Skip to content

Prevent wildcard deletion in deleteUser/deleteRole methods #519

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Copilot wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Prevent wildcard deletion in deleteUser/deleteRole methods #519

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
d39d409
Initial plan
Copilot Dec 8, 2025
3fb78c9
Initial analysis of deleteUser issue
Copilot Dec 8, 2025
a297c64
Add validation to prevent empty strings in delete methods
Copilot Dec 8, 2025
b836d6c
Fix linting issues
Copilot Dec 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions src/enforcer.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -165,6 +165,12 @@ export class Enforcer extends ManagementEnforcer {
* @return succeeds or not.
*/
public async deleteRoleForUser(user: string, role: string, domain?: string): Promise<boolean> {
if (!user) {
throw new Error('user must not be empty');
}
if (!role) {
throw new Error('role must not be empty');
}
if (domain === undefined) {
return this.removeGroupingPolicy(user, role);
} else {
Expand All @@ -181,6 +187,9 @@ export class Enforcer extends ManagementEnforcer {
* @return succeeds or not.
*/
public async deleteRolesForUser(user: string, domain?: string): Promise<boolean> {
if (!user) {
throw new Error('user must not be empty');
}
if (domain === undefined) {
const subIndex = this.getFieldIndex('p', FieldIndex.Subject);
return this.removeFilteredGroupingPolicy(subIndex, user);
Expand All @@ -197,6 +206,9 @@ export class Enforcer extends ManagementEnforcer {
* @return succeeds or not.
*/
public async deleteUser(user: string): Promise<boolean> {
if (!user) {
throw new Error('user must not be empty');
}
const subIndex = this.getFieldIndex('p', FieldIndex.Subject);
const res1 = await this.removeFilteredGroupingPolicy(subIndex, user);
const res2 = await this.removeFilteredPolicy(subIndex, user);
Expand All @@ -211,6 +223,9 @@ export class Enforcer extends ManagementEnforcer {
* @return succeeds or not.
*/
public async deleteRole(role: string): Promise<boolean> {
if (!role) {
throw new Error('role must not be empty');
}
const subIndex = this.getFieldIndex('p', FieldIndex.Subject);
const res1 = await this.removeFilteredGroupingPolicy(subIndex, role);
const res2 = await this.removeFilteredPolicy(subIndex, role);
Expand All @@ -225,6 +240,9 @@ export class Enforcer extends ManagementEnforcer {
* @return succeeds or not.
*/
public async deletePermission(...permission: string[]): Promise<boolean> {
if (permission.length === 0) {
throw new Error('permission must not be empty');
}
return this.removeFilteredPolicy(1, ...permission);
}

Expand All @@ -250,6 +268,9 @@ export class Enforcer extends ManagementEnforcer {
* @return succeeds or not.
*/
public async deletePermissionForUser(user: string, ...permission: string[]): Promise<boolean> {
if (!user) {
throw new Error('user must not be empty');
}
permission.unshift(user);
return this.removePolicy(...permission);
}
Expand All @@ -262,6 +283,9 @@ export class Enforcer extends ManagementEnforcer {
* @return succeeds or not.
*/
public async deletePermissionsForUser(user: string): Promise<boolean> {
if (!user) {
throw new Error('user must not be empty');
}
const subIndex = this.getFieldIndex('p', FieldIndex.Subject);
return this.removeFilteredPolicy(subIndex, user);
}
Expand Down
78 changes: 78 additions & 0 deletions test/rbacAPI.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -219,3 +219,81 @@ test('test rbac with multiple policy definitions', async () => {
['admin', 'create'],
]);
});

test('test deleteUser with empty string should throw error', async () => {
const e = await newEnforcer('examples/rbac_model.conf', 'examples/rbac_with_hierarchy_policy.csv');

// Store initial state
const initialGPolicies = await e.getGroupingPolicy();
const initialPPolicies = await e.getPolicy();
expect(initialGPolicies.length).toBeGreaterThan(0);
expect(initialPPolicies.length).toBeGreaterThan(0);

// Attempt to delete with empty string should throw
await expect(e.deleteUser('')).rejects.toThrow('user must not be empty');

// Verify nothing was deleted
expect(await e.getGroupingPolicy()).toEqual(initialGPolicies);
expect(await e.getPolicy()).toEqual(initialPPolicies);
});

test('test deleteRole with empty string should throw error', async () => {
const e = await newEnforcer('examples/rbac_model.conf', 'examples/rbac_with_hierarchy_policy.csv');

const initialGPolicies = await e.getGroupingPolicy();
const initialPPolicies = await e.getPolicy();
expect(initialGPolicies.length).toBeGreaterThan(0);
expect(initialPPolicies.length).toBeGreaterThan(0);

await expect(e.deleteRole('')).rejects.toThrow('role must not be empty');

expect(await e.getGroupingPolicy()).toEqual(initialGPolicies);
expect(await e.getPolicy()).toEqual(initialPPolicies);
});

test('test deletePermissionsForUser with empty string should throw error', async () => {
const e = await newEnforcer('examples/rbac_model.conf', 'examples/rbac_with_hierarchy_policy.csv');

const initialPPolicies = await e.getPolicy();
expect(initialPPolicies.length).toBeGreaterThan(0);

await expect(e.deletePermissionsForUser('')).rejects.toThrow('user must not be empty');

expect(await e.getPolicy()).toEqual(initialPPolicies);
});

test('test deleteRolesForUser with empty string should throw error', async () => {
const e = await newEnforcer('examples/rbac_model.conf', 'examples/rbac_with_hierarchy_policy.csv');

const initialGPolicies = await e.getGroupingPolicy();
expect(initialGPolicies.length).toBeGreaterThan(0);

await expect(e.deleteRolesForUser('')).rejects.toThrow('user must not be empty');

expect(await e.getGroupingPolicy()).toEqual(initialGPolicies);
});

test('test deleteRoleForUser with empty strings should throw error', async () => {
const e = await newEnforcer('examples/rbac_model.conf', 'examples/rbac_with_hierarchy_policy.csv');

await expect(e.deleteRoleForUser('', 'admin')).rejects.toThrow('user must not be empty');
await expect(e.deleteRoleForUser('alice', '')).rejects.toThrow('role must not be empty');
await expect(e.deleteRoleForUser('', '')).rejects.toThrow('user must not be empty');
});

test('test deletePermissionForUser with empty string should throw error', async () => {
const e = await newEnforcer('examples/rbac_model.conf', 'examples/rbac_with_hierarchy_policy.csv');

await expect(e.deletePermissionForUser('', 'data1', 'read')).rejects.toThrow('user must not be empty');
});

test('test deletePermission with empty array should throw error', async () => {
const e = await newEnforcer('examples/rbac_model.conf', 'examples/rbac_with_hierarchy_policy.csv');

const initialPPolicies = await e.getPolicy();
expect(initialPPolicies.length).toBeGreaterThan(0);

await expect(e.deletePermission()).rejects.toThrow('permission must not be empty');

expect(await e.getPolicy()).toEqual(initialPPolicies);
});
Loading
Loading