feat: (rbac) builtin role

2022-04-20 17:36:45 +08:00 · 2022-04-20 17:36:45 +08:00 · abad11e3bf
parent b8b9765292
commit abad11e3bf
4 changed files with 69 additions and 39 deletions
--- a/internal/biz/enum/const.go
+++ b/internal/biz/enum/const.go
@ -1,9 +1,6 @@
 package enum

-import (
-	"infini.sh/console/model/rbac"
-	"infini.sh/framework/core/orm"
-)
+import "time"

 const CreateUser = "create_user"
 const UpdateUser = "update_user"
@ -36,29 +33,50 @@ const InstanceProxy = "instance_proxy"
 var Admin = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser, CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission}
 var AdminUser = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser}
 var AdminRole = []string{CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission}
-var BuildRoles = []rbac.Role{
-	{
-		ORMObjectBase: orm.ORMObjectBase{
-			ID: "admin",
-		},
-		Name:        "admin",
-		Description: "管理员",
-		RoleType:    "console",
-		Permission: rbac.ConsolePermission{
-			ApiPermission: Admin,
-		},
-		BuiltIn: true,
-	},
-	{
-		ORMObjectBase: orm.ORMObjectBase{
-			ID: "admin_user",
-		},
-		Name:        "admin_user",
-		Description: "用户模块管理员",
-		RoleType:    "console",
-		Permission: rbac.ConsolePermission{
-			ApiPermission: AdminUser,
-		},
-		BuiltIn: true,
-	},
+var BuildRoles = make(map[string]map[string]interface{}, 0)
+
+func init() {
+	BuildRoles["admin"] = map[string]interface{}{
+		"id":          "admin",
+		"name":        "admin",
+		"permission":  AdminUser,
+		"builtin":     true,
+		"description": "is admin",
+		"created":     time.Now(),
+	}
 }
+
+// BuildRoles["admin"] = {
+//	"id":"admin",
+//	"name":"admin",
+//}
+//{
+//	"name":"admin",
+//	"id":"admin",
+//
+//},{
+//
+//}
+//	{
+//		"name": "admin",
+//		Name:        "admin",
+//		Description: "管理员",
+//		RoleType:    "console",
+//		Permission: rbac.ConsolePermission{
+//			ApiPermission: Admin,
+//		},
+//		BuiltIn: true,
+//	},
+//	{
+//		ORMObjectBase: orm.ORMObjectBase{
+//			ID: "admin_user",
+//		},
+//		Name:        "admin_user",
+//		Description: "用户模块管理员",
+//		RoleType:    "console",
+//		Permission: rbac.ConsolePermission{
+//			ApiPermission: AdminUser,
+//		},
+//		BuiltIn: true,
+//	},
+//}
--- a/internal/biz/role.go
+++ b/internal/biz/role.go
@ -147,6 +147,7 @@ func GetRole(id string) (role rbac.Role, err error) {
 	return
 }
 func SearchRole(keyword string, from, size int) (roles orm.Result, err error) {
+
 	query := orm.Query{}

 	queryDSL := `{"query":{"bool":{"must":[%s]}}, "from": %d,"size": %d}`
--- a/plugin/api/account/account.go
+++ b/plugin/api/account/account.go
@ -19,14 +19,14 @@ func init() {
 	account := Account{}
 	api.HandleAPIMethod(api.POST, "/account/login", account.Login)

-	//api.HandleAPIMethod(api.GET, "/account/current_user", account.CurrentUser)
+	api.HandleAPIMethod(api.GET, "/account/current_user", account.CurrentUser)

 	api.HandleAPIMethod(api.DELETE, "/account/logout", account.Logout)
 	api.HandleAPIMethod(api.GET, "/account/profile", m.LoginRequired(account.Profile))
 	api.HandleAPIMethod(api.PUT, "/account/password", m.LoginRequired(account.UpdatePassword))
 }

-const userInSession = "user_in_session"
+const userInSession = "user_session:"

 func (h Account) Login(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {

@ -44,7 +44,7 @@ func (h Account) Login(w http.ResponseWriter, r *http.Request, ps httprouter.Par
 	}
 	data["status"] = "ok"

-	api.SetSession(w, r, userInSession, req.Username)
+	//api.SetSession(w, r, userInSession+req.Username, req.Username)
 	h.WriteOKJSON(w, data)
 }

--- a/plugin/api/rbac/role.go
+++ b/plugin/api/rbac/role.go
@ -7,6 +7,8 @@ import (
 	"infini.sh/console/internal/core"
 	"infini.sh/console/internal/dto"
 	httprouter "infini.sh/framework/core/api/router"
+	"infini.sh/framework/core/elastic"
+	"infini.sh/framework/core/util"
 	"net/http"
 )

@ -55,15 +57,24 @@ func (h Rbac) SearchRole(w http.ResponseWriter, r *http.Request, ps httprouter.P
 		h.Error(w, err)
 		return
 	}
-	roles := make([]interface{}, 0)
-	for _, role := range enum.BuildRoles {
-		roles = append(roles, role)
-	}
-	for _, v := range res.Result {
-		roles = append(roles, v)
+	response := elastic.SearchResponse{}
+	util.FromJSONBytes(res.Raw, &response)
+
+	list := response.Hits.Hits
+	var index string
+	for _, v := range list {
+		index = v.Index
 	}

-	h.WriteOKJSON(w, core.Response{Hit: roles, Total: res.Total + int64(len(enum.BuildRoles))})
+	list = append(list, elastic.IndexDocument{
+		ID:     "admin",
+		Index:  index,
+		Type:   "_doc",
+		Source: enum.BuildRoles["admin"],
+	})
+	response.Hits.Hits = list
+
+	h.WriteOKJSON(w, response)
 	return

 }