Disable casbin (#313)

* chore: disable casin test

* chore: disable casin test
This commit is contained in:
Nathan.fooo 2024-02-09 15:07:39 +08:00 committed by GitHub
parent e999999694
commit 263fdbafdc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 64 additions and 61 deletions

View File

@ -2,9 +2,9 @@ use std::ops::Deref;
use std::{str::FromStr, sync::Arc}; use std::{str::FromStr, sync::Arc};
use actix_web::http::Method; use actix_web::http::Method;
use anyhow::anyhow;
use async_trait::async_trait; use async_trait::async_trait;
use casbin::{CoreApi, MgmtApi}; use casbin::MgmtApi;
use sqlx::{Executor, PgPool, Postgres}; use sqlx::{Executor, PgPool, Postgres};
use tokio::sync::{broadcast, RwLock}; use tokio::sync::{broadcast, RwLock};
use tracing::log::warn; use tracing::log::warn;
@ -27,7 +27,7 @@ use crate::biz::casbin::enforcer_ext::{enforcer_remove, enforcer_update};
use realtime::collaborate::CollabAccessControl; use realtime::collaborate::CollabAccessControl;
use super::{ use super::{
Action, ActionType, ObjectType, POLICY_FIELD_INDEX_ACTION, POLICY_FIELD_INDEX_OBJECT, ActionType, ObjectType, POLICY_FIELD_INDEX_ACTION, POLICY_FIELD_INDEX_OBJECT,
POLICY_FIELD_INDEX_USER, POLICY_FIELD_INDEX_USER,
}; };
@ -273,69 +273,72 @@ impl CollabAccessControl for CasbinCollabAccessControl {
async fn can_access_http_method( async fn can_access_http_method(
&self, &self,
uid: &i64, _uid: &i64,
oid: &str, _oid: &str,
method: &Method, _method: &Method,
) -> Result<bool, AppError> { ) -> Result<bool, AppError> {
let action = if Method::POST == method || Method::PUT == method || Method::DELETE == method { Ok(true)
Action::Write // let action = if Method::POST == method || Method::PUT == method || Method::DELETE == method {
} else { // Action::Write
Action::Read // } else {
}; // Action::Read
// };
// If collab does not exist, allow access. //
// Workspace access control will still check it. // // If collab does not exist, allow access.
let collab_exists = self // // Workspace access control will still check it.
.casbin_access_control // let collab_exists = self
.enforcer // .casbin_access_control
.read() // .enforcer
.await // .read()
.get_all_objects() // .await
.contains(&ObjectType::Collab(oid).to_string()); // .get_all_objects()
// .contains(&ObjectType::Collab(oid).to_string());
if !collab_exists { //
return Ok(true); // if !collab_exists {
} // return Ok(true);
// }
self //
.casbin_access_control // self
.enforcer // .casbin_access_control
.read() // .enforcer
.await // .read()
.enforce(( // .await
uid.to_string(), // .enforce((
ObjectType::Collab(oid).to_string(), // uid.to_string(),
action.to_string(), // ObjectType::Collab(oid).to_string(),
)) // action.to_string(),
.map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}"))) // ))
// .map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}")))
} }
async fn can_send_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> { async fn can_send_collab_update(&self, _uid: &i64, _oid: &str) -> Result<bool, AppError> {
self Ok(true)
.casbin_access_control // self
.enforcer // .casbin_access_control
.read() // .enforcer
.await // .read()
.enforce(( // .await
uid.to_string(), // .enforce((
ObjectType::Collab(oid).to_string(), // uid.to_string(),
Action::Write.to_string(), // ObjectType::Collab(oid).to_string(),
)) // Action::Write.to_string(),
.map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}"))) // ))
// .map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}")))
} }
async fn can_receive_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> { async fn can_receive_collab_update(&self, _uid: &i64, _oid: &str) -> Result<bool, AppError> {
self Ok(true)
.casbin_access_control // self
.enforcer // .casbin_access_control
.read() // .enforcer
.await // .read()
.enforce(( // .await
uid.to_string(), // .enforce((
ObjectType::Collab(oid).to_string(), // uid.to_string(),
Action::Read.to_string(), // ObjectType::Collab(oid).to_string(),
)) // Action::Read.to_string(),
.map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}"))) // ))
// .map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}")))
} }
} }