mirror of
https://github.com/casdoor/casdoor.git
synced 2025-07-02 19:40:19 +08:00
feat: support RBAC with domains model and add adapter to specify the table name for policy storage (#1020)
* feat: support RBAC with domains model and add adapter to specify the table name for policy storage Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * fix some bugs Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * add i18n Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
This commit is contained in:
Yixiang Zhao
@ -32,6 +32,7 @@ type Permission struct {
|
||||
Domains []string `xorm:"mediumtext" json:"domains"`
|
||||
|
||||
Model string `xorm:"varchar(100)" json:"model"`
|
||||
Adapter string `xorm:"varchar(100)" json:"adapter"`
|
||||
ResourceType string `xorm:"varchar(100)" json:"resourceType"`
|
||||
Resources []string `xorm:"mediumtext" json:"resources"`
|
||||
Actions []string `xorm:"mediumtext" json:"actions"`
|
||||
@ -52,6 +53,7 @@ type PermissionRule struct {
|
||||
V3 string `xorm:"varchar(100) index not null default ''" json:"v3"`
|
||||
V4 string `xorm:"varchar(100) index not null default ''" json:"v4"`
|
||||
V5 string `xorm:"varchar(100) index not null default ''" json:"v5"`
|
||||
Id string `xorm:"varchar(100) index not null default ''" json:"id"`
|
||||
}
|
||||
|
||||
func GetPermissionCount(owner, field, value string) int {
|
||||
@ -121,7 +123,18 @@ func UpdatePermission(id string, permission *Permission) bool {
|
||||
}
|
||||
|
||||
if affected != 0 {
|
||||
removePolicies(oldPermission)
|
||||
if oldPermission.Adapter != "" {
|
||||
removePolicies(oldPermission)
|
||||
if oldPermission.Adapter != permission.Adapter {
|
||||
isEmpty, _ := adapter.Engine.IsTableEmpty(oldPermission.Adapter)
|
||||
if isEmpty {
|
||||
err = adapter.Engine.DropTables(oldPermission.Adapter)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
addPolicies(permission)
|
||||
}
|
||||
|
||||
@ -134,10 +147,6 @@ func AddPermission(permission *Permission) bool {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
if affected != 0 {
|
||||
addPolicies(permission)
|
||||
}
|
||||
|
||||
return affected != 0
|
||||
}
|
||||
|
||||
@ -147,8 +156,17 @@ func DeletePermission(permission *Permission) bool {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
if affected != 0 {
|
||||
if affected != 0 && permission.Adapter != "" {
|
||||
removePolicies(permission)
|
||||
if permission.Adapter != "permission_rule" {
|
||||
isEmpty, _ := adapter.Engine.IsTableEmpty(permission.Adapter)
|
||||
if isEmpty {
|
||||
err = adapter.Engine.DropTables(permission.Adapter)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return affected != 0
|
||||
@ -168,6 +186,16 @@ func GetPermissionsByUser(userId string) []*Permission {
|
||||
return permissions
|
||||
}
|
||||
|
||||
func GetPermissionsByRole(roleId string) []*Permission {
|
||||
permissions := []*Permission{}
|
||||
err := adapter.Engine.Where("roles like ?", "%"+roleId+"%").Find(&permissions)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return permissions
|
||||
}
|
||||
|
||||
func GetPermissionsBySubmitter(owner string, submitter string) []*Permission {
|
||||
permissions := []*Permission{}
|
||||
err := adapter.Engine.Desc("created_time").Find(&permissions, &Permission{Owner: owner, Submitter: submitter})
|
||||
|
||||
Reference in New Issue
Block a user