package service import ( "context" "fmt" "github.com/google/uuid" "github.com/pkg/errors" "go-micro.dev/v4/auth" "gorm.io/gorm" "sghgogs.com/micro/common/errorcode" req "sghgogs.com/micro/shopping-service/domain/model/request" pb "sghgogs.com/micro/shopping-service/proto" "sghgogs.com/micro/shopping-service/utils" "sghgogs.com/micro/shopping-service/utils/authutil" "time" ) func (svc *Service) GetPermissionList(query *pb.GetPermissionListRequest) ([]*pb.Permission, int64, error) { list, i, err := svc.Repository.GetPermissionList(query) permissions := make([]*pb.Permission, 0) if err != nil { if errors.Is(err, gorm.ErrRecordNotFound) { return permissions, 0, nil // 记录不存在,角色不存在 } else { return permissions, 0, err } } for _, item := range list { permissions = append(permissions, svc.getPermissionRes(item)) } return permissions, i, nil } func (svc *Service) GetPermission(query *pb.GetPermissionRequest) (*pb.Permission, error) { permission, err := svc.Repository.GetPermission(query.PermissionId) if err != nil { return &pb.Permission{}, errorcode.New(svc.Namespace, err.Error(), 400) } return svc.getPermissionRes(permission), nil } func (svc *Service) TogglePermission(query *pb.TogglePermissionRequest) error { if err := svc.Repository.TogglePermission(query.PermissionId, map[string]interface{}{ "status": query.Status, "updated_at": time.Now(), }); err != nil { return errorcode.New(svc.Namespace, err.Error(), 400) } roles, err := svc.Repository.AllRoles() if err == nil { items := svc.UpdateRulesItems(roles) authutil.JWTAuthService.SetRuleItems(items) } return nil } func (svc *Service) DeletePermission(query *pb.DeletePermissionRequest) error { if err := svc.Repository.DeletePermission(query.PermissionId); err != nil { return errorcode.New(svc.Namespace, err.Error(), 500) } roles, err := svc.Repository.AllRoles() if err == nil { items := svc.UpdateRulesItems(roles) authutil.JWTAuthService.SetRuleItems(items) } return nil } func (svc *Service) UpdateRulesItems(roles []*req.Role) []*auth.Rule { rules := make([]*auth.Rule, 0) for _, role := range roles { for _, permission := range role.Permissions { rules = append(rules, &auth.Rule{ Resource: &auth.Resource{ Name: permission.Name, Type: "user", Endpoint: permission.Endpoint, }, ID: uuid.New().String(), Scope: role.Name, Priority: 1, }) } } return rules } func (svc *Service) getPermissionRes(permission *req.Permission) *pb.Permission { var updatedAt int64 if permission.UpdatedAt != nil { if permission.CreatedAt.Truncate(time.Second) == permission.UpdatedAt.Truncate(time.Second) { permission.UpdatedAt = nil } else { updatedAt = utils.ConvertTimeToInt64(*permission.UpdatedAt) } } p := pb.Permission{ Id: permission.ID, Name: permission.Name, Description: permission.Description, Roles: svc.getBaseRoleRes(permission.Roles), CreatedAt: utils.ConvertTimeToInt64(permission.CreatedAt), CreatedBy: permission.CreatedBy, UpdatedAt: updatedAt, Status: permission.Status, IsReserved: permission.IsReserved, Endpoint: permission.Endpoint, } return &p } func (svc *Service) getBaseRoleRes(roles []req.Role) []*pb.Base { bases := make([]*pb.Base, 0) for _, item := range roles { bases = append(bases, &pb.Base{ Key: item.Name, Value: fmt.Sprintf("%d", item.ID), }) } return bases } func (svc *Service) getRolesToBase(roles []*req.Role) []*pb.Base { bases := make([]*pb.Base, 0) for _, item := range roles { bases = append(bases, &pb.Base{ Key: item.Name, Value: fmt.Sprintf("%d", item.ID), }) } return bases } func (svc *Service) CreatePermission(ctx context.Context, add *pb.CreatePermissionRequest) error { _, by, _, _ := utils.ParseMetadata(ctx) role := req.Permission{ Name: add.Name, Description: add.Description, CreatedBy: by, CreatedAt: time.Now(), Status: pb.StatusEnum_ENABLED, IsReserved: false, UpdatedAt: nil, Endpoint: add.Endpoint, } if err := svc.Repository.CreatePermission(&role, add.Roles); err != nil { return errorcode.New(svc.Namespace, err.Error(), 500) } roles, err := svc.Repository.AllRoles() if err == nil { items := svc.UpdateRulesItems(roles) authutil.JWTAuthService.SetRuleItems(items) } return nil } func (svc *Service) CreateMultiplePermissions(ctx context.Context, data *pb.CreateMultiplePermissionsRequest) error { _, by, _, _ := utils.ParseMetadata(ctx) permissions := make([]*req.Permission, 0) for _, item := range data.Items { permissions = append(permissions, &req.Permission{ Name: item.Name, Description: item.Description, CreatedBy: by, CreatedAt: time.Now(), Status: pb.StatusEnum_ENABLED, IsReserved: false, Endpoint: item.Endpoint, }) } if err := svc.Repository.CreateMultiplePermissions(permissions, data.Roles); err != nil { return errorcode.New(svc.Namespace, err.Error(), 500) } roles, err := svc.Repository.AllRoles() if err == nil { items := svc.UpdateRulesItems(roles) authutil.JWTAuthService.SetRuleItems(items) } return nil } func (svc *Service) UpdatePermission(ctx context.Context, query *pb.UpdatePermissionRequest) error { _, by, _, _ := utils.ParseMetadata(ctx) if err := svc.Repository.UpdatePermission(query.PermissionId, map[string]interface{}{ "description": query.Description, "endpoint": query.Endpoint, "updated_by": by, "updated_at": time.Now(), }, query.Roles); err != nil { return errorcode.New(svc.Namespace, err.Error(), 500) } roles, err := svc.Repository.AllRoles() if err == nil { items := svc.UpdateRulesItems(roles) authutil.JWTAuthService.SetRuleItems(items) } return nil }