github.com/1aal/kubeblocks@v0.0.0-20231107070852-e1c03e598921/pkg/lorry/engines/mongodb/roles.go (about) 1 /* 2 Copyright (C) 2022-2023 ApeCloud Co., Ltd 3 4 This file is part of KubeBlocks project 5 6 This program is free software: you can redistribute it and/or modify 7 it under the terms of the GNU Affero General Public License as published by 8 the Free Software Foundation, either version 3 of the License, or 9 (at your option) any later version. 10 11 This program is distributed in the hope that it will be useful 12 but WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 GNU Affero General Public License for more details. 15 16 You should have received a copy of the GNU Affero General Public License 17 along with this program. If not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 package mongodb 21 22 import ( 23 "context" 24 25 "github.com/pkg/errors" 26 "go.mongodb.org/mongo-driver/bson" 27 "go.mongodb.org/mongo-driver/mongo" 28 ) 29 30 func CreateRole(ctx context.Context, client *mongo.Client, role string, privileges []RolePrivilege, roles []interface{}) error { 31 resp := OKResponse{} 32 33 privilegesArr := bson.A{} 34 for _, p := range privileges { 35 privilegesArr = append(privilegesArr, p) 36 } 37 38 rolesArr := bson.A{} 39 for _, r := range roles { 40 rolesArr = append(rolesArr, r) 41 } 42 43 m := bson.D{ 44 {Key: "createRole", Value: role}, 45 {Key: "privileges", Value: privilegesArr}, 46 {Key: "roles", Value: rolesArr}, 47 } 48 49 res := client.Database("admin").RunCommand(ctx, m) 50 if res.Err() != nil { 51 return errors.Wrap(res.Err(), "failed to create role") 52 } 53 54 err := res.Decode(&resp) 55 if err != nil { 56 return errors.Wrap(err, "failed to decode response") 57 } 58 59 if resp.OK != 1 { 60 return errors.Errorf("mongo says: %s", resp.Errmsg) 61 } 62 63 return nil 64 } 65 66 func UpdateRole(ctx context.Context, client *mongo.Client, role string, privileges []RolePrivilege, roles []interface{}) error { 67 resp := OKResponse{} 68 69 privilegesArr := bson.A{} 70 for _, p := range privileges { 71 privilegesArr = append(privilegesArr, p) 72 } 73 74 rolesArr := bson.A{} 75 for _, r := range roles { 76 rolesArr = append(rolesArr, r) 77 } 78 79 m := bson.D{ 80 {Key: "updateRole", Value: role}, 81 {Key: "privileges", Value: privilegesArr}, 82 {Key: "roles", Value: rolesArr}, 83 } 84 85 res := client.Database("admin").RunCommand(ctx, m) 86 if res.Err() != nil { 87 return errors.Wrap(res.Err(), "failed to create role") 88 } 89 90 err := res.Decode(&resp) 91 if err != nil { 92 return errors.Wrap(err, "failed to decode response") 93 } 94 95 if resp.OK != 1 { 96 return errors.Errorf("mongo says: %s", resp.Errmsg) 97 } 98 99 return nil 100 } 101 102 func GetRole(ctx context.Context, client *mongo.Client, role string) (*Role, error) { 103 resp := RoleInfo{} 104 105 res := client.Database("admin").RunCommand(ctx, bson.D{ 106 {Key: "rolesInfo", Value: role}, 107 {Key: "showPrivileges", Value: true}, 108 }) 109 if res.Err() != nil { 110 return nil, errors.Wrap(res.Err(), "run command") 111 } 112 113 err := res.Decode(&resp) 114 if err != nil { 115 return nil, errors.Wrap(err, "failed to decode response") 116 } 117 if resp.OK != 1 { 118 return nil, errors.Errorf("mongo says: %s", resp.Errmsg) 119 } 120 if len(resp.Roles) == 0 { 121 return nil, nil 122 } 123 return &resp.Roles[0], nil 124 }