Merge pull request #126 from yo-main/master

perf: refacto & slight performance improvements

Author: hsluoyz

.gitignore

@@ -103,4 +103,7 @@ venv.bak/
 # mypy
 .mypy_cache/
 _trial_temp
-.idea
+.idea
+
+# vscode
+.vscode

casbin/enforcer.py

@@ -26,14 +26,7 @@ def get_users_for_role(self, name):
     def has_role_for_user(self, name, role):
         """ determines whether a user has a role. """
         roles = self.get_roles_for_user(name)
-
-        hasRole = False
-        for r in roles:
-            if r == role:
-                hasRole = True
-                break
-
-        return hasRole
+        return any(r == role for r in roles)
 
     def add_role_for_user(self, user, role):
         """
@@ -116,7 +109,7 @@ def has_permission_for_user(self, user, *permission):
         """
         return self.has_policy(join_slice(user, *permission))
 
-    def get_implicit_roles_for_user(self, name, *domain):
+    def get_implicit_roles_for_user(self, name, domain=None):
         """
         gets implicit roles that a user has.
         Compared to get_roles_for_user(), this function retrieves indirect roles besides direct roles.
@@ -127,28 +120,22 @@ def get_implicit_roles_for_user(self, name, *domain):
         get_roles_for_user("alice") can only get: ["role:admin"].
         But get_implicit_roles_for_user("alice") will get: ["role:admin", "role:user"].
         """
-        res = list()
-        roleSet = dict()
-        roleSet[name] = True
-
-        q = list()
-        q.append(name)
+        res = []
+        queue = [name]
 
-        while len(q) > 0:
-            name = q[0]
-            q = q[1:]
+        while queue:
+            name = queue.pop(0)
 
             for rm in self.rm_map.values():
-                roles = rm.get_roles(name, *domain)
+                roles = rm.get_roles(name, domain)
                 for r in roles:
-                    if r not in roleSet:
+                    if r not in res:
                         res.append(r)
-                        q.append(r)
-                        roleSet[r] = True
+                        queue.append(r)
 
         return res
 
-    def get_implicit_permissions_for_user(self, user, *domain):
+    def get_implicit_permissions_for_user(self, user, domain=None):
         """
         gets implicit permissions for a user or role.
         Compared to get_permissions_for_user(), this function retrieves permissions for inherited roles.
@@ -160,23 +147,17 @@ def get_implicit_permissions_for_user(self, user, *domain):
         get_permissions_for_user("alice") can only get: [["alice", "data2", "read"]].
         But get_implicit_permissions_for_user("alice") will get: [["admin", "data1", "read"], ["alice", "data2", "read"]].
         """
-        roles = self.get_implicit_roles_for_user(user, *domain)
+        roles = self.get_implicit_roles_for_user(user, domain)
 
         roles.insert(0, user)
 
-        withDomain = False
-        if len(domain) == 1:
-            withDomain = True
-        elif len(domain) > 1:
-            return None
-
         res = []
-        permissions = [list()]
         for role in roles:
-            if withDomain:
-                permissions = self.get_permissions_for_user_in_domain(role, domain[0])
+            if domain:
+                permissions = self.get_permissions_for_user_in_domain(role, domain)
             else:
                 permissions = self.get_permissions_for_user(role)
+
             res.extend(permissions)
 
         return res
@@ -227,4 +208,4 @@ def delete_roles_for_user_in_domain(self, user, role, domain):
 
     def get_permissions_for_user_in_domain(self, user, domain):
         """gets permissions for a user or role inside domain."""
-        return self.get_filtered_policy(0, user, domain)
+        return self.get_filtered_policy(0, user, domain)

casbin/management_enforcer.py

@@ -79,12 +79,7 @@ def has_named_policy(self, ptype, *params):
             str_slice = params[0]
             return self.model.has_policy('p', ptype, str_slice)
 
-        policy = []
-
-        for param in params:
-            policy.append(param)
-
-        return self.model.has_policy('p', ptype, policy)
+        return self.model.has_policy('p', ptype, list(params))
 
     def add_policy(self, *params):
         """adds an authorization rule to the current policy.
@@ -113,12 +108,7 @@ def add_named_policy(self, ptype, *params):
             str_slice = params[0]
             rule_added = self._add_policy('p', ptype, str_slice)
         else:
-            policy = []
-
-            for param in params:
-                policy.append(param)
-
-            rule_added = self._add_policy('p', ptype, policy)
+            rule_added = self._add_policy('p', ptype, list(params))
 
         return rule_added
 
@@ -164,12 +154,7 @@ def remove_named_policy(self, ptype, *params):
             str_slice = params[0]
             rule_removed = self._remove_policy('p', ptype, str_slice)
         else:
-            policy = []
-
-            for param in params:
-                policy.append(param)
-
-            rule_removed = self._remove_policy('p', ptype, policy)
+            rule_removed = self._remove_policy('p', ptype, list(params))
 
         return rule_removed
 
@@ -193,12 +178,7 @@ def has_named_grouping_policy(self, ptype, *params):
             str_slice = params[0]
             return self.model.has_policy('g', ptype, str_slice)
 
-        policy = []
-
-        for param in params:
-            policy.append(param)
-
-        return self.model.has_policy('g', ptype, policy)
+        return self.model.has_policy('g', ptype, list(params))
 
     def add_grouping_policy(self, *params):
         """adds a role inheritance rule to the current policy.
@@ -227,12 +207,7 @@ def add_named_grouping_policy(self, ptype, *params):
             str_slice = params[0]
             rule_added = self._add_policy('g', ptype, str_slice)
         else:
-            policy = []
-
-            for param in params:
-                policy.append(param)
-
-            rule_added = self._add_policy('g', ptype, policy)
+            rule_added = self._add_policy('g', ptype, list(params))
 
         if self.auto_build_role_links:
             self.build_role_links()
@@ -268,12 +243,7 @@ def remove_named_grouping_policy(self, ptype, *params):
             str_slice = params[0]
             rule_removed = self._remove_policy('g', ptype, str_slice)
         else:
-            policy = []
-
-            for param in params:
-                policy.append(param)
-
-            rule_removed = self._remove_policy('g', ptype, policy)
+            rule_removed = self._remove_policy('g', ptype, list(params))
 
         if self.auto_build_role_links:
             self.build_role_links()

casbin/model/assertion.py

@@ -13,11 +13,10 @@ def __init__(self):
     def build_role_links(self, rm):
         self.rm = rm
         count = self.value.count("_")
+        if count < 2:
+            raise RuntimeError('the number of "_" in role definition should be at least 2')
 
         for rule in self.policy:
-            if count < 2:
-                raise RuntimeError('the number of "_" in role definition should be at least 2')
-
             if len(rule) < count:
                 raise RuntimeError("grouping policy elements do not meet role definition")
 

casbin/model/policy.py

@@ -1,8 +1,5 @@
 import logging
 
-from casbin import util
-
-
 class Policy:
     def __init__(self):
         self.logger = logging.getLogger()
@@ -36,7 +33,7 @@ def clear_policy(self):
             if sec not in self.model.keys():
                 continue
 
-            for key, ast in self.model[sec].items():
+            for key in self.model[sec].keys():
                 self.model[sec][key].policy = []
 
     def get_policy(self, sec, ptype):
@@ -46,19 +43,10 @@ def get_policy(self, sec, ptype):
 
     def get_filtered_policy(self, sec, ptype, field_index, *field_values):
         """gets rules based on field filters from a policy."""
-        res = []
-
-        for rule in self.model[sec][ptype].policy:
-            matched = True
-            for i, field_value in enumerate(field_values):
-                if field_value != '' and rule[field_index + i] != field_value:
-                    matched = False
-                    break
-
-            if matched:
-                res.append(rule)
-
-        return res
+        return [
+            rule for rule in self.model[sec][ptype].policy
+            if all(value == "" or rule[field_index + i] == value for i, value in enumerate(field_values))
+        ]
 
     def has_policy(self, sec, ptype, rule):
         """determines whether a model has the specified policy rule."""
@@ -80,14 +68,14 @@ def add_policy(self, sec, ptype, rule):
 
     def add_policies(self,sec,ptype,rules):
         """adds policy rules to the model."""
-        
+
         for rule in rules:
             if self.has_policy(sec,ptype,rule):
                 return False
 
         for rule in rules:
             self.model[sec][ptype].policy.append(rule)
-        
+
         return True
 
     def update_policy(self, sec, ptype, old_rule, new_rule):
@@ -109,7 +97,6 @@ def update_policies(self, sec, ptype, old_rules, new_rules):
 
     def remove_policy(self, sec, ptype, rule):
         """removes a policy rule from the model."""
-
         if not self.has_policy(sec, ptype, rule):
             return False
 
@@ -126,7 +113,7 @@ def remove_policies(self, sec, ptype, rules):
             self.model[sec][ptype].policy.remove(rule)
             if rule in self.model[sec][ptype].policy:
                 return False
-        
+
         return True
 
     def remove_filtered_policy(self, sec, ptype, field_index, *field_values):
@@ -140,13 +127,7 @@ def remove_filtered_policy(self, sec, ptype, field_index, *field_values):
             return res
 
         for rule in self.model[sec][ptype].policy:
-            matched = True
-            for i, field_value in enumerate(field_values):
-                if field_value != '' and rule[field_index + i] != field_value:
-                    matched = False
-                    break
-
-            if matched:
+            if all(value == "" or rule[field_index + i] == value for i, value in enumerate(field_values)):
                 res = True
             else:
                 tmp.append(rule)
@@ -157,14 +138,15 @@ def remove_filtered_policy(self, sec, ptype, field_index, *field_values):
 
     def get_values_for_field_in_policy(self, sec, ptype, field_index):
         """gets all values for a field for all rules in a policy, duplicated values are removed."""
-
         values = []
         if sec not in self.model.keys():
             return values
         if ptype not in self.model[sec]:
             return values
 
         for rule in self.model[sec][ptype].policy:
-            values.append(rule[field_index])
+            value = rule[field_index]
+            if value not in values:
+                values.append(value)
 
-        return util.array_remove_duplicates(values)
+        return values

casbin/rbac/default_role_manager/role_manager.py

@@ -103,23 +103,21 @@ def has_link(self, name1, name2, *domain):
                     return True
             return False        
 
-    def get_roles(self, name, *domain):
+    def get_roles(self, name, domain=None):
         """
         gets the roles that a subject inherits.
         domain is a prefix to the roles.
         """
-        if len(domain) == 1:
-            name = domain[0] + "::" + name
-        elif len(domain) > 1:
-            return RuntimeError("error: domain should be 1 parameter")
+        if domain:
+            name = domain + "::" + name
 
         if not self.has_role(name):
             return []
 
         roles = self.create_role(name).get_roles()
-        if len(domain) == 1:
+        if domain:
             for key, value in enumerate(roles):
-                roles[key] = value[len(domain[0]) + 2:]
+                roles[key] = value[len(domain) + 2:]
 
         return roles
 

casbin/util/util.py

@@ -48,17 +48,7 @@ def join_slice(a, *b):
 
 def set_subtract(a, b):
     ''' returns the elements in `a` that aren't in `b`. '''
-    mb = dict()
-
-    for x in b:
-        mb[x] = True
-
-    diff = list()
-    for x in a:
-        if x not in mb:
-            diff.append(x)
-
-    return diff
+    return [i for i in a if i not in b]
 
 def has_eval(s):
     '''determine whether matcher contains function eval'''

test_filter.py

@@ -34,7 +34,7 @@ def test_load_filtered_policy(self):
 
         self.assertTrue(e.has_policy(['admin', 'domain1', 'data1','read']))
         self.assertFalse(e.has_policy(['admin', 'domain2', 'data2','read']))
-        
+
         with self.assertRaises(RuntimeError):
             e.save_policy()
 
@@ -121,5 +121,5 @@ def test_filtered_adapter_invalid_filepath(self):
         adapter = casbin.persist.adapters.FilteredAdapter("examples/does_not_exist_policy.csv")
         e = casbin.Enforcer("examples/rbac_with_domains_model.conf", adapter)
 
-        with self.assertRaises(FileNotFoundError):
-            e.load_filtered_policy(None)
+        with self.assertRaises(RuntimeError):
+            e.load_filtered_policy(None)