floraachy
/
console
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: (rbac) builtin role

This commit is contained in:
xushuhui 2022-04-20 17:36:45 +08:00
parent b8b9765292
commit abad11e3bf
4 changed files with 69 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
internal/biz/enum/const.go
View File

@ -1,9 +1,6 @@
package enum package enum
import ( import "time"
"infini.sh/console/model/rbac"
"infini.sh/framework/core/orm"
)
const CreateUser = "create_user" const CreateUser = "create_user"
const UpdateUser = "update_user" const UpdateUser = "update_user"
@ -36,29 +33,50 @@ const InstanceProxy = "instance_proxy"
var Admin = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser, CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission} var Admin = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser, CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission}
var AdminUser = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser} var AdminUser = []string{CreateUser, UpdateUser, DeleteUser, GetUser, SearchUser}
var AdminRole = []string{CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission} var AdminRole = []string{CreateRole, UpdateRole, DeleteRole, GetRole, SearchRole, ListPermission}
var BuildRoles = []rbac.Role{ var BuildRoles = make(map[string]map[string]interface{}, 0)
{
ORMObjectBase: orm.ORMObjectBase{ func init() {
ID: "admin", BuildRoles["admin"] = map[string]interface{}{
}, "id": "admin",
Name: "admin", "name": "admin",
Description: "管理员", "permission": AdminUser,
RoleType: "console", "builtin": true,
Permission: rbac.ConsolePermission{ "description": "is admin",
ApiPermission: Admin, "created": time.Now(),
}, }
BuiltIn: true,
},
{
ORMObjectBase: orm.ORMObjectBase{
ID: "admin_user",
},
Name: "admin_user",
Description: "用户模块管理员",
RoleType: "console",
Permission: rbac.ConsolePermission{
ApiPermission: AdminUser,
},
BuiltIn: true,
},
} }
// BuildRoles["admin"] = {
// "id":"admin",
// "name":"admin",
//}
//{
// "name":"admin",
// "id":"admin",
//
//},{
//
//}
// {
// "name": "admin",
// Name: "admin",
// Description: "管理员",
// RoleType: "console",
// Permission: rbac.ConsolePermission{
// ApiPermission: Admin,
// },
// BuiltIn: true,
// },
// {
// ORMObjectBase: orm.ORMObjectBase{
// ID: "admin_user",
// },
// Name: "admin_user",
// Description: "用户模块管理员",
// RoleType: "console",
// Permission: rbac.ConsolePermission{
// ApiPermission: AdminUser,
// },
// BuiltIn: true,
// },
//}

1
internal/biz/role.go
View File

@ -147,6 +147,7 @@ func GetRole(id string) (role rbac.Role, err error) {
return return
} }
func SearchRole(keyword string, from, size int) (roles orm.Result, err error) { func SearchRole(keyword string, from, size int) (roles orm.Result, err error) {
query := orm.Query{} query := orm.Query{}
queryDSL := `{"query":{"bool":{"must":[%s]}}, "from": %d,"size": %d}` queryDSL := `{"query":{"bool":{"must":[%s]}}, "from": %d,"size": %d}`

6
plugin/api/account/account.go
View File

@ -19,14 +19,14 @@ func init() {
account := Account{} account := Account{}
api.HandleAPIMethod(api.POST, "/account/login", account.Login) api.HandleAPIMethod(api.POST, "/account/login", account.Login)
//api.HandleAPIMethod(api.GET, "/account/current_user", account.CurrentUser) api.HandleAPIMethod(api.GET, "/account/current_user", account.CurrentUser)
api.HandleAPIMethod(api.DELETE, "/account/logout", account.Logout) api.HandleAPIMethod(api.DELETE, "/account/logout", account.Logout)
api.HandleAPIMethod(api.GET, "/account/profile", m.LoginRequired(account.Profile)) api.HandleAPIMethod(api.GET, "/account/profile", m.LoginRequired(account.Profile))
api.HandleAPIMethod(api.PUT, "/account/password", m.LoginRequired(account.UpdatePassword)) api.HandleAPIMethod(api.PUT, "/account/password", m.LoginRequired(account.UpdatePassword))
} }
const userInSession = "user_in_session" const userInSession = "user_session:"
func (h Account) Login(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { func (h Account) Login(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
@ -44,7 +44,7 @@ func (h Account) Login(w http.ResponseWriter, r *http.Request, ps httprouter.Par
} }
data["status"] = "ok" data["status"] = "ok"
api.SetSession(w, r, userInSession, req.Username) //api.SetSession(w, r, userInSession+req.Username, req.Username)
h.WriteOKJSON(w, data) h.WriteOKJSON(w, data)
} }

25
plugin/api/rbac/role.go
View File

@ -7,6 +7,8 @@ import (
"infini.sh/console/internal/core" "infini.sh/console/internal/core"
"infini.sh/console/internal/dto" "infini.sh/console/internal/dto"
httprouter "infini.sh/framework/core/api/router" httprouter "infini.sh/framework/core/api/router"
"infini.sh/framework/core/elastic"
"infini.sh/framework/core/util"
"net/http" "net/http"
) )
@ -55,15 +57,24 @@ func (h Rbac) SearchRole(w http.ResponseWriter, r *http.Request, ps httprouter.P
h.Error(w, err) h.Error(w, err)
return return
} }
roles := make([]interface{}, 0) response := elastic.SearchResponse{}
for _, role := range enum.BuildRoles { util.FromJSONBytes(res.Raw, &response)
roles = append(roles, role)
} list := response.Hits.Hits
for _, v := range res.Result { var index string
roles = append(roles, v) for _, v := range list {
index = v.Index
} }
h.WriteOKJSON(w, core.Response{Hit: roles, Total: res.Total + int64(len(enum.BuildRoles))}) list = append(list, elastic.IndexDocument{
ID: "admin",
Index: index,
Type: "_doc",
Source: enum.BuildRoles["admin"],
})
response.Hits.Hits = list
h.WriteOKJSON(w, response)
return return
} }