From 998e9d541272cfcc4fbc331e65e4e556c621538e Mon Sep 17 00:00:00 2001 From: "zhangkun9038@dingtalk.com" Date: Tue, 18 Feb 2025 16:53:16 +0800 Subject: [PATCH] up --- README.md | 103 ++++++++++++++++++++++++++++++++++++++++++++ api/routes.go | 9 +++- controllers/rbac.go | 8 ++++ go.mod | 1 + go.sum | 3 ++ 5 files changed, 122 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 03bd8ce..eef4eb9 100644 --- a/README.md +++ b/README.md @@ -116,3 +116,106 @@ ```sh curl -X DELETE http://localhost:8080/api/permissions/1 \ -H "Authorization: Bearer your_jwt_token_here" + + +> 请用curl语句实现如下操作: +> +> 创建一个账号: +> fullname: 李晓, +> 用户名: lixiao +> 密码 abcd@1234, +> 邮箱 lixiao@zjmud.xyz +> 创建2个权限: +> dbGroup1Reader: +> resource: db1,db2 +> action: read +> dbGroup1Writer: +> resource: db1,db2 +> action: write +> 创建1个角色: +> db1RW, 包含Permissions: "dbGroup1Reader, dbGroup1Writer" +> 把 账号lixiao绑定角色 db1RW + +为了实现这些操作,我们需要使用 `curl` 命令来发送 HTTP 请求到你的 API。假设你的 API 端点是 `http://localhost:8080/api`,以下是具体的 `curl` 命令: + +### 1. 创建账号 +```sh +curl -X POST http://localhost:8080/auth/register \ +-H "Content-Type: application/json" \ +-d '{ + "fullname": "李晓", + "username": "lixiao", + "password": "abcd@1234", + "email": "lixiao@zjmud.xyz" +}' +``` + +### 2. 创建权限 `dbGroup1Reader` +```sh +curl -X POST http://localhost:8080/api/permissions \ +-H "Content-Type: application/json" \ +-d '{ + "name": "dbGroup1Reader", + "description": "Read access to db1 and db2", + "resource": "db1,db2", + "action": "read" +}' +``` + +### 3. 创建权限 `dbGroup1Writer` +```sh +curl -X POST http://localhost:8080/api/permissions \ +-H "Content-Type: application/json" \ +-d '{ + "name": "dbGroup1Writer", + "description": "Write access to db1 and db2", + "resource": "db1,db2", + "action": "write" +}' +``` + +### 4. 创建角色 `db1RW` 并包含权限 `dbGroup1Reader` 和 `dbGroup1Writer` +首先,我们需要获取 `dbGroup1Reader` 和 `dbGroup1Writer` 的 ID。假设我们已经知道这些 ID(例如 `readerID` 和 `writerID`),我们可以直接使用它们。如果不知道,可以通过查询权限列表来获取。 + +#### 查询权限列表以获取 ID(可选) +```sh +curl -X GET http://localhost:8080/api/permissions +``` + +#### 创建角色 `db1RW` 并关联权限 +假设 `readerID` 是 1,`writerID` 是 2: +```sh +curl -X POST http://localhost:8080/api/roles \ +-H "Content-Type: application/json" \ +-d '{ + "name": "db1RW", + "description": "Read and Write access to db1 and db2" +}' + +# 获取新创建的角色 ID(假设为 roleID) +curl -X GET http://localhost:8080/api/roles + +# 为角色 `db1RW` 分配权限 `dbGroup1Reader` 和 `dbGroup1Writer` +curl -X POST http://localhost:8080/api/roles/{roleID}/permissions \ +-H "Content-Type: application/json" \ +-d '[ + {"permission_id": 1}, + {"permission_id": 2} +]' +``` + +### 5. 将账号 `lixiao` 绑定角色 `db1RW` +假设 `lixiao` 的用户 ID 是 1,`db1RW` 的角色 ID 是 1: +```sh +curl -X POST http://localhost:8080/api/users/{userID}/roles \ +-H "Content-Type: application/json" \ +-d '[ + {"role_id": 1} +]' +``` + +请根据实际情况替换 `{userID}` 和 `{roleID}` 为实际的 ID 值。 + +如果你需要自动化这个过程,可以编写一个脚本来执行这些命令,并处理响应以获取必要的 ID。 + +* diff --git a/api/routes.go b/api/routes.go index 04bfbad..c8b8cbb 100644 --- a/api/routes.go +++ b/api/routes.go @@ -40,11 +40,16 @@ func SetupRoutes(r *gin.Engine) { // 权限管理 permissions := api.Group("/permissions") { - permissions.POST("/", controllers.CreatePermission) - permissions.GET("/", controllers.GetPermissions) + permissions.POST("", controllers.CreatePermission) + permissions.GET("", controllers.GetPermissions) permissions.GET("/:id", controllers.GetPermission) permissions.PUT("/:id", controllers.UpdatePermission) permissions.DELETE("/:id", controllers.DeletePermission) } + + // Handle trailing slash redirect + api.GET("/permissions/", func(c *gin.Context) { + c.Redirect(301, "/api/permissions") + }) } } diff --git a/controllers/rbac.go b/controllers/rbac.go index 4734156..73cc89b 100644 --- a/controllers/rbac.go +++ b/controllers/rbac.go @@ -1,10 +1,13 @@ package controllers import ( + // "log" + "strconv" "gitea.zjmud.xyz/phyer/rbac/services" "github.com/gin-gonic/gin" + "github.com/sirupsen/logrus" ) // CreateRole 创建新角色 @@ -38,6 +41,8 @@ func GetRoles(c *gin.Context) { // CreatePermission 创建新权限 func CreatePermission(c *gin.Context) { + logrus.Info("CreatePermission called") + var permissionData struct { Name string `json:"name" binding:"required"` Description string `json:"description"` @@ -45,15 +50,18 @@ func CreatePermission(c *gin.Context) { Action string `json:"action" binding:"required"` } if err := c.ShouldBindJSON(&permissionData); err != nil { + logrus.Errorf("Error binding JSON: %v", err) c.JSON(400, gin.H{"error": err.Error()}) return } permission, err := services.CreatePermission(permissionData.Name, permissionData.Description, permissionData.Resource, permissionData.Action) if err != nil { + logrus.Errorf("Error creating permission: %v", err) c.JSON(500, gin.H{"error": err.Error()}) return } + logrus.Infof("Permission created: %+v", permission) c.JSON(201, permission) } diff --git a/go.mod b/go.mod index 9356924..71ef948 100644 --- a/go.mod +++ b/go.mod @@ -6,6 +6,7 @@ require ( github.com/gin-gonic/gin v1.9.1 github.com/go-redis/redis/v8 v8.11.5 github.com/golang-jwt/jwt/v5 v5.0.0 + github.com/sirupsen/logrus v1.9.3 golang.org/x/crypto v0.9.0 gorm.io/driver/mysql v1.5.7 gorm.io/gorm v1.25.7 diff --git a/go.sum b/go.sum index 3aaf4d3..1067655 100644 --- a/go.sum +++ b/go.sum @@ -67,6 +67,8 @@ github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZ github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= @@ -90,6 +92,7 @@ golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0 golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=