feat: enforce by using resourceId (#1855)

* feat: enforce by using resourceId

* Update permission.go

* chore: fix cilint for enforcer.go

---------

Co-authored-by: tinhtt4 <tinhtt4@vng.com.vn>
Co-authored-by: hsluoyz <hsluoyz@qq.com>

controllers/enforcer.go

@@ -24,6 +24,7 @@ import (
 func (c *ApiController) Enforce() {
 	permissionId := c.Input().Get("permissionId")
 	modelId := c.Input().Get("modelId")
+	resourceId := c.Input().Get("resourceId")
 
 	var request object.CasbinRequest
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &request)
@@ -35,18 +36,25 @@ func (c *ApiController) Enforce() {
 	if permissionId != "" {
 		c.Data["json"] = object.Enforce(permissionId, &request)
 		c.ServeJSON()
-	} else {
-		owner, modelName := util.GetOwnerAndNameFromId(modelId)
-		permissions := object.GetPermissionsByModel(owner, modelName)
+		return
+	}
 
+	permissions := make([]*object.Permission, 0)
 	res := []bool{}
+
+	if modelId != "" {
+		owner, modelName := util.GetOwnerAndNameFromId(modelId)
+		permissions = object.GetPermissionsByModel(owner, modelName)
+	} else {
+		permissions = object.GetPermissionsByResource(resourceId)
+	}
+
 	for _, permission := range permissions {
 		res = append(res, object.Enforce(permission.GetId(), &request))
 	}
 	c.Data["json"] = res
 	c.ServeJSON()
 }
-}
 
 func (c *ApiController) BatchEnforce() {
 	permissionId := c.Input().Get("permissionId")

object/permission.go

@@ -235,6 +235,16 @@ func GetPermissionsByRole(roleId string) []*Permission {
 	return permissions
 }
 
+func GetPermissionsByResource(resourceId string) []*Permission {
+	permissions := []*Permission{}
+	err := adapter.Engine.Where("resources like ?", "%"+resourceId+"\"%").Find(&permissions)
+	if err != nil {
+		panic(err)
+	}
+
+	return permissions
+}
+
 func GetPermissionsBySubmitter(owner string, submitter string) []*Permission {
 	permissions := []*Permission{}
 	err := adapter.Engine.Desc("created_time").Find(&permissions, &Permission{Owner: owner, Submitter: submitter})