-
Notifications
You must be signed in to change notification settings - Fork 63
/
group_permission.go
103 lines (89 loc) · 3.91 KB
/
group_permission.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package service
import (
"context"
"encoding/json"
"github.com/google/uuid"
"github.com/paralus/paralus/internal/dao"
"github.com/paralus/paralus/internal/models"
"github.com/paralus/paralus/proto/types/sentry"
"github.com/uptrace/bun"
)
// GroupPermissionService is the interface for group permission operations
type GroupPermissionService interface {
GetGroupPermissions(ctx context.Context, groupNames []string, orgID, partnerID string) ([]sentry.GroupPermission, error)
GetGroupProjectsByPermission(ctx context.Context, groupNames []string, orgID, partnerID string, permission string) ([]sentry.GroupPermission, error)
GetGroupPermissionsByProjectIDPermissions(ctx context.Context, groupNames []string, orgID, partnerID string, projects []string, permissions []string) ([]sentry.GroupPermission, error)
GetProjectByGroup(ctx context.Context, groupNames []string, orgID, partnerID string) ([]sentry.GroupPermission, error)
}
// groupPermissionService implements GroupPermissionService
type groupPermissionService struct {
db *bun.DB
}
// NewKubeconfigRevocation return new kubeconfig revocation service
func NewGroupPermissionService(db *bun.DB) GroupPermissionService {
return &groupPermissionService{db}
}
func (s *groupPermissionService) GetGroupPermissions(ctx context.Context, groupNames []string, orgID, partnerID string) ([]sentry.GroupPermission, error) {
gps, err := dao.GetGroupPermissions(ctx, s.db, groupNames, uuid.MustParse(orgID), uuid.MustParse(partnerID))
if err != nil {
return nil, err
}
groupPermissions := []sentry.GroupPermission{}
for _, gp := range gps {
groupPermissions = append(groupPermissions, prepareGroupPermissionResponse(gp))
}
return groupPermissions, nil
}
func (s *groupPermissionService) GetGroupProjectsByPermission(ctx context.Context, groupNames []string, orgID, partnerID string, permission string) ([]sentry.GroupPermission, error) {
aps, err := dao.GetGroupProjectsByPermission(ctx, s.db, groupNames, uuid.MustParse(orgID), uuid.MustParse(partnerID), permission)
if err != nil {
return nil, err
}
groupPermissions := []sentry.GroupPermission{}
for _, ap := range aps {
groupPermissions = append(groupPermissions, prepareGroupPermissionResponse(ap))
}
return groupPermissions, nil
}
func (s *groupPermissionService) GetGroupPermissionsByProjectIDPermissions(ctx context.Context, groupNames []string, orgID, partnerID string, projects []string, permissions []string) ([]sentry.GroupPermission, error) {
gps, err := dao.GetGroupPermissionsByProjectIDPermissions(ctx, s.db, groupNames, uuid.MustParse(orgID), uuid.MustParse(partnerID), projects, permissions)
if err != nil {
return nil, err
}
groupPermissions := []sentry.GroupPermission{}
for _, ap := range gps {
groupPermissions = append(groupPermissions, prepareGroupPermissionResponse(ap))
}
return groupPermissions, nil
}
func (s *groupPermissionService) GetProjectByGroup(ctx context.Context, groupNames []string, orgID, partnerID string) ([]sentry.GroupPermission, error) {
gps, err := dao.GetProjectByGroup(ctx, s.db, groupNames, uuid.MustParse(orgID), uuid.MustParse(partnerID))
if err != nil {
return nil, err
}
groupPermissions := []sentry.GroupPermission{}
for _, ap := range gps {
groupPermissions = append(groupPermissions, prepareGroupPermissionResponse(ap))
}
return groupPermissions, nil
}
func prepareGroupPermissionResponse(gps models.GroupPermission) sentry.GroupPermission {
var urls []*sentry.PermissionURL
if gps.Urls != nil {
json.Unmarshal(gps.Urls, &urls)
}
return sentry.GroupPermission{
GroupID: gps.GroupId.String(),
ProjectID: gps.ProjecttId,
OrganizationID: gps.OrganizationId.String(),
PartnerID: gps.PartnerId.String(),
GroupName: gps.GroupName,
RoleName: gps.RoleName,
IsGlobal: gps.IsGlobal,
Scope: gps.Scope,
PermissionName: gps.PermissionName,
BaseURL: gps.BaseUrl,
Urls: urls,
ProjectName: gps.ProjectName,
}
}