up

README.md

@@ -116,3 +116,106 @@
     ```sh
     curl -X DELETE http://localhost:8080/api/permissions/1 \
     -H "Authorization: Bearer your_jwt_token_here"
+
+
+> 请用curl语句实现如下操作:
+> 
+> 创建一个账号:
+> 	fullname: 李晓, 
+> 	用户名: lixiao  
+> 	密码 abcd@1234, 
+> 	邮箱 lixiao@zjmud.xyz
+> 创建2个权限:
+> 	dbGroup1Reader:
+> 		resource: db1,db2
+> 		action: read
+> 	dbGroup1Writer:
+> 		resource: db1,db2
+> 		action: write
+> 创建1个角色: 
+> 	db1RW, 包含Permissions: "dbGroup1Reader, dbGroup1Writer"
+> 把 账号lixiao绑定角色 db1RW
+
+为了实现这些操作，我们需要使用 `curl` 命令来发送 HTTP 请求到你的 API。假设你的 API 端点是 `http://localhost:8080/api`，以下是具体的 `curl` 命令：
+
+### 1. 创建账号
+```sh
+curl -X POST http://localhost:8080/auth/register \
+-H "Content-Type: application/json" \
+-d '{
+    "fullname": "李晓",
+    "username": "lixiao",
+    "password": "abcd@1234",
+    "email": "lixiao@zjmud.xyz"
+}'
+```
+
+### 2. 创建权限 `dbGroup1Reader`
+```sh
+curl -X POST http://localhost:8080/api/permissions \
+-H "Content-Type: application/json" \
+-d '{
+    "name": "dbGroup1Reader",
+    "description": "Read access to db1 and db2",
+    "resource": "db1,db2",
+    "action": "read"
+}'
+```
+
+### 3. 创建权限 `dbGroup1Writer`
+```sh
+curl -X POST http://localhost:8080/api/permissions \
+-H "Content-Type: application/json" \
+-d '{
+    "name": "dbGroup1Writer",
+    "description": "Write access to db1 and db2",
+    "resource": "db1,db2",
+    "action": "write"
+}'
+```
+
+### 4. 创建角色 `db1RW` 并包含权限 `dbGroup1Reader` 和 `dbGroup1Writer`
+首先，我们需要获取 `dbGroup1Reader` 和 `dbGroup1Writer` 的 ID。假设我们已经知道这些 ID（例如 `readerID` 和 `writerID`），我们可以直接使用它们。如果不知道，可以通过查询权限列表来获取。
+
+#### 查询权限列表以获取 ID（可选）
+```sh
+curl -X GET http://localhost:8080/api/permissions
+```
+
+#### 创建角色 `db1RW` 并关联权限
+假设 `readerID` 是 1，`writerID` 是 2：
+```sh
+curl -X POST http://localhost:8080/api/roles \
+-H "Content-Type: application/json" \
+-d '{
+    "name": "db1RW",
+    "description": "Read and Write access to db1 and db2"
+}'
+
+# 获取新创建的角色 ID（假设为 roleID）
+curl -X GET http://localhost:8080/api/roles
+
+# 为角色 `db1RW` 分配权限 `dbGroup1Reader` 和 `dbGroup1Writer`
+curl -X POST http://localhost:8080/api/roles/{roleID}/permissions \
+-H "Content-Type: application/json" \
+-d '[
+    {"permission_id": 1},
+    {"permission_id": 2}
+]'
+```
+
+### 5. 将账号 `lixiao` 绑定角色 `db1RW`
+假设 `lixiao` 的用户 ID 是 1，`db1RW` 的角色 ID 是 1：
+```sh
+curl -X POST http://localhost:8080/api/users/{userID}/roles \
+-H "Content-Type: application/json" \
+-d '[
+    {"role_id": 1}
+]'
+```
+
+请根据实际情况替换 `{userID}` 和 `{roleID}` 为实际的 ID 值。
+
+如果你需要自动化这个过程，可以编写一个脚本来执行这些命令，并处理响应以获取必要的 ID。
+
+*

api/routes.go

@@ -40,11 +40,16 @@ func SetupRoutes(r *gin.Engine) {
 		// 权限管理
 		permissions := api.Group("/permissions")
 		{
-			permissions.POST("/", controllers.CreatePermission)
-			permissions.GET("/", controllers.GetPermissions)
+			permissions.POST("", controllers.CreatePermission)
+			permissions.GET("", controllers.GetPermissions)
 			permissions.GET("/:id", controllers.GetPermission)
 			permissions.PUT("/:id", controllers.UpdatePermission)
 			permissions.DELETE("/:id", controllers.DeletePermission)
 		}
+
+		// Handle trailing slash redirect
+		api.GET("/permissions/", func(c *gin.Context) {
+			c.Redirect(301, "/api/permissions")
+		})
 	}
 }

controllers/rbac.go

@@ -1,10 +1,13 @@
 package controllers
 
 import (
+	// "log"
+
 	"strconv"
 
 	"gitea.zjmud.xyz/phyer/rbac/services"
 	"github.com/gin-gonic/gin"
+	"github.com/sirupsen/logrus"
 )
 
 // CreateRole 创建新角色
@@ -38,6 +41,8 @@ func GetRoles(c *gin.Context) {
 
 // CreatePermission 创建新权限
 func CreatePermission(c *gin.Context) {
+	logrus.Info("CreatePermission called")
+
 	var permissionData struct {
 		Name        string `json:"name" binding:"required"`
 		Description string `json:"description"`
@@ -45,15 +50,18 @@ func CreatePermission(c *gin.Context) {
 		Action      string `json:"action" binding:"required"`
 	}
 	if err := c.ShouldBindJSON(&permissionData); err != nil {
+		logrus.Errorf("Error binding JSON: %v", err)
 		c.JSON(400, gin.H{"error": err.Error()})
 		return
 	}
 
 	permission, err := services.CreatePermission(permissionData.Name, permissionData.Description, permissionData.Resource, permissionData.Action)
 	if err != nil {
+		logrus.Errorf("Error creating permission: %v", err)
 		c.JSON(500, gin.H{"error": err.Error()})
 		return
 	}
+	logrus.Infof("Permission created: %+v", permission)
 	c.JSON(201, permission)
 }
 

go.mod

@@ -6,6 +6,7 @@ require (
 	github.com/gin-gonic/gin v1.9.1
 	github.com/go-redis/redis/v8 v8.11.5
 	github.com/golang-jwt/jwt/v5 v5.0.0
+	github.com/sirupsen/logrus v1.9.3
 	golang.org/x/crypto v0.9.0
 	gorm.io/driver/mysql v1.5.7
 	gorm.io/gorm v1.25.7

go.sum

@@ -67,6 +67,8 @@ github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZ
 github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@@ -90,6 +92,7 @@ golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0
 golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=