Casbin = way to authorization
A place for Casbin developers and users
现在注册
已注册用户请  登录
主题样式选择
默认主题样式 ✅
知乎主题样式 
hackerchai
Casbin官方博客站  ›  GSoC2020

GSoC Final Report - Casbin-RS

  •  
  •  
    hackerchai · 2年前 · 272 次点击 
    这是一个创建于 668 天前的主题,其中的信息可能已经有所发展或是发生改变。

    GSoC Final Report - Casbin-RS

    Personal Details

    • First/Last Name: Yi sheng Chai

    • Email: hackerchai.com@gmail.com

    • School/University: Chongqing University

    • Location: Chongqing, China

    • Timezone: China Standard Time (CST), UTC+8

    • Github Profile: https://github.com/hackerchai

    Project Details

    Overview

    Casbin-RS is now ready for production

    Casbin-RS aims at building reliable and high-performance library supporting various model access control for Rust projects. In the past months, I have developed CasbinSqlxAdapter to support fully Async with Casbin Database Adapter, which gives developers an alternative in database adapter selection as well as a more high-performance adapter.

    In addition, now all the components of Casbin-RS have intergrated with Github Action CI and Auto-Release support.

    Casbin-RS is now ready for Actix-web Development

    Actix-web is the the most popular Rust web framework at present. It is also known as the fastestwebframework. With powerful extractors and extensible features, we can build rust-web application easily. In the past months, I am working on how to intergration Casbin with Actix-web together.

    With CasbinActix-webMiddleware, It will provide a basic middleware to reads username(from other AuthN middleware), request path, request method from an user request and sends enforce request (subject, domain, object, action) to casbin enforcer for authorization. The middleware wll block the request if enforcer denied the request. We can automatically handle request with authorization control with this.

    With CasbinActix-webActor, we can wrap casbin into an actor for a safer and easier way to call in request handle. In the actix system, actors are objects which encapsulate state and behavior and run within the Actor System provided by the actix library. We build this actor for basic CRUD operation of casbin instance

    CasbinActix-webRealWorldApp is a fully functional demo which intergrated with Actix-web, CasbinActix-webMiddleware , CasbinActix-webActor, Diesel, CasbinDieselAdaper. It is basically an Anonymous Forum which has admin-user system. With the intergration of casbin, it can authorize the requests and add policies when new user registered. This app provides a set of RESTful API using JWT authentication. This can be seen as an example for developers to use casbin with actix-web.

    The work I have done

    My Weekly Development Report can be seen here.

    CasbinSqlxAdapter

    All the commits made by me: commit-list, this repo is mainly maintained by me.

    • Basic Api Implemntation
    • Test Module For Functions
    • Multi-Databse support: Including MySQL/PostgreSQL
    • Fully Async Support
    • CI/CD Intergrations: Github Actions
    • Auto-Release: Github Actions
    • Database Environment Setupt: Docker
    • Document Writing

    CasbinActix-webMiddleware

    All the commits made by me: commit-list, this repo is mainly maintained by me.

    • Basic Function Implementation
    • Test Module For Middleware
    • Support for AuthN Middleware Intergration
    • Support Domain Model and Domian-less Model
    • Support Get/Set Enforcer for Flexible Demand
    • CI/CD Intergrations: Github Actions
    • Auto-Release: Github Actions
    • Document Writing

    CasbinActix-webActor

    All the commits made by me: commit-list, this repo is mainly maintained by me.

    • Basic Casbin Function Implementation
    • Test Module for Actor Runtime
    • Support Actix Supervisor: Auto-Restart Feature
    • Support Get/Set Enforcer for Flexible Dem,and
    • CI/CD Intergrations: Github Actions
    • Auto-Release: Github Actions
    • Document Writing

    CasbinActix-webRealWorldApp

    All the commits made by me: commit-list, this module is mainly maintained by me.

    • Basic Restful API Implementation using Actix-web: Anonymous Forum
    • Intergration with CasbinActix-webMiddleware and CasbinActix-webActor
    • User JWT Authentication Middleware Implementation
    • Database Design and Migration Implement
    • Casbin Configuration and Structure Design
    • URL White-list for Casbin AuthZ Middleware and JWT AuthN Middleware
    • Preset Policy Databse Initial Implementation
    • CI/CD Intergrations: Github Actions
    • Document Writing

    CasbinDieselAdaper

    All the commits made by me: commit-list

    • Code Refactor and Optimization
    • Database Environment Setup Improvement
    • CI/CD Intergrations: Github Actions
    • Auto-Release: Github Actions
    • Document Writing Improvement
    • Daily Maintenance and Upgrade

    CasbinOfficialWebsite

    All the commits made by me: commit-list

    • Casbin-Rs Actix Middleware & Actor Documentation

    Challenges and Difficulties

    1. RwLock deadlock problem

      When developing the middleware and actor, I have to use RwLock to wrap casbin instance to avoid Rust lifetime issue, they are all set and passed the Unit-Tests. But when I was developing the real-world-app, I encountered several Rwlock Deadlock problems, with my mentor's help, finally I successfully solve the problem by manually dropping the RwLock in case of middleware long-term holding the write lock.

    2. Sqlx compile-time checking and CI issues

      Sqlx-rs uses the compile-time check which forces me to set the database environment up while compiling. When it comes to the CI, it becomes a little difficult for my first time of working with Github Actions. So I have to set up the database docker for the compile time-check. But here is the good news: Sqlx officially announced it will use sqlx-cli to avoid compile-time checking. When the feature comes to stable, I will try to port this feature to our Sqlx Adapter.

    After GSoC

    I will definitely continue contributing to Casbin, there are still a lot to do in the future:

    • Implement new data structure for casbin-rs: For now, out data structure is tree, which causes the usage of lock and makes it hard to support multi-thread processing. In the future, maybe we can use index tree to solve this problem.
    • Implement RPC version of casbin-rs
    272 次点击  ∙  0 人收藏  
      Tweet Weibo 忽略主题 
    目前尚无回复
    关于   ·   FAQ   ·   API   ·   我们的愿景   ·   广告投放   ·   感谢   ·   实用小工具   ·   0 人在线   最高记录 30   ·     选择语言  ·     选择编辑器
    创意工作者们的社区
    World is powered by code
    VERSION: 8a9d12d · 9ms · UTC 02:20 · PVG 10:20 · LAX 19:20 · JFK 22:20
    ♥ Do have faith in what you're doing