GSoC Final Report - Casbin-CPP (@casbin)
- Student - Divy Patel
- Mentors - Yang Luo, Joey Xie
- Organization - Casbin, Casbin.org
Casbin deals with developing scalable authorization libraries supporting various access control paradigms like:
- Access Control List (ACL)
- Role Based Access Control (RBAC)
- Attribute Based Access Control (ABAC)
Casbin has its library support over various languages. The prominent ones are:
- casbin core (Golang)
- casbin-cpp (C++)
- casbin-rs (Rust)
- node-casbin (Node JS)
- jcasbin (Java)
- pycasbin (Python)
Casbin's goal is to integrate, the management of the access-control of system resources, objects, into any application seamlessly without any hassle of writing the policy compliance logic. The ecosystem of casbin is rich in all aspects. It supports the policy storage in various databases in form of persistence adapters. Some of the prominent ones are:
- MySQL
- PostgreSQL
- Redis
- MongoDB
The following library functionality modules were implemented:
-
Port interfaces from casbin-core
-
Library API implementation
-
CI/CD integrations
-
Testing Functional Modules
-
Repository Project Documentation
All commits can be seen here
- Implement
logger
interface: The library, currently, don't have a logger adapter support for logging error or exception or background process messages on console. - Implement the
exception
anderror
interface: The library, currently, don't have exception interface support for raising custom exceptions. - Implement
Synced
andCached
Enforcer: Synced Enforcer is a Enforcer implementation which allows library to function in multi-threaded environments. Cached Enforcer stores enforcement results in a cache to return enforcement result quickly on most common or frequent resource access requests. - Implement
Quick Return
Strategy in Effector-Enforcer flow: From Issue #439, this feature is a optimization feature, which is already implemented incasbin-core
.
- Integrating and setting-up C++ expression evaluator: As Casbin's model configuration supports custom matchers and policy processing, we need a expression evaluator to parse the statement and execute the statement on request and policy parameters. I used
duktape
for this purpose. Although the documentation of duktape was detailed enough, but the API functionalities were un-clear before integrating and hands-on testing of duktape library. - Integrating Google Tests with Azure Pipeline Build Process: Azure Pipeline currently doesn't support Google Test Adapter for its VS C++ build process, so has to port all Google Test Modules to Microsoft C++ Test Modules
- Writing regular expressions for parsing model configuartion statements
- Setting up Unix Build: As it was my first experience working with a build-automation tool, hence, had to do my research to come up with casbin-cpp's Unix platform support Automated Build process in
Makefile
.