├── .github └── workflows │ └── ci.yml ├── .gitignore ├── .releaserc.json ├── LICENSE ├── README.md ├── adapter.go ├── adapter_config_test.go ├── adapter_test.go ├── examples ├── rbac_model.conf └── rbac_policy.csv ├── go.mod └── go.sum /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | name: Go 2 | 3 | on: [push, pull_request] 4 | 5 | jobs: 6 | 7 | test: 8 | runs-on: ubuntu-latest 9 | 10 | services: 11 | redis: 12 | image: redis 13 | ports: 14 | - 6379:6379 15 | 16 | steps: 17 | - name: Set up Go 18 | uses: actions/setup-go@v2 19 | with: 20 | go-version: 1.19 21 | 22 | - uses: actions/checkout@v2 23 | - name: Run Unit tests 24 | run: go test -v -coverprofile=profile.cov ./... 25 | 26 | - name: Install goveralls 27 | run: go install github.com/mattn/goveralls@v0.0.11 28 | 29 | - name: Send coverage 30 | env: 31 | COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }} 32 | run: goveralls -coverprofile=profile.cov -service=github 33 | 34 | semantic-release: 35 | needs: [test] 36 | runs-on: ubuntu-latest 37 | steps: 38 | 39 | - uses: actions/checkout@v2 40 | 41 | - name: Run semantic-release 42 | if: github.repository == 'casbin/redis-adapter' && github.event_name == 'push' 43 | run: | 44 | npm install --save-dev semantic-release@17.2.4 45 | npx semantic-release 46 | env: 47 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.dll 4 | *.so 5 | *.dylib 6 | 7 | # Test binary, build with `go test -c` 8 | *.test 9 | 10 | # Output of the go coverage tool, specifically when used with LiteIDE 11 | *.out 12 | 13 | # Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736 14 | .glide/ 15 | 16 | .idea/ 17 | *.iml -------------------------------------------------------------------------------- /.releaserc.json: -------------------------------------------------------------------------------- 1 | { 2 | "debug": true, 3 | "branches": [ 4 | "+([0-9])?(.{+([0-9]),x}).x", 5 | "master", 6 | { 7 | "name": "beta", 8 | "prerelease": true 9 | } 10 | ], 11 | "plugins": [ 12 | "@semantic-release/commit-analyzer", 13 | "@semantic-release/release-notes-generator", 14 | "@semantic-release/github" 15 | ] 16 | } 17 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "{}" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright {yyyy} {name of copyright owner} 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Redis Adapter 2 | ==== 3 | 4 | [![Go Report Card](https://goreportcard.com/badge/github.com/casbin/redis-adapter)](https://goreportcard.com/report/github.com/casbin/redis-adapter) 5 | [![Build](https://github.com/casbin/redis-adapter/actions/workflows/ci.yml/badge.svg)](https://github.com/casbin/redis-adapter/actions/workflows/ci.yml) 6 | [![Coverage Status](https://coveralls.io/repos/github/casbin/redis-adapter/badge.svg?branch=master)](https://coveralls.io/github/casbin/redis-adapter?branch=master) 7 | [![Godoc](https://godoc.org/github.com/casbin/redis-adapter?status.svg)](https://pkg.go.dev/github.com/casbin/redis-adapter/v3) 8 | [![Release](https://img.shields.io/github/release/casbin/redis-adapter.svg)](https://github.com/casbin/redis-adapter/releases/latest) 9 | [![Discord](https://img.shields.io/discord/1022748306096537660?logo=discord&label=discord&color=5865F2)](https://discord.gg/S5UjpzGZjN) 10 | [![Sourcegraph](https://sourcegraph.com/github.com/casbin/redis-adapter/-/badge.svg)](https://sourcegraph.com/github.com/casbin/redis-adapter?badge) 11 | 12 | Redis Adapter is the [Redis](https://redis.io/) adapter for [Casbin](https://github.com/casbin/casbin). With this library, Casbin can load policy from Redis or save policy to it. 13 | 14 | ## Installation 15 | 16 | go get github.com/casbin/redis-adapter/v3 17 | 18 | ## Configuration Options 19 | 20 | The `Config` struct supports the following options: 21 | 22 | - `Network` (string): Network type, e.g., "tcp", "unix" (required when not using Pool) 23 | - `Address` (string): Redis server address, e.g., "127.0.0.1:6379" (required when not using Pool) 24 | - `Key` (string): Redis key to store Casbin rules (default: "casbin_rules") 25 | - `Username` (string): Username for Redis authentication (optional) 26 | - `Password` (string): Password for Redis authentication (optional) 27 | - `TLSConfig` (*tls.Config): TLS configuration for secure connections (optional) 28 | - `Pool` (*redis.Pool): Existing Redis connection pool (optional, if provided, other connection options are ignored) 29 | 30 | ## Usage Examples 31 | 32 | ### Basic Usage 33 | 34 | ```go 35 | package main 36 | 37 | import ( 38 | "github.com/casbin/casbin/v2" 39 | "github.com/casbin/redis-adapter/v3" 40 | ) 41 | 42 | func main() { 43 | // Recommended approach using Config 44 | config := &redisadapter.Config{Network: "tcp", Address: "127.0.0.1:6379"} 45 | a, _ := redisadapter.NewAdapter(config) 46 | 47 | // With password authentication 48 | // config := &redisadapter.Config{Network: "tcp", Address: "127.0.0.1:6379", Password: "123"} 49 | // a, _ := redisadapter.NewAdapter(config) 50 | 51 | // With user credentials 52 | // config := &redisadapter.Config{Network: "tcp", Address: "127.0.0.1:6379", Username: "user", Password: "pass"} 53 | // a, _ := redisadapter.NewAdapter(config) 54 | 55 | // With TLS configuration 56 | // var clientTLSConfig tls.Config 57 | // ... 58 | // config := &redisadapter.Config{Network: "tcp", Address: "127.0.0.1:6379", Username: "testAccount", Password: "123456", TLSConfig: &clientTLSConfig} 59 | // a, _ := redisadapter.NewAdapter(config) 60 | 61 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf", a) 62 | 63 | // Load the policy from DB. 64 | e.LoadPolicy() 65 | 66 | // Check the permission. 67 | e.Enforce("alice", "data1", "read") 68 | 69 | // Modify the policy. 70 | // e.AddPolicy(...) 71 | // e.RemovePolicy(...) 72 | 73 | // Save the policy back to DB. 74 | e.SavePolicy() 75 | } 76 | ``` 77 | 78 | ### With Connection Pool 79 | 80 | ```go 81 | package main 82 | 83 | import ( 84 | "github.com/casbin/casbin/v2" 85 | "github.com/casbin/redis-adapter/v3" 86 | "github.com/gomodule/redigo/redis" 87 | ) 88 | 89 | func main() { 90 | pool := &redis.Pool{Dial: func() (redis.Conn, error) { return redis.Dial("tcp", "127.0.0.1:6379") }} 91 | config := &redisadapter.Config{Pool: pool, Key: "casbin_rules"} 92 | a, _ := redisadapter.NewAdapter(config) 93 | 94 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf", a) 95 | 96 | // Load the policy from DB. 97 | e.LoadPolicy() 98 | 99 | // Check the permission. 100 | e.Enforce("alice", "data1", "read") 101 | 102 | // Save the policy back to DB. 103 | e.SavePolicy() 104 | } 105 | ``` 106 | 107 | ## Getting Help 108 | 109 | - [Casbin](https://github.com/casbin/casbin) 110 | 111 | ## License 112 | 113 | This project is under Apache 2.0 License. See the [LICENSE](LICENSE) file for the full license text. 114 | -------------------------------------------------------------------------------- /adapter.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 The casbin Authors. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package redisadapter 16 | 17 | import ( 18 | "bytes" 19 | "crypto/tls" 20 | "encoding/json" 21 | "errors" 22 | "fmt" 23 | "regexp" 24 | "runtime" 25 | "strings" 26 | 27 | "github.com/casbin/casbin/v2/model" 28 | "github.com/casbin/casbin/v2/persist" 29 | "github.com/gomodule/redigo/redis" 30 | ) 31 | 32 | // CasbinRule is used to determine which policy line to load. 33 | type CasbinRule struct { 34 | PType string 35 | V0 string 36 | V1 string 37 | V2 string 38 | V3 string 39 | V4 string 40 | V5 string 41 | } 42 | 43 | // Config represents the configuration for the Redis adapter. 44 | type Config struct { 45 | // Network is the network type, e.g., "tcp", "unix" 46 | Network string 47 | // Address is the Redis server address, e.g., "127.0.0.1:6379" 48 | Address string 49 | // Key is the Redis key to store Casbin rules (default: "casbin_rules") 50 | Key string 51 | // Username for Redis authentication (optional) 52 | Username string 53 | // Password for Redis authentication (optional) 54 | Password string 55 | // TLSConfig for secure connections (optional) 56 | TLSConfig *tls.Config 57 | // Pool is an existing Redis connection pool (optional) 58 | // If provided, Network, Address, Username, Password, and TLSConfig are ignored 59 | Pool *redis.Pool 60 | } 61 | 62 | // Adapter represents the Redis adapter for policy storage. 63 | type Adapter struct { 64 | network string 65 | address string 66 | key string 67 | username string 68 | password string 69 | tlsConfig *tls.Config 70 | _conn redis.Conn 71 | _pool *redis.Pool 72 | isFiltered bool 73 | } 74 | 75 | func (a *Adapter) getConn() redis.Conn { 76 | if a._pool != nil { 77 | return a._pool.Get() 78 | } 79 | return a._conn 80 | } 81 | 82 | func (a *Adapter) release(conn redis.Conn) { 83 | if a._pool != nil { 84 | if conn != nil { 85 | conn.Close() 86 | } 87 | } 88 | } 89 | 90 | // finalizer is the destructor for Adapter. 91 | func finalizer(a *Adapter) { 92 | if a._conn != nil { 93 | a._conn.Close() 94 | } 95 | if a._pool != nil { 96 | a._pool.Close() 97 | } 98 | } 99 | 100 | // NewAdapter creates a new Redis adapter with the provided configuration. 101 | func NewAdapter(config *Config) (*Adapter, error) { 102 | if config == nil { 103 | return nil, errors.New("config cannot be nil") 104 | } 105 | 106 | a := &Adapter{} 107 | 108 | // Set default key if not provided 109 | if config.Key == "" { 110 | a.key = "casbin_rules" 111 | } else { 112 | a.key = config.Key 113 | } 114 | 115 | // If a pool is provided, use it 116 | if config.Pool != nil { 117 | a._pool = config.Pool 118 | } else { 119 | // Otherwise, create a new connection 120 | if config.Network == "" { 121 | return nil, errors.New("network is required when not using a pool") 122 | } 123 | if config.Address == "" { 124 | return nil, errors.New("address is required when not using a pool") 125 | } 126 | 127 | a.network = config.Network 128 | a.address = config.Address 129 | a.username = config.Username 130 | a.password = config.Password 131 | a.tlsConfig = config.TLSConfig 132 | 133 | // Open the DB connection 134 | err := a.open() 135 | if err != nil { 136 | return nil, err 137 | } 138 | } 139 | 140 | // Call the destructor when the object is released. 141 | runtime.SetFinalizer(a, finalizer) 142 | 143 | return a, nil 144 | } 145 | 146 | // Legacy constructor functions (deprecated) 147 | // These are kept for backward compatibility but should be avoided in new code 148 | 149 | // NewAdapterBasic is the basic constructor for Adapter. 150 | // Deprecated: Use NewAdapter with Config struct instead. 151 | func NewAdapterBasic(network string, address string) (*Adapter, error) { 152 | config := &Config{ 153 | Network: network, 154 | Address: address, 155 | } 156 | return NewAdapter(config) 157 | } 158 | 159 | // NewAdapterWithUser creates adapter with user credentials. 160 | // Deprecated: Use NewAdapter with Config struct instead. 161 | func NewAdapterWithUser(network string, address string, username string, password string) (*Adapter, error) { 162 | config := &Config{ 163 | Network: network, 164 | Address: address, 165 | Username: username, 166 | Password: password, 167 | } 168 | return NewAdapter(config) 169 | } 170 | 171 | // NewAdapterWithPassword creates adapter with password authentication. 172 | // Deprecated: Use NewAdapter with Config struct instead. 173 | func NewAdapterWithPassword(network string, address string, password string) (*Adapter, error) { 174 | config := &Config{ 175 | Network: network, 176 | Address: address, 177 | Password: password, 178 | } 179 | return NewAdapter(config) 180 | } 181 | 182 | // NewAdapterWithKey creates adapter with custom key. 183 | // Deprecated: Use NewAdapter with Config struct instead. 184 | func NewAdapterWithKey(network string, address string, key string) (*Adapter, error) { 185 | config := &Config{ 186 | Network: network, 187 | Address: address, 188 | Key: key, 189 | } 190 | return NewAdapter(config) 191 | } 192 | 193 | // NewAdapterWithPool creates adapter with connection pool. 194 | // Deprecated: Use NewAdapter with Config struct instead. 195 | func NewAdapterWithPool(pool *redis.Pool) (*Adapter, error) { 196 | config := &Config{ 197 | Pool: pool, 198 | } 199 | return NewAdapter(config) 200 | } 201 | 202 | // NewAdapterWithPoolAndOptions creates adapter with pool and options. 203 | // Deprecated: Use NewAdapter with Config struct instead. 204 | func NewAdapterWithPoolAndOptions(pool *redis.Pool, options ...Option) (*Adapter, error) { 205 | config := &Config{ 206 | Pool: pool, 207 | } 208 | a, err := NewAdapter(config) 209 | if err != nil { 210 | return nil, err 211 | } 212 | 213 | // Apply options for backward compatibility 214 | for _, option := range options { 215 | option(a) 216 | } 217 | 218 | return a, nil 219 | } 220 | 221 | type Option func(*Adapter) 222 | 223 | // NewAdapterWithOption creates adapter with options pattern. 224 | // Deprecated: Use NewAdapter with Config struct instead. 225 | func NewAdapterWithOption(options ...Option) (*Adapter, error) { 226 | a := &Adapter{} 227 | for _, option := range options { 228 | option(a) 229 | } 230 | 231 | // Convert to new config-based approach 232 | config := &Config{ 233 | Network: a.network, 234 | Address: a.address, 235 | Key: a.key, 236 | Username: a.username, 237 | Password: a.password, 238 | TLSConfig: a.tlsConfig, 239 | } 240 | 241 | return NewAdapter(config) 242 | } 243 | 244 | func WithAddress(address string) Option { 245 | return func(a *Adapter) { 246 | a.address = address 247 | } 248 | } 249 | 250 | func WithUsername(username string) Option { 251 | return func(a *Adapter) { 252 | a.username = username 253 | } 254 | } 255 | 256 | func WithPassword(password string) Option { 257 | return func(a *Adapter) { 258 | a.password = password 259 | } 260 | } 261 | 262 | func WithNetwork(network string) Option { 263 | return func(a *Adapter) { 264 | a.network = network 265 | } 266 | } 267 | 268 | func WithKey(key string) Option { 269 | return func(a *Adapter) { 270 | a.key = key 271 | } 272 | } 273 | 274 | func WithTls(tlsConfig *tls.Config) Option { 275 | return func(a *Adapter) { 276 | a.tlsConfig = tlsConfig 277 | } 278 | } 279 | 280 | func (a *Adapter) open() error { 281 | //redis.Dial("tcp", "127.0.0.1:6379") 282 | useTls := a.tlsConfig != nil 283 | if a.username != "" { 284 | conn, err := redis.Dial(a.network, a.address, redis.DialUsername(a.username), redis.DialPassword(a.password), redis.DialTLSConfig(a.tlsConfig), redis.DialUseTLS(useTls)) 285 | if err != nil { 286 | return err 287 | } 288 | 289 | a._conn = conn 290 | } else if a.password == "" { 291 | conn, err := redis.Dial(a.network, a.address, redis.DialTLSConfig(a.tlsConfig), redis.DialUseTLS(useTls)) 292 | if err != nil { 293 | return err 294 | } 295 | 296 | a._conn = conn 297 | } else { 298 | conn, err := redis.Dial(a.network, a.address, redis.DialPassword(a.password), redis.DialTLSConfig(a.tlsConfig), redis.DialUseTLS(useTls)) 299 | if err != nil { 300 | return err 301 | } 302 | 303 | a._conn = conn 304 | } 305 | return nil 306 | } 307 | 308 | func (a *Adapter) close() { 309 | if a._conn != nil { 310 | a._conn.Close() 311 | } 312 | if a._pool != nil { 313 | a._pool.Close() 314 | } 315 | } 316 | 317 | func (a *Adapter) createTable() { 318 | } 319 | 320 | func (a *Adapter) dropTable() { 321 | conn := a.getConn() 322 | defer a.release(conn) 323 | 324 | _, _ = conn.Do("DEL", a.key) 325 | } 326 | 327 | func (c *CasbinRule) toStringPolicy() []string { 328 | policy := make([]string, 0) 329 | if c.PType != "" { 330 | policy = append(policy, c.PType) 331 | } 332 | if c.V0 != "" { 333 | policy = append(policy, c.V0) 334 | } 335 | if c.V1 != "" { 336 | policy = append(policy, c.V1) 337 | } 338 | if c.V2 != "" { 339 | policy = append(policy, c.V2) 340 | } 341 | if c.V3 != "" { 342 | policy = append(policy, c.V3) 343 | } 344 | if c.V4 != "" { 345 | policy = append(policy, c.V4) 346 | } 347 | if c.V5 != "" { 348 | policy = append(policy, c.V5) 349 | } 350 | return policy 351 | } 352 | 353 | func loadPolicyLine(line CasbinRule, model model.Model) { 354 | text := line.toStringPolicy() 355 | 356 | persist.LoadPolicyArray(text, model) 357 | } 358 | 359 | // LoadPolicy loads policy from database. 360 | func (a *Adapter) LoadPolicy(model model.Model) error { 361 | conn := a.getConn() 362 | defer a.release(conn) 363 | 364 | num, err := redis.Int(conn.Do("LLEN", a.key)) 365 | if err == redis.ErrNil { 366 | return nil 367 | } 368 | if err != nil { 369 | return err 370 | } 371 | values, err := redis.Values(conn.Do("LRANGE", a.key, 0, num)) 372 | if err != nil { 373 | return err 374 | } 375 | 376 | var line CasbinRule 377 | for _, value := range values { 378 | text, ok := value.([]byte) 379 | if !ok { 380 | // Amazon MemoryDB for Redis returns string instead of []byte 381 | if textStr, ok := value.(string); ok { 382 | text = []byte(textStr) 383 | } else { 384 | return errors.New("the type is wrong") 385 | } 386 | } 387 | err = json.Unmarshal(text, &line) 388 | if err != nil { 389 | return err 390 | } 391 | loadPolicyLine(line, model) 392 | } 393 | 394 | a.isFiltered = false 395 | return nil 396 | } 397 | 398 | func savePolicyLine(ptype string, rule []string) CasbinRule { 399 | line := CasbinRule{} 400 | 401 | line.PType = ptype 402 | if len(rule) > 0 { 403 | line.V0 = rule[0] 404 | } 405 | if len(rule) > 1 { 406 | line.V1 = rule[1] 407 | } 408 | if len(rule) > 2 { 409 | line.V2 = rule[2] 410 | } 411 | if len(rule) > 3 { 412 | line.V3 = rule[3] 413 | } 414 | if len(rule) > 4 { 415 | line.V4 = rule[4] 416 | } 417 | if len(rule) > 5 { 418 | line.V5 = rule[5] 419 | } 420 | 421 | return line 422 | } 423 | 424 | // SavePolicy saves policy to database. 425 | func (a *Adapter) SavePolicy(model model.Model) error { 426 | a.dropTable() 427 | a.createTable() 428 | 429 | var texts [][]byte 430 | 431 | for ptype, ast := range model["p"] { 432 | for _, rule := range ast.Policy { 433 | line := savePolicyLine(ptype, rule) 434 | text, err := json.Marshal(line) 435 | if err != nil { 436 | return err 437 | } 438 | texts = append(texts, text) 439 | } 440 | } 441 | 442 | for ptype, ast := range model["g"] { 443 | for _, rule := range ast.Policy { 444 | line := savePolicyLine(ptype, rule) 445 | text, err := json.Marshal(line) 446 | if err != nil { 447 | return err 448 | } 449 | texts = append(texts, text) 450 | } 451 | } 452 | 453 | conn := a.getConn() 454 | defer a.release(conn) 455 | 456 | _, err := conn.Do("RPUSH", redis.Args{}.Add(a.key).AddFlat(texts)...) 457 | return err 458 | } 459 | 460 | // AddPolicy adds a policy rule to the storage. 461 | func (a *Adapter) AddPolicy(sec string, ptype string, rule []string) error { 462 | line := savePolicyLine(ptype, rule) 463 | text, err := json.Marshal(line) 464 | if err != nil { 465 | return err 466 | } 467 | 468 | conn := a.getConn() 469 | defer a.release(conn) 470 | 471 | _, err = conn.Do("RPUSH", a.key, text) 472 | return err 473 | } 474 | 475 | // RemovePolicy removes a policy rule from the storage. 476 | func (a *Adapter) RemovePolicy(sec string, ptype string, rule []string) error { 477 | line := savePolicyLine(ptype, rule) 478 | text, err := json.Marshal(line) 479 | if err != nil { 480 | return err 481 | } 482 | 483 | conn := a.getConn() 484 | defer a.release(conn) 485 | 486 | _, err = conn.Do("LREM", a.key, 1, text) 487 | return err 488 | } 489 | 490 | // AddPolicies adds policy rules to the storage. 491 | func (a *Adapter) AddPolicies(sec string, ptype string, rules [][]string) error { 492 | var texts [][]byte 493 | for _, rule := range rules { 494 | line := savePolicyLine(ptype, rule) 495 | text, err := json.Marshal(line) 496 | if err != nil { 497 | return err 498 | } 499 | texts = append(texts, text) 500 | } 501 | 502 | conn := a.getConn() 503 | defer a.release(conn) 504 | 505 | _, err := conn.Do("RPUSH", redis.Args{}.Add(a.key).AddFlat(texts)...) 506 | return err 507 | } 508 | 509 | // RemovePolicies removes policy rules from the storage. 510 | func (a *Adapter) RemovePolicies(sec string, ptype string, rules [][]string) error { 511 | conn := a.getConn() 512 | defer a.release(conn) 513 | 514 | for _, rule := range rules { 515 | line := savePolicyLine(ptype, rule) 516 | text, err := json.Marshal(line) 517 | if err != nil { 518 | return err 519 | } 520 | _, err = conn.Do("LREM", a.key, 1, text) 521 | if err != nil { 522 | return err 523 | } 524 | } 525 | return nil 526 | } 527 | 528 | //FilteredAdapter 529 | 530 | // IsFiltered returns true if the loaded policy has been filtered. 531 | func (a *Adapter) IsFiltered() bool { 532 | return a.isFiltered 533 | } 534 | 535 | type Filter struct { 536 | PType []string 537 | V0 []string 538 | V1 []string 539 | V2 []string 540 | V3 []string 541 | V4 []string 542 | V5 []string 543 | } 544 | 545 | func filterToRegexPattern(filter *Filter) string { 546 | // example data in redis: {"PType":"p","V0":"data2_admin","V1":"data2","V2":"write","V3":"","V4":"","V5":""} 547 | 548 | var f = [][]string{filter.PType, 549 | filter.V0, filter.V1, filter.V2, 550 | filter.V3, filter.V4, filter.V5} 551 | 552 | args := []interface{}{} 553 | for _, v := range f { 554 | if len(v) == 0 { 555 | args = append(args, ".*") 556 | } else { 557 | escapedV := make([]string, 0, len(v)) 558 | for _, s := range v { 559 | escapedV = append(escapedV, regexp.QuoteMeta(s)) 560 | } 561 | args = append(args, "(?:"+strings.Join(escapedV, "|")+")") // (?:data2_admin|data1_admin) 562 | } 563 | } 564 | 565 | // example pattern: 566 | //^\{"PType":".*","V0":"(?:data2_admin|data1_admin)","V1":".*","V2":".*","V3":".*","V4":".*","V5":".*"\}$ 567 | pattern := fmt.Sprintf( 568 | `^\{"PType":"%s","V0":"%s","V1":"%s","V2":"%s","V3":"%s","V4":"%s","V5":"%s"\}$`, args..., 569 | ) 570 | return pattern 571 | } 572 | 573 | func escapeLuaPattern(s string) string { 574 | var buf bytes.Buffer 575 | for _, char := range s { 576 | switch char { 577 | case '.', '%', '-', '+', '*', '?', '^', '$', '(', ')', '[', ']': // magic chars: . % + - * ? [ ( ) ^ $ 578 | buf.WriteRune('%') 579 | } 580 | buf.WriteRune(char) 581 | } 582 | return buf.String() 583 | } 584 | 585 | func filterFieldToLuaPattern(sec string, ptype string, fieldIndex int, fieldValues ...string) string { 586 | args := []interface{}{ptype} 587 | 588 | idx := fieldIndex + len(fieldValues) 589 | for i := 0; i < 6; i++ { // v0-v5 590 | if fieldIndex <= i && idx > i && fieldValues[i-fieldIndex] != "" { 591 | args = append(args, escapeLuaPattern(fieldValues[i-fieldIndex])) 592 | } else { 593 | args = append(args, ".*") 594 | } 595 | } 596 | 597 | // example pattern: 598 | // ^{"PType":"p","V0":"data2_admin","V1":".*","V2":".*","V3":".*","V4":".*","V5":".*"}$ 599 | pattern := fmt.Sprintf( 600 | `^{"PType":"%s","V0":"%s","V1":"%s","V2":"%s","V3":"%s","V4":"%s","V5":"%s"}$`, args..., 601 | ) 602 | return pattern 603 | } 604 | 605 | func (a *Adapter) loadFilteredPolicy(model model.Model, filter *Filter) error { 606 | conn := a.getConn() 607 | defer a.release(conn) 608 | 609 | num, err := redis.Int(conn.Do("LLEN", a.key)) 610 | if err == redis.ErrNil { 611 | return nil 612 | } 613 | if err != nil { 614 | return err 615 | } 616 | values, err := redis.Values(conn.Do("LRANGE", a.key, 0, num)) 617 | if err != nil { 618 | return err 619 | } 620 | 621 | re := regexp.MustCompile(filterToRegexPattern(filter)) 622 | 623 | var line CasbinRule 624 | for _, value := range values { 625 | text, ok := value.([]byte) 626 | if !ok { 627 | // Amazon MemoryDB for Redis returns string instead of []byte 628 | if textStr, ok := value.(string); ok { 629 | text = []byte(textStr) 630 | } else { 631 | return errors.New("the type is wrong") 632 | } 633 | } 634 | 635 | if !re.Match(text) { 636 | continue 637 | } 638 | 639 | err = json.Unmarshal(text, &line) 640 | if err != nil { 641 | return err 642 | } 643 | loadPolicyLine(line, model) 644 | } 645 | return nil 646 | } 647 | 648 | // LoadFilteredPolicy loads only policy rules that match the filter. 649 | func (a *Adapter) LoadFilteredPolicy(model model.Model, filter interface{}) error { 650 | if filter == nil { 651 | return a.LoadPolicy(model) 652 | } 653 | 654 | var err error 655 | switch f := filter.(type) { 656 | case *Filter: 657 | err = a.loadFilteredPolicy(model, f) 658 | case Filter: 659 | err = a.loadFilteredPolicy(model, &f) 660 | default: 661 | err = fmt.Errorf("invalid filter type") 662 | } 663 | 664 | if err != nil { 665 | return err 666 | } 667 | a.isFiltered = true 668 | return nil 669 | } 670 | 671 | // RemoveFilteredPolicy removes policy rules that match the filter from the storage. 672 | func (a *Adapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error { 673 | 674 | pattern := filterFieldToLuaPattern(sec, ptype, fieldIndex, fieldValues...) 675 | 676 | var getScript = redis.NewScript(1, ` 677 | local key = KEYS[1] 678 | local pattern = ARGV[1] 679 | 680 | local r = redis.call('lrange', key, 0, -1) 681 | for i=1, #r do 682 | if string.find(r[i], pattern) then 683 | redis.call('lset', key, i-1, '__CASBIN_DELETED__') 684 | end 685 | end 686 | redis.call('lrem', key, 0, '__CASBIN_DELETED__') 687 | return 688 | `) 689 | 690 | conn := a.getConn() 691 | defer a.release(conn) 692 | 693 | _, err := getScript.Do(conn, a.key, pattern) 694 | return err 695 | } 696 | 697 | // UpdatableAdapter 698 | 699 | // UpdatePolicy updates a new policy rule to DB. 700 | func (a *Adapter) UpdatePolicy(sec string, ptype string, oldRule, newPolicy []string) error { 701 | oldLine := savePolicyLine(ptype, oldRule) 702 | textOld, err := json.Marshal(oldLine) 703 | if err != nil { 704 | return err 705 | } 706 | newLine := savePolicyLine(ptype, newPolicy) 707 | textNew, err := json.Marshal(newLine) 708 | if err != nil { 709 | return err 710 | } 711 | 712 | var getScript = redis.NewScript(1, ` 713 | local key = KEYS[1] 714 | local old = ARGV[1] 715 | local newRule = ARGV[2] 716 | 717 | local r = redis.call('lrange', key, 0, -1) 718 | for i=1,#r do 719 | if r[i] == old then 720 | redis.call('lset', key, i-1, newRule) 721 | return true 722 | end 723 | end 724 | return false 725 | `) 726 | 727 | conn := a.getConn() 728 | defer a.release(conn) 729 | 730 | _, err = getScript.Do(conn, a.key, textOld, textNew) 731 | return err 732 | } 733 | 734 | func (a *Adapter) UpdatePolicies(sec string, ptype string, oldRules, newRules [][]string) error { 735 | 736 | if len(oldRules) != len(newRules) { 737 | return errors.New("oldRules and newRules should have the same length") 738 | } 739 | 740 | oldPolicies := make([]string, 0, len(oldRules)) 741 | newPolicies := make([]string, 0, len(newRules)) 742 | for _, oldRule := range oldRules { 743 | textOld, err := json.Marshal(savePolicyLine(ptype, oldRule)) 744 | if err != nil { 745 | return err 746 | } 747 | oldPolicies = append(oldPolicies, string(textOld)) 748 | } 749 | for _, newRule := range newRules { 750 | textNew, err := json.Marshal(savePolicyLine(ptype, newRule)) 751 | if err != nil { 752 | return err 753 | } 754 | newPolicies = append(newPolicies, string(textNew)) 755 | } 756 | 757 | // Initialize a package-level variable with a script. 758 | var getScript = redis.NewScript(1, ` 759 | local key = KEYS[1] 760 | local len = #ARGV/2 761 | 762 | local map = {} 763 | for i = 1, len, 1 do 764 | map[ARGV[i]] = ARGV[i + len] -- map[oldRule] = newRule 765 | end 766 | 767 | local r = redis.call('lrange', key, 0, -1) 768 | for i=1,#r do 769 | if map[r[i]] ~= nil then 770 | redis.call('lset', key, i-1, map[r[i]]) 771 | -- return true 772 | end 773 | end 774 | 775 | return false 776 | `) 777 | args := redis.Args{}.Add(a.key).AddFlat(oldPolicies).AddFlat(newPolicies) 778 | 779 | conn := a.getConn() 780 | defer a.release(conn) 781 | 782 | _, err := getScript.Do(conn, args...) 783 | return err 784 | } 785 | 786 | func (a *Adapter) UpdateFilteredPolicies(sec string, ptype string, newPolicies [][]string, fieldIndex int, fieldValues ...string) ([][]string, error) { 787 | // UpdateFilteredPolicies deletes old rules and adds new rules. 788 | 789 | oldP := make([]string, 0) 790 | newP := make([]string, 0, len(newPolicies)) 791 | for _, newRule := range newPolicies { 792 | textNew, err := json.Marshal(savePolicyLine(ptype, newRule)) 793 | if err != nil { 794 | return nil, err 795 | } 796 | newP = append(newP, string(textNew)) 797 | } 798 | 799 | pattern := filterFieldToLuaPattern(sec, ptype, fieldIndex, fieldValues...) 800 | 801 | // Initialize a package-level variable with a script. 802 | var getScript = redis.NewScript(1, ` 803 | local key = KEYS[1] 804 | local pattern = ARGV[1] 805 | 806 | local ret = {} 807 | local r = redis.call('lrange', key, 0, -1) 808 | for i=1, #r do 809 | if string.find(r[i], pattern) then 810 | table.insert(ret, r[i]) 811 | redis.call('lset', key, i-1, '__CASBIN_DELETED__') 812 | end 813 | end 814 | redis.call('lrem', key, 0, '__CASBIN_DELETED__') 815 | 816 | local r = redis.call('lrange', key, 0, -1) 817 | for i=2,#r do 818 | redis.call('rpush', key, ARGV[i]) 819 | end 820 | 821 | return ret 822 | `) 823 | args := redis.Args{}.Add(a.key).Add(pattern).AddFlat(newP) 824 | //r, err := getScript.Do(a.conn, args...) 825 | //reply, err := redis.Values(r, err) 826 | 827 | conn := a.getConn() 828 | defer a.release(conn) 829 | 830 | reply, err := redis.Values(getScript.Do(conn, args...)) 831 | if err != nil { 832 | return nil, err 833 | } 834 | 835 | if err = redis.ScanSlice(reply, &oldP); err != nil { 836 | return nil, err 837 | } 838 | 839 | ret := make([][]string, 0, len(oldP)) 840 | for _, oldRule := range oldP { 841 | var line CasbinRule 842 | if err := json.Unmarshal([]byte(oldRule), &line); err != nil { 843 | return nil, err 844 | } 845 | 846 | ret = append(ret, line.toStringPolicy()) 847 | } 848 | 849 | return ret, nil 850 | } 851 | -------------------------------------------------------------------------------- /adapter_config_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2025 The casbin Authors. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package redisadapter 16 | 17 | import ( 18 | "testing" 19 | 20 | "github.com/casbin/casbin/v2" 21 | "github.com/gomodule/redigo/redis" 22 | ) 23 | 24 | func TestNewAdapterWithConfig(t *testing.T) { 25 | // Test basic configuration 26 | config := &Config{ 27 | Network: "tcp", 28 | Address: "127.0.0.1:6379", 29 | } 30 | a, _ := NewAdapter(config) 31 | 32 | testSaveLoad(t, a) 33 | testAutoSave(t, a) 34 | testFilteredPolicy(t, a) 35 | testAddPolicies(t, a) 36 | testRemovePolicies(t, a) 37 | testUpdatePolicies(t, a) 38 | testUpdateFilteredPolicies(t, a) 39 | } 40 | 41 | func TestNewAdapterWithPool(t *testing.T) { 42 | // Test with connection pool 43 | pool := &redis.Pool{ 44 | MaxIdle: 3, 45 | MaxActive: 5, 46 | Dial: func() (redis.Conn, error) { 47 | return redis.Dial("tcp", "127.0.0.1:6379") 48 | }, 49 | } 50 | config := &Config{ 51 | Pool: pool, 52 | Key: "pool_test_rules", 53 | } 54 | a, err := NewAdapter(config) 55 | if err != nil { 56 | t.Fatal(err) 57 | } 58 | 59 | testSaveLoad(t, a) 60 | testAutoSave(t, a) 61 | testFilteredPolicy(t, a) 62 | testAddPolicies(t, a) 63 | testRemovePolicies(t, a) 64 | testUpdatePolicies(t, a) 65 | testUpdateFilteredPolicies(t, a) 66 | } 67 | 68 | func TestNewAdapterErrorCases(t *testing.T) { 69 | // Test error cases 70 | _, err := NewAdapter(nil) 71 | if err == nil { 72 | t.Error("NewAdapter should fail with nil config") 73 | } 74 | 75 | config := &Config{ 76 | Network: "", 77 | Address: "127.0.0.1:6379", 78 | } 79 | _, err = NewAdapter(config) 80 | if err == nil { 81 | t.Error("NewAdapter should fail with empty network") 82 | } 83 | 84 | config = &Config{ 85 | Network: "tcp", 86 | Address: "", 87 | } 88 | _, err = NewAdapter(config) 89 | if err == nil { 90 | t.Error("NewAdapter should fail with empty address") 91 | } 92 | } 93 | 94 | func TestNewAdapterWithPassword(t *testing.T) { 95 | // Test with password authentication 96 | a, err := NewAdapterWithPassword("tcp", "127.0.0.1:6379", "testpass") 97 | if err != nil { 98 | t.Skipf("Password authentication test skipped (Redis may not have auth configured): %v", err) 99 | } 100 | 101 | testSaveLoad(t, a) 102 | testAutoSave(t, a) 103 | testFilteredPolicy(t, a) 104 | testAddPolicies(t, a) 105 | testRemovePolicies(t, a) 106 | testUpdatePolicies(t, a) 107 | testUpdateFilteredPolicies(t, a) 108 | } 109 | 110 | func TestNewAdapterWithUser(t *testing.T) { 111 | // Test with username and password authentication 112 | a, err := NewAdapterWithUser("tcp", "127.0.0.1:6379", "testuser", "testpass") 113 | if err != nil { 114 | t.Skipf("User authentication test skipped (Redis may not have auth configured): %v", err) 115 | } 116 | 117 | testSaveLoad(t, a) 118 | testAutoSave(t, a) 119 | testFilteredPolicy(t, a) 120 | testAddPolicies(t, a) 121 | testRemovePolicies(t, a) 122 | testUpdatePolicies(t, a) 123 | testUpdateFilteredPolicies(t, a) 124 | } 125 | 126 | func TestNewAdapterWithKey(t *testing.T) { 127 | // Test with custom key 128 | a, err := NewAdapterWithKey("tcp", "127.0.0.1:6379", "custom_casbin_rules") 129 | if err != nil { 130 | t.Fatal(err) 131 | } 132 | 133 | testSaveLoad(t, a) 134 | testAutoSave(t, a) 135 | testFilteredPolicy(t, a) 136 | testAddPolicies(t, a) 137 | testRemovePolicies(t, a) 138 | testUpdatePolicies(t, a) 139 | testUpdateFilteredPolicies(t, a) 140 | } 141 | 142 | func TestFilterFunctionality(t *testing.T) { 143 | // Test various filter functionality 144 | a, err := NewAdapterBasic("tcp", "127.0.0.1:6379") 145 | if err != nil { 146 | t.Fatal(err) 147 | } 148 | 149 | // Initialize policy 150 | initPolicy(t, a) 151 | 152 | // Create enforcer 153 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf") 154 | e.SetAdapter(a) 155 | 156 | // Test filtering by subject 157 | filter := &Filter{V0: []string{"alice"}} 158 | err = a.LoadFilteredPolicy(e.GetModel(), filter) 159 | if err != nil { 160 | t.Fatal(err) 161 | } 162 | 163 | policies := e.GetPolicy() 164 | if len(policies) == 0 { 165 | t.Log("No policies found for alice (this might be expected)") 166 | } 167 | 168 | // Test filtering by object 169 | filter = &Filter{V0: []string{"", "data1"}} 170 | err = a.LoadFilteredPolicy(e.GetModel(), filter) 171 | if err != nil { 172 | t.Fatal(err) 173 | } 174 | 175 | policies = e.GetPolicy() 176 | t.Logf("Found %d policies for data1", len(policies)) 177 | } 178 | -------------------------------------------------------------------------------- /adapter_test.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 The casbin Authors. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package redisadapter 16 | 17 | import ( 18 | "log" 19 | "strings" 20 | "testing" 21 | 22 | "github.com/casbin/casbin/v2" 23 | "github.com/casbin/casbin/v2/util" 24 | "github.com/gomodule/redigo/redis" 25 | ) 26 | 27 | func testGetPolicy(t *testing.T, e *casbin.Enforcer, res [][]string) { 28 | t.Helper() 29 | myRes := e.GetPolicy() 30 | log.Print("Policy: ", myRes) 31 | 32 | m := make(map[string]bool, len(res)) 33 | for _, value := range res { 34 | key := strings.Join(value, ",") 35 | m[key] = true 36 | } 37 | 38 | for _, value := range myRes { 39 | key := strings.Join(value, ",") 40 | if !m[key] { 41 | t.Error("Policy: ", myRes, ", supposed to be ", res) 42 | break 43 | } 44 | } 45 | } 46 | 47 | func initPolicy(t *testing.T, a *Adapter) { 48 | // Because the DB is empty at first, 49 | // so we need to load the policy from the file adapter (.CSV) first. 50 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf", "examples/rbac_policy.csv") 51 | 52 | // This is a trick to save the current policy to the DB. 53 | // We can't call e.SavePolicy() because the adapter in the enforcer is still the file adapter. 54 | // The current policy means the policy in the Casbin enforcer (aka in memory). 55 | err := a.SavePolicy(e.GetModel()) 56 | if err != nil { 57 | panic(err) 58 | } 59 | 60 | // Clear the current policy. 61 | e.ClearPolicy() 62 | testGetPolicy(t, e, [][]string{}) 63 | 64 | // Load the policy from DB. 65 | err = a.LoadPolicy(e.GetModel()) 66 | if err != nil { 67 | panic(err) 68 | } 69 | testGetPolicy(t, e, [][]string{{"alice", "data1", "read"}, {"bob", "data2", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}}) 70 | } 71 | 72 | func testSaveLoad(t *testing.T, a *Adapter) { 73 | // Initialize some policy in DB. 74 | initPolicy(t, a) 75 | // Note: you don't need to look at the above code 76 | // if you already have a working DB with policy inside. 77 | 78 | // Now the DB has policy, so we can provide a normal use case. 79 | // Create an adapter and an enforcer. 80 | // NewEnforcer() will load the policy automatically. 81 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf", a) 82 | testGetPolicy(t, e, [][]string{{"alice", "data1", "read"}, {"bob", "data2", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}}) 83 | } 84 | 85 | func testAutoSave(t *testing.T, a *Adapter) { 86 | // Initialize some policy in DB. 87 | initPolicy(t, a) 88 | // Note: you don't need to look at the above code 89 | // if you already have a working DB with policy inside. 90 | 91 | // Now the DB has policy, so we can provide a normal use case. 92 | // Create an adapter and an enforcer. 93 | // NewEnforcer() will load the policy automatically. 94 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf", a) 95 | 96 | // AutoSave is enabled by default. 97 | // Now we disable it. 98 | e.EnableAutoSave(false) 99 | 100 | var err error 101 | logErr := func(action string) { 102 | if err != nil { 103 | t.Fatalf("test action[%s] failed, err: %v", action, err) 104 | } 105 | } 106 | 107 | // Because AutoSave is disabled, the policy change only affects the policy in Casbin enforcer, 108 | // it doesn't affect the policy in the storage. 109 | _, err = e.AddPolicy("alice", "data1", "write") 110 | logErr("AddPolicy") 111 | // Reload the policy from the storage to see the effect. 112 | err = e.LoadPolicy() 113 | logErr("LoadPolicy") 114 | // This is still the original policy. 115 | testGetPolicy(t, e, [][]string{{"alice", "data1", "read"}, {"bob", "data2", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}}) 116 | 117 | // Now we enable the AutoSave. 118 | e.EnableAutoSave(true) 119 | 120 | // Because AutoSave is enabled, the policy change not only affects the policy in Casbin enforcer, 121 | // but also affects the policy in the storage. 122 | _, err = e.AddPolicy("alice", "data1", "write") 123 | logErr("AddPolicy2") 124 | // Reload the policy from the storage to see the effect. 125 | err = e.LoadPolicy() 126 | logErr("LoadPolicy2") 127 | // The policy has a new rule: {"alice", "data1", "write"}. 128 | testGetPolicy(t, e, [][]string{{"alice", "data1", "read"}, {"bob", "data2", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}, {"alice", "data1", "write"}}) 129 | 130 | // Remove the added rule. 131 | _, err = e.RemovePolicy("alice", "data1", "write") 132 | logErr("RemovePolicy") 133 | err = e.LoadPolicy() 134 | logErr("LoadPolicy3") 135 | testGetPolicy(t, e, [][]string{{"alice", "data1", "read"}, {"bob", "data2", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}}) 136 | 137 | // Remove "data2_admin" related policy rules via a filter. 138 | // Two rules: {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"} are deleted. 139 | _, err = e.RemoveFilteredPolicy(0, "data2_admin") 140 | logErr("RemoveFilteredPolicy") 141 | err = e.LoadPolicy() 142 | logErr("LoadPolicy4") 143 | 144 | testGetPolicy(t, e, [][]string{{"alice", "data1", "read"}, {"bob", "data2", "write"}}) 145 | } 146 | 147 | func testFilteredPolicy(t *testing.T, a *Adapter) { 148 | // Initialize some policy in DB. 149 | initPolicy(t, a) 150 | // Note: you don't need to look at the above code 151 | // if you already have a working DB with policy inside. 152 | 153 | // Now the DB has policy, so we can provide a normal use case. 154 | // Create an adapter and an enforcer. 155 | // NewEnforcer() will load the policy automatically. 156 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf") 157 | // Now set the adapter 158 | e.SetAdapter(a) 159 | 160 | var err error 161 | logErr := func(action string) { 162 | if err != nil { 163 | t.Fatalf("test action[%s] failed, err: %v", action, err) 164 | } 165 | } 166 | 167 | // Load only alice's policies 168 | err = e.LoadFilteredPolicy(Filter{V0: []string{"alice"}}) 169 | logErr("LoadFilteredPolicy") 170 | testGetPolicy(t, e, [][]string{{"alice", "data1", "read"}}) 171 | 172 | // Load only bob's policies 173 | err = e.LoadFilteredPolicy(Filter{V0: []string{"bob"}}) 174 | logErr("LoadFilteredPolicy2") 175 | testGetPolicy(t, e, [][]string{{"bob", "data2", "write"}}) 176 | 177 | // Load policies for data2_admin 178 | err = e.LoadFilteredPolicy(Filter{V0: []string{"data2_admin"}}) 179 | logErr("LoadFilteredPolicy3") 180 | testGetPolicy(t, e, [][]string{{"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}}) 181 | 182 | // Load policies for alice and bob 183 | err = e.LoadFilteredPolicy(Filter{V0: []string{"alice", "bob"}}) 184 | logErr("LoadFilteredPolicy4") 185 | testGetPolicy(t, e, [][]string{{"alice", "data1", "read"}, {"bob", "data2", "write"}}) 186 | } 187 | 188 | func testRemovePolicies(t *testing.T, a *Adapter) { 189 | // Initialize some policy in DB. 190 | initPolicy(t, a) 191 | // Note: you don't need to look at the above code 192 | // if you already have a working DB with policy inside. 193 | 194 | // Now the DB has policy, so we can provide a normal use case. 195 | // Create an adapter and an enforcer. 196 | // NewEnforcer() will load the policy automatically. 197 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf") 198 | 199 | // Now set the adapter 200 | e.SetAdapter(a) 201 | 202 | var err error 203 | logErr := func(action string) { 204 | if err != nil { 205 | t.Fatalf("test action[%s] failed, err: %v", action, err) 206 | } 207 | } 208 | 209 | err = a.AddPolicies("p", "p", [][]string{{"max", "data2", "read"}, {"max", "data1", "write"}, {"max", "data1", "delete"}}) 210 | logErr("AddPolicies") 211 | 212 | // Load policies for max 213 | err = e.LoadFilteredPolicy(Filter{V0: []string{"max"}}) 214 | logErr("LoadFilteredPolicy") 215 | 216 | testGetPolicy(t, e, [][]string{{"max", "data2", "read"}, {"max", "data1", "write"}, {"max", "data1", "delete"}}) 217 | 218 | // Remove policies 219 | err = a.RemovePolicies("p", "p", [][]string{{"max", "data2", "read"}, {"max", "data1", "write"}}) 220 | logErr("RemovePolicies") 221 | 222 | // Reload policies for max 223 | err = e.LoadFilteredPolicy(Filter{V0: []string{"max"}}) 224 | logErr("LoadFilteredPolicy2") 225 | 226 | testGetPolicy(t, e, [][]string{{"max", "data1", "delete"}}) 227 | } 228 | 229 | func testAddPolicies(t *testing.T, a *Adapter) { 230 | // Initialize some policy in DB. 231 | initPolicy(t, a) 232 | // Note: you don't need to look at the above code 233 | // if you already have a working DB with policy inside. 234 | 235 | // Now the DB has policy, so we can provide a normal use case. 236 | // Create an adapter and an enforcer. 237 | // NewEnforcer() will load the policy automatically. 238 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf") 239 | 240 | // Now set the adapter 241 | e.SetAdapter(a) 242 | 243 | var err error 244 | logErr := func(action string) { 245 | if err != nil { 246 | t.Fatalf("test action[%s] failed, err: %v", action, err) 247 | } 248 | } 249 | 250 | err = a.AddPolicies("p", "p", [][]string{{"max", "data2", "read"}, {"max", "data1", "write"}}) 251 | logErr("AddPolicies") 252 | 253 | // Load policies for max 254 | err = e.LoadFilteredPolicy(Filter{V0: []string{"max"}}) 255 | logErr("LoadFilteredPolicy") 256 | 257 | testGetPolicy(t, e, [][]string{{"max", "data2", "read"}, {"max", "data1", "write"}}) 258 | } 259 | 260 | func testUpdatePolicies(t *testing.T, a *Adapter) { 261 | // Initialize some policy in DB. 262 | initPolicy(t, a) 263 | // Note: you don't need to look at the above code 264 | // if you already have a working DB with policy inside. 265 | 266 | // Now the DB has policy, so we can provide a normal use case. 267 | // Create an adapter and an enforcer. 268 | // NewEnforcer() will load the policy automatically. 269 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf") 270 | 271 | // Now set the adapter 272 | e.SetAdapter(a) 273 | 274 | var err error 275 | logErr := func(action string) { 276 | if err != nil { 277 | t.Fatalf("test action[%s] failed, err: %v", action, err) 278 | } 279 | } 280 | 281 | err = a.UpdatePolicy("p", "p", []string{"bob", "data2", "write"}, []string{"alice", "data2", "write"}) 282 | logErr("UpdatePolicy") 283 | 284 | testGetPolicy(t, e, [][]string{{"alice", "data1", "read"}, {"alice", "data2", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}}) 285 | 286 | err = a.UpdatePolicies("p", "p", [][]string{{"alice", "data1", "read"}, {"alice", "data2", "write"}}, [][]string{{"bob", "data1", "read"}, {"bob", "data2", "write"}}) 287 | logErr("UpdatePolicies") 288 | 289 | testGetPolicy(t, e, [][]string{{"bob", "data1", "read"}, {"bob", "data2", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}}) 290 | } 291 | 292 | func testUpdateFilteredPolicies(t *testing.T, a *Adapter) { 293 | // Initialize some policy in DB. 294 | initPolicy(t, a) 295 | // Note: you don't need to look at the above code 296 | // if you already have a working DB with policy inside. 297 | 298 | // Now the DB has policy, so we can provide a normal use case. 299 | // Create an adapter and an enforcer. 300 | // NewEnforcer() will load the policy automatically. 301 | e, _ := casbin.NewEnforcer("examples/rbac_model.conf") 302 | 303 | // Now set the adapter 304 | e.SetAdapter(a) 305 | 306 | e.UpdateFilteredPolicies([][]string{{"alice", "data1", "write"}}, 0, "alice", "data1", "read") 307 | e.UpdateFilteredPolicies([][]string{{"bob", "data2", "read"}}, 0, "bob", "data2", "write") 308 | e.LoadPolicy() 309 | testGetPolicyWithoutOrder(t, e, [][]string{{"alice", "data1", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}, {"bob", "data2", "read"}}) 310 | } 311 | 312 | func testGetPolicyWithoutOrder(t *testing.T, e *casbin.Enforcer, res [][]string) { 313 | myRes := e.GetPolicy() 314 | log.Print("Policy: ", myRes) 315 | 316 | if !arrayEqualsWithoutOrder(myRes, res) { 317 | t.Error("Policy: ", myRes, ", supposed to be ", res) 318 | } 319 | } 320 | 321 | func arrayEqualsWithoutOrder(a [][]string, b [][]string) bool { 322 | if len(a) != len(b) { 323 | return false 324 | } 325 | 326 | mapA := make(map[int]string) 327 | mapB := make(map[int]string) 328 | order := make(map[int]struct{}) 329 | l := len(a) 330 | 331 | for i := 0; i < l; i++ { 332 | mapA[i] = util.ArrayToString(a[i]) 333 | mapB[i] = util.ArrayToString(b[i]) 334 | } 335 | 336 | for i := 0; i < l; i++ { 337 | for j := 0; j < l; j++ { 338 | if _, ok := order[j]; ok { 339 | if j == l-1 { 340 | return false 341 | } else { 342 | continue 343 | } 344 | } 345 | if mapA[i] == mapB[j] { 346 | order[j] = struct{}{} 347 | break 348 | } else if j == l-1 { 349 | return false 350 | } 351 | } 352 | } 353 | return true 354 | } 355 | 356 | func TestAdapters(t *testing.T) { 357 | a, _ := NewAdapterBasic("tcp", "127.0.0.1:6379") 358 | 359 | // Use the following if Redis has password like "123" 360 | // a, err := NewAdapterWithPassword("tcp", "127.0.0.1:6379", "123") 361 | 362 | // Use the following if you use Redis with a account 363 | // a, err := NewAdapterWithUser("tcp", "127.0.0.1:6379", "testaccount", "userpass") 364 | testSaveLoad(t, a) 365 | testAutoSave(t, a) 366 | testFilteredPolicy(t, a) 367 | testAddPolicies(t, a) 368 | testRemovePolicies(t, a) 369 | testUpdatePolicies(t, a) 370 | testUpdateFilteredPolicies(t, a) 371 | } 372 | 373 | func TestAdapterWithOption(t *testing.T) { 374 | a, _ := NewAdapterWithOption(WithNetwork("tcp"), WithAddress("127.0.0.1:6379")) 375 | // User the following if use TLS to connect to redis 376 | // var clientTLSConfig tls.Config 377 | // a, err := NewAdapterWithOption(WithTls(&clientTLSConfig)) 378 | 379 | testSaveLoad(t, a) 380 | testAutoSave(t, a) 381 | testFilteredPolicy(t, a) 382 | testAddPolicies(t, a) 383 | testRemovePolicies(t, a) 384 | testUpdatePolicies(t, a) 385 | testUpdateFilteredPolicies(t, a) 386 | } 387 | 388 | func TestPoolAdapters(t *testing.T) { 389 | a, err := NewAdapterWithPool(&redis.Pool{ 390 | Dial: func() (redis.Conn, error) { 391 | return redis.Dial("tcp", "127.0.0.1:6379") 392 | }, 393 | }) 394 | if err != nil { 395 | t.Fatal(err) 396 | } 397 | 398 | testSaveLoad(t, a) 399 | testAutoSave(t, a) 400 | testFilteredPolicy(t, a) 401 | testAddPolicies(t, a) 402 | testRemovePolicies(t, a) 403 | testUpdatePolicies(t, a) 404 | testUpdateFilteredPolicies(t, a) 405 | } 406 | 407 | func TestPoolAndOptionsAdapters(t *testing.T) { 408 | a, err := NewAdapterWithPoolAndOptions(&redis.Pool{ 409 | Dial: func() (redis.Conn, error) { 410 | return redis.Dial("tcp", "127.0.0.1:6379") 411 | }, 412 | }, WithKey("casbin:policy:test")) 413 | if err != nil { 414 | t.Fatal(err) 415 | } 416 | 417 | testSaveLoad(t, a) 418 | testAutoSave(t, a) 419 | testFilteredPolicy(t, a) 420 | testAddPolicies(t, a) 421 | testRemovePolicies(t, a) 422 | testUpdatePolicies(t, a) 423 | testUpdateFilteredPolicies(t, a) 424 | } 425 | -------------------------------------------------------------------------------- /examples/rbac_model.conf: -------------------------------------------------------------------------------- 1 | [request_definition] 2 | r = sub, obj, act 3 | 4 | [policy_definition] 5 | p = sub, obj, act 6 | 7 | [role_definition] 8 | g = _, _ 9 | 10 | [policy_effect] 11 | e = some(where (p.eft == allow)) 12 | 13 | [matchers] 14 | m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act -------------------------------------------------------------------------------- /examples/rbac_policy.csv: -------------------------------------------------------------------------------- 1 | p, alice, data1, read 2 | p, bob, data2, write 3 | p, data2_admin, data2, read 4 | p, data2_admin, data2, write 5 | g, alice, data2_admin -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/casbin/redis-adapter/v3 2 | 3 | go 1.12 4 | 5 | require ( 6 | github.com/casbin/casbin/v2 v2.60.0 7 | github.com/gomodule/redigo v1.8.9 8 | ) 9 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible h1:1G1pk05UrOh0NlF1oeaaix1x8XzrfjIDK47TY0Zehcw= 2 | github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= 3 | github.com/casbin/casbin/v2 v2.60.0 h1:ZmC0/t4wolfEsDpDxTEsu2z6dfbMNpc11F52ceLs2Eo= 4 | github.com/casbin/casbin/v2 v2.60.0/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg= 5 | github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= 6 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 7 | github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc= 8 | github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= 9 | github.com/gomodule/redigo v1.8.9 h1:Sl3u+2BI/kk+VEatbj0scLdrFhjPmbxOc1myhDP41ws= 10 | github.com/gomodule/redigo v1.8.9/go.mod h1:7ArFNvsTjH8GMMzB4uy1snslv2BwmginuMs06a1uzZE= 11 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 12 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 13 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 14 | github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= 15 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 16 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 17 | golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 18 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 19 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 20 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 21 | golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= 22 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= 23 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 24 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= 25 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 26 | --------------------------------------------------------------------------------