diff --git a/client/permissionservice/permission_service.go b/client/permissionservice/permission_service.go index fdae9cb..c16de6d 100644 --- a/client/permissionservice/permission_service.go +++ b/client/permissionservice/permission_service.go @@ -13,24 +13,40 @@ import ( ) type ( - AuthorizationReq = permission.AuthorizationReq - CancelOneTimeTokenReq = permission.CancelOneTimeTokenReq - CancelTokenReq = permission.CancelTokenReq - CreateOneTimeTokenReq = permission.CreateOneTimeTokenReq - CreateOneTimeTokenResp = permission.CreateOneTimeTokenResp - DoTokenByDeviceIDReq = permission.DoTokenByDeviceIDReq - DoTokenByUIDReq = permission.DoTokenByUIDReq - OKResp = permission.OKResp - QueryTokenByUIDReq = permission.QueryTokenByUIDReq - RefreshTokenReq = permission.RefreshTokenReq - RefreshTokenResp = permission.RefreshTokenResp - Token = permission.Token - TokenResp = permission.TokenResp - Tokens = permission.Tokens - ValidationTokenReq = permission.ValidationTokenReq - ValidationTokenResp = permission.ValidationTokenResp + AuthorizationReq = permission.AuthorizationReq + CancelOneTimeTokenReq = permission.CancelOneTimeTokenReq + CancelTokenReq = permission.CancelTokenReq + CheckPermissionByRoleReq = permission.CheckPermissionByRoleReq + CreateOneTimeTokenReq = permission.CreateOneTimeTokenReq + CreateOneTimeTokenResp = permission.CreateOneTimeTokenResp + DoTokenByDeviceIDReq = permission.DoTokenByDeviceIDReq + DoTokenByUIDReq = permission.DoTokenByUIDReq + GetPermissionStatusByPathReq = permission.GetPermissionStatusByPathReq + ListPermissionResp = permission.ListPermissionResp + ListPermissionStatusResp = permission.ListPermissionStatusResp + NoneReq = permission.NoneReq + OKResp = permission.OKResp + PermissionItem = permission.PermissionItem + PermissionResp = permission.PermissionResp + PermissionStatusItem = permission.PermissionStatusItem + QueryTokenByUIDReq = permission.QueryTokenByUIDReq + RefreshTokenReq = permission.RefreshTokenReq + RefreshTokenResp = permission.RefreshTokenResp + Token = permission.Token + TokenResp = permission.TokenResp + Tokens = permission.Tokens + ValidationTokenReq = permission.ValidationTokenReq + ValidationTokenResp = permission.ValidationTokenResp PermissionService interface { + // ListPermissionStatus 取得狀態 + ListPermissionStatus(ctx context.Context, in *NoneReq, opts ...grpc.CallOption) (*ListPermissionStatusResp, error) + // ListPermission 取得完整權限 + ListPermission(ctx context.Context, in *NoneReq, opts ...grpc.CallOption) (*ListPermissionResp, error) + // CheckPermissionByRole 透過角色 ID 來檢視權限 + CheckPermissionByRole(ctx context.Context, in *CheckPermissionByRoleReq, opts ...grpc.CallOption) (*PermissionResp, error) + // GetPermissionStatusByPath 透過資源拿取角色的狀態 + GetPermissionStatusByPath(ctx context.Context, in *GetPermissionStatusByPathReq, opts ...grpc.CallOption) (*PermissionStatusItem, error) } defaultPermissionService struct { @@ -43,3 +59,27 @@ func NewPermissionService(cli zrpc.Client) PermissionService { cli: cli, } } + +// ListPermissionStatus 取得狀態 +func (m *defaultPermissionService) ListPermissionStatus(ctx context.Context, in *NoneReq, opts ...grpc.CallOption) (*ListPermissionStatusResp, error) { + client := permission.NewPermissionServiceClient(m.cli.Conn()) + return client.ListPermissionStatus(ctx, in, opts...) +} + +// ListPermission 取得完整權限 +func (m *defaultPermissionService) ListPermission(ctx context.Context, in *NoneReq, opts ...grpc.CallOption) (*ListPermissionResp, error) { + client := permission.NewPermissionServiceClient(m.cli.Conn()) + return client.ListPermission(ctx, in, opts...) +} + +// CheckPermissionByRole 透過角色 ID 來檢視權限 +func (m *defaultPermissionService) CheckPermissionByRole(ctx context.Context, in *CheckPermissionByRoleReq, opts ...grpc.CallOption) (*PermissionResp, error) { + client := permission.NewPermissionServiceClient(m.cli.Conn()) + return client.CheckPermissionByRole(ctx, in, opts...) +} + +// GetPermissionStatusByPath 透過資源拿取角色的狀態 +func (m *defaultPermissionService) GetPermissionStatusByPath(ctx context.Context, in *GetPermissionStatusByPathReq, opts ...grpc.CallOption) (*PermissionStatusItem, error) { + client := permission.NewPermissionServiceClient(m.cli.Conn()) + return client.GetPermissionStatusByPath(ctx, in, opts...) +} diff --git a/client/roleservice/role_service.go b/client/roleservice/role_service.go index 8d7e2e2..9c4ea68 100644 --- a/client/roleservice/role_service.go +++ b/client/roleservice/role_service.go @@ -13,22 +13,30 @@ import ( ) type ( - AuthorizationReq = permission.AuthorizationReq - CancelOneTimeTokenReq = permission.CancelOneTimeTokenReq - CancelTokenReq = permission.CancelTokenReq - CreateOneTimeTokenReq = permission.CreateOneTimeTokenReq - CreateOneTimeTokenResp = permission.CreateOneTimeTokenResp - DoTokenByDeviceIDReq = permission.DoTokenByDeviceIDReq - DoTokenByUIDReq = permission.DoTokenByUIDReq - OKResp = permission.OKResp - QueryTokenByUIDReq = permission.QueryTokenByUIDReq - RefreshTokenReq = permission.RefreshTokenReq - RefreshTokenResp = permission.RefreshTokenResp - Token = permission.Token - TokenResp = permission.TokenResp - Tokens = permission.Tokens - ValidationTokenReq = permission.ValidationTokenReq - ValidationTokenResp = permission.ValidationTokenResp + AuthorizationReq = permission.AuthorizationReq + CancelOneTimeTokenReq = permission.CancelOneTimeTokenReq + CancelTokenReq = permission.CancelTokenReq + CheckPermissionByRoleReq = permission.CheckPermissionByRoleReq + CreateOneTimeTokenReq = permission.CreateOneTimeTokenReq + CreateOneTimeTokenResp = permission.CreateOneTimeTokenResp + DoTokenByDeviceIDReq = permission.DoTokenByDeviceIDReq + DoTokenByUIDReq = permission.DoTokenByUIDReq + GetPermissionStatusByPathReq = permission.GetPermissionStatusByPathReq + ListPermissionResp = permission.ListPermissionResp + ListPermissionStatusResp = permission.ListPermissionStatusResp + NoneReq = permission.NoneReq + OKResp = permission.OKResp + PermissionItem = permission.PermissionItem + PermissionResp = permission.PermissionResp + PermissionStatusItem = permission.PermissionStatusItem + QueryTokenByUIDReq = permission.QueryTokenByUIDReq + RefreshTokenReq = permission.RefreshTokenReq + RefreshTokenResp = permission.RefreshTokenResp + Token = permission.Token + TokenResp = permission.TokenResp + Tokens = permission.Tokens + ValidationTokenReq = permission.ValidationTokenReq + ValidationTokenResp = permission.ValidationTokenResp RoleService interface { Ping(ctx context.Context, in *OKResp, opts ...grpc.CallOption) (*OKResp, error) diff --git a/client/tokenservice/token_service.go b/client/tokenservice/token_service.go index 617dc38..f4d2b44 100644 --- a/client/tokenservice/token_service.go +++ b/client/tokenservice/token_service.go @@ -13,22 +13,30 @@ import ( ) type ( - AuthorizationReq = permission.AuthorizationReq - CancelOneTimeTokenReq = permission.CancelOneTimeTokenReq - CancelTokenReq = permission.CancelTokenReq - CreateOneTimeTokenReq = permission.CreateOneTimeTokenReq - CreateOneTimeTokenResp = permission.CreateOneTimeTokenResp - DoTokenByDeviceIDReq = permission.DoTokenByDeviceIDReq - DoTokenByUIDReq = permission.DoTokenByUIDReq - OKResp = permission.OKResp - QueryTokenByUIDReq = permission.QueryTokenByUIDReq - RefreshTokenReq = permission.RefreshTokenReq - RefreshTokenResp = permission.RefreshTokenResp - Token = permission.Token - TokenResp = permission.TokenResp - Tokens = permission.Tokens - ValidationTokenReq = permission.ValidationTokenReq - ValidationTokenResp = permission.ValidationTokenResp + AuthorizationReq = permission.AuthorizationReq + CancelOneTimeTokenReq = permission.CancelOneTimeTokenReq + CancelTokenReq = permission.CancelTokenReq + CheckPermissionByRoleReq = permission.CheckPermissionByRoleReq + CreateOneTimeTokenReq = permission.CreateOneTimeTokenReq + CreateOneTimeTokenResp = permission.CreateOneTimeTokenResp + DoTokenByDeviceIDReq = permission.DoTokenByDeviceIDReq + DoTokenByUIDReq = permission.DoTokenByUIDReq + GetPermissionStatusByPathReq = permission.GetPermissionStatusByPathReq + ListPermissionResp = permission.ListPermissionResp + ListPermissionStatusResp = permission.ListPermissionStatusResp + NoneReq = permission.NoneReq + OKResp = permission.OKResp + PermissionItem = permission.PermissionItem + PermissionResp = permission.PermissionResp + PermissionStatusItem = permission.PermissionStatusItem + QueryTokenByUIDReq = permission.QueryTokenByUIDReq + RefreshTokenReq = permission.RefreshTokenReq + RefreshTokenResp = permission.RefreshTokenResp + Token = permission.Token + TokenResp = permission.TokenResp + Tokens = permission.Tokens + ValidationTokenReq = permission.ValidationTokenReq + ValidationTokenResp = permission.ValidationTokenResp TokenService interface { // NewToken 建立一個新的 Token,例如:AccessToken diff --git a/etc/permission_example.yaml b/etc/permission_example.yaml index b1f1d42..6c0cd54 100644 --- a/etc/permission_example.yaml +++ b/etc/permission_example.yaml @@ -2,7 +2,7 @@ Name: permission.rpc ListenOn: 0.0.0.0:8080 Etcd: Hosts: - - 127.0.0.1:2379 + - 127.0.0.1:2379 Key: permission.rpc RedisCluster: @@ -10,6 +10,6 @@ RedisCluster: Type: cluster Token: - Expired: 300 - RefreshExpires: 86500 + Expired: 300s + RefreshExpires: 86500s Secret: gg88g88 \ No newline at end of file diff --git a/generate/protobuf/permission.proto b/generate/protobuf/permission.proto index e6ed508..e010a23 100644 --- a/generate/protobuf/permission.proto +++ b/generate/protobuf/permission.proto @@ -6,6 +6,8 @@ option go_package="./permission"; // OKResp message OKResp {} +// NoneReq +message NoneReq {} // AuthorizationReq 定義授權請求的結構 message AuthorizationReq { @@ -156,8 +158,72 @@ service TokenService { } +// -------------------------------------------------------------------------------- +enum PermissionStatus { + PERMISSION_STATUS_NONE = 0; // 初始(異常) + PERMISSION_STATUS_OPEN = 1; + PERMISSION_STATUS_CLOSE = 2; +} + + +message PermissionStatusItem { + int64 id =1; + int64 parent_id =2; + string name =3; + PermissionStatus status = 4; + bool approval = 5; +} + +message ListPermissionStatusResp { + repeated PermissionStatusItem data = 1; +} + + +message PermissionItem{ + int64 id = 1; + string name = 2; + string http_method = 3; + string http_path = 4; + optional PermissionItem parent= 5; + repeated PermissionItem children =6; + repeated int64 path_ids=7; +} + +message ListPermissionResp { + repeated PermissionItem data = 1; +} + +message CheckPermissionByRoleReq { + string role = 1; + string path = 2; + string method = 3; +} + +message PermissionResp { + bool allow = 1; + string permission_name =2; + bool plain_code =3; +} + +message GetPermissionStatusByPathReq { + string path = 2; + string method = 3; +} + +service PermissionService { + // ListPermissionStatus 取得狀態 + rpc ListPermissionStatus(NoneReq)returns(ListPermissionStatusResp); + // ListPermission 取得完整權限 + rpc ListPermission(NoneReq)returns(ListPermissionResp); + // CheckPermissionByRole 透過角色 ID 來檢視權限 + rpc CheckPermissionByRole(CheckPermissionByRoleReq)returns(PermissionResp); + // GetPermissionStatusByPath 透過資源拿取角色的狀態 + rpc GetPermissionStatusByPath(GetPermissionStatusByPathReq)returns(PermissionStatusItem); +} + + + service RoleService { rpc Ping(OKResp) returns(OKResp); } -service PermissionService {} \ No newline at end of file diff --git a/go.mod b/go.mod index 25a35bc..09ac137 100644 --- a/go.mod +++ b/go.mod @@ -7,6 +7,10 @@ require ( github.com/go-playground/validator/v10 v10.22.0 github.com/golang-jwt/jwt/v4 v4.5.0 github.com/google/uuid v1.6.0 + github.com/mitchellh/mapstructure v1.5.0 + github.com/open-policy-agent/opa v0.67.1 + github.com/pkg/errors v0.9.1 + github.com/stretchr/testify v1.9.0 github.com/zeromicro/go-zero v1.7.0 go.uber.org/mock v0.4.0 google.golang.org/grpc v1.65.0 @@ -14,16 +18,19 @@ require ( ) require ( + github.com/OneOfOne/xxhash v1.2.8 // indirect + github.com/agnivade/levenshtein v1.1.1 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/coreos/go-semver v0.3.1 // indirect github.com/coreos/go-systemd/v22 v22.5.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/fatih/color v1.17.0 // indirect github.com/gabriel-vasile/mimetype v1.4.3 // indirect + github.com/go-ini/ini v1.67.0 // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect @@ -31,12 +38,14 @@ require ( github.com/go-openapi/swag v0.22.4 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect + github.com/gobwas/glob v0.2.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/mock v1.6.0 // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect + github.com/gorilla/mux v1.8.1 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect @@ -49,25 +58,32 @@ require ( github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/openzipkin/zipkin-go v0.4.3 // indirect github.com/pelletier/go-toml/v2 v2.2.2 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_golang v1.19.1 // indirect - github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/client_model v0.6.1 // indirect github.com/prometheus/common v0.48.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect + github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect github.com/redis/go-redis/v9 v9.6.1 // indirect + github.com/sirupsen/logrus v1.9.3 // indirect github.com/spaolacci/murmur3 v1.1.0 // indirect + github.com/tchap/go-patricia/v2 v2.3.1 // indirect + github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect + github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect + github.com/yashtewari/glob-intersection v0.2.0 // indirect go.etcd.io/etcd/api/v3 v3.5.15 // indirect go.etcd.io/etcd/client/pkg/v3 v3.5.15 // indirect go.etcd.io/etcd/client/v3 v3.5.15 // indirect - go.opentelemetry.io/otel v1.24.0 // indirect + go.opentelemetry.io/otel v1.28.0 // indirect go.opentelemetry.io/otel/exporters/jaeger v1.17.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 // indirect go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.24.0 // indirect go.opentelemetry.io/otel/exporters/zipkin v1.24.0 // indirect - go.opentelemetry.io/otel/metric v1.24.0 // indirect - go.opentelemetry.io/otel/sdk v1.24.0 // indirect - go.opentelemetry.io/otel/trace v1.24.0 // indirect + go.opentelemetry.io/otel/metric v1.28.0 // indirect + go.opentelemetry.io/otel/sdk v1.28.0 // indirect + go.opentelemetry.io/otel/trace v1.28.0 // indirect go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.uber.org/atomic v1.10.0 // indirect go.uber.org/automaxprocs v1.5.3 // indirect @@ -93,5 +109,5 @@ require ( k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/internal/domain/errors.go b/internal/domain/errors.go index 3182133..ce620d3 100644 --- a/internal/domain/errors.go +++ b/internal/domain/errors.go @@ -13,6 +13,7 @@ import ( // full code 12009 只會有 系統以及錯誤碼,category 是給系統判定用的 // 目前 Scope 以及分類要系統共用,係向的錯誤各自服務實作就好 +// token error 方面 const ( TokenUnexpectedSigningErrorCode = iota + 1 TokenValidateErrorCode @@ -25,6 +26,11 @@ const ( RedisErrorCode ) +const ( + PermissionNotFoundCode = iota + 30 + PermissionGetDataErrorCode +) + // TokenUnexpectedSigningErr 30001 Token 簽名錯誤 func TokenUnexpectedSigningErr(msg string) *ers.Err { mts.AppErrorMetrics.AddFailure("token", "token_unexpected_sign") @@ -63,3 +69,15 @@ func RedisError(msg string) *ers.Err { mts.AppErrorMetrics.AddFailure("redis", "error") return ers.NewErr(code.CloudEPPermission, code.CatInput, RedisErrorCode, msg) } + +// PermissionNotFoundError 30030 權限錯誤 +func PermissionNotFoundError(msg string) *ers.Err { + // 看需要建立哪些 Metrics + return ers.NewErr(code.CloudEPPermission, code.Forbidden, PermissionNotFoundCode, msg) +} + +// PermissionGetDataError 30031 解析權限時錯誤 +func PermissionGetDataError(msg string) *ers.Err { + // 看需要建立哪些 Metrics + return ers.NewErr(code.CloudEPPermission, code.InvalidFormat, PermissionGetDataErrorCode, msg) +} diff --git a/internal/domain/permission.go b/internal/domain/permission.go new file mode 100644 index 0000000..02f1eb4 --- /dev/null +++ b/internal/domain/permission.go @@ -0,0 +1,8 @@ +package domain + +type PermissionType int8 + +const ( + PermissionTypeBackendUser PermissionType = iota + 1 + PermissionTypeFrontendUser +) diff --git a/internal/domain/usecase/opa.go b/internal/domain/usecase/opa.go new file mode 100644 index 0000000..34c0e72 --- /dev/null +++ b/internal/domain/usecase/opa.go @@ -0,0 +1,45 @@ +package usecase + +import ( + "context" +) + +type OpaUseCase interface { + // CheckRBACPermission 確認有無權限 + CheckRBACPermission(ctx context.Context, req CheckReq) (CheckOPAResp, error) + // LoadPolicy 將 Policy 從其他地方加載到 opa 的 policy 當中 + LoadPolicy(ctx context.Context, input []Policy) error + GetPolicy(ctx context.Context) []map[string]any +} + +type CheckReq struct { + ID string + Roles []string + Path string + Method string +} + +type Grant struct { + ID string + Path string + Method string +} + +type Policy struct { + Methods []string `json:"methods"` + Name string `json:"name"` + Path string `json:"path"` + Role string `json:"role"` +} + +type RuleRequest struct { + Method string `json:"method"` + Path string `json:"path"` + Policies []Policy `json:"policies"` + Roles []string `json:"roles"` +} + +type CheckOPAResp struct { + Allow bool `json:"allow"` + Request RuleRequest `json:"request"` +} diff --git a/internal/entity/permission.go b/internal/entity/permission.go new file mode 100644 index 0000000..7268b4c --- /dev/null +++ b/internal/entity/permission.go @@ -0,0 +1,22 @@ +package entity + +import "ark-permission/internal/domain" + +type Permission struct { + ID int64 `gorm:"column:id"` + Parent int64 `gorm:"column:parent"` + + Name string `gorm:"column:name"` + + HTTPMethod string `gorm:"column:http_method"` + HTTPPath string `gorm:"column:http_path"` + + Status int `gorm:"column:status"` + Type domain.PermissionType `gorm:"column:type"` + CreateTime int64 `gorm:"column:create_time;autoCreateTime"` + UpdateTime int64 `gorm:"column:update_time;autoUpdateTime"` +} + +func (c *Permission) TableName() string { + return "permission" +} diff --git a/internal/lib/middleware/with_context.go b/internal/lib/middleware/with_context.go index df06757..3189821 100644 --- a/internal/lib/middleware/with_context.go +++ b/internal/lib/middleware/with_context.go @@ -1,7 +1,7 @@ package middleware import ( - ers "ark-permission/internal/lib/error" + ers "code.30cm.net/wanderland/library-go/errors" "context" "errors" "time" diff --git a/internal/logic/permissionservice/check_permission_by_role_logic.go b/internal/logic/permissionservice/check_permission_by_role_logic.go new file mode 100644 index 0000000..288ceef --- /dev/null +++ b/internal/logic/permissionservice/check_permission_by_role_logic.go @@ -0,0 +1,31 @@ +package permissionservicelogic + +import ( + "context" + + "ark-permission/gen_result/pb/permission" + "ark-permission/internal/svc" + + "github.com/zeromicro/go-zero/core/logx" +) + +type CheckPermissionByRoleLogic struct { + ctx context.Context + svcCtx *svc.ServiceContext + logx.Logger +} + +func NewCheckPermissionByRoleLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CheckPermissionByRoleLogic { + return &CheckPermissionByRoleLogic{ + ctx: ctx, + svcCtx: svcCtx, + Logger: logx.WithContext(ctx), + } +} + +// CheckPermissionByRole 透過角色 ID 來檢視權限 +func (l *CheckPermissionByRoleLogic) CheckPermissionByRole(in *permission.CheckPermissionByRoleReq) (*permission.PermissionResp, error) { + // todo: add your logic here and delete this line + + return &permission.PermissionResp{}, nil +} diff --git a/internal/logic/permissionservice/get_permission_status_by_path_logic.go b/internal/logic/permissionservice/get_permission_status_by_path_logic.go new file mode 100644 index 0000000..7eecf8d --- /dev/null +++ b/internal/logic/permissionservice/get_permission_status_by_path_logic.go @@ -0,0 +1,31 @@ +package permissionservicelogic + +import ( + "context" + + "ark-permission/gen_result/pb/permission" + "ark-permission/internal/svc" + + "github.com/zeromicro/go-zero/core/logx" +) + +type GetPermissionStatusByPathLogic struct { + ctx context.Context + svcCtx *svc.ServiceContext + logx.Logger +} + +func NewGetPermissionStatusByPathLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetPermissionStatusByPathLogic { + return &GetPermissionStatusByPathLogic{ + ctx: ctx, + svcCtx: svcCtx, + Logger: logx.WithContext(ctx), + } +} + +// GetPermissionStatusByPath 透過資源拿取角色的狀態 +func (l *GetPermissionStatusByPathLogic) GetPermissionStatusByPath(in *permission.GetPermissionStatusByPathReq) (*permission.PermissionStatusItem, error) { + // todo: add your logic here and delete this line + + return &permission.PermissionStatusItem{}, nil +} diff --git a/internal/logic/permissionservice/list_permission_logic.go b/internal/logic/permissionservice/list_permission_logic.go new file mode 100644 index 0000000..a5011da --- /dev/null +++ b/internal/logic/permissionservice/list_permission_logic.go @@ -0,0 +1,31 @@ +package permissionservicelogic + +import ( + "context" + + "ark-permission/gen_result/pb/permission" + "ark-permission/internal/svc" + + "github.com/zeromicro/go-zero/core/logx" +) + +type ListPermissionLogic struct { + ctx context.Context + svcCtx *svc.ServiceContext + logx.Logger +} + +func NewListPermissionLogic(ctx context.Context, svcCtx *svc.ServiceContext) *ListPermissionLogic { + return &ListPermissionLogic{ + ctx: ctx, + svcCtx: svcCtx, + Logger: logx.WithContext(ctx), + } +} + +// ListPermission 取得完整權限 +func (l *ListPermissionLogic) ListPermission(in *permission.NoneReq) (*permission.ListPermissionResp, error) { + // todo: add your logic here and delete this line + + return &permission.ListPermissionResp{}, nil +} diff --git a/internal/logic/permissionservice/list_permission_status_logic.go b/internal/logic/permissionservice/list_permission_status_logic.go new file mode 100644 index 0000000..ff1e1b6 --- /dev/null +++ b/internal/logic/permissionservice/list_permission_status_logic.go @@ -0,0 +1,31 @@ +package permissionservicelogic + +import ( + "context" + + "ark-permission/gen_result/pb/permission" + "ark-permission/internal/svc" + + "github.com/zeromicro/go-zero/core/logx" +) + +type ListPermissionStatusLogic struct { + ctx context.Context + svcCtx *svc.ServiceContext + logx.Logger +} + +func NewListPermissionStatusLogic(ctx context.Context, svcCtx *svc.ServiceContext) *ListPermissionStatusLogic { + return &ListPermissionStatusLogic{ + ctx: ctx, + svcCtx: svcCtx, + Logger: logx.WithContext(ctx), + } +} + +// ListPermissionStatus 取得狀態 +func (l *ListPermissionStatusLogic) ListPermissionStatus(in *permission.NoneReq) (*permission.ListPermissionStatusResp, error) { + // todo: add your logic here and delete this line + + return &permission.ListPermissionStatusResp{}, nil +} diff --git a/internal/server/permissionservice/permission_service_server.go b/internal/server/permissionservice/permission_service_server.go index d645530..fb31be3 100644 --- a/internal/server/permissionservice/permission_service_server.go +++ b/internal/server/permissionservice/permission_service_server.go @@ -4,7 +4,10 @@ package server import ( + "context" + "ark-permission/gen_result/pb/permission" + "ark-permission/internal/logic/permissionservice" "ark-permission/internal/svc" ) @@ -18,3 +21,27 @@ func NewPermissionServiceServer(svcCtx *svc.ServiceContext) *PermissionServiceSe svcCtx: svcCtx, } } + +// ListPermissionStatus 取得狀態 +func (s *PermissionServiceServer) ListPermissionStatus(ctx context.Context, in *permission.NoneReq) (*permission.ListPermissionStatusResp, error) { + l := permissionservicelogic.NewListPermissionStatusLogic(ctx, s.svcCtx) + return l.ListPermissionStatus(in) +} + +// ListPermission 取得完整權限 +func (s *PermissionServiceServer) ListPermission(ctx context.Context, in *permission.NoneReq) (*permission.ListPermissionResp, error) { + l := permissionservicelogic.NewListPermissionLogic(ctx, s.svcCtx) + return l.ListPermission(in) +} + +// CheckPermissionByRole 透過角色 ID 來檢視權限 +func (s *PermissionServiceServer) CheckPermissionByRole(ctx context.Context, in *permission.CheckPermissionByRoleReq) (*permission.PermissionResp, error) { + l := permissionservicelogic.NewCheckPermissionByRoleLogic(ctx, s.svcCtx) + return l.CheckPermissionByRole(in) +} + +// GetPermissionStatusByPath 透過資源拿取角色的狀態 +func (s *PermissionServiceServer) GetPermissionStatusByPath(ctx context.Context, in *permission.GetPermissionStatusByPathReq) (*permission.PermissionStatusItem, error) { + l := permissionservicelogic.NewGetPermissionStatusByPathLogic(ctx, s.svcCtx) + return l.GetPermissionStatusByPath(in) +}