From cd81b909b5cc9878521bb4ca17becd6070172a02 Mon Sep 17 00:00:00 2001 From: xushuhui Date: Fri, 15 Apr 2022 15:55:47 +0800 Subject: [PATCH] feat: (rbac) create user / update user / get user / update user role --- model/rbac/user.go | 15 ++++-- plugin/api/rbac/biz/role.go | 18 +++---- plugin/api/rbac/biz/user.go | 103 ++++++++++++++++++++++++++++++++++++ plugin/api/rbac/dto/role.go | 25 ++++++++- plugin/api/rbac/init.go | 13 +++-- plugin/api/rbac/role.go | 25 +++++---- plugin/api/rbac/user.go | 95 +++++++++++++++++++++++++++++++++ 7 files changed, 257 insertions(+), 37 deletions(-) create mode 100644 plugin/api/rbac/biz/user.go diff --git a/model/rbac/user.go b/model/rbac/user.go index e6de96fe..d9883043 100644 --- a/model/rbac/user.go +++ b/model/rbac/user.go @@ -4,9 +4,14 @@ import "infini.sh/framework/core/orm" type User struct { orm.ORMObjectBase - Username string `json:"username" elastic_mapping:"username:{type:keyword}"` - Password string `json:"password" elastic_mapping:"password:{type:text}"` - Name string `json:"name" elastic_mapping:"name:{type:keyword}"` - Phone string `json:"phone" elastic_mapping:"phone:{type:keyword}"` - Email string `json:"email" elastic_mapping:"email:{type:keyword}"` + Username string `json:"username" elastic_mapping:"username:{type:keyword}"` + Password string `json:"password" elastic_mapping:"password:{type:text}"` + Name string `json:"name" elastic_mapping:"name:{type:keyword}"` + Phone string `json:"phone" elastic_mapping:"phone:{type:keyword}"` + Email string `json:"email" elastic_mapping:"email:{type:keyword}"` + Roles []UserRole `json:"roles" elastic_mapping:"roles:{type:text}"` +} +type UserRole struct { + Id string `json:"id"` + Name string `json:"name"` } diff --git a/plugin/api/rbac/biz/role.go b/plugin/api/rbac/biz/role.go index 2a3afdb7..56cee3fa 100644 --- a/plugin/api/rbac/biz/role.go +++ b/plugin/api/rbac/biz/role.go @@ -10,12 +10,12 @@ import ( "infini.sh/framework/core/orm" ) -func CreateRole(req dto.CreateRoleReq) (id string, err error) { +func CreateRole(req dto.CreateRole) (id string, err error) { - q := &orm.Query{Size: 1000} + q := orm.Query{Size: 1000} q.Conds = orm.And(orm.Eq("name", req.Name)) - err, result := orm.Search(rbac.Role{}, q) + err, result := orm.Search(rbac.Role{}, &q) if err != nil { return } @@ -34,7 +34,7 @@ func CreateRole(req dto.CreateRoleReq) (id string, err error) { return } func DeleteRole(id string) (err error) { - role := &rbac.Role{} + role := rbac.Role{} role.ID = id _, err = orm.Get(&role) if err != nil { @@ -42,15 +42,8 @@ func DeleteRole(id string) (err error) { } return orm.Delete(role) } -func isExistRole(o interface{}) (err error) { - _, err = orm.Get(o) - if err != nil { - return - } - return -} -func UpdateRole(id string, req dto.UpdateRoleReq) (err error) { +func UpdateRole(id string, req dto.UpdateRole) (err error) { role := rbac.Role{} role.ID = id _, err = orm.Get(&role) @@ -59,6 +52,7 @@ func UpdateRole(id string, req dto.UpdateRoleReq) (err error) { } role.Description = req.Description role.Permission = req.Permission + role.Updated = time.Now() err = orm.Save(role) return } diff --git a/plugin/api/rbac/biz/user.go b/plugin/api/rbac/biz/user.go new file mode 100644 index 00000000..b18b63bd --- /dev/null +++ b/plugin/api/rbac/biz/user.go @@ -0,0 +1,103 @@ +package biz + +import ( + "fmt" + "infini.sh/console/model/rbac" + "infini.sh/console/plugin/api/rbac/dto" + "infini.sh/framework/core/orm" + "infini.sh/framework/core/util" + "time" +) + +func DeleteUser(id string) (err error) { + + user := rbac.User{} + user.ID = id + _, err = orm.Get(&user) + if err != nil { + return + } + return orm.Delete(user) + +} +func CreateUser(req dto.CreateUser) (id string, err error) { + q := orm.Query{Size: 1000} + q.Conds = orm.And(orm.Eq("name", req.Name)) + + err, result := orm.Search(rbac.Role{}, &q) + if err != nil { + return + } + fmt.Println(string(result.Raw)) + roles := make([]rbac.UserRole, 0) + for _, v := range req.Roles { + roles = append(roles, rbac.UserRole{ + Id: v.Id, + Name: v.Name, + }) + } + user := rbac.User{ + Name: req.Name, + Username: req.Username, + Password: util.MD5digest(req.Password), + Email: req.Email, + Phone: req.Phone, + Roles: roles, + } + user.ID = util.GetUUID() + user.Created = time.Now() + user.Updated = time.Now() + err = orm.Save(&user) + if err != nil { + + return + } + return user.ID, nil +} +func UpdateUser(id string, req dto.UpdateUser) (err error) { + user := rbac.User{} + user.ID = id + _, err = orm.Get(&user) + if err != nil { + return + } + user.Name = req.Name + user.Email = req.Email + user.Phone = req.Phone + user.Updated = time.Now() + err = orm.Save(user) + return +} +func UpdateUserRole(id string, req dto.UpdateUserRole) (err error) { + user := rbac.User{} + user.ID = id + _, err = orm.Get(&user) + if err != nil { + return + } + roles := make([]rbac.UserRole, 0) + for _, v := range req.Roles { + roles = append(roles, rbac.UserRole{ + Id: v.Id, + Name: v.Name, + }) + } + user.Roles = roles + user.Updated = time.Now() + err = orm.Save(user) + return + +} +func GetUser(id string) (user rbac.User, err error) { + + user.ID = id + _, err = orm.Get(&user) + if err != nil { + return + } + return + +} +func SearchUser() { + +} diff --git a/plugin/api/rbac/dto/role.go b/plugin/api/rbac/dto/role.go index 3cc4b816..56ecc64b 100644 --- a/plugin/api/rbac/dto/role.go +++ b/plugin/api/rbac/dto/role.go @@ -1,12 +1,12 @@ package dto -type CreateRoleReq struct { +type CreateRole struct { Name string `json:"name"` Description string `json:"description" ` RoleType string `json:"type" ` Permission interface{} `json:"permission"` } -type UpdateRoleReq struct { +type UpdateRole struct { Description string `json:"description" ` Permission interface{} `json:"permission"` } @@ -16,3 +16,24 @@ type ElasticsearchPermission struct { ClusterPrivilege []string `json:"cluster_privilege" ` IndexPrivilege []string `json:"index_privilege" ` } +type CreateUser struct { + Username string `json:"username"` + Password string `json:"password"` + Name string `json:"name"` + Email string `json:"email"` + Phone string `json:"phone"` + Roles []Role `json:"roles"` +} +type Role struct { + Id string `json:"id"` + Name string `json:"name"` +} +type UpdateUser struct { + Name string `json:"name"` + Email string `json:"email"` + Phone string `json:"phone"` + // Roles []Role `json:"roles"` +} +type UpdateUserRole struct { + Roles []Role `json:"roles"` +} diff --git a/plugin/api/rbac/init.go b/plugin/api/rbac/init.go index fde96f46..1caa0507 100644 --- a/plugin/api/rbac/init.go +++ b/plugin/api/rbac/init.go @@ -20,12 +20,15 @@ func registerRouter() { api.HandleAPIMethod(api.GET, "/role/:id", r.GetRole) api.HandleAPIMethod(api.DELETE, "/role/:id", r.DeleteRole) api.HandleAPIMethod(api.PUT, "/role/:id", r.UpdateRole) - api.HandleAPIMethod(api.GET, "/roles/:type", r.ListRole) + api.HandleAPIMethod(api.GET, "/role/_search", r.SearchRole) - api.HandleAPIMethod(api.GET, "/user/:id", r.ListRole) - api.HandleAPIMethod(api.GET, "/users", r.ListRole) - api.HandleAPIMethod(api.DELETE, "/user/:id", r.ListRole) - api.HandleAPIMethod(api.GET, "/users", r.ListRole) + api.HandleAPIMethod(api.POST, "/user", r.CreateUser) + api.HandleAPIMethod(api.GET, "/user/:id", r.GetUser) + api.HandleAPIMethod(api.GET, "/user/search", r.SearchUser) + api.HandleAPIMethod(api.DELETE, "/user/:id", r.DeleteUser) + api.HandleAPIMethod(api.PUT, "/user/:id", r.UpdateUser) + api.HandleAPIMethod(api.PUT, "/user/:id/role", r.UpdateUserRole) + api.HandleAPIMethod(api.GET, "/user/_search", r.SearchUser) } diff --git a/plugin/api/rbac/role.go b/plugin/api/rbac/role.go index c75bd8bf..7e82f70c 100644 --- a/plugin/api/rbac/role.go +++ b/plugin/api/rbac/role.go @@ -17,19 +17,17 @@ func (h Rbac) CreateRole(w http.ResponseWriter, r *http.Request, ps httprouter.P _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) return } - var id string - switch roleType { - case Console: - var req dto.CreateRoleReq - err = h.DecodeJSON(r, &req) - if err != nil { - _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) - return - } - - id, err = biz.CreateRole(req) + var req dto.CreateRole + err = h.DecodeJSON(r, &req) + if err != nil { + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return } + req.RoleType = roleType + + var id string + id, err = biz.CreateRole(req) if err != nil { _ = log.Error(err.Error()) _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) @@ -40,7 +38,7 @@ func (h Rbac) CreateRole(w http.ResponseWriter, r *http.Request, ps httprouter.P } -func (h Rbac) ListRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { +func (h Rbac) SearchRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { roleType := ps.MustGetParameter("type") err := validateRoleType(roleType) @@ -74,11 +72,12 @@ func (h Rbac) DeleteRole(w http.ResponseWriter, r *http.Request, ps httprouter.P return } _ = h.WriteJSON(w, DeleteResponse(id), http.StatusOK) + return } func (h Rbac) UpdateRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { id := ps.MustGetParameter("id") - var req dto.UpdateRoleReq + var req dto.UpdateRole err := h.DecodeJSON(r, &req) if err != nil { _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) diff --git a/plugin/api/rbac/user.go b/plugin/api/rbac/user.go index 8ce97e36..c81fb2a3 100644 --- a/plugin/api/rbac/user.go +++ b/plugin/api/rbac/user.go @@ -1,5 +1,13 @@ package rbac +import ( + "infini.sh/console/plugin/api/rbac/biz" + "infini.sh/console/plugin/api/rbac/dto" + httprouter "infini.sh/framework/core/api/router" + "net/http" + log "src/github.com/cihub/seelog" +) + type CreateUserReq struct { Username string `json:"username" ` Password string `json:"password" ` @@ -7,3 +15,90 @@ type CreateUserReq struct { Phone string `json:"phone" ` Email string `json:"email" ` } + +func (h Rbac) CreateUser(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + + var req dto.CreateUser + err := h.DecodeJSON(r, &req) + if err != nil { + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } + id, err := biz.CreateUser(req) + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } + _ = h.WriteJSON(w, CreateResponse(id), http.StatusOK) + return + +} + +func (h Rbac) GetUser(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + id := ps.MustGetParameter("id") + user, err := biz.GetUser(id) + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } + h.WriteJSON(w, Response{Hit: user}, http.StatusOK) + return +} + +func (h Rbac) UpdateUser(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + id := ps.MustGetParameter("id") + var req dto.UpdateUser + err := h.DecodeJSON(r, &req) + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } + err = biz.UpdateUser(id, req) + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } + _ = h.WriteJSON(w, UpdateResponse(id), http.StatusOK) + return +} + +func (h Rbac) UpdateUserRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + id := ps.MustGetParameter("id") + var req dto.UpdateUserRole + err := h.DecodeJSON(r, &req) + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } + err = biz.UpdateUserRole(id, req) + + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } + _ = h.WriteJSON(w, UpdateResponse(id), http.StatusOK) + return +} + +func (h Rbac) DeleteUser(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + id := ps.MustGetParameter("id") + err := biz.DeleteUser(id) + + if err != nil { + _ = log.Error(err.Error()) + _ = h.WriteError(w, err.Error(), http.StatusInternalServerError) + return + } + _ = h.WriteJSON(w, DeleteResponse(id), http.StatusOK) + return +} + +func (h Rbac) SearchUser(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + +}