2022-02-13 23:39:27 +08:00
|
|
|
// Copyright 2021 The Casdoor Authors. All Rights Reserved.
|
2022-01-01 15:11:16 +08:00
|
|
|
//
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
//
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
//
|
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
|
|
package object
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
2023-05-28 11:29:43 +08:00
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/casdoor/casdoor/conf"
|
2022-01-01 15:11:16 +08:00
|
|
|
|
2022-01-20 14:11:46 +08:00
|
|
|
"github.com/casdoor/casdoor/util"
|
2023-02-12 09:33:24 +08:00
|
|
|
"github.com/xorm-io/core"
|
2022-01-01 15:11:16 +08:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Role struct {
|
|
|
|
|
Owner string `xorm:"varchar(100) notnull pk" json:"owner"`
|
|
|
|
|
Name string `xorm:"varchar(100) notnull pk" json:"name"`
|
|
|
|
|
CreatedTime string `xorm:"varchar(100)" json:"createdTime"`
|
|
|
|
|
DisplayName string `xorm:"varchar(100)" json:"displayName"`
|
2023-06-03 18:49:57 +08:00
|
|
|
Description string `xorm:"varchar(100)" json:"description"`
|
2022-01-01 15:11:16 +08:00
|
|
|
|
|
|
|
|
Users []string `xorm:"mediumtext" json:"users"`
|
2023-09-24 10:17:18 +08:00
|
|
|
Groups []string `xorm:"mediumtext" json:"groups"`
|
2022-01-01 15:11:16 +08:00
|
|
|
Roles []string `xorm:"mediumtext" json:"roles"`
|
2022-08-15 10:24:26 +08:00
|
|
|
Domains []string `xorm:"mediumtext" json:"domains"`
|
2022-01-01 15:11:16 +08:00
|
|
|
IsEnabled bool `json:"isEnabled"`
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
func GetRoleCount(owner, field, value string) (int64, error) {
|
2022-01-26 19:36:36 +08:00
|
|
|
session := GetSession(owner, -1, -1, field, value, "", "")
|
2023-05-30 15:49:39 +08:00
|
|
|
return session.Count(&Role{})
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
func GetRoles(owner string) ([]*Role, error) {
|
2022-01-01 15:11:16 +08:00
|
|
|
roles := []*Role{}
|
2023-07-29 15:07:04 +08:00
|
|
|
err := ormer.Engine.Desc("created_time").Find(&roles, &Role{Owner: owner})
|
2022-01-01 15:11:16 +08:00
|
|
|
if err != nil {
|
2023-05-30 15:49:39 +08:00
|
|
|
return roles, err
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
return roles, nil
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
func GetPaginationRoles(owner string, offset, limit int, field, value, sortField, sortOrder string) ([]*Role, error) {
|
2022-01-01 15:11:16 +08:00
|
|
|
roles := []*Role{}
|
|
|
|
|
session := GetSession(owner, offset, limit, field, value, sortField, sortOrder)
|
|
|
|
|
err := session.Find(&roles)
|
|
|
|
|
if err != nil {
|
2023-05-30 15:49:39 +08:00
|
|
|
return roles, err
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
return roles, nil
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
func getRole(owner string, name string) (*Role, error) {
|
2022-01-01 15:11:16 +08:00
|
|
|
if owner == "" || name == "" {
|
2023-05-30 15:49:39 +08:00
|
|
|
return nil, nil
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
role := Role{Owner: owner, Name: name}
|
2023-07-29 15:07:04 +08:00
|
|
|
existed, err := ormer.Engine.Get(&role)
|
2022-01-01 15:11:16 +08:00
|
|
|
if err != nil {
|
2023-05-30 15:49:39 +08:00
|
|
|
return &role, err
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if existed {
|
2023-05-30 15:49:39 +08:00
|
|
|
return &role, nil
|
2022-01-01 15:11:16 +08:00
|
|
|
} else {
|
2023-05-30 15:49:39 +08:00
|
|
|
return nil, nil
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
func GetRole(id string) (*Role, error) {
|
2023-07-26 12:08:35 +07:00
|
|
|
owner, name := util.GetOwnerAndNameFromIdNoCheck(id)
|
2022-01-01 15:11:16 +08:00
|
|
|
return getRole(owner, name)
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
func UpdateRole(id string, role *Role) (bool, error) {
|
2023-07-26 12:08:35 +07:00
|
|
|
owner, name := util.GetOwnerAndNameFromIdNoCheck(id)
|
2023-05-30 15:49:39 +08:00
|
|
|
oldRole, err := getRole(owner, name)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-15 10:24:26 +08:00
|
|
|
if oldRole == nil {
|
2023-05-30 15:49:39 +08:00
|
|
|
return false, nil
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-04-28 21:14:37 +07:00
|
|
|
visited := map[string]struct{}{}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
permissions, err := GetPermissionsByRole(id)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-17 09:27:02 +07:00
|
|
|
for _, permission := range permissions {
|
|
|
|
|
removeGroupingPolicies(permission)
|
|
|
|
|
removePolicies(permission)
|
2023-04-28 21:14:37 +07:00
|
|
|
visited[permission.GetId()] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
ancestorRoles, err := GetAncestorRoles(id)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-28 21:14:37 +07:00
|
|
|
for _, r := range ancestorRoles {
|
2023-05-30 15:49:39 +08:00
|
|
|
permissions, err := GetPermissionsByRole(r.GetId())
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-28 21:14:37 +07:00
|
|
|
for _, permission := range permissions {
|
|
|
|
|
permissionId := permission.GetId()
|
|
|
|
|
if _, ok := visited[permissionId]; !ok {
|
|
|
|
|
removeGroupingPolicies(permission)
|
|
|
|
|
visited[permissionId] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-01-17 09:27:02 +07:00
|
|
|
}
|
|
|
|
|
|
2022-11-02 00:17:38 +08:00
|
|
|
if name != role.Name {
|
|
|
|
|
err := roleChangeTrigger(name, role.Name)
|
|
|
|
|
if err != nil {
|
2023-08-03 18:45:49 +08:00
|
|
|
return false, err
|
2022-11-02 00:17:38 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-29 15:07:04 +08:00
|
|
|
affected, err := ormer.Engine.ID(core.PK{owner, name}).AllCols().Update(role)
|
2022-01-01 15:11:16 +08:00
|
|
|
if err != nil {
|
2023-05-30 15:49:39 +08:00
|
|
|
return false, err
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-04-28 21:14:37 +07:00
|
|
|
visited = map[string]struct{}{}
|
2023-01-17 09:27:02 +07:00
|
|
|
newRoleID := role.GetId()
|
2023-05-30 15:49:39 +08:00
|
|
|
permissions, err = GetPermissionsByRole(newRoleID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-17 09:27:02 +07:00
|
|
|
for _, permission := range permissions {
|
|
|
|
|
addGroupingPolicies(permission)
|
|
|
|
|
addPolicies(permission)
|
2023-04-28 21:14:37 +07:00
|
|
|
visited[permission.GetId()] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
ancestorRoles, err = GetAncestorRoles(newRoleID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-28 21:14:37 +07:00
|
|
|
for _, r := range ancestorRoles {
|
2023-05-30 15:49:39 +08:00
|
|
|
permissions, err := GetPermissionsByRole(r.GetId())
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
2023-04-28 21:14:37 +07:00
|
|
|
for _, permission := range permissions {
|
|
|
|
|
permissionId := permission.GetId()
|
|
|
|
|
if _, ok := visited[permissionId]; !ok {
|
|
|
|
|
addGroupingPolicies(permission)
|
|
|
|
|
visited[permissionId] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-01-17 09:27:02 +07:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
return affected != 0, nil
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
func AddRole(role *Role) (bool, error) {
|
2023-07-29 15:07:04 +08:00
|
|
|
affected, err := ormer.Engine.Insert(role)
|
2022-01-01 15:11:16 +08:00
|
|
|
if err != nil {
|
2023-05-30 15:49:39 +08:00
|
|
|
return false, err
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
return affected != 0, nil
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-28 11:29:43 +08:00
|
|
|
func AddRoles(roles []*Role) bool {
|
|
|
|
|
if len(roles) == 0 {
|
|
|
|
|
return false
|
|
|
|
|
}
|
2023-07-29 15:07:04 +08:00
|
|
|
affected, err := ormer.Engine.Insert(roles)
|
2023-05-28 11:29:43 +08:00
|
|
|
if err != nil {
|
|
|
|
|
if !strings.Contains(err.Error(), "Duplicate entry") {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return affected != 0
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func AddRolesInBatch(roles []*Role) bool {
|
|
|
|
|
batchSize := conf.GetConfigBatchSize()
|
|
|
|
|
|
|
|
|
|
if len(roles) == 0 {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
affected := false
|
|
|
|
|
for i := 0; i < (len(roles)-1)/batchSize+1; i++ {
|
|
|
|
|
start := i * batchSize
|
|
|
|
|
end := (i + 1) * batchSize
|
|
|
|
|
if end > len(roles) {
|
|
|
|
|
end = len(roles)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tmp := roles[start:end]
|
|
|
|
|
// TODO: save to log instead of standard output
|
|
|
|
|
// fmt.Printf("Add users: [%d - %d].\n", start, end)
|
|
|
|
|
if AddRoles(tmp) {
|
|
|
|
|
affected = true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return affected
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
func DeleteRole(role *Role) (bool, error) {
|
2023-01-17 16:04:58 +07:00
|
|
|
roleId := role.GetId()
|
2023-05-30 15:49:39 +08:00
|
|
|
permissions, err := GetPermissionsByRole(roleId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-17 16:04:58 +07:00
|
|
|
for _, permission := range permissions {
|
|
|
|
|
permission.Roles = util.DeleteVal(permission.Roles, roleId)
|
2023-05-30 15:49:39 +08:00
|
|
|
_, err := UpdatePermission(permission.GetId(), permission)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
2023-01-17 16:04:58 +07:00
|
|
|
}
|
|
|
|
|
|
2023-07-29 15:07:04 +08:00
|
|
|
affected, err := ormer.Engine.ID(core.PK{role.Owner, role.Name}).Delete(&Role{})
|
2022-01-01 15:11:16 +08:00
|
|
|
if err != nil {
|
2023-05-30 15:49:39 +08:00
|
|
|
return false, err
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
return affected != 0, nil
|
2022-01-01 15:11:16 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (role *Role) GetId() string {
|
|
|
|
|
return fmt.Sprintf("%s/%s", role.Owner, role.Name)
|
|
|
|
|
}
|
2022-07-30 17:31:56 +08:00
|
|
|
|
2023-09-24 08:01:18 +08:00
|
|
|
func getRolesByUserInternal(userId string) ([]*Role, error) {
|
2022-07-30 17:31:56 +08:00
|
|
|
roles := []*Role{}
|
2023-07-29 15:07:04 +08:00
|
|
|
err := ormer.Engine.Where("users like ?", "%"+userId+"\"%").Find(&roles)
|
2022-07-30 17:31:56 +08:00
|
|
|
if err != nil {
|
2023-05-30 15:49:39 +08:00
|
|
|
return roles, err
|
2022-07-30 17:31:56 +08:00
|
|
|
}
|
|
|
|
|
|
2023-09-24 09:13:54 +08:00
|
|
|
res := []*Role{}
|
|
|
|
|
for _, role := range roles {
|
|
|
|
|
if util.InSlice(role.Users, userId) {
|
|
|
|
|
res = append(res, role)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res, nil
|
2023-09-24 08:01:18 +08:00
|
|
|
}
|
2023-06-16 21:44:21 +07:00
|
|
|
|
2023-09-24 08:01:18 +08:00
|
|
|
func getRolesByUser(userId string) ([]*Role, error) {
|
|
|
|
|
roles, err := getRolesByUserInternal(userId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return roles, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
allRolesIds := []string{}
|
2023-06-16 21:44:21 +07:00
|
|
|
for _, role := range roles {
|
|
|
|
|
allRolesIds = append(allRolesIds, role.GetId())
|
2023-03-03 18:18:41 +08:00
|
|
|
}
|
|
|
|
|
|
2023-06-16 21:44:21 +07:00
|
|
|
allRoles, err := GetAncestorRoles(allRolesIds...)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for i := range allRoles {
|
|
|
|
|
allRoles[i].Users = nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return allRoles, nil
|
2022-07-30 17:31:56 +08:00
|
|
|
}
|
2022-11-02 00:17:38 +08:00
|
|
|
|
|
|
|
|
func roleChangeTrigger(oldName string, newName string) error {
|
2023-07-29 15:07:04 +08:00
|
|
|
session := ormer.Engine.NewSession()
|
2022-11-02 00:17:38 +08:00
|
|
|
defer session.Close()
|
|
|
|
|
|
|
|
|
|
err := session.Begin()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var roles []*Role
|
2023-07-29 15:07:04 +08:00
|
|
|
err = ormer.Engine.Find(&roles)
|
2022-11-02 00:17:38 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2023-05-30 15:49:39 +08:00
|
|
|
|
2022-11-02 00:17:38 +08:00
|
|
|
for _, role := range roles {
|
|
|
|
|
for j, u := range role.Roles {
|
2023-04-22 21:15:06 +08:00
|
|
|
owner, name := util.GetOwnerAndNameFromId(u)
|
|
|
|
|
if name == oldName {
|
|
|
|
|
role.Roles[j] = util.GetId(owner, newName)
|
2022-11-02 00:17:38 +08:00
|
|
|
}
|
|
|
|
|
}
|
2023-04-22 21:15:06 +08:00
|
|
|
_, err = session.Where("name=?", role.Name).And("owner=?", role.Owner).Update(role)
|
2022-11-02 00:17:38 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var permissions []*Permission
|
2023-07-29 15:07:04 +08:00
|
|
|
err = ormer.Engine.Find(&permissions)
|
2022-11-02 00:17:38 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2023-05-30 15:49:39 +08:00
|
|
|
|
2022-11-02 00:17:38 +08:00
|
|
|
for _, permission := range permissions {
|
|
|
|
|
for j, u := range permission.Roles {
|
|
|
|
|
// u = organization/username
|
2023-04-22 21:15:06 +08:00
|
|
|
owner, name := util.GetOwnerAndNameFromId(u)
|
|
|
|
|
if name == oldName {
|
|
|
|
|
permission.Roles[j] = util.GetId(owner, newName)
|
2022-11-02 00:17:38 +08:00
|
|
|
}
|
|
|
|
|
}
|
2023-04-22 21:15:06 +08:00
|
|
|
_, err = session.Where("name=?", permission.Name).And("owner=?", permission.Owner).Update(permission)
|
2022-11-02 00:17:38 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return session.Commit()
|
|
|
|
|
}
|
2023-01-05 23:02:52 +07:00
|
|
|
|
|
|
|
|
func GetMaskedRoles(roles []*Role) []*Role {
|
|
|
|
|
for _, role := range roles {
|
|
|
|
|
role.Users = nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return roles
|
|
|
|
|
}
|
2023-04-28 21:14:37 +07:00
|
|
|
|
2023-06-16 21:44:21 +07:00
|
|
|
// GetAncestorRoles returns a list of roles that contain the given roleIds
|
|
|
|
|
func GetAncestorRoles(roleIds ...string) ([]*Role, error) {
|
2023-04-28 21:14:37 +07:00
|
|
|
var (
|
2023-06-16 21:44:21 +07:00
|
|
|
result = []*Role{}
|
2023-04-28 21:14:37 +07:00
|
|
|
roleMap = make(map[string]*Role)
|
|
|
|
|
visited = make(map[string]bool)
|
|
|
|
|
)
|
2023-06-16 21:44:21 +07:00
|
|
|
if len(roleIds) == 0 {
|
|
|
|
|
return result, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, roleId := range roleIds {
|
|
|
|
|
visited[roleId] = true
|
|
|
|
|
}
|
2023-04-28 21:14:37 +07:00
|
|
|
|
2023-06-16 21:44:21 +07:00
|
|
|
owner, _ := util.GetOwnerAndNameFromIdNoCheck(roleIds[0])
|
2023-04-28 21:14:37 +07:00
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
allRoles, err := GetRoles(owner)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-28 21:14:37 +07:00
|
|
|
for _, r := range allRoles {
|
|
|
|
|
roleMap[r.GetId()] = r
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Second, find all the roles that contain father roles
|
|
|
|
|
for _, r := range allRoles {
|
|
|
|
|
isContain, ok := visited[r.GetId()]
|
|
|
|
|
if isContain {
|
|
|
|
|
result = append(result, r)
|
|
|
|
|
} else if !ok {
|
|
|
|
|
rId := r.GetId()
|
2023-06-16 21:44:21 +07:00
|
|
|
visited[rId] = containsRole(r, roleMap, visited, roleIds...)
|
2023-04-28 21:14:37 +07:00
|
|
|
if visited[rId] {
|
|
|
|
|
result = append(result, r)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:49:39 +08:00
|
|
|
return result, nil
|
2023-04-28 21:14:37 +07:00
|
|
|
}
|
|
|
|
|
|
2023-06-16 21:44:21 +07:00
|
|
|
// containsRole is a helper function to check if a roles is related to any role in the given list roles
|
|
|
|
|
func containsRole(role *Role, roleMap map[string]*Role, visited map[string]bool, roleIds ...string) bool {
|
2023-07-25 19:53:08 +07:00
|
|
|
roleId := role.GetId()
|
|
|
|
|
if isContain, ok := visited[roleId]; ok {
|
2023-04-28 21:14:37 +07:00
|
|
|
return isContain
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-25 19:53:08 +07:00
|
|
|
visited[role.GetId()] = false
|
|
|
|
|
|
2023-04-28 21:14:37 +07:00
|
|
|
for _, subRole := range role.Roles {
|
2023-06-16 21:44:21 +07:00
|
|
|
if util.HasString(roleIds, subRole) {
|
2023-04-28 21:14:37 +07:00
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
r, ok := roleMap[subRole]
|
2023-06-16 21:44:21 +07:00
|
|
|
if ok && containsRole(r, roleMap, visited, roleIds...) {
|
2023-04-28 21:14:37 +07:00
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false
|
|
|
|
|
}
|
