Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
go-atomci
atomci
提交
675d4c4e
atomci
项目概览
go-atomci
/
atomci
通知
0
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
atomci
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
675d4c4e
编写于
4月 19, 2022
作者:
C
colynn
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
fix: casbin beego orm adapter
上级
3adf3e3c
变更
9
隐藏空白更改
内联
并排
Showing
9 changed file
with
311 addition
and
30 deletion
+311
-30
internal/api/auth.go
internal/api/auth.go
+0
-1
internal/core/auth/local/local.go
internal/core/auth/local/local.go
+1
-1
internal/dao/role.go
internal/dao/role.go
+1
-0
internal/initialize/init.go
internal/initialize/init.go
+1
-1
internal/middleware/authorization.go
internal/middleware/authorization.go
+1
-1
internal/middleware/casbin/mycasbin.go
internal/middleware/casbin/mycasbin.go
+38
-24
internal/migrations/migrations.go
internal/migrations/migrations.go
+1
-1
internal/models/models.go
internal/models/models.go
+1
-1
pkg/beego-orm-adapter/adapter.go
pkg/beego-orm-adapter/adapter.go
+267
-0
未找到文件。
internal/api/auth.go
浏览文件 @
675d4c4e
...
...
@@ -93,7 +93,6 @@ func (a *AuthController) Authenticate() {
http
.
Error
(
a
.
Ctx
.
ResponseWriter
,
err
.
Error
(),
http
.
StatusInternalServerError
)
return
}
e
,
err
:=
mycasbin
.
NewCasbin
()
if
err
!=
nil
{
log
.
Log
.
Error
(
"add user role, new casbin instance error: %s"
,
err
.
Error
())
...
...
internal/core/auth/local/local.go
浏览文件 @
675d4c4e
...
...
@@ -39,7 +39,7 @@ func NewProvider() auth.Provider {
func
(
p
*
Provider
)
Authenticate
(
loginUser
,
password
string
)
(
*
auth
.
ExternalAccount
,
error
)
{
userModel
,
err
:=
dao
.
GetUser
(
loginUser
)
if
err
!=
nil
{
log
.
Log
.
Error
(
"get user error: %v"
)
log
.
Log
.
Error
(
"get user error: %v"
,
err
.
Error
()
)
return
nil
,
fmt
.
Errorf
(
"用户不存在或密码错误"
)
}
...
...
internal/dao/role.go
浏览文件 @
675d4c4e
...
...
@@ -18,6 +18,7 @@ package dao
import
(
"fmt"
mycasbin
"github.com/go-atomci/atomci/internal/middleware/casbin"
"github.com/go-atomci/atomci/internal/middleware/log"
"github.com/go-atomci/atomci/internal/models"
...
...
internal/initialize/init.go
浏览文件 @
675d4c4e
...
...
@@ -23,7 +23,7 @@ import (
"github.com/go-atomci/atomci/utils/errors"
)
func
i
nit
()
{
func
I
nit
()
{
// 注册/更新资源
initResource
()
...
...
internal/middleware/authorization.go
浏览文件 @
675d4c4e
...
...
@@ -27,7 +27,7 @@ import (
func
Authorization
(
c
*
context
.
Context
,
username
string
)
(
bool
,
error
)
{
e
,
err
:=
mycasbin
.
NewCasbin
()
if
err
!=
nil
{
log
.
Log
.
Error
(
"casbin new occur error: %v"
,
err
)
log
.
Log
.
Error
(
"casbin new occur error: %v"
,
err
.
Error
()
)
return
false
,
err
}
urlPath
:=
c
.
Request
.
URL
.
Path
...
...
internal/middleware/casbin/mycasbin.go
浏览文件 @
675d4c4e
...
...
@@ -18,24 +18,32 @@ package mycasbin
import
(
glog
"log"
"sync"
"github.com/astaxie/beego"
"github.com/go-atomci/atomci/internal/middleware/log"
beegoormadapter
"github.com/casbin/beego-orm-adapter/v2"
"github.com/casbin/casbin/v2"
"github.com/casbin/casbin/v2/model"
beegoormadapter
"github.com/go-atomci/atomci/pkg/beego-orm-adapter"
_
"github.com/go-sql-driver/mysql"
)
var
casbinObj
*
casbin
.
Enforcer
var
casbinadapter
*
beegoormadapter
.
Adapter
var
casbinadapterOnce
sync
.
Once
var
casbinErr
error
// GetOrmer :set ormer singleton
func
GetAdapter
()
(
*
beegoormadapter
.
Adapter
,
error
)
{
casbinadapterOnce
.
Do
(
func
()
{
casbinadapter
,
casbinErr
=
initAdapter
()
})
return
casbinadapter
,
casbinErr
}
// NewCasbin ..
func
NewCasbin
()
(
*
casbin
.
Enforcer
,
error
)
{
if
casbinObj
==
nil
{
rbacModel
,
err
:=
model
.
NewModelFromString
(
`
rbacModel
,
err
:=
model
.
NewModelFromString
(
`
[request_definition]
r = sub, obj, act
...
...
@@ -53,25 +61,31 @@ e = some(where (p.eft == allow))
# m = g(r.sub, p.sub) && r.obj == p.obj && (r.act == p.act || p.act == "*") || r.sub == "admin"
m = g(r.sub, p.sub) && keyMatch2(r.obj,p.obj) && (r.act == p.act || p.act == "*") || r.sub == "admin"
`
)
if
err
!=
nil
{
glog
.
Fatalf
(
"error: model: %s"
,
err
)
}
dsn
:=
beego
.
AppConfig
.
String
(
"DB::url"
)
rbacPolicy
,
_
:=
beegoormadapter
.
NewAdapter
(
"casbin"
,
"mysql"
,
dsn
)
e
,
err
:=
casbin
.
NewEnforcer
(
rbacModel
,
rbacPolicy
)
if
err
!=
nil
{
log
.
Log
.
Error
(
"casbin new enforcer error: %s"
,
err
.
Error
())
return
nil
,
err
}
if
err
:=
e
.
LoadPolicy
();
err
==
nil
{
casbinObj
=
e
return
e
,
err
}
log
.
Log
.
Error
(
"casbin rbac_model or policy init error, message: %v"
,
err
)
if
err
!=
nil
{
glog
.
Fatalf
(
"error: model: %s"
,
err
)
}
a
,
err
:=
GetAdapter
()
if
err
!=
nil
{
return
nil
,
err
}
e
,
err
:=
casbin
.
NewEnforcer
(
rbacModel
,
a
)
if
err
!=
nil
{
log
.
Log
.
Error
(
"casbin new enforcer error: %s"
,
err
.
Error
())
return
nil
,
err
}
if
err
:=
e
.
LoadPolicy
();
err
!=
nil
{
log
.
Log
.
Error
(
"casbin rbac_model or policy init error, message: %v"
,
err
.
Error
())
return
e
,
err
}
return
e
,
nil
}
return
casbinObj
,
nil
func
initAdapter
()
(
*
beegoormadapter
.
Adapter
,
error
)
{
dsn
:=
beego
.
AppConfig
.
String
(
"DB::url"
)
a
,
err
:=
beegoormadapter
.
NewAdapter
(
"casbin"
,
"mysql"
,
dsn
)
if
err
!=
nil
{
log
.
Log
.
Error
(
"beego orm adapter error: %s"
,
err
.
Error
())
return
nil
,
err
}
return
a
,
nil
}
internal/migrations/migrations.go
浏览文件 @
675d4c4e
...
...
@@ -102,7 +102,7 @@ func sureCreateTable(ormer orm.Ormer) {
ormer
.
Raw
(
ddl
)
.
Exec
()
}
func
init
()
{
func
Migrate
()
{
if
len
(
os
.
Args
)
>
1
&&
os
.
Args
[
1
][
:
5
]
==
"-test"
{
return
}
...
...
internal/models/models.go
浏览文件 @
675d4c4e
...
...
@@ -150,7 +150,7 @@ func initOrm() {
}
// Init ...
func
init
()
{
func
InitDB
()
{
if
len
(
os
.
Args
)
>
1
&&
os
.
Args
[
1
][
:
5
]
==
"-test"
{
return
}
...
...
pkg/beego-orm-adapter/adapter.go
0 → 100644
浏览文件 @
675d4c4e
// Copyright 2017 The casbin Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package
beegoormadapter
import
(
"fmt"
"runtime"
"github.com/astaxie/beego/orm"
"github.com/casbin/casbin/v2/model"
"github.com/casbin/casbin/v2/persist"
)
type
CasbinRule
struct
{
Id
int
Ptype
string
V0
string
V1
string
V2
string
V3
string
V4
string
V5
string
}
func
init
()
{
orm
.
RegisterModel
(
new
(
CasbinRule
))
}
const
(
defaultTableName
=
"casbin_rule"
)
// Adapter represents the Xorm adapter for policy storage.
type
Adapter
struct
{
driverName
string
dataSourceName
string
dataSourceAlias
string
tableName
string
dbSpecified
bool
o
orm
.
Ormer
}
// finalizer is the destructor for Adapter.
func
finalizer
(
a
*
Adapter
)
{
}
// NewAdapter is the constructor for Adapter.
// dataSourceAlias: Database alias. ORM will use it to switch database.
// driverName: database driverName.
// dataSourceName: connection string
func
NewAdapter
(
dataSourceAlias
,
driverName
,
dataSourceName
string
)
(
*
Adapter
,
error
)
{
a
:=
&
Adapter
{}
a
.
driverName
=
driverName
a
.
dataSourceName
=
dataSourceName
a
.
dataSourceAlias
=
dataSourceAlias
a
.
tableName
=
defaultTableName
err
:=
a
.
open
()
if
err
!=
nil
{
return
nil
,
err
}
// Call the destructor when the object is released.
runtime
.
SetFinalizer
(
a
,
finalizer
)
return
a
,
nil
}
func
(
a
*
Adapter
)
registerDataBase
(
aliasName
,
driverName
,
dataSource
string
,
params
...
int
)
error
{
err
:=
orm
.
RegisterDataBase
(
aliasName
,
driverName
,
dataSource
,
params
...
)
return
err
}
func
(
a
*
Adapter
)
open
()
error
{
var
err
error
err
=
a
.
registerDataBase
(
a
.
dataSourceAlias
,
a
.
driverName
,
a
.
dataSourceName
)
if
err
!=
nil
{
return
err
}
a
.
o
=
orm
.
NewOrm
()
err
=
a
.
o
.
Using
(
a
.
dataSourceAlias
)
if
err
!=
nil
{
return
err
}
err
=
a
.
createTable
()
if
err
!=
nil
{
return
err
}
return
nil
}
func
(
a
*
Adapter
)
close
()
{
a
.
o
=
nil
}
func
(
a
*
Adapter
)
createTable
()
error
{
return
orm
.
RunSyncdb
(
a
.
dataSourceAlias
,
false
,
true
)
}
func
(
a
*
Adapter
)
dropTable
()
error
{
_
,
err
:=
a
.
o
.
Raw
(
fmt
.
Sprintf
(
"DROP TABLE IF EXISTS %v;"
,
a
.
tableName
))
.
Exec
()
return
err
}
func
loadPolicyLine
(
line
CasbinRule
,
model
model
.
Model
)
{
lineText
:=
line
.
Ptype
if
line
.
V0
!=
""
{
lineText
+=
", "
+
line
.
V0
}
if
line
.
V1
!=
""
{
lineText
+=
", "
+
line
.
V1
}
if
line
.
V2
!=
""
{
lineText
+=
", "
+
line
.
V2
}
if
line
.
V3
!=
""
{
lineText
+=
", "
+
line
.
V3
}
if
line
.
V4
!=
""
{
lineText
+=
", "
+
line
.
V4
}
if
line
.
V5
!=
""
{
lineText
+=
", "
+
line
.
V5
}
persist
.
LoadPolicyLine
(
lineText
,
model
)
}
// LoadPolicy loads policy from database.
func
(
a
*
Adapter
)
LoadPolicy
(
model
model
.
Model
)
error
{
var
lines
[]
CasbinRule
_
,
err
:=
a
.
o
.
QueryTable
(
"casbin_rule"
)
.
All
(
&
lines
)
if
err
!=
nil
{
return
err
}
for
_
,
line
:=
range
lines
{
loadPolicyLine
(
line
,
model
)
}
return
nil
}
func
savePolicyLine
(
ptype
string
,
rule
[]
string
)
CasbinRule
{
line
:=
CasbinRule
{}
line
.
Ptype
=
ptype
if
len
(
rule
)
>
0
{
line
.
V0
=
rule
[
0
]
}
if
len
(
rule
)
>
1
{
line
.
V1
=
rule
[
1
]
}
if
len
(
rule
)
>
2
{
line
.
V2
=
rule
[
2
]
}
if
len
(
rule
)
>
3
{
line
.
V3
=
rule
[
3
]
}
if
len
(
rule
)
>
4
{
line
.
V4
=
rule
[
4
]
}
if
len
(
rule
)
>
5
{
line
.
V5
=
rule
[
5
]
}
return
line
}
// SavePolicy saves policy to database.
func
(
a
*
Adapter
)
SavePolicy
(
model
model
.
Model
)
error
{
err
:=
a
.
dropTable
()
if
err
!=
nil
{
return
err
}
err
=
a
.
createTable
()
if
err
!=
nil
{
return
err
}
var
lines
[]
CasbinRule
for
ptype
,
ast
:=
range
model
[
"p"
]
{
for
_
,
rule
:=
range
ast
.
Policy
{
line
:=
savePolicyLine
(
ptype
,
rule
)
lines
=
append
(
lines
,
line
)
}
}
for
ptype
,
ast
:=
range
model
[
"g"
]
{
for
_
,
rule
:=
range
ast
.
Policy
{
line
:=
savePolicyLine
(
ptype
,
rule
)
lines
=
append
(
lines
,
line
)
}
}
_
,
err
=
a
.
o
.
InsertMulti
(
len
(
lines
),
lines
)
return
err
}
// AddPolicy adds a policy rule to the storage.
func
(
a
*
Adapter
)
AddPolicy
(
sec
string
,
ptype
string
,
rule
[]
string
)
error
{
line
:=
savePolicyLine
(
ptype
,
rule
)
_
,
err
:=
a
.
o
.
Insert
(
&
line
)
return
err
}
// RemovePolicy removes a policy rule from the storage.
func
(
a
*
Adapter
)
RemovePolicy
(
sec
string
,
ptype
string
,
rule
[]
string
)
error
{
line
:=
savePolicyLine
(
ptype
,
rule
)
_
,
err
:=
a
.
o
.
Delete
(
&
line
,
"ptype"
,
"v0"
,
"v1"
,
"v2"
,
"v3"
,
"v4"
,
"v5"
)
return
err
}
// RemoveFilteredPolicy removes policy rules that match the filter from the storage.
func
(
a
*
Adapter
)
RemoveFilteredPolicy
(
sec
string
,
ptype
string
,
fieldIndex
int
,
fieldValues
...
string
)
error
{
line
:=
CasbinRule
{}
line
.
Ptype
=
ptype
filter
:=
[]
string
{}
filter
=
append
(
filter
,
"ptype"
)
if
fieldIndex
<=
0
&&
0
<
fieldIndex
+
len
(
fieldValues
)
{
line
.
V0
=
fieldValues
[
0
-
fieldIndex
]
filter
=
append
(
filter
,
"v0"
)
}
if
fieldIndex
<=
1
&&
1
<
fieldIndex
+
len
(
fieldValues
)
{
line
.
V1
=
fieldValues
[
1
-
fieldIndex
]
filter
=
append
(
filter
,
"v1"
)
}
if
fieldIndex
<=
2
&&
2
<
fieldIndex
+
len
(
fieldValues
)
{
line
.
V2
=
fieldValues
[
2
-
fieldIndex
]
filter
=
append
(
filter
,
"v2"
)
}
if
fieldIndex
<=
3
&&
3
<
fieldIndex
+
len
(
fieldValues
)
{
line
.
V3
=
fieldValues
[
3
-
fieldIndex
]
filter
=
append
(
filter
,
"v3"
)
}
if
fieldIndex
<=
4
&&
4
<
fieldIndex
+
len
(
fieldValues
)
{
line
.
V4
=
fieldValues
[
4
-
fieldIndex
]
filter
=
append
(
filter
,
"v4"
)
}
if
fieldIndex
<=
5
&&
5
<
fieldIndex
+
len
(
fieldValues
)
{
line
.
V5
=
fieldValues
[
5
-
fieldIndex
]
filter
=
append
(
filter
,
"v5"
)
}
_
,
err
:=
a
.
o
.
Delete
(
&
line
,
filter
...
)
return
err
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录