feat: update repo with group, roles and permissions
This commit is contained in:
@ -25,6 +25,40 @@ type ApiService struct {
|
||||
IconUrl *string `json:"icon_url"`
|
||||
}
|
||||
|
||||
type Group struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
Name string `json:"name"`
|
||||
Description *string `json:"description"`
|
||||
}
|
||||
|
||||
type GroupPermission struct {
|
||||
GroupID uuid.UUID `json:"group_id"`
|
||||
PermissionID uuid.UUID `json:"permission_id"`
|
||||
}
|
||||
|
||||
type GroupRole struct {
|
||||
GroupID uuid.UUID `json:"group_id"`
|
||||
RoleID uuid.UUID `json:"role_id"`
|
||||
}
|
||||
|
||||
type Permission struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
Name string `json:"name"`
|
||||
Scope string `json:"scope"`
|
||||
Description *string `json:"description"`
|
||||
}
|
||||
|
||||
type Role struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
Name string `json:"name"`
|
||||
Description *string `json:"description"`
|
||||
}
|
||||
|
||||
type RolePermission struct {
|
||||
RoleID uuid.UUID `json:"role_id"`
|
||||
PermissionID uuid.UUID `json:"permission_id"`
|
||||
}
|
||||
|
||||
type ServiceSession struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
ServiceID uuid.UUID `json:"service_id"`
|
||||
@ -60,6 +94,21 @@ type User struct {
|
||||
Verified bool `json:"verified"`
|
||||
}
|
||||
|
||||
type UserGroup struct {
|
||||
UserID uuid.UUID `json:"user_id"`
|
||||
GroupID uuid.UUID `json:"group_id"`
|
||||
}
|
||||
|
||||
type UserPermission struct {
|
||||
UserID uuid.UUID `json:"user_id"`
|
||||
PermissionID uuid.UUID `json:"permission_id"`
|
||||
}
|
||||
|
||||
type UserRole struct {
|
||||
UserID uuid.UUID `json:"user_id"`
|
||||
RoleID uuid.UUID `json:"role_id"`
|
||||
}
|
||||
|
||||
type UserSession struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
UserID uuid.UUID `json:"user_id"`
|
||||
|
||||
70
internal/repository/permissions.sql.go
Normal file
70
internal/repository/permissions.sql.go
Normal file
@ -0,0 +1,70 @@
|
||||
// Code generated by sqlc. DO NOT EDIT.
|
||||
// versions:
|
||||
// sqlc v1.29.0
|
||||
// source: permissions.sql
|
||||
|
||||
package repository
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
const getUserPermissions = `-- name: GetUserPermissions :many
|
||||
SELECT DISTINCT p.id,p.name,p.scope,p.description
|
||||
FROM permissions p
|
||||
|
||||
LEFT JOIN role_permissions rp_user
|
||||
ON p.id = rp_user.permission_id
|
||||
LEFT JOIN user_roles ur
|
||||
ON rp_user.role_id = ur.role_id AND ur.user_id = $1
|
||||
|
||||
LEFT JOIN user_groups ug
|
||||
ON ug.user_id = $1
|
||||
LEFT JOIN group_roles gr
|
||||
ON ug.group_id = gr.group_id
|
||||
LEFT JOIN role_permissions rp_group
|
||||
ON gr.role_id = rp_group.role_id AND rp_group.permission_id = p.id
|
||||
|
||||
LEFT JOIN user_permissions up
|
||||
ON up.user_id = $1 AND up.permission_id = p.id
|
||||
|
||||
LEFT JOIN group_permissions gp
|
||||
ON gp.group_id = ug.group_id AND gp.permission_id = p.id
|
||||
|
||||
WHERE ur.user_id IS NOT NULL
|
||||
OR gr.group_id IS NOT NULL
|
||||
OR up.user_id IS NOT NULL
|
||||
OR gp.group_id IS NOT NULL
|
||||
ORDER BY p.scope
|
||||
`
|
||||
|
||||
// From roles assigned directly to the user
|
||||
// From roles assigned to user's groups
|
||||
// Direct permissions to user
|
||||
// Direct permissions to user's groups
|
||||
func (q *Queries) GetUserPermissions(ctx context.Context, userID uuid.UUID) ([]Permission, error) {
|
||||
rows, err := q.db.Query(ctx, getUserPermissions, userID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer rows.Close()
|
||||
var items []Permission
|
||||
for rows.Next() {
|
||||
var i Permission
|
||||
if err := rows.Scan(
|
||||
&i.ID,
|
||||
&i.Name,
|
||||
&i.Scope,
|
||||
&i.Description,
|
||||
); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
items = append(items, i)
|
||||
}
|
||||
if err := rows.Err(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return items, nil
|
||||
}
|
||||
32
queries/permissions.sql
Normal file
32
queries/permissions.sql
Normal file
@ -0,0 +1,32 @@
|
||||
|
||||
-- name: GetUserPermissions :many
|
||||
SELECT DISTINCT p.id,p.name,p.scope,p.description
|
||||
FROM permissions p
|
||||
|
||||
-- From roles assigned directly to the user
|
||||
LEFT JOIN role_permissions rp_user
|
||||
ON p.id = rp_user.permission_id
|
||||
LEFT JOIN user_roles ur
|
||||
ON rp_user.role_id = ur.role_id AND ur.user_id = $1
|
||||
|
||||
-- From roles assigned to user's groups
|
||||
LEFT JOIN user_groups ug
|
||||
ON ug.user_id = $1
|
||||
LEFT JOIN group_roles gr
|
||||
ON ug.group_id = gr.group_id
|
||||
LEFT JOIN role_permissions rp_group
|
||||
ON gr.role_id = rp_group.role_id AND rp_group.permission_id = p.id
|
||||
|
||||
-- Direct permissions to user
|
||||
LEFT JOIN user_permissions up
|
||||
ON up.user_id = $1 AND up.permission_id = p.id
|
||||
|
||||
-- Direct permissions to user's groups
|
||||
LEFT JOIN group_permissions gp
|
||||
ON gp.group_id = ug.group_id AND gp.permission_id = p.id
|
||||
|
||||
WHERE ur.user_id IS NOT NULL
|
||||
OR gr.group_id IS NOT NULL
|
||||
OR up.user_id IS NOT NULL
|
||||
OR gp.group_id IS NOT NULL
|
||||
ORDER BY p.scope;
|
||||
Reference in New Issue
Block a user