Skip to content

Commit

Permalink
crf & feat: add tags to permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
daichen-daisy committed May 22, 2023
1 parent b26040b commit a946392
Show file tree
Hide file tree
Showing 12 changed files with 209 additions and 60 deletions.
14 changes: 14 additions & 0 deletions dbschema/migrations/00024.edgeql
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
CREATE MIGRATION m1pwk6wff5r2xbxtjeesr6x76xw6wksmmvmeqlt6rkczev3z4ch7wq
ONTO m1jqxiptf66zakhlguijkgmp2fbjlar2fqrsq7d3gfsyx2tvbe7ica
{
ALTER TYPE default::Permission {
CREATE MULTI LINK tags -> default::Tag {
ON TARGET DELETE ALLOW;
};
};
ALTER TYPE default::Tag {
ALTER PROPERTY name {
CREATE CONSTRAINT std::exclusive;
};
};
};
3 changes: 3 additions & 0 deletions dbschema/permissions.esdl
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@ module default {
on target delete delete source;
};
multi link roles := .<permissions[is Role];
multi link tags -> Tag {
on target delete allow;
};

constraint exclusive on (.code_upper)
}
Expand Down
4 changes: 3 additions & 1 deletion dbschema/tags.esdl
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,9 @@ module default {
scalar type TagType extending enum<Permission>;

type Tag extending TimeStamped {
required property name -> str;
required property name -> str {
constraint exclusive;
};
required property tag_type -> TagType {
readonly := true;
};
Expand Down
19 changes: 9 additions & 10 deletions src/freeauth/applications/endpoints.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,23 +5,22 @@
import edgedb
from fastapi import Depends

from freeauth.applications.dataclasses import (
ApplicationDeleteBody,
ApplicationStatusBody,
BaseApplicationBody,
)
from freeauth.query_api import (
from .. import get_edgedb_client
from ..app import router
from ..dataclasses import PaginatedData, QueryBody
from ..query_api import (
CreateApplicationResult,
DeleteApplicationResult,
UpdateApplicationStatusResult,
create_application,
delete_application,
update_application_status,
)

from .. import get_edgedb_client
from ..app import router
from ..dataclasses import PaginatedData, QueryBody
from .dataclasses import (
ApplicationDeleteBody,
ApplicationStatusBody,
BaseApplicationBody,
)

FILTER_TYPE_MAPPING = {"created_at": "datetime", "is_deleted": "bool"}

Expand Down
11 changes: 11 additions & 0 deletions src/freeauth/permissions/dataclasses.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
from pydantic import Field, validator
from pydantic.dataclasses import dataclass

from ..dataclasses import FilterItem # noqa
from ..dataclasses import BaseModelConfig, QueryBody


Expand Down Expand Up @@ -32,6 +33,16 @@ class BasePermissionBody:
title="所属应用",
description="所属应用 ID",
)
new_tags: list[str] = Field(
None,
title="关联新建标签",
description="新建标签名称列表",
)
existing_tag_ids: list[uuid.UUID] = Field(
None,
title="关联已有标签",
description="已有标签 ID 列表",
)

@validator("code", pre=True)
def convert_to_uppercase(cls, v):
Expand Down
70 changes: 45 additions & 25 deletions src/freeauth/permissions/endpoints.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,6 @@
import edgedb
from fastapi import Depends, HTTPException

from freeauth.permissions.dataclasses import (
BasePermissionBody,
PermissionDeleteBody,
PermissionPutBody,
PermissionQueryBody,
PermissionStatusBody,
PermRoleBody,
)
from freeauth.permissions.dependencies import parse_permission_id_or_code

from .. import get_edgedb_client
from ..app import router
from ..dataclasses import PaginatedData, QueryBody
Expand All @@ -24,16 +14,26 @@
CreateRoleResult,
DeletePermissionResult,
GetPermissionByIdOrCodeResult,
UpdatePermissionResult,
GetPermissionByIdOrCodeResultTagsItem,
UpdatePermissionStatusResult,
create_permission,
delete_permission,
get_permission_by_id_or_code,
perm_bind_roles,
perm_unbind_roles,
query_permission_tags,
update_permission,
update_permission_status,
)
from .dataclasses import (
BasePermissionBody,
PermissionDeleteBody,
PermissionPutBody,
PermissionQueryBody,
PermissionStatusBody,
PermRoleBody,
)
from .dependencies import parse_permission_id_or_code

FILTER_TYPE_MAPPING = {"created_at": "datetime", "is_deleted": "bool"}

Expand All @@ -56,16 +56,14 @@ async def post_permission(
code=body.code,
description=body.description,
application_id=body.application_id,
new_tags=body.new_tags,
existing_tag_ids=body.existing_tag_ids,
)
except edgedb.errors.ConstraintViolationError:
raise HTTPException(
status_code=HTTPStatus.BAD_REQUEST,
detail={"code": f"{body.code} 已被使用"},
)
if not permission:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="应用不存在"
)
return permission


Expand Down Expand Up @@ -131,20 +129,26 @@ async def put_permission(
body: PermissionPutBody,
id_or_code: uuid.UUID | str = Depends(parse_permission_id_or_code),
client: edgedb.AsyncIOClient = Depends(get_edgedb_client),
) -> UpdatePermissionResult:
) -> GetPermissionByIdOrCodeResult:
try:
permission: UpdatePermissionResult | None = await update_permission(
client,
name=body.name,
code=body.code,
description=body.description,
is_deleted=body.is_deleted,
id=id_or_code if isinstance(id_or_code, uuid.UUID) else None,
current_code=(id_or_code if isinstance(id_or_code, str) else None),
permission: GetPermissionByIdOrCodeResult | None = (
await update_permission(
client,
name=body.name,
code=body.code,
description=body.description,
new_tags=body.new_tags,
existing_tag_ids=body.existing_tag_ids,
is_deleted=body.is_deleted,
id=id_or_code if isinstance(id_or_code, uuid.UUID) else None,
current_code=(
id_or_code if isinstance(id_or_code, str) else None
),
)
)
if not permission:
raise HTTPException(
status_code=HTTPStatus.NOT_FOUND, detail="角色不存在"
status_code=HTTPStatus.NOT_FOUND, detail="权限不存在"
)
except edgedb.errors.ConstraintViolationError:
raise HTTPException(
Expand Down Expand Up @@ -198,6 +202,7 @@ async def get_permissions(
code,
description,
application: {{ name }},
tags: {{ name }},
is_deleted,
created_at
}}
Expand Down Expand Up @@ -376,3 +381,18 @@ async def get_users_in_permission(
permission_id=permission_id,
)
return PaginatedData.parse_raw(result)


@router.get(
"/permission_tags",
tags=["权限管理"],
summary="获取权限标签",
description="获取指定权限的所有标签",
)
async def get_permission_tags(
client: edgedb.AsyncIOClient = Depends(get_edgedb_client),
) -> dict[str, list[GetPermissionByIdOrCodeResultTagsItem]]:
permission_tags: list[GetPermissionByIdOrCodeResultTagsItem] = (
await query_permission_tags(client)
)
return {"permission_tags": permission_tags}
29 changes: 24 additions & 5 deletions src/freeauth/permissions/queries/create_permission.edgeql
Original file line number Diff line number Diff line change
@@ -1,19 +1,38 @@
with
name := <str>$name,
code := <str>$code,
description := <optional str>$description,
application_id := <uuid>$application_id,
new_tags := (
for item in array_unpack(<array<str>>$new_tags) union (
insert Tag {
name := item,
tag_type := TagType.Permission
}
)
),
existing_tags := (
select Tag
filter .id in array_unpack(<array<uuid>>$existing_tag_ids)
)
select (
insert Permission {
name := <str>$name,
code := <str>$code,
description := <optional str>$description,
name := name,
code := code,
description := description,
application := (
select Application filter (
.id = <uuid>$application_id
.id = application_id
)
)
),
tags := new_tags union existing_tags
}
) {
name,
code,
description,
application: { name },
tags: { name },
is_deleted,
created_at
}
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ select assert_single(
created_at
},
application: { name },
tags: { id, name },
is_deleted,
created_at
}
Expand Down
4 changes: 4 additions & 0 deletions src/freeauth/permissions/queries/query_permission_tags.edgeql
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
select Tag {
id,
name
} filter (.tag_type = TagType.Permission)
17 changes: 16 additions & 1 deletion src/freeauth/permissions/queries/update_permission.edgeql
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,26 @@ with
(.id = id) ??
(.code_upper ?= str_upper(current_code)) ??
false
))
)),
new_tags := (
for item in array_unpack(<array<str>>$new_tags) union (
insert Tag {
name := item,
tag_type := TagType.Permission
}
)
),
existing_tags := (
select Tag
filter .id in array_unpack(<array<uuid>>$existing_tag_ids)
)
select (
update permission
set {
name := <str>$name,
code := <str>$code,
description := <optional str>$description,
tags := new_tags union existing_tags,
deleted_at := (
.deleted_at IF NOT EXISTS is_deleted ELSE
datetime_of_transaction() IF is_deleted ELSE {}
Expand All @@ -32,6 +45,8 @@ select (
is_deleted,
created_at
},
application: { name },
tags: { id, name },
is_deleted,
created_at
};
Loading

0 comments on commit a946392

Please sign in to comment.