feat: fix the double quotes bug

casbin · Nov 29, 2024 · 060c258 · 060c258
1 parent 8dd4940
commit 060c258
Show file tree

Hide file tree

Showing 4 changed files with 78 additions and 12 deletions.
diff --git a/examples/abac_rule_with_comma_model.conf b/examples/abac_rule_with_comma_model.conf
@@ -0,0 +1,11 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub_rule, obj_rule, act
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = r.act == p.act && eval(p.sub_rule) && eval(p.obj_rule)
diff --git a/src/main/java/org/casbin/jcasbin/main/InternalEnforcer.java b/src/main/java/org/casbin/jcasbin/main/InternalEnforcer.java
@@ -26,6 +26,7 @@
 import java.util.List;
 
 import static java.util.Collections.singletonList;
+import static org.casbin.jcasbin.util.Util.splitCommaDelimitedList;
 
 /**
  * InternalEnforcer = CoreEnforcer + Internal API.
@@ -73,12 +74,14 @@ private boolean notifyWatcher(String sec, String ptype, List<List<String>> rules
      * addPolicy adds a rule to the current policy.
      */
     boolean addPolicy(String sec, String ptype, List<String> rule) {
+        List<String> modifiedRule = splitCommaDelimitedList(rule);
+
         if (mustUseDispatcher()) {
-            dispatcher.addPolicies(sec, ptype, singletonList(rule));
+            dispatcher.addPolicies(sec, ptype, singletonList(modifiedRule));
             return true;
         }
 
-        if (model.hasPolicy(sec, ptype, rule)) {
+        if (model.hasPolicy(sec, ptype, modifiedRule)) {
             return false;
         }
 
@@ -93,11 +96,11 @@ boolean addPolicy(String sec, String ptype, List<String> rule) {
             }
         }
 
-        model.addPolicy(sec, ptype, rule);
+        model.addPolicy(sec, ptype, modifiedRule);
 
-        buildIncrementalRoleLinks(sec, ptype, singletonList(rule), Model.PolicyOperations.POLICY_ADD);
+        buildIncrementalRoleLinks(sec, ptype, singletonList(modifiedRule), Model.PolicyOperations.POLICY_ADD);
 
-        return notifyWatcher(sec, ptype, singletonList(rule), WatcherEx.UpdateType.UpdateForAddPolicy);
+        return notifyWatcher(sec, ptype, singletonList(modifiedRule), WatcherEx.UpdateType.UpdateForAddPolicy);
     }
 
 
@@ -156,8 +159,10 @@ public void buildIncrementalRoleLinks(Model.PolicyOperations op, String ptype, L
      * removePolicy removes a rule from the current policy.
      */
     boolean removePolicy(String sec, String ptype, List<String> rule) {
+        List<String> modifiedRule = splitCommaDelimitedList(rule);
+
         if (mustUseDispatcher()) {
-            dispatcher.removePolicies(sec, ptype, singletonList(rule));
+            dispatcher.removePolicies(sec, ptype, singletonList(modifiedRule));
             return true;
         }
 
@@ -172,15 +177,15 @@ boolean removePolicy(String sec, String ptype, List<String> rule) {
             }
         }
 
-        boolean ruleRemoved = model.removePolicy(sec, ptype, rule);
+        boolean ruleRemoved = model.removePolicy(sec, ptype, modifiedRule);
 
         if (!ruleRemoved) {
             return false;
         }
 
-        buildIncrementalRoleLinks(sec, ptype, singletonList(rule), Model.PolicyOperations.POLICY_REMOVE);
+        buildIncrementalRoleLinks(sec, ptype, singletonList(modifiedRule), Model.PolicyOperations.POLICY_REMOVE);
 
-        return notifyWatcher(sec, ptype, singletonList(rule), WatcherEx.UpdateType.UpdateForRemovePolicy);
+        return notifyWatcher(sec, ptype, singletonList(modifiedRule), WatcherEx.UpdateType.UpdateForRemovePolicy);
     }
 
     /**
@@ -193,8 +198,11 @@ boolean removePolicy(String sec, String ptype, List<String> rule) {
      * @return succeeds or not.
      */
     boolean updatePolicy(String sec, String ptype, List<String> oldRule, List<String> newRule) {
+        List<String> modifiedOldRule = splitCommaDelimitedList(oldRule);
+        List<String> modifiedNewRule = splitCommaDelimitedList(newRule);
+
         if (mustUseDispatcher()) {
-            dispatcher.updatePolicy(sec, ptype, oldRule, newRule);
+            dispatcher.updatePolicy(sec, ptype, modifiedOldRule, modifiedNewRule);
             return true;
         }
 
@@ -211,7 +219,7 @@ boolean updatePolicy(String sec, String ptype, List<String> oldRule, List<String
             }
         }
 
-        boolean ruleUpdated = model.updatePolicy(sec, ptype, oldRule, newRule);
+        boolean ruleUpdated = model.updatePolicy(sec, ptype, modifiedOldRule, modifiedNewRule);
 
         if (!ruleUpdated) {
             return false;
@@ -242,7 +250,7 @@ boolean updatePolicy(String sec, String ptype, List<String> oldRule, List<String
         if (watcher != null && autoNotifyWatcher) {
             try {
                 if (watcher instanceof WatcherUpdatable) {
-                    ((WatcherUpdatable) watcher).updateForUpdatePolicy(oldRule, newRule);
+                    ((WatcherUpdatable) watcher).updateForUpdatePolicy(modifiedOldRule, modifiedNewRule);
                 } else {
                     watcher.update();
                 }

diff --git a/src/main/java/org/casbin/jcasbin/util/Util.java b/src/main/java/org/casbin/jcasbin/util/Util.java
@@ -284,6 +284,21 @@ public static String[] splitCommaDelimited(String s) {
         return records;
     }
 
+    /**
+     * splits each string in the given list by commas according to CSV format
+     * and removes any extra double quotes
+     * @param rule the rule to be modified
+     * @return the modified rule
+     */
+    public static List<String> splitCommaDelimitedList(List<String> rule) {
+        List<String> modifiedRule = new ArrayList<>();
+        for (String s : rule) {
+            String[] strings = splitCommaDelimited(s);
+            modifiedRule.add(strings[0]);
+        }
+        return modifiedRule;
+    }
+
     /**
      * setEquals determines whether two string sets are identical.
      *

diff --git a/src/test/java/org/casbin/jcasbin/main/AbacAPIUnitTest.java b/src/test/java/org/casbin/jcasbin/main/AbacAPIUnitTest.java
@@ -16,11 +16,15 @@
 
 import org.casbin.jcasbin.util.Util;
 import org.junit.Test;
+
+import java.util.ArrayList;
+import java.util.List;
 import java.util.Map;
 import java.util.HashMap;
 
 import static org.casbin.jcasbin.main.TestUtil.testDomainEnforce;
 import static org.casbin.jcasbin.main.TestUtil.testEnforce;
+import static org.junit.Assert.*;
 
 public class AbacAPIUnitTest {
     @Test
@@ -57,6 +61,34 @@ public void testEvalWithDomain() {
         testDomainEnforce(e, "bob", "domain2", "data2", "read", true);
     }
 
+    @Test
+    public void testEvalWithComma() {
+        Enforcer e = new Enforcer("examples/abac_rule_with_comma_model.conf");
+        List<String> rule = new ArrayList<>();
+        rule.add("true");
+        rule.add("\"let test=seq.set('alice','bob');include(test,r.sub.name)\"");
+        rule.add("read");
+        List<String> newRule = new ArrayList<>();
+        newRule.add("true");
+        newRule.add("\"let test=seq.set('bob');include(test,r.sub.name)\"");
+        newRule.add("read");
+        assertTrue(e.addPolicy(rule));
+        assertFalse(e.addPolicy(rule));
+
+        Map<String, Object> sub = new HashMap<>();
+        sub.put("name", "alice");
+
+        testEnforce(e, sub, "data1", "read", true);
+
+        assertTrue(e.updatePolicy("p", "p", rule, newRule));
+        testEnforce(e, sub, "data1", "read", false);
+        sub.put("name", "bob");
+        testEnforce(e, sub, "data1", "read", true);
+
+        assertTrue(e.removePolicy(newRule));
+        testEnforce(e, sub, "data1", "read", false);
+    }
+
     @Test
     public void testABACMapRequest() {
         Enforcer e = new Enforcer("examples/abac_rule_map_model.conf");