[feature] migrate to monorepo

2025-02-21 00:49:20 +08:00 · 2025-02-21 00:49:20 +08:00 · 05ddc1f783
commit 05ddc1f783
267 changed files with 75165 additions and 0 deletions
--- a/backend/internal/rbac/init.go
+++ b/backend/internal/rbac/init.go
@ -0,0 +1,90 @@
+package rbac
+
+import (
+	"context"
+	"fmt"
+
+	"tss-rocks-be/ent"
+	"tss-rocks-be/ent/role"
+)
+
+// DefaultPermissions defines the default permissions for each resource
+var DefaultPermissions = map[string][]string{
+	"media": {"create", "read", "update", "delete", "list"},
+	"post":  {"create", "read", "update", "delete", "list"},
+	"daily": {"create", "read", "update", "delete", "list"},
+	"user":  {"create", "read", "update", "delete", "list"},
+}
+
+// DefaultRoles defines the default roles and their permissions
+var DefaultRoles = map[string]map[string][]string{
+	"admin": DefaultPermissions,
+	"editor": {
+		"media": {"create", "read", "update", "list"},
+		"post":  {"create", "read", "update", "list"},
+		"daily": {"create", "read", "update", "list"},
+		"user":  {"read"},
+	},
+	"contributor": {
+		"media": {"read", "list"},
+		"post":  {"read", "list"},
+		"daily": {"read", "list"},
+	},
+}
+
+// InitializeRBAC initializes the RBAC system with default roles and permissions
+func InitializeRBAC(ctx context.Context, client *ent.Client) error {
+	// Create permissions
+	permissionMap := make(map[string]*ent.Permission)
+	for resource, actions := range DefaultPermissions {
+		for _, action := range actions {
+			permission, err := client.Permission.Create().
+				SetResource(resource).
+				SetAction(action).
+				SetDescription(fmt.Sprintf("Permission to %s %s", action, resource)).
+				Save(ctx)
+			if err != nil {
+				return fmt.Errorf("failed creating permission: %w", err)
+			}
+			key := fmt.Sprintf("%s:%s", resource, action)
+			permissionMap[key] = permission
+		}
+	}
+
+	// Create roles with permissions
+	for roleName, permissions := range DefaultRoles {
+		roleCreate := client.Role.Create().
+			SetName(roleName).
+			SetDescription(fmt.Sprintf("Role for %s users", roleName))
+
+		// Add permissions to role
+		for resource, actions := range permissions {
+			for _, action := range actions {
+				key := fmt.Sprintf("%s:%s", resource, action)
+				if permission, exists := permissionMap[key]; exists {
+					roleCreate.AddPermissions(permission)
+				}
+			}
+		}
+
+		if _, err := roleCreate.Save(ctx); err != nil {
+			return fmt.Errorf("failed creating role %s: %w", roleName, err)
+		}
+	}
+
+	return nil
+}
+
+// AssignRoleToUser assigns a role to a user
+func AssignRoleToUser(ctx context.Context, client *ent.Client, userID int, roleName string) error {
+	role, err := client.Role.Query().
+		Where(role.Name(roleName)).
+		Only(ctx)
+	if err != nil {
+		return fmt.Errorf("failed querying role: %w", err)
+	}
+
+	return client.User.UpdateOneID(userID).
+		AddRoles(role).
+		Exec(ctx)
+}