From 09a2f05ee5daed1fcfc1a5fac1da73e09cceca75 Mon Sep 17 00:00:00 2001 From: LandaMm Date: Tue, 24 Jun 2025 19:01:16 +0200 Subject: [PATCH] feat: fetch permissions + grouped fetching --- internal/repository/permissions.sql.go | 115 +++++++++++++++++++++++-- queries/permissions.sql | 26 ++++-- 2 files changed, 131 insertions(+), 10 deletions(-) diff --git a/internal/repository/permissions.sql.go b/internal/repository/permissions.sql.go index f852378..6e1352c 100644 --- a/internal/repository/permissions.sql.go +++ b/internal/repository/permissions.sql.go @@ -11,28 +11,133 @@ import ( "github.com/google/uuid" ) +const createPermission = `-- name: CreatePermission :one +INSERT into permissions ( + name, scope, description +) VALUES ( + $1, $2, $3 +) RETURNING id, name, scope, description +` + +type CreatePermissionParams struct { + Name string `json:"name"` + Scope string `json:"scope"` + Description *string `json:"description"` +} + +func (q *Queries) CreatePermission(ctx context.Context, arg CreatePermissionParams) (Permission, error) { + row := q.db.QueryRow(ctx, createPermission, arg.Name, arg.Scope, arg.Description) + var i Permission + err := row.Scan( + &i.ID, + &i.Name, + &i.Scope, + &i.Description, + ) + return i, err +} + +const findPermission = `-- name: FindPermission :one +SELECT id, name, scope, description FROM permissions +WHERE name = $1 AND scope = $2 +` + +type FindPermissionParams struct { + Name string `json:"name"` + Scope string `json:"scope"` +} + +func (q *Queries) FindPermission(ctx context.Context, arg FindPermissionParams) (Permission, error) { + row := q.db.QueryRow(ctx, findPermission, arg.Name, arg.Scope) + var i Permission + err := row.Scan( + &i.ID, + &i.Name, + &i.Scope, + &i.Description, + ) + return i, err +} + +const getAllPermissions = `-- name: GetAllPermissions :many +SELECT id, name, scope, description +FROM permissions p +ORDER BY p.scope +` + +func (q *Queries) GetAllPermissions(ctx context.Context) ([]Permission, error) { + rows, err := q.db.Query(ctx, getAllPermissions) + if err != nil { + return nil, err + } + defer rows.Close() + var items []Permission + for rows.Next() { + var i Permission + if err := rows.Scan( + &i.ID, + &i.Name, + &i.Scope, + &i.Description, + ); err != nil { + return nil, err + } + items = append(items, i) + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const getGroupedPermissions = `-- name: GetGroupedPermissions :many +SELECT scope, json_agg(to_jsonb(permissions.*) ORDER BY name) as permissions +FROM permissions +GROUP BY scope +` + +type GetGroupedPermissionsRow struct { + Scope string `json:"scope"` + Permissions []byte `json:"permissions"` +} + +func (q *Queries) GetGroupedPermissions(ctx context.Context) ([]GetGroupedPermissionsRow, error) { + rows, err := q.db.Query(ctx, getGroupedPermissions) + if err != nil { + return nil, err + } + defer rows.Close() + var items []GetGroupedPermissionsRow + for rows.Next() { + var i GetGroupedPermissionsRow + if err := rows.Scan(&i.Scope, &i.Permissions); err != nil { + return nil, err + } + items = append(items, i) + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + const getUserPermissions = `-- name: GetUserPermissions :many SELECT DISTINCT p.id,p.name,p.scope,p.description FROM permissions p - LEFT JOIN role_permissions rp_user ON p.id = rp_user.permission_id LEFT JOIN user_roles ur ON rp_user.role_id = ur.role_id AND ur.user_id = $1 - LEFT JOIN user_groups ug ON ug.user_id = $1 LEFT JOIN group_roles gr ON ug.group_id = gr.group_id LEFT JOIN role_permissions rp_group ON gr.role_id = rp_group.role_id AND rp_group.permission_id = p.id - LEFT JOIN user_permissions up ON up.user_id = $1 AND up.permission_id = p.id - LEFT JOIN group_permissions gp ON gp.group_id = ug.group_id AND gp.permission_id = p.id - WHERE ur.user_id IS NOT NULL OR gr.group_id IS NOT NULL OR up.user_id IS NOT NULL diff --git a/queries/permissions.sql b/queries/permissions.sql index ec214d8..8b88fcb 100644 --- a/queries/permissions.sql +++ b/queries/permissions.sql @@ -1,14 +1,33 @@ +-- name: GetAllPermissions :many +SELECT * +FROM permissions p +ORDER BY p.scope; + +-- name: GetGroupedPermissions :many +SELECT scope, json_agg(to_jsonb(permissions.*) ORDER BY name) as permissions +FROM permissions +GROUP BY scope; + +-- name: CreatePermission :one +INSERT into permissions ( + name, scope, description +) VALUES ( + $1, $2, $3 +) RETURNING *; + +-- name: FindPermission :one +SELECT * FROM permissions +WHERE name = $1 AND scope = $2; + -- name: GetUserPermissions :many SELECT DISTINCT p.id,p.name,p.scope,p.description FROM permissions p - -- From roles assigned directly to the user LEFT JOIN role_permissions rp_user ON p.id = rp_user.permission_id LEFT JOIN user_roles ur ON rp_user.role_id = ur.role_id AND ur.user_id = $1 - -- From roles assigned to user's groups LEFT JOIN user_groups ug ON ug.user_id = $1 @@ -16,15 +35,12 @@ LEFT JOIN group_roles gr ON ug.group_id = gr.group_id LEFT JOIN role_permissions rp_group ON gr.role_id = rp_group.role_id AND rp_group.permission_id = p.id - -- Direct permissions to user LEFT JOIN user_permissions up ON up.user_id = $1 AND up.permission_id = p.id - -- Direct permissions to user's groups LEFT JOIN group_permissions gp ON gp.group_id = ug.group_id AND gp.permission_id = p.id - WHERE ur.user_id IS NOT NULL OR gr.group_id IS NOT NULL OR up.user_id IS NOT NULL