Hi,

I noticed that jcasbin is using aviator as its evaluator, and I'm trying to use some of its builtin functions ( to be specific, function "include" ) which takes in more than one parameter (so there will be comma in expression).

If the expression is written in matcher, everything works fine. But if It is written in policy rule, the parser is unhappy and throws an exception

https://github.com/casbin/jcasbin/blob/4227edc637aace211983976032c0cec824afe67e/src/main/java/org/casbin/jcasbin/util/Util.java#L201-L214

The code above seems to split the line directly by comma, which breaks the expression.

So I'd like to question if there is any plan on the support of escaping comma?

P.S. I've also tried to use SQL adapter, but with no luck. It seems that lines being read from database still gets concated and goes into this function

:rotating_light: The automated release from the master branch failed. :rotating_light:

I recommend you give this issue a high priority, so other packages depending on you could benefit from your bug fixes and new features.

You can find below the list of errors reported by semantic-release. Each one of them has to be resolved in order to automatically publish your package. I’m sure you can resolve this 💪.

Errors are usually caused by a misconfiguration or an authentication problem. With each error reported below you will find explanation and guidance to help you to resolve it.

Once all the errors are resolved, semantic-release will release your package the next time you push a commit to the master branch. You can also manually restart the failed CI job that runs semantic-release.

If you are not sure how to resolve this, here is some links that can help you:

• Usage documentation
• Frequently Asked Questions
• Support channels

If those don’t help, or if this issue is reporting something you think isn’t right, you can always ask the humans behind semantic-release.

Deployment to maven failed.

The deployment to maven failed for an unknown reason.

Please check the logs on the CI server to see what happened.

Good luck with your project ✨

Your semantic-release bot :package::rocket:

Hi guys, with the latest code chage. you guys change the unit test case directly as following:

Model:

[request_definition]
r = sub, dom, obj, act

[policy_definition]
p = sub, dom, obj, act

[role_definition]
g = _,_
g2 = _, _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = (g(r.sub, p.sub) || g2(r.sub, p.sub, r.dom)) && r.obj == p.obj && r.act == p.act

Test case expression:

p, admin, domain1, data1, read
g, alice, group1
g2, group1, admin, domain1

Test case

public void testGroupRoleManager() {
        Enforcer e = new Enforcer("examples/group_with_domain_model.conf", "examples/group_with_domain_policy.csv");
        testDomainEnforce(e, "alice", "domain1", "data1", "read", false);
    }

So, what alice can access ?

Hello, I am trying to do a POC on using ABAC via "jcasbin" and I am facing an issue related to the "eval" function. The eval function in the jcasbin library prior to the 1.7.1 version allowed using java expressions whereas a change was added in version 1.7.1 (https://github.com/casbin/jcasbin/compare/v1.7.0...v1.7.1) which broke this functionality. When I used "casbin-spring-boot-starter" dependency, the jcasbin library included was of version 1.6.4 and I was able to evaluate the following policy definition:

"\"test\".equals(r.sub) && java.util.regex.Pattern.compile(\"/*/url1/url2/*\", java.util.regex.Pattern.CASE_INSENSITIVE).matcher(r.obj).find()","r.obj","PUT"

with the below model definition:

[request_definition]
r = sub, obj, act

[policy_definition]
p = sub_rule, obj, act

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = eval(p.sub_rule) && r.act == p.act

Please note that I had to use the enforcer.addPolicy() method for adding the above policy definition because the csv parser with the file adapter was splitting the definition with comma. Then I found that the comma issue was fixed in version 1.8.1 (https://github.com/casbin/jcasbin/issues/158). So, I upgraded the jcasbin library to 1.8.1 but then the above stopped working because the eval function is changing the above expression to:

"test1".getEquals(r_sub)() && java.getUtil().getRegex().getgetPattern()().getCompile("/*/approve/expense/*",() java.getUtil().getRegex().getgetPattern()().getCASE_INSENSITIVE)().getMatcher(r_obj)().find()

i.e., its appending get for all the attributes and is not working as java expression.

I know that we can use functions (and even write our own customized function) in the model definition. But my requirement is to define a function in the policy definition. The reason being, I don't want to use the function for all the use cases and so the use case for which I need, I can define that in the policy definition.

Could you please suggest how can we achieve that?

Would it be feasible to extend this method so it takes into account any grouping, not just the subject grouping? e.g. with the following model:

[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[role_definition]
g = _, _
g2 = _, _
g3 = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && g2(r.obj, p.obj) && g3(r.act, p.act)

getImplicitPermissionsForUser will take into account g, but not g2 or g3.

We will rename to "casbin" for everywhere including the Maven package manager, except this GitHub repo name to differentiate with Go's Casbin.

When using this interface enforcer. RemoveNameGroupingPolicy (" g ", "role1") to delete group, database data deleted successfully, but cached data is still there.

POM

<dependency>  
      <groupId>org.casbin</groupId>
      <artifactId>jcasbin</artifactId>
      <version>1.21.0</version>
</dependency>
<dependency>
      <groupId>org.casbin</groupId>
      <artifactId>jdbc-adapter</artifactId>
      <version>2.2.1</version>
</dependency>

Execute Code

Adapter

Datebase & Cache

@arti0798 please open a new issue for your Redis problem. This issue is only for resolving the issue for @young-zy

Originally posted by @hsluoyz in https://github.com/casbin/jcasbin/issues/158#issuecomment-812269848

I've written a function but now how should add it to function map?

public class InCollectionFunc extends AbstractFunction {
    public InCollectionFunc() {
    }

    public AviatorObject call(Map<String, Object> env, AviatorObject arg1, AviatorObject arg2, AviatorObject arg3) {
        String value = FunctionUtils.getStringValue(arg1, env);
        String collection = FunctionUtils.getStringValue(arg3, env);
        return AviatorBoolean.valueOf(isInCollection(value, collection));
    }

    private boolean isInCollection(String value,String collection) {
        System.out.println("value:" + value + " isIn collection:" + collection);
        return true;
    }

    public String getName() {
        return getNameStatic();
    }

    public static String getNameStatic() {
        return "isIn";
    }
}

enforcer = new Enforcer("erole.conf", "policy.csv");
enforcer.addFunction(InCollectionFunc.getNameStatic(),new InCollectionFunc());

StackOverflow question: https://stackoverflow.com/questions/66046585/casbin-user-may-only-call-path-with-their-own-username/66049093?noredirect=1#comment116801013_66049093

Go code: https://github.com/casbin/casbin/pull/675

i think theres an issue in Jcasbin java version 1.6.3 and older , it does not support filtering on jdbc adapter, when i try to use https://github.com/jcasbin/casbin-spring-boot-starter with jcasbin, i see that in CoreEnforcer , it expects FilterAdapter only from file_adapter package, else throws this eroor.in short cannot use any jdbc adapter with Jcasbin

* loadFilteredPolicy reloads a filtered policy from file/database.
 *
 * @param filter the filter used to specify which type of policy should be loaded.
 */
public void loadFilteredPolicy(Object filter) {
    model.clearPolicy();
    FilteredAdapter filteredAdapter;
    if (adapter instanceof FilteredAdapter) {
        filteredAdapter = (FilteredAdapter) adapter;
    } else {
        throw new CasbinAdapterException("Filtered policies are not supported by this adapter.");
    }

in above code FilteredAdapter should be referenced from org.casbin.jcasbin.persist package which is a parent interface. Due to this when i try to use any jdbcadapter to filter policies i get an error "Filtered policies are not supported by this adapter."

Hello,

I am using the jCasbin library on Android, and it looks like one of the dependencies of the project AviatorScript is using a Java 8 Language method only supported in Android 26 and above. This makes the jCasbin library unusable for a large portion of devices (~20%).

The Java method in question is invokeExact(Object... args) and invoke(Object... args)

And while Android does support backwards compatibility for most Java 8 language features, you will notice in this documentation that it does not include the two methods mentioned above.

Thanks!