|
@@ -1,12 +1,12 @@
|
|
package perm
|
|
package perm
|
|
|
|
|
|
import (
|
|
import (
|
|
- "crypto/md5"
|
|
|
|
"errors"
|
|
"errors"
|
|
"fmt"
|
|
"fmt"
|
|
"net/http"
|
|
"net/http"
|
|
"reflect"
|
|
"reflect"
|
|
"strings"
|
|
"strings"
|
|
|
|
+ "sync"
|
|
"time"
|
|
"time"
|
|
|
|
|
|
"github.com/iancoleman/strcase"
|
|
"github.com/iancoleman/strcase"
|
|
@@ -57,6 +57,7 @@ func ToPermissionRN(v interface{}) []string {
|
|
}
|
|
}
|
|
|
|
|
|
type Builder struct {
|
|
type Builder struct {
|
|
|
|
+ m sync.Mutex
|
|
policies []*PolicyBuilder
|
|
policies []*PolicyBuilder
|
|
ladon *ladon.Ladon
|
|
ladon *ladon.Ladon
|
|
subjectsFunc SubjectsFunc
|
|
subjectsFunc SubjectsFunc
|
|
@@ -74,17 +75,63 @@ func New() *Builder {
|
|
}
|
|
}
|
|
|
|
|
|
func (b *Builder) Policies(ps ...*PolicyBuilder) (r *Builder) {
|
|
func (b *Builder) Policies(ps ...*PolicyBuilder) (r *Builder) {
|
|
- b.policies = ps
|
|
|
|
- for _, p := range b.policies {
|
|
|
|
- if p.policy.ID == "" {
|
|
|
|
- p.policy.ID = fmt.Sprintf("%x", md5.Sum(p.Json()))
|
|
|
|
|
|
+ b.DeletePolicies(b.policies...)
|
|
|
|
+ b.policies = make([]*PolicyBuilder, 0)
|
|
|
|
+ b.CreatePolicies(ps...)
|
|
|
|
+ return b
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+func (b *Builder) createPolicy(p *PolicyBuilder) {
|
|
|
|
+ p.SetIDIfEmpty()
|
|
|
|
+ err := b.ladon.Manager.Create(p.policy)
|
|
|
|
+ if err != nil {
|
|
|
|
+ panic(err)
|
|
|
|
+ }
|
|
|
|
+ b.policies = append(b.policies, p)
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+func (b *Builder) updatePolicy(p *PolicyBuilder) {
|
|
|
|
+ i := b.findPolicyIndex(p.GetID())
|
|
|
|
+ if i < 0 {
|
|
|
|
+ return
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ err := b.ladon.Manager.Update(p.policy)
|
|
|
|
+ if err != nil {
|
|
|
|
+ panic(err)
|
|
|
|
+ }
|
|
|
|
+ b.policies[i] = p
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+func (b *Builder) findPolicyIndex(id string) int {
|
|
|
|
+ for i, p := range b.policies {
|
|
|
|
+ if p.GetID() == id {
|
|
|
|
+ return i
|
|
}
|
|
}
|
|
- err := b.ladon.Manager.Create(p.policy)
|
|
|
|
- if err != nil {
|
|
|
|
- panic(err)
|
|
|
|
|
|
+ }
|
|
|
|
+ return -1
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+func (b *Builder) updateOrCreatePolicy(p *PolicyBuilder) {
|
|
|
|
+ i := b.findPolicyIndex(p.GetID())
|
|
|
|
+ if i < 0 {
|
|
|
|
+ b.createPolicy(p)
|
|
|
|
+ } else {
|
|
|
|
+ b.updatePolicy(p)
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+func (b *Builder) deletePolicy(p *PolicyBuilder) {
|
|
|
|
+ for i, ep := range b.policies {
|
|
|
|
+ if ep.GetID() == p.GetID() {
|
|
|
|
+ err := b.ladon.Manager.Delete(p.GetID())
|
|
|
|
+ if err != nil {
|
|
|
|
+ panic(err)
|
|
|
|
+ }
|
|
|
|
+ b.policies = append(b.policies[:i], b.policies[1+1:]...)
|
|
|
|
+ break
|
|
}
|
|
}
|
|
}
|
|
}
|
|
- return b
|
|
|
|
}
|
|
}
|
|
|
|
|
|
func (b *Builder) SubjectsFunc(v SubjectsFunc) (r *Builder) {
|
|
func (b *Builder) SubjectsFunc(v SubjectsFunc) (r *Builder) {
|
|
@@ -108,22 +155,42 @@ func (b *Builder) EnableDBPolicy(db *gorm.DB, dbPolicyModel DBPolicy, loadDurati
|
|
return b
|
|
return b
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+func (b *Builder) CreatePolicies(ps ...*PolicyBuilder) {
|
|
|
|
+ b.m.Lock()
|
|
|
|
+ defer b.m.Unlock()
|
|
|
|
+ for _, p := range ps {
|
|
|
|
+ b.createPolicy(p)
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
+
|
|
func (b *Builder) UpdatePolicies(toUpdate ...*PolicyBuilder) {
|
|
func (b *Builder) UpdatePolicies(toUpdate ...*PolicyBuilder) {
|
|
|
|
+ b.m.Lock()
|
|
|
|
+ defer b.m.Unlock()
|
|
|
|
+ for _, p := range toUpdate {
|
|
|
|
+ b.updatePolicy(p)
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+func (b *Builder) UpdateOrCreatePolicies(toUpdate ...*PolicyBuilder) {
|
|
|
|
+ b.m.Lock()
|
|
|
|
+ defer b.m.Unlock()
|
|
for _, p := range toUpdate {
|
|
for _, p := range toUpdate {
|
|
- b.ladon.Manager.Update(p.policy)
|
|
|
|
|
|
+ b.updateOrCreatePolicy(p)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
func (b *Builder) DeletePolicies(toDelete ...*PolicyBuilder) {
|
|
func (b *Builder) DeletePolicies(toDelete ...*PolicyBuilder) {
|
|
|
|
+ b.m.Lock()
|
|
|
|
+ defer b.m.Unlock()
|
|
for _, p := range toDelete {
|
|
for _, p := range toDelete {
|
|
- b.ladon.Manager.Delete(p.GetID())
|
|
|
|
|
|
+ b.deletePolicy(p)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
func (b *Builder) LoadDBPoliciesToMemory(db *gorm.DB, startFrom *time.Time) {
|
|
func (b *Builder) LoadDBPoliciesToMemory(db *gorm.DB, startFrom *time.Time) {
|
|
- toUpdate, toDelete := b.dbPolicyModel.LoadDBPolicies(db, startFrom)
|
|
|
|
|
|
+ toUpdateOrCreate, toDelete := b.dbPolicyModel.LoadDBPolicies(db, startFrom)
|
|
b.DeletePolicies(toDelete...)
|
|
b.DeletePolicies(toDelete...)
|
|
- b.UpdatePolicies(toUpdate...)
|
|
|
|
|
|
+ b.UpdateOrCreatePolicies(toUpdateOrCreate...)
|
|
if Verbose {
|
|
if Verbose {
|
|
b.printPolices()
|
|
b.printPolices()
|
|
}
|
|
}
|
|
@@ -141,6 +208,7 @@ func (b *Builder) loopLoadDBPolicies(db *gorm.DB, duration time.Duration) {
|
|
|
|
|
|
func (b *Builder) printPolices() {
|
|
func (b *Builder) printPolices() {
|
|
allp, _ := b.ladon.Manager.GetAll(100, 0)
|
|
allp, _ := b.ladon.Manager.GetAll(100, 0)
|
|
|
|
+ fmt.Printf("all permission policies: \n")
|
|
for _, p := range allp {
|
|
for _, p := range allp {
|
|
fmt.Printf("%+v \n", p)
|
|
fmt.Printf("%+v \n", p)
|
|
}
|
|
}
|