OptimusX
/
OneAuth
mirror of https://github.com/veypi/OneAuth.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
v3
v2
v1.0.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '51b3bbc89e'
${ noResults }
OneAuth/models/auth.go

148 lines
5.4 KiB
Go
Raw Blame History Unescape Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

//
// Copyright (C) 2024 veypi <i@veypi.com>
// 2025-02-14 16:08:06
// Distributed under terms of the MIT license.
//
package models
import (
"time"
"github.com/veypi/vigo"
)
// 角色代码常量
const (
RoleCodeAdmin = "admin"
RoleCodeUser = "user"
RoleCodeViewer = "viewer"
)
// Permission 权限定义表(权限字典)
// ID 格式: scope:resource:action (例如: vb:user:read)
type Permission struct {
ID string `json:"id" gorm:"primaryKey;size:100" desc:"权限ID格式: scope:resource:action"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
Scope string `json:"scope" gorm:"index;size:50" desc:"权限域标识"`
Resource string `json:"resource" gorm:"index;size:50" desc:"资源类型"`
Action string `json:"action" gorm:"index;size:50" desc:"操作类型"`
Description string `json:"description" desc:"权限描述"`
}
func (Permission) TableName() string {
return "permissions"
}
// Role 角色表(不关联 app可跨应用
type Role struct {
vigo.Model
OrgID *string `json:"org_id" gorm:"index;size:36" desc:"组织ID空=系统预设"`
Code string `json:"code" gorm:"index;size:50" desc:"角色代码"`
Name string `json:"name" desc:"角色名称"`
Description string `json:"description" desc:"角色描述"`
IsSystem bool `json:"is_system" desc:"是否系统预设角色"`
Status int `json:"status" gorm:"default:1" desc:"状态: 1=启用, 0=禁用"`
// 外键关联
Org *Org `json:"org,omitempty" gorm:"foreignKey:OrgID;references:ID"`
}
func (Role) TableName() string {
return "roles"
}
// RolePermission 角色权限关联表
type RolePermission struct {
vigo.Model
RoleID string `json:"role_id" gorm:"index;size:36" desc:"角色ID"`
PermissionID string `json:"permission_id" gorm:"index;size:100" desc:"权限ID"`
Condition string `json:"condition" gorm:"size:20;default:'none'" desc:"权限条件: none/owner/admin"`
// 外键关联
Role Role `json:"role,omitempty" gorm:"foreignKey:RoleID;references:ID"`
Permission Permission `json:"permission,omitempty" gorm:"foreignKey:PermissionID;references:ID"`
}
func (RolePermission) TableName() string {
return "role_permissions"
}
// UserRole 用户角色关联表
type UserRole struct {
vigo.Model
UserID string `json:"user_id" gorm:"index;size:36" desc:"用户ID"`
OrgID *string `json:"org_id" gorm:"index;size:36" desc:"组织ID"`
RoleID string `json:"role_id" gorm:"index;size:36" desc:"角色ID"`
ExpireAt *time.Time `json:"expire_at" desc:"过期时间(可选)"`
// 外键关联
User User `json:"user,omitempty" gorm:"foreignKey:UserID;references:ID"`
Org *Org `json:"org,omitempty" gorm:"foreignKey:OrgID;references:ID"`
Role Role `json:"role,omitempty" gorm:"foreignKey:RoleID;references:ID"`
}
func (UserRole) TableName() string {
return "user_roles"
}
// UserPermission 用户特定资源权限表(数据级权限)
type UserPermission struct {
vigo.Model
UserID string `json:"user_id" gorm:"index;size:36" desc:"用户ID"`
OrgID *string `json:"org_id" gorm:"index;size:36" desc:"组织ID"`
PermissionID string `json:"permission_id" gorm:"index;size:100" desc:"权限ID"`
ResourceID string `json:"resource_id" gorm:"index;size:100" desc:"具体资源ID* 表示所有"`
ExpireAt *time.Time `json:"expire_at" desc:"过期时间(可选)"`
GrantedBy string `json:"granted_by" gorm:"size:36" desc:"授权人ID"`
// 外键关联
User User `json:"user,omitempty" gorm:"foreignKey:UserID;references:ID"`
Org *Org `json:"org,omitempty" gorm:"foreignKey:OrgID;references:ID"`
Permission Permission `json:"permission,omitempty" gorm:"foreignKey:PermissionID;references:ID"`
}
func (UserPermission) TableName() string {
return "user_permissions"
}
// GrantRoleRequest 授予角色请求
type GrantRoleRequest struct {
UserID string `json:"user_id" desc:"用户ID"`
OrgID string `json:"org_id" desc:"组织ID"`
RoleCode string `json:"role_code" desc:"角色代码"`
ExpireAt *time.Time `json:"expire_at" desc:"过期时间(可选)"`
}
// GrantResourcePermRequest 授予资源权限请求
type GrantResourcePermRequest struct {
UserID string `json:"user_id" desc:"用户ID"`
OrgID string `json:"org_id" desc:"组织ID"`
PermissionID string `json:"permission_id" desc:"权限ID"`
ResourceID string `json:"resource_id" desc:"资源实例ID* 表示所有"`
ExpireAt *time.Time `json:"expire_at" desc:"过期时间(可选)"`
GrantedBy string `json:"granted_by" desc:"授权人ID"`
}
// CheckPermRequest 检查权限请求
type CheckPermRequest struct {
UserID string `json:"user_id" desc:"用户ID"`
OrgID string `json:"org_id" desc:"组织ID"`
PermissionID string `json:"permission_id" desc:"权限ID"`
ResourceID string `json:"resource_id" desc:"资源实例ID可选"`
}
// UserPermissionResult 用户权限结果
type UserPermissionResult struct {
PermissionID string `json:"permission_id" desc:"权限ID"`
ResourceID string `json:"resource_id" desc:"资源ID* 表示所有"`
Actions []string `json:"actions" desc:"允许的操作"`
}
// ResourceUser 资源授权用户
type ResourceUser struct {
UserID string `json:"user_id" desc:"用户ID"`
Actions []string `json:"actions" desc:"允许的操作"`
}
Reference in New Issue View Git Blame Copy Permalink