bug: regexMatch() cannot parse {N,M} pattern quantifier - "invalid policy size" error

[mikyll]

Problem

When using the builtin function regexMatch(), I'm not able to use the pattern quantifier {N,M}, because it contains a comma: it's parsed as 2 arguments and the enforcer throws an error "invalid policy size".

Example Use Case

Here's an example for reference:

• file model.conf:

  [request_definition]
  r = sub, obj, act
  [policy_definition]
  p = sub, obj, act
  [policy_effect]
  e = some(where (p.eft == allow))
  [matchers]
  m = regexMatch(r.sub, p.sub) && regexMatch(r.obj, p.obj) && regexMatch(r.act, p.act)
  

• file policy.csv:

  p, test, ^/test/[a-zA-Z0-9]{1,3}$, GET

• file test.lua:

  -- Suppose we already installed casbin with "sudo luarocks install casbin"
  local casbin = require("casbin")
  local enforcer = casbin:new("model.conf", "policy.csv")
  
  -- Test
  print(enforcer:enforce("test", "/test/aB3", "GET"))

Result:

INFO    Model:
INFO    [e.e]:
INFO    {RM = {}, key = "e", policy = {}, policyMap = {}, priorityIndex = -1, tokens = {}, value = "some(where (p_eft == allow))"}
INFO    [p.p]:
INFO    {RM = {}, key = "p", policy = {}, policyMap = {}, priorityIndex = -1, tokens = {"p_sub", "p_obj", "p_act"}, value = "sub, obj, act"}
INFO    [m.m]:
INFO    {RM = {}, key = "m", policy = {}, policyMap = {}, priorityIndex = -1, tokens = {}, value = "regexMatch(r_sub, p_sub) && regexMatch(r_obj, p_obj) && regexMatch(r_act, p_act)"}
INFO    [r.r]:
INFO    {RM = {}, key = "r", policy = {}, policyMap = {}, priorityIndex = -1, tokens = {"r_sub", "r_obj", "r_act"}, value = "sub, obj, act"}
INFO    Policy:

INFO    p:   sub, obj, act:
INFO    {{"test", "^/test/[a-zA-Z0-9]{1", "3}$", "GET"}}
lua: /usr/local/share/lua/5.1/src/main/CoreEnforcer.lua:423: invalid policy size
stack traceback:
        [C]: in function 'error'
        /usr/local/share/lua/5.1/src/main/CoreEnforcer.lua:423: in function 'enforceEx'
        /usr/local/share/lua/5.1/src/main/CoreEnforcer.lua:534: in function 'enforce'
        test-regex.lua:6: in main chunk
        [C]: ? 

What I Tried

I tried to wrap the argument with double quotes, as suggested on the documentation (casbin.org/docs/policy-storage):

NOTE
If your file contains commas, you should wrap them in double quotes. For example:

p, alice, "data1,data2", read    --correct
p, alice, data1,data2, read        --incorrect (the whole phrase "data1,data2" should be wrapped in double quotes)

But with no success, since the double quotes are escaped:

INFO    {{"test", "\"^/test/[a-zA-Z0-9]{1", "3}$\"", "GET"}}
lua: /usr/local/share/lua/5.1/src/main/CoreEnforcer.lua:423: invalid policy size

Online Editor

I also tried this with the online editor (based on node-casbin v5.30.0), and appearently it works with double quotes: https://editor.casbin.org/#EB3SB7NZQ

• policy:

  p, test_no_quotes, ^/test/[a-zA-Z0-9]{1,3}$, GET
  p, test_quotes, "^/test/[a-zA-Z0-9]{1,3}$", GET

• request:

  test_no_quotes, /test/aB3, GET    # false
  test_quotes, /test/aB3, GET       # true Reason: ["test_quotes","^/test/[a-zA-Z0-9]{1,3}$","GET"]
  test_quotes, /test/aB3asd, GET    # false
  

---

Related issue: apache/casbin#886

[casbin-bot]

@Edmond-J-A @rushitote @techoner

[hsluoyz]

@mikyll it seems to be a bug. Can you make a PR to fix it?

[mikyll]

@hsluoyz I'll try, if I'm able to fix it I'll be more than happy to make the PR 🙂

[github-actions]

🎉 This issue has been resolved in version 1.41.9 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀