feat: support updateFilteredPolicies method, fix #28 (#29)

basakest · web-flow · commit f8c6a13bed87 · 2021-09-06T23:53:40.000+08:00
feat: support updateFilteredPolicies method, fix #28
diff --git a/src/adapter/DatabaseAdapter.php b/src/adapter/DatabaseAdapter.php
@@ -247,6 +247,55 @@ public function updatePolicies(string $sec, string $ptype, array $oldRules, arra
         });
     }
 
+    /**
+     * UpdateFilteredPolicies deletes old rules and adds new rules.
+     *
+     * @param string $sec
+     * @param string $ptype
+     * @param array $newPolicies
+     * @param integer $fieldIndex
+     * @param string ...$fieldValues
+     * @return array
+     */
+    public function updateFilteredPolicies(string $sec, string $ptype, array $newPolicies, int $fieldIndex, string ...$fieldValues): array
+    {
+        $where['ptype'] = $ptype;
+        foreach ($fieldValues as $fieldValue) {
+            $suffix = $fieldIndex++;
+            if (!is_null($fieldValue) && $fieldValue !== '') {
+                $where['v'. $suffix] = $fieldValue;
+            }
+        }
+
+        $newP = [];
+        $oldP = [];
+        foreach ($newPolicies as $newRule) {
+            $col['ptype'] = $ptype;
+            foreach ($newRule as $key => $value) {
+                $col['v' . strval($key)] = $value;
+            }
+            $newP[] = $col;
+        }
+
+        DB::transaction(function () use ($newP, $where, &$oldP) {
+            $oldRules = $this->model->where($where);
+            $oldP = $oldRules->select()->hidden(['id'])->toArray();
+
+            foreach ($oldP as &$item) {
+                $item = array_filter($item, function ($value) {
+                    return !is_null($value) && $value !== '';
+                });
+                unset($item['ptype']);
+            }
+            
+            $oldRules->delete();
+            $this->model->insertAll($newP);
+        });
+
+        // return deleted rules
+        return $oldP;
+    }
+
     /**
      * Returns true if the loaded policy has been filtered.
      *
diff --git a/tests/DatabaseAdapterTest.php b/tests/DatabaseAdapterTest.php
@@ -176,6 +176,135 @@ public function testUpdatePolicies()
         });
     }
 
+    public function arrayEqualsWithoutOrder(array $expected, array $actual)
+    {
+        if (method_exists($this, 'assertEqualsCanonicalizing')) {
+            $this->assertEqualsCanonicalizing($expected, $actual);
+        } else {
+            array_multisort($expected);
+            array_multisort($actual);
+            $this->assertEquals($expected, $actual);
+        }
+    }
+
+    public function testUpdateFilteredPolicies()
+    {
+        $this->testing(function () {
+            $this->assertEquals([
+                ['alice', 'data1', 'read'],
+                ['bob', 'data2', 'write'],
+                ['data2_admin', 'data2', 'read'],
+                ['data2_admin', 'data2', 'write'],
+            ], Enforcer::getPolicy());
+    
+            Enforcer::updateFilteredPolicies([["alice", "data1", "write"]], 0, "alice", "data1", "read");
+            Enforcer::updateFilteredPolicies([["bob", "data2", "read"]], 0, "bob", "data2", "write");
+    
+            $policies = [
+                ['alice', 'data1', 'write'],
+                ['bob', 'data2', 'read'],
+                ['data2_admin', 'data2', 'read'],
+                ['data2_admin', 'data2', 'write']
+            ];
+    
+            $this->arrayEqualsWithoutOrder($policies, Enforcer::getPolicy());
+    
+            // test use updateFilteredPolicies to update all policies of a user
+            $this->initTable();
+            Enforcer::loadPolicy();
+            $policies = [
+                ['alice', 'data2', 'write'],
+                ['bob', 'data1', 'read']
+            ];
+            Enforcer::addPolicies($policies);
+    
+            $this->arrayEqualsWithoutOrder([
+                ['alice', 'data1', 'read'],
+                ['bob', 'data2', 'write'],
+                ['data2_admin', 'data2', 'read'],
+                ['data2_admin', 'data2', 'write'],
+                ['alice', 'data2', 'write'],
+                ['bob', 'data1', 'read']
+            ], Enforcer::getPolicy());
+    
+            Enforcer::updateFilteredPolicies([['alice', 'data1', 'write'], ['alice', 'data2', 'read']], 0, 'alice');
+            Enforcer::updateFilteredPolicies([['bob', 'data1', 'write'], ["bob", "data2", "read"]], 0, 'bob');
+    
+            $policies = [
+                ['alice', 'data1', 'write'],
+                ['alice', 'data2', 'read'],
+                ['bob', 'data1', 'write'],
+                ['bob', 'data2', 'read'],
+                ['data2_admin', 'data2', 'read'],
+                ['data2_admin', 'data2', 'write']
+            ];
+    
+            $this->arrayEqualsWithoutOrder($policies, Enforcer::getPolicy());
+    
+            // test if $fieldValues contains empty string
+            $this->initTable();
+            Enforcer::loadPolicy();
+            $policies = [
+                ['alice', 'data2', 'write'],
+                ['bob', 'data1', 'read']
+            ];
+            Enforcer::addPolicies($policies);
+    
+            $this->assertEquals([
+                ['alice', 'data1', 'read'],
+                ['bob', 'data2', 'write'],
+                ['data2_admin', 'data2', 'read'],
+                ['data2_admin', 'data2', 'write'],
+                ['alice', 'data2', 'write'],
+                ['bob', 'data1', 'read']
+            ], Enforcer::getPolicy());
+    
+            Enforcer::updateFilteredPolicies([['alice', 'data1', 'write'], ['alice', 'data2', 'read']], 0, 'alice', '', '');
+            Enforcer::updateFilteredPolicies([['bob', 'data1', 'write'], ["bob", "data2", "read"]], 0, 'bob', '', '');
+    
+            $policies = [
+                ['alice', 'data1', 'write'],
+                ['alice', 'data2', 'read'],
+                ['bob', 'data1', 'write'],
+                ['bob', 'data2', 'read'],
+                ['data2_admin', 'data2', 'read'],
+                ['data2_admin', 'data2', 'write']
+            ];
+    
+            $this->arrayEqualsWithoutOrder($policies, Enforcer::getPolicy());
+    
+            // test if $fieldIndex is not zero
+            $this->initTable();
+            Enforcer::loadPolicy();
+            $policies = [
+                ['alice', 'data2', 'write'],
+                ['bob', 'data1', 'read']
+            ];
+            Enforcer::addPolicies($policies);
+    
+            $this->assertEquals([
+                ['alice', 'data1', 'read'],
+                ['bob', 'data2', 'write'],
+                ['data2_admin', 'data2', 'read'],
+                ['data2_admin', 'data2', 'write'],
+                ['alice', 'data2', 'write'],
+                ['bob', 'data1', 'read']
+            ], Enforcer::getPolicy());
+    
+            Enforcer::updateFilteredPolicies([['alice', 'data1', 'edit'], ['bob', 'data1', 'edit']], 2, 'read');
+            Enforcer::updateFilteredPolicies([['alice', 'data2', 'read'], ["bob", "data2", "read"]], 2, 'write');
+    
+            $policies = [
+                ['alice', 'data1', 'edit'],
+                ['alice', 'data2', 'read'],
+                ['bob', 'data1', 'edit'],
+                ['bob', 'data2', 'read'],
+            ];
+    
+            $this->arrayEqualsWithoutOrder($policies, Enforcer::getPolicy());
+        });
+    }
+
     public function testLoadFilteredPolicy()
     {
         $this->testing(function () {
