feat: (rbac) create role / delete role / get role

2022-04-15 11:57:08 +08:00 · 2022-04-15 11:57:08 +08:00 · 6e78f1bfe6
parent 1b1655f0da
commit 6e78f1bfe6
6 changed files with 209 additions and 37 deletions
--- a/main.go
+++ b/main.go
@ -7,6 +7,7 @@ import (
 	"infini.sh/console/model"
 	"infini.sh/console/model/alerting"
 	"infini.sh/console/model/gateway"
+	"infini.sh/console/model/rbac"
 	_ "infini.sh/console/plugin"
 	"infini.sh/framework"
 	"infini.sh/framework/core/elastic"
@ -49,7 +50,7 @@ func main() {
 	terminalFooter := ""

 	app := framework.NewApp("console", "INFINI Cloud Console, The easiest way to operate your own elasticsearch platform.",
-		config.Version,config.BuildNumber, config.LastCommitLog, config.BuildDate, config.EOLDate, terminalHeader, terminalFooter)
+		config.Version, config.BuildNumber, config.LastCommitLog, config.BuildDate, config.EOLDate, terminalHeader, terminalFooter)

 	app.Init(nil)
 	defer app.Shutdown()
@ -58,11 +59,10 @@ func main() {

 	if app.Setup(func() {
 		err := bootstrapRequirementCheck()
-		if err !=nil{
+		if err != nil {
 			panic(err)
 		}

-
 		//load core modules first
 		module.RegisterSystemModule(&elastic2.ElasticModule{})
 		module.RegisterSystemModule(&filter.FilterModule{})
@ -117,20 +117,19 @@ func main() {

 		module.Start()

-
 		orm.RegisterSchemaWithIndexName(model.Dict{}, "dict")
 		orm.RegisterSchemaWithIndexName(model.Reindex{}, "reindex")
 		orm.RegisterSchemaWithIndexName(elastic.View{}, "view")
 		orm.RegisterSchemaWithIndexName(alerting.Alert{}, "alerting-alerts")
 		orm.RegisterSchemaWithIndexName(elastic.CommonCommand{}, "commands")
 		orm.RegisterSchemaWithIndexName(elastic.TraceTemplate{}, "trace-template")
-		orm.RegisterSchemaWithIndexName(gateway.Instance{} , "gateway-instance")
-		orm.RegisterSchemaWithIndexName(alerting.Rule{} , "alert-rule")
-		orm.RegisterSchemaWithIndexName(alerting.Alert{} , "alert-history")
-
+		orm.RegisterSchemaWithIndexName(gateway.Instance{}, "gateway-instance")
+		orm.RegisterSchemaWithIndexName(alerting.Rule{}, "alert-rule")
+		orm.RegisterSchemaWithIndexName(alerting.Alert{}, "alert-history")
+		orm.RegisterSchemaWithIndexName(rbac.Role{}, "rbac-role")
+		orm.RegisterSchemaWithIndexName(rbac.User{}, "rbac-user")
 		api.RegisterSchema()

-
 	}, nil) {
 		app.Run()
 	}
--- a/plugin/api/rbac/biz/role.go
+++ b/plugin/api/rbac/biz/role.go
@ -0,0 +1,77 @@
+package biz
+
+import (
+	"fmt"
+	"infini.sh/console/model/rbac"
+	"infini.sh/console/plugin/api/rbac/dto"
+	"infini.sh/framework/core/util"
+	"time"
+
+	"infini.sh/framework/core/orm"
+)
+
+func CreateRole(req dto.CreateRoleReq) (id string, err error) {
+
+	q := &orm.Query{Size: 1000}
+	q.Conds = orm.And(orm.Eq("name", req.Name))
+
+	err, result := orm.Search(rbac.Role{}, q)
+	if err != nil {
+		return
+	}
+
+	fmt.Println(string(result.Raw))
+	role := &rbac.Role{
+		Name:        req.Name,
+		Description: req.Description,
+		RoleType:    req.RoleType,
+		Permission:  req.Permission,
+	}
+	role.ID = util.GetUUID()
+	role.Created = time.Now()
+	role.Updated = time.Now()
+	err = orm.Save(role)
+	return
+}
+func DeleteRole(id string) (err error) {
+	role := &rbac.Role{}
+	role.ID = id
+	_, err = orm.Get(&role)
+	if err != nil {
+		return
+	}
+	return orm.Delete(role)
+}
+func isExistRole(o interface{}) (err error) {
+	_, err = orm.Get(o)
+	if err != nil {
+		return
+	}
+
+	return
+}
+func UpdateRole(id string, req dto.UpdateRoleReq) (err error) {
+	role := rbac.Role{}
+	role.ID = id
+	_, err = orm.Get(&role)
+	if err != nil {
+		return
+	}
+	role.Description = req.Description
+	role.Permission = req.Permission
+	err = orm.Save(role)
+	return
+}
+func GetRole(id string) (role rbac.Role, err error) {
+
+	role.ID = id
+	_, err = orm.Get(&role)
+	if err != nil {
+		return
+	}
+
+	return
+}
+func SearchRole() (roles []rbac.Role, err error) {
+	return
+}
--- a/plugin/api/rbac/dto/role.go
+++ b/plugin/api/rbac/dto/role.go
@ -0,0 +1,18 @@
+package dto
+
+type CreateRoleReq struct {
+	Name        string      `json:"name"`
+	Description string      `json:"description" `
+	RoleType    string      `json:"type" `
+	Permission  interface{} `json:"permission"`
+}
+type UpdateRoleReq struct {
+	Description string      `json:"description" `
+	Permission  interface{} `json:"permission"`
+}
+type ElasticsearchPermission struct {
+	Cluster          []string `json:"cluster" `
+	Index            []string `json:"index" `
+	ClusterPrivilege []string `json:"cluster_privilege" `
+	IndexPrivilege   []string `json:"index_privilege" `
+}
--- a/plugin/api/rbac/init.go
+++ b/plugin/api/rbac/init.go
@ -16,11 +16,16 @@ type Rbac struct {
 func registerRouter() {
 	r := Rbac{}
 	api.HandleAPIMethod(api.GET, "/permission/:type", r.ListPermission)
-	api.HandleAPIMethod(api.POST, "/role", r.CreateRole)
+	api.HandleAPIMethod(api.POST, "/role/:type", r.CreateRole)
 	api.HandleAPIMethod(api.GET, "/role/:id", r.GetRole)
 	api.HandleAPIMethod(api.DELETE, "/role/:id", r.DeleteRole)
 	api.HandleAPIMethod(api.PUT, "/role/:id", r.UpdateRole)
-	api.HandleAPIMethod(api.GET, "/roles", r.ListRole)
+	api.HandleAPIMethod(api.GET, "/roles/:type", r.ListRole)
+
+	api.HandleAPIMethod(api.GET, "/user/:id", r.ListRole)
+	api.HandleAPIMethod(api.GET, "/users", r.ListRole)
+	api.HandleAPIMethod(api.DELETE, "/user/:id", r.ListRole)
+	api.HandleAPIMethod(api.GET, "/users", r.ListRole)

 }

@ -50,3 +55,35 @@ func init() {
 	registerRouter()
 	loadJsonConfig()
 }
+
+type Response struct {
+	Hit    interface{} `json:"hit,omitempty"`
+	Id     string      `json:"_id,omitempty"`
+	Result string      `json:"result,omitempty"`
+	Found  bool        `json:"found,omitempty"`
+}
+
+func CreateResponse(id string) Response {
+	return Response{
+		Id:     id,
+		Result: "created",
+	}
+}
+func UpdateResponse(id string) Response {
+	return Response{
+		Id:     id,
+		Result: "updated",
+	}
+}
+func DeleteResponse(id string) Response {
+	return Response{
+		Id:     id,
+		Result: "deleted",
+	}
+}
+func NotFoundResponse(id string) Response {
+	return Response{
+		Id:    id,
+		Found: false,
+	}
+}
--- a/plugin/api/rbac/permission.go
+++ b/plugin/api/rbac/permission.go
@ -15,10 +15,6 @@ const (
 	Elastisearch RoleType = "elasticsearch"
 )

-type Response struct {
-	Hit interface{} `json:"hit"`
-}
-
 func validateRoleType(roleType RoleType) (err error) {
 	if roleType != Console && roleType != Elastisearch {
 		err = errors.New("unsupport type parmeter " + roleType)
--- a/plugin/api/rbac/role.go
+++ b/plugin/api/rbac/role.go
@ -2,34 +2,45 @@ package rbac

 import (
 	log "github.com/cihub/seelog"
+	"infini.sh/console/plugin/api/rbac/biz"
+	"infini.sh/console/plugin/api/rbac/dto"
 	httprouter "infini.sh/framework/core/api/router"
 	"net/http"
 )

-type CreateRoleReq struct {
-	Name        string      `json:"name"`
-	Description string      `json:"description" `
-	RoleType    string      `json:"type" `
-	Permission  interface{} `json:"permission"`
-}
-type ElasticsearchPermission struct {
-	Cluster          []string `json:"cluster" `
-	Index            []string `json:"index" `
-	ClusterPrivilege []string `json:"cluster_privilege" `
-	IndexPrivilege   []string `json:"index_privilege" `
-}
-
-func (h Rbac) CreateRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) {
+func (h Rbac) CreateRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	roleType := ps.MustGetParameter("type")
-	err := validateRoleType(roleType)
+	var err error
+	err = validateRoleType(roleType)
 	if err != nil {
 		_ = log.Error(err.Error())
 		_ = h.WriteError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
+	var id string
+
+	switch roleType {
+	case Console:
+		var req dto.CreateRoleReq
+		err = h.DecodeJSON(r, &req)
+		if err != nil {
+			_ = h.WriteError(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		id, err = biz.CreateRole(req)
+	}
+	if err != nil {
+		_ = log.Error(err.Error())
+		_ = h.WriteError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	_ = h.WriteJSON(w, CreateResponse(id), http.StatusOK)
+	return

 }
-func (h Rbac) ListRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) {
+
+func (h Rbac) ListRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {

 	roleType := ps.MustGetParameter("type")
 	err := validateRoleType(roleType)
@ -38,14 +49,48 @@ func (h Rbac) ListRole(w http.ResponseWriter, req *http.Request, ps httprouter.P
 		_ = h.WriteError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
+	return
 }
-func (h Rbac) GetRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) {
-	_ = ps.MustGetParameter("id")

+func (h Rbac) GetRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
+	id := ps.MustGetParameter("id")
+	role, err := biz.GetRole(id)
+
+	if err != nil {
+		_ = log.Error(err.Error())
+		_ = h.WriteError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	h.WriteJSON(w, Response{Hit: role}, http.StatusOK)
+	return
 }
-func (h Rbac) DeleteRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) {
-	_ = ps.MustGetParameter("id")
+
+func (h Rbac) DeleteRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
+	id := ps.MustGetParameter("id")
+	err := biz.DeleteRole(id)
+	if err != nil {
+		_ = log.Error(err.Error())
+		_ = h.WriteError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	_ = h.WriteJSON(w, DeleteResponse(id), http.StatusOK)
 }
-func (h Rbac) UpdateRole(w http.ResponseWriter, req *http.Request, ps httprouter.Params) {
-	_ = ps.MustGetParameter("id")
+
+func (h Rbac) UpdateRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
+	id := ps.MustGetParameter("id")
+	var req dto.UpdateRoleReq
+	err := h.DecodeJSON(r, &req)
+	if err != nil {
+		_ = h.WriteError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	err = biz.UpdateRole(id, req)
+
+	if err != nil {
+		_ = log.Error(err.Error())
+		_ = h.WriteError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	_ = h.WriteJSON(w, UpdateResponse(id), http.StatusOK)
+	return
 }