service backend

api/pkg/auth/internal/casbin/manager.go

@@ -0,0 +1,54 @@
+// package casbin
+
+package casbin
+
+import (
+	"context"
+
+	"github.com/tech/sendico/pkg/auth/management"
+	"github.com/tech/sendico/pkg/db/policy"
+	"github.com/tech/sendico/pkg/db/role"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/model"
+	"go.uber.org/zap"
+)
+
+// CasbinManager implements the auth.Manager interface by aggregating Role and Permission managers.
+type CasbinManager struct {
+	logger      mlogger.Logger
+	roleManager management.Role
+	permManager management.Permission
+}
+
+// NewManager creates a new CasbinManager with specified domains and role-domain mappings.
+func NewManager(
+	l mlogger.Logger,
+	pdb policy.DB,
+	rdb role.DB,
+	enforcer *CasbinEnforcer,
+	settings model.SettingsT,
+) (*CasbinManager, error) {
+	logger := l.Named("manager")
+
+	var pdesc model.PolicyDescription
+	if err := pdb.GetBuiltInPolicy(context.Background(), "roles", &pdesc); err != nil {
+		logger.Warn("Failed to fetch roles permission reference", zap.Error(err))
+		return nil, err
+	}
+
+	return &CasbinManager{
+		logger:      logger,
+		roleManager: NewRoleManager(logger, enforcer, pdesc.ID, rdb),
+		permManager: NewPermissionManager(logger, enforcer),
+	}, nil
+}
+
+// Permission returns the Permission manager.
+func (m *CasbinManager) Permission() management.Permission {
+	return m.permManager
+}
+
+// Role returns the Role manager.
+func (m *CasbinManager) Role() management.Role {
+	return m.roleManager
+}