core/oc-auth
6
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Add Group To Keto

Browse Source
This commit is contained in:
mr
2024-11-27 11:12:46 +01:00
parent be071ec328
commit 01daaae766
8 changed files with 667 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
infrastructure/perms_connectors/keto_connector.go
View File

@@ -80,14 +80,23 @@ func (k KetoConnector) CheckPermission(perm Permission, permDependancies *Permis
}
func (k KetoConnector) DeleteRole(roleID string) (string, int, error) {
k.deleteRelationShip("", "", roleID, nil)
_, code, err := k.deleteRelationShip(roleID, "", k.scope(), nil)
k.deleteRelationShip("", "member", roleID, nil)
_, code, err := k.deleteRelationShip(roleID, "is", k.scope(), nil)
if err != nil {
return "", code, err
}
return roleID, 200, nil
}
func (k KetoConnector) DeleteGroup(groupID string) (string, int, error) {
k.deleteRelationShip("", "groups", groupID, nil)
_, code, err := k.deleteRelationShip(groupID, "groupin", k.scope(), nil)
if err != nil {
return "", code, err
}
return groupID, 200, nil
}
func (k KetoConnector) DeletePermission(permID string, relation string, internal bool) (string, int, error) {
meth, err := utils.ExtractMethod(relation, internal)
if err != nil {
@@ -112,6 +121,14 @@ func (k KetoConnector) CreateRole(roleID string) (string, int, error) {
return p.Object, 200, nil
}
func (k KetoConnector) CreateGroup(groupID string) (string, int, error) {
p, code, err := k.createRelationShip(groupID, "groupin", k.scope(), nil)
if err != nil {
return "", code, err
}
return p.Object, 200, nil
}
func (k KetoConnector) CreatePermission(permID string, relation string, internal bool) (string, int, error) {
meth, err := utils.ExtractMethod(relation, internal)
if err != nil {
@@ -138,6 +155,18 @@ func (k KetoConnector) GetRole(roleID string) ([]string, error) {
return arr, nil
}
func (k KetoConnector) GetGroup(roleID string) ([]string, error) {
arr := []string{}
groups, err := k.get(roleID, "groupin", k.scope())
if err != nil {
return arr, err
}
for _, grp := range groups {
arr = append(arr, grp.Object)
}
return arr, nil
}
func (k KetoConnector) GetRoleByUser(userID string) ([]string, error) {
arr := []string{}
roles, err := k.get("", "member", userID)
@@ -150,6 +179,18 @@ func (k KetoConnector) GetRoleByUser(userID string) ([]string, error) {
return arr, nil
}
func (k KetoConnector) GetGroupByUser(userID string) ([]string, error) {
arr := []string{}
groups, err := k.get("", "groups", userID)
if err != nil {
return arr, err
}
for _, grp := range groups {
arr = append(arr, grp.Object)
}
return arr, nil
}
func (k KetoConnector) GetPermission(permID string, relation string) ([]Permission, error) {
meth, err := utils.ExtractMethod(relation, true)
if err != nil {
@@ -233,6 +274,14 @@ func (k KetoConnector) BindRole(userID string, roleID string) (string, int, erro
return roleID, 200, nil
}
func (k KetoConnector) BindGroup(userID string, groupID string) (string, int, error) {
_, code, err := k.createRelationShip(groupID, "groups", userID, nil)
if err != nil {
return groupID, code, err
}
return groupID, 200, nil
}
func (k KetoConnector) BindPermission(roleID string, permID string, relation string) (*Permission, int, error) {
perms, err := k.GetPermission(permID, relation)
if err != nil || len(perms) != 1 {
@@ -267,6 +316,14 @@ func (k KetoConnector) UnBindRole(userID string, roleID string) (string, int, er
return roleID, 200, nil
}
func (k KetoConnector) UnBindGroup(userID string, groupID string) (string, int, error) {
_, code, err := k.deleteRelationShip(groupID, "groups", userID, nil)
if err != nil {
return groupID, code, err
}
return groupID, 200, nil
}
func (k KetoConnector) UnBindPermission(roleID string, permID string, relation string) (*Permission, int, error) {
meth, err := utils.ExtractMethod(relation, false)
if err != nil {

6
infrastructure/perms_connectors/perms_connector.go
View File

@@ -25,21 +25,27 @@ type PermConnector interface {
Status() tools.State
CheckPermission(perm Permission, permDependancies *Permission, internal bool) bool
BindRole(userID string, roleID string) (string, int, error)
BindGroup(userID string, groupID string) (string, int, error)
BindPermission(roleID string, permID string, relation string) (*Permission, int, error)
UnBindRole(userID string, roleID string) (string, int, error)
UnBindGroup(userID string, groupID string) (string, int, error)
UnBindPermission(roleID string, permID string, relation string) (*Permission, int, error)
CreateRole(roleID string) (string, int, error)
CreateGroup(groupID string) (string, int, error)
CreatePermission(permID string, relation string, internal bool) (string, int, error)
DeleteRole(roleID string) (string, int, error)
DeleteGroup(groupID string) (string, int, error)
DeletePermission(permID string, relation string, internal bool) (string, int, error)
GetRoleByUser(userID string) ([]string, error)
GetGroupByUser(userID string) ([]string, error)
GetPermissionByRole(roleID string) ([]Permission, error)
GetPermissionByUser(userID string, internal bool) ([]Permission, error)
GetRole(roleID string) ([]string, error)
GetGroup(groupID string) ([]string, error)
GetPermission(permID string, relation string) ([]Permission, error)
}