guard/internal/logic/permissionservice/check_permission_by_role_lo...

package permissionservicelogic

import (
	"ark-permission/gen_result/pb/permission"
	"ark-permission/internal/domain/usecase"
	"ark-permission/internal/svc"
	ers "code.30cm.net/wanderland/library-go/errors"
	"context"

	"github.com/zeromicro/go-zero/core/logx"
)

type CheckPermissionByRoleLogic struct {
	ctx    context.Context
	svcCtx *svc.ServiceContext
	logx.Logger
}

func NewCheckPermissionByRoleLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CheckPermissionByRoleLogic {
	return &CheckPermissionByRoleLogic{
		ctx:    ctx,
		svcCtx: svcCtx,
		Logger: logx.WithContext(ctx),
	}
}

type checkPermissionReq struct {
	Role   string `json:"role" validate:"required"`
	Method string `json:"method" validate:"required"`
	Path   string `json:"path" validate:"required"`
}

// CheckPermissionByRole 透過角色 ID 來檢視權限
func (l *CheckPermissionByRoleLogic) CheckPermissionByRole(in *permission.CheckPermissionByRoleReq) (*permission.PermissionResp, error) {
	// 驗證所需
	if err := l.svcCtx.Validate.ValidateAll(&checkPermissionReq{
		Role:   in.GetRole(),
		Method: in.GetMethod(),
		Path:   in.GetPath(),
	}); err != nil {
		return nil, ers.InvalidFormat(err.Error())
	}

	rbacPermission, err := l.svcCtx.PolicyAgent.CheckRBACPermission(l.ctx, usecase.CheckReq{
		Roles:  []string{in.GetRole()},
		Method: in.GetMethod(),
		Path:   in.GetPath(),
	})

	if err != nil {
		return nil, ers.Forbidden(err.Error())
	}

	return &permission.PermissionResp{
		Allow:          rbacPermission.Allow,
		PermissionName: rbacPermission.PolicyName,
		PlainCode:      rbacPermission.PlainCode,
	}, nil
}
feat: add opa ut 2024-08-15 08:17:41 +00:00			`package permissionservicelogic`

			`import (`
			`"ark-permission/gen_result/pb/permission"`
feat: fix route 2024-08-18 14:07:14 +00:00			`"ark-permission/internal/domain/usecase"`
feat: add opa ut 2024-08-15 08:17:41 +00:00			`"ark-permission/internal/svc"`
feat: fix route 2024-08-18 14:07:14 +00:00			`ers "code.30cm.net/wanderland/library-go/errors"`
			`"context"`
feat: add opa ut 2024-08-15 08:17:41 +00:00
			`"github.com/zeromicro/go-zero/core/logx"`
			`)`

			`type CheckPermissionByRoleLogic struct {`
			`ctx context.Context`
			`svcCtx *svc.ServiceContext`
			`logx.Logger`
			`}`

			`func NewCheckPermissionByRoleLogic(ctx context.Context, svcCtx svc.ServiceContext) CheckPermissionByRoleLogic {`
			`return &CheckPermissionByRoleLogic{`
			`ctx: ctx,`
			`svcCtx: svcCtx,`
			`Logger: logx.WithContext(ctx),`
			`}`
			`}`

feat: fix route 2024-08-18 14:07:14 +00:00			`type checkPermissionReq struct {`
			Role string `json:"role" validate:"required"`
			Method string `json:"method" validate:"required"`
			Path string `json:"path" validate:"required"`
			`}`

feat: add opa ut 2024-08-15 08:17:41 +00:00			`// CheckPermissionByRole 透過角色 ID 來檢視權限`
			`func (l CheckPermissionByRoleLogic) CheckPermissionByRole(in permission.CheckPermissionByRoleReq) (*permission.PermissionResp, error) {`
feat: fix route 2024-08-18 14:07:14 +00:00			`// 驗證所需`
			`if err := l.svcCtx.Validate.ValidateAll(&checkPermissionReq{`
			`Role: in.GetRole(),`
			`Method: in.GetMethod(),`
			`Path: in.GetPath(),`
			`}); err != nil {`
			`return nil, ers.InvalidFormat(err.Error())`
			`}`

			`rbacPermission, err := l.svcCtx.PolicyAgent.CheckRBACPermission(l.ctx, usecase.CheckReq{`
			`Roles: []string{in.GetRole()},`
			`Method: in.GetMethod(),`
			`Path: in.GetPath(),`
			`})`

			`if err != nil {`
			`return nil, ers.Forbidden(err.Error())`
			`}`
feat: add opa ut 2024-08-15 08:17:41 +00:00
feat: fix route 2024-08-18 14:07:14 +00:00			`return &permission.PermissionResp{`
			`Allow: rbacPermission.Allow,`
			`PermissionName: rbacPermission.PolicyName,`
			`PlainCode: rbacPermission.PlainCode,`
			`}, nil`
feat: add opa ut 2024-08-15 08:17:41 +00:00			`}`