mmosaic/mmap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6a3ce7e9d3
mmap/src/graphql/queries/permissions.rs
tsuki 6a3ce7e9d3
Some checks are pending
Docker Build and Push / build (push) Waiting to run
Details
refactor
2025-08-14 21:34:27 +08:00

133 lines
4.2 KiB
Rust
Raw Blame History

use crate::auth::get_auth_user;
use crate::graphql::guards::*;
use crate::graphql::types::*;
use crate::services::casbin_service::CasbinService;
use async_graphql::{Context, Object, Result};
#[derive(Default)]
pub struct PermissionQuery;
#[Object]
impl PermissionQuery {
// 权限管理查询
#[graphql(guard = "RequireReadPermission::new(\"permissions\")")]
async fn check_permission(
&self,
ctx: &Context<'_>,
resource: String,
action: String,
) -> Result<PermissionCheckResult> {
let user = get_auth_user(ctx).await?;
let casbin_service = ctx.data::<CasbinService>()?;
let has_permission = casbin_service
.check_permission(&user.id.to_string(), &resource, &action)
.await?;
let roles = casbin_service.get_user_roles(&user.id.to_string()).await?;
Ok(PermissionCheckResult {
user_id: user.id.to_string(),
resource,
action,
has_permission,
roles,
})
}
#[graphql(guard = "RequireReadPermission::new(\"permissions\")")]
async fn get_user_roles(&self, ctx: &Context<'_>) -> Result<Vec<String>> {
let user = get_auth_user(ctx).await?;
let casbin_service = ctx.data::<CasbinService>()?;
let roles = casbin_service.get_user_roles(&user.id.to_string()).await?;
Ok(roles)
}
#[graphql(guard = "RequireLogin")]
async fn get_user_permissions(&self, ctx: &Context<'_>) -> Result<Vec<PermissionPair>> {
let user = get_auth_user(ctx).await?;
let casbin_service = ctx.data::<CasbinService>()?;
let permissions = casbin_service
.get_user_permissions(&user.id.to_string())
.await?;
Ok(permissions
.into_iter()
.map(|p| PermissionPair {
resource: p.0,
action: p.1,
})
.collect())
}
#[graphql(guard = "RequireReadPermission::new(\"permissions\")")]
async fn get_all_policies(&self, ctx: &Context<'_>) -> Result<Vec<PolicyType>> {
let casbin_service = ctx.data::<CasbinService>()?;
let policies = casbin_service.get_all_policies().await?;
Ok(policies
.into_iter()
.filter(|p| p.len() >= 3)
.map(|p| PolicyType {
role: p[0].clone(),
resource: p[1].clone(),
action: p[2].clone(),
})
.collect())
}
#[graphql(guard = "RequireReadPermission::new(\"permissions\")")]
async fn get_role_permissions(
&self,
ctx: &Context<'_>,
role_name: String,
) -> Result<Vec<PermissionPair>> {
let casbin_service = ctx.data::<CasbinService>()?;
let permissions = casbin_service.get_role_permissions(&role_name).await?;
Ok(permissions
.into_iter()
.map(|p| PermissionPair {
resource: p.0,
action: p.1,
})
.collect())
}
#[graphql(guard = "RequireReadPermission::new(\"permissions\")")]
async fn can_read(&self, ctx: &Context<'_>, resource: String) -> Result<bool> {
let user = get_auth_user(ctx).await?;
let casbin_service = ctx.data::<CasbinService>()?;
let can_read = casbin_service
.can_read(&user.id.to_string(), &resource)
.await?;
Ok(can_read)
}
#[graphql(guard = "RequireReadPermission::new(\"permissions\")")]
async fn can_write(&self, ctx: &Context<'_>, resource: String) -> Result<bool> {
let user = get_auth_user(ctx).await?;
let casbin_service = ctx.data::<CasbinService>()?;
let can_write = casbin_service
.can_write(&user.id.to_string(), &resource)
.await?;
Ok(can_write)
}
#[graphql(guard = "RequireReadPermission::new(\"permissions\")")]
async fn can_delete(&self, ctx: &Context<'_>, resource: String) -> Result<bool> {
let user = get_auth_user(ctx).await?;
let casbin_service = ctx.data::<CasbinService>()?;
let can_delete = casbin_service
.can_delete(&user.id.to_string(), &resource)
.await?;
Ok(can_delete)
}
}
Reference in New Issue View Git Blame Copy Permalink