Better handling of permissions
This commit is contained in:
cdricms
@@ -10,14 +10,16 @@ var EventsRoutes = map[string]core.Handler{
|
||||
Handler: events.HandleEvents,
|
||||
Middlewares: []core.Middleware{Methods("GET")}},
|
||||
"/events/new": {
|
||||
Handler: events.HandleNew,
|
||||
Middlewares: []core.Middleware{Methods("POST"), AuthJWT}},
|
||||
Handler: events.HandleNew,
|
||||
Middlewares: []core.Middleware{Methods("POST"),
|
||||
HasPermissions("events", "insert"), AuthJWT}},
|
||||
"/events/{event_uuid}": {
|
||||
Handler: events.HandleEvent,
|
||||
Middlewares: []core.Middleware{Methods("GET")}},
|
||||
"/events/{event_uuid}/delete": {
|
||||
Handler: events.HandleDelete,
|
||||
Middlewares: []core.Middleware{Methods("DELETE"), AuthJWT}},
|
||||
Handler: events.HandleDelete,
|
||||
Middlewares: []core.Middleware{Methods("DELETE"),
|
||||
HasPermissions("events", "delete"), AuthJWT}},
|
||||
"/events/{event_uuid}/update": {
|
||||
Handler: events.HandleUpdate,
|
||||
Middlewares: []core.Middleware{
|
||||
|
||||
@@ -159,24 +159,6 @@ func HasPermissions(resource string, actions ...string) core.Middleware {
|
||||
return
|
||||
}
|
||||
|
||||
// permissions := utils.MergeArrays(
|
||||
// utils.Map(user.Roles, func(r models.Role) []models.Permission {
|
||||
// return r.Permissions
|
||||
// })...)
|
||||
//
|
||||
// for _, action := range actions {
|
||||
// permission := utils.Find(permissions, func(p models.Permission, i int) bool {
|
||||
// return resource == p.Resource && action == p.Action
|
||||
// })
|
||||
// if permission == nil {
|
||||
// core.JSONError{
|
||||
// Status: core.Error,
|
||||
// Message: fmt.Sprintf("The user doesn't have the proper permission %s:%s", resource, action),
|
||||
// }.Respond(w, http.StatusUnauthorized)
|
||||
// return
|
||||
// }
|
||||
// }
|
||||
|
||||
permissionsSet := make(map[string]struct{}) // Set to store unique permissions
|
||||
|
||||
// Populate the set with user's permissions
|
||||
|
||||
@@ -9,21 +9,14 @@ import (
|
||||
)
|
||||
|
||||
func HandlePermission(w http.ResponseWriter, r *http.Request) {
|
||||
id := r.PathValue("permission_id")
|
||||
var permission models.Permission
|
||||
count, err := core.DB.NewSelect().
|
||||
Model(&permission).
|
||||
Where("id = ?", id).
|
||||
resource := r.PathValue("resource")
|
||||
action := r.PathValue("action")
|
||||
var permissions models.Permission
|
||||
err := core.DB.NewSelect().
|
||||
Model(&permissions).
|
||||
Where("resource = ? AND action = ?", resource, action).
|
||||
Limit(1).
|
||||
ScanAndCount(context.Background())
|
||||
|
||||
if count == 0 {
|
||||
core.JSONSuccess{
|
||||
Status: core.Success,
|
||||
Message: "Permission not found.",
|
||||
}.Respond(w, http.StatusNotFound)
|
||||
return
|
||||
}
|
||||
Scan(context.Background())
|
||||
|
||||
if err != nil {
|
||||
core.JSONError{
|
||||
@@ -35,7 +28,7 @@ func HandlePermission(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
core.JSONSuccess{
|
||||
Status: core.Success,
|
||||
Message: "Permission found.",
|
||||
Data: permission,
|
||||
Message: "Permissions found.",
|
||||
Data: permissions,
|
||||
}.Respond(w, http.StatusOK)
|
||||
}
|
||||
|
||||
@@ -14,12 +14,12 @@ var PermissionsRoutes = map[string]core.Handler{
|
||||
Handler: permissions.HandleResourceActions,
|
||||
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
|
||||
},
|
||||
"/permissions/{permission_id}": {
|
||||
Handler: permissions.HandlePermission,
|
||||
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
|
||||
},
|
||||
"/permissions/resources/{resource}": {
|
||||
Handler: permissions.HandlePermissionsResource,
|
||||
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
|
||||
},
|
||||
"/permissions/resources/{resource}/{action}": {
|
||||
Handler: permissions.HandlePermission,
|
||||
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
|
||||
},
|
||||
}
|
||||
|
||||
@@ -39,8 +39,9 @@ func HandleAddPermission(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
permissionRole := models.PermissionToRole{
|
||||
PermissionID: permission.ID,
|
||||
RoleID: role.ID,
|
||||
PermissionResource: permission.Resource,
|
||||
PermissionAction: permission.Action,
|
||||
RoleID: role.ID,
|
||||
}
|
||||
_, err = core.DB.NewInsert().Model(&permissionRole).Ignore().
|
||||
Exec(ctx)
|
||||
|
||||
@@ -26,7 +26,7 @@ func HandleRemovePermission(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
_, err = core.DB.NewDelete().Model((*models.PermissionToRole)(nil)).
|
||||
Where("permission_id = ? AND role_id = ?", permission.ID, role_id).
|
||||
Where("resource = ? AND action = ? AND role_id = ?", permission.Resource, permission.Action, role_id).
|
||||
Exec(ctx)
|
||||
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user