diff --git a/plugin/api/rbac/init.go b/plugin/api/rbac/init.go index d52d14ac..4411f4e4 100644 --- a/plugin/api/rbac/init.go +++ b/plugin/api/rbac/init.go @@ -9,14 +9,18 @@ import ( "path" ) -type Permisson struct { +type Rbac struct { api.Handler } func registerRouter() { - p := Permisson{} - - api.HandleAPIMethod(api.GET, "/permission/:type", p.ListPermission) + r := Rbac{} + api.HandleAPIMethod(api.GET, "/permission/:type", r.ListPermission) + api.HandleAPIMethod(api.POST, "/role", r.CreateRole) + api.HandleAPIMethod(api.GET, "/role/:id", r.GetRole) + api.HandleAPIMethod(api.DELETE, "/role/:id", r.DeleteRole) + api.HandleAPIMethod(api.PUT, "/role/:id", r.UpdateRole) + api.HandleAPIMethod(api.GET, "/roles", r.ListRole) } func loadJsonConfig() { diff --git a/plugin/api/rbac/permission.go b/plugin/api/rbac/permission.go index 769f5d78..f502043e 100644 --- a/plugin/api/rbac/permission.go +++ b/plugin/api/rbac/permission.go @@ -19,9 +19,20 @@ type Response struct { Hit interface{} `json:"hit"` } -func (h Permisson) ListPermission(w http.ResponseWriter, req *http.Request, ps httprouter.Params) { +func validateRoleType(roleType RoleType) (err error) { + if roleType != Console && roleType != Elastisearch { + err = errors.New("unsupport type parmeter " + roleType) + } + return +} +func (h Rbac) ListPermission(w http.ResponseWriter, req *http.Request, ps httprouter.Params) { typ := ps.MustGetParameter("type") - var err error + err := validateRoleType(typ) + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } var permissons interface{} switch typ { case Console: @@ -29,8 +40,6 @@ func (h Permisson) ListPermission(w http.ResponseWriter, req *http.Request, ps h case Elastisearch: permissons, err = biz.ListElasticsearchPermisson() - default: - err = errors.New("unsupport type parmeter " + typ) } if err != nil { _ = log.Error(err.Error()) diff --git a/plugin/api/rbac/role.go b/plugin/api/rbac/role.go new file mode 100644 index 00000000..dc647dce --- /dev/null +++ b/plugin/api/rbac/role.go @@ -0,0 +1,51 @@ +package rbac + +import ( + log "github.com/cihub/seelog" + httprouter "infini.sh/framework/core/api/router" + "net/http" +) + +type CreateRoleReq struct { + Name string `json:"name"` + Description string `json:"description" ` + RoleType string `json:"type" ` + Permission interface{} `json:"permission"` +} +type ElasticsearchPermission struct { + Cluster []string `json:"cluster" ` + Index []string `json:"index" ` + ClusterPrivilege []string `json:"cluster_privilege" ` + IndexPrivilege []string `json:"index_privilege" ` +} + +func (h Rbac) CreateRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) { + roleType := ps.MustGetParameter("type") + err := validateRoleType(roleType) + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } + +} +func (h Rbac) ListRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) { + + roleType := ps.MustGetParameter("type") + err := validateRoleType(roleType) + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } +} +func (h Rbac) GetRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) { + _ = ps.MustGetParameter("id") + +} +func (h Rbac) DeleteRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) { + _ = ps.MustGetParameter("id") +} +func (h Rbac) UpdateRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) { + _ = ps.MustGetParameter("id") +} diff --git a/plugin/api/rbac/user.go b/plugin/api/rbac/user.go new file mode 100644 index 00000000..8ce97e36 --- /dev/null +++ b/plugin/api/rbac/user.go @@ -0,0 +1,9 @@ +package rbac + +type CreateUserReq struct { + Username string `json:"username" ` + Password string `json:"password" ` + Name string `json:"name" ` + Phone string `json:"phone" ` + Email string `json:"email" ` +}