From 0eea81b42f4267e951f3dcbe31dd02d9a0652ff3 Mon Sep 17 00:00:00 2001 From: LandaMm Date: Tue, 24 Jun 2025 12:58:14 +0200 Subject: [PATCH] feat: update repo with group, roles and permissions --- internal/repository/models.go | 49 ++++++++++++++++++ internal/repository/permissions.sql.go | 70 ++++++++++++++++++++++++++ queries/permissions.sql | 32 ++++++++++++ 3 files changed, 151 insertions(+) create mode 100644 internal/repository/permissions.sql.go create mode 100644 queries/permissions.sql diff --git a/internal/repository/models.go b/internal/repository/models.go index ee9dfd6..dcde4bd 100644 --- a/internal/repository/models.go +++ b/internal/repository/models.go @@ -25,6 +25,40 @@ type ApiService struct { IconUrl *string `json:"icon_url"` } +type Group struct { + ID uuid.UUID `json:"id"` + Name string `json:"name"` + Description *string `json:"description"` +} + +type GroupPermission struct { + GroupID uuid.UUID `json:"group_id"` + PermissionID uuid.UUID `json:"permission_id"` +} + +type GroupRole struct { + GroupID uuid.UUID `json:"group_id"` + RoleID uuid.UUID `json:"role_id"` +} + +type Permission struct { + ID uuid.UUID `json:"id"` + Name string `json:"name"` + Scope string `json:"scope"` + Description *string `json:"description"` +} + +type Role struct { + ID uuid.UUID `json:"id"` + Name string `json:"name"` + Description *string `json:"description"` +} + +type RolePermission struct { + RoleID uuid.UUID `json:"role_id"` + PermissionID uuid.UUID `json:"permission_id"` +} + type ServiceSession struct { ID uuid.UUID `json:"id"` ServiceID uuid.UUID `json:"service_id"` @@ -60,6 +94,21 @@ type User struct { Verified bool `json:"verified"` } +type UserGroup struct { + UserID uuid.UUID `json:"user_id"` + GroupID uuid.UUID `json:"group_id"` +} + +type UserPermission struct { + UserID uuid.UUID `json:"user_id"` + PermissionID uuid.UUID `json:"permission_id"` +} + +type UserRole struct { + UserID uuid.UUID `json:"user_id"` + RoleID uuid.UUID `json:"role_id"` +} + type UserSession struct { ID uuid.UUID `json:"id"` UserID uuid.UUID `json:"user_id"` diff --git a/internal/repository/permissions.sql.go b/internal/repository/permissions.sql.go new file mode 100644 index 0000000..f852378 --- /dev/null +++ b/internal/repository/permissions.sql.go @@ -0,0 +1,70 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.29.0 +// source: permissions.sql + +package repository + +import ( + "context" + + "github.com/google/uuid" +) + +const getUserPermissions = `-- name: GetUserPermissions :many +SELECT DISTINCT p.id,p.name,p.scope,p.description +FROM permissions p + +LEFT JOIN role_permissions rp_user + ON p.id = rp_user.permission_id +LEFT JOIN user_roles ur + ON rp_user.role_id = ur.role_id AND ur.user_id = $1 + +LEFT JOIN user_groups ug + ON ug.user_id = $1 +LEFT JOIN group_roles gr + ON ug.group_id = gr.group_id +LEFT JOIN role_permissions rp_group + ON gr.role_id = rp_group.role_id AND rp_group.permission_id = p.id + +LEFT JOIN user_permissions up + ON up.user_id = $1 AND up.permission_id = p.id + +LEFT JOIN group_permissions gp + ON gp.group_id = ug.group_id AND gp.permission_id = p.id + +WHERE ur.user_id IS NOT NULL + OR gr.group_id IS NOT NULL + OR up.user_id IS NOT NULL + OR gp.group_id IS NOT NULL +ORDER BY p.scope +` + +// From roles assigned directly to the user +// From roles assigned to user's groups +// Direct permissions to user +// Direct permissions to user's groups +func (q *Queries) GetUserPermissions(ctx context.Context, userID uuid.UUID) ([]Permission, error) { + rows, err := q.db.Query(ctx, getUserPermissions, userID) + if err != nil { + return nil, err + } + defer rows.Close() + var items []Permission + for rows.Next() { + var i Permission + if err := rows.Scan( + &i.ID, + &i.Name, + &i.Scope, + &i.Description, + ); err != nil { + return nil, err + } + items = append(items, i) + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} diff --git a/queries/permissions.sql b/queries/permissions.sql new file mode 100644 index 0000000..ec214d8 --- /dev/null +++ b/queries/permissions.sql @@ -0,0 +1,32 @@ + +-- name: GetUserPermissions :many +SELECT DISTINCT p.id,p.name,p.scope,p.description +FROM permissions p + +-- From roles assigned directly to the user +LEFT JOIN role_permissions rp_user + ON p.id = rp_user.permission_id +LEFT JOIN user_roles ur + ON rp_user.role_id = ur.role_id AND ur.user_id = $1 + +-- From roles assigned to user's groups +LEFT JOIN user_groups ug + ON ug.user_id = $1 +LEFT JOIN group_roles gr + ON ug.group_id = gr.group_id +LEFT JOIN role_permissions rp_group + ON gr.role_id = rp_group.role_id AND rp_group.permission_id = p.id + +-- Direct permissions to user +LEFT JOIN user_permissions up + ON up.user_id = $1 AND up.permission_id = p.id + +-- Direct permissions to user's groups +LEFT JOIN group_permissions gp + ON gp.group_id = ug.group_id AND gp.permission_id = p.id + +WHERE ur.user_id IS NOT NULL + OR gr.group_id IS NOT NULL + OR up.user_id IS NOT NULL + OR gp.group_id IS NOT NULL +ORDER BY p.scope;