phyer/rbac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rbac/README.md
zhangkun9038@dingtalk.com 998e9d5412 up
2025-02-18 16:53:16 +08:00

6.0 KiB
Raw Blame History

认证相关路由

  1. 注册用户

    curl -X POST http://localhost:8080/auth/register \
-H "Content-Type: application/json" \
-d '{"username": "testuser", "password": "testpass", "email": "test@example.com"}'

  2. 登录用户

    curl -X POST http://localhost:8080/auth/login \
-H "Content-Type: application/json" \
-d '{"username": "testuser", "password": "testpass"}'

需要认证的路由

假设登录后返回的token为your_jwt_token_here

用户管理

  1. 获取所有用户

    curl -X GET http://localhost:8080/api/users \
-H "Authorization: Bearer your_jwt_token_here"

  2. 获取单个用户

    curl -X GET http://localhost:8080/api/users/1 \
-H "Authorization: Bearer your_jwt_token_here"

  3. 更新用户

    curl -X PUT http://localhost:8080/api/users/1 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your_jwt_token_here" \
-d '{"name": "updated_name", "email": "updated_email@example.com"}'

  4. 删除用户

    curl -X DELETE http://localhost:8080/api/users/1 \
-H "Authorization: Bearer your_jwt_token_here"

角色管理

  1. 创建新角色

    curl -X POST http://localhost:8080/api/roles \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your_jwt_token_here" \
-d '{"name": "admin", "description": "Administrator role"}'

  2. 获取所有角色

    curl -X GET http://localhost:8080/api/roles \
-H "Authorization: Bearer your_jwt_token_here"

  3. 获取单个角色

    curl -X GET http://localhost:8080/api/roles/1 \
-H "Authorization: Bearer your_jwt_token_here"

  4. 更新角色

    curl -X PUT http://localhost:8080/api/roles/1 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your_jwt_token_here" \
-d '{"name": "updated_role_name", "description": "Updated description"}'

  5. 删除角色

    curl -X DELETE http://localhost:8080/api/roles/1 \
-H "Authorization: Bearer your_jwt_token_here"

权限管理

  1. 创建新权限

    curl -X POST http://localhost:8080/api/permissions \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your_jwt_token_here" \
-d '{"name": "create_user", "description": "Create user permission", "resource": "user", "action": "create"}'

  2. 获取所有权限

    curl -X GET http://localhost:8080/api/permissions \
-H "Authorization: Bearer your_jwt_token_here"

  3. 获取单个权限

    curl -X GET http://localhost:8080/api/permissions/1 \
-H "Authorization: Bearer your_jwt_token_here"

  4. 更新权限

    curl -X PUT http://localhost:8080/api/permissions/1 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your_jwt_token_here" \
-d '{"name": "updated_permission_name", "description": "Updated description", "resource": "user", "action": "update"}'

  5. 删除权限

    curl -X DELETE http://localhost:8080/api/permissions/1 \
-H "Authorization: Bearer your_jwt_token_here"

请用curl语句实现如下操作:

创建一个账号: fullname: 李晓, 用户名: lixiao
密码 abcd@1234, 邮箱 lixiao@zjmud.xyz 创建2个权限: dbGroup1Reader: resource: db1,db2 action: read dbGroup1Writer: resource: db1,db2 action: write 创建1个角色: db1RW, 包含Permissions: "dbGroup1Reader, dbGroup1Writer" 把 账号lixiao绑定角色 db1RW

为了实现这些操作,我们需要使用 curl 命令来发送 HTTP 请求到你的 API。假设你的 API 端点是 http://localhost:8080/api,以下是具体的 curl 命令:

1. 创建账号

curl -X POST http://localhost:8080/auth/register \
-H "Content-Type: application/json" \
-d '{
    "fullname": "李晓",
    "username": "lixiao",
    "password": "abcd@1234",
    "email": "lixiao@zjmud.xyz"
}'

2. 创建权限 dbGroup1Reader

curl -X POST http://localhost:8080/api/permissions \
-H "Content-Type: application/json" \
-d '{
    "name": "dbGroup1Reader",
    "description": "Read access to db1 and db2",
    "resource": "db1,db2",
    "action": "read"
}'

3. 创建权限 dbGroup1Writer

curl -X POST http://localhost:8080/api/permissions \
-H "Content-Type: application/json" \
-d '{
    "name": "dbGroup1Writer",
    "description": "Write access to db1 and db2",
    "resource": "db1,db2",
    "action": "write"
}'

4. 创建角色 db1RW 并包含权限 dbGroup1ReaderdbGroup1Writer

首先,我们需要获取 dbGroup1ReaderdbGroup1Writer 的 ID。假设我们已经知道这些 ID例如 readerIDwriterID),我们可以直接使用它们。如果不知道,可以通过查询权限列表来获取。

查询权限列表以获取 ID可选

curl -X GET http://localhost:8080/api/permissions

创建角色 db1RW 并关联权限

假设 readerID 是 1writerID 是 2

curl -X POST http://localhost:8080/api/roles \
-H "Content-Type: application/json" \
-d '{
    "name": "db1RW",
    "description": "Read and Write access to db1 and db2"
}'

# 获取新创建的角色 ID假设为 roleID
curl -X GET http://localhost:8080/api/roles

# 为角色 `db1RW` 分配权限 `dbGroup1Reader` 和 `dbGroup1Writer`
curl -X POST http://localhost:8080/api/roles/{roleID}/permissions \
-H "Content-Type: application/json" \
-d '[
    {"permission_id": 1},
    {"permission_id": 2}
]'

5. 将账号 lixiao 绑定角色 db1RW

假设 lixiao 的用户 ID 是 1db1RW 的角色 ID 是 1

curl -X POST http://localhost:8080/api/users/{userID}/roles \
-H "Content-Type: application/json" \
-d '[
    {"role_id": 1}
]'

请根据实际情况替换 {userID}{roleID} 为实际的 ID 值。

如果你需要自动化这个过程,可以编写一个脚本来执行这些命令,并处理响应以获取必要的 ID。