optimized roles

coretrix · Jul 9, 2024 · 9db26ff · 9db26ff
1 parent 0345c93
commit 9db26ff
Show file tree

Hide file tree

Showing 8 changed files with 47 additions and 14 deletions.
diff --git a/example/config/my-app/config.yaml b/example/config/my-app/config.yaml
@@ -8,6 +8,8 @@ orm:
     mysql: ENV[DEFAULT_MYSQL]
   search_pool:
     redis: ENV[DEFAULT_REDIS_SEARCH]
+  stream_pool:
+    redis: ENV[DEFAULT_REDIS]
 authentication:
   secret: "a-deep-dark-secret"
   support_otp: true

diff --git a/example/docker/docker-compose.yml b/example/docker/docker-compose.yml
@@ -1,4 +1,3 @@
-version: '3'
 services:
   mysql:
     image: mysql:8.0

diff --git a/example/server.go b/example/server.go
@@ -41,7 +41,7 @@ func main() {
 		registry.ServiceProviderOTP(nil),
 	).RegisterDIRequestService(
 		registry.ServiceProviderOrmEngineForContext(false),
-	).RegisterRedisPools(&app.RedisPools{Persistent: "default", Cache: "default"}).
+	).RegisterRedisPools(&app.RedisPools{Persistent: "default", Cache: "default", Search: "search_pool", Stream: "stream_pool"}).
 		RegisterDevPanel(&entity.DevPanelUserEntity{}, middleware.DevPanelRouter).Build()
 	defer deferFunc()
 

diff --git a/pkg/entity/permission_entity.go b/pkg/entity/permission_entity.go
@@ -10,7 +10,9 @@ type PermissionEntity struct {
 	beeorm.ORM `orm:"table=permissions;redisCache;redisSearch=search_pool"`
 	ID         uint64          `orm:"searchable;sortable"`
 	ResourceID *ResourceEntity `orm:"required;searchable;unique=ResourceID_Name_FakeDelete:1"`
-	Name       string          `orm:"required;searchable;unique=ResourceID_Name_FakeDelete:2"`
+	Name       string          `orm:"required;searchable;unique=ResourceID_Name_FakeDelete:3"`
 	CreatedAt  time.Time       `orm:"time=true"`
-	FakeDelete bool            `orm:"unique=ResourceID_Name_FakeDelete:3"`
+	FakeDelete bool            `orm:"unique=ResourceID_Name_FakeDelete:2"`
+
+	CachedQueryResourceID *beeorm.CachedQuery `query:":ResourceID = ?"`
 }
diff --git a/pkg/entity/privilege_entity.go b/pkg/entity/privilege_entity.go
@@ -14,4 +14,6 @@ type PrivilegeEntity struct {
 	PermissionIDs []*PermissionEntity `orm:"required;searchable"`
 	CreatedAt     time.Time           `orm:"time=true"`
 	FakeDelete    bool                `orm:"unique=RoleID_ResourceID_FakeDelete:3"`
+
+	CachedQueryRoleIDResourceID *beeorm.CachedQuery `query:":RoleID = ? AND :ResourceID = ?"`
 }
diff --git a/pkg/entity/resource_entity.go b/pkg/entity/resource_entity.go
@@ -12,4 +12,6 @@ type ResourceEntity struct {
 	Name       string    `orm:"required;searchable;unique=Name_FakeDelete:1"`
 	CreatedAt  time.Time `orm:"time=true"`
 	FakeDelete bool      `orm:"unique=Name_FakeDelete:2"`
+
+	CachedQueryName *beeorm.CachedQuery `queryOne:":Name = ?"`
 }
diff --git a/pkg/view/acl/acl.go b/pkg/view/acl/acl.go
@@ -7,20 +7,27 @@ import (
 )
 
 func ACL(ormService *beeorm.Engine, roleEntity *entity.RoleEntity, resource string, permissions ...string) bool {
-	resourceQuery := beeorm.NewRedisSearchQuery()
-	resourceQuery.FilterString("Name", resource)
-
 	resourceEntity := &entity.ResourceEntity{}
-	if !ormService.RedisSearchOne(resourceEntity, resourceQuery) {
+	if !ormService.CachedSearchOne(resourceEntity, "CachedQueryName", resource) {
 		return false
 	}
 
-	permissionQuery := beeorm.NewRedisSearchQuery()
-	permissionQuery.FilterUint("ResourceID", resourceEntity.ID)
-	permissionQuery.FilterString("Name", permissions...)
+	allPermissionEntities := make([]*entity.PermissionEntity, 0)
+	ormService.CachedSearch(
+		&allPermissionEntities,
+		"CachedQueryResourceID",
+		beeorm.NewPager(1, 1000),
+		resourceEntity.ID,
+	)
 
 	permissionEntities := make([]*entity.PermissionEntity, 0)
-	ormService.RedisSearch(&permissionEntities, permissionQuery, beeorm.NewPager(1, 1000))
+	for _, permissionEntity := range allPermissionEntities {
+		for _, permission := range permissions {
+			if permissionEntity.Name == permission {
+				permissionEntities = append(permissionEntities, permissionEntity)
+			}
+		}
+	}
 
 	if len(permissions) != len(permissionEntities) {
 		return false
@@ -37,5 +44,24 @@ func ACL(ormService *beeorm.Engine, roleEntity *entity.RoleEntity, resource stri
 	privilegeQuery.FilterUint("ResourceID", resourceEntity.ID)
 	privilegeQuery.FilterManyReferenceIn("PermissionIDs", permissionIDs...)
 
-	return ormService.RedisSearchOne(&entity.PrivilegeEntity{}, privilegeQuery)
+	privilegeEntities := make([]*entity.PrivilegeEntity, 0)
+	ormService.CachedSearch(
+		&privilegeEntities,
+		"CachedQueryRoleIDResourceID",
+		beeorm.NewPager(1, 1000),
+	)
+
+	hasPrivilege := false
+	for _, privilegeEntity := range privilegeEntities {
+		for _, permissionEntity := range privilegeEntity.PermissionIDs {
+			for _, permissionID := range permissionIDs {
+				if permissionEntity.ID == permissionID {
+					hasPrivilege = true
+					break
+				}
+			}
+		}
+	}
+
+	return hasPrivilege //ormService.RedisSearchOne(&entity.PrivilegeEntity{}, privilegeQuery)
 }
diff --git a/test/test.go b/test/test.go
@@ -39,6 +39,6 @@ func createContextMyApp(
 		defaultRequestServices,
 		mockGlobalServices,
 		mockRequestServices,
-		&app.RedisPools{Cache: "default", Persistent: "default"},
+		&app.RedisPools{Persistent: "default", Cache: "default", Search: "search_pool", Stream: "stream_pool"},
 	)
 }