enforce restapi uri is not effect

zhimma commented 1 year ago

Language : PHP The framework："laravel/lumen-framework": "^8.0", Package: "casbin/laravel-authz": "^3.1"

Problem description：

/ alice has the admin role
Enforcer::addRoleForUser('alice', 'admin');
// bob has the member role
Enforcer::addRoleForUser('bob', 'member');

Enforcer::addPermissionForUser('member', '/foo', 'GET');
Enforcer::addPermissionForUser('member', '/foo/:id', 'GET');

Enforcer::addRoleForUser('admin', 'member');

Enforcer::addPermissionForUser('admin', '/foo', 'POST');
Enforcer::addPermissionForUser('admin', '/foo/:id', 'PUT');
Enforcer::addPermissionForUser('admin', '/foo/:id', 'DELETE');

dd(Enforcer::enforce("alice", "/foo/1", "PUT")); 

This result is false , But without using frames, this result is true

without framework

<?php

require "./vendor/autoload.php";

$adapter = \CasbinAdapter\DBAL\Adapter::newAdapter([
    'driver' => 'pdo_mysql',
    'host' => '127.0.0.1',
    'dbname' => 'db_mall',
    'user' => 'root',
    'password' => 'xxx',
    'port' => '3306',
]);

$enforcer = new \Casbin\Enforcer("./lauthz-rbac-model.conf", $adapter);
// alice has the admin role
$enforcer->addRoleForUser('alice', 'admin');
// bob has the member role
$enforcer->addRoleForUser('bob', 'member');

$enforcer->addPermissionForUser('member', '/foo', 'GET');
$enforcer->addPermissionForUser('member', '/foo/:id', 'GET');

$enforcer->addRoleForUser('admin', 'member');

$enforcer->addPermissionForUser('admin', '/foo', 'POST');
$enforcer->addPermissionForUser('admin', '/foo/:id', 'PUT');
$enforcer->addPermissionForUser('admin', '/foo/:id', 'DELETE');

var_dump($enforcer->enforce("alice", "/foo/1", "PUT"));

This result is true

model.conf

[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && keyMatch2(r.obj, p.obj) && regexMatch(r.act, p.act)

the same db data,the same model.conf, please help me,thanks

zhimma commented 1 year ago

I was so stupid !!!

The cause of this problem was :

app.php not load config file. fuck...

hsluoyz commented 1 year ago

@zhimma plz close the issue if resolved

php-casbin / laravel-authz

enforce restapi uri is not effect #47

Problem description：

without framework

model.conf