Add Multi-Context Support for EF Core Adapter#85
Closed
thoraj wants to merge 129 commits intoapache:masterfrom
Closed
Add Multi-Context Support for EF Core Adapter#85thoraj wants to merge 129 commits intoapache:masterfrom
thoraj wants to merge 129 commits intoapache:masterfrom
Conversation
add basic efcore adapter support
1.implement methods(RemoveFilteredPolicy,SavePolicy) 2.modify method(RemovePolicy)
1.implement methods(RemoveFilteredPolicy,SavePolicy) 2.modify method(RemovePolicy)
create a class that inherit IEntityTypeConfiguration<CasbinRule> and then inject it and `CasbinDbContext` will know how to configure CasbinRule Model This feature is useful when you have different names of policy tables, like: `CasbinRule`, `casbin_rules`...
…model Add an option to config casbin model from application code
add some tests
add travis.yml
add generic support
fix RemoveFilteredPolicy only removing single entry instead of all
fix RemoveFilteredPolicy only removing single entry instead of all
First commit
.NET Core and EFCore 3.1 Updated & IAdapter Bug fixed
Implemented async api for IAdapter interface at new version
Add nuget with download times badge
Improve the README.md
…ntext documentation Add comprehensive Transaction Integrity Requirements sections explaining: - Client responsibility for ensuring transaction integrity - How the adapter detects and coordinates shared transactions - Required patterns (context factory, shared connection strings) - Database-specific limitations and requirements - Clear distinction between detection and enforcement - What the adapter does vs. what the client must do Updates: - PR_DESCRIPTION.md: New Transaction Integrity Requirements section - MULTI_CONTEXT_DESIGN.md: Detailed Transaction Integrity Requirements with patterns and examples - MULTI_CONTEXT_USAGE_GUIDE.md: Practical Transaction Integrity guide with correct/incorrect examples - README.md: Added prominent transaction integrity warning Clarifies that transaction atomicity requires: - Client to provide contexts with identical connection strings - Database support for UseTransaction() (SQL Server, PostgreSQL, MySQL, SQLite same file) - Use of context factory pattern for consistency - Understanding that SQLite separate files cannot share transactions Emphasizes client responsibility and adapter's role as detector, not enforcer.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 16 out of 17 changed files in this pull request and generated 10 comments.
Comments suppressed due to low confidence (2)
Casbin.Persist.Adapter.EFCore.UnitTest/Extensions/CasbinDbContextExtension.cs:1
- Line 32 references undefined variable
context(should bedbContext). This will cause a compilation error.
using System;
MULTI_CONTEXT_USAGE_GUIDE.md:1
- [nitpick] The emphasis on 'YOU' and 'YOUR' (capitalized multiple times) reads as overly aggressive. While it's important to communicate responsibility clearly, consider rephrasing in a more professional tone, such as: 'For atomic operations across contexts, ensure all contexts share the same connection string. The adapter detects connection compatibility and automatically coordinates shared transactions, but providing identical connection strings is the application's responsibility.'
# Multi-Context Enforcer Setup Guide
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| where TKey : IEquatable<TKey> | ||
| { | ||
| private DbSet<TPersistPolicy> _persistPolicies; | ||
| private readonly ICasbinDbContextProvider<TKey> _contextProvider; |
There was a problem hiding this comment.
[nitpick] The composite key (DbContext context, string policyType) in the dictionary uses reference equality for DbContext, which is correct. However, consider potential memory growth if many policy types are used, as each (context, policyType) combination is cached separately. While this is likely acceptable for typical Casbin scenarios with limited policy types (p, p2, g, g2, etc.), consider documenting the caching strategy or adding a comment about the expected size bounds.
Suggested change
| private readonly ICasbinDbContextProvider<TKey> _contextProvider; | |
| private readonly ICasbinDbContextProvider<TKey> _contextProvider; | |
| // Caching strategy: Each (DbContext, policyType) combination is cached separately using reference equality for DbContext. | |
| // This is correct and efficient for typical Casbin scenarios, where the number of policy types (e.g., "p", "g", etc.) and contexts is small. | |
| // If used with many policy types or contexts, memory usage may grow; consider this when integrating in large/multi-tenant systems. | |
| // Expected size bounds: usually a handful of entries; unbounded growth is not expected in normal usage. |
Member
|
@thoraj have you tested the PR? |
Replace IInfrastructure cast with official GetDbTransaction() API. Prevents silent failures when enlisting secondary contexts.
Remove incorrect comment stating GetDbConnection() is available in EF Core 5.0+. The method has been available since EF Core 1.0.
Update Obsolete attribute to include explicit false parameter and timeline guidance. Makes intent clear that this is a warning, not an error, while providing timeline for removal in a future major version.
- Specify Exception type in CanShareTransaction() method - Specify Exception type in TestMultiContextTransactionRollback test - Improve comments to clarify defensive programming intent 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Contributor
Author
|
@hsluoyz There are of course tests in the PR. In addition we have done integration testing related to the refactoring:
I have made changes to the PR based on the CoPilot review, so I intend to repeat:
|
- Add XML remarks to EFCoreAdapter class explaining caching strategy - Document memory usage (224 bytes typical, 3.5 KB worst-case) - Add "Performance & Memory Characteristics" section to design doc - Clarify bounded growth pattern and lifecycle expectations Addresses code review feedback about dictionary caching strategy. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Reduce documentation from 1,585 lines to 849 lines (46% reduction) by: - Eliminating duplicate content (transaction integrity, examples, tables) - Showing PolicyTypeContextProvider once instead of three times - Converting full implementation code to pseudocode in design doc - Consolidating three database compatibility tables into one - Removing completed checklist items - Improving structure and navigation USAGE_GUIDE.md: 603 → 382 lines (37% reduction) - Clearer quick start section - One canonical context factory example - Consolidated transaction behavior section (167 → 80 lines) - Single database compatibility table - Removed duplicate PolicyTypeContextProvider from complete example DESIGN.md: 982 → 467 lines (52% reduction) - Maintainer-focused technical content - Pseudocode instead of full implementations (191 → 63 lines) - Condensed performance section - Key implementation decisions only - Removed completed checklist (46 lines) - Clear cross-references to usage guide Benefits: - Zero content duplication - Clear user vs maintainer separation - Faster navigation - Easier maintenance 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Remove non-essential items from requirements: - Motivation: Remove retention strategies (use case, not design motivation) - Functional requirements: Remove sync/async (implicit) and flexible routing (never a design goal) - Technical requirements: Remove "support all operations" (implicit in backward compat) Clarify when to use multi-context: - Good use cases: Remove retention policies bullet - Not recommended: Remove performance comment (multi-context CAN improve performance via smaller policy sets) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Add explicit warning in Step 1 that sharing connection string alone is not enough for transaction guarantees. The database must also support UseTransaction() to coordinate transactions across contexts using a shared physical connection object. This clarifies that: 1. Same connection string is REQUIRED (same database) 2. Database must support UseTransaction() to share connection objects 3. Same connection string alone ≠ automatic atomicity without database support 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Update Step 1 to explain that: - Each UseSqlServer(connectionString) creates a NEW connection object - Matching connection strings signal the adapter to attempt coordination - Adapter uses UseTransaction() to coordinate separate connection objects - Transaction sharing works because SQL Server supports coordination at DB level This addresses the misconception that same connection string = same connection object. Instead, the adapter coordinates SEPARATE connection objects via UseTransaction() when the connection strings match. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
PROBLEM: -------- The original CanShareTransaction() implementation used CONNECTION STRING comparison to determine if contexts could share transactions. This was fundamentally incorrect because EF Core's UseTransaction() requires the SAME DbConnection OBJECT INSTANCE (reference equality), not just matching connection strings. Each call to .UseSqlServer(connectionString) creates a NEW DbConnection object, so: - Two contexts with identical connection strings had DIFFERENT connection objects - String comparison returned TRUE (same strings) - UseTransaction() would fail or behave unpredictably (different objects) WHY THIS MATTERS: ----------------- EF Core's UseTransaction(DbTransaction) method requires that the DbTransaction be associated with the SAME physical DbConnection that all contexts use. Reference equality is required - the database cannot coordinate transactions across separate connection objects even if they connect to the same database. SOLUTION: --------- 1. Changed CanShareTransaction() from string comparison to reference equality check: OLD: return connection?.ConnectionString == firstConnectionString; NEW: return ReferenceEquals(connection, firstConnection); 2. Updated ALL documentation to show correct pattern: - Users MUST create ONE DbConnection object - Pass SAME connection instance to all contexts - Connection lifetime is user's responsibility 3. Added XML documentation explaining reference equality requirement 4. Updated context factory pattern to store and reuse connection object 5. Added connection lifetime management guidance IMPACT: ------- This is a design correction made BEFORE PR apache#85 merges to upstream, so there is NO breaking change to released code. The PR documentation and implementation are being corrected to reflect EF Core's actual requirements. Users following the corrected pattern will get reliable atomic transactions. Users who need separate databases will get predictable non-atomic behavior. FILES CHANGED: -------------- - EFCoreAdapter.cs: CanShareTransaction() now uses ReferenceEquals() - MULTI_CONTEXT_USAGE_GUIDE.md: All examples show shared connection object pattern - MULTI_CONTEXT_DESIGN.md: Detection logic updated to explain reference equality 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Update multi-context quick example and transaction integrity warning to correctly show that contexts must share the same DbConnection object instance (not just matching connection strings). Changes: - Quick example now shows creating shared SqlConnection and passing to contexts - Transaction integrity warning updated to mention reference equality check - Clarified requirement to use .UseSqlServer(connection) not connectionString - Updated documentation link to correct section anchor
Remove aggressive language (capitals, excessive warnings) while maintaining clarity about shared DbConnection requirement and responsibility.
The Exception type requires using System; which was missing after the explicit catch clause changes.
Add comprehensive integration tests that prove transaction guarantees for
multi-context scenarios:
Tests Added (7 core scenarios):
1. SavePolicy_WithSharedConnection_ShouldWriteToAllContextsAtomically
- Verifies atomic writes across 3 contexts with shared connection
2. MultiContextSetup_WithSharedConnection_ShouldShareSamePhysicalConnection
- Proves reference equality of shared DbConnection objects
3. SavePolicy_WhenDuplicateKeyViolationInOneContext_ShouldRollbackAllContexts
- CRITICAL: Forces duplicate key violation, verifies full rollback
4. SavePolicy_WhenTableMissingInOneContext_ShouldRollbackAllContexts
- Verifies rollback on severe failure (missing table)
5. MultipleSaveOperations_WithSharedConnection_ShouldMaintainDataConsistency
- Tests consistency over multiple incremental saves
6. SavePolicy_WithSeparateConnections_ShouldNotBeAtomic
- NEGATIVE TEST: Proves separate connections don't provide atomicity
7. SavePolicy_ShouldReflectDatabaseStateNotCasbinMemory
- Verifies tests check actual database state
Implementation Details:
- Uses SQL Server LocalDB for self-contained testing
- Creates 3 schemas: casbin_policies, casbin_groupings, casbin_roles
- Routes policy types: p → policies, g → groupings, g2 → roles
- Simulates failures via direct SQL (INSERT for conflicts, DROP for missing tables)
- Marked with [Trait("Category", "Integration")] to exclude from CI/CD
Package Updates:
- Added Casbin.NET 2.7.0 reference to test project
- Added Microsoft.Data.SqlClient 5.2.2
- Added Microsoft.EntityFrameworkCore.SqlServer for all target frameworks
Documentation:
- Added "Verification" section to MULTI_CONTEXT_DESIGN.md with test coverage table
- Explains test architecture, failure simulation, and how to run tests
Run tests with: dotnet test --filter "Category=Integration"
- Created multi_context_model.conf with p, g, and g2 role definitions - Updated integration tests to use new model file - Tests compile but need debugging (LocalDB/database issues) Note: Integration tests currently failing - need investigation
- Add EnableAutoSave and Transaction Atomicity section to MULTI_CONTEXT_USAGE_GUIDE.md - Add AutoSave Mode and Transaction Atomicity to MULTI_CONTEXT_DESIGN.md - Update transaction integrity requirements in README.md - Document all 20 integration tests in Integration/README.md - Explain difference between AutoSave ON (independent commits) and OFF (atomic batch) - Add real-world examples and technical call flows - Document SchemaDistributionTests (2 tests) and AutoSaveTests (11 tests) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit implements comprehensive multi-context transaction atomicity support across separate DbContexts using shared database connections and connection-level transactions. ## Core Implementation Changes ### Schema Updates (v0-v5 → v0-v13) - Upgrade Casbin.NET from 2.7.0 to 2.19.1 to support additional policy values - Add Value7-Value14 properties to EFCorePersistPolicy (mapped to v6-v13 columns) - Update DefaultPersistPolicyEntityTypeConfiguration to configure v6-v13 columns - Update all test fixtures and models to use 14-value schema ### Transaction Coordination - Implement CanShareTransaction() in EFCoreAdapter to detect shared connections - Use connection-level transactions via UseTransaction() when shared connection detected - Add atomic SavePolicyAsync() across multiple contexts with shared transaction - Remove per-operation transactions that caused SAVEPOINT conflicts ### Multi-Context Provider Pattern - Add ICasbinDbContextProvider interface for pluggable context creation - Implement SingleContextProvider for single-context scenarios - Implement PolicyTypeContextProvider for policy-type-based routing (p→policies, g→groupings, g2→roles) - Update EFCoreAdapter to use context provider pattern ### Database Schema Support - Add HasDefaultSchema() to CasbinDbContext for PostgreSQL schema routing - Support multi-schema deployments (casbin_policies, casbin_groupings, casbin_roles) - Ensure schema isolation with proper table qualification ## Test Infrastructure ### Integration Test Fixture - Create TransactionIntegrityTestFixture for PostgreSQL integration tests - Auto-create 3 schemas (casbin_policies, casbin_groupings, casbin_roles) with v0-v13 columns - Provide helper methods: ClearAllPoliciesAsync(), CountPoliciesInSchemaAsync(), InsertPolicyDirectlyAsync() - Add IntegrationTestCollection for sequential test execution (prevent race conditions) ### New Integration Tests (20 total) - **TransactionIntegrityTests (7 tests)**: Multi-context atomicity and rollback verification - **AutoSaveTests (11 tests)**: Casbin.NET AutoSave behavior with multi-context scenarios - **SchemaDistributionTests (2 tests)**: Schema routing with shared connections ## Key Fixes ### SAVEPOINT Transaction Errors **Problem**: PostgreSQL error "cannot start subtransactions during a parallel operation" **Root Cause**: Per-operation transactions conflicted with connection-level transaction **Fix**: Remove SaveChangesAsync() from individual operations when shared transaction active ### Rollback Test Failures **Problem**: Tests expecting 0 policies after rollback found 1-2 policies **Root Cause**: AddPolicyAsync() with AutoSave ON committed immediately, preventing rollback **Fix**: Add enforcer.EnableAutoSave(false) in rollback tests to batch operations ### Schema Routing **Problem**: All policies going to single schema despite multi-context setup **Root Cause**: CasbinDbContext didn't expose schema information **Fix**: Add HasDefaultSchema() method returning correct schema per context ## Breaking Changes - ICasbinDbContextProvider interface added (new adapter constructor parameter) - Schema must have v0-v13 columns (migration required from v0-v5) - Casbin.NET 2.19.1+ required ## Testing - All 20 integration tests passing against PostgreSQL - All existing unit tests passing - Backward compatibility tests verify single-context scenarios 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Remove internal development files that should not be in the public PR: - .claude/settings.local.json (Claude Code permissions config) - CLAUDE.md (Claude Code guidance for AI assistant) - PR_DESCRIPTION.md (PR description draft, available in GitHub PR) These files are useful for development but should not be committed to the repository as they are specific to the Claude Code development workflow.
thoraj
force-pushed
the
taj/multi-dbcontext
branch
from
9219ea7 to
f1d1995
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add Multi-Context Support for EF Core Adapter
Summary
This PR adds multi-context support to the EFCore adapter, allowing Casbin policies to be stored across multiple database contexts. This enables scenarios like separating policy types (p/p2/p3) and grouping types (g/g2/g3) into different databases, schemas, or tables.
Motivation
Users may need to:
Key Features
1. Multi-Context Provider Interface
ICasbinDbContextProvider<TKey>interface for context routingSingleContextProvider<TKey>maintains backward compatibility2. Adaptive Transaction Handling
3. 100% Backward Compatible
Implementation Details
Architecture
EFCoreAdapternow acceptsICasbinDbContextProvider<TKey>in constructorDatabase Support & Limitations
Note: SQLite cannot share transactions across separate database files. The adapter automatically detects this and uses individual transactions per context.
Usage Example
Testing
Test Coverage
Test Scenarios
Documentation
This PR includes comprehensive documentation:
Breaking Changes
None - This is a fully backward-compatible addition. Existing code requires no changes.
Files Changed
Core Implementation
EFCoreAdapter.cs- Updated to support context providers and adaptive transactionsEFCoreAdapter.Internal.cs- Added transaction coordination logicICasbinDbContextProvider.cs- New interface for context providersSingleContextProvider.cs- Default single-context implementationTests
MultiContextTest.cs- 17 comprehensive multi-context testsBackwardCompatibilityTest.cs- 12 backward compatibility testsMultiContextProviderFixture.cs- Test infrastructurePolicyTypeContextProvider.cs- Example provider implementationCasbinDbContextExtension.cs- Enhanced for reliable test database initializationDbContextProviderFixture.cs- Added model initializationDocumentation
MULTI_CONTEXT_DESIGN.md- Complete design documentationMULTI_CONTEXT_USAGE_GUIDE.md- User guide with examplesREADME.md- Updated with multi-context section.gitignore- Added.claude/directoryOther
global.json- Added to ensure consistent .NET SDK versionEFCore-Adapter.sln- Updated with new test filesChecklist
Migration Guide
For existing users, no migration is needed. The adapter works exactly as before when using the single-context constructor:
To adopt multi-context support, use the new constructor:
See MULTI_CONTEXT_USAGE_GUIDE.md for detailed migration examples.
Stats: +2,676 additions, -71 deletions across 16 files