This issue also affects the enforcer.getImplicitRolesForUser() method. Assuming we have (g, ^E\d+$, role::employee) and (g, role::employee, role::all_user) and call enforcer.getImplicitRolesForUser("E2345"). The BFS search will terminate early due to cannot get role for ^E\d+$.
The root cause is the regex expression itself cannot pass the regex matching function test.
Hi there,
I have a question about the "hasRole" method implementation here: https://github.com/casbin/jcasbin/blob/master/src/main/java/org/casbin/jcasbin/rbac/DomainRoles.java#L37-L43
Here is the example to cause this issue:
Create an enforcer with regex matching function:
enforcer.setRoleManager("g", new DefaultRoleManager(10, BuiltInFunctions::regexMatch, null));
Add a "g" policy like:
(g, ^E\d+$, role::employee)
, which is intended for all the users with id Exxxx have employee role.If I call the method
enforcer.getRolesForUser("^E\\d+$");
, it will return an empty list due to: https://github.com/casbin/jcasbin/blob/master/src/main/java/org/casbin/jcasbin/rbac/DefaultRoleManager.java#L232-L234 is usinghasRole
, which testifies the string^E\d+$
against the regex expression^E\d+$
(itself) and returns false.This issue also affects the
enforcer.getImplicitRolesForUser()
method. Assuming we have(g, ^E\d+$, role::employee)
and(g, role::employee, role::all_user)
and callenforcer.getImplicitRolesForUser("E2345")
. The BFS search will terminate early due to cannot get role for^E\d+$
.The root cause is the regex expression itself cannot pass the regex matching function test.
Any suggestions on this issue?
One idea from my side is, for https://github.com/casbin/jcasbin/blob/master/src/main/java/org/casbin/jcasbin/rbac/DomainRoles.java#L39, not only use the matching function, but also returns true if
name==r
. Since this is quite a fundamental method, I am not sure how the impact would be.Thanks for your help in advance.