Skip to content

Commit 77b0035

Browse files
gschogscho
committed
WIP
Signed-off-by: Greg Schofield <greg.c.schofield@gmail.com>
1 parent f42c0ba commit 77b0035

File tree

7 files changed

+50
-49
lines changed

7 files changed

+50
-49
lines changed

.github/workflows/build-and-release.yaml

Lines changed: 20 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ jobs:
2727
env:
2828
BUNDLE_GEMFILE: ${{ github.workspace }}/omnibus/Gemfile
2929
steps:
30-
- uses: actions/checkout@v3
30+
- uses: actions/checkout@v4
3131
- name: Set up Go
3232
uses: actions/setup-go@v4
3333
with:
@@ -55,7 +55,7 @@ jobs:
5555
bundle exec omnibus build gemfast
5656
sha512sum pkg/*.deb > "pkg/gemfast-${{ steps.get-version.outputs.VERSION }}-checksums.txt"
5757
- name: Upload omnibus package
58-
uses: actions/upload-artifact@v3
58+
uses: actions/upload-artifact@v4
5959
with:
6060
name: gemfast-omnibus
6161
path: omnibus/pkg/
@@ -66,7 +66,7 @@ jobs:
6666
docker tag server:${{ steps.get-version.outputs.VERSION }}-pre server:latest
6767
docker save server:latest > gemfast-${{ steps.get-version.outputs.VERSION }}-pre.tar
6868
- name: Upload docker image
69-
uses: actions/upload-artifact@v3
69+
uses: actions/upload-artifact@v4
7070
with:
7171
name: gemfast-docker
7272
path: gemfast-${{ steps.get-version.outputs.VERSION }}-pre.tar
@@ -80,15 +80,15 @@ jobs:
8080
matrix:
8181
pkg: [omnibus, docker]
8282
steps:
83-
- uses: actions/checkout@v3
84-
- uses: actions/checkout@v3
83+
- uses: actions/checkout@v4
84+
- uses: actions/checkout@v4
8585
with:
8686
repository: rails/rails
8787
path: clones/rails
8888
- uses: ruby/setup-ruby@v1
8989
with:
9090
ruby-version: ${{ env.RUBY_VERSION }}
91-
- uses: actions/download-artifact@v3
91+
- uses: actions/download-artifact@v4
9292
with:
9393
name: gemfast-${{ matrix.pkg }}
9494
- name: Smoke test
@@ -104,11 +104,11 @@ jobs:
104104
matrix:
105105
pkg: [omnibus, docker]
106106
steps:
107-
- uses: actions/checkout@v3
107+
- uses: actions/checkout@v4
108108
- uses: ruby/setup-ruby@v1
109109
with:
110110
ruby-version: ${{ env.RUBY_VERSION }}
111-
- uses: actions/download-artifact@v3
111+
- uses: actions/download-artifact@v4
112112
with:
113113
name: gemfast-${{ matrix.pkg }}
114114
- name: CVE test
@@ -124,11 +124,11 @@ jobs:
124124
matrix:
125125
pkg: [omnibus, docker]
126126
steps:
127-
- uses: actions/checkout@v3
127+
- uses: actions/checkout@v4
128128
- uses: ruby/setup-ruby@v1
129129
with:
130130
ruby-version: ${{ env.RUBY_VERSION }}
131-
- uses: actions/download-artifact@v3
131+
- uses: actions/download-artifact@v4
132132
with:
133133
name: gemfast-${{ matrix.pkg }}
134134
- name: Filter test
@@ -144,11 +144,11 @@ jobs:
144144
matrix:
145145
pkg: [omnibus, docker]
146146
steps:
147-
- uses: actions/checkout@v3
147+
- uses: actions/checkout@v4
148148
- uses: ruby/setup-ruby@v1
149149
with:
150150
ruby-version: ${{ env.RUBY_VERSION }}
151-
- uses: actions/download-artifact@v3
151+
- uses: actions/download-artifact@v4
152152
with:
153153
name: gemfast-${{ matrix.pkg }}
154154
- name: Private gems test
@@ -164,11 +164,11 @@ jobs:
164164
matrix:
165165
pkg: [omnibus, docker]
166166
steps:
167-
- uses: actions/checkout@v3
167+
- uses: actions/checkout@v4
168168
- uses: ruby/setup-ruby@v1
169169
with:
170170
ruby-version: ${{ env.RUBY_VERSION }}
171-
- uses: actions/download-artifact@v3
171+
- uses: actions/download-artifact@v4
172172
with:
173173
name: gemfast-${{ matrix.pkg }}
174174
- name: Private gems test
@@ -189,13 +189,13 @@ jobs:
189189
- private-gems-test
190190
- auth-test
191191
steps:
192-
- uses: actions/checkout@v3
192+
- uses: actions/checkout@v4
193193
with:
194194
fetch-depth: 1
195-
- uses: actions/download-artifact@v3
195+
- uses: actions/download-artifact@v4
196196
with:
197197
name: gemfast-omnibus
198-
- uses: actions/download-artifact@v3
198+
- uses: actions/download-artifact@v4
199199
with:
200200
name: gemfast-docker
201201
- name: Get version
@@ -240,13 +240,13 @@ jobs:
240240
- private-gems-test
241241
- auth-test
242242
steps:
243-
- uses: actions/checkout@v3
243+
- uses: actions/checkout@v4
244244
with:
245245
fetch-depth: 1
246-
- uses: actions/download-artifact@v3
246+
- uses: actions/download-artifact@v4
247247
with:
248248
name: gemfast-omnibus
249-
- uses: actions/download-artifact@v3
249+
- uses: actions/download-artifact@v4
250250
with:
251251
name: gemfast-docker
252252
- name: Get version

Dockerfile

Lines changed: 0 additions & 25 deletions
This file was deleted.

go.mod

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ require (
99
github.com/appleboy/gin-jwt/v2 v2.8.0
1010
github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986
1111
github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce
12-
github.com/casbin/casbin/v2 v2.41.0
12+
github.com/casbin/casbin/v2 v2.100.0
1313
github.com/gin-contrib/sessions v0.0.5
1414
github.com/gin-gonic/gin v1.9.1
1515
github.com/go-git/go-git/v5 v5.11.0
@@ -37,7 +37,9 @@ require (
3737
github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
3838
github.com/aquasecurity/go-version v0.0.0-20201107203531-5e48ac5d022a // indirect
3939
github.com/beorn7/perks v1.0.1 // indirect
40+
github.com/bmatcuk/doublestar/v4 v4.7.1 // indirect
4041
github.com/bytedance/sonic v1.9.1 // indirect
42+
github.com/casbin/govaluate v1.2.0 // indirect
4143
github.com/cespare/xxhash/v2 v2.2.0 // indirect
4244
github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
4345
github.com/cloudflare/circl v1.3.7 // indirect
@@ -72,6 +74,7 @@ require (
7274
github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7 // indirect
7375
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
7476
github.com/modern-go/reflect2 v1.0.2 // indirect
77+
github.com/naucon/casbin-fs-adapter v0.2.0 // indirect
7578
github.com/pelletier/go-toml/v2 v2.0.8 // indirect
7679
github.com/pjbgf/sha1cd v0.3.0 // indirect
7780
github.com/pmezard/go-difflib v1.0.0 // indirect

go.sum

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,9 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd
3030
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
3131
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
3232
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
33+
github.com/bmatcuk/doublestar/v4 v4.6.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=
34+
github.com/bmatcuk/doublestar/v4 v4.7.1 h1:fdDeAqgT47acgwd9bd9HxJRDmc9UAmPpc+2m0CXv75Q=
35+
github.com/bmatcuk/doublestar/v4 v4.7.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=
3336
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4YnC6+E63dPcxHo2sUxDIu8g3QgEJdRY=
3437
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4=
3538
github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
@@ -38,6 +41,11 @@ github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s
3841
github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U=
3942
github.com/casbin/casbin/v2 v2.41.0 h1:AHXAl/ecNz0UglkTGd6i1VZ0I9TfqPATdVNTncZfR9M=
4043
github.com/casbin/casbin/v2 v2.41.0/go.mod h1:sEL80qBYTbd+BPeL4iyvwYzFT3qwLaESq5aFKVLbLfA=
44+
github.com/casbin/casbin/v2 v2.57.0/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
45+
github.com/casbin/casbin/v2 v2.100.0 h1:aeugSNjjHfCrgA22nHkVvw2xsscboHv5r0a13ljQKGQ=
46+
github.com/casbin/casbin/v2 v2.100.0/go.mod h1:LO7YPez4dX3LgoTCqSQAleQDo0S0BeZBDxYnPUl95Ng=
47+
github.com/casbin/govaluate v1.2.0 h1:wXCXFmqyY+1RwiKfYo3jMKyrtZmOL3kHwaqDyCPOYak=
48+
github.com/casbin/govaluate v1.2.0/go.mod h1:G/UnbIjZk/0uMNaLwZZmFQrR72tYRZWQkO70si/iR7A=
4149
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
4250
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
4351
github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY=
@@ -170,6 +178,8 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ
170178
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
171179
github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
172180
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
181+
github.com/naucon/casbin-fs-adapter v0.2.0 h1:x5EsJfIKSJi6D2Cyzxqb3vz0chZCC2M4i5rdo6QLk44=
182+
github.com/naucon/casbin-fs-adapter v0.2.0/go.mod h1:8y8IFbhFDKtgEeSrSBw/RIBDrE98O3qmJKf2bfluNjs=
173183
github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI=
174184
github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M=
175185
github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ=

internal/middleware/acl.go

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,19 @@
11
package middleware
22

33
import (
4-
"fmt"
4+
"embed"
55
"path/filepath"
66

77
"github.com/casbin/casbin/v2"
88
"github.com/gemfast/server/internal/config"
99
u "github.com/gemfast/server/internal/utils"
10+
casbin_fs_adapter "github.com/naucon/casbin-fs-adapter"
1011
"github.com/rs/zerolog/log"
1112
)
1213

14+
//go:embed casbin/auth_model.conf casbin/gemfast_acl.csv
15+
var fs embed.FS
16+
1317
type ACL struct {
1418
casbin *casbin.Enforcer
1519
cfg *config.Config
@@ -50,8 +54,17 @@ func NewACL(cfg *config.Config) *ACL {
5054
}
5155
}
5256

53-
if policyPath == "" || authPath == "" {
54-
log.Fatal().Err(fmt.Errorf("unable to locate auth_model and gemfast_acl")).Msg("failed to find acl files")
57+
if policyPath == "" && authPath == "" {
58+
model, err := casbin_fs_adapter.NewModel(fs, "auth_model.conf")
59+
if err != nil {
60+
log.Fatal().Err(err).Msg("failed to load casbin model")
61+
}
62+
policies := casbin_fs_adapter.NewAdapter(fs, "gemfast_acl.csv")
63+
enforcer, err := casbin.NewEnforcer(model, policies)
64+
if err != nil {
65+
log.Fatal().Err(err).Msg("failed to create casbin enforcer")
66+
}
67+
return &ACL{casbin: enforcer, cfg: cfg}
5568
}
5669
acl, err := casbin.NewEnforcer(authPath, policyPath)
5770
if err != nil {

auth_model.conf renamed to internal/middleware/casbin/auth_model.conf

File renamed without changes.

gemfast_acl.csv renamed to internal/middleware/casbin/gemfast_acl.csv

File renamed without changes.

0 commit comments

Comments
 (0)