Exception when using Enforce with a model and policy using the "in" special grammar

[techarch]

I am having trouble using the "in" grammar extension mentioned in https://casbin.org/docs/en/syntax-for-models#special-grammer. I tried both in the Casbin editor and in a .NET program. See Example The validation passes but when I run it I get the following message: "value.trim is not a function" - I reported that issue to the Casbin editor team.

But when I use the model and policy in Casbin.NET I get the following stack trace: DynamicExpresso.Exceptions.ParseException: Invalid Operation (at index 118). ---> System.InvalidOperationException: The binary operator AndAlso is not defined for the types 'System.Boolean' and 'System.String'. at System.Linq.Expressions.Expression.AndAlso(Expression left, Expression right, MethodInfo method) at System.Linq.Expressions.Expression.MakeBinary(ExpressionType binaryType, Expression left, Expression right, Boolean liftToNull, MethodInfo method, LambdaExpression conversion) at System.Linq.Expressions.Expression.MakeBinary(ExpressionType binaryType, Expression left, Expression right, Boolean liftToNull, MethodInfo method) at DynamicExpresso.Parsing.Parser.GenerateBinary(ExpressionType binaryType, Expression left, Expression right) at DynamicExpresso.Parsing.Parser.ParseConditionalAnd() at DynamicExpresso.Parsing.Parser.ParseConditionalOr() at DynamicExpresso.Parsing.Parser.ParseConditional() at DynamicExpresso.Parsing.Parser.ParseAssignment() at DynamicExpresso.Parsing.Parser.ParseExpressionSegment() --- End of inner exception stack trace --- at DynamicExpresso.Parsing.Parser.ParseExpressionSegment() at DynamicExpresso.Parsing.Parser.ParseExpressionSegment(Type returnType) at DynamicExpresso.Parsing.Parser.Parse() at DynamicExpresso.Interpreter.ParseAsLambda(String expressionText, Type expressionType, Parameter[] parameters) at DynamicExpresso.Interpreter.Parse(String expressionText, Type expressionType, Parameter[] parameters) at DynamicExpresso.Interpreter.Parse(String expressionText, Parameter[] parameters) at NetCasbin.Evaluation.ExpressionHandler.CreateExpression(String expressionString, IReadOnlyList1 requestValues) at NetCasbin.Evaluation.ExpressionHandler.EnsureCreated(String expressionString, IReadOnlyList1 requestValues) at NetCasbin.Evaluation.ExpressionHandler.Invoke(String expressionString, IReadOnlyList1 requestValues) at NetCasbin.CoreEnforcer.InternalEnforceWithChainEffector(EnforceContext context, IChainEffector chainEffector, IReadOnlyList1 requestValues, ICollection1 explains) at NetCasbin.CoreEnforcer.InternalEnforce(IReadOnlyList1 requestValues, String matcher, ICollection`1 explains) at NetCasbin.CoreEnforcer.Enforce(Object[] requestValues)

Below are the model, policy, and test data. I also attached a C# Program.cs containing the code to reproduce the issue. I appended a .txt extension so I can attach it. Program.cs.txt

Model:

[request_definition] r = sub, obj, act

[policy_definition] p = role, sub_rule, obj, act

[policy_effect] e = some(where (p.eft == allow))

[matchers] m = eval(p.sub_rule) && r.obj == p.obj && r.act == p.act && p.role in (r.obj.Roles)

Policies:

p, Assistant, r.sub.Amount <= 5000, authorization, grant p, Manager, r.sub.Amount > 5000, authorization, grant

Evaluation Data:

{Amount: 5100, Roles: ["Manager"]}, authorization, grant

[sagilio]

Casbin.NET now still does not support the in operator directly, but you can use c# grammar instead.

[techarch]

@sagilio, what example of C# grammar would you recommend?

[sagilio]

@techarch It like this:

m = eval(p.sub_rule) && r.obj == p.obj && r.act == p.act && r.sub.Roles.Contains(p.role)

I have changed m and add a new test, you can use this directly: Program.cs.txt

[techarch]

Thank you @sagilio :-)! That worked great! 👍

[sagilio]

link to new feature issue request #198.