This repository has been archived by the owner on Aug 18, 2022. It is now read-only.
/
grpc_client.go
107 lines (90 loc) · 2.39 KB
/
grpc_client.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package rbac
import (
"context"
"google.golang.org/grpc"
pb "github.com/51st-state/api/pkg/rbac/proto"
)
type grpcClient struct {
client pb.ControlClient
}
// NewGRPCClient for the rbac controller
func NewGRPCClient(c *grpc.ClientConn) Control {
return &grpcClient{
pb.NewControlClient(c),
}
}
// GetRoleRules gets the rules of role
func (c *grpcClient) GetRoleRules(ctx context.Context, roleID RoleID) (RoleRules, error) {
grpcRules, err := c.client.GetRoleRules(ctx, &pb.RoleID{
ID: string(roleID),
})
if err != nil {
return nil, err
}
rules := make(RoleRules, 0)
for _, v := range grpcRules.GetRules() {
rules = append(rules, Rule(v))
}
return rules, nil
}
// SetRoleRules sets the rules of a role
func (c *grpcClient) SetRoleRules(ctx context.Context, roleID RoleID, rules RoleRules) error {
grpcRules := &pb.RoleRules{
Rules: []string{},
}
for _, v := range rules {
grpcRules.Rules = append(grpcRules.Rules, string(v))
}
_, err := c.client.SetRoleRules(ctx, &pb.SetRoleRulesRequest{
RoleID: &pb.RoleID{
ID: string(roleID),
},
RoleRules: grpcRules,
})
return err
}
// GetAccountRoles returns the account roles
func (c *grpcClient) GetAccountRoles(ctx context.Context, accountID AccountID) (AccountRoles, error) {
grpcRoles, err := c.client.GetAccountRoles(ctx, &pb.AccountID{
ID: string(accountID),
})
if err != nil {
return nil, err
}
roles := make(AccountRoles, 0)
for _, v := range grpcRoles.GetRoleIDs() {
roles = append(roles, RoleID(v))
}
return roles, nil
}
// SetAccountRoles sets the roles of a account
func (c *grpcClient) SetAccountRoles(ctx context.Context, accountID AccountID, roles AccountRoles) error {
grpcRoles := &pb.AccountRoles{
RoleIDs: []string{},
}
for _, v := range roles {
grpcRoles.RoleIDs = append(grpcRoles.RoleIDs, string(v))
}
_, err := c.client.SetAccountRoles(ctx, &pb.SetAccountRolesRequest{
AccountID: &pb.AccountID{
ID: string(accountID),
},
AccountRoles: grpcRoles,
})
return err
}
// IsAccountAllowed checks whether a account has access to a rule
func (c *grpcClient) IsAccountAllowed(ctx context.Context, accountID AccountID, rule Rule) (bool, error) {
resp, err := c.client.IsAccountAllowed(ctx, &pb.IsAccountAllowedRequest{
AccountID: &pb.AccountID{
ID: string(accountID),
},
Rule: &pb.Rule{
Rule: string(rule),
},
})
if err != nil {
return false, err
}
return resp.GetAllowed(), nil
}