Shifty/shifty-backend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add context reqruied later for authentication

Browse source
This commit is contained in:
Simon Goller 2024-05-03 19:01:26 +02:00
parent 9a367c9260
commit 20828fb4a1
14 changed files with 463 additions and 330 deletions
Download patch file Download diff file Expand all files Collapse all files

109
service_impl/src/permission.rs
View file

@ -5,7 +5,7 @@ use async_trait::async_trait;
pub struct PermissionServiceImpl<PermissionDao, UserService>
where
PermissionDao: dao::PermissionDao + Send + Sync,
UserService: service::UserService + Send + Sync,
UserService: service::user_service::UserService + Send + Sync,
{
permission_dao: Arc<PermissionDao>,
user_service: Arc<UserService>,
@ -13,7 +13,7 @@ where
impl<PermissionDao, UserService> PermissionServiceImpl<PermissionDao, UserService>
where
PermissionDao: dao::PermissionDao + Send + Sync,
UserService: service::UserService + Send + Sync,
UserService: service::user_service::UserService + Send + Sync,
{
pub fn new(permission_dao: Arc<PermissionDao>, user_service: Arc<UserService>) -> Self {
Self {
@ -30,10 +30,16 @@ impl<PermissionDao, UserService> service::PermissionService
for PermissionServiceImpl<PermissionDao, UserService>
where
PermissionDao: dao::PermissionDao + Send + Sync,
UserService: service::UserService + Send + Sync,
UserService: service::user_service::UserService + Send + Sync,
{
async fn check_permission(&self, privilege: &str) -> Result<(), service::ServiceError> {
let current_user = self.user_service.current_user().await?;
type Context = UserService::Context;
async fn check_permission(
&self,
privilege: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
let current_user = self.user_service.current_user(context).await?;
if self
.permission_dao
.has_privilege(current_user.as_ref(), privilege)
@ -45,8 +51,12 @@ where
}
}
async fn create_user(&self, user: &str) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
async fn create_user(
&self,
user: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin", context).await?;
self.permission_dao
.create_user(
&dao::UserEntity { name: user.into() },
@ -55,14 +65,21 @@ where
.await?;
Ok(())
}
async fn delete_user(&self, user: &str) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
async fn delete_user(
&self,
user: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin", context).await?;
self.permission_dao.delete_user(user).await?;
Ok(())
}
async fn get_all_users(&self) -> Result<Arc<[service::User]>, service::ServiceError> {
self.check_permission("admin").await?;
async fn get_all_users(
&self,
context: Self::Context,
) -> Result<Arc<[service::User]>, service::ServiceError> {
self.check_permission("admin", context).await?;
Ok(self
.permission_dao
.all_users()
@ -72,8 +89,12 @@ where
.collect())
}
async fn create_role(&self, role: &str) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
async fn create_role(
&self,
role: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin", context).await?;
self.permission_dao
.create_role(
&dao::RoleEntity { name: role.into() },
@ -82,13 +103,20 @@ where
.await?;
Ok(())
}
async fn delete_role(&self, role: &str) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
async fn delete_role(
&self,
role: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin", context).await?;
self.permission_dao.delete_role(role).await?;
Ok(())
}
async fn get_all_roles(&self) -> Result<Arc<[service::Role]>, service::ServiceError> {
self.check_permission("admin").await?;
async fn get_all_roles(
&self,
context: Self::Context,
) -> Result<Arc<[service::Role]>, service::ServiceError> {
self.check_permission("admin", context).await?;
Ok(self
.permission_dao
.all_roles()
@ -98,8 +126,12 @@ where
.collect())
}
async fn create_privilege(&self, privilege: &str) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
async fn create_privilege(
&self,
privilege: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin", context).await?;
self.permission_dao
.create_privilege(
&dao::PrivilegeEntity {
@ -111,13 +143,20 @@ where
Ok(())
}
async fn delete_privilege(&self, privilege: &str) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
async fn delete_privilege(
&self,
privilege: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin", context).await?;
self.permission_dao.delete_privilege(privilege).await?;
Ok(())
}
async fn get_all_privileges(&self) -> Result<Arc<[service::Privilege]>, service::ServiceError> {
self.check_permission("admin").await?;
async fn get_all_privileges(
&self,
context: Self::Context,
) -> Result<Arc<[service::Privilege]>, service::ServiceError> {
self.check_permission("admin", context).await?;
Ok(self
.permission_dao
.all_privileges()
@ -127,8 +166,13 @@ where
.collect())
}
async fn add_user_role(&self, user: &str, role: &str) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
async fn add_user_role(
&self,
user: &str,
role: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin", context).await?;
self.permission_dao
.add_user_role(user, role, PERMISSION_SERVICE_PROCESS)
.await?;
@ -138,8 +182,9 @@ where
&self,
role: &str,
privilege: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
self.check_permission("admin", context).await?;
self.permission_dao
.add_role_privilege(role, privilege, PERMISSION_SERVICE_PROCESS)
.await?;
@ -149,15 +194,21 @@ where
&self,
role: &str,
privilege: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
self.check_permission("admin", context).await?;
self.permission_dao
.delete_role_privilege(role, privilege)
.await?;
Ok(())
}
async fn delete_user_role(&self, user: &str, role: &str) -> Result<(), service::ServiceError> {
self.check_permission("admin").await?;
async fn delete_user_role(
&self,
user: &str,
role: &str,
context: Self::Context,
) -> Result<(), service::ServiceError> {
self.check_permission("admin", context).await?;
self.permission_dao.delete_user_role(user, role).await?;
Ok(())
}