move api/server to api/edge/bff

api/edge/bff/internal/server/permissionsimp/service.go

@@ -0,0 +1,87 @@
+package permissionsimp
+
+import (
+	"context"
+
+	api "github.com/tech/sendico/pkg/api/http"
+	"github.com/tech/sendico/pkg/auth"
+	"github.com/tech/sendico/pkg/db/organization"
+	"github.com/tech/sendico/pkg/db/policy"
+	"github.com/tech/sendico/pkg/db/role"
+	"github.com/tech/sendico/pkg/db/transaction"
+	"github.com/tech/sendico/pkg/mlogger"
+	"github.com/tech/sendico/pkg/model"
+	"github.com/tech/sendico/pkg/mservice"
+	eapi "github.com/tech/sendico/server/interface/api"
+	mutil "github.com/tech/sendico/server/internal/mutil/param"
+	"go.mongodb.org/mongo-driver/v2/bson"
+	"go.uber.org/zap"
+)
+
+type PermissionsAPI struct {
+	logger                mlogger.Logger
+	db                    organization.DB
+	pdb                   policy.DB
+	rdb                   role.DB
+	enforcer              auth.Enforcer
+	manager               auth.Manager
+	rolesPermissionRef    bson.ObjectID
+	policiesPermissionRef bson.ObjectID
+	Rph                   mutil.ParamHelper
+	tf                    transaction.Factory
+	auth                  auth.Manager
+}
+
+func (a *PermissionsAPI) Name() mservice.Type {
+	return mservice.Permissions
+}
+
+func (a *PermissionsAPI) Finish(_ context.Context) error {
+	return nil
+}
+
+func CreateAPI(a eapi.API) (*PermissionsAPI, error) {
+	p := &PermissionsAPI{
+		enforcer: a.Permissions().Enforcer(),
+		manager:  a.Permissions().Manager(),
+		Rph:      mutil.CreatePH("role"),
+		tf:       a.DBFactory().TransactionFactory(),
+		auth:     a.Permissions().Manager(),
+	}
+	p.logger = a.Logger().Named(p.Name())
+
+	var err error
+	if p.db, err = a.DBFactory().NewOrganizationDB(); err != nil {
+		p.logger.Error("Failed to create organizations database", zap.Error(err))
+		return nil, err
+	}
+	if p.rdb, err = a.DBFactory().NewRolesDB(); err != nil {
+		p.logger.Error("Failed to create roles database", zap.Error(err))
+		return nil, err
+	}
+	if p.pdb, err = a.DBFactory().NewPoliciesDB(); err != nil {
+		p.logger.Error("Failed to create policies database", zap.Error(err))
+		return nil, err
+	}
+
+	var pdesc model.PolicyDescription
+	if err := p.pdb.GetBuiltInPolicy(context.Background(), mservice.Roles, &pdesc); err != nil {
+		p.logger.Warn("Failed to fetch roles management permission description", zap.Error(err))
+		return nil, err
+	}
+	p.rolesPermissionRef = pdesc.ID
+	if err := p.pdb.GetBuiltInPolicy(context.Background(), mservice.Policies, &pdesc); err != nil {
+		p.logger.Warn("Failed to fetch policies management permission description", zap.Error(err))
+		return nil, err
+	}
+	p.policiesPermissionRef = pdesc.ID
+
+	a.Register().AccountHandler(p.Name(), mutil.AddOrganizaztionRef("/"), api.Get, p.get)
+	a.Register().AccountHandler(p.Name(), mutil.AddOrganizaztionRef("/all"), api.Get, p.getAll)
+	a.Register().AccountHandler(p.Name(), mutil.AddOrganizaztionRef("/change_role"), api.Post, p.changeRole)
+	a.Register().AccountHandler(p.Name(), "/policies", api.Put, p.changePolicies)
+	a.Register().AccountHandler(p.Name(), "/role", api.Post, p.createRoleDescription)
+	a.Register().AccountHandler(p.Name(), p.Rph.AddRef("/role"), api.Delete, p.deleteRoleDescription)
+
+	return p, nil
+}