From e69b014251d15785a32e1eca56d89e2abb27dce0 Mon Sep 17 00:00:00 2001 From: Shivansh Yadav Date: Sat, 12 Feb 2022 18:48:59 +0530 Subject: [PATCH 1/4] fix: *matcher result should be boolean or number* for KeyGet2 --- src/coreEnforcer.ts | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/coreEnforcer.ts b/src/coreEnforcer.ts index 0a20280..42dbcfc 100644 --- a/src/coreEnforcer.ts +++ b/src/coreEnforcer.ts @@ -457,6 +457,13 @@ export class CoreEnforcer { eftRes = result; } break; + case 'string': + if (result === '') { + eftRes = Effect.Indeterminate; + } else { + eftRes = Effect.Allow; + } + break; default: throw new Error('matcher result should be boolean or number'); } From 17fd19886fba7fdbca73f89486d09feeea6eb661 Mon Sep 17 00:00:00 2001 From: Shivansh Yadav Date: Mon, 21 Feb 2022 12:49:18 +0530 Subject: [PATCH 2/4] fix: updated error hint --- src/coreEnforcer.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/coreEnforcer.ts b/src/coreEnforcer.ts index 42dbcfc..babb81a 100644 --- a/src/coreEnforcer.ts +++ b/src/coreEnforcer.ts @@ -465,7 +465,7 @@ export class CoreEnforcer { } break; default: - throw new Error('matcher result should be boolean or number'); + throw new Error('matcher result should only be of type boolean, number, or string'); } const eft = parameters['p_eft']; From 0e7a0d6e810ec030a5b6309c0366b5a7aa700518 Mon Sep 17 00:00:00 2001 From: Shivansh Yadav Date: Wed, 2 Mar 2022 07:40:01 +0530 Subject: [PATCH 3/4] fix: basic keyGet2 test --- examples/basic_keyget2_model.conf | 11 +++++++++++ examples/basic_keyget2_policy.csv | 2 ++ test/enforcer.test.ts | 7 +++++++ 3 files changed, 20 insertions(+) create mode 100644 examples/basic_keyget2_model.conf create mode 100644 examples/basic_keyget2_policy.csv diff --git a/examples/basic_keyget2_model.conf b/examples/basic_keyget2_model.conf new file mode 100644 index 0000000..98064e1 --- /dev/null +++ b/examples/basic_keyget2_model.conf @@ -0,0 +1,11 @@ +[request_definition] +r = sub, obj + +[policy_definition] +p = sub, obj + +[policy_effect] +e = some(where (p.eft == allow)) + +[matchers] +m = keyGet2(r.obj, p.obj, 'id') diff --git a/examples/basic_keyget2_policy.csv b/examples/basic_keyget2_policy.csv new file mode 100644 index 0000000..52e903a --- /dev/null +++ b/examples/basic_keyget2_policy.csv @@ -0,0 +1,2 @@ +p, alice, /data/:id +p, alice, /data/:id diff --git a/test/enforcer.test.ts b/test/enforcer.test.ts index 4fd1c66..12017e6 100644 --- a/test/enforcer.test.ts +++ b/test/enforcer.test.ts @@ -659,3 +659,10 @@ test('TestBatchEnforce', async () => { ]; expect(await e.batchEnforce(requests)).toEqual([true, true]); }); + +test('TestKeyGet2', async () => { + const e = await newEnforcer('examples/basic_keyget2_model.conf', 'examples/basic_keyget2_policy.csv'); + expect(await e.enforce('alice', 'data')).toBe(false); + expect(await e.enforce('alice', '/data')).toBe(false); + expect(await e.enforce('alice', '/data/1')).toBe(true); +}); From 5a21ff7465ea8d2a81e70f57078684bab4bf3ab7 Mon Sep 17 00:00:00 2001 From: Shivansh Yadav Date: Wed, 2 Mar 2022 07:45:56 +0530 Subject: [PATCH 4/4] fix: basic_keyget2_policy.csv --- examples/basic_keyget2_policy.csv | 1 - 1 file changed, 1 deletion(-) diff --git a/examples/basic_keyget2_policy.csv b/examples/basic_keyget2_policy.csv index 52e903a..f53711a 100644 --- a/examples/basic_keyget2_policy.csv +++ b/examples/basic_keyget2_policy.csv @@ -1,2 +1 @@ p, alice, /data/:id -p, alice, /data/:id