-
Notifications
You must be signed in to change notification settings - Fork 7
/
privilege_role.go
75 lines (59 loc) · 1.8 KB
/
privilege_role.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package materialize
import (
"database/sql"
"fmt"
"github.com/jmoiron/sqlx"
)
type RolePrivilegeBuilder struct {
ddl Builder
role MaterializeRole
member MaterializeRole
}
func NewRolePrivilegeBuilder(conn *sqlx.DB, role, member string) *RolePrivilegeBuilder {
return &RolePrivilegeBuilder{
ddl: Builder{conn, Privilege},
role: MaterializeRole{name: role},
member: MaterializeRole{name: member},
}
}
func (b *RolePrivilegeBuilder) Grant() error {
q := fmt.Sprintf(`GRANT %s TO %s;`, b.role.QualifiedName(), b.member.QualifiedName())
return b.ddl.exec(q)
}
func (b *RolePrivilegeBuilder) Revoke() error {
q := fmt.Sprintf(`REVOKE %s FROM %s;`, b.role.QualifiedName(), b.member.QualifiedName())
return b.ddl.exec(q)
}
func (b *RolePrivilegeBuilder) GrantKey(region, roleId, memberId string) string {
return fmt.Sprintf(`%[1]s:ROLE MEMBER|%[2]s|%[3]s`, region, roleId, memberId)
}
type RolePrivilegeParams struct {
RoleId sql.NullString `db:"role_id"`
Member sql.NullString `db:"member"`
Grantor sql.NullString `db:"grantor"`
}
var rolePrivilegeQuery = NewBaseQuery(`
SELECT
mz_role_members.role_id,
mz_role_members.member,
mz_role_members.grantor
FROM mz_role_members`)
func ScanRolePrivilege(conn *sqlx.DB, roleId, memberId string) ([]RolePrivilegeParams, error) {
p := map[string]string{
"mz_role_members.role_id": roleId,
"mz_role_members.member": memberId,
}
q := rolePrivilegeQuery.QueryPredicate(p)
var c []RolePrivilegeParams
if err := conn.Select(&c, q); err != nil {
return c, err
}
return c, nil
}
func ParseRolePrivileges(privileges []RolePrivilegeParams) (map[string][]string, error) {
mapping := make(map[string][]string)
for _, p := range privileges {
mapping[p.RoleId.String] = append(mapping[p.RoleId.String], p.Member.String)
}
return mapping, nil
}