215 lines
5.3 KiB
Go
215 lines
5.3 KiB
Go
package repository
|
|
|
|
import (
|
|
"authorization/db"
|
|
"authorization/models"
|
|
"database/sql"
|
|
"fmt"
|
|
)
|
|
|
|
func GetPermissionByResourceActionAndRole(resource, action string, roleID int) (*models.Permission, error) {
|
|
query := `
|
|
SELECT p.id, p.permission_name, p.description, p.resource, p.action
|
|
FROM permissions p
|
|
INNER JOIN role_permissions rp ON p.id = rp.permission_id
|
|
WHERE p.resource = ? AND p.action = ? AND rp.role_id = ?
|
|
LIMIT 1
|
|
`
|
|
|
|
var perm models.Permission
|
|
err := db.DB.QueryRow(query, resource, action, roleID).Scan(
|
|
&perm.ID,
|
|
&perm.PermissionName,
|
|
&perm.Description,
|
|
&perm.Resource,
|
|
&perm.Action,
|
|
)
|
|
|
|
if err != nil {
|
|
if err == sql.ErrNoRows {
|
|
return nil, fmt.Errorf("permission not found or not granted to role_id=%d for resource=%s, action=%s", roleID, resource, action)
|
|
}
|
|
return nil, fmt.Errorf("error querying permission: %w", err)
|
|
}
|
|
|
|
return &perm, nil
|
|
}
|
|
|
|
// GetPolicyAttributesByPermission retrieves all policy attributes for a permission
|
|
func GetPolicyAttributesByPermission(permissionID int) ([]models.PolicyAttribute, error) {
|
|
query := `
|
|
SELECT id, attribute_name, attribute_type, comparison, attribute_value, permission_id
|
|
FROM policy_attributes
|
|
WHERE permission_id = ?
|
|
`
|
|
|
|
rows, err := db.DB.Query(query, permissionID)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error querying policy attributes: %w", err)
|
|
}
|
|
defer rows.Close()
|
|
|
|
var attributes []models.PolicyAttribute
|
|
for rows.Next() {
|
|
var attr models.PolicyAttribute
|
|
err := rows.Scan(
|
|
&attr.ID,
|
|
&attr.AttributeName,
|
|
&attr.AttributeType,
|
|
&attr.Comparison,
|
|
&attr.AttributeValue,
|
|
&attr.PermissionID,
|
|
)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error scanning policy attribute: %w", err)
|
|
}
|
|
attributes = append(attributes, attr)
|
|
}
|
|
|
|
return attributes, nil
|
|
}
|
|
|
|
// GetUserAttributes retrieves all attributes for a user
|
|
func GetUserAttributes(userID string) (map[string]string, error) {
|
|
query := `
|
|
SELECT attribute_name, attribute_value
|
|
FROM user_attributes
|
|
WHERE user_id = ?
|
|
`
|
|
|
|
rows, err := db.DB.Query(query, userID)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error querying user attributes: %w", err)
|
|
}
|
|
defer rows.Close()
|
|
|
|
attributes := make(map[string]string)
|
|
for rows.Next() {
|
|
var name, value string
|
|
err := rows.Scan(&name, &value)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error scanning user attribute: %w", err)
|
|
}
|
|
attributes[name] = value
|
|
}
|
|
|
|
return attributes, nil
|
|
}
|
|
|
|
// GetUserByID retrieves user details
|
|
func GetUserByID(userID string) (*models.User, error) {
|
|
query := `
|
|
SELECT user_id, first_name, middle_initial, last_name, suffix, email_address,
|
|
emp_id, is_logged_in, first_logged_in, home_address, contact_number, device_id,
|
|
role_id, is_deleted, secret_key, is_activated, created_at, updated_at
|
|
FROM uess_user_management.users
|
|
WHERE user_id = ? AND is_deleted = 'N'
|
|
LIMIT 1
|
|
`
|
|
|
|
var user models.User
|
|
err := db.DB.QueryRow(query, userID).Scan(
|
|
&user.UserID,
|
|
&user.FirstName,
|
|
&user.MiddleInitial,
|
|
&user.LastName,
|
|
&user.Suffix,
|
|
&user.EmailAddress,
|
|
&user.EmpID,
|
|
&user.IsLoggedIn,
|
|
&user.FirstLoggedIn,
|
|
&user.HomeAddress,
|
|
&user.ContactNumber,
|
|
&user.DeviceID,
|
|
&user.RoleID,
|
|
&user.IsDeleted,
|
|
&user.SecretKey,
|
|
&user.IsActivated,
|
|
&user.CreatedAt,
|
|
&user.UpdatedAt,
|
|
)
|
|
|
|
if err != nil {
|
|
if err == sql.ErrNoRows {
|
|
return nil, fmt.Errorf("user not found: %s", userID)
|
|
}
|
|
return nil, fmt.Errorf("error querying user: %w", err)
|
|
}
|
|
|
|
return &user, nil
|
|
}
|
|
|
|
// GetAllPermissions retrieves all permissions (for caching)
|
|
func GetAllPermissions() ([]models.Permission, error) {
|
|
query := `
|
|
SELECT id, permission_name, description, resource, action
|
|
FROM permissions
|
|
ORDER BY id
|
|
`
|
|
|
|
rows, err := db.DB.Query(query)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error querying all permissions: %w", err)
|
|
}
|
|
defer rows.Close()
|
|
|
|
var permissions []models.Permission
|
|
for rows.Next() {
|
|
var perm models.Permission
|
|
err := rows.Scan(
|
|
&perm.ID,
|
|
&perm.PermissionName,
|
|
&perm.Description,
|
|
&perm.Resource,
|
|
&perm.Action,
|
|
)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error scanning permission: %w", err)
|
|
}
|
|
permissions = append(permissions, perm)
|
|
}
|
|
|
|
return permissions, nil
|
|
}
|
|
|
|
// GetAllPolicyAttributes retrieves all policy attributes (for caching)
|
|
func GetAllPolicyAttributes() (map[int][]models.PolicyAttribute, error) {
|
|
query := `
|
|
SELECT id, attribute_name, attribute_type, comparison, attribute_value, permission_id
|
|
FROM policy_attributes
|
|
ORDER BY permission_id, id
|
|
`
|
|
|
|
rows, err := db.DB.Query(query)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error querying all policy attributes: %w", err)
|
|
}
|
|
defer rows.Close()
|
|
|
|
attributesByPermission := make(map[int][]models.PolicyAttribute)
|
|
for rows.Next() {
|
|
var attr models.PolicyAttribute
|
|
err := rows.Scan(
|
|
&attr.ID,
|
|
&attr.AttributeName,
|
|
&attr.AttributeType,
|
|
&attr.Comparison,
|
|
&attr.AttributeValue,
|
|
&attr.PermissionID,
|
|
)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error scanning policy attribute: %w", err)
|
|
}
|
|
attributesByPermission[attr.PermissionID] = append(attributesByPermission[attr.PermissionID], attr)
|
|
}
|
|
|
|
return attributesByPermission, nil
|
|
}
|
|
|
|
// Helper function to parse IN clause values
|
|
// func parseINValues(value string) []string {
|
|
// // Remove spaces and split by comma
|
|
// value = strings.ReplaceAll(value, " ", "")
|
|
// return strings.Split(value, ",")
|
|
// }
|