casbin - npm Package Compare versions

examples/subject_priority_model_with_domain.conf

examples/subject_priority_model.conf

examples/subject_priority_policy_with_domain.csv

examples/subject_priority_policy.csv

7

CHANGELOG.md

		@@ -0,1 +1,8 @@
		# [5.22.0](https://github.com/casbin/node-casbin/compare/v5.21.0...v5.22.0) (2023-01-31)


		### Features

		* support subjectPriority ([#417](https://github.com/casbin/node-casbin/issues/417)) ([e83d505](https://github.com/casbin/node-casbin/commit/e83d5058872e65be7dc9b374ca8c6640a1f2ca9d))

		# [5.21.0](https://github.com/casbin/node-casbin/compare/v5.20.4...v5.21.0) (2023-01-21)
		@@ -2,0 +9,0 @@

3

lib/cjs/coreEnforcer.js

		@@ -180,2 +180,3 @@ "use strict";
		this.sortPolicies();
		this.model.sortPoliciesBySubjectHierarchy();
		if (this.autoBuildRoleLinks) {
		@@ -193,2 +194,4 @@ await this.buildRoleLinksInternal();
		this.model.clearPolicy();
		this.sortPolicies();
		this.model.sortPoliciesBySubjectHierarchy();
		return this.loadIncrementalFilteredPolicy(filter);
		@@ -195,0 +198,0 @@ }

1

lib/cjs/effect/defaultEffectorStream.js

		@@ -63,2 +63,3 @@ "use strict";
		case "priority(p_eft) \|\| deny" /* PRIORITY */:
		case "subjectPriority(p_eft) \|\| deny" /* SUBJECT_PRIORITY */:
		if (eft !== effector_1.Effect.Indeterminate) {
		@@ -65,0 +66,0 @@ this.res = eft === effector_1.Effect.Allow;

13

lib/cjs/model/model.d.ts

		@@ -46,2 +46,15 @@ import * as rbac from '../rbac';
		getFieldIndex(ptype: string, field: string): number;
		/**
		* sort policies by subject hieraichy
		*/
		sortPoliciesBySubjectHierarchy(): void;
		/**
		* Calculate the priority of each policy store in Map<string, number>
		*/
		getSubjectHierarchyMap(groupPolicies: string[][]): Map<string, number>;
		findHierarchy(policyMap: Map<string, string>, subjectHierarchyMap: Map<string, number>, set: Set<string>, child: string): void;
		/**
		* get full name with domain
		*/
		getNameWithDomain(domain: string, name: string): string;
		}
		@@ -48,0 +61,0 @@ /**

78

lib/cjs/model/model.js

		@@ -41,2 +41,4 @@ "use strict";
		const rbac_1 = require("../rbac");
		const defaultDomain = '';
		const defaultSeparator = '::';
		exports.sectionNameMap = {
		@@ -449,2 +451,78 @@ r: 'request_definition',
		}
		/**
		* sort policies by subject hieraichy
		*/
		sortPoliciesBySubjectHierarchy() {
		var _a, _b, _c;
		if (((_b = (_a = this.model.get('e')) === null \|\| _a === void 0 ? void 0 : _a.get('e')) === null \|\| _b === void 0 ? void 0 : _b.value) !== "subjectPriority(p_eft) \|\| deny" /* SUBJECT_PRIORITY */) {
		return;
		}
		(_c = this.model.get('p')) === null \|\| _c === void 0 ? void 0 : _c.forEach((assertion, ptype) => {
		const domainIndex = this.getFieldIndex(ptype, "dom" /* Domain */);
		const subIndex = this.getFieldIndex(ptype, "sub" /* Subject */);
		// eslint-disable-next-line
		const subjectHierarchyMap = this.getSubjectHierarchyMap(this.model.get('g').get('g').policy);
		assertion.policy.sort((policyA, policyB) => {
		const domainA = domainIndex === -1 ? defaultDomain : policyA[domainIndex];
		const domainB = domainIndex === -1 ? defaultDomain : policyB[domainIndex];
		// eslint-disable-next-line
		const priorityA = subjectHierarchyMap.get(this.getNameWithDomain(domainA, policyA[subIndex]));
		// eslint-disable-next-line
		const priorityB = subjectHierarchyMap.get(this.getNameWithDomain(domainB, policyB[subIndex]));
		return priorityB - priorityA;
		});
		});
		}
		/**
		* Calculate the priority of each policy store in Map<string, number>
		*/
		getSubjectHierarchyMap(groupPolicies) {
		const subjectHierarchyMap = new Map();
		if (!groupPolicies) {
		return subjectHierarchyMap;
		}
		const policyMap = new Map();
		let domain = defaultDomain;
		groupPolicies.forEach((policy) => {
		if (policy.length !== 2)
		domain = policy[this.getFieldIndex('p', "dom" /* Domain */)];
		const child = this.getNameWithDomain(domain, policy[this.getFieldIndex('p', "sub" /* Subject */)]);
		const parent = this.getNameWithDomain(domain, policy[this.getFieldIndex('p', "obj" /* Object */)]);
		policyMap.set(child, parent);
		if (!subjectHierarchyMap.has(child)) {
		subjectHierarchyMap.set(child, 0);
		}
		if (!subjectHierarchyMap.has(parent)) {
		subjectHierarchyMap.set(parent, 0);
		}
		subjectHierarchyMap.set(child, 1);
		});
		const set = new Set();
		subjectHierarchyMap.forEach((_, key) => {
		if (subjectHierarchyMap.get(key) !== 0)
		set.add(key);
		});
		while (set.size !== 0) {
		for (const child of set.values()) {
		this.findHierarchy(policyMap, subjectHierarchyMap, set, child);
		}
		}
		return subjectHierarchyMap;
		}
		findHierarchy(policyMap, subjectHierarchyMap, set, child) {
		set.delete(child);
		// eslint-disable-next-line
		const parent = policyMap.get(child);
		if (set.has(parent)) {
		this.findHierarchy(policyMap, subjectHierarchyMap, set, parent);
		}
		// eslint-disable-next-line
		subjectHierarchyMap.set(child, subjectHierarchyMap.get(parent) + 10);
		}
		/**
		* get full name with domain
		*/
		getNameWithDomain(domain, name) {
		return domain + defaultSeparator + name;
		}
		}
		@@ -451,0 +529,0 @@ exports.Model = Model;

3

lib/esm/coreEnforcer.js

		@@ -177,2 +177,3 @@ // Copyright 2018 The Casbin Authors. All Rights Reserved.
		this.sortPolicies();
		this.model.sortPoliciesBySubjectHierarchy();
		if (this.autoBuildRoleLinks) {
		@@ -190,2 +191,4 @@ await this.buildRoleLinksInternal();
		this.model.clearPolicy();
		this.sortPolicies();
		this.model.sortPoliciesBySubjectHierarchy();
		return this.loadIncrementalFilteredPolicy(filter);
		@@ -192,0 +195,0 @@ }

1

lib/esm/effect/defaultEffectorStream.js

		@@ -60,2 +60,3 @@ // Copyright 2020 The Casbin Authors. All Rights Reserved.
		case "priority(p_eft) \|\| deny" /* PRIORITY */:
		case "subjectPriority(p_eft) \|\| deny" /* SUBJECT_PRIORITY */:
		if (eft !== Effect.Indeterminate) {
		@@ -62,0 +63,0 @@ this.res = eft === Effect.Allow;

13

lib/esm/model/model.d.ts

		@@ -46,2 +46,15 @@ import * as rbac from '../rbac';
		getFieldIndex(ptype: string, field: string): number;
		/**
		* sort policies by subject hieraichy
		*/
		sortPoliciesBySubjectHierarchy(): void;
		/**
		* Calculate the priority of each policy store in Map<string, number>
		*/
		getSubjectHierarchyMap(groupPolicies: string[][]): Map<string, number>;
		findHierarchy(policyMap: Map<string, string>, subjectHierarchyMap: Map<string, number>, set: Set<string>, child: string): void;
		/**
		* get full name with domain
		*/
		getNameWithDomain(domain: string, name: string): string;
		}
		@@ -48,0 +61,0 @@ /**

78

lib/esm/model/model.js

		@@ -19,2 +19,4 @@ // Copyright 2018 The Casbin Authors. All Rights Reserved.
		import { DefaultRoleManager } from '../rbac';
		const defaultDomain = '';
		const defaultSeparator = '::';
		export const sectionNameMap = {
		@@ -427,2 +429,78 @@ r: 'request_definition',
		}
		/**
		* sort policies by subject hieraichy
		*/
		sortPoliciesBySubjectHierarchy() {
		var _a, _b, _c;
		if (((_b = (_a = this.model.get('e')) === null \|\| _a === void 0 ? void 0 : _a.get('e')) === null \|\| _b === void 0 ? void 0 : _b.value) !== "subjectPriority(p_eft) \|\| deny" /* SUBJECT_PRIORITY */) {
		return;
		}
		(_c = this.model.get('p')) === null \|\| _c === void 0 ? void 0 : _c.forEach((assertion, ptype) => {
		const domainIndex = this.getFieldIndex(ptype, "dom" /* Domain */);
		const subIndex = this.getFieldIndex(ptype, "sub" /* Subject */);
		// eslint-disable-next-line
		const subjectHierarchyMap = this.getSubjectHierarchyMap(this.model.get('g').get('g').policy);
		assertion.policy.sort((policyA, policyB) => {
		const domainA = domainIndex === -1 ? defaultDomain : policyA[domainIndex];
		const domainB = domainIndex === -1 ? defaultDomain : policyB[domainIndex];
		// eslint-disable-next-line
		const priorityA = subjectHierarchyMap.get(this.getNameWithDomain(domainA, policyA[subIndex]));
		// eslint-disable-next-line
		const priorityB = subjectHierarchyMap.get(this.getNameWithDomain(domainB, policyB[subIndex]));
		return priorityB - priorityA;
		});
		});
		}
		/**
		* Calculate the priority of each policy store in Map<string, number>
		*/
		getSubjectHierarchyMap(groupPolicies) {
		const subjectHierarchyMap = new Map();
		if (!groupPolicies) {
		return subjectHierarchyMap;
		}
		const policyMap = new Map();
		let domain = defaultDomain;
		groupPolicies.forEach((policy) => {
		if (policy.length !== 2)
		domain = policy[this.getFieldIndex('p', "dom" /* Domain */)];
		const child = this.getNameWithDomain(domain, policy[this.getFieldIndex('p', "sub" /* Subject */)]);
		const parent = this.getNameWithDomain(domain, policy[this.getFieldIndex('p', "obj" /* Object */)]);
		policyMap.set(child, parent);
		if (!subjectHierarchyMap.has(child)) {
		subjectHierarchyMap.set(child, 0);
		}
		if (!subjectHierarchyMap.has(parent)) {
		subjectHierarchyMap.set(parent, 0);
		}
		subjectHierarchyMap.set(child, 1);
		});
		const set = new Set();
		subjectHierarchyMap.forEach((_, key) => {
		if (subjectHierarchyMap.get(key) !== 0)
		set.add(key);
		});
		while (set.size !== 0) {
		for (const child of set.values()) {
		this.findHierarchy(policyMap, subjectHierarchyMap, set, child);
		}
		}
		return subjectHierarchyMap;
		}
		findHierarchy(policyMap, subjectHierarchyMap, set, child) {
		set.delete(child);
		// eslint-disable-next-line
		const parent = policyMap.get(child);
		if (set.has(parent)) {
		this.findHierarchy(policyMap, subjectHierarchyMap, set, parent);
		}
		// eslint-disable-next-line
		subjectHierarchyMap.set(child, subjectHierarchyMap.get(parent) + 10);
		}
		/**
		* get full name with domain
		*/
		getNameWithDomain(domain, name) {
		return domain + defaultSeparator + name;
		}
		}
		@@ -429,0 +507,0 @@ /**

2

package.json

		{
		"name": "casbin",
		"version": "5.21.0",
		"version": "5.22.0",
		"description": "An authorization library that supports access control models like ACL, RBAC, ABAC in Node.JS",
		@@ -5,0 +5,0 @@ "main": "lib/cjs/index.js",

casbin - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics