AddPoliciesSelf provides a method for dispatcher to add authorization rules to the current policy. The function returns the rules affected and error.
(shouldPersist func() bool, sec string, ptype string, rules [][]string)
| 29 | // AddPoliciesSelf provides a method for dispatcher to add authorization rules to the current policy. |
| 30 | // The function returns the rules affected and error. |
| 31 | func (d *DistributedEnforcer) AddPoliciesSelf(shouldPersist func() bool, sec string, ptype string, rules [][]string) (affected [][]string, err error) { |
| 32 | d.m.Lock() |
| 33 | defer d.m.Unlock() |
| 34 | if shouldPersist != nil && shouldPersist() { |
| 35 | var noExistsPolicy [][]string |
| 36 | for _, rule := range rules { |
| 37 | var hasPolicy bool |
| 38 | hasPolicy, err = d.model.HasPolicy(sec, ptype, rule) |
| 39 | if err != nil { |
| 40 | return nil, err |
| 41 | } |
| 42 | if !hasPolicy { |
| 43 | noExistsPolicy = append(noExistsPolicy, rule) |
| 44 | } |
| 45 | } |
| 46 | |
| 47 | if err = d.adapter.(persist.BatchAdapter).AddPolicies(sec, ptype, noExistsPolicy); err != nil && err.Error() != notImplemented { |
| 48 | return nil, err |
| 49 | } |
| 50 | } |
| 51 | |
| 52 | affected, err = d.model.AddPoliciesWithAffected(sec, ptype, rules) |
| 53 | if err != nil { |
| 54 | return affected, err |
| 55 | } |
| 56 | |
| 57 | if sec == "g" { |
| 58 | err := d.BuildIncrementalRoleLinks(model.PolicyAdd, ptype, affected) |
| 59 | if err != nil { |
| 60 | return affected, err |
| 61 | } |
| 62 | } |
| 63 | |
| 64 | return affected, nil |
| 65 | } |
| 66 | |
| 67 | // RemovePoliciesSelf provides a method for dispatcher to remove a set of rules from current policy. |
| 68 | // The function returns the rules affected and error. |
nothing calls this directly
no test coverage detected