From a1efff50f2af099ec9a79a48fc6d603315023e80 Mon Sep 17 00:00:00 2001
From: xushuhui <xushuhui@infini.ltd>
Date: Sun, 24 Apr 2022 10:49:07 +0800
Subject: [PATCH] fix: (rbac)

---
 internal/biz/account.go       |  7 +++++--
 internal/biz/role.go          |  1 +
 plugin/api/rbac/permission.go | 28 +++++++++++++++-------------
 3 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/internal/biz/account.go b/internal/biz/account.go
index 6e657590..a5bac517 100644
--- a/internal/biz/account.go
+++ b/internal/biz/account.go
@@ -98,13 +98,16 @@ func authorize(user Account) (m map[string]interface{}, err error) {
 	if err != nil {
 		return
 	}
-
+	var roles []string
+	for _, v := range user.Roles {
+		roles = append(roles, v.Name)
+	}
 	m = util.MapStr{
 		"access_token": tokenString,
 		"username":     user.Username,
 		"id":           user.ID,
 		"expire_in":    86400,
-		"roles":        user.Roles,
+		"roles":        roles,
 		"privilege": []string{
 			"system.user:all", "system.role:all", "system.cluster:all", "system.command:all",
 		},
diff --git a/internal/biz/role.go b/internal/biz/role.go
index 0bd19446..0d15dce1 100644
--- a/internal/biz/role.go
+++ b/internal/biz/role.go
@@ -21,6 +21,7 @@ const (
 )
 
 type IRole interface {
+	ListPermission() interface{}
 	Create(localUser *User) (id string, err error)
 	//Delete(localUser *User, id string) (err error)
 }
diff --git a/plugin/api/rbac/permission.go b/plugin/api/rbac/permission.go
index 165b9398..7a356cc8 100644
--- a/plugin/api/rbac/permission.go
+++ b/plugin/api/rbac/permission.go
@@ -1,6 +1,8 @@
 package rbac
 
 import (
+	log "github.com/cihub/seelog"
+	"infini.sh/console/internal/biz"
 	httprouter "infini.sh/framework/core/api/router"
 	"net/http"
 )
@@ -8,19 +10,19 @@ import (
 func (h Rbac) ListPermission(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	typ := ps.MustGetParameter("type")
 
-	//err := biz.IsAllowRoleType(typ)
-	//if err != nil {
-	//	h.Error400(w, err.Error())
-	//	return
-	//}
-	//role, err := biz.NewRole(typ)
-	//
-	//if err != nil {
-	//	_ = log.Error(err.Error())
-	//	h.Error(w, err)
-	//	return
-	//}
+	err := biz.IsAllowRoleType(typ)
+	if err != nil {
+		h.Error400(w, err.Error())
+		return
+	}
+	role, err := biz.NewRole(typ)
 
-	h.WriteOKJSON(w, typ)
+	if err != nil {
+		_ = log.Error(err.Error())
+		h.Error(w, err)
+		return
+	}
+	permissions := role.ListPermission()
+	h.WriteOKJSON(w, permissions)
 	return
 }