- Notifications
You must be signed in to change notification settings - Fork213
GORM adapter for Casbin, see extended version of GORM Adapter Ex at:https://github.com/casbin/gorm-adapter-ex
License
casbin/gorm-adapter
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
In v3.0.3, method
NewAdapterByDBcreates table namedcasbin_rules,
we fix it tocasbin_ruleafter that.
If you used v3.0.3 and less, and you want to update it,
you might need tomigrate data manually.Find out more at:#78
Gorm Adapter is theGorm adapter forCasbin. With this library, Casbin can load policy from Gorm supported database or save policy to it.
Based onOfficially Supported Databases, The current supported databases are:
- MySQL
- PostgreSQL
- SQL Server
- Sqlite3
gorm-adapter use
github.com/glebarez/sqliteinstead of gorm official sqlite drivergorm.io/driver/sqlitebecause the latter needscgosupport. But there is almost no difference between the two driver. If there is a difference in use, please submit an issue.
- other 3rd-party supported DBs in Gorm website or other places.
go get github.com/casbin/gorm-adapter/v3package mainimport ("github.com/casbin/casbin/v2"gormadapter"github.com/casbin/gorm-adapter/v3"_"github.com/go-sql-driver/mysql")funcmain() {// Initialize a Gorm adapter and use it in a Casbin enforcer:// The adapter will use the MySQL database named "casbin".// If it doesn't exist, the adapter will create it automatically.// You can also use an already existing gorm instance with gormadapter.NewAdapterByDB(gormInstance)a,_:=gormadapter.NewAdapter("mysql","mysql_username:mysql_password@tcp(127.0.0.1:3306)/")// Your driver and data source.e,_:=casbin.NewEnforcer("examples/rbac_model.conf",a)// Or you can use an existing DB "abc" like this:// The adapter will use the table named "casbin_rule".// If it doesn't exist, the adapter will create it automatically.// a := gormadapter.NewAdapter("mysql", "mysql_username:mysql_password@tcp(127.0.0.1:3306)/abc", true)// Load the policy from DB.e.LoadPolicy()// Check the permission.e.Enforce("alice","data1","read")// Modify the policy.// e.AddPolicy(...)// e.RemovePolicy(...)// Save the policy back to DB.e.SavePolicy()}
New an adapter will useAutoMigrate by default for create table, if you want to turn it off, please use APITurnOffAutoMigrate(db *gorm.DB) *gorm.DB. See example:
db,err:=gorm.Open(mysql.Open("root:@tcp(127.0.0.1:3306)/casbin"),&gorm.Config{})TurnOffAutoMigrate(db)// a,_ := NewAdapterByDB(...)// a,_ := NewAdapterByDBUseTableName(...)a,_:=NewAdapterByDBWithCustomTable(...)
Find out more details atgorm-adapter#162
You can change the gorm struct tags, but the table structure must stay the same.
package mainimport ("github.com/casbin/casbin/v2"gormadapter"github.com/casbin/gorm-adapter/v3""gorm.io/gorm")funcmain() {// Increase the column size to 512.typeCasbinRulestruct {IDuint`gorm:"primaryKey;autoIncrement"`Ptypestring`gorm:"size:512;uniqueIndex:unique_index"`V0string`gorm:"size:512;uniqueIndex:unique_index"`V1string`gorm:"size:512;uniqueIndex:unique_index"`V2string`gorm:"size:512;uniqueIndex:unique_index"`V3string`gorm:"size:512;uniqueIndex:unique_index"`V4string`gorm:"size:512;uniqueIndex:unique_index"`V5string`gorm:"size:512;uniqueIndex:unique_index"`}db,_:= gorm.Open(...)// Initialize a Gorm adapter and use it in a Casbin enforcer:// The adapter will use an existing gorm.DB instnace.a,_:=gormadapter.NewAdapterByDBWithCustomTable(db,&CasbinRule{})e,_:=casbin.NewEnforcer("examples/rbac_model.conf",a)// Load the policy from DB.e.LoadPolicy()// Check the permission.e.Enforce("alice","data1","read")// Modify the policy.// e.AddPolicy(...)// e.RemovePolicy(...)// Save the policy back to DB.e.SavePolicy()}
You can modify policies within a transaction.See example:
package mainfuncmain() {a,err:=NewAdapterByDB(db)e,_:=casbin.NewEnforcer("examples/rbac_model.conf",a)err=e.GetAdapter().(*Adapter).Transaction(e,func(e casbin.IEnforcer)error {_,err:=e.AddPolicy("jack","data1","write")iferr!=nil {returnerr}_,err=e.AddPolicy("jack","data2","write")iferr!=nil {returnerr}returnnil})iferr!=nil {// handle if transaction failedreturn}}
ConditionsToGormQuery() is a function that converts multiple query conditions into a GORM query statementYou can use theGetAllowedObjectConditions() API of Casbin to get conditions,and choose the way of combining conditions throughcombineType.
ConditionsToGormQuery() allows Casbin to be combined with SQL, and you can use it to implement many functions.
- model example:object_conditions_model.conf
- policy example:object_conditions_policy.csv
DataBase example:
| id | title | author | publisher | publish_data | price | category_id |
|---|---|---|---|---|---|---|
| 1 | book1 | author1 | publisher1 | 2023-04-09 16:23:42 | 10 | 1 |
| 2 | book2 | author1 | publisher1 | 2023-04-09 16:23:44 | 20 | 2 |
| 3 | book3 | author2 | publisher1 | 2023-04-09 16:23:44 | 30 | 1 |
| 4 | book4 | author2 | publisher2 | 2023-04-09 16:23:45 | 10 | 3 |
| 5 | book5 | author3 | publisher2 | 2023-04-09 16:23:45 | 50 | 1 |
| 6 | book6 | author3 | publisher2 | 2023-04-09 16:23:46 | 60 | 2 |
typeBookstruct {IDintTitlestringAuthorstringPublisherstringPublishDate time.TimePricefloat64CategoryIDint}funcTestGetAllowedRecordsForUser(t*testing.T) {e,_:=casbin.NewEnforcer("examples/object_conditions_model.conf","examples/object_conditions_policy.csv")conditions,err:=e.GetAllowedObjectConditions("alice","read","r.obj.")iferr!=nil {panic(err)}fmt.Println(conditions)dsn:="root:root@tcp(127.0.0.1:3307)/test?charset=utf8mb4&parseTime=True&loc=Local"db,err:=gorm.Open(mysql.Open(dsn),&gorm.Config{})iferr!=nil {panic(err)}fmt.Println("CombineTypeOr")rows,err:=ConditionsToGormQuery(db,conditions,CombineTypeOr).Model(&Book{}).Rows()deferrows.Close()varbBookforrows.Next() {err:=db.ScanRows(rows,&b)iferr!=nil {panic(err)}log.Println(b)}fmt.Println("CombineTypeAnd")rows,err=ConditionsToGormQuery(db,conditions,CombineTypeAnd).Model(&Book{}).Rows()deferrows.Close()forrows.Next() {err:=db.ScanRows(rows,&b)iferr!=nil {panic(err)}log.Println(b)}}
gormadapter supports adapter with context, the following is a timeout control implemented using context
a,_:=gormadapter.NewAdapter("mysql","mysql_username:mysql_password@tcp(127.0.0.1:3306)/")// Your driver and data source.// Limited time 300sctx,cancel:=context.WithTimeout(context.Background(),300*time.Microsecond)defercancel()err:=a.AddPolicyCtx(ctx,"p","p", []string{"alice","data1","read"})iferr!=nil {panic(err)}
This project is under Apache 2.0 License. See theLICENSE file for the full license text.
About
GORM adapter for Casbin, see extended version of GORM Adapter Ex at:https://github.com/casbin/gorm-adapter-ex