template-monorepo/internal/logic/permission/get_role_permissions_logic.go

package permission

import (
	"context"

	"gateway/internal/svc"
	"gateway/internal/types"

	"github.com/zeromicro/go-zero/core/logx"
)

type GetRolePermissionsLogic struct {
	logx.Logger
	ctx    context.Context
	svcCtx *svc.ServiceContext
}

// NewGetRolePermissionsLogic returns the role-permission reader.
func NewGetRolePermissionsLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetRolePermissionsLogic {
	return &GetRolePermissionsLogic{
		Logger: logx.WithContext(ctx),
		ctx:    ctx,
		svcCtx: svcCtx,
	}
}

// GetRolePermissions reads the permission catalog entries currently
// assigned to the role.
func (l *GetRolePermissionsLogic) GetRolePermissions(req *types.GetRolePermissionsByIDReq) (*types.RolePermissionsListData, error) {
	if l.svcCtx.PermissionRolePermission == nil {
		return nil, errb.SysNotImplemented("permission module not configured")
	}
	actor, err := ActorFromContext(l.ctx)
	if err != nil {
		return nil, errb.AuthUnauthorized(err.Error()).WithCause(err)
	}
	perms, err := l.svcCtx.PermissionRolePermission.List(l.ctx, actor.TenantID, req.ID)
	if err != nil {
		return nil, err
	}
	out := &types.RolePermissionsListData{Permissions: make([]types.PermissionNode, 0, len(perms))}
	for _, perm := range perms {
		out.Permissions = append(out.Permissions, types.PermissionNode{
			ID:          perm.ID.Hex(),
			Parent:      perm.Parent,
			Name:        perm.Name,
			HTTPMethods: perm.HTTPMethods,
			HTTPPath:    perm.HTTPPath,
			Status:      perm.Status.String(),
			Type:        perm.Type.String(),
		})
	}
	return out, nil
}
feat(permission): add RBAC module with Casbin enforcement and policy reload - Multi-tenant RBAC: permission catalog, roles, role-permission mapping, user-role assignment, and external IdP role mapping (zitadel/ldap/scim). - Casbin enforcer with Redis-backed adapter and Pub/Sub reload for multi-instance policy sync; HTTP middleware enforces (tenant, role, path, method) with platform admin bypass. - /api/v1/permissions routes: catalog, me, policy/reload, roles CRUD, role permissions, user roles, role mappings. - New error scope (31) for Permission and biz code descriptions. - Wire Permission module into ServiceContext, config, mongo-index, and add cmd/permission-seed CLI plus etc/rbac.conf model. - Redis client gains lazy PubSubClient helper (go-zero wrapper lacks Subscribe). - Rewrite internal/model/member/README to cover Tenant/Member/Identity. Co-authored-by: Cursor <cursoragent@cursor.com> 2026-05-21 08:47:35 +00:00			`package permission`

			`import (`
			`"context"`

			`"gateway/internal/svc"`
			`"gateway/internal/types"`

			`"github.com/zeromicro/go-zero/core/logx"`
			`)`

			`type GetRolePermissionsLogic struct {`
			`logx.Logger`
			`ctx context.Context`
			`svcCtx *svc.ServiceContext`
			`}`

			`// NewGetRolePermissionsLogic returns the role-permission reader.`
			`func NewGetRolePermissionsLogic(ctx context.Context, svcCtx svc.ServiceContext) GetRolePermissionsLogic {`
			`return &GetRolePermissionsLogic{`
			`Logger: logx.WithContext(ctx),`
			`ctx: ctx,`
			`svcCtx: svcCtx,`
			`}`
			`}`

			`// GetRolePermissions reads the permission catalog entries currently`
			`// assigned to the role.`
			`func (l GetRolePermissionsLogic) GetRolePermissions(req types.GetRolePermissionsByIDReq) (*types.RolePermissionsListData, error) {`
			`if l.svcCtx.PermissionRolePermission == nil {`
			`return nil, errb.SysNotImplemented("permission module not configured")`
			`}`
			`actor, err := ActorFromContext(l.ctx)`
			`if err != nil {`
			`return nil, errb.AuthUnauthorized(err.Error()).WithCause(err)`
			`}`
			`perms, err := l.svcCtx.PermissionRolePermission.List(l.ctx, actor.TenantID, req.ID)`
			`if err != nil {`
			`return nil, err`
			`}`
			`out := &types.RolePermissionsListData{Permissions: make([]types.PermissionNode, 0, len(perms))}`
			`for _, perm := range perms {`
			`out.Permissions = append(out.Permissions, types.PermissionNode{`
			`ID: perm.ID.Hex(),`
			`Parent: perm.Parent,`
			`Name: perm.Name,`
			`HTTPMethods: perm.HTTPMethods,`
			`HTTPPath: perm.HTTPPath,`
			`Status: perm.Status.String(),`
			`Type: perm.Type.String(),`
			`})`
			`}`
			`return out, nil`
			`}`