Skip to content

Commit

Permalink
refactor: [torrust#615] code cleanup and improved comments
Browse files Browse the repository at this point in the history
  • Loading branch information
mario-nt committed Jun 15, 2024
1 parent 84c497f commit 4175c57
Showing 1 changed file with 20 additions and 13 deletions.
33 changes: 20 additions & 13 deletions src/services/authorization.rs
Original file line number Diff line number Diff line change
Expand Up @@ -49,28 +49,32 @@ impl Service {
/// # Errors
///
/// Will return an error if:
/// - There is no user_id found in the request
/// - The user_id is not found in the database
/// - There is no user id found in the request
/// - The user id is not found in the database
/// - The user is not authorized to perform the action.
pub async fn authorize(&self, action: ACTION, maybe_user_id: Option<UserId>) -> std::result::Result<(), ServiceError> {
match maybe_user_id {
Some(user_id) => {
let user_guard = self.get_user(user_id).await.map_err(|_| ServiceError::UserNotFound);
// the user that wants to access a resource.
let role = user_guard.unwrap().administrator;
// Checks if the user found in the requests exists in the database
let user_guard = self.get_user(user_id).await?;

let role = user_guard.administrator;

// the user that wants to access a resource.
// The user that wants to access a resource.
let sub = role.to_string();

let act = action; // the operation that the user performs on the resource.
// The operation that the user wants to perform
let act = action;

let enforcer = self.casbin_enforcer.enforcer.read().await;
/* let enforcer = self.casbin_enforcer.clone();
let enforcer_lock = enforcer.enforcer.read().await; */
let authorize = enforcer.enforce((sub, act)).unwrap();
match authorize {
true => Ok(()),
false => Err(ServiceError::Unauthorized),

let authorize = enforcer.enforce((sub, act)).map_err(|_| ServiceError::Unauthorized)?;

if authorize {
Ok(())
} else {
Err(ServiceError::Unauthorized)
}
}
None => Err(ServiceError::Unauthorized),
Expand All @@ -83,6 +87,9 @@ pub struct CasbinEnforcer {
}

impl CasbinEnforcer {
/// # Panics
///
/// It panics if the policy and/or model file cannot be loaded or are missing
pub async fn new() -> Self {
let enforcer = Enforcer::new("casbin/model.conf", "casbin/policy.csv").await.unwrap();
let enforcer = Arc::new(RwLock::new(enforcer));
Expand Down

0 comments on commit 4175c57

Please sign in to comment.