fixed doc env vars + mongo v2 migration
This commit is contained in:
Stephan D
@@ -5,6 +5,7 @@ import (
|
||||
"context"
|
||||
|
||||
"github.com/casbin/casbin/v2"
|
||||
"github.com/mitchellh/mapstructure"
|
||||
"github.com/tech/sendico/pkg/auth/anyobject"
|
||||
cc "github.com/tech/sendico/pkg/auth/internal/casbin/config"
|
||||
"github.com/tech/sendico/pkg/auth/internal/casbin/serialization"
|
||||
@@ -12,9 +13,8 @@ import (
|
||||
"github.com/tech/sendico/pkg/mlogger"
|
||||
"github.com/tech/sendico/pkg/model"
|
||||
"github.com/tech/sendico/pkg/mutil/mzap"
|
||||
"github.com/mitchellh/mapstructure"
|
||||
"go.mongodb.org/mongo-driver/bson/primitive"
|
||||
"go.mongodb.org/mongo-driver/mongo"
|
||||
"go.mongodb.org/mongo-driver/v2/bson"
|
||||
"go.mongodb.org/mongo-driver/v2/mongo"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
@@ -59,7 +59,7 @@ func NewEnforcer(
|
||||
// Enforce checks if a user has the specified action permission on an object within a domain.
|
||||
func (c *CasbinEnforcer) Enforce(
|
||||
_ context.Context,
|
||||
permissionRef, accountRef, organizationRef, objectRef primitive.ObjectID,
|
||||
permissionRef, accountRef, organizationRef, objectRef bson.ObjectID,
|
||||
action model.Action,
|
||||
) (bool, error) {
|
||||
// Convert ObjectIDs to strings for Casbin
|
||||
@@ -67,7 +67,7 @@ func (c *CasbinEnforcer) Enforce(
|
||||
organization := organizationRef.Hex()
|
||||
permission := permissionRef.Hex()
|
||||
object := anyobject.ID
|
||||
if objectRef != primitive.NilObjectID {
|
||||
if objectRef != bson.NilObjectID {
|
||||
object = objectRef.Hex()
|
||||
}
|
||||
act := string(action)
|
||||
@@ -96,10 +96,10 @@ func (c *CasbinEnforcer) Enforce(
|
||||
func (c *CasbinEnforcer) EnforceBatch(
|
||||
ctx context.Context,
|
||||
objectRefs []model.PermissionBoundStorable,
|
||||
accountRef primitive.ObjectID,
|
||||
accountRef bson.ObjectID,
|
||||
action model.Action,
|
||||
) (map[primitive.ObjectID]bool, error) {
|
||||
results := make(map[primitive.ObjectID]bool, len(objectRefs))
|
||||
) (map[bson.ObjectID]bool, error) {
|
||||
results := make(map[bson.ObjectID]bool, len(objectRefs))
|
||||
for _, desc := range objectRefs {
|
||||
ok, err := c.Enforce(ctx, desc.GetPermissionRef(), accountRef, desc.GetOrganizationRef(), *desc.GetID(), action)
|
||||
if err != nil {
|
||||
@@ -115,7 +115,7 @@ func (c *CasbinEnforcer) EnforceBatch(
|
||||
}
|
||||
|
||||
// GetRoles retrieves all roles assigned to the user within the domain.
|
||||
func (c *CasbinEnforcer) GetRoles(ctx context.Context, accountRef, orgRef primitive.ObjectID) ([]model.Role, error) {
|
||||
func (c *CasbinEnforcer) GetRoles(ctx context.Context, accountRef, orgRef bson.ObjectID) ([]model.Role, error) {
|
||||
sub := accountRef.Hex()
|
||||
dom := orgRef.Hex()
|
||||
|
||||
@@ -145,7 +145,7 @@ func (c *CasbinEnforcer) GetRoles(ctx context.Context, accountRef, orgRef primit
|
||||
}
|
||||
|
||||
// GetPermissions retrieves all effective policies for the user within the domain.
|
||||
func (c *CasbinEnforcer) GetPermissions(ctx context.Context, accountRef, orgRef primitive.ObjectID) ([]model.Role, []model.Permission, error) {
|
||||
func (c *CasbinEnforcer) GetPermissions(ctx context.Context, accountRef, orgRef bson.ObjectID) ([]model.Role, []model.Permission, error) {
|
||||
c.logger.Debug("Fetching policies for user", mzap.ObjRef("account_ref", accountRef), mzap.ObjRef("organization_ref", orgRef))
|
||||
|
||||
// Step 1: Retrieve all roles assigned to the user within the domain
|
||||
|
||||
Reference in New Issue
Block a user