♻️ Centralized data models (wip)
This commit is contained in:
@@ -1,60 +0,0 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.ComponentModel.DataAnnotations.Schema;
|
||||
using System.Text.Json;
|
||||
using System.Text.Json.Serialization;
|
||||
using DysonNetwork.Shared.Data;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using NodaTime;
|
||||
|
||||
namespace DysonNetwork.Pass.Permission;
|
||||
|
||||
/// The permission node model provides the infrastructure of permission control in Dyson Network.
|
||||
/// It based on the ABAC permission model.
|
||||
///
|
||||
/// The value can be any type, boolean and number for most cases and stored in jsonb.
|
||||
///
|
||||
/// The area represents the region this permission affects. For example, the pub:<publisherId>
|
||||
/// indicates it's a permission node for the publishers managing.
|
||||
///
|
||||
/// And the actor shows who owns the permission, in most cases, the user:<userId>
|
||||
/// and when the permission node has a GroupId, the actor will be set to the group, but it won't work on checking
|
||||
/// expect the member of that permission group inherent the permission from the group.
|
||||
[Index(nameof(Key), nameof(Area), nameof(Actor))]
|
||||
public class PermissionNode : ModelBase, IDisposable
|
||||
{
|
||||
public Guid Id { get; set; } = Guid.NewGuid();
|
||||
[MaxLength(1024)] public string Actor { get; set; } = null!;
|
||||
[MaxLength(1024)] public string Area { get; set; } = null!;
|
||||
[MaxLength(1024)] public string Key { get; set; } = null!;
|
||||
[Column(TypeName = "jsonb")] public JsonDocument Value { get; set; } = null!;
|
||||
public Instant? ExpiredAt { get; set; } = null;
|
||||
public Instant? AffectedAt { get; set; } = null;
|
||||
|
||||
public Guid? GroupId { get; set; } = null;
|
||||
[JsonIgnore] public PermissionGroup? Group { get; set; } = null;
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
Value.Dispose();
|
||||
GC.SuppressFinalize(this);
|
||||
}
|
||||
}
|
||||
|
||||
public class PermissionGroup : ModelBase
|
||||
{
|
||||
public Guid Id { get; set; } = Guid.NewGuid();
|
||||
[MaxLength(1024)] public string Key { get; set; } = null!;
|
||||
|
||||
public ICollection<PermissionNode> Nodes { get; set; } = new List<PermissionNode>();
|
||||
[JsonIgnore] public ICollection<PermissionGroupMember> Members { get; set; } = new List<PermissionGroupMember>();
|
||||
}
|
||||
|
||||
public class PermissionGroupMember : ModelBase
|
||||
{
|
||||
public Guid GroupId { get; set; }
|
||||
public PermissionGroup Group { get; set; } = null!;
|
||||
[MaxLength(1024)] public string Actor { get; set; } = null!;
|
||||
|
||||
public Instant? ExpiredAt { get; set; }
|
||||
public Instant? AffectedAt { get; set; }
|
||||
}
|
||||
@@ -3,6 +3,7 @@ using NodaTime;
|
||||
using System.Text.Json;
|
||||
using DysonNetwork.Pass;
|
||||
using DysonNetwork.Shared.Cache;
|
||||
using DysonNetwork.Shared.Models;
|
||||
|
||||
namespace DysonNetwork.Pass.Permission;
|
||||
|
||||
@@ -75,7 +76,7 @@ public class PermissionService(
|
||||
return result;
|
||||
}
|
||||
|
||||
public async Task<PermissionNode> AddPermissionNode<T>(
|
||||
public async Task<SnPermissionNode> AddPermissionNode<T>(
|
||||
string actor,
|
||||
string area,
|
||||
string key,
|
||||
@@ -86,7 +87,7 @@ public class PermissionService(
|
||||
{
|
||||
if (value is null) throw new ArgumentNullException(nameof(value));
|
||||
|
||||
var node = new PermissionNode
|
||||
var node = new SnPermissionNode
|
||||
{
|
||||
Actor = actor,
|
||||
Key = key,
|
||||
@@ -105,8 +106,8 @@ public class PermissionService(
|
||||
return node;
|
||||
}
|
||||
|
||||
public async Task<PermissionNode> AddPermissionNodeToGroup<T>(
|
||||
PermissionGroup group,
|
||||
public async Task<SnPermissionNode> AddPermissionNodeToGroup<T>(
|
||||
SnPermissionGroup group,
|
||||
string actor,
|
||||
string area,
|
||||
string key,
|
||||
@@ -117,7 +118,7 @@ public class PermissionService(
|
||||
{
|
||||
if (value is null) throw new ArgumentNullException(nameof(value));
|
||||
|
||||
var node = new PermissionNode
|
||||
var node = new SnPermissionNode
|
||||
{
|
||||
Actor = actor,
|
||||
Key = key,
|
||||
@@ -152,7 +153,7 @@ public class PermissionService(
|
||||
await InvalidatePermissionCacheAsync(actor, area, key);
|
||||
}
|
||||
|
||||
public async Task RemovePermissionNodeFromGroup<T>(PermissionGroup group, string actor, string area, string key)
|
||||
public async Task RemovePermissionNodeFromGroup<T>(SnPermissionGroup group, string actor, string area, string key)
|
||||
{
|
||||
var node = await db.PermissionNodes
|
||||
.Where(n => n.GroupId == group.Id)
|
||||
@@ -185,9 +186,9 @@ public class PermissionService(
|
||||
return JsonDocument.Parse(str);
|
||||
}
|
||||
|
||||
public static PermissionNode NewPermissionNode<T>(string actor, string area, string key, T value)
|
||||
public static SnPermissionNode NewPermissionNode<T>(string actor, string area, string key, T value)
|
||||
{
|
||||
return new PermissionNode
|
||||
return new SnPermissionNode
|
||||
{
|
||||
Actor = actor,
|
||||
Area = area,
|
||||
|
||||
@@ -4,6 +4,7 @@ using DysonNetwork.Shared.Proto;
|
||||
using Google.Protobuf.WellKnownTypes;
|
||||
using System.Text.Json;
|
||||
using NodaTime.Serialization.Protobuf;
|
||||
using DysonNetwork.Shared.Models;
|
||||
|
||||
namespace DysonNetwork.Pass.Permission;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user