fix and optimize casbin (#1121)

* - 删除rabac_model.conf, 改为字符串代码, 方便部署
- 删除casbin相关配置文件

* fix: delete api时只传id导致casbin_rules表清空bug

server/config.docker.yaml

@@ -35,10 +35,6 @@ email:
   secret: 'xxx'
   nickname: 'test'
 
-# casbin configuration
-casbin:
-  model-path: './resource/rbac_model.conf'
-
 # system configuration
 system:
   env: 'public'  # Change to "develop" to skip authentication for development mode

server/config.yaml

@@ -35,10 +35,6 @@ email:
   secret: 'xxx'
   nickname: 'test'
 
-# casbin configuration
-casbin:
-  model-path: './resource/rbac_model.conf'
-
 # system configuration
 system:
   env: 'public'  # Change to "develop" to skip authentication for development mode

server/config/casbin.go

-package config
-
-type Casbin struct {
-	ModelPath string `mapstructure:"model-path" json:"model-path" yaml:"model-path"` // 存放casbin模型的相对路径
-}

server/config/config.go

@@ -5,7 +5,6 @@ type Server struct {
 	Zap     Zap     `mapstructure:"zap" json:"zap" yaml:"zap"`
 	Redis   Redis   `mapstructure:"redis" json:"redis" yaml:"redis"`
 	Email   Email   `mapstructure:"email" json:"email" yaml:"email"`
-	Casbin  Casbin  `mapstructure:"casbin" json:"casbin" yaml:"casbin"`
 	System  System  `mapstructure:"system" json:"system" yaml:"system"`
 	Captcha Captcha `mapstructure:"captcha" json:"captcha" yaml:"captcha"`
 	// auto

server/resource/rbac_model.conf

-[request_definition]
-r = sub, obj, act
-
-[policy_definition]
-p = sub, obj, act
-
-[role_definition]
-g = _, _
-
-[policy_effect]
-e = some(where (p.eft == allow))
-
-[matchers]
-m = r.sub == p.sub && keyMatch2(r.obj,p.obj) && r.act == p.act

server/service/system/sys_api.go

@@ -35,9 +35,17 @@ func (apiService *ApiService) CreateApi(api system.SysApi) (err error) {
 //@return: err error
 
 func (apiService *ApiService) DeleteApi(api system.SysApi) (err error) {
-	err = global.GVA_DB.Delete(&api).Error
-	CasbinServiceApp.ClearCasbin(1, api.Path, api.Method)
-	return err
+	var entity system.SysApi
+	err = global.GVA_DB.Where("id = ?", api.ID).First(&entity).Error // 根据id查询api记录
+	if errors.Is(err, gorm.ErrRecordNotFound) {                      // api记录不存在
+		return err
+	}
+	err = global.GVA_DB.Delete(&entity).Error
+	if err != nil {
+		return err
+	}
+	CasbinServiceApp.ClearCasbin(1, entity.Path, entity.Method)
+	return nil
 }
 
 //@author: [piexlmax](https://github.com/piexlmax)

server/service/system/sys_casbin.go

@@ -2,6 +2,8 @@ package system
 
 import (
 	"errors"
+	"github.com/casbin/casbin/v2/model"
+	"go.uber.org/zap"
 	"sync"
 
 	"github.com/casbin/casbin/v2"
@@ -92,7 +94,28 @@ var (
 func (casbinService *CasbinService) Casbin() *casbin.SyncedEnforcer {
 	once.Do(func() {
 		a, _ := gormadapter.NewAdapterByDB(global.GVA_DB)
-		syncedEnforcer, _ = casbin.NewSyncedEnforcer(global.GVA_CONFIG.Casbin.ModelPath, a)
+		text := `
+		[request_definition]
+		r = sub, obj, act
+		
+		[policy_definition]
+		p = sub, obj, act
+		
+		[role_definition]
+		g = _, _
+		
+		[policy_effect]
+		e = some(where (p.eft == allow))
+		
+		[matchers]
+		m = r.sub == p.sub && keyMatch2(r.obj,p.obj) && r.act == p.act
+		`
+		m, err := model.NewModelFromString(text)
+		if err != nil {
+			zap.L().Error("字符串加载模型失败!", zap.Error(err))
+			return
+		}
+		syncedEnforcer, _ = casbin.NewSyncedEnforcer(m, a)
 	})
 	_ = syncedEnforcer.LoadPolicy()
 	return syncedEnforcer

web/src/view/systemTools/system/system.vue

@@ -120,12 +120,6 @@
             <el-button @click="email">测试邮件</el-button>
           </el-form-item>
         </el-collapse-item>
-        <el-collapse-item title="casbin配置" name="6">
-          <el-form-item label="模型地址">
-            <el-input v-model="config.casbin['model-path']" />
-          </el-form-item>
-        </el-collapse-item>
-
         <el-collapse-item title="验证码配置" name="7">
           <el-form-item label="字符长度">
             <el-input v-model.number="config.captcha['key-long']" />
@@ -370,7 +364,6 @@ const config = ref({
     'iplimit-time': 0
   },
   jwt: {},
-  casbin: {},
   mysql: {},
   pgsql: {},
   excel: {},