MCPcopy
hub / github.com/apache/casbin / ValidateConstraints

Method ValidateConstraints

model/constraint.go:133–163  ·  view source on GitHub ↗

ValidateConstraints validates all constraints against the current policy.

()

Source from the content-addressed store, hash-verified

131
132// ValidateConstraints validates all constraints against the current policy.
133func (model Model) ValidateConstraints() error {
134 // Check if constraints exist
135 if model["c"] == nil || len(model["c"]) == 0 {
136 return nil // No constraints to validate
137 }
138
139 // Check if RBAC is enabled
140 if model["g"] == nil || len(model["g"]) == 0 {
141 return errors.ErrConstraintRequiresRBAC
142 }
143
144 // Get grouping policy
145 gAssertion := model["g"]["g"]
146 if gAssertion == nil {
147 return errors.ErrConstraintRequiresRBAC
148 }
149
150 // Validate each constraint
151 for _, assertion := range model["c"] {
152 constraint, err := parseConstraint(assertion.Key, assertion.Value)
153 if err != nil {
154 return fmt.Errorf("%w: %s", errors.ErrConstraintParsingError, err.Error())
155 }
156
157 if err := model.validateConstraint(constraint, gAssertion.Policy); err != nil {
158 return err
159 }
160 }
161
162 return nil
163}
164
165// validateConstraint validates a single constraint against the policy.
166func (model Model) validateConstraint(constraint *Constraint, groupingPolicy [][]string) error {

Callers 2

loadModelFromConfigMethod · 0.95

Calls 3

validateConstraintMethod · 0.95
parseConstraintFunction · 0.85
ErrorMethod · 0.45

Tested by

no test coverage detected