Oc Auth x Hydra x LDAP : draft of claims enrich for traefik + draft of forwarding

2024-10-28 14:58:11 +01:00
parent 05c4aab72a
commit 7198c40d30
37 changed files with 4181 additions and 610 deletions
--- a/controllers/permission.go
+++ b/controllers/permission.go
@@ -0,0 +1,192 @@
+package controllers
+
+import (
+	"oc-auth/infrastructure"
+
+	beego "github.com/beego/beego/v2/server/web"
+)
+
+// Operations about auth
+type PermissionController struct {
+	beego.Controller
+}
+
+// @Title GetAll
+// @Description find permissions
+// @Success 200 {permission} string
+// @router / [get]
+func (o *PermissionController) GetAll() {
+	role, err := infrastructure.GetPermissionConnector().GetPermission("", "")
+	if err != nil {
+		o.Data["json"] = map[string]interface{}{
+			"data":  nil,
+			"error": err.Error(),
+			"code":  200,
+		}
+
+	} else {
+		o.Data["json"] = map[string]interface{}{
+			"data":  role,
+			"error": nil,
+			"code":  200,
+		}
+	}
+	o.ServeJSON()
+}
+
+// @Title GetByRole
+// @Description find permission by role id
+// @Param	id		path 	string	true		"the id you want to get"
+// @Success 200 {auth} string
+// @router /role/:id [get]
+func (o *PermissionController) GetByRole() {
+	id := o.Ctx.Input.Param(":id")
+	role, err := infrastructure.GetPermissionConnector().GetPermissionByRole(id)
+	if err != nil {
+		o.Data["json"] = map[string]interface{}{
+			"data":  nil,
+			"error": err.Error(),
+			"code":  200,
+		}
+
+	} else {
+		o.Data["json"] = map[string]interface{}{
+			"data":  role,
+			"error": nil,
+			"code":  200,
+		}
+	}
+	o.ServeJSON()
+}
+
+// @Title GetByUser
+// @Description find permission by user id
+// @Param	id		path 	string	true		"the id you want to get"
+// @Success 200 {auth} string
+// @router /user/:id [get]
+func (o *PermissionController) GetByUser() {
+	id := o.Ctx.Input.Param(":id")
+	role, err := infrastructure.GetPermissionConnector().GetPermissionByUser(id)
+	if err != nil {
+		o.Data["json"] = map[string]interface{}{
+			"data":  nil,
+			"error": err.Error(),
+			"code":  200,
+		}
+
+	} else {
+		o.Data["json"] = map[string]interface{}{
+			"data":  role,
+			"error": nil,
+			"code":  200,
+		}
+	}
+	o.ServeJSON()
+}
+
+// @Title Get
+// @Description find auth by permission
+// @Param	id		path 	string	true		"the permission you want to get"
+// @Success 200 {auth} models.auth
+// @router /:id/:relation[get]
+func (o *PermissionController) Get() {
+	id := o.Ctx.Input.Param(":id")
+	rel := o.Ctx.Input.Param(":relation")
+	role, err := infrastructure.GetPermissionConnector().GetPermission(id, rel)
+	if err != nil {
+		o.Data["json"] = map[string]interface{}{
+			"data":  nil,
+			"error": err.Error(),
+			"code":  200,
+		}
+
+	} else {
+		o.Data["json"] = map[string]interface{}{
+			"data":  role,
+			"error": nil,
+			"code":  200,
+		}
+	}
+	o.ServeJSON()
+}
+
+// @Title Clear
+// @Description clear the permission
+// @Success 200 {string} delete success!
+// @router /clear [delete]
+func (o *PermissionController) Clear() {
+	role, code, err := infrastructure.GetPermissionConnector().DeletePermission("", "", true)
+	if err != nil {
+		o.Data["json"] = map[string]interface{}{
+			"data":  nil,
+			"error": err.Error(),
+			"code":  code,
+		}
+
+	} else {
+		o.Data["json"] = map[string]interface{}{
+			"data":  role,
+			"error": nil,
+			"code":  200,
+		}
+	}
+	o.ServeJSON()
+}
+
+// @Title Bind
+// @Description bind the permission to role
+// @Param	role_id		path 	string	true		"The role_id you want to bind"
+// @Param	method		path 	string	true		"The method you want to relate role & permission"
+// @Param	permission_id		path 	string	true		"The permission_id you want to bind"
+// @Success 200 {string} bind success!
+// @router /:permission_id/:role_id/:relation [post]
+func (o *PermissionController) Bind() {
+	permission_id := o.Ctx.Input.Param(":permission_id")
+	role_id := o.Ctx.Input.Param(":role_id")
+	rel := o.Ctx.Input.Param(":relation")
+	role, code, err := infrastructure.GetPermissionConnector().BindPermission(role_id, permission_id, rel)
+	if err != nil {
+		o.Data["json"] = map[string]interface{}{
+			"data":  nil,
+			"error": err.Error(),
+			"code":  code,
+		}
+
+	} else {
+		o.Data["json"] = map[string]interface{}{
+			"data":  role,
+			"error": nil,
+			"code":  200,
+		}
+	}
+	o.ServeJSON()
+}
+
+// @Title UnBind
+// @Description unbind the permission to role
+// @Param	role_id		path 	string	true		"The role_id you want to unbind"
+// @Param	relation		path 	string	true		"The method you want to unrelate role & permission"
+// @Param	permission_id		path 	string	true		"The permission_id you want to unbind"
+// @Success 200 {string} bind success!
+// @router /:permission_id/:role_id/:relation [delete]
+func (o *PermissionController) UnBind() {
+	permission_id := o.Ctx.Input.Param(":permission_id")
+	role_id := o.Ctx.Input.Param(":role_id")
+	rel := o.Ctx.Input.Param(":relation")
+	role, code, err := infrastructure.GetPermissionConnector().UnBindPermission(role_id, permission_id, rel)
+	if err != nil {
+		o.Data["json"] = map[string]interface{}{
+			"data":  nil,
+			"error": err.Error(),
+			"code":  code,
+		}
+
+	} else {
+		o.Data["json"] = map[string]interface{}{
+			"data":  role,
+			"error": nil,
+			"code":  200,
+		}
+	}
+	o.ServeJSON()
+}