/
role_permission_service.go
134 lines (119 loc) · 4.57 KB
/
role_permission_service.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
package services
import (
"context"
"errors"
"go.mongodb.org/mongo-driver/mongo"
"pkg"
"pkg/configuration"
"pkg/data_models"
"time"
)
// ---- RolePermissionService ----
type RolePermissionService struct {
config configuration.Configuration
dbClient *mongo.Client
rolePermissionsCollection *mongo.Collection
roleService root.RoleService
permissionService root.PermissionService
}
// ---- NewRolePermissionService ----
func NewRolePermissionService(config configuration.Configuration, dbClient *mongo.Client, roleService root.RoleService, permissionService root.PermissionService) *RolePermissionService {
rpc := dbClient.Database(config.DbName).Collection("role_permissions")
return &RolePermissionService{config, dbClient, rpc, roleService, permissionService}
}
// ---- RolePermissionService.SetRolePermissions ----
func (rcvr *RolePermissionService) SetRolePermissions(role root.Role, tags []string) error {
// step 1: verify that we have a good role
_, err := rcvr.roleService.FindRole(role)
if err != nil {
return errors.New("role " + role.RoleId + " not found")
}
// step 2: verify permission tags given and fail on the first bad one
var permissions []root.Permission
var permission root.Permission
for _, elPermission := range tags {
permission.Tag = elPermission
permission, err := rcvr.permissionService.FindPermission(permission)
if err != nil {
return errors.New("permission tag `" + elPermission + "` not found")
}
permissions = append(permissions, permission[0])
}
// step 3: delete the current role permissions
err = rcvr.DeleteRolePermissions(role)
if err != nil {
return err
}
// step 4: write out the given permissions for the specified role
for _, elPermission := range permissions {
var rolePermission root.RolePermission
rolePermission.RolePermissionId, _ = root.GenId()
rolePermission.RoleId = role.RoleId
rolePermission.PermissionId = elPermission.PermissionId
rolePermission.Created = root.GenTimestamp()
_, err := rcvr.InsertRolePermission(rolePermission)
if err != nil {
return err
}
}
return nil
}
// ---- RolePermissionService.InsertRolePermissions ----
func (rcvr *RolePermissionService) InsertRolePermission(rolePermission root.RolePermission) (root.RolePermission, error) {
ctx, cancel := context.WithTimeout(context.Background(), 30 * time.Second)
defer cancel()
rolePermissionModel := data_models.NewRolePermissionModel(rolePermission)
_, err := rcvr.rolePermissionsCollection.InsertOne(ctx, rolePermissionModel)
return rolePermission, err
}
// ---- RolePermissionService.DeleteRolePermissions ----
func (rcvr *RolePermissionService) DeleteRolePermissions(role root.Role) error {
var rolePermission root.RolePermission
rolePermission.RoleId = role.RoleId
filter := root.MakeBsonDQueryFilter(rolePermission)
ctx, cancel := context.WithTimeout(context.Background(), 30 * time.Second)
defer cancel()
_, err := rcvr.rolePermissionsCollection.DeleteMany(ctx, filter)
return err
}
// ---- RolePermissionService.FindRolePermissions ----
func (rcvr *RolePermissionService) FindRolePermission(role root.Role) ([]root.RolePermissionPayload, error) {
// step 1: does the role exist
_, err := rcvr.roleService.FindRole(role)
if err != nil {
return []root.RolePermissionPayload{}, errors.New("role `" + role.RoleId + "` does not exist")
}
// step 2: get role permissions
var rolePermission root.RolePermission
rolePermission.RoleId = role.RoleId
ctx, cancel := context.WithTimeout(context.Background(), 30 * time.Second)
filter := root.MakeBsonDQueryFilter(rolePermission)
defer cancel()
cursor, err := rcvr.rolePermissionsCollection.Find(ctx, filter)
if err != nil {
return []root.RolePermissionPayload{}, err
}
defer cursor.Close(ctx)
// step 3: populate the payload structure with data found
var rolePermissions []root.RolePermissionPayload
for cursor.Next(ctx) {
var rolePermission = data_models.NewRolePermissionModel(root.RolePermission{})
cursor.Decode(&rolePermission)
var permission root.Permission
var permissions []root.Permission
permission.PermissionId = rolePermission.PermissionId
permissions, err := rcvr.permissionService.FindPermission(permission)
if err != nil {
return []root.RolePermissionPayload{}, nil
}
var payload root.RolePermissionPayload
payload.RolePermissionId = rolePermission.RolePermissionId
payload.RoleId = rolePermission.RoleId
payload.PermissionId = rolePermission.PermissionId
payload.Tag = permissions[0].Tag
payload.Created = rolePermission.Created
rolePermissions = append(rolePermissions, payload)
}
// step 4: let them eat cake
return rolePermissions, nil
}