github.com/infraboard/keyauth@v0.8.1/apps/role/impl/permission.go (about) 1 package impl 2 3 import ( 4 "context" 5 6 "github.com/infraboard/keyauth/apps/role" 7 "github.com/infraboard/mcube/exception" 8 "github.com/infraboard/mcube/http/request" 9 "go.mongodb.org/mongo-driver/bson" 10 "go.mongodb.org/mongo-driver/mongo" 11 ) 12 13 func insertDocs(perms []*role.Permission) []interface{} { 14 docs := []interface{}{} 15 for i := range perms { 16 docs = append(docs, perms[i]) 17 } 18 return docs 19 } 20 21 func (s *service) QueryPermission(ctx context.Context, req *role.QueryPermissionRequest) (*role.PermissionSet, error) { 22 query, err := newQueryPermissionRequest(req) 23 if err != nil { 24 return nil, err 25 } 26 27 s.log.Debugf("query permission filter: %s", query.FindFilter()) 28 resp, err := s.perm.Find(context.TODO(), query.FindFilter(), query.FindOptions()) 29 if err != nil { 30 return nil, exception.NewInternalServerError("find permissionn error, error is %s", err) 31 } 32 33 // 循环 34 set := role.NewPermissionSet() 35 if !req.SkipItmes { 36 for resp.Next(context.TODO()) { 37 ins := role.NewDeaultPermission() 38 if err := resp.Decode(ins); err != nil { 39 return nil, exception.NewInternalServerError("decode permission error, error is %s", err) 40 } 41 set.Add(ins) 42 } 43 } 44 45 // count 46 count, err := s.perm.CountDocuments(context.TODO(), query.FindFilter()) 47 if err != nil { 48 return nil, exception.NewInternalServerError("get permission count error, error is %s", err) 49 } 50 set.Total = count 51 52 return set, nil 53 } 54 55 func (s *service) DescribePermission(ctx context.Context, req *role.DescribePermissionRequest) (*role.Permission, error) { 56 query, err := newDescribePermissionRequest(req) 57 if err != nil { 58 return nil, err 59 } 60 61 ins := role.NewDeaultPermission() 62 if err := s.perm.FindOne(context.TODO(), query.FindFilter(), query.FindOptions()).Decode(ins); err != nil { 63 if err == mongo.ErrNoDocuments { 64 return nil, exception.NewNotFound("permission %s not found", req) 65 } 66 67 return nil, exception.NewInternalServerError("permission %s error, %s", req, err) 68 } 69 70 return ins, nil 71 } 72 73 func (s *service) AddPermissionToRole(ctx context.Context, req *role.AddPermissionToRoleRequest) (*role.PermissionSet, error) { 74 if err := req.Validate(); err != nil { 75 return nil, exception.NewBadRequest("validate add permission error, %s", err) 76 } 77 78 ins, err := s.DescribeRole(ctx, role.NewDescribeRoleRequestWithID(req.RoleId)) 79 if err != nil { 80 return nil, err 81 } 82 83 // 查询角色条目数是否超标 84 queryPerm := role.NewQueryPermissionRequest(request.NewPageRequest(role.RoleMaxPermission, 1)) 85 queryPerm.SkipItmes = true 86 queryPerm.RoleId = ins.Id 87 ps, err := s.QueryPermission(ctx, queryPerm) 88 if err != nil { 89 return nil, err 90 } 91 if ps.Total+int64(req.Length()) > role.RoleMaxPermission { 92 return nil, exception.NewBadRequest("一个角色最多可以添加%d权限条目, 当前条目数: %d, 新增条目数: %d", 93 role.RoleMaxPermission, ps.Total, req.Length()) 94 } 95 96 perms := role.NewPermission(ins.Id, req.CreateBy, req.Permissions) 97 if _, err := s.perm.InsertMany(ctx, insertDocs(perms)); err != nil { 98 return nil, exception.NewInternalServerError("inserted permission(%s) document error, %s", 99 perms, err) 100 } 101 102 set := role.NewPermissionSet() 103 set.Items = perms 104 return set, nil 105 } 106 107 func (s *service) RemovePermissionFromRole(ctx context.Context, req *role.RemovePermissionFromRoleRequest) (*role.PermissionSet, error) { 108 if err := req.Validate(); err != nil { 109 return nil, exception.NewBadRequest("validate remove permission error, %s", err) 110 } 111 112 delReq, err := newDeletePermissionRequest(req) 113 if err != nil { 114 return nil, err 115 } 116 117 resp, err := s.perm.DeleteMany(context.TODO(), delReq.FindFilter()) 118 if err != nil { 119 return nil, exception.NewInternalServerError("delete permission(%s) error, %s", req.PermissionId, err) 120 } 121 122 if resp.DeletedCount == 0 { 123 return nil, exception.NewNotFound("permission(%s) not found", req.PermissionId) 124 } 125 126 set := role.NewPermissionSet() 127 return set, nil 128 } 129 130 func (s *service) UpdatePermission(ctx context.Context, req *role.UpdatePermissionRequest) (*role.Permission, error) { 131 if err := req.Validate(); err != nil { 132 return nil, exception.NewBadRequest("validate remove permission error, %s", err) 133 } 134 135 ins, err := s.DescribePermission(ctx, role.NewDescribePermissionRequestWithID(req.Id)) 136 if err != nil { 137 return nil, err 138 } 139 140 ins.LabelKey = req.LabelKey 141 ins.MatchAll = req.MatchAll 142 ins.LabelValues = req.LabelValues 143 144 _, err = s.perm.UpdateOne(context.TODO(), bson.M{"_id": ins.Id}, bson.M{"$set": ins}) 145 if err != nil { 146 return nil, exception.NewInternalServerError("update permission(%s) error, %s", ins.Id, err) 147 } 148 return ins, nil 149 }