feat: (rbac) builtin role
This commit is contained in:
parent
b8b9765292
commit
abad11e3bf
|
@ -1,9 +1,6 @@
|
|||
package enum
|
||||
|
||||
import (
|
||||
"infini.sh/console/model/rbac"
|
||||
"infini.sh/framework/core/orm"
|
||||
)
|
||||
import "time"
|
||||
|
||||
const CreateUser = "create_user"
|
||||
const UpdateUser = "update_user"
|
||||
|
@ -36,29 +33,50 @@ const InstanceProxy = "instance_proxy"
|
|||
var Admin = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser, CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission}
|
||||
var AdminUser = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser}
|
||||
var AdminRole = []string{CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission}
|
||||
var BuildRoles = []rbac.Role{
|
||||
{
|
||||
ORMObjectBase: orm.ORMObjectBase{
|
||||
ID: "admin",
|
||||
},
|
||||
Name: "admin",
|
||||
Description: "管理员",
|
||||
RoleType: "console",
|
||||
Permission: rbac.ConsolePermission{
|
||||
ApiPermission: Admin,
|
||||
},
|
||||
BuiltIn: true,
|
||||
},
|
||||
{
|
||||
ORMObjectBase: orm.ORMObjectBase{
|
||||
ID: "admin_user",
|
||||
},
|
||||
Name: "admin_user",
|
||||
Description: "用户模块管理员",
|
||||
RoleType: "console",
|
||||
Permission: rbac.ConsolePermission{
|
||||
ApiPermission: AdminUser,
|
||||
},
|
||||
BuiltIn: true,
|
||||
},
|
||||
var BuildRoles = make(map[string]map[string]interface{}, 0)
|
||||
|
||||
func init() {
|
||||
BuildRoles["admin"] = map[string]interface{}{
|
||||
"id": "admin",
|
||||
"name": "admin",
|
||||
"permission": AdminUser,
|
||||
"builtin": true,
|
||||
"description": "is admin",
|
||||
"created": time.Now(),
|
||||
}
|
||||
}
|
||||
|
||||
// BuildRoles["admin"] = {
|
||||
// "id":"admin",
|
||||
// "name":"admin",
|
||||
//}
|
||||
//{
|
||||
// "name":"admin",
|
||||
// "id":"admin",
|
||||
//
|
||||
//},{
|
||||
//
|
||||
//}
|
||||
// {
|
||||
// "name": "admin",
|
||||
// Name: "admin",
|
||||
// Description: "管理员",
|
||||
// RoleType: "console",
|
||||
// Permission: rbac.ConsolePermission{
|
||||
// ApiPermission: Admin,
|
||||
// },
|
||||
// BuiltIn: true,
|
||||
// },
|
||||
// {
|
||||
// ORMObjectBase: orm.ORMObjectBase{
|
||||
// ID: "admin_user",
|
||||
// },
|
||||
// Name: "admin_user",
|
||||
// Description: "用户模块管理员",
|
||||
// RoleType: "console",
|
||||
// Permission: rbac.ConsolePermission{
|
||||
// ApiPermission: AdminUser,
|
||||
// },
|
||||
// BuiltIn: true,
|
||||
// },
|
||||
//}
|
||||
|
|
|
@ -147,6 +147,7 @@ func GetRole(id string) (role rbac.Role, err error) {
|
|||
return
|
||||
}
|
||||
func SearchRole(keyword string, from, size int) (roles orm.Result, err error) {
|
||||
|
||||
query := orm.Query{}
|
||||
|
||||
queryDSL := `{"query":{"bool":{"must":[%s]}}, "from": %d,"size": %d}`
|
||||
|
|
|
@ -19,14 +19,14 @@ func init() {
|
|||
account := Account{}
|
||||
api.HandleAPIMethod(api.POST, "/account/login", account.Login)
|
||||
|
||||
//api.HandleAPIMethod(api.GET, "/account/current_user", account.CurrentUser)
|
||||
api.HandleAPIMethod(api.GET, "/account/current_user", account.CurrentUser)
|
||||
|
||||
api.HandleAPIMethod(api.DELETE, "/account/logout", account.Logout)
|
||||
api.HandleAPIMethod(api.GET, "/account/profile", m.LoginRequired(account.Profile))
|
||||
api.HandleAPIMethod(api.PUT, "/account/password", m.LoginRequired(account.UpdatePassword))
|
||||
}
|
||||
|
||||
const userInSession = "user_in_session"
|
||||
const userInSession = "user_session:"
|
||||
|
||||
func (h Account) Login(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
||||
|
||||
|
@ -44,7 +44,7 @@ func (h Account) Login(w http.ResponseWriter, r *http.Request, ps httprouter.Par
|
|||
}
|
||||
data["status"] = "ok"
|
||||
|
||||
api.SetSession(w, r, userInSession, req.Username)
|
||||
//api.SetSession(w, r, userInSession+req.Username, req.Username)
|
||||
h.WriteOKJSON(w, data)
|
||||
}
|
||||
|
||||
|
|
|
@ -7,6 +7,8 @@ import (
|
|||
"infini.sh/console/internal/core"
|
||||
"infini.sh/console/internal/dto"
|
||||
httprouter "infini.sh/framework/core/api/router"
|
||||
"infini.sh/framework/core/elastic"
|
||||
"infini.sh/framework/core/util"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
|
@ -55,15 +57,24 @@ func (h Rbac) SearchRole(w http.ResponseWriter, r *http.Request, ps httprouter.P
|
|||
h.Error(w, err)
|
||||
return
|
||||
}
|
||||
roles := make([]interface{}, 0)
|
||||
for _, role := range enum.BuildRoles {
|
||||
roles = append(roles, role)
|
||||
}
|
||||
for _, v := range res.Result {
|
||||
roles = append(roles, v)
|
||||
response := elastic.SearchResponse{}
|
||||
util.FromJSONBytes(res.Raw, &response)
|
||||
|
||||
list := response.Hits.Hits
|
||||
var index string
|
||||
for _, v := range list {
|
||||
index = v.Index
|
||||
}
|
||||
|
||||
h.WriteOKJSON(w, core.Response{Hit: roles, Total: res.Total + int64(len(enum.BuildRoles))})
|
||||
list = append(list, elastic.IndexDocument{
|
||||
ID: "admin",
|
||||
Index: index,
|
||||
Type: "_doc",
|
||||
Source: enum.BuildRoles["admin"],
|
||||
})
|
||||
response.Hits.Hits = list
|
||||
|
||||
h.WriteOKJSON(w, response)
|
||||
return
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue