feat: create system roles

2025-06-25 11:55:27 +02:00
parent 58974d9789
commit 1eb96e906d
3 changed files with 359 additions and 0 deletions
--- a/internal/repository/roles.sql.go
+++ b/internal/repository/roles.sql.go
@ -0,0 +1,152 @@
+// Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.29.0
+// source: roles.sql
+
+package repository
+
+import (
+	"context"
+
+	"github.com/google/uuid"
+)
+
+const addPermissionsToRoleByKey = `-- name: AddPermissionsToRoleByKey :exec
+INSERT INTO role_permissions (role_id, permission_id)
+SELECT
+  $1,
+  p.id
+FROM
+  permissions p
+JOIN
+  unnest($2::text[]) AS key_str
+    ON key_str = p.scope || '_' || p.name
+`
+
+type AddPermissionsToRoleByKeyParams struct {
+	RoleID         uuid.UUID `json:"role_id"`
+	PermissionKeys []string  `json:"permission_keys"`
+}
+
+func (q *Queries) AddPermissionsToRoleByKey(ctx context.Context, arg AddPermissionsToRoleByKeyParams) error {
+	_, err := q.db.Exec(ctx, addPermissionsToRoleByKey, arg.RoleID, arg.PermissionKeys)
+	return err
+}
+
+const createRole = `-- name: CreateRole :one
+INSERT INTO roles (name, scope, description)
+VALUES ($1, $2, $3)
+RETURNING id, name, scope, description
+`
+
+type CreateRoleParams struct {
+	Name        string  `json:"name"`
+	Scope       string  `json:"scope"`
+	Description *string `json:"description"`
+}
+
+func (q *Queries) CreateRole(ctx context.Context, arg CreateRoleParams) (Role, error) {
+	row := q.db.QueryRow(ctx, createRole, arg.Name, arg.Scope, arg.Description)
+	var i Role
+	err := row.Scan(
+		&i.ID,
+		&i.Name,
+		&i.Scope,
+		&i.Description,
+	)
+	return i, err
+}
+
+const findRole = `-- name: FindRole :one
+SELECT id, name, scope, description
+FROM roles
+WHERE scope = $1 AND name = $2
+`
+
+type FindRoleParams struct {
+	Scope string `json:"scope"`
+	Name  string `json:"name"`
+}
+
+func (q *Queries) FindRole(ctx context.Context, arg FindRoleParams) (Role, error) {
+	row := q.db.QueryRow(ctx, findRole, arg.Scope, arg.Name)
+	var i Role
+	err := row.Scan(
+		&i.ID,
+		&i.Name,
+		&i.Scope,
+		&i.Description,
+	)
+	return i, err
+}
+
+const getRolesGroupedWithPermissions = `-- name: GetRolesGroupedWithPermissions :many
+SELECT
+    r.scope,
+    json_agg (
+        json_build_object (
+            'id',
+            r.id,
+            'name',
+            r.name,
+            'description',
+            r.description,
+            'permissions',
+            COALESCE(p_list.permissions, '[]')
+        )
+        ORDER BY
+            r.name
+    ) AS roles
+FROM
+    roles r
+    LEFT JOIN (
+        SELECT
+            rp.role_id,
+            json_agg (
+                json_build_object (
+                    'id',
+                    p.id,
+                    'name',
+                    p.name,
+                    'scope',
+                    p.scope,
+                    'description',
+                    p.description
+                )
+                ORDER BY
+                    p.name
+            ) AS permissions
+        FROM
+            role_permissions rp
+            JOIN permissions p ON p.id = rp.permission_id
+        GROUP BY
+            rp.role_id
+    ) p_list ON p_list.role_id = r.id
+GROUP BY
+    r.scope
+`
+
+type GetRolesGroupedWithPermissionsRow struct {
+	Scope string `json:"scope"`
+	Roles []byte `json:"roles"`
+}
+
+func (q *Queries) GetRolesGroupedWithPermissions(ctx context.Context) ([]GetRolesGroupedWithPermissionsRow, error) {
+	rows, err := q.db.Query(ctx, getRolesGroupedWithPermissions)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var items []GetRolesGroupedWithPermissionsRow
+	for rows.Next() {
+		var i GetRolesGroupedWithPermissionsRow
+		if err := rows.Scan(&i.Scope, &i.Roles); err != nil {
+			return nil, err
+		}
+		items = append(items, i)
+	}
+	if err := rows.Err(); err != nil {
+		return nil, err
+	}
+	return items, nil
+}