You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@servicecomb.apache.org by ti...@apache.org on 2020/12/17 10:38:56 UTC

[servicecomb-service-center] branch master updated: extract duplicate code (#784)

This is an automated email from the ASF dual-hosted git repository.

tianxiaoliang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/servicecomb-service-center.git


The following commit(s) were added to refs/heads/master by this push:
     new eb0085e  extract duplicate code (#784)
eb0085e is described below

commit eb0085ea1bf024283c8fea4face1b71f4072e88d
Author: hityc2019 <48...@users.noreply.github.com>
AuthorDate: Thu Dec 17 18:38:49 2020 +0800

    extract duplicate code (#784)
---
 docs/user-guides/rbac.md            |  2 +-
 server/resource/v4/role_resource.go | 43 ++++++++++++++++++++++---------------
 2 files changed, 27 insertions(+), 18 deletions(-)

diff --git a/docs/user-guides/rbac.md b/docs/user-guides/rbac.md
index 20b48c4..48821cc 100644
--- a/docs/user-guides/rbac.md
+++ b/docs/user-guides/rbac.md
@@ -87,7 +87,7 @@ curl -X POST \
 Currently, two default roles are provided. You can also add new roles and assign resources.
 
 ### API and resources
-All APIs of the system are divided according to their attributes. For example, resource account has the permission to create or update or delete user account when assign the corresponding permissions, resource service has all permission to create, get, add or delete microservices when permissions equal to "*". For more details to see [https://github.com/apache/servicecomb-service-center/blob/master/server/service/rbac/resource.go]()
+All APIs of the system are divided according to their attributes. For example, resource account has the permission to create or update or delete user account when assign the corresponding permissions, resource service has all permission to create, get, add or delete microservices when permissions equal to "*". For more details to see [here](https://github.com/apache/servicecomb-service-center/blob/master/server/service/rbac/resource.go).  
 A new role named "tester" owns resources "service", "instance" and "rule".
  ```json
 {
diff --git a/server/resource/v4/role_resource.go b/server/resource/v4/role_resource.go
index 1c79b06..103dbfe 100644
--- a/server/resource/v4/role_resource.go
+++ b/server/resource/v4/role_resource.go
@@ -38,7 +38,7 @@ var ErrConflictRole int32 = 409002
 type RoleResource struct {
 }
 
-//URLPatterns define htp pattern
+//URLPatterns define http pattern
 func (r *RoleResource) URLPatterns() []rest.Route {
 	return []rest.Route{
 		{Method: http.MethodGet, Path: "/v4/role", Func: r.GetRolePermission},
@@ -49,6 +49,7 @@ func (r *RoleResource) URLPatterns() []rest.Route {
 	}
 }
 
+//GetRolePermission list all roles and there's permissions
 func (r *RoleResource) GetRolePermission(w http.ResponseWriter, req *http.Request) {
 	rs, _, err := dao.ListRole(context.TODO())
 	if err != nil {
@@ -68,6 +69,19 @@ func (r *RoleResource) GetRolePermission(w http.ResponseWriter, req *http.Reques
 	controller.WriteJSON(w, b)
 }
 
+//roleParse parse the role info from the request body
+func (r *RoleResource) roleParse(body []byte) (*rbacframe.Role, error) {
+	role := &rbacframe.Role{}
+	err := json.Unmarshal(body, role)
+	if err != nil {
+		log.Error("json err", err)
+		return nil, err
+	}
+	// TODO: validate role
+	return role, nil
+}
+
+//CreateRolePermission create new role and assign permissions
 func (r *RoleResource) CreateRolePermission(w http.ResponseWriter, req *http.Request) {
 	body, err := ioutil.ReadAll(req.Body)
 	if err != nil {
@@ -75,14 +89,12 @@ func (r *RoleResource) CreateRolePermission(w http.ResponseWriter, req *http.Req
 		controller.WriteError(w, discovery.ErrInternal, err.Error())
 		return
 	}
-	a := &rbacframe.Role{}
-	if err = json.Unmarshal(body, a); err != nil {
-		log.Error("json err", err)
+	role, err := r.roleParse(body)
+	if err != nil {
 		controller.WriteError(w, discovery.ErrInvalidParams, errorsEx.MsgJSON)
 		return
 	}
-	// TODO: validate role
-	err = dao.CreateRole(context.TODO(), a)
+	err = dao.CreateRole(context.TODO(), role)
 	if err != nil {
 		if err == datasource.ErrRoleDuplicated {
 			controller.WriteError(w, ErrConflictRole, "")
@@ -94,6 +106,7 @@ func (r *RoleResource) CreateRolePermission(w http.ResponseWriter, req *http.Req
 	}
 }
 
+//UpdateRolePermission update role permissions
 func (r *RoleResource) UpdateRolePermission(w http.ResponseWriter, req *http.Request) {
 	body, err := ioutil.ReadAll(req.Body)
 	if err != nil {
@@ -101,32 +114,27 @@ func (r *RoleResource) UpdateRolePermission(w http.ResponseWriter, req *http.Req
 		controller.WriteError(w, discovery.ErrInternal, err.Error())
 		return
 	}
-	a := &rbacframe.Role{}
-	if err = json.Unmarshal(body, a); err != nil {
-		log.Error("json err", err)
+	role, err := r.roleParse(body)
+	if err != nil {
 		controller.WriteError(w, discovery.ErrInvalidParams, errorsEx.MsgJSON)
 		return
 	}
-	// TODO: validate role
-	err = dao.EditRole(context.TODO(), a)
+	err = dao.EditRole(context.TODO(), role)
 	if err != nil {
-		if err == datasource.ErrRoleDuplicated {
-			controller.WriteError(w, ErrConflictRole, "")
-			return
-		}
 		log.Error(errorsEx.MsgOperateRoleFailed, err)
 		controller.WriteError(w, discovery.ErrInternal, errorsEx.MsgOperateRoleFailed)
 		return
 	}
 }
 
+//GetRole get the role info according to role name
 func (r *RoleResource) GetRole(w http.ResponseWriter, req *http.Request) {
-	a, err := dao.GetRole(context.TODO(), req.URL.Query().Get(":roleName"))
+	role, err := dao.GetRole(context.TODO(), req.URL.Query().Get(":roleName"))
 	if err != nil {
 		log.Error(errorsEx.MsgGetRoleFailed, err)
 		controller.WriteError(w, discovery.ErrInternal, errorsEx.MsgGetRoleFailed)
 	}
-	v, err := json.Marshal(a)
+	v, err := json.Marshal(role)
 	if err != nil {
 		log.Error(errorsEx.MsgJSON, err)
 		controller.WriteError(w, discovery.ErrInternal, errorsEx.MsgJSON)
@@ -135,6 +143,7 @@ func (r *RoleResource) GetRole(w http.ResponseWriter, req *http.Request) {
 	controller.WriteJSON(w, v)
 }
 
+//DeleteRole delete the role info by role name
 func (r *RoleResource) DeleteRole(w http.ResponseWriter, req *http.Request) {
 	_, err := dao.DeleteRole(context.TODO(), req.URL.Query().Get(":roleName"))
 	if err != nil {