From 128a9fde67d42d199ca957286427a858c4d635ff Mon Sep 17 00:00:00 2001 From: Dmitry Ponomarev Date: Sun, 31 Mar 2024 16:08:13 +0200 Subject: [PATCH] Add my permissions method to the API --- acl/access.go | 2 +- .../internal/server/graphql/generated/exec.go | 191 ++++++++++++++---- .../graphql/resolvers/rbac.resolvers.go | 13 +- model/account_base.go | 10 +- model/account_permission.go | 9 + protocol/graphql/schemas/rbac.graphql | 5 + repository/rbac/delivery/graphql/resolver.go | 9 +- server/graphql/generated/exec.go | 138 +++++++++++++ server/graphql/resolvers/rbac.resolvers.go | 5 + 9 files changed, 324 insertions(+), 58 deletions(-) diff --git a/acl/access.go b/acl/access.go index 11d52eb..6ff200e 100644 --- a/acl/access.go +++ b/acl/access.go @@ -86,5 +86,5 @@ func HaveAccountLink(ctx context.Context, obj any) bool { // HasPermission returns `true` if the `user` have all permissions from the list (without custom check) func HasPermission(ctx context.Context, permissions ...string) bool { - return IsNoPermCheck(ctx) || session.Account(ctx).HasPermission(ctx, permissions...) + return IsNoPermCheck(ctx) || session.Account(ctx).HasPermission(permissions...) } diff --git a/example/api/internal/server/graphql/generated/exec.go b/example/api/internal/server/graphql/generated/exec.go index 6f863cb..b859387 100644 --- a/example/api/internal/server/graphql/generated/exec.go +++ b/example/api/internal/server/graphql/generated/exec.go @@ -44,7 +44,6 @@ type Config struct { type ResolverRoot interface { Mutation() MutationResolver Query() QueryResolver - RBACRole() RBACRoleResolver } type DirectiveRoot struct { @@ -290,6 +289,7 @@ type ComplexityRoot struct { ListAuthClients func(childComplexity int, filter *models.AuthClientListFilter, order *models.AuthClientListOrder, page *models.Page) int ListHistory func(childComplexity int, filter *models.HistoryActionListFilter, order *models.HistoryActionListOrder, page *models.Page) int ListMembers func(childComplexity int, filter *models.MemberListFilter, order *models.MemberListOrder, page *models.Page) int + ListMyPermissions func(childComplexity int, patterns []string) int ListOptions func(childComplexity int, filter *models.OptionListFilter, order *models.OptionListOrder, page *models.Page) int ListPermissions func(childComplexity int, patterns []string) int ListRoles func(childComplexity int, filter *models.RBACRoleListFilter, order *models.RBACRoleListOrder, page *models.Page) int @@ -483,9 +483,7 @@ type QueryResolver interface { CheckPermission(ctx context.Context, name string, key *string, targetID *string, idKey *string) (*string, error) ListRoles(ctx context.Context, filter *models.RBACRoleListFilter, order *models.RBACRoleListOrder, page *models.Page) (*connectors.CollectionConnection[models.RBACRole, models.RBACRoleEdge], error) ListPermissions(ctx context.Context, patterns []string) ([]*models.RBACPermission, error) -} -type RBACRoleResolver interface { - Description(ctx context.Context, obj *models.RBACRole) (*string, error) + ListMyPermissions(ctx context.Context, patterns []string) ([]*models.RBACPermission, error) } type executableSchema struct { @@ -1790,6 +1788,18 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in return e.complexity.Query.ListMembers(childComplexity, args["filter"].(*models.MemberListFilter), args["order"].(*models.MemberListOrder), args["page"].(*models.Page)), true + case "Query.listMyPermissions": + if e.complexity.Query.ListMyPermissions == nil { + break + } + + args, err := ec.field_Query_listMyPermissions_args(context.TODO(), rawArgs) + if err != nil { + return 0, false + } + + return e.complexity.Query.ListMyPermissions(childComplexity, args["patterns"].([]string)), true + case "Query.listOptions": if e.complexity.Query.ListOptions == nil { break @@ -4283,6 +4293,11 @@ extend type Query { List of the RBAC permissions """ listPermissions(patterns: [String!] = null): [RBACPermission!] @hasPermissions(permissions: ["permission.list"]) + + """ + List of the RBAC permissions for the current user + """ + listMyPermissions(patterns: [String!] = null): [RBACPermission!] @hasPermissions(permissions: ["permission.list"]) } extend type Mutation { @@ -5198,6 +5213,21 @@ func (ec *executionContext) field_Query_listMembers_args(ctx context.Context, ra return args, nil } +func (ec *executionContext) field_Query_listMyPermissions_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { + var err error + args := map[string]interface{}{} + var arg0 []string + if tmp, ok := rawArgs["patterns"]; ok { + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("patterns")) + arg0, err = ec.unmarshalOString2ᚕstringᚄ(ctx, tmp) + if err != nil { + return nil, err + } + } + args["patterns"] = arg0 + return args, nil +} + func (ec *executionContext) field_Query_listOptions_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { var err error args := map[string]interface{}{} @@ -14846,6 +14876,91 @@ func (ec *executionContext) fieldContext_Query_listPermissions(ctx context.Conte return fc, nil } +func (ec *executionContext) _Query_listMyPermissions(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) { + fc, err := ec.fieldContext_Query_listMyPermissions(ctx, field) + if err != nil { + return graphql.Null + } + ctx = graphql.WithFieldContext(ctx, fc) + defer func() { + if r := recover(); r != nil { + ec.Error(ctx, ec.Recover(ctx, r)) + ret = graphql.Null + } + }() + resTmp := ec._fieldMiddleware(ctx, nil, func(rctx context.Context) (interface{}, error) { + directive0 := func(rctx context.Context) (interface{}, error) { + ctx = rctx // use context from middleware stack in children + return ec.resolvers.Query().ListMyPermissions(rctx, fc.Args["patterns"].([]string)) + } + directive1 := func(ctx context.Context) (interface{}, error) { + permissions, err := ec.unmarshalNString2ᚕstringᚄ(ctx, []interface{}{"permission.list"}) + if err != nil { + return nil, err + } + if ec.directives.HasPermissions == nil { + return nil, errors.New("directive hasPermissions is not implemented") + } + return ec.directives.HasPermissions(ctx, nil, directive0, permissions) + } + + tmp, err := directive1(rctx) + if err != nil { + return nil, graphql.ErrorOnPath(ctx, err) + } + if tmp == nil { + return nil, nil + } + if data, ok := tmp.([]*models.RBACPermission); ok { + return data, nil + } + return nil, fmt.Errorf(`unexpected type %T from directive, should be []*github.com/geniusrabbit/blaze-api/server/graphql/models.RBACPermission`, tmp) + }) + + if resTmp == nil { + return graphql.Null + } + res := resTmp.([]*models.RBACPermission) + fc.Result = res + return ec.marshalORBACPermission2ᚕᚖgithubᚗcomᚋgeniusrabbitᚋblazeᚑapiᚋserverᚋgraphqlᚋmodelsᚐRBACPermissionᚄ(ctx, field.Selections, res) +} + +func (ec *executionContext) fieldContext_Query_listMyPermissions(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { + fc = &graphql.FieldContext{ + Object: "Query", + Field: field, + IsMethod: true, + IsResolver: true, + Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) { + switch field.Name { + case "name": + return ec.fieldContext_RBACPermission_name(ctx, field) + case "object": + return ec.fieldContext_RBACPermission_object(ctx, field) + case "access": + return ec.fieldContext_RBACPermission_access(ctx, field) + case "fullname": + return ec.fieldContext_RBACPermission_fullname(ctx, field) + case "description": + return ec.fieldContext_RBACPermission_description(ctx, field) + } + return nil, fmt.Errorf("no field named %q was found under type RBACPermission", field.Name) + }, + } + defer func() { + if r := recover(); r != nil { + err = ec.Recover(ctx, r) + ec.Error(ctx, err) + } + }() + ctx = graphql.WithFieldContext(ctx, fc) + if fc.Args, err = ec.field_Query_listMyPermissions_args(ctx, field.ArgumentMap(ec.Variables)); err != nil { + ec.Error(ctx, err) + return fc, err + } + return fc, nil +} + func (ec *executionContext) _Query___type(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) { fc, err := ec.fieldContext_Query___type(ctx, field) if err != nil { @@ -15308,7 +15423,7 @@ func (ec *executionContext) _RBACRole_description(ctx context.Context, field gra }() resTmp := ec._fieldMiddleware(ctx, obj, func(rctx context.Context) (interface{}, error) { ctx = rctx // use context from middleware stack in children - return ec.resolvers.RBACRole().Description(rctx, obj) + return obj.Description, nil }) if resTmp == nil { @@ -15323,8 +15438,8 @@ func (ec *executionContext) fieldContext_RBACRole_description(ctx context.Contex fc = &graphql.FieldContext{ Object: "RBACRole", Field: field, - IsMethod: true, - IsResolver: true, + IsMethod: false, + IsResolver: false, Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) { return nil, errors.New("field of type String does not have child fields") }, @@ -23603,6 +23718,25 @@ func (ec *executionContext) _Query(ctx context.Context, sel ast.SelectionSet) gr func(ctx context.Context) graphql.Marshaler { return innerFunc(ctx, out) }) } + out.Concurrently(i, func(ctx context.Context) graphql.Marshaler { return rrm(innerCtx) }) + case "listMyPermissions": + field := field + + innerFunc := func(ctx context.Context, fs *graphql.FieldSet) (res graphql.Marshaler) { + defer func() { + if r := recover(); r != nil { + ec.Error(ctx, ec.Recover(ctx, r)) + } + }() + res = ec._Query_listMyPermissions(ctx, field) + return res + } + + rrm := func(ctx context.Context) graphql.Marshaler { + return ec.OperationContext.RootResolverMiddleware(ctx, + func(ctx context.Context) graphql.Marshaler { return innerFunc(ctx, out) }) + } + out.Concurrently(i, func(ctx context.Context) graphql.Marshaler { return rrm(innerCtx) }) case "__type": out.Values[i] = ec.OperationContext.RootResolverMiddleware(innerCtx, func(ctx context.Context) (res graphql.Marshaler) { @@ -23705,51 +23839,20 @@ func (ec *executionContext) _RBACRole(ctx context.Context, sel ast.SelectionSet, case "ID": out.Values[i] = ec._RBACRole_ID(ctx, field, obj) if out.Values[i] == graphql.Null { - atomic.AddUint32(&out.Invalids, 1) + out.Invalids++ } case "name": out.Values[i] = ec._RBACRole_name(ctx, field, obj) if out.Values[i] == graphql.Null { - atomic.AddUint32(&out.Invalids, 1) + out.Invalids++ } case "title": out.Values[i] = ec._RBACRole_title(ctx, field, obj) if out.Values[i] == graphql.Null { - atomic.AddUint32(&out.Invalids, 1) + out.Invalids++ } case "description": - field := field - - innerFunc := func(ctx context.Context, fs *graphql.FieldSet) (res graphql.Marshaler) { - defer func() { - if r := recover(); r != nil { - ec.Error(ctx, ec.Recover(ctx, r)) - } - }() - res = ec._RBACRole_description(ctx, field, obj) - return res - } - - if field.Deferrable != nil { - dfs, ok := deferred[field.Deferrable.Label] - di := 0 - if ok { - dfs.AddField(field) - di = len(dfs.Values) - 1 - } else { - dfs = graphql.NewFieldSet([]graphql.CollectedField{field}) - deferred[field.Deferrable.Label] = dfs - } - dfs.Concurrently(di, func(ctx context.Context) graphql.Marshaler { - return innerFunc(ctx, dfs) - }) - - // don't run the out.Concurrently() call below - out.Values[i] = graphql.Null - continue - } - - out.Concurrently(i, func(ctx context.Context) graphql.Marshaler { return innerFunc(ctx, out) }) + out.Values[i] = ec._RBACRole_description(ctx, field, obj) case "context": out.Values[i] = ec._RBACRole_context(ctx, field, obj) case "childRoles": @@ -23761,12 +23864,12 @@ func (ec *executionContext) _RBACRole(ctx context.Context, sel ast.SelectionSet, case "createdAt": out.Values[i] = ec._RBACRole_createdAt(ctx, field, obj) if out.Values[i] == graphql.Null { - atomic.AddUint32(&out.Invalids, 1) + out.Invalids++ } case "updatedAt": out.Values[i] = ec._RBACRole_updatedAt(ctx, field, obj) if out.Values[i] == graphql.Null { - atomic.AddUint32(&out.Invalids, 1) + out.Invalids++ } case "deletedAt": out.Values[i] = ec._RBACRole_deletedAt(ctx, field, obj) diff --git a/example/api/internal/server/graphql/resolvers/rbac.resolvers.go b/example/api/internal/server/graphql/resolvers/rbac.resolvers.go index ad59af5..4ed67a8 100644 --- a/example/api/internal/server/graphql/resolvers/rbac.resolvers.go +++ b/example/api/internal/server/graphql/resolvers/rbac.resolvers.go @@ -6,9 +6,7 @@ package resolvers import ( "context" - "fmt" - "github.com/geniusrabbit/blaze-api/example/api/internal/server/graphql/generated" "github.com/geniusrabbit/blaze-api/server/graphql/connectors" "github.com/geniusrabbit/blaze-api/server/graphql/models" ) @@ -48,12 +46,7 @@ func (r *queryResolver) ListPermissions(ctx context.Context, patterns []string) return r.Resolver.Query().ListPermissions(ctx, patterns) } -// Description is the resolver for the description field. -func (r *rBACRoleResolver) Description(ctx context.Context, obj *models.RBACRole) (*string, error) { - panic(fmt.Errorf("not implemented: Description - description")) +// ListMyPermissions is the resolver for the listMyPermissions field. +func (r *queryResolver) ListMyPermissions(ctx context.Context, patterns []string) ([]*models.RBACPermission, error) { + return r.Resolver.Query().ListMyPermissions(ctx, patterns) } - -// RBACRole returns generated.RBACRoleResolver implementation. -func (r *Resolver) RBACRole() generated.RBACRoleResolver { return &rBACRoleResolver{r} } - -type rBACRoleResolver struct{ *Resolver } diff --git a/model/account_base.go b/model/account_base.go index 903d895..280c163 100644 --- a/model/account_base.go +++ b/model/account_base.go @@ -98,8 +98,16 @@ func (acc *Account) CheckedPermissions(ctx context.Context, resource any, patter return acc.Permissions.CheckedPermissions(ctx, resource, patterns...) } +// ListPermissions for the account +func (acc *Account) ListPermissions(patterns ...string) []rbac.Permission { + if acc == nil || acc.Permissions == nil { + return nil + } + return acc.Permissions.Permissions(patterns...) +} + // HasPermission for the account -func (acc *Account) HasPermission(ctx context.Context, patterns ...string) bool { +func (acc *Account) HasPermission(patterns ...string) bool { return acc.Permissions.HasPermission(patterns...) } diff --git a/model/account_permission.go b/model/account_permission.go index 64fd16d..1a50f1f 100644 --- a/model/account_permission.go +++ b/model/account_permission.go @@ -23,6 +23,7 @@ type permissionChecker interface { CheckedPermissions(ctx context.Context, resource any, patterns ...string) rbac.Permission ChildRoles() []rbac.Role ChildPermissions() []rbac.Permission + Permissions(patterns ...string) []rbac.Permission HasPermission(patterns ...string) bool } @@ -71,6 +72,14 @@ func (groups groupPermissionChecker) ChildPermissions() []rbac.Permission { return perms } +func (groups groupPermissionChecker) Permissions(patterns ...string) []rbac.Permission { + var perms []rbac.Permission + for _, group := range groups { + perms = append(perms, group.Permissions(patterns...)...) + } + return perms +} + func (groups groupPermissionChecker) HasPermission(patterns ...string) bool { for _, group := range groups { if group.HasPermission(patterns...) { diff --git a/protocol/graphql/schemas/rbac.graphql b/protocol/graphql/schemas/rbac.graphql index 92f5b76..001124a 100644 --- a/protocol/graphql/schemas/rbac.graphql +++ b/protocol/graphql/schemas/rbac.graphql @@ -153,6 +153,11 @@ extend type Query { List of the RBAC permissions """ listPermissions(patterns: [String!] = null): [RBACPermission!] @hasPermissions(permissions: ["permission.list"]) + + """ + List of the RBAC permissions for the current user + """ + listMyPermissions(patterns: [String!] = null): [RBACPermission!] @hasPermissions(permissions: ["permission.list"]) } extend type Mutation { diff --git a/repository/rbac/delivery/graphql/resolver.go b/repository/rbac/delivery/graphql/resolver.go index ce0f653..9e7bf6b 100644 --- a/repository/rbac/delivery/graphql/resolver.go +++ b/repository/rbac/delivery/graphql/resolver.go @@ -13,7 +13,7 @@ import ( "github.com/geniusrabbit/blaze-api/context/session" "github.com/geniusrabbit/blaze-api/model" "github.com/geniusrabbit/blaze-api/permissions" - "github.com/geniusrabbit/blaze-api/repository/rbac" + rbacGen "github.com/geniusrabbit/blaze-api/repository/rbac" "github.com/geniusrabbit/blaze-api/repository/rbac/repository" "github.com/geniusrabbit/blaze-api/repository/rbac/usecase" "github.com/geniusrabbit/blaze-api/requestid" @@ -28,7 +28,7 @@ var ( // QueryResolver implements GQL API methods type QueryResolver struct { - roles rbac.Usecase + roles rbacGen.Usecase } // NewQueryResolver returns new API resolver @@ -185,6 +185,11 @@ func (r *QueryResolver) ListPermissions(ctx context.Context, patterns []string) return gqlmodels.FromRBACPermissionModelList(list), nil } +func (r *QueryResolver) ListMyPermissions(ctx context.Context, patterns []string) ([]*gqlmodels.RBACPermission, error) { + list := session.Account(ctx).ListPermissions() + return gqlmodels.FromRBACPermissionModelList(list), nil +} + func valOrDef[T any](v *T, def T) T { if v == nil { return def diff --git a/server/graphql/generated/exec.go b/server/graphql/generated/exec.go index 6af5b90..2f704b2 100644 --- a/server/graphql/generated/exec.go +++ b/server/graphql/generated/exec.go @@ -289,6 +289,7 @@ type ComplexityRoot struct { ListAuthClients func(childComplexity int, filter *models.AuthClientListFilter, order *models.AuthClientListOrder, page *models.Page) int ListHistory func(childComplexity int, filter *models.HistoryActionListFilter, order *models.HistoryActionListOrder, page *models.Page) int ListMembers func(childComplexity int, filter *models.MemberListFilter, order *models.MemberListOrder, page *models.Page) int + ListMyPermissions func(childComplexity int, patterns []string) int ListOptions func(childComplexity int, filter *models.OptionListFilter, order *models.OptionListOrder, page *models.Page) int ListPermissions func(childComplexity int, patterns []string) int ListRoles func(childComplexity int, filter *models.RBACRoleListFilter, order *models.RBACRoleListOrder, page *models.Page) int @@ -482,6 +483,7 @@ type QueryResolver interface { CheckPermission(ctx context.Context, name string, key *string, targetID *string, idKey *string) (*string, error) ListRoles(ctx context.Context, filter *models.RBACRoleListFilter, order *models.RBACRoleListOrder, page *models.Page) (*connectors.CollectionConnection[models.RBACRole, models.RBACRoleEdge], error) ListPermissions(ctx context.Context, patterns []string) ([]*models.RBACPermission, error) + ListMyPermissions(ctx context.Context, patterns []string) ([]*models.RBACPermission, error) } type executableSchema struct { @@ -1786,6 +1788,18 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in return e.complexity.Query.ListMembers(childComplexity, args["filter"].(*models.MemberListFilter), args["order"].(*models.MemberListOrder), args["page"].(*models.Page)), true + case "Query.listMyPermissions": + if e.complexity.Query.ListMyPermissions == nil { + break + } + + args, err := ec.field_Query_listMyPermissions_args(context.TODO(), rawArgs) + if err != nil { + return 0, false + } + + return e.complexity.Query.ListMyPermissions(childComplexity, args["patterns"].([]string)), true + case "Query.listOptions": if e.complexity.Query.ListOptions == nil { break @@ -4279,6 +4293,11 @@ extend type Query { List of the RBAC permissions """ listPermissions(patterns: [String!] = null): [RBACPermission!] @hasPermissions(permissions: ["permission.list"]) + + """ + List of the RBAC permissions for the current user + """ + listMyPermissions(patterns: [String!] = null): [RBACPermission!] @hasPermissions(permissions: ["permission.list"]) } extend type Mutation { @@ -5194,6 +5213,21 @@ func (ec *executionContext) field_Query_listMembers_args(ctx context.Context, ra return args, nil } +func (ec *executionContext) field_Query_listMyPermissions_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { + var err error + args := map[string]interface{}{} + var arg0 []string + if tmp, ok := rawArgs["patterns"]; ok { + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("patterns")) + arg0, err = ec.unmarshalOString2ᚕstringᚄ(ctx, tmp) + if err != nil { + return nil, err + } + } + args["patterns"] = arg0 + return args, nil +} + func (ec *executionContext) field_Query_listOptions_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { var err error args := map[string]interface{}{} @@ -14842,6 +14876,91 @@ func (ec *executionContext) fieldContext_Query_listPermissions(ctx context.Conte return fc, nil } +func (ec *executionContext) _Query_listMyPermissions(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) { + fc, err := ec.fieldContext_Query_listMyPermissions(ctx, field) + if err != nil { + return graphql.Null + } + ctx = graphql.WithFieldContext(ctx, fc) + defer func() { + if r := recover(); r != nil { + ec.Error(ctx, ec.Recover(ctx, r)) + ret = graphql.Null + } + }() + resTmp := ec._fieldMiddleware(ctx, nil, func(rctx context.Context) (interface{}, error) { + directive0 := func(rctx context.Context) (interface{}, error) { + ctx = rctx // use context from middleware stack in children + return ec.resolvers.Query().ListMyPermissions(rctx, fc.Args["patterns"].([]string)) + } + directive1 := func(ctx context.Context) (interface{}, error) { + permissions, err := ec.unmarshalNString2ᚕstringᚄ(ctx, []interface{}{"permission.list"}) + if err != nil { + return nil, err + } + if ec.directives.HasPermissions == nil { + return nil, errors.New("directive hasPermissions is not implemented") + } + return ec.directives.HasPermissions(ctx, nil, directive0, permissions) + } + + tmp, err := directive1(rctx) + if err != nil { + return nil, graphql.ErrorOnPath(ctx, err) + } + if tmp == nil { + return nil, nil + } + if data, ok := tmp.([]*models.RBACPermission); ok { + return data, nil + } + return nil, fmt.Errorf(`unexpected type %T from directive, should be []*github.com/geniusrabbit/blaze-api/server/graphql/models.RBACPermission`, tmp) + }) + + if resTmp == nil { + return graphql.Null + } + res := resTmp.([]*models.RBACPermission) + fc.Result = res + return ec.marshalORBACPermission2ᚕᚖgithubᚗcomᚋgeniusrabbitᚋblazeᚑapiᚋserverᚋgraphqlᚋmodelsᚐRBACPermissionᚄ(ctx, field.Selections, res) +} + +func (ec *executionContext) fieldContext_Query_listMyPermissions(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { + fc = &graphql.FieldContext{ + Object: "Query", + Field: field, + IsMethod: true, + IsResolver: true, + Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) { + switch field.Name { + case "name": + return ec.fieldContext_RBACPermission_name(ctx, field) + case "object": + return ec.fieldContext_RBACPermission_object(ctx, field) + case "access": + return ec.fieldContext_RBACPermission_access(ctx, field) + case "fullname": + return ec.fieldContext_RBACPermission_fullname(ctx, field) + case "description": + return ec.fieldContext_RBACPermission_description(ctx, field) + } + return nil, fmt.Errorf("no field named %q was found under type RBACPermission", field.Name) + }, + } + defer func() { + if r := recover(); r != nil { + err = ec.Recover(ctx, r) + ec.Error(ctx, err) + } + }() + ctx = graphql.WithFieldContext(ctx, fc) + if fc.Args, err = ec.field_Query_listMyPermissions_args(ctx, field.ArgumentMap(ec.Variables)); err != nil { + ec.Error(ctx, err) + return fc, err + } + return fc, nil +} + func (ec *executionContext) _Query___type(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) { fc, err := ec.fieldContext_Query___type(ctx, field) if err != nil { @@ -23599,6 +23718,25 @@ func (ec *executionContext) _Query(ctx context.Context, sel ast.SelectionSet) gr func(ctx context.Context) graphql.Marshaler { return innerFunc(ctx, out) }) } + out.Concurrently(i, func(ctx context.Context) graphql.Marshaler { return rrm(innerCtx) }) + case "listMyPermissions": + field := field + + innerFunc := func(ctx context.Context, fs *graphql.FieldSet) (res graphql.Marshaler) { + defer func() { + if r := recover(); r != nil { + ec.Error(ctx, ec.Recover(ctx, r)) + } + }() + res = ec._Query_listMyPermissions(ctx, field) + return res + } + + rrm := func(ctx context.Context) graphql.Marshaler { + return ec.OperationContext.RootResolverMiddleware(ctx, + func(ctx context.Context) graphql.Marshaler { return innerFunc(ctx, out) }) + } + out.Concurrently(i, func(ctx context.Context) graphql.Marshaler { return rrm(innerCtx) }) case "__type": out.Values[i] = ec.OperationContext.RootResolverMiddleware(innerCtx, func(ctx context.Context) (res graphql.Marshaler) { diff --git a/server/graphql/resolvers/rbac.resolvers.go b/server/graphql/resolvers/rbac.resolvers.go index 89634ff..73843f4 100644 --- a/server/graphql/resolvers/rbac.resolvers.go +++ b/server/graphql/resolvers/rbac.resolvers.go @@ -45,3 +45,8 @@ func (r *queryResolver) ListRoles(ctx context.Context, filter *models.RBACRoleLi func (r *queryResolver) ListPermissions(ctx context.Context, patterns []string) ([]*models.RBACPermission, error) { return r.roles.ListPermissions(ctx, patterns) } + +// ListMyPermissions is the resolver for the listMyPermissions field. +func (r *queryResolver) ListMyPermissions(ctx context.Context, patterns []string) ([]*models.RBACPermission, error) { + return r.roles.ListMyPermissions(ctx, patterns) +}