UpdateFilteredPoliciesSelf provides a method for dispatcher to update a set of authorization rules from the current policy.
(shouldPersist func() bool, sec string, ptype string, newRules [][]string, fieldIndex int, fieldValues ...string)
| 198 | |
| 199 | // UpdateFilteredPoliciesSelf provides a method for dispatcher to update a set of authorization rules from the current policy. |
| 200 | func (d *DistributedEnforcer) UpdateFilteredPoliciesSelf(shouldPersist func() bool, sec string, ptype string, newRules [][]string, fieldIndex int, fieldValues ...string) (bool, error) { |
| 201 | d.m.Lock() |
| 202 | defer d.m.Unlock() |
| 203 | var ( |
| 204 | oldRules [][]string |
| 205 | err error |
| 206 | ) |
| 207 | if shouldPersist != nil && shouldPersist() { |
| 208 | oldRules, err = d.adapter.(persist.UpdatableAdapter).UpdateFilteredPolicies(sec, ptype, newRules, fieldIndex, fieldValues...) |
| 209 | if err != nil { |
| 210 | return false, err |
| 211 | } |
| 212 | } |
| 213 | |
| 214 | ruleChanged, err := d.model.RemovePolicies(sec, ptype, oldRules) |
| 215 | if err != nil { |
| 216 | return ruleChanged, err |
| 217 | } |
| 218 | err = d.model.AddPolicies(sec, ptype, newRules) |
| 219 | if err != nil { |
| 220 | return ruleChanged, err |
| 221 | } |
| 222 | ruleChanged = ruleChanged && len(newRules) != 0 |
| 223 | if !ruleChanged { |
| 224 | return ruleChanged, nil |
| 225 | } |
| 226 | |
| 227 | if sec == "g" { |
| 228 | err := d.BuildIncrementalRoleLinks(model.PolicyRemove, ptype, oldRules) // remove the old rule |
| 229 | if err != nil { |
| 230 | return ruleChanged, err |
| 231 | } |
| 232 | err = d.BuildIncrementalRoleLinks(model.PolicyAdd, ptype, newRules) // add the new rule |
| 233 | if err != nil { |
| 234 | return ruleChanged, err |
| 235 | } |
| 236 | } |
| 237 | |
| 238 | return true, nil |
| 239 | } |
nothing calls this directly
no test coverage detected