j8NddlmZddlmZddlmZmZmZGddeZdS))InternalEnforcer)PolicyOp) ACTION_INDEX SUBJECT_INDEX OBJECT_INDEXc,eZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!d Z"d!Z#d"Z$d#Z%d$Z&d%Z'd&Z(d'Z)d(Z*d)Z+d*Z,d+Z-d,Z.d-Z/d.Z0d/Z1d0Z2d1S)2ManagementEnforcerzA ManagementEnforcer = InternalEnforcer + Management API. c,|dS)z=gets the list of subjects that show up in the current policy.p)get_all_named_subjectsselfs d/lsinfo/ai/hellotax_ai/base_platform/venv/lib/python3.11/site-packages/casbin/management_enforcer.pyget_all_subjectsz#ManagementEnforcer.get_all_subjectss**3///cz|j|t}|jd||S)zCgets the list of subjects that show up in the current named policy.r )modelget_field_indexrget_values_for_field_in_policyrptype field_indexs rr z)ManagementEnforcer.get_all_named_subjectss3j00 FF z88e[QQQrc,|dS)z>>rc|jdg|RS)zadds an authorization rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule. r )add_named_policyrFs r add_policyzManagementEnforcer.add_policyhs %t$S262222rc.|d|S)aadds authorization rules to the current policy. If the rule already exists, the function returns false for the corresponding rule and the rule will not be added. Otherwise the function returns true for the corresponding rule by adding the new rule. r )add_named_policiesrruless r add_policieszManagementEnforcer.add_policiesps &&sE222rct|dkr;t|dtr |d}|d||}n$|d|t|}|S)zadds an authorization rule to the current named policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule. r)rr )rKrLrM _add_policy)rrrGrO rule_addeds rrQz#ManagementEnforcer.add_named_policyxsm v;;!   6!9d ; ; q I))#ui@@JJ))#ud6llCCJrc0|d||S)a adds authorization rules to the current named policy. If the rule already exists, the function returns false for the corresponding rule and the rule will not be added. Otherwise the function returns true for the corresponding by adding the new rule.r ) _add_policiesrrrVs rrTz%ManagementEnforcer.add_named_policiess !!#ue444rc0|d||S)z6updates an authorization rule from the current policy.r )update_named_policy)rold_rulenew_rules r update_policyz ManagementEnforcer.update_policys''Xx@@@rc0|d||S)z4updates authorization rules from the current policy.r )update_named_policies)r old_rules new_ruless rupdate_policiesz"ManagementEnforcer.update_policiess))#y)DDDrc2|d|||S)zupdate_filtered_policies deletes old rules and adds new rules.r )update_filtered_named_policies)rrfrr1s rupdate_filtered_policiesz+ManagementEnforcer.update_filtered_policiess"2t23 ;^Q]^^^^rc$|jd|||g|RS)zDupdate_filtered_named_policies deletes old rules and adds new rules.r )_update_filtered_policies)rrrfrr1s rrmz1ManagementEnforcer.update_filtered_named_policiess$-t-c5)[`S_````rc|jdg|RS)z6removes an authorization rule from the current policy.r )remove_named_policyrFs r remove_policyz ManagementEnforcer.remove_policys't'5f5555rc.|d|S)z4removes authorization rules from the current policy.r )remove_named_policiesrUs rremove_policiesz"ManagementEnforcer.remove_policiess))#u555rc |jd|g|RS)zVremoves an authorization rule from the current policy, field filters can be specified.r )remove_filtered_named_policyr0s rremove_filtered_policyz)ManagementEnforcer.remove_filtered_policys0t0kQLQQQQrct|dkr;t|dtr |d}|d||}n$|d|t|}|S)z>>rc|jdg|RS)zadds a role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule. r$)add_named_grouping_policyrFs radd_grouping_policyz&ManagementEnforcer.add_grouping_policys .t-c;F;;;;rc.|d|S)a#adds role inheritance rules to the current policy. If the rule already exists, the function returns false for the corresponding policy rule and the rule will not be added. Otherwise the function returns true for the corresponding policy rule by adding the new rule. r$)add_named_grouping_policiesrUs radd_grouping_policiesz(ManagementEnforcer.add_grouping_policiess //U;;;rcHg}t|dkrPt|dtr5|d}|d||}||nF|d|t|}|t||jro|j|j|tj d||||j vr3|j |j |tj d|||S)zadds a named role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule. r)rr$) rKrLrMrYappendauto_build_role_linksrbuild_incremental_role_linksrm_mapr Policy_add cond_rm_map(build_incremental_conditional_role_links)rrrGrVrOrZs rrz,ManagementEnforcer.add_named_grouping_policys v;;!   6!9d ; ; q I))#ui@@J LL # # # #))#ud6llCCJ LLf & & &  %  J 3 3DK4FH[]`bgin o o o((( CC$U+X-@#uerc|d||}|jr3|j|j|t jd|||S)a adds named role inheritance rules to the current policy. If the rule already exists, the function returns false for the corresponding policy rule and the rule will not be added. Otherwise the function returns true for the corresponding policy rule by adding the new rule.r$)r\rrrrrr)rrrV rules_addeds rrz.ManagementEnforcer.add_named_grouping_policiessX ((eU;;  % p J 3 3DK4FH[]`bgin o o orc|jdg|RS)z8removes a role inheritance rule from the current policy.r$)remove_named_grouping_policyrFs rremove_grouping_policyz)ManagementEnforcer.remove_grouping_policys0t0>v>>>>rc.|d|S)z7removes role inheritance rules from the current policy.r$)remove_named_grouping_policiesrUs rremove_grouping_policiesz+ManagementEnforcer.remove_grouping_policies s223>>>rc |jd|g|RS)zXremoves a role inheritance rule from the current policy, field filters can be specified.r$)%remove_filtered_named_grouping_policyr0s rremove_filtered_grouping_policyz2ManagementEnforcer.remove_filtered_grouping_policys9t9#{Z\ZZZZrcg}t|dkrPt|dtr5|d}|d||}||nF|d|t|}|t||jr5|r3|j|j|tj d|||S)z>removes a role inheritance rule from the current named policy.r)rr$) rKrLrMr{rrrrrr Policy_remove)rrrGrVrOr|s rrz/ManagementEnforcer.remove_named_grouping_policys v;;!   6!9d ; ; q I..sE9EEL LL # # # #..sE4<<HHL LLf & & &  % s, s J 3 3DK4FH^`cejlq r r rrc|d||}|jr5|r3|j|j|t jd|||S)z=removes role inheritance rules from the current named policy.r$)r~rrrrrr)rrrV rules_removeds rrz1ManagementEnforcer.remove_named_grouping_policies"s^--c5%@@  % s- s J 3 3DK4FH^`cejlq r r rrc|jd||g|R}|jr5|r3|j|j|t jd|||S)z^removes a role inheritance rule from the current named policy, field filters can be specified.r$)'_remove_filtered_policy_returns_effectsrrrrrr)rrrr1r|s rrz8ManagementEnforcer.remove_filtered_named_grouping_policy+skCtCCP[k^jkkk  % ,  J 3 3 E"H$:C    rc<|j||dS)zadds a customized function.N)fm add_function)rnamefuncs rrzManagementEnforcer.add_function5s  T4(((((rN)3__name__ __module__ __qualname____doc__rr rrr!r r&r%r-r2r,r/r=rAr<r@rHrErRrWrQrTrbrgr_rdrnrmrsrvryrrrurxrrrrrrrrrrrrrrrr r s000RRR ///RRR ///RRR ---HHH***OOO111VVV333XXX111VVV333???333333   555AAAEEECCCGGG___aaa666666RRR   888TTT<<< ???<<<<<<0   ??????[[[ )))))rr N) casbin.internal_enforcerrcasbin.model.policy_oprcasbin.constant.constantsrrrr rrrrs655555++++++OOOOOOOOOOc)c)c)c)c))c)c)c)c)c)r