fix: (rbac) list index names by cluster ids

2022-04-22 18:36:39 +08:00 · 2022-04-22 18:36:39 +08:00 · 0c7d037e07
parent fbacc4ab62
commit 0c7d037e07
5 changed files with 74 additions and 70 deletions
--- a/internal/biz/account.go
+++ b/internal/biz/account.go
@ -100,7 +100,7 @@ func authorize(user Account) (m map[string]interface{}, err error) {
 		"expire_in":    86400,
 		"roles":        []string{"admin"},
 		"privilege": []string{
-			"system_user:all", "system_role:all", "system_cluster:all", "system_command:all",
+			"system.user:all", "system.role:all", "system.cluster:all", "system.command:all",
 		},
 	}
 	return
--- a/internal/biz/permission.go
+++ b/internal/biz/permission.go
@ -6,39 +6,18 @@ var IndexApis = make([]string, 0)
 var RolePermission = make(map[string][]string)

 type ConsolePermisson struct {
-	Menu []Menu `json:"menu"`
+	Platform []Platform `json:"platform"`
 }
-type Menu struct {
-	Id        string   `json:"id"`
-	Name      string   `json:"name"`
-	Privilege []string `json:"privilege,omitempty"`
-	Children  []Menu   `json:"children,omitempty"`
+type Platform struct {
+	Id string `json:"id"`
+
+	Privilege map[string]string `json:"privilege,omitempty"`
+	Children  []Platform        `json:"children,omitempty"`
 }

 func (role ConsoleRole) ListPermission() interface{} {
-	menu := []Menu{
-		{
-			Id:   "system",
-			Name: "系统管理",
-			Children: []Menu{
-				{
-					Id:        "system_user",
-					Name:      "用户管理",
-					Privilege: []string{"none", "read", "all"},
-				},
-				{

-					Id:        "system_role",
-					Name:      "角色管理",
-					Privilege: []string{"none", "read", "all"},
-				},
-			},
-		},
-	}
-	p := ConsolePermisson{
-
-		Menu: menu,
-	}
+	p := ConsolePermisson{}
 	return p
 }
 func (role ElasticsearchRole) ListPermission() interface{} {
--- a/internal/biz/role.go
+++ b/internal/biz/role.go
@ -31,12 +31,10 @@ type ConsoleRole struct {
 	Permission  Permission `json:"permission"`
 }
 type Permission struct {
-	Api  []string         `json:"api"`
 	Menu []MenuPermission `json:"menu"`
 }
 type MenuPermission struct {
 	Id        string `json:"id"`
-	Name      string `json:"name"`
 	Privilege string `json:"privilege"`
 }
 type ElasticsearchRole struct {
--- a/plugin/api/index_management/index.go
+++ b/plugin/api/index_management/index.go
@ -1,6 +1,8 @@
 package index_management

 import (
+	"fmt"
+	"infini.sh/framework/core/elastic"
 	"net/http"
 	"strconv"
 	"strings"
@ -116,43 +118,68 @@ func (handler APIHandler) UpdateDictItemAction(w http.ResponseWriter, req *http.
 	handler.WriteJSON(w, resp, http.StatusOK)

 }
-func (handler APIHandler) ListIndex(w http.ResponseWriter, req *http.Request, ps httprouter.Params) {
-	//	clusterIds := handler.GetParameterOrDefault(req, "cluster_id", "")
-	//	keyword := handler.GetParameterOrDefault(req, "keyword", "")
-	//	Ids := strings.Split(clusterIds, ",")
-	//	var dsl = `{
-	//  "_source": ["metadata.index_name"],
-	//  "collapse": {
-	//    "field": "metadata.index_name"
-	//  },
-	//  "size": 100,
-	//  "query": {
-	//    "bool": {
-	//      "must": [
-	//        {
-	//          "terms": {
-	//            "metadata.cluster_id": [%s]
-	//          }
-	//        },%s
-	//      ],
-	//      "must_not": [
-	//        {
-	//          "term": {
-	//            "metadata.labels.state": {
-	//              "value": "delete"
-	//            }
-	//          }
-	//        }
-	//      ]
-	//    }
-	//  }
-	//}`
-	//	var likeDsl = `{
-	//          "wildcard": {
-	//            "metadata.index_name": {
-	//              "value": "*inf*"
-	//            }
-	//          }
-	//        }`
+func (h APIHandler) ListIndex(w http.ResponseWriter, req *http.Request, ps httprouter.Params) {
+	clusterIds := h.GetParameterOrDefault(req, "ids", "")
+	keyword := h.GetParameterOrDefault(req, "keyword", "")
+	ids := strings.Split(clusterIds, ",")
+	for i := range ids {
+		ids[i] = `"` + ids[i] + `"`
+	}
+	if len(ids) == 0 {
+		h.Error400(w, "id is required")
+		return
+	}
+	var dsl = `{
+	"_source": ["metadata.index_name"],
+	"collapse": {
+	 "field": "metadata.index_name"
+	},
+	"size": 100,
+	"query": {
+	 "bool": {
+	   "must": [
+	     {
+	       "terms": {
+	         "metadata.cluster_id": %s
+	       }
+	     }%s
+	   ],
+	   "must_not": [
+	     {
+	       "term": {
+	         "metadata.labels.state": {
+	           "value": "delete"
+	         }
+	       }
+	     }
+	   ]
+	 }
+	}
+	}`
+
+	str := &strings.Builder{}
+
+	if keyword != "" {
+		str.WriteString(fmt.Sprintf(`,{"wildcard":{"metadata.index_name":{"value":"*%s*"}}}`, keyword))
+	}
+	dsl = fmt.Sprintf(dsl, ids, str)
+
+	esClient := elastic.GetClient(h.Config.Elasticsearch)
+	resp, err := esClient.SearchWithRawQueryDSL(".infini_index", []byte(dsl))
+	if err != nil {
+
+		return
+	}
+	list := resp.Hits.Hits
+	var indexNames []string
+	for _, v := range list {
+		m := v.Source["metadata"].(map[string]interface{})
+		indexNames = append(indexNames, m["index_name"].(string))
+
+	}
+	m := make(map[string]interface{})
+	m["indexnames"] = indexNames
+	h.WriteOKJSON(w, m)
+
 	return
 }
--- a/plugin/api/rbac/init.go
+++ b/plugin/api/rbac/init.go
@ -58,7 +58,7 @@ func loadRolePermission() {
 }
 func init() {
 	registerRouter()
-	loadJsonConfig()
+
 	loadRolePermission()

 }