From 4afcd7c82f0ee6d12890cf14e13f32337569aee2 Mon Sep 17 00:00:00 2001 From: xushuhui Date: Thu, 14 Apr 2022 16:06:16 +0800 Subject: [PATCH] fix: (rbac) init load EsApis --- config/permission.json | 27 ++++++-------------------- plugin/api/rbac/biz/permission.go | 32 ++++++++++++++++++++++++------- plugin/api/rbac/init.go | 12 ++++++++++-- 3 files changed, 41 insertions(+), 30 deletions(-) diff --git a/config/permission.json b/config/permission.json index b651c014..f44ec1c2 100644 --- a/config/permission.json +++ b/config/permission.json @@ -1,29 +1,10 @@ { - "list": [ - "msearch", - "info", - "bulk", - "count", - "delete", - "termvectors", - "ping", - "mtermvectors", - "exists", - "explain", - "index", - "search", - "scroll", - "update", - "get", - "create", - "reindex", - "scripts", - "mget" - ], + "bulk": [ "bulk" ], "cat": [ + "*", "cat.indices", "cat.help", "cat.repositories", @@ -46,6 +27,7 @@ "cat.master" ], "cluster": [ + "*", "cluster.health", "cluster.get_settings", "cluster.pending_tasks", @@ -57,15 +39,18 @@ "cluster.state" ], "count": [ + "*", "count" ], "doc": [ + "*", "doc.update", "doc.put", "doc.create", "doc.delete" ], "exists": [ + "*", "exists" ], "explain": [ diff --git a/plugin/api/rbac/biz/permission.go b/plugin/api/rbac/biz/permission.go index 31b056f6..6c0da28d 100644 --- a/plugin/api/rbac/biz/permission.go +++ b/plugin/api/rbac/biz/permission.go @@ -1,21 +1,39 @@ package biz -var CategoryApi = make(map[string][]string) +var ClusterApis = make([]string, 0) +var EsApis = make(map[string][]string) type ConsolePermisson struct { Id string `json:"id"` Name string `json:"name"` } +// func ListConsolePermisson() (list []ConsolePermisson, err error) { list = []ConsolePermisson{ { - Id: "1", - Name: "数据管理", + Id: "cluster_overview", + Name: "平台概览", }, { - Id: "2", - Name: "网关管理", + Id: "cluster_search", + Name: "平台搜索", + }, + { + Id: "cluster_elasticsearch", + Name: "集群监控", + }, + { + Id: "cluster_elasticsearch_refresh", + Name: "集群监控刷新", + }, + { + Id: "cluster_activities", + Name: "集群动态", + }, + { + Id: "cluster_activities_search", + Name: "集群动态搜索", }, } return @@ -29,8 +47,8 @@ type ElasticsearchPermisson struct { func ListElasticsearchPermisson() (permisson ElasticsearchPermisson, err error) { permisson = ElasticsearchPermisson{ - ClusterPrivileges: CategoryApi["list"], - IndexPrivileges: CategoryApi["indices"], + ClusterPrivileges: ClusterApis, + IndexPrivileges: EsApis["indices"], } return } diff --git a/plugin/api/rbac/init.go b/plugin/api/rbac/init.go index 4411f4e4..e1b434d8 100644 --- a/plugin/api/rbac/init.go +++ b/plugin/api/rbac/init.go @@ -23,6 +23,8 @@ func registerRouter() { api.HandleAPIMethod(api.GET, "/roles", r.ListRole) } + +//TODO 权限一级配置全局变量, func loadJsonConfig() { pwd, _ := os.Getwd() @@ -32,11 +34,17 @@ func loadJsonConfig() { } - err = json.Unmarshal(bytes, &biz.CategoryApi) + err = json.Unmarshal(bytes, &biz.EsApis) if err != nil { panic("json config unmarshal err " + err.Error()) - } + list := make([]string, 0) + list = append(list, "*") + for k := range biz.EsApis { + list = append(list, k) + } + biz.ClusterApis = list + } func init() { registerRouter()