core/oc-auth
6
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

simplify code

Browse Source
This commit is contained in:
mr 2024-11-27 11:54:25 +01:00
parent 01daaae766
commit 1722980514
1 changed files with 46 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
infrastructure/perms_connectors/keto_connector.go
View File

@ -79,22 +79,21 @@ func (k KetoConnector) CheckPermission(perm Permission, permDependancies *Permis
return len(perms) > 0 return len(perms) > 0
} }
func (k KetoConnector) DeleteRole(roleID string) (string, int, error) { func (k KetoConnector) deletes(object string, relation string, subject string, relation2 string) (string, int, error) {
k.deleteRelationShip("", "member", roleID, nil) k.deleteRelationShip(object, relation, subject, nil)
_, code, err := k.deleteRelationShip(roleID, "is", k.scope(), nil) _, code, err := k.deleteRelationShip(subject, relation2, k.scope(), nil)
if err != nil { if err != nil {
return "", code, err return "", code, err
} }
return roleID, 200, nil return subject, 200, nil
}
func (k KetoConnector) DeleteRole(roleID string) (string, int, error) {
return k.deletes("", "member", roleID, "is")
} }
func (k KetoConnector) DeleteGroup(groupID string) (string, int, error) { func (k KetoConnector) DeleteGroup(groupID string) (string, int, error) {
k.deleteRelationShip("", "groups", groupID, nil) return k.deletes("", "groups", groupID, "groupin")
_, code, err := k.deleteRelationShip(groupID, "groupin", k.scope(), nil)
if err != nil {
return "", code, err
}
return groupID, 200, nil
} }
func (k KetoConnector) DeletePermission(permID string, relation string, internal bool) (string, int, error) { func (k KetoConnector) DeletePermission(permID string, relation string, internal bool) (string, int, error) {
@ -105,28 +104,15 @@ func (k KetoConnector) DeletePermission(permID string, relation string, internal
} }
return "", 200, err return "", 200, err
} }
k.deleteRelationShip("", "", permID, nil) return k.deletes("", "groups", permID, "permits"+meth.String())
_, code, err := k.deleteRelationShip(permID, "permits"+meth.String(), k.scope(), nil)
if err != nil {
return "", code, err
}
return permID, 200, nil
} }
func (k KetoConnector) CreateRole(roleID string) (string, int, error) { func (k KetoConnector) CreateRole(roleID string) (string, int, error) {
p, code, err := k.createRelationShip(roleID, "is", k.scope(), nil) return k.creates(roleID, "is", k.scope())
if err != nil {
return "", code, err
}
return p.Object, 200, nil
} }
func (k KetoConnector) CreateGroup(groupID string) (string, int, error) { func (k KetoConnector) CreateGroup(groupID string) (string, int, error) {
p, code, err := k.createRelationShip(groupID, "groupin", k.scope(), nil) return k.creates(groupID, "groupin", k.scope())
if err != nil {
return "", code, err
}
return p.Object, 200, nil
} }
func (k KetoConnector) CreatePermission(permID string, relation string, internal bool) (string, int, error) { func (k KetoConnector) CreatePermission(permID string, relation string, internal bool) (string, int, error) {
@ -134,9 +120,12 @@ func (k KetoConnector) CreatePermission(permID string, relation string, internal
if err != nil { if err != nil {
return "", 422, err return "", 422, err
} }
k.BindPermission("admin", permID, "permits"+meth.String()) k.BindPermission("admin", permID, "permits"+meth.String())
p, code, err := k.createRelationShip(permID, "permits"+meth.String(), k.scope(), nil) return k.creates(permID, "permits"+meth.String(), k.scope())
}
func (k KetoConnector) creates(object string, relation string, subject string) (string, int, error) {
p, code, err := k.createRelationShip(object, relation, subject, nil)
if err != nil { if err != nil {
return "", code, err return "", code, err
} }
@ -144,49 +133,29 @@ func (k KetoConnector) CreatePermission(permID string, relation string, internal
} }
func (k KetoConnector) GetRole(roleID string) ([]string, error) { func (k KetoConnector) GetRole(roleID string) ([]string, error) {
arr := []string{} return k.gets(roleID, "is", k.scope())
roles, err := k.get(roleID, "is", k.scope())
if err != nil {
return arr, err
}
for _, role := range roles {
arr = append(arr, role.Object)
}
return arr, nil
} }
func (k KetoConnector) GetGroup(roleID string) ([]string, error) { func (k KetoConnector) GetGroup(groupID string) ([]string, error) {
arr := []string{} return k.gets(groupID, "groupin", k.scope())
groups, err := k.get(roleID, "groupin", k.scope())
if err != nil {
return arr, err
}
for _, grp := range groups {
arr = append(arr, grp.Object)
}
return arr, nil
} }
func (k KetoConnector) GetRoleByUser(userID string) ([]string, error) { func (k KetoConnector) GetRoleByUser(userID string) ([]string, error) {
arr := []string{} return k.gets("", "member", userID)
roles, err := k.get("", "member", userID)
if err != nil {
return arr, err
}
for _, role := range roles {
arr = append(arr, role.Object)
}
return arr, nil
} }
func (k KetoConnector) GetGroupByUser(userID string) ([]string, error) { func (k KetoConnector) GetGroupByUser(userID string) ([]string, error) {
return k.gets("", "groups", userID)
}
func (k KetoConnector) gets(object string, relation string, subject string) ([]string, error) {
arr := []string{} arr := []string{}
groups, err := k.get("", "groups", userID) objs, err := k.get(object, relation, subject)
if err != nil { if err != nil {
return arr, err return arr, err
} }
for _, grp := range groups { for _, obj := range objs {
arr = append(arr, grp.Object) arr = append(arr, obj.Object)
} }
return arr, nil return arr, nil
} }
@ -266,20 +235,20 @@ func (k KetoConnector) get(object string, relation string, subject string) ([]Pe
return t, nil return t, nil
} }
func (k KetoConnector) BindRole(userID string, roleID string) (string, int, error) { func (k KetoConnector) binds(subject string, relation string, object string) (string, int, error) {
_, code, err := k.createRelationShip(roleID, "member", userID, nil) _, code, err := k.createRelationShip(object, relation, subject, nil)
if err != nil { if err != nil {
return roleID, code, err return object, code, err
} }
return roleID, 200, nil return object, 200, nil
}
func (k KetoConnector) BindRole(userID string, roleID string) (string, int, error) {
return k.binds(userID, "member", roleID)
} }
func (k KetoConnector) BindGroup(userID string, groupID string) (string, int, error) { func (k KetoConnector) BindGroup(userID string, groupID string) (string, int, error) {
_, code, err := k.createRelationShip(groupID, "groups", userID, nil) return k.binds(userID, "groups", groupID)
if err != nil {
return groupID, code, err
}
return groupID, 200, nil
} }
func (k KetoConnector) BindPermission(roleID string, permID string, relation string) (*Permission, int, error) { func (k KetoConnector) BindPermission(roleID string, permID string, relation string) (*Permission, int, error) {
@ -308,20 +277,20 @@ func (k KetoConnector) BindPermission(roleID string, permID string, relation str
}, 200, nil }, 200, nil
} }
func (k KetoConnector) UnBindRole(userID string, roleID string) (string, int, error) { func (k KetoConnector) unbinds(subject string, relation string, object string) (string, int, error) {
_, code, err := k.deleteRelationShip(roleID, "member", userID, nil) _, code, err := k.deleteRelationShip(object, relation, subject, nil)
if err != nil { if err != nil {
return roleID, code, err return object, code, err
} }
return roleID, 200, nil return object, 200, nil
}
func (k KetoConnector) UnBindRole(userID string, roleID string) (string, int, error) {
return k.unbinds(userID, "member", roleID)
} }
func (k KetoConnector) UnBindGroup(userID string, groupID string) (string, int, error) { func (k KetoConnector) UnBindGroup(userID string, groupID string) (string, int, error) {
_, code, err := k.deleteRelationShip(groupID, "groups", userID, nil) return k.unbinds(userID, "groups", groupID)
if err != nil {
return groupID, code, err
}
return groupID, 200, nil
} }
func (k KetoConnector) UnBindPermission(roleID string, permID string, relation string) (*Permission, int, error) { func (k KetoConnector) UnBindPermission(roleID string, permID string, relation string) (*Permission, int, error) {