package mysqladmin import ( "context" "slices" "time" "git.gocasts.ir/ebhomengo/niki/entity" errmsg "git.gocasts.ir/ebhomengo/niki/pkg/err_msg" richerror "git.gocasts.ir/ebhomengo/niki/pkg/rich_error" "git.gocasts.ir/ebhomengo/niki/repository/mysql" ) func (d *DB) GetAdminPermissions(ctx context.Context, adminID uint, role entity.AdminRole) ([]entity.AdminPermission, error) { const op = "mysqladmin.GetAdminPermissions" query := `select * from admin_access_controls where actor_type = ? and actor_id = ?` //nolint stmt, err := d.conn.PrepareStatement(ctx, mysql.StatementKeyAdminAccessControlGetPermissions, query) if err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgCantPrepareStatement).WithKind(richerror.KindUnexpected) } // Get admin role ACL adminRoleRows, err := stmt.Query(entity.AdminRoleActorType, role) if err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } defer adminRoleRows.Close() adminRoleACL := make([]entity.AdminAccessControl, 0) for adminRoleRows.Next() { acl, err := scanAccessControl(adminRoleRows) if err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } adminRoleACL = append(adminRoleACL, acl) } if err = adminRoleRows.Err(); err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } // Get admin ACL adminRows, err := stmt.Query(entity.AdminAdminActorType, adminID) if err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } defer adminRows.Close() adminACL := make([]entity.AdminAccessControl, 0) for adminRows.Next() { acl, err := scanAccessControl(adminRows) if err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } adminACL = append(adminACL, acl) } if err = adminRows.Err(); err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } // merge ACLs by permission adminPermissions := make([]entity.AdminPermission, 0) for _, r := range adminRoleACL { if !slices.Contains(adminPermissions, r.Permission) { adminPermissions = append(adminPermissions, r.Permission) } } for _, a := range adminACL { if !slices.Contains(adminPermissions, a.Permission) { adminPermissions = append(adminPermissions, a.Permission) } } if len(adminPermissions) == 0 { return nil, nil } return adminPermissions, nil } func scanAccessControl(scanner mysql.Scanner) (entity.AdminAccessControl, error) { var ( createdAt time.Time updateAt time.Time acl entity.AdminAccessControl ) err := scanner.Scan(&acl.ID, &acl.ActorID, &acl.ActorType, &acl.Permission, &createdAt, &updateAt) return acl, err }