- Name: Shivansh Yadav (@Shivansh-yadav13)
- Organisation: Casbin
- Project link: https://summerofcode.withgoogle.com/programs/2022/projects/EVqUyzdC
- Repository link:
- Project Name: Casbin For Node.js - Benchmarks, Feature Enhancement, multiple platform support, Policy Storage Adapter
- Project Summary: Casbin is an authorization library that extends its features to implement Access
Control Lists, Role-Based Access Control, and Attribute-Based Access Control models in various programming languages to its clients. Casbin's core engine is written using golang. Node-Casbin is a version of Casbin which is written using Node.js JavaScript, Node-Casbin can used for implementing authorization for backend programs. Since there are two different middlewares for front-end JavaScript and Back-end JavaScript, the plan was to create a single middleware that would work on both the Front-End & the Back-End and therefore we planned on working on Casbin-core for this summer.
Project Ideas are as follows:
- Adding Benchmarking to Casbin-core.
- Implementing more Features/Functions.
- Adding tests for multiple JavaScript platform.
| Repo | Title | Status |
|---|---|---|
| casbin-website#299 |  |
|
| node-casbin#338 | |
|
| node-casbin#338 | |
|
| casbin-website#301 | |
|
| node-casbin#341 | |
|
| casbin-website#305 | |
|
| node-casbin#347 | |
|
| node-casbin#349 | |
|
| node-casbin#349 | |
|
| node-casbin#353 |  |
|
| pycasbin#249 |  |
|
| node-casbin#361 |  |
|
| node-casbin#361 | |
|
| pycasbin#255 | |
|
| node-casbin#364 | |
|
| casbin-website-v2#2 |  |
|
| mongoose-adapter#56 | |
|
| mongoose-adapter#59 | |
Casbin is an authorization library that supports access control models like ACL, RBAC, ABAC. Originally written in Golang, it has been implemented in various languages and Node-Casbin is the Node.js implementation of Casbin. Since we plan to create a single middlware for all the JavaScript work, I have done some work both in Casbin-Core & Node-Casbin The current progress is:
- Benchmarks were added for the APIs & was added to CI.
| Repo | Title | Status |
|---|---|---|
| casbin-core#4 | |
|
| casbin-core#6 | |
|
| casbin-core#7 | |
- Tests for Front-End JavaScript frameworks were added along with their CI workflow.
| Repo | Title | Status |
|---|---|---|
| casbin-core#2 | |
|
| casbin-core#5 | |
|
| casbin-core#8 | |
|
| casbin-core#10 | |
|
| casbin-core#11 | |
When going over some APIs I found that addPolicies & removePolicies stops the operation for existing/missing policies and for huge policy storage it can get hard to figure the result of this failed operation, so we disucssed on GitHub Issue, we planned on adding seperate methods for this since changing this method might affect the way people using these in their softwares.
| Repo | Title | Status |
|---|---|---|
| casbin-core#9 |  |
|
| casbin-core#12 | |
One more Idea was to add multiple section types means we could be able to pass in an enforce context while calling the enforcer method which contains sections we want to use while enforcing (sections mentioned in the model). Since this was already implemented in the past but was not added to Node-Casbin but a PR was made to Casbin.js which is another library for Front-End JavaScript. We decided to cherry-pick those PR and make necessary changed to make it compatible with present Node-Casbin. Also added some missing features which were present in Casbin Golang.
| Repo | Title | Status |
|---|---|---|
| node-casbin#375 | |
|
| casbin-core#14 | |
|
| casbin-core#17 | |
|
| node-casbin#383 |  |
Another idea came from an existing Node-Casbin Issue, where the idea was to change the working of Node-Casbin to use loadFilteredPolicy before performing Enforce action, this was suggest by the author of the issue, so that any change in the policy storage database will not require any watcher and it will also boost the perfomance since loading of policies depended on the Enforce request.
But on discussing this with my mentor Zixuan Liu, he suggested that it is restricted by the casbin model storage, which will load all policies to memory. So we decided to work on Watcher-Ex which was present in Casbin Golang.
| Repo | Title | Status |
|---|---|---|
| casbin-core#13 | |
|
| casbin-core#15 | |
|
| casbin-core#16 | |
|
| node-casbin#381 | |
|
| redis-watcher#26 |  |
|
| redis-watcher#30 |  |
|
| casbin#1092 | |
|
| node-casbin#384 | |
The work for Cassandra Adapter for Node-Casbin is in progress and can be found at https://github.com/Shivansh-yadav13/cassandra-adapter
| Repo | Title | Status |
|---|---|---|
| nest-authz#156 | |
|
| typeorm-adapter#53 | |
|
| prisma-adapter#46 | |
|
| redis-watcher#29 | |
|
| casbin-website#10 | |
|
| casbin-website#29 | |
|
| casbin-website#42 | |
|
| casbin-website#56 | |
I have contributed to more than one project and all the description and details about the work can we found from the below links:
- Casbin-Core
- Node-Casbin
- For the Node-Casbin project some of the features that were added to the Casbin-Core project can be cherry-picked.
- For the Casbin-Core project the dependencies that were not supported by the Web were removed but still the project needs to become compatible with all the plugins that were created for the Node-Casbin project.
- More tests of the exisiting JavaScript frameworks can be added.
- WatcherEx can be added to more exisitng watcher plugins.
After the GSoC, I would like to explore and contribute to more Casbin's projects like Casbin Golang, K8s Authz, K8s Gatekeeper etc.
This summer I learned a lot and ejoyed working on the projects, all the credit goes to Google for organising this amazing program and, to the Casbin Organization. I would like to thank my mentors Yang Luo(@hsluoyz), Zixuan Liu(nodece) and Xinyu Zhou(Zxilly) for helping me throughout the entire summer, I have learned a lot in terms of tech and collaboration from them. I look forward to working with them in the future.