template-monorepo/internal/logic/permission/actor.go

package permission

import (
	"context"
	"fmt"
)

type actorKey struct{}

// Actor identifies the calling tenant member (Bearer JWT or dev headers).
// Permission logic always needs (tenant_id, uid) so the auth → permission
// boundary is explicit; pulling from headers is dev-only.
type Actor struct {
	TenantID string
	UID      string
}

// WithActor stores tenant/uid on the context for permission logic
// handlers.
func WithActor(ctx context.Context, tenantID, uid string) context.Context {
	return context.WithValue(ctx, actorKey{}, Actor{TenantID: tenantID, UID: uid})
}

// ActorFromContext reads the actor injected by JWT middleware or dev
// headers.
func ActorFromContext(ctx context.Context) (Actor, error) {
	v, ok := ctx.Value(actorKey{}).(Actor)
	if !ok || v.TenantID == "" || v.UID == "" {
		return Actor{}, fmt.Errorf("missing bearer token or X-Tenant-ID/X-UID headers")
	}
	return v, nil
}
feat(permission): add RBAC module with Casbin enforcement and policy reload - Multi-tenant RBAC: permission catalog, roles, role-permission mapping, user-role assignment, and external IdP role mapping (zitadel/ldap/scim). - Casbin enforcer with Redis-backed adapter and Pub/Sub reload for multi-instance policy sync; HTTP middleware enforces (tenant, role, path, method) with platform admin bypass. - /api/v1/permissions routes: catalog, me, policy/reload, roles CRUD, role permissions, user roles, role mappings. - New error scope (31) for Permission and biz code descriptions. - Wire Permission module into ServiceContext, config, mongo-index, and add cmd/permission-seed CLI plus etc/rbac.conf model. - Redis client gains lazy PubSubClient helper (go-zero wrapper lacks Subscribe). - Rewrite internal/model/member/README to cover Tenant/Member/Identity. Co-authored-by: Cursor <cursoragent@cursor.com> 2026-05-21 08:47:35 +00:00			`package permission`

			`import (`
			`"context"`
			`"fmt"`
			`)`

			`type actorKey struct{}`

			`// Actor identifies the calling tenant member (Bearer JWT or dev headers).`
			`// Permission logic always needs (tenant_id, uid) so the auth → permission`
			`// boundary is explicit; pulling from headers is dev-only.`
			`type Actor struct {`
			`TenantID string`
			`UID string`
			`}`

			`// WithActor stores tenant/uid on the context for permission logic`
			`// handlers.`
			`func WithActor(ctx context.Context, tenantID, uid string) context.Context {`
			`return context.WithValue(ctx, actorKey{}, Actor{TenantID: tenantID, UID: uid})`
			`}`

			`// ActorFromContext reads the actor injected by JWT middleware or dev`
			`// headers.`
			`func ActorFromContext(ctx context.Context) (Actor, error) {`
			`v, ok := ctx.Value(actorKey{}).(Actor)`
			`if !ok \|\| v.TenantID == "" \|\| v.UID == "" {`
			`return Actor{}, fmt.Errorf("missing bearer token or X-Tenant-ID/X-UID headers")`
			`}`
			`return v, nil`
			`}`