fix: (rbac) role

2022-04-25 10:41:54 +08:00 · 2022-04-25 10:41:54 +08:00 · d09dda93e3
parent 2593d453e9
commit d09dda93e3
4 changed files with 296 additions and 25 deletions
--- a/config/map.json
+++ b/config/map.json
@ -0,0 +1,271 @@
+{
+    "DELETE/_ingest/pipeline/:id": "ingest.delete_pipeline",
+    "DELETE/_scripts/:id": "delete_script",
+    "DELETE/_search/scroll": "clear_scroll",
+    "DELETE/_search/scroll/:scroll_id": "clear_scroll",
+    "DELETE/_snapshot/:repository": "snapshot.delete_repository",
+    "DELETE/_snapshot/:repository/:snapshot": "snapshot.delete",
+    "DELETE/_template/:name": "indices.delete_template",
+    "DELETE/:index": "indices.delete",
+    "DELETE/:index/_alias/:name": "indices.delete_alias",
+    "DELETE/:index/_aliases/:name": "indices.delete_alias",
+    "DELETE/:index/_doc/:id": "delete",
+
+    "GET/": "info",
+    "GET/_alias": "indices.get_alias",
+    "GET/_alias/:name": "indices.get_alias",
+    "GET/_analyze": "indices.analyze",
+    "GET/_cat": "cat.help",
+    "GET/_cat/aliases": "cat.aliases",
+    "GET/_cat/aliases/:name": "cat.aliases",
+    "GET/_cat/allocation": "cat.allocation",
+    "GET/_cat/allocation/:node_id": "cat.allocation",
+    "GET/_cat/count": "cat.count",
+    "GET/_cat/count/:index": "cat.count",
+    "GET/_cat/fielddata": "cat.fielddata",
+    "GET/_cat/fielddata/:fields": "cat.fielddata",
+    "GET/_cat/health": "cat.health",
+    "GET/_cat/indices": "cat.indices",
+    "GET/_cat/indices/:index": "cat.indices",
+    "GET/_cat/master": "cat.master",
+    "GET/_cat/nodeattrs": "cat.nodeattrs",
+    "GET/_cat/nodes": "cat.nodes",
+    "GET/_cat/pending_tasks": "cat.pending_tasks",
+    "GET/_cat/plugins": "cat.plugins",
+    "GET/_cat/recovery": "cat.recovery",
+    "GET/_cat/recovery/:index": "cat.recovery",
+    "GET/_cat/repositories": "cat.repositories",
+    "GET/_cat/segments": "cat.segments",
+    "GET/_cat/segments/:index": "cat.segments",
+    "GET/_cat/shards": "cat.shards",
+    "GET/_cat/shards/:index": "cat.shards",
+    "GET/_cat/snapshots": "cat.snapshots",
+    "GET/_cat/snapshots/:repository": "cat.snapshots",
+    "GET/_cat/tasks": "cat.tasks",
+    "GET/_cat/templates": "cat.templates",
+    "GET/_cat/templates/:name": "cat.templates",
+    "GET/_cat/thread_pool": "cat.thread_pool",
+    "GET/_cat/thread_pool/:thread_pool_patterns": "cat.thread_pool",
+    "GET/_cluster/allocation/explain": "cluster.allocation_explain",
+    "GET/_cluster/health": "cluster.health",
+    "GET/_cluster/health/:index": "cluster.health",
+    "GET/_cluster/nodes/hot_threads": "nodes.hot_threads",
+    "GET/_cluster/nodes/hotthreads": "nodes.hot_threads",
+    "GET/_cluster/nodes/:node_id/hot_threads": "nodes.hot_threads",
+    "GET/_cluster/nodes/:node_id/hotthreads": "nodes.hot_threads",
+    "GET/_cluster/pending_tasks": "cluster.pending_tasks",
+    "GET/_cluster/settings": "cluster.get_settings",
+    "GET/_cluster/state": "cluster.state",
+    "GET/_cluster/state/:metric": "cluster.state",
+    "GET/_cluster/state/:metric/:index": "cluster.state",
+    "GET/_cluster/stats": "cluster.stats",
+    "GET/_cluster/stats/nodes/:node_id": "cluster.stats",
+    "GET/_count": "count",
+    "GET/_field_caps": "field_caps",
+    "GET/_flush": "indices.flush",
+    "GET/_flush/synced": "indices.flush_synced",
+    "GET/_ingest/pipeline": "ingest.get_pipeline",
+    "GET/_ingest/pipeline/_simulate": "ingest.simulate",
+    "GET/_ingest/pipeline/:id": "ingest.get_pipeline",
+    "GET/_ingest/pipeline/:id/_simulate": "ingest.simulate",
+    "GET/_ingest/processor/grok": "ingest.processor_grok",
+    "GET/_mapping": "indices.get_mapping",
+
+    "GET/_mapping/:index": "indices.get_mapping",
+    "GET/_mapping/:index/field/:fields": "indices.get_field_mapping",
+    "GET/_mget": "mget",
+    "GET/_msearch": "msearch",
+    "GET/_msearch/template": "msearch_template",
+    "GET/_mtermvectors": "mtermvectors",
+    "GET/_nodes": "nodes.info",
+    "GET/_nodes/hot_threads": "nodes.hot_threads",
+    "GET/_nodes/hotthreads": "nodes.hot_threads",
+    "GET/_nodes/stats": "nodes.stats",
+    "GET/_nodes/stats/:metric": "nodes.stats",
+    "GET/_nodes/stats/:metric/:index_metric": "nodes.stats",
+    "GET/_nodes/usage": "nodes.usage",
+    "GET/_nodes/usage/:metric": "nodes.usage",
+    "GET/_nodes/:metric": "nodes.info",
+    "GET/_nodes/:node_id": "nodes.info",
+    "GET/_nodes/:node_id/hot_threads": "nodes.hot_threads",
+    "GET/_nodes/:node_id/hotthreads": "nodes.hot_threads",
+    "GET/_nodes/:node_id/stats": "nodes.stats",
+    "GET/_nodes/:node_id/stats/:metric": "nodes.stats",
+    "GET/_nodes/:node_id/stats/:metric/:index_metric": "nodes.stats",
+    "GET/_nodes/:node_id/usage": "nodes.usage",
+    "GET/_nodes/:node_id/usage/:metric": "nodes.usage",
+    "GET/_nodes/:node_id/:metric": "nodes.info",
+    "GET/_rank_eval": "rank_eval",
+    "GET/_recovery": "indices.recovery",
+    "GET/_refresh": "indices.refresh",
+    "GET/_remote/info": "cluster.remote_info",
+    "GET/_render/template": "render_search_template",
+    "GET/_render/template/:id": "render_search_template",
+    "GET/_scripts/painless/_execute": "scripts_painless_execute",
+    "GET/_scripts/:id": "get_script",
+    "GET/_search": "search",
+    "GET/_search/scroll": "scroll",
+    "GET/_search/scroll/:scroll_id": "scroll",
+    "GET/_search/template": "search_template",
+    "GET/_search_shards": "search_shards",
+    "GET/_segments": "indices.segments",
+    "GET/_settings": "indices.get_settings",
+    "GET/_settings/:name": "indices.get_settings",
+    "GET/_shard_stores": "indices.shard_stores",
+    "GET/_snapshot": "snapshot.get_repository",
+    "GET/_snapshot/_status": "snapshot.status",
+    "GET/_snapshot/:repository": "snapshot.get_repository",
+    "GET/_snapshot/:repository/_status": "snapshot.status",
+    "GET/_snapshot/:repository/:snapshot": "snapshot.get",
+    "GET/_snapshot/:repository/:snapshot/_status": "snapshot.status",
+    "GET/_stats": "indices.stats",
+    "GET/_stats/:metric": "indices.stats",
+    "GET/_tasks": "tasks.list",
+    "GET/_tasks/:task_id": "tasks.get",
+    "GET/_template": "indices.get_template",
+    "GET/_template/:name": "indices.get_template",
+    "GET/_upgrade": "indices.get_upgrade",
+    "GET/_validate/query": "indices.validate_query",
+    "GET/:index": "indices.get",
+    "GET/:index/_alias": "indices.get_alias",
+    "GET/:index/_alias/:name": "indices.get_alias",
+    "GET/:index/_analyze": "indices.analyze",
+    "GET/:index/_count": "count",
+    "GET/:index/_doc/:id": "get",
+    "GET/:index/_field_caps": "field_caps",
+    "GET/:index/_flush": "indices.flush",
+    "GET/:index/_flush/synced": "indices.flush_synced",
+    "GET/:index/_mapping": "indices.get_mapping",
+    "GET/:index/_mapping/field/:fields": "indices.get_field_mapping",
+
+    "GET/:index/_mget": "mget",
+    "GET/:index/_msearch": "msearch",
+    "GET/:index/_msearch/template": "msearch_template",
+    "GET/:index/_mtermvectors": "mtermvectors",
+    "GET/:index/_rank_eval": "rank_eval",
+    "GET/:index/_recovery": "indices.recovery",
+    "GET/:index/_refresh": "indices.refresh",
+    "GET/:index/_search": "search",
+    "GET/:index/_search/template": "search_template",
+    "GET/:index/_search_shards": "search_shards",
+    "GET/:index/_segments": "indices.segments",
+    "GET/:index/_settings": "indices.get_settings",
+    "GET/:index/_settings/:name": "indices.get_settings",
+    "GET/:index/_shard_stores": "indices.shard_stores",
+    "GET/:index/_stats": "indices.stats",
+    "GET/:index/_stats/:metric": "indices.stats",
+    "GET/:index/_upgrade": "indices.get_upgrade",
+    "GET/:index/_validate/query": "indices.validate_query",
+
+    "HEAD/": "info",
+    "HEAD/_alias/:name": "indices.exists_alias",
+    "HEAD/_template/:name": "indices.exists_template",
+    "HEAD/:index": "indices.exists",
+    "HEAD/:index/_alias/:name": "indices.exists_alias",
+
+
+    "POST/_aliases": "indices.update_aliases",
+    "POST/_analyze": "indices.analyze",
+    "POST/_bulk": "bulk",
+    "POST/_cache/clear": "indices.clear_cache",
+    "POST/_cluster/allocation/explain": "cluster.allocation_explain",
+    "POST/_cluster/reroute": "cluster.reroute",
+    "POST/_count": "count",
+    "POST/_delete_by_query/:task_id/_rethrottle": "reindex_rethrottle",
+    "POST/_field_caps": "field_caps",
+    "POST/_flush": "indices.flush",
+    "POST/_flush/synced": "indices.flush_synced",
+    "POST/_forcemerge": "indices.forcemerge",
+    "POST/_ingest/pipeline/_simulate": "ingest.simulate",
+    "POST/_ingest/pipeline/:id/_simulate": "ingest.simulate",
+
+    "POST/_mget": "mget",
+    "POST/_msearch": "msearch",
+    "POST/_msearch/template": "msearch_template",
+    "POST/_mtermvectors": "mtermvectors",
+    "POST/_nodes/reload_secure_settings": "nodes.reload_secure_settings",
+    "POST/_nodes/:node_id/reload_secure_settings": "nodes.reload_secure_settings",
+    "POST/_rank_eval": "rank_eval",
+    "POST/_refresh": "indices.refresh",
+    "POST/_reindex": "reindex",
+    "POST/_reindex/:task_id/_rethrottle": "reindex_rethrottle",
+    "POST/_render/template": "render_search_template",
+    "POST/_render/template/:id": "render_search_template",
+    "POST/_scripts/painless/_execute": "scripts_painless_execute",
+    "POST/_scripts/:id": "put_script",
+    "POST/_scripts/:id/:context": "put_script",
+    "POST/_search": "search",
+    "POST/_search/scroll": "scroll",
+    "POST/_search/scroll/:scroll_id": "scroll",
+    "POST/_search/template": "search_template",
+    "POST/_search_shards": "search_shards",
+    "POST/_snapshot/:repository": "snapshot.create_repository",
+    "POST/_snapshot/:repository/_verify": "snapshot.verify_repository",
+    "POST/_snapshot/:repository/:snapshot": "snapshot.create",
+    "POST/_snapshot/:repository/:snapshot/_restore": "snapshot.restore",
+    "POST/_tasks/_cancel": "tasks.cancel",
+    "POST/_tasks/:task_id/_cancel": "tasks.cancel",
+    "POST/_template/:name": "indices.put_template",
+    "POST/_update_by_query/:task_id/_rethrottle": "reindex_rethrottle",
+    "POST/_upgrade": "indices.upgrade",
+    "POST/_validate/query": "indices.validate_query",
+    "POST/:alias/_rollover": "indices.rollover",
+    "POST/:alias/_rollover/:new_index": "indices.rollover",
+    "POST/:index/_alias/:name": "indices.put_alias",
+    "POST/:index/_aliases/:name": "indices.put_alias",
+    "POST/:index/_analyze": "indices.analyze",
+    "POST/:index/_bulk": "bulk",
+    "POST/:index/_cache/clear": "indices.clear_cache",
+    "POST/:index/_close": "indices.close",
+    "POST/:index/_count": "count",
+    "POST/:index/_delete_by_query": "delete_by_query",
+    "POST/:index/_doc": "index",
+    "POST/:index/_doc/:id": "index",
+    "POST/:index/_doc/:id/_update": "update",
+    "POST/:index/_field_caps": "field_caps",
+    "POST/:index/_flush": "indices.flush",
+    "POST/:index/_flush/synced": "indices.flush_synced",
+    "POST/:index/_forcemerge": "indices.forcemerge",
+
+    "POST/:index/_mget": "mget",
+    "POST/:index/_msearch": "msearch",
+    "POST/:index/_msearch/template": "msearch_template",
+    "POST/:index/_mtermvectors": "mtermvectors",
+    "POST/:index/_open": "indices.open",
+    "POST/:index/_rank_eval": "rank_eval",
+    "POST/:index/_refresh": "indices.refresh",
+    "POST/:index/_search": "search",
+    "POST/:index/_search/template": "search_template",
+    "POST/:index/_search_shards": "search_shards",
+    "POST/:index/_shrink/:target": "indices.shrink",
+    "POST/:index/_split/:target": "indices.split",
+    "POST/:index/_update_by_query": "update_by_query",
+    "POST/:index/_upgrade": "indices.upgrade",
+    "POST/:index/_validate/query": "indices.validate_query",
+
+    "POST:index/_mapping": "indices.put_mapping",
+    "POST:index/_mappings": "indices.put_mapping",
+    "PUT/_bulk": "bulk",
+    "PUT/_cluster/settings": "cluster.put_settings",
+    "PUT/_ingest/pipeline/:id": "ingest.put_pipeline",
+
+    "PUT/_scripts/:id": "put_script",
+    "PUT/_scripts/:id/:context": "put_script",
+    "PUT/_settings": "indices.put_settings",
+    "PUT/_snapshot/:repository": "snapshot.create_repository",
+    "PUT/_snapshot/:repository/:snapshot": "snapshot.create",
+    "PUT/_template/:name": "indices.put_template",
+    "PUT/:index": "indices.create",
+    "PUT/:index/_alias/:name": "indices.put_alias",
+    "PUT/:index/_aliases/:name": "indices.put_alias",
+    "PUT/:index/_bulk": "bulk",
+    "PUT/:index/_doc": "index",
+    "PUT/:index/_doc/:id": "index",
+
+    "PUT/:index/_settings": "indices.put_settings",
+    "PUT/:index/_shrink/:target": "indices.shrink",
+    "PUT/:index/_split/:target": "indices.split",
+
+    "PUT:index/_mapping": "indices.put_mapping",
+    "PUT:index/_mappings": "indices.put_mapping"
+}
--- a/main.go
+++ b/main.go
@ -9,6 +9,7 @@ import (
 	"infini.sh/console/model/gateway"
 	"infini.sh/console/model/rbac"
 	_ "infini.sh/console/plugin"
+	rbacApi "infini.sh/console/plugin/api/rbac"
 	alerting2 "infini.sh/console/service/alerting"
 	"infini.sh/framework"
 	"infini.sh/framework/core/elastic"
@ -52,7 +53,7 @@ func main() {
 	terminalFooter := ""

 	app := framework.NewApp("console", "INFINI Cloud Console, The easiest way to operate your own elasticsearch platform.",
-		config.Version,config.BuildNumber, config.LastCommitLog, config.BuildDate, config.EOLDate, terminalHeader, terminalFooter)
+		config.Version, config.BuildNumber, config.LastCommitLog, config.BuildDate, config.EOLDate, terminalHeader, terminalFooter)

 	app.Init(nil)
 	defer app.Shutdown()
@ -61,11 +62,10 @@ func main() {

 	if app.Setup(func() {
 		err := bootstrapRequirementCheck()
-		if err !=nil{
+		if err != nil {
 			panic(err)
 		}

-
 		//load core modules first
 		module.RegisterSystemModule(&elastic2.ElasticModule{})
 		module.RegisterSystemModule(&filter.FilterModule{})
@ -120,7 +120,6 @@ func main() {

 		module.Start()

-
 		orm.RegisterSchemaWithIndexName(model.Dict{}, "dict")
 		orm.RegisterSchemaWithIndexName(model.Reindex{}, "reindex")
 		orm.RegisterSchemaWithIndexName(elastic.View{}, "view")
@ -139,7 +138,9 @@ func main() {
 			if err != nil {
 				log.Errorf("init alerting task error: %v", err)
 			}
+			rbacApi.Init()
 		}()
+
 	}, nil) {
 		app.Run()
 	}
--- a/plugin/api/rbac/api.go
+++ b/plugin/api/rbac/api.go
@ -15,7 +15,7 @@ type Rbac struct {
 	api.Handler
 }

-func registerRouter() {
+func init() {
 	r := Rbac{}
 	api.HandleAPIMethod(api.GET, "/permission/:type", r.ListPermission)
 	api.HandleAPIMethod(api.POST, "/role/:type", m.PermissionRequired(r.CreateRole, enum.RoleAll...))
@ -49,16 +49,16 @@ func loadJsonConfig() {
 	biz.IndexApis = apis["indices"]
 	delete(apis, "indices")
 	biz.ClusterApis = apis
-	bytes, err = util.FileGetContent(path.Join(pwd, "/config/map.json"))
-	if err != nil {
-		panic("load json file err " + err.Error())
-
-	}
-
-	err = json.Unmarshal(bytes, &biz.EsApiMap)
-	if err != nil {
-		panic("json config unmarshal err " + err.Error())
-	}
+	//bytes, err = util.FileGetContent(path.Join(pwd, "/config/map.json"))
+	//if err != nil {
+	//	panic("load json file err " + err.Error())
+	//
+	//}
+	//
+	//err = json.Unmarshal(bytes, &biz.EsApiMap)
+	//if err != nil {
+	//	panic("json config unmarshal err " + err.Error())
+	//}

 }
 func loadRolePermission() {
@ -67,11 +67,9 @@ func loadRolePermission() {
 	biz.RolePermission["admin"] = enum.Admin

 }
-func init() {
-	registerRouter()
+func Init() {
 	loadJsonConfig()
 	loadRolePermission()
-
 }

 func existInternalUser() {
--- a/plugin/api/rbac/role.go
+++ b/plugin/api/rbac/role.go
@ -120,6 +120,12 @@ func (h Rbac) DeleteRole(w http.ResponseWriter, r *http.Request, ps httprouter.P

 func (h Rbac) UpdateRole(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	id := ps.MustGetParameter("id")
+	localUser, err := biz.FromUserContext(r.Context())
+	if err != nil {
+		log.Error(err.Error())
+		h.Error(w, err)
+		return
+	}
 	model, err := biz.GetRole(id)
 	if err != nil {
 		h.Error(w, err)
@ -136,13 +142,8 @@ func (h Rbac) UpdateRole(w http.ResponseWriter, r *http.Request, ps httprouter.P
 		h.Error400(w, err.Error())
 		return
 	}
-	localUser, err := biz.FromUserContext(r.Context())
-	if err != nil {
-		log.Error(err.Error())
-		h.Error(w, err)
-		return
-	}
-	err = irole.Update(localUser, id)
+
+	err = irole.Update(localUser, model)

 	if err != nil {
 		_ = log.Error(err.Error())