2024-02-24 17:06:13 +00:00
|
|
|
package mysqladmin
|
|
|
|
|
|
|
|
import (
|
2024-07-30 11:05:41 +00:00
|
|
|
"context"
|
2024-07-13 19:43:55 +00:00
|
|
|
"slices"
|
2024-02-24 17:06:13 +00:00
|
|
|
"time"
|
|
|
|
|
|
|
|
"git.gocasts.ir/ebhomengo/niki/entity"
|
|
|
|
errmsg "git.gocasts.ir/ebhomengo/niki/pkg/err_msg"
|
|
|
|
richerror "git.gocasts.ir/ebhomengo/niki/pkg/rich_error"
|
|
|
|
"git.gocasts.ir/ebhomengo/niki/repository/mysql"
|
|
|
|
)
|
|
|
|
|
2024-08-01 10:20:18 +00:00
|
|
|
func (d *DB) GetAdminPermissions(ctx context.Context, adminID uint, role entity.AdminRole) ([]entity.AdminPermission, error) {
|
2024-02-24 17:06:13 +00:00
|
|
|
const op = "mysqladmin.GetAdminPermissions"
|
|
|
|
|
2024-07-30 11:05:41 +00:00
|
|
|
query := `select * from admin_access_controls where actor_type = ? and actor_id = ?`
|
|
|
|
//nolint
|
2024-08-01 10:20:18 +00:00
|
|
|
stmt, err := d.conn.PrepareStatement(ctx, mysql.StatementKeyAdminAccessControlGetPermissions, query)
|
2024-07-30 11:05:41 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, richerror.New(op).WithErr(err).
|
|
|
|
WithMessage(errmsg.ErrorMsgCantPrepareStatement).WithKind(richerror.KindUnexpected)
|
|
|
|
}
|
2024-02-24 17:06:13 +00:00
|
|
|
|
2024-07-30 11:05:41 +00:00
|
|
|
// Get admin role ACL
|
|
|
|
adminRoleRows, err := stmt.Query(entity.AdminRoleActorType, role)
|
2024-02-24 17:06:13 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, richerror.New(op).WithErr(err).
|
|
|
|
WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected)
|
|
|
|
}
|
|
|
|
defer adminRoleRows.Close()
|
|
|
|
|
2024-07-30 11:05:41 +00:00
|
|
|
adminRoleACL := make([]entity.AdminAccessControl, 0)
|
2024-02-24 17:06:13 +00:00
|
|
|
for adminRoleRows.Next() {
|
|
|
|
acl, err := scanAccessControl(adminRoleRows)
|
|
|
|
if err != nil {
|
|
|
|
return nil, richerror.New(op).WithErr(err).
|
|
|
|
WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected)
|
|
|
|
}
|
|
|
|
|
|
|
|
adminRoleACL = append(adminRoleACL, acl)
|
|
|
|
}
|
|
|
|
|
2024-07-30 11:05:41 +00:00
|
|
|
if err = adminRoleRows.Err(); err != nil {
|
2024-02-24 17:06:13 +00:00
|
|
|
return nil, richerror.New(op).WithErr(err).
|
|
|
|
WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected)
|
|
|
|
}
|
|
|
|
|
2024-07-30 11:05:41 +00:00
|
|
|
// Get admin ACL
|
|
|
|
adminRows, err := stmt.Query(entity.AdminAdminActorType, adminID)
|
2024-02-24 17:06:13 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, richerror.New(op).WithErr(err).
|
|
|
|
WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected)
|
|
|
|
}
|
|
|
|
defer adminRows.Close()
|
|
|
|
|
2024-07-30 11:05:41 +00:00
|
|
|
adminACL := make([]entity.AdminAccessControl, 0)
|
2024-02-24 17:06:13 +00:00
|
|
|
for adminRows.Next() {
|
|
|
|
acl, err := scanAccessControl(adminRows)
|
|
|
|
if err != nil {
|
|
|
|
return nil, richerror.New(op).WithErr(err).
|
|
|
|
WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected)
|
|
|
|
}
|
|
|
|
|
|
|
|
adminACL = append(adminACL, acl)
|
|
|
|
}
|
|
|
|
|
2024-07-30 11:05:41 +00:00
|
|
|
if err = adminRows.Err(); err != nil {
|
2024-02-24 17:06:13 +00:00
|
|
|
return nil, richerror.New(op).WithErr(err).
|
|
|
|
WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected)
|
|
|
|
}
|
|
|
|
|
|
|
|
// merge ACLs by permission
|
|
|
|
adminPermissions := make([]entity.AdminPermission, 0)
|
|
|
|
for _, r := range adminRoleACL {
|
2024-07-13 19:43:55 +00:00
|
|
|
if !slices.Contains(adminPermissions, r.Permission) {
|
2024-02-24 17:06:13 +00:00
|
|
|
adminPermissions = append(adminPermissions, r.Permission)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for _, a := range adminACL {
|
2024-07-13 19:43:55 +00:00
|
|
|
if !slices.Contains(adminPermissions, a.Permission) {
|
2024-02-24 17:06:13 +00:00
|
|
|
adminPermissions = append(adminPermissions, a.Permission)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if len(adminPermissions) == 0 {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
return adminPermissions, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func scanAccessControl(scanner mysql.Scanner) (entity.AdminAccessControl, error) {
|
|
|
|
var (
|
|
|
|
createdAt time.Time
|
2024-05-17 20:16:28 +00:00
|
|
|
updateAt time.Time
|
2024-02-24 17:06:13 +00:00
|
|
|
acl entity.AdminAccessControl
|
|
|
|
)
|
|
|
|
|
2024-05-17 20:16:28 +00:00
|
|
|
err := scanner.Scan(&acl.ID, &acl.ActorID, &acl.ActorType, &acl.Permission, &createdAt, &updateAt)
|
2024-02-24 17:06:13 +00:00
|
|
|
|
|
|
|
return acl, err
|
|
|
|
}
|