45 lines
863 B
Go
45 lines
863 B
Go
package aeusadmin
|
|
|
|
import (
|
|
"context"
|
|
"slices"
|
|
|
|
"git.nobla.cn/golang/aeus-admin/internal/logic"
|
|
"git.nobla.cn/golang/aeus/middleware/auth"
|
|
"git.nobla.cn/golang/aeus/pkg/errors"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
type PermissionChecker struct {
|
|
db *gorm.DB
|
|
logic *logic.User
|
|
}
|
|
|
|
func (p *PermissionChecker) CheckPermission(ctx context.Context, permission string) (err error) {
|
|
var (
|
|
uid string
|
|
ps []string
|
|
)
|
|
if claims, ok := auth.FromContext(ctx); !ok {
|
|
return errors.ErrAccessDenied
|
|
} else {
|
|
if uid, err = claims.GetSubject(); err != nil {
|
|
return
|
|
}
|
|
}
|
|
if ps, err = p.logic.GetPermissions(ctx, uid); err != nil {
|
|
return
|
|
}
|
|
if !slices.Contains(ps, permission) {
|
|
err = errors.ErrPermissionDenied
|
|
}
|
|
return
|
|
}
|
|
|
|
func NewPermissionChecker(db *gorm.DB) *PermissionChecker {
|
|
return &PermissionChecker{
|
|
db: db,
|
|
logic: logic.NewUserLogic(db),
|
|
}
|
|
}
|