Set empty string for meaning of all contexts and the nil for the norm…

…al context (#9)

CHANGELOG.md

@@ -2,3 +2,4 @@
 -  First version.
 -  Support delegatee.
 -  Support abstract resource.
+-  Fix bugs.

const.go

@@ -91,7 +91,7 @@ func AddRelation(context any, relation Relation, privilege Privilege) {
 func getPrivilege(context any, relation Relation) Privilege {
 	var cname = getName(context)
 
-	if cmap, ok := relationMap[cname]; ok || cname == "" {
+	if cmap, ok := relationMap[cname]; ok || cname == "nil" {
 		relation = Relation(strings.ToLower(string(relation)))
 		if priv, ok := cmap[relation]; ok {
 			return priv

priv.go

@@ -148,23 +148,27 @@ func (c *Checker) On(resource Resource) error {
 
 // getName returns the name of object.
 func getName(a any) string {
-	if a == nil {
-		return ""
-	}
+	var name = func() string {
+		if a == nil {
+			return "nil"
+		}
 
-	if s, ok := a.(fmt.Stringer); ok {
-		return s.String()
-	}
+		if s, ok := a.(fmt.Stringer); ok {
+			return s.String()
+		}
 
-	var atype = reflect.TypeOf(a)
-	switch atype.Kind() {
-	case reflect.String:
-		return a.(string)
-	case reflect.Struct:
-		return atype.Name()
-	case reflect.Pointer:
-		return atype.Elem().Name()
-	default:
-		panic(XyprivError.New("expected a string, struct, or pointer of struct to get its name"))
-	}
+		var atype = reflect.TypeOf(a)
+		switch atype.Kind() {
+		case reflect.String:
+			return a.(string)
+		case reflect.Struct:
+			return atype.Name()
+		case reflect.Pointer:
+			return atype.Elem().Name()
+		default:
+			panic(XyprivError.New("expected a string, struct, or pointer of struct to get its name"))
+		}
+	}()
+
+	return strings.ReplaceAll(name, ".", "_")
 }

token.go

@@ -127,8 +127,9 @@ func (t LeastPrivilegeToken) Delegate(relation Relation, resource Resource, acti
 
 // setRule adds the condition tuple of relation, scope, and action into token
 // rules. The scope could be context or resource. Use the empty relation to
-// apply all relations in the condition. Use the nil scope to apply all scopes
-// in the condition. Use no action to apply all actions in the condition.
+// apply all relations in the condition. Use the empty string as scope to apply
+// all scopes in the condition. Use no action to apply all actions in the
+// condition.
 func (t *LeastPrivilegeToken) setRule(relation Relation, scope any, action []string, result bool) {
 	var relName = string(relation)
 	var scopeName = getName(scope)

tutorials/8.token/token_test.go

@@ -148,7 +148,8 @@ func Example() {
 	var tokenGroup = xypriv.NewToken()
 	tokenGroup.AllowScope(Group{})
 
-	var tokenNoPriv = xypriv.NewToken()
+	var tokenNormalContext = xypriv.NewToken()
+	tokenNormalContext.AllowScope(nil)
 
 	var group = Group{member: []User{user}}
 	var post = GroupPost{user: user, group: group}
@@ -165,8 +166,8 @@ func Example() {
 		fmt.Println("tokenGroup can update the group post")
 	}
 
-	if xypriv.Check(user).Delegate(tokenNoPriv).Perform("update").On(post) != nil {
-		fmt.Println("tokenNoPriv can't update the group post")
+	if xypriv.Check(user).Delegate(tokenNormalContext).Perform("update").On(post) != nil {
+		fmt.Println("tokenNormalContext can't update the group post")
 	}
 
 	if xypriv.Check(user).Perform("read").On(post) == nil {
@@ -181,17 +182,17 @@ func Example() {
 		fmt.Println("tokenGroup can read the group post")
 	}
 
-	if xypriv.Check(user).Delegate(tokenNoPriv).Perform("read").On(post) != nil {
-		fmt.Println("tokenNoPriv can't read the group post")
+	if xypriv.Check(user).Delegate(tokenNormalContext).Perform("read").On(post) != nil {
+		fmt.Println("tokenNormalContext can't read the group post")
 	}
 
 	// Output:
 	// user can update the group post
 	// tokenReadPost can't update the group post
 	// tokenGroup can update the group post
-	// tokenNoPriv can't update the group post
+	// tokenNormalContext can't update the group post
 	// user can read the group post
 	// tokenReadPost can read the group post
 	// tokenGroup can read the group post
-	// tokenNoPriv can't read the group post
+	// tokenNormalContext can't read the group post
 }