digimon
/
template-monorepo
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
template-monorepo/internal/logic/permission/list_roles_logic.go

56 lines
1.4 KiB
Go
Raw Normal View History

feat(permission): add RBAC module with Casbin enforcement and policy reload - Multi-tenant RBAC: permission catalog, roles, role-permission mapping, user-role assignment, and external IdP role mapping (zitadel/ldap/scim). - Casbin enforcer with Redis-backed adapter and Pub/Sub reload for multi-instance policy sync; HTTP middleware enforces (tenant, role, path, method) with platform admin bypass. - /api/v1/permissions routes: catalog, me, policy/reload, roles CRUD, role permissions, user roles, role mappings. - New error scope (31) for Permission and biz code descriptions. - Wire Permission module into ServiceContext, config, mongo-index, and add cmd/permission-seed CLI plus etc/rbac.conf model. - Redis client gains lazy PubSubClient helper (go-zero wrapper lacks Subscribe). - Rewrite internal/model/member/README to cover Tenant/Member/Identity. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-21 08:47:35 +00:00
package permission
import (
"context"
"gateway/internal/svc"
"gateway/internal/types"
"github.com/zeromicro/go-zero/core/logx"
)
type ListRolesLogic struct {
logx.Logger
ctx context.Context
svcCtx *svc.ServiceContext
}
// NewListRolesLogic returns the role lister.
func NewListRolesLogic(ctx context.Context, svcCtx *svc.ServiceContext) *ListRolesLogic {
return &ListRolesLogic{
Logger: logx.WithContext(ctx),
ctx: ctx,
svcCtx: svcCtx,
}
}
// ListRoles lists every role in the caller's tenant (including system roles).
func (l *ListRolesLogic) ListRoles() (*types.RoleListData, error) {
if l.svcCtx.PermissionRole == nil {
return nil, errb.SysNotImplemented("permission module not configured")
}
actor, err := ActorFromContext(l.ctx)
if err != nil {
return nil, errb.AuthUnauthorized(err.Error()).WithCause(err)
}
roles, err := l.svcCtx.PermissionRole.List(l.ctx, actor.TenantID)
if err != nil {
return nil, err
}
out := &types.RoleListData{Roles: make([]types.RoleData, 0, len(roles))}
for _, role := range roles {
out.Roles = append(out.Roles, types.RoleData{
ID: role.ID.Hex(),
TenantID: role.TenantID,
Key: role.Key,
DisplayName: role.DisplayName,
CreatorUID: role.CreatorUID,
Status: role.Status.String(),
IsSystem: role.IsSystem,
CreateAt: role.CreateAt,
UpdateAt: role.UpdateAt,
})
}
return out, nil
}