50 lines
1.5 KiB
Go
50 lines
1.5 KiB
Go
package api
|
|
|
|
import (
|
|
"gitea.zjmud.com/phyer/rbac/controllers"
|
|
"gitea.zjmud.com/phyer/rbac/middleware"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
func SetupRouter(db *gorm.DB, redisClient *redis.Client) *gin.Engine {
|
|
router := gin.Default()
|
|
|
|
// Initialize controllers
|
|
authController := controllers.NewAuthController(db, redisClient)
|
|
rbacController := controllers.NewRBACController(db, redisClient)
|
|
userController := controllers.NewUserController(db, redisClient)
|
|
|
|
// Public routes - No authentication required
|
|
authGroup := router.Group("/auth")
|
|
{
|
|
authGroup.POST("/login", authController.Login)
|
|
authGroup.POST("/register", authController.Register)
|
|
}
|
|
|
|
// Protected routes - Require JWT authentication
|
|
apiGroup := router.Group("/api")
|
|
apiGroup.Use(middleware.AuthMiddleware())
|
|
{
|
|
// User management routes
|
|
userGroup := apiGroup.Group("/users")
|
|
{
|
|
userGroup.GET("", userController.GetUsers)
|
|
userGroup.GET("/:id", userController.GetUserByID)
|
|
}
|
|
|
|
// RBAC administration routes with additional authorization
|
|
rbacGroup := apiGroup.Group("/rbac")
|
|
rbacGroup.Use(middleware.RBACMiddleware())
|
|
{
|
|
rbacGroup.POST("/roles", rbacController.CreateRole)
|
|
rbacGroup.POST("/permissions", rbacController.CreatePermission)
|
|
rbacGroup.POST("/resources", rbacController.CreateResource)
|
|
rbacGroup.POST("/resource-groups", rbacController.CreateResourceGroup)
|
|
rbacGroup.POST("/actions", rbacController.CreateAction)
|
|
rbacGroup.POST("/assignments", rbacController.AssignRoleToUser)
|
|
}
|
|
}
|
|
|
|
return router
|
|
}
|