go-course/go18
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
go18/devcloud/mcenter/apps/role/impl/api_permission.go

111 lines
3.0 KiB
Go
Raw Normal View History

update role
2025-06-08 15:11:14 +08:00
package impl
import (
"context"
"122.51.31.227/go-course/go18/devcloud/mcenter/apps/endpoint"
"122.51.31.227/go-course/go18/devcloud/mcenter/apps/role"
"github.com/infraboard/mcube/v2/exception"
"github.com/infraboard/mcube/v2/ioc/config/datasource"
"github.com/infraboard/mcube/v2/types"
"gorm.io/gorm"
)
// 添加角色关联API
func (i *RoleServiceImpl) AddApiPermission(ctx context.Context, in *role.AddApiPermissionRequest) ([]*role.ApiPermission, error) {
if err := in.Validate(); err != nil {
return nil, exception.NewBadRequest("validate add api permission error, %s", err)
}
perms := []*role.ApiPermission{}
if err := datasource.DBFromCtx(ctx).Transaction(func(tx *gorm.DB) error {
for i := range in.Items {
item := in.Items[i]
perm := role.NewApiPermission(in.RoleId, item)
if err := tx.Save(perm).Error; err != nil {
return err
}
perms = append(perms, perm)
}
return nil
}); err != nil {
return nil, err
}
return perms, nil
}
// 查询角色关联的权限条目
func (i *RoleServiceImpl) QueryApiPermission(ctx context.Context, in *role.QueryApiPermissionRequest) ([]*role.ApiPermission, error) {
query := datasource.DBFromCtx(ctx).Model(&role.ApiPermission{})
if len(in.RoleIds) > 0 {
query = query.Where("role_id IN ?", in.RoleIds)
}
if len(in.ApiPermissionIds) > 0 {
query = query.Where("id IN ?", in.ApiPermissionIds)
}
perms := []*role.ApiPermission{}
if err := query.
Order("created_at desc").
Find(&perms).Error; err != nil {
return nil, err
}
return perms, nil
}
// 移除角色关联API
func (i *RoleServiceImpl) RemoveApiPermission(ctx context.Context, in *role.RemoveApiPermissionRequest) ([]*role.ApiPermission, error) {
if err := in.Validate(); err != nil {
return nil, err
}
perms, err := i.QueryApiPermission(ctx, role.NewQueryApiPermissionRequest().AddRoleId(in.RoleId).AddPermissionId(in.ApiPermissionIds...))
if err != nil {
return nil, err
}
if err := datasource.DBFromCtx(ctx).
Where("role_id = ?", in.RoleId).
Where("id IN ?", in.ApiPermissionIds).
Delete(&role.ApiPermission{}).
Error; err != nil {
return nil, err
}
return perms, nil
}
// 查询匹配到的Api接口列表
func (i *RoleServiceImpl) QueryMatchedEndpoint(ctx context.Context, in *role.QueryMatchedEndpointRequest) (*types.Set[*endpoint.Endpoint], error) {
set := types.New[*endpoint.Endpoint]()
// 查询角色的权限
perms, err := i.QueryApiPermission(ctx, role.NewQueryApiPermissionRequest().AddRoleId(in.RoleIds...))
if err != nil {
return nil, err
}
// 查询服务的Endpoint列表
endpointReq := endpoint.NewQueryEndpointRequest()
for _, perm := range perms {
endpointReq.WithService(perm.Service)
}
endpoints, err := endpoint.GetService().QueryEndpoint(ctx, endpointReq)
if err != nil {
return nil, err
}
// 找出能匹配的API
endpoints.ForEach(func(t *endpoint.Endpoint) {
for _, perm := range perms {
if perm.IsMatch(t) {
if !endpoint.IsEndpointExist(set, t) {
set.Add(t)
}
}
}
})
return set, nil
}
Reference in New Issue Copy Permalink