-
Notifications
You must be signed in to change notification settings - Fork 0
/
group_permission.go
158 lines (133 loc) · 3.02 KB
/
group_permission.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
package auth
import (
"github.com/cristosal/orm"
)
// GroupPermission represents the union between a group and a permission
// it can contains a value for use in application logic
type GroupPermission struct {
GroupID int64
PermissionID int64
Priority int `db:"-"` // group priority value
Name string `db:"-"` // permission name
Value int
}
func (*GroupPermission) TableName() string {
return "group_permissions"
}
type GroupPermissions []GroupPermission
// Value returns the value associated with the permission of a given name.
// it takes into account conflicting permissions and takes the one with higher priority
func (gps GroupPermissions) Value(name string) int {
var (
priority *int
value = 0
)
for i := range gps {
if gps[i].Name == name && (priority == nil || gps[i].Priority > *priority) {
priority = &gps[i].Priority
value = gps[i].Value
}
}
return value
}
func (gps GroupPermissions) Has(name string) bool {
for i := range gps {
if gps[i].Name == name {
return true
}
}
return false
}
func (r *GroupRepo) UserPermissions(uid int64) (GroupPermissions, error) {
sql := `select
gp.group_id,
gp.permission_id,
g.priority,
p.name,
gp.value
from
group_permissions gp
inner join
permissions p
on
p.id = gp.permission_id
inner join
groups g
on
g.id = gp.group_id
inner join
group_users gu
on
gu.group_id = g.id
where
gu.user_id = $1`
rows, err := r.db.Query(sql, uid)
if err != nil {
return nil, err
}
defer rows.Close()
groupPermissions := make([]GroupPermission, 0)
for rows.Next() {
var gp GroupPermission
err := rows.Scan(
&gp.GroupID,
&gp.PermissionID,
&gp.Priority,
&gp.Name,
&gp.Value,
)
if err != nil {
return nil, err
}
groupPermissions = append(groupPermissions, gp)
}
return groupPermissions, nil
}
// Permissions returns group permissions for a group by group id
func (r *GroupRepo) Permissions(gid int64) (GroupPermissions, error) {
sql := `select
gp.group_id,
gp.permission_id,
g.priority,
p.name,
gp.value
from
group_permissions gp
inner join
permissions p
on
p.id = gp.permission_id
inner join
groups g
on
g.id = gp.group_id
where
gp.group_id = $1`
rows, err := r.db.Query(sql, gid)
if err != nil {
return nil, err
}
defer rows.Close()
groupPermissions := make([]GroupPermission, 0)
for rows.Next() {
var gp GroupPermission
err := rows.Scan(
&gp.GroupID,
&gp.PermissionID,
&gp.Priority,
&gp.Name,
&gp.Value,
)
if err != nil {
return nil, err
}
groupPermissions = append(groupPermissions, gp)
}
return groupPermissions, nil
}
func (r *GroupRepo) AddPermission(gid, pid int64, value int) error {
return orm.Exec(r.db, "insert into group_permissions (group_id, permission_id, value) values ($1, $2, $3) on conflict do nothing", gid, pid, value)
}
func (r *GroupRepo) RemovePermission(gid, pid int64) error {
return orm.Exec(r.db, "delete from group_permissions where group_id = $1 and permission_id = $2", gid, pid)
}