I don't know if this is intended behaviour or a bug, but when using getImplicitRolesForUser for a user that has no roles assigned, but does have explicit permissions, an error is thrown by the role manager.
As getImplicitPermissionsForUser uses this method as well, that one will also fail for a user that does not have any roles.
java.lang.IllegalArgumentException: error: name does not exist
at org.casbin.jcasbin.rbac.DefaultRoleManager.getRoles(DefaultRoleManager.java:219)
at org.casbin.jcasbin.main.Enforcer.getImplicitRolesForUser(Enforcer.java:440)
at org.casbin.jcasbin.main.Enforcer.getImplicitPermissionsForUser(Enforcer.java:465)
Assigning any random role to the user results in getting the permissions explicitly assigned to the user plus any permissions obtained through that role.
hsluoyz
commented
3 years ago
I don't know if this is intended behaviour or a bug, but when using getImplicitRolesForUser for a user that has no roles assigned, but does have explicit permissions, an error is thrown by the role manager. As getImplicitPermissionsForUser uses this method as well, that one will also fail for a user that does not have any roles.
Assigning any random role to the user results in getting the permissions explicitly assigned to the user plus any permissions obtained through that role.
I would expect this method to work similar to getRolesForUser in Enforcer, where an unknown user error is silently caught and turned into an empty list https://github.com/casbin/jcasbin/blob/f2af272df8d85a77dddce00967fea12882ec349f/src/main/java/org/casbin/jcasbin/main/Enforcer.java#L116-L123 Doing it this way, using getImplicitPermissionsForUser for users without roles would result in returning their explicit permissions instead of an error.