feat: (rbac) builtin role

This commit is contained in:
xushuhui 2022-04-20 17:36:45 +08:00
parent b8b9765292
commit abad11e3bf
4 changed files with 69 additions and 39 deletions

View File

@ -1,9 +1,6 @@
package enum
import (
"infini.sh/console/model/rbac"
"infini.sh/framework/core/orm"
)
import "time"
const CreateUser = "create_user"
const UpdateUser = "update_user"
@ -36,29 +33,50 @@ const InstanceProxy = "instance_proxy"
var Admin = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser, CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission}
var AdminUser = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser}
var AdminRole = []string{CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission}
var BuildRoles = []rbac.Role{
{
ORMObjectBase: orm.ORMObjectBase{
ID: "admin",
},
Name: "admin",
Description: "管理员",
RoleType: "console",
Permission: rbac.ConsolePermission{
ApiPermission: Admin,
},
BuiltIn: true,
},
{
ORMObjectBase: orm.ORMObjectBase{
ID: "admin_user",
},
Name: "admin_user",
Description: "用户模块管理员",
RoleType: "console",
Permission: rbac.ConsolePermission{
ApiPermission: AdminUser,
},
BuiltIn: true,
},
var BuildRoles = make(map[string]map[string]interface{}, 0)
func init() {
BuildRoles["admin"] = map[string]interface{}{
"id": "admin",
"name": "admin",
"permission": AdminUser,
"builtin": true,
"description": "is admin",
"created": time.Now(),
}
}
// BuildRoles["admin"] = {
// "id":"admin",
// "name":"admin",
//}
//{
// "name":"admin",
// "id":"admin",
//
//},{
//
//}
// {
// "name": "admin",
// Name: "admin",
// Description: "管理员",
// RoleType: "console",
// Permission: rbac.ConsolePermission{
// ApiPermission: Admin,
// },
// BuiltIn: true,
// },
// {
// ORMObjectBase: orm.ORMObjectBase{
// ID: "admin_user",
// },
// Name: "admin_user",
// Description: "用户模块管理员",
// RoleType: "console",
// Permission: rbac.ConsolePermission{
// ApiPermission: AdminUser,
// },
// BuiltIn: true,
// },
//}

View File

@ -147,6 +147,7 @@ func GetRole(id string) (role rbac.Role, err error) {
return
}
func SearchRole(keyword string, from, size int) (roles orm.Result, err error) {
query := orm.Query{}
queryDSL := `{"query":{"bool":{"must":[%s]}}, "from": %d,"size": %d}`

View File

@ -19,14 +19,14 @@ func init() {
account := Account{}
api.HandleAPIMethod(api.POST, "/account/login", account.Login)
//api.HandleAPIMethod(api.GET, "/account/current_user", account.CurrentUser)
api.HandleAPIMethod(api.GET, "/account/current_user", account.CurrentUser)
api.HandleAPIMethod(api.DELETE, "/account/logout", account.Logout)
api.HandleAPIMethod(api.GET, "/account/profile", m.LoginRequired(account.Profile))
api.HandleAPIMethod(api.PUT, "/account/password", m.LoginRequired(account.UpdatePassword))
}
const userInSession = "user_in_session"
const userInSession = "user_session:"
func (h Account) Login(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
@ -44,7 +44,7 @@ func (h Account) Login(w http.ResponseWriter, r *http.Request, ps httprouter.Par
}
data["status"] = "ok"
api.SetSession(w, r, userInSession, req.Username)
//api.SetSession(w, r, userInSession+req.Username, req.Username)
h.WriteOKJSON(w, data)
}

View File

@ -7,6 +7,8 @@ import (
"infini.sh/console/internal/core"
"infini.sh/console/internal/dto"
httprouter "infini.sh/framework/core/api/router"
"infini.sh/framework/core/elastic"
"infini.sh/framework/core/util"
"net/http"
)
@ -55,15 +57,24 @@ func (h Rbac) SearchRole(w http.ResponseWriter, r *http.Request, ps httprouter.P
h.Error(w, err)
return
}
roles := make([]interface{}, 0)
for _, role := range enum.BuildRoles {
roles = append(roles, role)
}
for _, v := range res.Result {
roles = append(roles, v)
response := elastic.SearchResponse{}
util.FromJSONBytes(res.Raw, &response)
list := response.Hits.Hits
var index string
for _, v := range list {
index = v.Index
}
h.WriteOKJSON(w, core.Response{Hit: roles, Total: res.Total + int64(len(enum.BuildRoles))})
list = append(list, elastic.IndexDocument{
ID: "admin",
Index: index,
Type: "_doc",
Source: enum.BuildRoles["admin"],
})
response.Hits.Hits = list
h.WriteOKJSON(w, response)
return
}