chore: disable all casin func (#338)

* chore: disable all casin func

* chore: rename
This commit is contained in:
Nathan.fooo 2024-02-21 14:02:37 +08:00 committed by GitHub
parent df258c6ed3
commit 3ab768fb14
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 40 additions and 20 deletions

View File

@ -180,7 +180,7 @@ collab-document = { git = "https://github.com/AppFlowy-IO/AppFlowy-Collab", rev
[features] [features]
custom_env= [] custom_env= []
# This feature will be removed once the cpu spike issue is resolved # This feature will be removed once the cpu spike issue is resolved
disable_collab_ac = [] disable_access_control = []
# Comment the above and uncomment the below to use local version of collab by cloning the repo and placing it in libs folder # Comment the above and uncomment the below to use local version of collab by cloning the repo and placing it in libs folder
#collab = { path = "libs/AppFlowy-Collab/collab" } #collab = { path = "libs/AppFlowy-Collab/collab" }

View File

@ -16,7 +16,7 @@ COPY . .
ENV SQLX_OFFLINE true ENV SQLX_OFFLINE true
# Build the project # Build the project
RUN cargo build --profile=profiling --features="disable_collab_ac" --bin appflowy_cloud RUN cargo build --profile=profiling --features="disable_access_control" --bin appflowy_cloud
FROM debian:bookworm-slim AS runtime FROM debian:bookworm-slim AS runtime

View File

@ -86,37 +86,57 @@ impl AccessControl {
obj: &ObjectType<'_>, obj: &ObjectType<'_>,
act: &ActionType, act: &ActionType,
) -> Result<bool, AppError> { ) -> Result<bool, AppError> {
self.enforcer.update(uid, obj, act).await if cfg!(feature = "disable_access_control") {
Ok(true)
} else {
self.enforcer.update(uid, obj, act).await
}
} }
pub async fn remove(&self, uid: &i64, obj: &ObjectType<'_>) -> Result<(), AppError> { pub async fn remove(&self, uid: &i64, obj: &ObjectType<'_>) -> Result<(), AppError> {
self.enforcer.remove(uid, obj).await?; if cfg!(feature = "disable_access_control") {
Ok(()) Ok(())
} else {
self.enforcer.remove(uid, obj).await?;
Ok(())
}
} }
pub async fn enforce<A>(&self, uid: &i64, obj: &ObjectType<'_>, act: A) -> Result<bool, AppError> pub async fn enforce<A>(&self, uid: &i64, obj: &ObjectType<'_>, act: A) -> Result<bool, AppError>
where where
A: ToCasbinAction, A: ToCasbinAction,
{ {
self.enforcer.enforce(uid, obj, act).await if cfg!(feature = "disable_access_control") {
Ok(true)
} else {
self.enforcer.enforce(uid, obj, act).await
}
} }
pub async fn get_access_level(&self, uid: &i64, oid: &str) -> Option<AFAccessLevel> { pub async fn get_access_level(&self, uid: &i64, oid: &str) -> Option<AFAccessLevel> {
let collab_id = ObjectType::Collab(oid); if cfg!(feature = "disable_access_control") {
self Some(AFAccessLevel::FullAccess)
.enforcer } else {
.get_action(uid, &collab_id) let collab_id = ObjectType::Collab(oid);
.await self
.map(|value| AFAccessLevel::from_action(&value)) .enforcer
.get_action(uid, &collab_id)
.await
.map(|value| AFAccessLevel::from_action(&value))
}
} }
pub async fn get_role(&self, uid: &i64, workspace_id: &str) -> Option<AFRole> { pub async fn get_role(&self, uid: &i64, workspace_id: &str) -> Option<AFRole> {
let workspace_id = ObjectType::Workspace(workspace_id); if cfg!(feature = "disable_access_control") {
self Some(AFRole::Owner)
.enforcer } else {
.get_action(uid, &workspace_id) let workspace_id = ObjectType::Workspace(workspace_id);
.await self
.map(|value| AFRole::from_action(&value)) .enforcer
.get_action(uid, &workspace_id)
.await
.map(|value| AFRole::from_action(&value))
}
} }
} }

View File

@ -81,7 +81,7 @@ impl CollabAccessControl for CollabAccessControlImpl {
} }
async fn can_send_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> { async fn can_send_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
if cfg!(feature = "disable_collab_ac") { if cfg!(feature = "disable_access_control") {
Ok(true) Ok(true)
} else { } else {
self self
@ -92,7 +92,7 @@ impl CollabAccessControl for CollabAccessControlImpl {
} }
async fn can_receive_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> { async fn can_receive_collab_update(&self, uid: &i64, oid: &str) -> Result<bool, AppError> {
if cfg!(feature = "disable_collab_ac") { if cfg!(feature = "disable_access_control") {
Ok(true) Ok(true)
} else { } else {
self self