line in lines:
-            text = line.ptype
-
-            if line.v0:
-                text = text + ', ' + line.v0
-            if line.v1:
-                text = text + ', ' + line.v1
-            if line.v2:
-                text = text + ', ' + line.v2
-            if line.v3:
-                text = text + ', ' + line.v3
-            if line.v4:
-                text = text + ', ' + line.v4
-            if line.v5:
-                text = text + ', ' + line.v5
-
-            persist.load_policy_line(text, model)
+            persist.load_policy_line(str(line), model)
 
     def _save_policy_line(self, ptype, rule):
         line = CasbinRule(ptype=ptype)
         if len(rule) > 0:
             line.v0 = rule[0]
         if len(rule) > 1:
-            line.v0 = rule[1]
+            line.v1 = rule[1]
         if len(rule) > 2:
-            line.v0 = rule[2]
+            line.v2 = rule[2]
         if len(rule) > 3:
-            line.v0 = rule[3]
+            line.v3 = rule[3]
         if len(rule) > 4:
-            line.v0 = rule[4]
+            line.v4 = rule[4]
         if len(rule) > 5:
-            line.v0 = rule[5]
+            line.v5 = rule[5]
         self._session.add(line)
         self._session.commit()
 

tests/rbac_policy.csv

@@ -0,0 +1,6 @@
+p, alice, data1, read
+p, bob, data2, write
+p, data2_admin, data2, read
+p, data2_admin, data2, write
+
+g, alice, data2_admin

tests/test.db

@@ -1,21 +1,26 @@
-from unittest import TestCase
-from casbin_sqlalchemy_adapter import Adapter, CasbinRule
-import casbin
+from casbin_sqlalchemy_adapter import Adapter
+from casbin_sqlalchemy_adapter import Base
+from casbin_sqlalchemy_adapter import CasbinRule
 from sqlalchemy import create_engine
 from sqlalchemy.orm import sessionmaker
+from unittest import TestCase
+import casbin
 import os
+import simpleeval
 
-dir = os.path.split(os.path.realpath(__file__))[0]
+
+def get_fixture(path):
+    dir_path = os.path.split(os.path.realpath(__file__))[0] + "/"
+    return os.path.abspath(dir_path + path)
 
 
 def get_enforcer():
-    dsn = "sqlite:///" + dir + "/test.db"
-    adapter = Adapter(dsn)
+    engine = create_engine("sqlite://")
+    adapter = Adapter(engine)
 
-    engine = create_engine(dsn)
     session = sessionmaker(bind=engine)
+    Base.metadata.create_all(engine)
     s = session()
-    s.query(CasbinRule).delete(synchronize_session=False)
 
     s.add(CasbinRule(ptype='p', v0='alice', v1='data1', v2='read'))
     s.add(CasbinRule(ptype='p', v0='bob', v1='data2', v2='write'))
@@ -25,7 +30,7 @@ def get_enforcer():
     s.commit()
     s.close()
 
-    return casbin.Enforcer(dir + '/rbac_model.conf', adapter, True)
+    return casbin.Enforcer(get_fixture('rbac_model.conf'), adapter, True)
 
 
 class TestConfig(TestCase):
@@ -37,3 +42,63 @@ def test_enforcer_basic(self):
         self.assertTrue(e.enforce('bob', 'data2', 'write'))
         self.assertTrue(e.enforce('alice', 'data2', 'read'))
         self.assertTrue(e.enforce('alice', 'data2', 'write'))
+
+    def test_add_policy(self):
+        adapter = Adapter('sqlite://')
+        e = casbin.Enforcer(get_fixture('rbac_model.conf'), adapter, True)
+
+        try:
+            self.assertFalse(e.enforce('alice', 'data1', 'read'))
+            self.assertFalse(e.enforce('bob', 'data1', 'read'))
+            self.assertFalse(e.enforce('bob', 'data2', 'write'))
+            self.assertFalse(e.enforce('alice', 'data2', 'read'))
+            self.assertFalse(e.enforce('alice', 'data2', 'write'))
+        except simpleeval.NameNotDefined:
+            # This is caused by an upstream bug when there is no policy loaded
+            # Should be resolved in pycasbin >= 0.3
+            pass
+
+        adapter.add_policy(sec=None, ptype='p', rule=['alice', 'data1', 'read'])
+        adapter.add_policy(sec=None, ptype='p', rule=['bob', 'data2', 'write'])
+        adapter.add_policy(sec=None, ptype='p', rule=['data2_admin', 'data2', 'read'])
+        adapter.add_policy(sec=None, ptype='p', rule=['data2_admin', 'data2', 'write'])
+        adapter.add_policy(sec=None, ptype='g', rule=['alice', 'data2_admin'])
+
+        e.load_policy()
+
+        self.assertTrue(e.enforce('alice', 'data1', 'read'))
+        self.assertFalse(e.enforce('bob', 'data1', 'read'))
+        self.assertTrue(e.enforce('bob', 'data2', 'write'))
+        self.assertTrue(e.enforce('alice', 'data2', 'read'))
+        self.assertTrue(e.enforce('alice', 'data2', 'write'))
+        self.assertFalse(e.enforce('bogus', 'data2', 'write'))
+
+    def test_save_policy(self):
+        model = casbin.Enforcer(get_fixture('rbac_model.conf'), get_fixture('rbac_policy.csv')).model
+        adapter = Adapter('sqlite://')
+        adapter.save_policy(model)
+        e = casbin.Enforcer(get_fixture('rbac_model.conf'), adapter)
+
+        self.assertTrue(e.enforce('alice', 'data1', 'read'))
+        self.assertFalse(e.enforce('bob', 'data1', 'read'))
+        self.assertTrue(e.enforce('bob', 'data2', 'write'))
+        self.assertTrue(e.enforce('alice', 'data2', 'read'))
+        self.assertTrue(e.enforce('alice', 'data2', 'write'))
+
+    def test_str(self):
+        rule = CasbinRule(ptype='p', v0='alice', v1='data1', v2='read')
+        self.assertEqual(str(rule), 'p, alice, data1, read')
+
+    def test_repr(self):
+        rule = CasbinRule(ptype='p', v0='alice', v1='data1', v2='read')
+        self.assertEqual(repr(rule), '<CasbinRule None: "p, alice, data1, read">')
+        engine = create_engine("sqlite://")
+
+        session = sessionmaker(bind=engine)
+        Base.metadata.create_all(engine)
+        s = session()
+
+        s.add(rule)
+        s.commit()
+        self.assertRegex(repr(rule), r'<CasbinRule \d+: "p, alice, data1, read">')
+        s.close()