chore: disable all casin func (#338)
* chore: disable all casin func * chore: rename
This commit is contained in:
parent
df258c6ed3
commit
3ab768fb14
|
|
@ -180,7 +180,7 @@ collab-document = { git = "https://github.com/AppFlowy-IO/AppFlowy-Collab", rev
|
||||||
[features]
|
[features]
|
||||||
custom_env= []
|
custom_env= []
|
||||||
# This feature will be removed once the cpu spike issue is resolved
|
# This feature will be removed once the cpu spike issue is resolved
|
||||||
disable_collab_ac = []
|
disable_access_control = []
|
||||||
|
|
||||||
# Comment the above and uncomment the below to use local version of collab by cloning the repo and placing it in libs folder
|
# Comment the above and uncomment the below to use local version of collab by cloning the repo and placing it in libs folder
|
||||||
#collab = { path = "libs/AppFlowy-Collab/collab" }
|
#collab = { path = "libs/AppFlowy-Collab/collab" }
|
||||||
|
|
|
||||||
|
|
@ -16,7 +16,7 @@ COPY . .
|
||||||
ENV SQLX_OFFLINE true
|
ENV SQLX_OFFLINE true
|
||||||
|
|
||||||
# Build the project
|
# Build the project
|
||||||
RUN cargo build --profile=profiling --features="disable_collab_ac" --bin appflowy_cloud
|
RUN cargo build --profile=profiling --features="disable_access_control" --bin appflowy_cloud
|
||||||
|
|
||||||
|
|
||||||
FROM debian:bookworm-slim AS runtime
|
FROM debian:bookworm-slim AS runtime
|
||||||
|
|
|
||||||
|
|
@ -86,37 +86,57 @@ impl AccessControl {
|
||||||
obj: &ObjectType<'_>,
|
obj: &ObjectType<'_>,
|
||||||
act: &ActionType,
|
act: &ActionType,
|
||||||
) -> Result<bool, AppError> {
|
) -> Result<bool, AppError> {
|
||||||
self.enforcer.update(uid, obj, act).await
|
if cfg!(feature = "disable_access_control") {
|
||||||
|
Ok(true)
|
||||||
|
} else {
|
||||||
|
self.enforcer.update(uid, obj, act).await
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn remove(&self, uid: &i64, obj: &ObjectType<'_>) -> Result<(), AppError> {
|
pub async fn remove(&self, uid: &i64, obj: &ObjectType<'_>) -> Result<(), AppError> {
|
||||||
self.enforcer.remove(uid, obj).await?;
|
if cfg!(feature = "disable_access_control") {
|
||||||
Ok(())
|
Ok(())
|
||||||
|
} else {
|
||||||
|
self.enforcer.remove(uid, obj).await?;
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn enforce<A>(&self, uid: &i64, obj: &ObjectType<'_>, act: A) -> Result<bool, AppError>
|
pub async fn enforce<A>(&self, uid: &i64, obj: &ObjectType<'_>, act: A) -> Result<bool, AppError>
|
||||||
where
|
where
|
||||||
A: ToCasbinAction,
|
A: ToCasbinAction,
|
||||||
{
|
{
|
||||||
self.enforcer.enforce(uid, obj, act).await
|
if cfg!(feature = "disable_access_control") {
|
||||||
|
Ok(true)
|
||||||
|
} else {
|
||||||
|
self.enforcer.enforce(uid, obj, act).await
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn get_access_level(&self, uid: &i64, oid: &str) -> Option<AFAccessLevel> {
|
pub async fn get_access_level(&self, uid: &i64, oid: &str) -> Option<AFAccessLevel> {
|
||||||
let collab_id = ObjectType::Collab(oid);
|
if cfg!(feature = "disable_access_control") {
|
||||||
self
|
Some(AFAccessLevel::FullAccess)
|
||||||
.enforcer
|
} else {
|
||||||
.get_action(uid, &collab_id)
|
let collab_id = ObjectType::Collab(oid);
|
||||||
.await
|
self
|
||||||
.map(|value| AFAccessLevel::from_action(&value))
|
.enforcer
|
||||||
|
.get_action(uid, &collab_id)
|
||||||
|
.await
|
||||||
|
.map(|value| AFAccessLevel::from_action(&value))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn get_role(&self, uid: &i64, workspace_id: &str) -> Option<AFRole> {
|
pub async fn get_role(&self, uid: &i64, workspace_id: &str) -> Option<AFRole> {
|
||||||
let workspace_id = ObjectType::Workspace(workspace_id);
|
if cfg!(feature = "disable_access_control") {
|
||||||
self
|
Some(AFRole::Owner)
|
||||||
.enforcer
|
} else {
|
||||||
.get_action(uid, &workspace_id)
|
let workspace_id = ObjectType::Workspace(workspace_id);
|
||||||
.await
|
self
|
||||||
.map(|value| AFRole::from_action(&value))
|
.enforcer
|
||||||
|
.get_action(uid, &workspace_id)
|
||||||
|
.await
|
||||||
|
.map(|value| AFRole::from_action(&value))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -81,7 +81,7 @@ impl CollabAccessControl for CollabAccessControlImpl {
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn can_send_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
|
async fn can_send_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
|
||||||
if cfg!(feature = "disable_collab_ac") {
|
if cfg!(feature = "disable_access_control") {
|
||||||
Ok(true)
|
Ok(true)
|
||||||
} else {
|
} else {
|
||||||
self
|
self
|
||||||
|
|
@ -92,7 +92,7 @@ impl CollabAccessControl for CollabAccessControlImpl {
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn can_receive_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
|
async fn can_receive_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
|
||||||
if cfg!(feature = "disable_collab_ac") {
|
if cfg!(feature = "disable_access_control") {
|
||||||
Ok(true)
|
Ok(true)
|
||||||
} else {
|
} else {
|
||||||
self
|
self
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue