go-course/go18
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
go18/devcloud/mcenter/apps/role/api_permission.go
yumaojun03 9eb977cfbf update role
2025-06-08 15:11:14 +08:00

103 lines
3.0 KiB
Go
Raw Blame History

package role
import (
"122.51.31.227/go-course/go18/devcloud/mcenter/apps/endpoint"
"github.com/infraboard/mcube/v2/tools/pretty"
"github.com/infraboard/modules/iam/apps"
)
func NewApiPermission(roleId uint64, spec *ApiPermissionSpec) *ApiPermission {
return &ApiPermission{
ResourceMeta: *apps.NewResourceMeta(),
RoleId: roleId,
ApiPermissionSpec: *spec,
}
}
type ApiPermission struct {
// 基础数据
apps.ResourceMeta
// 角色Id
RoleId uint64 `json:"role_id" gorm:"column:role_id;index" description:"角色Id"`
// Api权限定义
ApiPermissionSpec
}
func (r *ApiPermission) TableName() string {
return "api_permissions"
}
func (r *ApiPermission) String() string {
return pretty.ToJSON(r)
}
func NewResourceActionApiPermissionSpec(service, resource, action string) *ApiPermissionSpec {
return &ApiPermissionSpec{
Extras: map[string]string{},
MatchBy: MATCH_BY_RESOURCE_ACTION,
Service: service,
Resource: resource,
Action: action,
}
}
type ApiPermissionSpec struct {
// 创建者ID
CreateBy uint64 `json:"create_by" gorm:"column:create_by" description:"创建者ID" optional:"true"`
// 角色描述
Description string `json:"description" gorm:"column:description;type:text" bson:"description" description:"角色描述"`
// 权限匹配方式
MatchBy MATCH_BY `json:"match_by" gorm:"column:match_by;type:tinyint(1);index" bson:"match_by" description:"权限匹配方式"`
// MATCH_BY_ID 时指定的 Endpoint Id
EndpointId *uint64 `json:"endpoint_id" gorm:"column:endpoint_id;type:uint;index"`
// 操作标签
Label string `json:"label" gorm:"column:label;type:varchar(200);index"`
// 服务
Service string `json:"service" gorm:"column:service;type:varchar(100);index" bson:"service" description:"服务名称"`
// 资源列表
Resource string `json:"resource" gorm:"column:resource;type:varchar(100);index" bson:"resource" description:"资源名称"`
// 资源操作
Action string `json:"action" bson:"action" gorm:"column:action;type:varchar(100);index"`
// 读或者读写
AccessMode endpoint.ACCESS_MODE `json:"access_mode" bson:"access_mode" gorm:"column:access_mode;type:tinyint(1);index"`
// 其他扩展信息
Extras map[string]string `json:"extras" gorm:"column:extras;serializer:json;type:json" description:"其他扩展信息" optional:"true"`
}
func (a *ApiPermissionSpec) GetEndpointId() uint64 {
if a.EndpointId == nil {
return 0
}
return *a.EndpointId
}
// 判断是否有当前API的访问权限
func (a *ApiPermissionSpec) IsMatch(target *endpoint.Endpoint) bool {
switch a.MatchBy {
case MATCH_BY_ID:
if a.EndpointId == nil {
return false
}
if *a.EndpointId == target.Id {
return true
}
case MATCH_BY_RESOURCE_ACCESS_MODE:
if a.AccessMode == target.AccessMode {
return true
}
case MATCH_BY_RESOURCE_ACTION:
if a.Service != "*" && a.Service != target.Service {
return false
}
if a.Resource != "*" && a.Resource != target.Resource {
return false
}
if a.Action != "*" && a.Action != target.Action {
return false
}
return true
}
return false
}
Reference in New Issue View Git Blame Copy Permalink