From f9ec22a0bab03fd7e48994ed9cf5c439a80a9a2d Mon Sep 17 00:00:00 2001 From: Abin Simon Date: Fri, 29 Apr 2022 15:10:36 +0530 Subject: [PATCH] Invalidate casbin cache after every update --- pkg/service/authz.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkg/service/authz.go b/pkg/service/authz.go index 08106fa..92b030e 100644 --- a/pkg/service/authz.go +++ b/pkg/service/authz.go @@ -33,6 +33,7 @@ type authzService struct { } func NewAuthzService(db *bun.DB, en *casbin.CachedEnforcer) AuthzService { + // en.EnableCache(false) // disables caching in casbin return &authzService{ db: db, enforcer: en, @@ -257,6 +258,7 @@ func (s *authzService) CreatePolicies(ctx context.Context, p *authzpbv1.Policies if err != nil { return nil, status.Errorf(codes.Internal, err.Error()) } + s.enforcer.InvalidateCache() return &authzpbv1.BoolReply{Res: res}, nil } @@ -266,6 +268,7 @@ func (s *authzService) DeletePolicies(ctx context.Context, p *authzpbv1.Policy) if err != nil { return nil, status.Errorf(codes.Internal, err.Error()) } + s.enforcer.InvalidateCache() return &authzpbv1.BoolReply{Res: res}, nil } @@ -289,6 +292,7 @@ func (s *authzService) CreateUserGroups(ctx context.Context, p *authzpbv1.UserGr return nil, status.Errorf(codes.Internal, err.Error()) } + s.enforcer.InvalidateCache() return &authzpbv1.BoolReply{Res: res}, nil } @@ -299,6 +303,7 @@ func (s *authzService) DeleteUserGroups(ctx context.Context, p *authzpbv1.UserGr return nil, status.Errorf(codes.Internal, err.Error()) } + s.enforcer.InvalidateCache() return &authzpbv1.BoolReply{Res: res}, nil } @@ -323,6 +328,7 @@ func (s *authzService) CreateRolePermissionMappings(ctx context.Context, p *auth return nil, status.Errorf(codes.Internal, err.Error()) } + s.enforcer.InvalidateCache() return &authzpbv1.BoolReply{Res: res}, nil } @@ -332,5 +338,6 @@ func (s *authzService) DeleteRolePermissionMappings(ctx context.Context, p *auth return nil, status.Errorf(codes.Internal, err.Error()) } + s.enforcer.InvalidateCache() return &authzpbv1.BoolReply{Res: res}, nil }