circular link will make getImplicitRolesForUser stackoverflow

[0x8f701]

mode.conf

[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && regexMatch(r.act, p.act)

p, book_admin , /book/1, GET
p, pen_admin , /pen/1, GET

g, *, book_admin 
g, *, pen_admin

patten matching func:

keyMatch

error: e.getImplicitRolesForUser("alice") will cause stackoverflow

What's happening

Step1: Since we have pattern matching function and alice match *, then when we createRole alice will add * in her role list. While calling e.getImplicitRolesForUser("alice").

The first loop, we will get alice's direct role list:

["*"]

Step2: Then we call e.getImplicitRolesForUser("*"), and in its first iteration we get the following role list:

["book_admin", "pen_admin"]

Step3: Then we call e.getImplicitRolesForUser("book_admin") and e.getImplicitRolesForUser("pen_admin"), it founds book_admin matches * then it returns also * and the next call will return to our step1.

[0x8f701]

I suggest switching to casbin golang's implementation

[nodece]

@GopherJ The have same implementation in golang. So I try to do a fix in casbin/casbin#452.

[0x8f701]

@nodece I think we should fix first:

node-casbin/src/enforcer.ts

Line 288 in 0e3c49c

const role = await this.getImplicitRolesForUser(n, ...domain);

, it cannot handle this type of link * -> book_admin -> *. In casbin-rs it crashed and I fixed it in: casbin/casbin-rs#131

casbin/casbin-rs@1aa11d6#diff-94f22c9d3dc2cf7a1c731fa147d2dbb2R247-R260

circular link in pattern we can solve it later because the importance is not to crash

[nodece]

@GopherJ I submitted a patch in #155 , Could you review it?

[nodece]

fixed in #155