Add my permissions method to the API

geniusrabbit · Mar 31, 2024 · 128a9fd · 128a9fd
1 parent d887008
commit 128a9fd
Show file tree

Hide file tree

Showing 9 changed files with 324 additions and 58 deletions.
diff --git a/acl/access.go b/acl/access.go
@@ -86,5 +86,5 @@ func HaveAccountLink(ctx context.Context, obj any) bool {
 
 // HasPermission returns `true` if the `user` have all permissions from the list (without custom check)
 func HasPermission(ctx context.Context, permissions ...string) bool {
-	return IsNoPermCheck(ctx) || session.Account(ctx).HasPermission(ctx, permissions...)
+	return IsNoPermCheck(ctx) || session.Account(ctx).HasPermission(permissions...)
 }
diff --git a/example/api/internal/server/graphql/generated/exec.go b/example/api/internal/server/graphql/generated/exec.go
diff --git a/example/api/internal/server/graphql/resolvers/rbac.resolvers.go b/example/api/internal/server/graphql/resolvers/rbac.resolvers.go
diff --git a/model/account_base.go b/model/account_base.go
@@ -98,8 +98,16 @@ func (acc *Account) CheckedPermissions(ctx context.Context, resource any, patter
 	return acc.Permissions.CheckedPermissions(ctx, resource, patterns...)
 }
 
+// ListPermissions for the account
+func (acc *Account) ListPermissions(patterns ...string) []rbac.Permission {
+	if acc == nil || acc.Permissions == nil {
+		return nil
+	}
+	return acc.Permissions.Permissions(patterns...)
+}
+
 // HasPermission for the account
-func (acc *Account) HasPermission(ctx context.Context, patterns ...string) bool {
+func (acc *Account) HasPermission(patterns ...string) bool {
 	return acc.Permissions.HasPermission(patterns...)
 }
 

diff --git a/model/account_permission.go b/model/account_permission.go
@@ -23,6 +23,7 @@ type permissionChecker interface {
 	CheckedPermissions(ctx context.Context, resource any, patterns ...string) rbac.Permission
 	ChildRoles() []rbac.Role
 	ChildPermissions() []rbac.Permission
+	Permissions(patterns ...string) []rbac.Permission
 	HasPermission(patterns ...string) bool
 }
 
@@ -71,6 +72,14 @@ func (groups groupPermissionChecker) ChildPermissions() []rbac.Permission {
 	return perms
 }
 
+func (groups groupPermissionChecker) Permissions(patterns ...string) []rbac.Permission {
+	var perms []rbac.Permission
+	for _, group := range groups {
+		perms = append(perms, group.Permissions(patterns...)...)
+	}
+	return perms
+}
+
 func (groups groupPermissionChecker) HasPermission(patterns ...string) bool {
 	for _, group := range groups {
 		if group.HasPermission(patterns...) {

diff --git a/protocol/graphql/schemas/rbac.graphql b/protocol/graphql/schemas/rbac.graphql
@@ -153,6 +153,11 @@ extend type Query {
   List of the RBAC permissions
   """
   listPermissions(patterns: [String!] = null): [RBACPermission!] @hasPermissions(permissions: ["permission.list"])
+
+  """
+  List of the RBAC permissions for the current user
+  """
+  listMyPermissions(patterns: [String!] = null): [RBACPermission!] @hasPermissions(permissions: ["permission.list"])
 }
 
 extend type Mutation {