package mysqladmin import ( "slices" "time" "git.gocasts.ir/ebhomengo/niki/entity" errmsg "git.gocasts.ir/ebhomengo/niki/pkg/err_msg" richerror "git.gocasts.ir/ebhomengo/niki/pkg/rich_error" "git.gocasts.ir/ebhomengo/niki/repository/mysql" ) func (d *DB) GetAdminPermissions(adminID uint, role entity.AdminRole) ([]entity.AdminPermission, error) { const op = "mysqladmin.GetAdminPermissions" // get adminRoleACL adminRoleACL := make([]entity.AdminAccessControl, 0) adminRoleRows, err := d.conn.Conn().Query(`select * from admin_access_controls where actor_type = ? and actor_id = ?`, entity.AdminRoleActorType, role) if err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } defer adminRoleRows.Close() for adminRoleRows.Next() { acl, err := scanAccessControl(adminRoleRows) if err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } adminRoleACL = append(adminRoleACL, acl) } if err := adminRoleRows.Err(); err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } // get adminACL adminACL := make([]entity.AdminAccessControl, 0) adminRows, err := d.conn.Conn().Query(`select * from admin_access_controls where actor_type = ? and actor_id = ?`, entity.AdminAdminActorType, adminID) if err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } defer adminRows.Close() for adminRows.Next() { acl, err := scanAccessControl(adminRows) if err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } adminACL = append(adminACL, acl) } if err := adminRows.Err(); err != nil { return nil, richerror.New(op).WithErr(err). WithMessage(errmsg.ErrorMsgSomethingWentWrong).WithKind(richerror.KindUnexpected) } // merge ACLs by permission adminPermissions := make([]entity.AdminPermission, 0) for _, r := range adminRoleACL { if !slices.Contains(adminPermissions, r.Permission) { adminPermissions = append(adminPermissions, r.Permission) } } for _, a := range adminACL { if !slices.Contains(adminPermissions, a.Permission) { adminPermissions = append(adminPermissions, a.Permission) } } if len(adminPermissions) == 0 { return nil, nil } return adminPermissions, nil } func scanAccessControl(scanner mysql.Scanner) (entity.AdminAccessControl, error) { var ( createdAt time.Time updateAt time.Time acl entity.AdminAccessControl ) err := scanner.Scan(&acl.ID, &acl.ActorID, &acl.ActorType, &acl.Permission, &createdAt, &updateAt) return acl, err }