change model data struct

This commit is contained in:
liugq 2022-05-06 16:01:42 +08:00
parent d7af5dfe12
commit 51497469e4
14 changed files with 145 additions and 336 deletions

View File

@ -11,7 +11,6 @@ import (
"infini.sh/framework/core/global"
"infini.sh/framework/core/orm"
"infini.sh/framework/core/util"
"time"
)
@ -41,7 +40,7 @@ const Secret = "console"
func authenticateUser(username string, password string) (user Account, err error) {
err, result := orm.GetBy("username", username, rbac.User{})
err, result := orm.GetBy("name", username, rbac.User{})
if err != nil {
err = ErrNotFound
return
@ -75,7 +74,7 @@ func authenticateAdmin(username string, password string) (user Account, err erro
user.ID = username
user.Username = username
user.Roles = []rbac.UserRole{{
Id: "admin", Name: "admin",
ID: "admin", Name: "admin",
}}
return user, nil
}
@ -85,7 +84,7 @@ func authorize(user Account) (m map[string]interface{}, err error) {
for _, v := range user.Roles {
role := RoleMap[v.Name]
roles = append(roles, v.Name)
privilege = append(privilege, role.Platform...)
privilege = append(privilege, role.Privilege.Platform...)
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, UserClaims{
User: &User{
@ -143,8 +142,8 @@ func Login(username string, password string) (m map[string]interface{}, err erro
"password": password,
},
User: util.MapStr{
"userid": user.ID,
"username": user.Username,
"id": user.ID,
"name": user.Username,
},
}, nil, nil))
return
@ -181,8 +180,8 @@ func UpdatePassword(localUser *User, req dto.UpdatePassword) (err error) {
"new_password": req.NewPassword,
},
User: util.MapStr{
"userid": user.ID,
"username": user.Username,
"id": user.ID,
"name": user.Name,
},
}, nil, nil))
return
@ -212,8 +211,8 @@ func UpdateProfile(localUser *User, req dto.UpdateProfile) (err error) {
"phone": req.Phone,
},
User: util.MapStr{
"userid": user.ID,
"username": user.Username,
"id": user.ID,
"name": user.Name,
},
}, nil, nil))
return

View File

@ -27,8 +27,8 @@ const (
IndexAll = "data.index:all"
IndexRead = "data.index:read"
ViewsAll = "data.views:all"
ViewsRead = "data.views:read"
ViewsAll = "data.view:all"
ViewsRead = "data.view:read"
DiscoverAll = "data.discover:all"
DiscoverRead = "data.discover:read"
@ -83,8 +83,8 @@ var (
RuleAllPermission = []string{"rule:read", "rule:write"}
AlertReadPermission = []string{"alert:read"}
AlertAllPermission = []string{"alert:read", "alert:write"}
ChannelReadPermssion = []string{"channel:read"}
ChannnelAllPermission = []string{"channel:read", "channel:write"}
ChannelReadPermission = []string{"channel:read"}
ChannelAllPermission = []string{"channel:read", "channel:write"}
ClusterOverviewReadPermission = []string{"clusterOverview:read"}
ClusterOverviewAllPermission = []string{"clusterOverview:read", "clusterOverview:write"}
@ -147,8 +147,8 @@ func init() {
RuleAll: RuleAllPermission,
AlertRead: AlertReadPermission,
AlertAll: AlertAllPermission,
ChannelRead: ChannelReadPermssion,
ChannelAll: ChannnelAllPermission,
ChannelRead: ChannelReadPermission,
ChannelAll: ChannelAllPermission,
ClusterOverviewRead: ClusterOverviewReadPermission,
ClusterOverviewAll: ClusterOverviewAllPermission,

View File

@ -1,11 +1,14 @@
package biz
import "infini.sh/console/internal/core"
import (
"infini.sh/console/internal/core"
"infini.sh/console/model/rbac"
)
var ClusterApis = make(map[string][]string)
var IndexApis = make([]string, 50)
var RoleMap = make(map[string]Role)
var RoleMap = make(map[string]rbac.Role)
type Token struct {
JwtStr string `json:"jwt_str"`
@ -17,19 +20,7 @@ var TokenMap = make(map[string]Token)
var EsApiRoutes = core.NewRouter()
type Role struct {
Name string `json:"name"`
Platform []string `json:"platform,omitempty"`
Cluster []struct {
Id string `json:"id"`
Name string `json:"name"`
} `json:"cluster,omitempty"`
ClusterPrivilege []string `json:"cluster_privilege,omitempty"`
Index []struct {
Name []string `json:"name"`
Privilege []string `json:"privilege"`
} `json:"index,omitempty"`
}
type RolePermission struct {
Platform []string `json:"platform,omitempty"`
Cluster []string `json:"cluster"`
@ -37,30 +28,17 @@ type RolePermission struct {
IndexPrivilege map[string][]string `json:"index_privilege"`
}
type ConsolePermisson struct {
Platform []Platform `json:"platform"`
}
type Platform struct {
Id string `json:"id"`
Privilege map[string]string `json:"privilege,omitempty"`
Children []Platform `json:"children,omitempty"`
}
func (role ConsoleRole) ListPermission() interface{} {
p := ConsolePermisson{}
return p
}
func (role ElasticsearchRole) ListPermission() interface{} {
list := ElasticsearchPermisson{
func ListElasticsearchPermission() interface{} {
list := ElasticsearchPermission{
ClusterPrivileges: ClusterApis,
IndexPrivileges: IndexApis,
}
return list
}
type ElasticsearchPermisson struct {
type ElasticsearchPermission struct {
IndexPrivileges []string `json:"index_privileges"`
ClusterPrivileges map[string][]string `json:"cluster_privileges"`
}

View File

@ -16,68 +16,25 @@ import (
type RoleType = string
const (
Console RoleType = "console"
Platform RoleType = "platform"
Elastisearch RoleType = "elasticsearch"
)
type IRole interface {
ListPermission() interface{}
Create(localUser *User) (id string, err error)
Update(localUser *User, model rbac.Role) (err error)
}
type ConsoleRole struct {
Name string `json:"name"`
Description string `json:"description"`
RoleType string `json:"type" `
Platform []string `json:"platform,omitempty"`
}
type ElasticsearchRole struct {
Name string `json:"name"`
Description string `json:"description" `
RoleType string `json:"type" `
Cluster []struct {
Id string `json:"id"`
Name string `json:"name"`
} `json:"cluster,omitempty"`
ClusterPrivilege []string `json:"cluster_privilege,omitempty"`
Index []struct {
Name []string `json:"name"`
Privilege []string `json:"privilege"`
} `json:"index,omitempty"`
}
func NewRole(typ string) (r IRole, err error) {
switch typ {
case Console:
r = &ConsoleRole{
RoleType: typ,
}
case Elastisearch:
r = &ElasticsearchRole{
RoleType: typ,
}
default:
err = fmt.Errorf("role type %s not support", typ)
func UpdateRole(localUser *User, role *rbac.Role) (err error) {
model, err := GetRole(role.ID)
if err != nil {
return err
}
return
}
func (role ConsoleRole) Update(localUser *User, model rbac.Role) (err error) {
role.Type = model.Type
role.Created = model.Created
changeLog, _ := util.DiffTwoObject(model, role)
model.Description = role.Description
model.Platform = role.Platform
model.Updated = time.Now()
err = orm.Save(model)
role.Updated = time.Now()
err = orm.Save(role)
if err != nil {
return
}
RoleMap[model.Name] = Role{
Name: model.Name,
Platform: model.Platform,
}
RoleMap[model.Name] = model
err = orm.Save(GenerateEvent(event.ActivityMetadata{
Category: "platform",
@ -87,7 +44,7 @@ func (role ConsoleRole) Update(localUser *User, model rbac.Role) (err error) {
Labels: util.MapStr{
"id": model.ID,
"description": model.Description,
"platform": model.Platform,
"privilege": role.Privilege,
"updated": model.Updated,
},
User: util.MapStr{
@ -98,44 +55,8 @@ func (role ConsoleRole) Update(localUser *User, model rbac.Role) (err error) {
return
}
func (role ElasticsearchRole) Update(localUser *User, model rbac.Role) (err error) {
changeLog, _ := util.DiffTwoObject(model, role)
model.Description = role.Description
model.Cluster = role.Cluster
model.Index = role.Index
model.ClusterPrivilege = role.ClusterPrivilege
model.Updated = time.Now()
err = orm.Save(model)
if err != nil {
return
}
RoleMap[model.Name] = Role{
Name: model.Name,
Cluster: model.Cluster,
ClusterPrivilege: model.ClusterPrivilege,
Index: model.Index,
}
err = orm.Save(GenerateEvent(event.ActivityMetadata{
Category: "platform",
Group: "rbac",
Name: "role",
Type: "update",
Labels: util.MapStr{
"id": model.ID,
"description": model.Description,
"platform": model.Platform,
"updated": model.Updated,
},
User: util.MapStr{
"userid": localUser.UserId,
"username": localUser.Username,
},
}, nil, changeLog))
return
}
func (role ConsoleRole) Create(localUser *User) (id string, err error) {
func CreateRole(localUser *User, role *rbac.Role) (id string, err error) {
if role.Name == "" {
err = errors.New("role name is require")
return
@ -156,24 +77,15 @@ func (role ConsoleRole) Create(localUser *User) (id string, err error) {
return
}
newRole := rbac.Role{
Name: role.Name,
Description: role.Description,
RoleType: role.RoleType,
Platform: role.Platform,
}
newRole.ID = util.GetUUID()
newRole.Created = time.Now()
newRole.Updated = time.Now()
err = orm.Save(&newRole)
role.ID = util.GetUUID()
role.Created = time.Now()
role.Updated = time.Now()
err = orm.Save(role)
if err != nil {
return
}
id = newRole.ID
RoleMap[role.Name] = Role{
Name: newRole.Name,
Platform: newRole.Platform,
}
id = role.ID
RoleMap[role.Name] = *role
err = orm.Save(GenerateEvent(event.ActivityMetadata{
Category: "platform",
Group: "rbac",
@ -183,10 +95,8 @@ func (role ConsoleRole) Create(localUser *User) (id string, err error) {
"id": id,
"name": role.Name,
"description": role.Description,
"platform": role.Platform,
"type": role.RoleType,
"created": newRole.Created.Format("2006-01-02 15:04:05"),
"updated": newRole.Updated.Format("2006-01-02 15:04:05"),
"privilege": role.Privilege,
"type": role.Type,
},
User: util.MapStr{
"userid": localUser.UserId,
@ -200,76 +110,6 @@ func (role ConsoleRole) Create(localUser *User) (id string, err error) {
return
}
func (role ElasticsearchRole) Create(localUser *User) (id string, err error) {
if role.Name == "" {
err = errors.New("role name is require")
return
}
if _, ok := enum.BuildRoles[role.Name]; ok {
err = fmt.Errorf("role name %s already exists", role.Name)
return
}
q := orm.Query{Size: 1}
q.Conds = orm.And(orm.Eq("name", role.Name))
err, result := orm.Search(rbac.Role{}, &q)
if err != nil {
return
}
if result.Total > 0 {
err = fmt.Errorf("role name %s already exists", role.Name)
return
}
newRole := rbac.Role{
Name: role.Name,
Description: role.Description,
RoleType: role.RoleType,
}
newRole.Cluster = role.Cluster
newRole.Index = role.Index
newRole.ClusterPrivilege = role.ClusterPrivilege
newRole.ID = util.GetUUID()
newRole.Created = time.Now()
newRole.Updated = time.Now()
err = orm.Save(&newRole)
if err != nil {
return
}
id = newRole.ID
RoleMap[newRole.Name] = Role{
Name: newRole.Name,
Cluster: newRole.Cluster,
ClusterPrivilege: newRole.ClusterPrivilege,
Index: newRole.Index,
}
err = orm.Save(GenerateEvent(event.ActivityMetadata{
Category: "platform",
Group: "rbac",
Name: "role",
Type: "create",
Labels: util.MapStr{
"id": id,
"name": newRole.Name,
"description": newRole.Description,
"cluster": newRole.Cluster,
"index": newRole.Index,
"cluster_privilege": newRole.ClusterPrivilege,
"type": newRole.RoleType,
"created": newRole.Created.Format("2006-01-02 15:04:05"),
"updated": newRole.Updated.Format("2006-01-02 15:04:05"),
},
User: util.MapStr{
"userid": localUser.UserId,
"username": localUser.Username,
},
}, nil, nil))
if err != nil {
log.Error(err)
}
return
}
func DeleteRole(localUser *User, id string) (err error) {
role := rbac.Role{}
role.ID = id
@ -302,11 +142,7 @@ func DeleteRole(localUser *User, id string) (err error) {
"id": id,
"name": role.Name,
"description": role.Description,
"platform": role.Platform,
"cluster": role.Cluster,
"index": role.Index,
"cluster_privilege": role.ClusterPrivilege,
"type": role.RoleType,
"type": role.Type,
"created": role.Created.Format("2006-01-02 15:04:05"),
"updated": role.Updated.Format("2006-01-02 15:04:05"),
}, nil))
@ -342,7 +178,7 @@ func SearchRole(keyword string, from, size int) (roles orm.Result, err error) {
return
}
func IsAllowRoleType(roleType string) (err error) {
if roleType != Console && roleType != Elastisearch {
if roleType != Platform && roleType != Elastisearch {
err = fmt.Errorf("invalid role type %s ", roleType)
return
}

View File

@ -43,11 +43,11 @@ func DeleteUser(localUser *User, id string) (err error) {
},
}, util.MapStr{
"id": id,
"username": user.Username,
"name": user.Name,
"email": user.Email,
"phone": user.Phone,
"password": user.Password,
"name": user.Name,
"nickname": user.NickName,
"tags": user.Tags,
"roles": user.Roles,
"created": user.Created,
@ -57,7 +57,7 @@ func DeleteUser(localUser *User, id string) (err error) {
}
func CreateUser(localUser *User, req dto.CreateUser) (id string, password string, err error) {
q := orm.Query{Size: 1000}
q.Conds = orm.And(orm.Eq("username", req.Username))
q.Conds = orm.And(orm.Eq("name", req.Name))
err, result := orm.Search(rbac.User{}, &q)
if err != nil {
@ -71,7 +71,7 @@ func CreateUser(localUser *User, req dto.CreateUser) (id string, password string
roles := make([]rbac.UserRole, 0)
for _, v := range req.Roles {
roles = append(roles, rbac.UserRole{
Id: v.Id,
ID: v.Id,
Name: v.Name,
})
}
@ -82,7 +82,7 @@ func CreateUser(localUser *User, req dto.CreateUser) (id string, password string
}
user := rbac.User{
Name: req.Name,
Username: req.Username,
NickName: req.NickName,
Password: string(hash),
Email: req.Email,
Phone: req.Phone,
@ -106,11 +106,11 @@ func CreateUser(localUser *User, req dto.CreateUser) (id string, password string
Type: "create",
Labels: util.MapStr{
"id": id,
"username": user.Username,
"name": user.Name,
"email": user.Email,
"phone": user.Phone,
"password": user.Password,
"name": user.Name,
"nick_name": user.NickName,
"tags": user.Tags,
"roles": user.Roles,
"created": user.Created,
@ -133,7 +133,7 @@ func UpdateUser(localUser *User, id string, req dto.UpdateUser) (err error) {
roles := make([]rbac.UserRole, 0)
for _, v := range req.Roles {
roles = append(roles, rbac.UserRole{
Id: v.Id,
ID: v.Id,
Name: v.Name,
})
}
@ -183,7 +183,7 @@ func UpdateUserRole(localUser *User, id string, req dto.UpdateUserRole) (err err
roles := make([]rbac.UserRole, 0)
for _, v := range req.Roles {
roles = append(roles, rbac.UserRole{
Id: v.Id,
ID: v.Id,
Name: v.Name,
})
}
@ -257,7 +257,9 @@ func UpdateUserPassword(localUser *User, id string, password string) (err error)
if err != nil {
return
}
delete(TokenMap, localUser.UserId)
if localUser.UserId == id {
delete(TokenMap, localUser.UserId)
}
err = orm.Save(GenerateEvent(event.ActivityMetadata{
Category: "platform",
Group: "rbac",

View File

@ -114,22 +114,22 @@ func CombineUserRoles(roleNames []string) RolePermission {
m := make(map[string][]string)
for _, val := range roleNames {
role := RoleMap[val]
for _, v := range role.Cluster {
newRole.Cluster = append(newRole.Cluster, v.Id)
for _, v := range role.Privilege.Elasticsearch.Cluster.Resources {
newRole.Cluster = append(newRole.Cluster, v.ID)
}
for _, v := range role.ClusterPrivilege {
for _, v := range role.Privilege.Elasticsearch.Cluster.Permissions {
newRole.ClusterPrivilege = append(newRole.ClusterPrivilege, v)
}
for _, v := range role.Platform {
for _, v := range role.Privilege.Platform {
newRole.Platform = append(newRole.Platform, v)
}
for _, v := range role.Index {
for _, v := range role.Privilege.Elasticsearch.Index {
for _, name := range v.Name {
if _, ok := m[name]; ok {
m[name] = append(m[name], v.Privilege...)
m[name] = append(m[name], v.Permissions...)
} else {
m[name] = v.Privilege
m[name] = v.Permissions
}
}
@ -225,7 +225,7 @@ func ValidatePermission(claims *UserClaims, permissions []string) (err error) {
userPermissions := make([]string, 0)
for _, role := range user.Roles {
if _, ok := RoleMap[role]; ok {
for _, v := range RoleMap[role].Platform {
for _, v := range RoleMap[role].Privilege.Platform {
userPermissions = append(userPermissions, v)
//all include read

View File

@ -16,7 +16,7 @@ type ElasticsearchPermission struct {
IndexPrivilege []string `json:"index_privilege" `
}
type CreateUser struct {
Username string `json:"username"`
NickName string `json:"nick_name"`
Name string `json:"name"`
Email string `json:"email"`

View File

@ -1,51 +1,40 @@
package rbac
import (
"infini.sh/framework/core/orm"
"time"
)
type Role struct {
orm.ORMObjectBase
Name string `json:"name" elastic_mapping:"name:{type:keyword}"`
Description string `json:"description" elastic_mapping:"description:{type:text}"`
RoleType string `json:"type" elastic_mapping:"type:{type:keyword}"`
Platform []string `json:"platform,omitempty" `
BuiltIn bool `json:"builtin" elastic_mapping:"builtin:{type:boolean}"` //是否内置
Cluster []struct {
Id string `json:"id"`
Name string `json:"name"`
} `json:"cluster,omitempty"`
ClusterPrivilege []string `json:"cluster_privilege,omitempty"`
Index []struct {
Name []string `json:"name"`
Privilege []string `json:"privilege"`
} `json:"index,omitempty"`
}
type ConsolePermission struct {
Api []string `json:"api"`
Menu []Menu `json:"menu"`
ID string `json:"id,omitempty" elastic_meta:"_id" elastic_mapping:"id: { type: keyword }"`
Created time.Time `json:"created,omitempty" elastic_mapping:"created: { type: date }"`
Updated time.Time `json:"updated,omitempty" elastic_mapping:"updated: { type: date }"`
Name string `json:"name" elastic_mapping:"name: { type: keyword }"`
Type string `json:"type" elastic_mapping:"type: { type: keyword }"`
Description string `json:"description" elastic_mapping:"description: { type: text }"`
Builtin bool `json:"builtin" elastic_mapping:"builtin: { type: boolean }"`
Privilege RolePrivilege `json:"privilege" elastic_mapping:"privilege: { type: object }"`
}
type Menu struct {
Id string `json:"id"`
Name string `json:"name"`
Privilege string `json:"privilege"`
type RolePrivilege struct {
Platform []string `json:"platform,omitempty" elastic_mapping:"platform: { type: keyword }"`
Elasticsearch ElasticsearchPrivilege `json:"elasticsearch,omitempty" elastic_mapping:"elasticsearch: { type: object }"`
}
type ElasticRole struct {
orm.ORMObjectBase
Name string `json:"name" elastic_mapping:"name:{type:keyword}"`
Description string `json:"description" elastic_mapping:"description:{type:text}"`
RoleType string `json:"type" elastic_mapping:"type:{type:keyword}"`
BuiltIn bool `json:"builtin" elastic_mapping:"builtin:{type:boolean}"` //是否内置
Cluster []struct {
Id string `json:"id"`
Name string `json:"name"`
} `json:"cluster,omitempty"`
ClusterPrivilege []map[string][]string `json:"cluster_privilege,omitempty"`
Index []struct {
Name []string `json:"name"`
Privilege []string `json:"privilege"`
} `json:"index,omitempty"`
type ElasticsearchPrivilege struct {
Cluster ClusterPrivilege `json:"cluster,omitempty" elastic_mapping:"cluster: { type: object }"`
Index []IndexPrivilege `json:"index,omitempty" elastic_mapping:"index: { type: object }"`
}
type InnerCluster struct {
ID string `json:"id" elastic_mapping:"id: { type: keyword }"`
Name string `json:"name" elastic_mapping:"name: { type: keyword }"`
}
type ClusterPrivilege struct {
Resources []InnerCluster `json:"resources,omitempty" elastic_mapping:"resources: { type: object }"`
Permissions []string `json:"permissions,omitempty" elastic_mapping:"permissions: { type: keyword }"`
}
type IndexPrivilege struct {
Name []string `json:"name,omitempty" elastic_mapping:"name: { type: keyword }"`
Permissions []string `json:"permissions,omitempty" elastic_mapping:"permissions: { type: keyword }"`
}

View File

@ -1,18 +1,23 @@
package rbac
import "infini.sh/framework/core/orm"
import (
"time"
)
type User struct {
orm.ORMObjectBase
Username string `json:"username" elastic_mapping:"username:{type:keyword}"`
Password string `json:"password" elastic_mapping:"password:{type:text}"`
Name string `json:"name" elastic_mapping:"name:{type:keyword}"`
Phone string `json:"phone" elastic_mapping:"phone:{type:keyword}"`
Email string `json:"email" elastic_mapping:"email:{type:keyword}"`
Roles []UserRole `json:"roles"`
Tags []string `json:"tags,omitempty" elastic_mapping:"tags:{type:text}"`
ID string `json:"id,omitempty" elastic_meta:"_id" elastic_mapping:"id: { type: keyword }"`
Created time.Time `json:"created,omitempty" elastic_mapping:"created: { type: date }"`
Updated time.Time `json:"updated,omitempty" elastic_mapping:"updated: { type: date }"`
Name string `json:"name" elastic_mapping:"name: { type: keyword }"`
NickName string `json:"nick_name" elastic_mapping:"nick_name: { type: keyword }"`
Password string `json:"password" elastic_mapping:"password: { type: keyword }"`
Email string `json:"email" elastic_mapping:"email: { type: keyword }"`
Phone string `json:"phone" elastic_mapping:"phone: { type: keyword }"`
Tags []string `json:"tags" elastic_mapping:"mobile: { type: keyword }"`
Roles []UserRole `json:"roles" elastic_mapping:"roles: { type: object }"`
}
type UserRole struct {
Id string `json:"id" elastic_mapping:"id:{type:keyword}"`
Name string `json:"name" elastic_mapping:"name:{type:keyword}" `
}
ID string `json:"id" elastic_mapping:"id: { type: keyword }"`
Name string `json:"name" elastic_mapping:"name: { type: keyword }"`
}

View File

@ -114,9 +114,9 @@ func (h Account) Profile(w http.ResponseWriter, r *http.Request, ps httprouter.P
u := util.MapStr{
"user_id": "admin",
"username": "admin",
"name": "admin",
"email": "admin@infini.ltd",
"name": "admin",
"nick_name": "admin",
"phone": "13011111111",
}
h.WriteOKJSON(w, core.FoundResponse(reqUser.UserId, u))
@ -128,9 +128,9 @@ func (h Account) Profile(w http.ResponseWriter, r *http.Request, ps httprouter.P
}
u := util.MapStr{
"user_id": user.ID,
"username": user.Username,
"name": user.Name,
"email": user.Email,
"name": user.Name,
"nick_name": user.NickName,
"phone": user.Phone,
}
h.WriteOKJSON(w, core.FoundResponse(reqUser.UserId, u))

View File

@ -6,12 +6,13 @@ import (
"infini.sh/console/internal/biz"
"infini.sh/console/internal/biz/enum"
m "infini.sh/console/internal/middleware"
"infini.sh/console/model/rbac"
"infini.sh/framework/core/api"
"infini.sh/framework/core/elastic"
"infini.sh/framework/core/util"
"os"
"path"
log "src/github.com/cihub/seelog"
log "github.com/cihub/seelog"
)
type Rbac struct {
@ -70,10 +71,12 @@ func loadJsonConfig() {
}
func loadRolePermission() {
biz.RoleMap = make(map[string]biz.Role)
biz.RoleMap = make(map[string]rbac.Role)
biz.RoleMap["admin"] = biz.Role{
Platform: enum.AdminPrivilege,
biz.RoleMap["admin"] = rbac.Role{
Privilege: rbac.RolePrivilege{
Platform: enum.AdminPrivilege,
},
}
res, err := biz.SearchRole("", 0, 1000)
@ -85,9 +88,12 @@ func loadRolePermission() {
util.FromJSONBytes(res.Raw, &response)
for _, v := range response.Hits.Hits {
var role biz.Role
var role rbac.Role
delete(v.Source, "created")
delete(v.Source, "updated")
err = mapstructure.Decode(v.Source, &role)
if err != nil {
log.Error(err)
return
}
biz.RoleMap[role.Name] = role

View File

@ -9,15 +9,16 @@ import (
func (h Rbac) ListPermission(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
typ := ps.MustGetParameter("type")
role, err := biz.NewRole(typ)
err := biz.IsAllowRoleType(typ)
if err != nil {
_ = log.Error(err.Error())
h.ErrorInternalServer(w, err.Error())
return
}
permissions := role.ListPermission()
var permissions interface{}
if typ == biz.Elastisearch {
permissions = biz.ListElasticsearchPermission()
}
h.WriteOKJSON(w, permissions)
return
}

View File

@ -5,6 +5,7 @@ import (
"infini.sh/console/internal/biz"
"infini.sh/console/internal/biz/enum"
"infini.sh/console/internal/core"
"infini.sh/console/model/rbac"
httprouter "infini.sh/framework/core/api/router"
"infini.sh/framework/core/elastic"
"infini.sh/framework/core/util"
@ -20,20 +21,22 @@ func (h Rbac) CreateRole(w http.ResponseWriter, r *http.Request, ps httprouter.P
h.ErrorInternalServer(w, err.Error())
return
}
irole, err := biz.NewRole(roleType)
err = biz.IsAllowRoleType(roleType)
if err != nil {
h.ErrorInternalServer(w, err.Error())
return
}
err = h.DecodeJSON(r, &irole)
role := &rbac.Role{
Type: roleType,
}
err = h.DecodeJSON(r, role)
if err != nil {
h.Error400(w, err.Error())
return
}
var id string
id, err = irole.Create(localUser)
id, err = biz.CreateRole(localUser, role)
if err != nil {
_ = log.Error(err.Error())
@ -128,24 +131,14 @@ func (h Rbac) UpdateRole(w http.ResponseWriter, r *http.Request, ps httprouter.P
h.ErrorInternalServer(w, err.Error())
return
}
model, err := biz.GetRole(id)
if err != nil {
h.ErrorInternalServer(w, err.Error())
return
}
irole, err := biz.NewRole(model.RoleType)
if err != nil {
h.ErrorInternalServer(w, err.Error())
return
}
err = h.DecodeJSON(r, &irole)
role := &rbac.Role{}
err = h.DecodeJSON(r, role)
if err != nil {
h.Error400(w, err.Error())
return
}
err = irole.Update(localUser, model)
role.ID = id
err = biz.UpdateRole(localUser, role)
if err != nil {
_ = log.Error(err.Error())

View File

@ -29,7 +29,7 @@ func (h Rbac) CreateUser(w http.ResponseWriter, r *http.Request, ps httprouter.P
h.Error400(w, err.Error())
return
}
if req.Username == "" || req.Phone == "" || req.Email == "" {
if req.Name == "" {
h.Error400(w, "username and phone and email is require")
return