server/game2006go
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1

Browse Source
This commit is contained in:
aozhiwei 2024-08-04 10:47:50 +08:00
parent be7c1c1278
commit fb8113d989
1 changed files with 97 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

159
server/adminserver/mt/Permission.go
View File

@ -33,79 +33,17 @@ type PermissionTable struct {
apiHash *q5.ConcurrentMap[string, bool] apiHash *q5.ConcurrentMap[string, bool]
uiHash *q5.ConcurrentMap[string, bool] uiHash *q5.ConcurrentMap[string, bool]
roleHash *q5.ConcurrentMap[string, *role] roleHash *q5.ConcurrentMap[string, *role]
userHash *q5.ConcurrentMap[string, *Permission] userHash *q5.ConcurrentMap[string, *user]
} }
func (this *PermissionTable) Load() { func (this *PermissionTable) Load() {
this.apiHash = new(q5.ConcurrentMap[string, bool]) this.apiHash = new(q5.ConcurrentMap[string, bool])
this.uiHash = new(q5.ConcurrentMap[string, bool]) this.uiHash = new(q5.ConcurrentMap[string, bool])
this.roleHash = new(q5.ConcurrentMap[string, *role]) this.roleHash = new(q5.ConcurrentMap[string, *role])
this.userHash = new(q5.ConcurrentMap[string, *Permission]) this.userHash = new(q5.ConcurrentMap[string, *user])
this.loadPermission() this.loadPermission()
this.loadRole() this.loadRole()
this.loadUser() this.loadUser()
{
if jsonStr, err := f5.ReadJsonFile("../config/permission.json"); err == nil {
type cfgPermission struct {
API []string `json:"api"`
UI []string `json:"ui"`
}
type AccountConfig struct {
Roles []string `json:"roles"`
Special cfgPermission `json:"special"`
}
permissioncfg := struct {
Roles map[string]cfgPermission `json:"roles"`
Accounts map[string]AccountConfig `json:"accounts"`
}{}
if err := json.Unmarshal([]byte(jsonStr), &permissioncfg); err != nil {
panic(fmt.Sprintf("load metafile json decode error %s %s", "permission.json", err))
}
for account, cfg := range permissioncfg.Accounts {
accpermission := new(Permission)
accpermission.api = new(q5.ConcurrentMap[string, bool])
accpermission.ui = new(q5.ConcurrentMap[string, bool])
//load permission of the account's roles
for _, role := range cfg.Roles {
rp, exist := permissioncfg.Roles[role]
if !exist {
continue
}
for _, v := range rp.API {
accpermission.api.Store(v, true)
}
for _, v := range rp.UI {
accpermission.ui.Store(v, true)
}
}
//load special permission
for _, v := range cfg.Special.API {
ret := strings.HasPrefix(v, "-")
if ret {
v = v[1:]
}
accpermission.api.Store(v, !ret)
}
for _, v := range cfg.Special.UI {
ret := strings.HasPrefix(v, "-")
if ret {
v = v[1:]
}
accpermission.ui.Store(v, !ret)
}
this.userHash.Store(strings.ToLower(account), accpermission)
}
} else {
panic(fmt.Sprintf("load metafile error %s %s", "permission.json", err))
}
}
} }
func (this *PermissionTable) CheckAPIPermission(account string, cmd string) bool { func (this *PermissionTable) CheckAPIPermission(account string, cmd string) bool {
@ -161,18 +99,105 @@ func (this *PermissionTable) loadRole() {
panic(fmt.Sprintf("load metafile error %s %s", "roles.json", err)) panic(fmt.Sprintf("load metafile error %s %s", "roles.json", err))
} }
} }
for _, role := range roles { {
if jsonStr, err := f5.ReadJsonFile("../config/role/" + role + ".json"); err == nil { for _, name := range roles {
if jsonStr, err := f5.ReadJsonFile("../config/role/" + name + ".json"); err == nil {
rolePermission := struct{ rolePermission := struct{
Api []string `json:"api"` Api []string `json:"api"`
Ui []string `json:"ui"` Ui []string `json:"ui"`
}{} }{}
if err := q5.DecodeJson(jsonStr, &rolePermission); err != nil { if err := q5.DecodeJson(jsonStr, &rolePermission); err != nil {
panic(fmt.Sprintf("parse role metafile error %s %s", role + ".json", err)) panic(fmt.Sprintf("parse role metafile error %s %s", name + ".json", err))
}
p := this.newRole()
for _, pName := range rolePermission.Api {
p.api.Store(pName, true)
}
for _, pName := range rolePermission.Ui {
p.api.Store(pName, true)
}
this.roleHash.Store(name, p)
} }
} }
} }
} }
func (this *PermissionTable) loadUser() { func (this *PermissionTable) loadUser() {
users := []struct {
AccountAddress string `json:"account_address"`
Roles []string `json:"roles"`
Special struct {
Api []string `json:"api"`
Ui []string `json:"ui"`
} `json:"special"`
}{}
{
if jsonStr, err := f5.ReadJsonFile("../config/users.json"); err == nil {
if err := q5.DecodeJson(jsonStr, &users); err != nil {
panic(fmt.Sprintf("parse metafile error %s %s", "usersa.json", err))
}
} else {
panic(fmt.Sprintf("load metafile error %s %s", "users.json", err))
}
}
{
for _, u := range users {
p := this.newUser()
p.accountAddress = strings.ToLower(u.AccountAddress)
for _, r := range u.Roles {
if pr, ok := this.roleHash.Load(r); ok {
p.roleHash.Store(r, *pr)
} else {
panic(fmt.Sprintf("load metafile error %s role:%s not exists", "users.json", r))
}
}
for _, pName := range u.Special.Api {
q5.AppendSlice(&p.specApi, pName)
}
for _, pName := range u.Special.Ui {
q5.AppendSlice(&p.specApi, pName)
}
this.genUserPermission(p)
this.userHash.Store(p.accountAddress, p)
}
}
}
func (this *PermissionTable) newRole() *role {
p := new(role)
p.api = new(q5.ConcurrentMap[string, bool])
p.ui = new(q5.ConcurrentMap[string, bool])
return p
}
func (this *PermissionTable) newUser() *user {
p := new(user)
p.roleHash = new(q5.ConcurrentMap[string, *role])
p.api = new(q5.ConcurrentMap[string, bool])
p.ui = new(q5.ConcurrentMap[string, bool])
p.specApi = []string{}
p.specUi = []string{}
this.apiHash.Range(func (key string, val bool) bool {
p.api.Store(key, false)
return true
})
this.uiHash.Range(func (key string, val bool) bool {
p.ui.Store(key, false)
return true
})
return p
}
func (this *PermissionTable) genUserPermission(u *user) {
u.roleHash.Range(func(key string, val *role) bool {
val.api.Range(func(key2 string, val2 bool) bool {
u.api.Store(key2, true)
return true
})
val.ui.Range(func(key2 string, val2 bool) bool {
u.ui.Store(key2, true)
return true
})
return true
})
} }