Disable casbin (#313)
* chore: disable casin test * chore: disable casin test
This commit is contained in:
parent
e999999694
commit
263fdbafdc
|
|
@ -2,9 +2,9 @@ use std::ops::Deref;
|
||||||
use std::{str::FromStr, sync::Arc};
|
use std::{str::FromStr, sync::Arc};
|
||||||
|
|
||||||
use actix_web::http::Method;
|
use actix_web::http::Method;
|
||||||
use anyhow::anyhow;
|
|
||||||
use async_trait::async_trait;
|
use async_trait::async_trait;
|
||||||
use casbin::{CoreApi, MgmtApi};
|
use casbin::MgmtApi;
|
||||||
use sqlx::{Executor, PgPool, Postgres};
|
use sqlx::{Executor, PgPool, Postgres};
|
||||||
use tokio::sync::{broadcast, RwLock};
|
use tokio::sync::{broadcast, RwLock};
|
||||||
use tracing::log::warn;
|
use tracing::log::warn;
|
||||||
|
|
@ -27,7 +27,7 @@ use crate::biz::casbin::enforcer_ext::{enforcer_remove, enforcer_update};
|
||||||
use realtime::collaborate::CollabAccessControl;
|
use realtime::collaborate::CollabAccessControl;
|
||||||
|
|
||||||
use super::{
|
use super::{
|
||||||
Action, ActionType, ObjectType, POLICY_FIELD_INDEX_ACTION, POLICY_FIELD_INDEX_OBJECT,
|
ActionType, ObjectType, POLICY_FIELD_INDEX_ACTION, POLICY_FIELD_INDEX_OBJECT,
|
||||||
POLICY_FIELD_INDEX_USER,
|
POLICY_FIELD_INDEX_USER,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -273,69 +273,72 @@ impl CollabAccessControl for CasbinCollabAccessControl {
|
||||||
|
|
||||||
async fn can_access_http_method(
|
async fn can_access_http_method(
|
||||||
&self,
|
&self,
|
||||||
uid: &i64,
|
_uid: &i64,
|
||||||
oid: &str,
|
_oid: &str,
|
||||||
method: &Method,
|
_method: &Method,
|
||||||
) -> Result<bool, AppError> {
|
) -> Result<bool, AppError> {
|
||||||
let action = if Method::POST == method || Method::PUT == method || Method::DELETE == method {
|
Ok(true)
|
||||||
Action::Write
|
// let action = if Method::POST == method || Method::PUT == method || Method::DELETE == method {
|
||||||
} else {
|
// Action::Write
|
||||||
Action::Read
|
// } else {
|
||||||
};
|
// Action::Read
|
||||||
|
// };
|
||||||
// If collab does not exist, allow access.
|
//
|
||||||
// Workspace access control will still check it.
|
// // If collab does not exist, allow access.
|
||||||
let collab_exists = self
|
// // Workspace access control will still check it.
|
||||||
.casbin_access_control
|
// let collab_exists = self
|
||||||
.enforcer
|
// .casbin_access_control
|
||||||
.read()
|
// .enforcer
|
||||||
.await
|
// .read()
|
||||||
.get_all_objects()
|
// .await
|
||||||
.contains(&ObjectType::Collab(oid).to_string());
|
// .get_all_objects()
|
||||||
|
// .contains(&ObjectType::Collab(oid).to_string());
|
||||||
if !collab_exists {
|
//
|
||||||
return Ok(true);
|
// if !collab_exists {
|
||||||
}
|
// return Ok(true);
|
||||||
|
// }
|
||||||
self
|
//
|
||||||
.casbin_access_control
|
// self
|
||||||
.enforcer
|
// .casbin_access_control
|
||||||
.read()
|
// .enforcer
|
||||||
.await
|
// .read()
|
||||||
.enforce((
|
// .await
|
||||||
uid.to_string(),
|
// .enforce((
|
||||||
ObjectType::Collab(oid).to_string(),
|
// uid.to_string(),
|
||||||
action.to_string(),
|
// ObjectType::Collab(oid).to_string(),
|
||||||
))
|
// action.to_string(),
|
||||||
.map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}")))
|
// ))
|
||||||
|
// .map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}")))
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn can_send_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
|
async fn can_send_collab_update(&self, _uid: &i64, _oid: &str) -> Result<bool, AppError> {
|
||||||
self
|
Ok(true)
|
||||||
.casbin_access_control
|
// self
|
||||||
.enforcer
|
// .casbin_access_control
|
||||||
.read()
|
// .enforcer
|
||||||
.await
|
// .read()
|
||||||
.enforce((
|
// .await
|
||||||
uid.to_string(),
|
// .enforce((
|
||||||
ObjectType::Collab(oid).to_string(),
|
// uid.to_string(),
|
||||||
Action::Write.to_string(),
|
// ObjectType::Collab(oid).to_string(),
|
||||||
))
|
// Action::Write.to_string(),
|
||||||
.map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}")))
|
// ))
|
||||||
|
// .map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}")))
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn can_receive_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
|
async fn can_receive_collab_update(&self, _uid: &i64, _oid: &str) -> Result<bool, AppError> {
|
||||||
self
|
Ok(true)
|
||||||
.casbin_access_control
|
// self
|
||||||
.enforcer
|
// .casbin_access_control
|
||||||
.read()
|
// .enforcer
|
||||||
.await
|
// .read()
|
||||||
.enforce((
|
// .await
|
||||||
uid.to_string(),
|
// .enforce((
|
||||||
ObjectType::Collab(oid).to_string(),
|
// uid.to_string(),
|
||||||
Action::Read.to_string(),
|
// ObjectType::Collab(oid).to_string(),
|
||||||
))
|
// Action::Read.to_string(),
|
||||||
.map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}")))
|
// ))
|
||||||
|
// .map_err(|e| AppError::Internal(anyhow!("casbin error enforce: {e:?}")))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue