From ae3fa7812ba5eb38ab70126ea1fd08ffa93040a2 Mon Sep 17 00:00:00 2001 From: ktkfree Date: Thu, 2 May 2024 17:07:33 +0900 Subject: [PATCH] =?UTF-8?q?Revert=20"Permission-API=20Endpoint=20mapping?= =?UTF-8?q?=20=EA=B0=9C=EC=84=A0"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- hack/endpoint-codegen.go | 104 +- internal/database/database.go | 3 +- internal/delivery/api/endpoint.go | 10 +- .../delivery/api/endpoints_permission_test.go | 3 +- .../delivery/api/generated_endpoints.go.go | 1893 ++++++++++++----- internal/delivery/http/endpoint.go | 59 - internal/delivery/http/organization.go | 2 +- internal/delivery/http/permission.go | 48 +- internal/delivery/http/role.go | 13 + internal/middleware/audit/audit.go | 2 +- .../auth/authorizer/adminApiFilter.go | 36 - .../middleware/auth/authorizer/authorizer.go | 1 - .../auth/authorizer/organizationFilter.go | 43 - internal/middleware/auth/authorizer/rbac.go | 130 +- internal/model/{endpoint.go => end-point.go} | 0 internal/model/permission-endpoint.go | 435 ---- internal/model/permission.go | 526 +++-- internal/repository/permission.go | 16 - internal/route/route.go | 5 - internal/usecase/endpoint.go | 26 - internal/usecase/permission.go | 15 - internal/usecase/role.go | 198 +- internal/usecase/usecase.go | 1 - pkg/domain/endpoint.go | 4 - pkg/domain/permission.go | 16 +- pkg/httpErrors/errorCode.go | 3 - 26 files changed, 2006 insertions(+), 1586 deletions(-) delete mode 100644 internal/delivery/http/endpoint.go delete mode 100644 internal/middleware/auth/authorizer/adminApiFilter.go delete mode 100644 internal/middleware/auth/authorizer/organizationFilter.go rename internal/model/{endpoint.go => end-point.go} (100%) delete mode 100644 internal/model/permission-endpoint.go delete mode 100644 internal/usecase/endpoint.go diff --git a/hack/endpoint-codegen.go b/hack/endpoint-codegen.go index fc48fee4..354082b3 100644 --- a/hack/endpoint-codegen.go +++ b/hack/endpoint-codegen.go @@ -36,7 +36,7 @@ package api //) //` -const apiMapTemplateStr = `var MapWithEndpoint = map[Endpoint]EndpointInfo{ +const apiMapTemplateStr = `var ApiMap = map[Endpoint]EndpointInfo{ {{- range .}} {{.Name}}: { Name: "{{.Name}}", @@ -46,51 +46,30 @@ const apiMapTemplateStr = `var MapWithEndpoint = map[Endpoint]EndpointInfo{ } ` -const restCodeTemplateStr = `var MapWithName = reverseApiMap() - -func reverseApiMap() map[string]Endpoint { - m := make(map[string]Endpoint) - for k, v := range MapWithEndpoint { - m[v.Name] = k +const stringFunctionTemplateStr = `func (e Endpoint) String() string { + switch e { +{{- range .}} + case {{.Name}}: + return "{{.Name}}" +{{- end}} + default: + return "" } - return m -} - -func (e Endpoint) String() string { - return MapWithEndpoint[e].Name } +` -func GetEndpoint(name string) Endpoint { - return MapWithName[name] +const getEndpointFunctionTemplateStr = `func GetEndpoint(name string) Endpoint { + switch name { +{{- range .}} + case "{{.Name}}": + return {{.Name}} +{{- end}} + default: + return -1 + } } - ` -// -//const stringFunctionTemplateStr = `func (e Endpoint) String() string { -// switch e { -//{{- range .}} -// case {{.Name}}: -// return "{{.Name}}" -//{{- end}} -// default: -// return "" -// } -//} -//` -// -//const getEndpointFunctionTemplateStr = `func GetEndpoint(name string) Endpoint { -// switch name { -//{{- range .}} -// case "{{.Name}}": -// return {{.Name}} -//{{- end}} -// default: -// return -1 -// } -//} -//` - func main() { fset := token.NewFileSet() node, err := parser.ParseFile(fset, endpointFilePath, nil, parser.ParseComments) @@ -178,42 +157,31 @@ func main() { log.Fatalf("failed to execute template: %v", err) } - restCodeTemplate := template.New("restCode") - restCodeTemplate, err = restCodeTemplate.Parse(restCodeTemplateStr) + // contents for stringFunction + stringFunctionTemplate := template.New("stringFunction") + stringFunctionTemplate, err = stringFunctionTemplate.Parse(stringFunctionTemplateStr) if err != nil { log.Fatalf("failed to parse template: %v", err) } - var restCode bytes.Buffer - if err := restCodeTemplate.Execute(&restCode, nil); err != nil { + var stringFunctionCode bytes.Buffer + if err := stringFunctionTemplate.Execute(&stringFunctionCode, endpoints); err != nil { + log.Fatalf("failed to execute template: %v", err) + } + + // contents for getEndpointFunction + getEndpointFunctionTemplate := template.New("getEndpointFunction") + getEndpointFunctionTemplate, err = getEndpointFunctionTemplate.Parse(getEndpointFunctionTemplateStr) + if err != nil { + log.Fatalf("failed to parse template: %v", err) + } + var getEndpointFunctionCode bytes.Buffer + if err := getEndpointFunctionTemplate.Execute(&getEndpointFunctionCode, endpoints); err != nil { log.Fatalf("failed to execute template: %v", err) } - // - //// contents for stringFunction - //stringFunctionTemplate := template.New("stringFunction") - //stringFunctionTemplate, err = stringFunctionTemplate.Parse(stringFunctionTemplateStr) - //if err != nil { - // log.Fatalf("failed to parse template: %v", err) - //} - //var stringFunctionCode bytes.Buffer - //if err := stringFunctionTemplate.Execute(&stringFunctionCode, endpoints); err != nil { - // log.Fatalf("failed to execute template: %v", err) - //} - // - //// contents for getEndpointFunction - //getEndpointFunctionTemplate := template.New("getEndpointFunction") - //getEndpointFunctionTemplate, err = getEndpointFunctionTemplate.Parse(getEndpointFunctionTemplateStr) - //if err != nil { - // log.Fatalf("failed to parse template: %v", err) - //} - //var getEndpointFunctionCode bytes.Buffer - //if err := getEndpointFunctionTemplate.Execute(&getEndpointFunctionCode, endpoints); err != nil { - // log.Fatalf("failed to execute template: %v", err) - //} // replace original file(endpointFilePath) with new contents //contents := indexCode.String() + endpointCode.String() + apiMapCode.String() + stringFunctionCode.String() + getEndpointFunctionCode.String() - //contents := indexCode.String() + apiMapCode.String() + stringFunctionCode.String() + getEndpointFunctionCode.String() - contents := indexCode.String() + apiMapCode.String() + restCode.String() + contents := indexCode.String() + apiMapCode.String() + stringFunctionCode.String() + getEndpointFunctionCode.String() newFilePath := strings.Replace(endpointFilePath, "endpoint", "generated_endpoints.go", 1) if err := ioutil.WriteFile(newFilePath, []byte(contents), 0644); err != nil { diff --git a/internal/database/database.go b/internal/database/database.go index 44f7f095..9fcb1a37 100644 --- a/internal/database/database.go +++ b/internal/database/database.go @@ -63,7 +63,6 @@ func migrateSchema(db *gorm.DB) error { if err := db.AutoMigrate(&model.CacheEmailCode{}, &model.ExpiredTokenTime{}, &model.Role{}, - &model.PermissionEndpoint{}, &model.CloudAccount{}, &model.StackTemplate{}, &model.Organization{}, @@ -132,7 +131,7 @@ func EnsureDefaultRows(db *gorm.DB) error { for _, ep := range eps { storedEps[ep.Name] = struct{}{} } - for _, ep := range api.MapWithEndpoint { + for _, ep := range api.ApiMap { if _, ok := storedEps[ep.Name]; !ok { if err := repoFactory.Endpoint.Create(ctx, &model.Endpoint{ Name: ep.Name, diff --git a/internal/delivery/api/endpoint.go b/internal/delivery/api/endpoint.go index c0747230..c847c189 100644 --- a/internal/delivery/api/endpoint.go +++ b/internal/delivery/api/endpoint.go @@ -161,14 +161,14 @@ const ( GetPolicyNotification // Stack - CreateStack // 스택관리/생성 GetStacks // 스택관리/조회 + CreateStack // 스택관리/생성 + CheckStackName // 스택관리/조회 GetStack // 스택관리/조회 UpdateStack // 스택관리/수정 DeleteStack // 스택관리/삭제 - CheckStackName // 스택관리/조회 - GetStackStatus // 스택관리/조회 GetStackKubeConfig // 스택관리/조회 + GetStackStatus // 스택관리/조회 SetFavoriteStack // 스택관리/조회 DeleteFavoriteStack // 스택관리/조회 InstallStack // 스택관리 / 조회 @@ -219,10 +219,6 @@ const ( // Permission GetPermissionTemplates - GetEndpointsByPermissionId - - // Endpoint - Admin_GetEndpoints // Admin_User Admin_CreateUser diff --git a/internal/delivery/api/endpoints_permission_test.go b/internal/delivery/api/endpoints_permission_test.go index a4ba98bf..b012f456 100644 --- a/internal/delivery/api/endpoints_permission_test.go +++ b/internal/delivery/api/endpoints_permission_test.go @@ -8,7 +8,7 @@ import ( func TestEndpointsUsage(t *testing.T) { var allEndpoints []string - for _, v := range api.MapWithEndpoint { + for _, v := range api.ApiMap { allEndpoints = append(allEndpoints, v.Name) } //allEndpoints := []Endpoint{ @@ -26,6 +26,7 @@ func TestEndpointsUsage(t *testing.T) { ps.Stack, ps.Policy, ps.Common, + ps.Admin, } leafPermissions := make([]*model.Permission, 0) diff --git a/internal/delivery/api/generated_endpoints.go.go b/internal/delivery/api/generated_endpoints.go.go index e8d61139..937cb4d0 100644 --- a/internal/delivery/api/generated_endpoints.go.go +++ b/internal/delivery/api/generated_endpoints.go.go @@ -1,959 +1,1882 @@ -// This is generated code. DO NOT EDIT. + // This is generated code. DO NOT EDIT. package api -var MapWithEndpoint = map[Endpoint]EndpointInfo{ - Login: { - Name: "Login", +var ApiMap = map[Endpoint]EndpointInfo{ + Login: { + Name: "Login", Group: "Auth", }, - Logout: { - Name: "Logout", + Logout: { + Name: "Logout", Group: "Auth", }, - RefreshToken: { - Name: "RefreshToken", + RefreshToken: { + Name: "RefreshToken", Group: "Auth", }, - FindId: { - Name: "FindId", + FindId: { + Name: "FindId", Group: "Auth", }, - FindPassword: { - Name: "FindPassword", + FindPassword: { + Name: "FindPassword", Group: "Auth", }, - VerifyIdentityForLostId: { - Name: "VerifyIdentityForLostId", + VerifyIdentityForLostId: { + Name: "VerifyIdentityForLostId", Group: "Auth", }, - VerifyIdentityForLostPassword: { - Name: "VerifyIdentityForLostPassword", + VerifyIdentityForLostPassword: { + Name: "VerifyIdentityForLostPassword", Group: "Auth", }, - VerifyToken: { - Name: "VerifyToken", + VerifyToken: { + Name: "VerifyToken", Group: "Auth", }, - CreateUser: { - Name: "CreateUser", + CreateUser: { + Name: "CreateUser", Group: "User", }, - ListUser: { - Name: "ListUser", + ListUser: { + Name: "ListUser", Group: "User", }, - GetUser: { - Name: "GetUser", + GetUser: { + Name: "GetUser", Group: "User", }, - DeleteUser: { - Name: "DeleteUser", + DeleteUser: { + Name: "DeleteUser", Group: "User", }, - UpdateUsers: { - Name: "UpdateUsers", + UpdateUsers: { + Name: "UpdateUsers", Group: "User", }, - UpdateUser: { - Name: "UpdateUser", + UpdateUser: { + Name: "UpdateUser", Group: "User", }, - ResetPassword: { - Name: "ResetPassword", + ResetPassword: { + Name: "ResetPassword", Group: "User", }, - CheckId: { - Name: "CheckId", + CheckId: { + Name: "CheckId", Group: "User", }, - CheckEmail: { - Name: "CheckEmail", + CheckEmail: { + Name: "CheckEmail", Group: "User", }, - GetPermissionsByAccountId: { - Name: "GetPermissionsByAccountId", + GetPermissionsByAccountId: { + Name: "GetPermissionsByAccountId", Group: "User", }, - GetMyProfile: { - Name: "GetMyProfile", + GetMyProfile: { + Name: "GetMyProfile", Group: "MyProfile", }, - UpdateMyProfile: { - Name: "UpdateMyProfile", + UpdateMyProfile: { + Name: "UpdateMyProfile", Group: "MyProfile", }, - UpdateMyPassword: { - Name: "UpdateMyPassword", + UpdateMyPassword: { + Name: "UpdateMyPassword", Group: "MyProfile", }, - RenewPasswordExpiredDate: { - Name: "RenewPasswordExpiredDate", + RenewPasswordExpiredDate: { + Name: "RenewPasswordExpiredDate", Group: "MyProfile", }, - DeleteMyProfile: { - Name: "DeleteMyProfile", + DeleteMyProfile: { + Name: "DeleteMyProfile", Group: "MyProfile", }, - Admin_CreateOrganization: { - Name: "Admin_CreateOrganization", + Admin_CreateOrganization: { + Name: "Admin_CreateOrganization", Group: "Organization", }, - Admin_DeleteOrganization: { - Name: "Admin_DeleteOrganization", + Admin_DeleteOrganization: { + Name: "Admin_DeleteOrganization", Group: "Organization", }, - GetOrganizations: { - Name: "GetOrganizations", + GetOrganizations: { + Name: "GetOrganizations", Group: "Organization", }, - GetOrganization: { - Name: "GetOrganization", + GetOrganization: { + Name: "GetOrganization", Group: "Organization", }, - CheckOrganizationName: { - Name: "CheckOrganizationName", + CheckOrganizationName: { + Name: "CheckOrganizationName", Group: "Organization", }, - UpdateOrganization: { - Name: "UpdateOrganization", + UpdateOrganization: { + Name: "UpdateOrganization", Group: "Organization", }, - UpdatePrimaryCluster: { - Name: "UpdatePrimaryCluster", + UpdatePrimaryCluster: { + Name: "UpdatePrimaryCluster", Group: "Organization", }, - CreateCluster: { - Name: "CreateCluster", + CreateCluster: { + Name: "CreateCluster", Group: "Cluster", }, - GetClusters: { - Name: "GetClusters", + GetClusters: { + Name: "GetClusters", Group: "Cluster", }, - ImportCluster: { - Name: "ImportCluster", + ImportCluster: { + Name: "ImportCluster", Group: "Cluster", }, - GetCluster: { - Name: "GetCluster", + GetCluster: { + Name: "GetCluster", Group: "Cluster", }, - DeleteCluster: { - Name: "DeleteCluster", + DeleteCluster: { + Name: "DeleteCluster", Group: "Cluster", }, - GetClusterSiteValues: { - Name: "GetClusterSiteValues", + GetClusterSiteValues: { + Name: "GetClusterSiteValues", Group: "Cluster", }, - InstallCluster: { - Name: "InstallCluster", + InstallCluster: { + Name: "InstallCluster", Group: "Cluster", }, - CreateBootstrapKubeconfig: { - Name: "CreateBootstrapKubeconfig", + CreateBootstrapKubeconfig: { + Name: "CreateBootstrapKubeconfig", Group: "Cluster", }, - GetBootstrapKubeconfig: { - Name: "GetBootstrapKubeconfig", + GetBootstrapKubeconfig: { + Name: "GetBootstrapKubeconfig", Group: "Cluster", }, - GetNodes: { - Name: "GetNodes", + GetNodes: { + Name: "GetNodes", Group: "Cluster", }, - CreateAppgroup: { - Name: "CreateAppgroup", + CreateAppgroup: { + Name: "CreateAppgroup", Group: "Appgroup", }, - GetAppgroups: { - Name: "GetAppgroups", + GetAppgroups: { + Name: "GetAppgroups", Group: "Appgroup", }, - GetAppgroup: { - Name: "GetAppgroup", + GetAppgroup: { + Name: "GetAppgroup", Group: "Appgroup", }, - DeleteAppgroup: { - Name: "DeleteAppgroup", + DeleteAppgroup: { + Name: "DeleteAppgroup", Group: "Appgroup", }, - GetApplications: { - Name: "GetApplications", + GetApplications: { + Name: "GetApplications", Group: "Appgroup", }, - CreateApplication: { - Name: "CreateApplication", + CreateApplication: { + Name: "CreateApplication", Group: "Appgroup", }, - GetAppServeAppTasksByAppId: { - Name: "GetAppServeAppTasksByAppId", + GetAppServeAppTasksByAppId: { + Name: "GetAppServeAppTasksByAppId", Group: "AppServeApp", }, - GetAppServeAppTaskDetail: { - Name: "GetAppServeAppTaskDetail", + GetAppServeAppTaskDetail: { + Name: "GetAppServeAppTaskDetail", Group: "AppServeApp", }, - CreateAppServeApp: { - Name: "CreateAppServeApp", + CreateAppServeApp: { + Name: "CreateAppServeApp", Group: "AppServeApp", }, - GetAppServeApps: { - Name: "GetAppServeApps", + GetAppServeApps: { + Name: "GetAppServeApps", Group: "AppServeApp", }, - GetNumOfAppsOnStack: { - Name: "GetNumOfAppsOnStack", + GetNumOfAppsOnStack: { + Name: "GetNumOfAppsOnStack", Group: "AppServeApp", }, - GetAppServeApp: { - Name: "GetAppServeApp", + GetAppServeApp: { + Name: "GetAppServeApp", Group: "AppServeApp", }, - GetAppServeAppLatestTask: { - Name: "GetAppServeAppLatestTask", + GetAppServeAppLatestTask: { + Name: "GetAppServeAppLatestTask", Group: "AppServeApp", }, - IsAppServeAppExist: { - Name: "IsAppServeAppExist", + IsAppServeAppExist: { + Name: "IsAppServeAppExist", Group: "AppServeApp", }, - IsAppServeAppNameExist: { - Name: "IsAppServeAppNameExist", + IsAppServeAppNameExist: { + Name: "IsAppServeAppNameExist", Group: "AppServeApp", }, - DeleteAppServeApp: { - Name: "DeleteAppServeApp", + DeleteAppServeApp: { + Name: "DeleteAppServeApp", Group: "AppServeApp", }, - UpdateAppServeApp: { - Name: "UpdateAppServeApp", + UpdateAppServeApp: { + Name: "UpdateAppServeApp", Group: "AppServeApp", }, - UpdateAppServeAppStatus: { - Name: "UpdateAppServeAppStatus", + UpdateAppServeAppStatus: { + Name: "UpdateAppServeAppStatus", Group: "AppServeApp", }, - UpdateAppServeAppEndpoint: { - Name: "UpdateAppServeAppEndpoint", + UpdateAppServeAppEndpoint: { + Name: "UpdateAppServeAppEndpoint", Group: "AppServeApp", }, - RollbackAppServeApp: { - Name: "RollbackAppServeApp", + RollbackAppServeApp: { + Name: "RollbackAppServeApp", Group: "AppServeApp", }, - GetCloudAccounts: { - Name: "GetCloudAccounts", + GetCloudAccounts: { + Name: "GetCloudAccounts", Group: "CloudAccount", }, - CreateCloudAccount: { - Name: "CreateCloudAccount", + CreateCloudAccount: { + Name: "CreateCloudAccount", Group: "CloudAccount", }, - CheckCloudAccountName: { - Name: "CheckCloudAccountName", + CheckCloudAccountName: { + Name: "CheckCloudAccountName", Group: "CloudAccount", }, - CheckAwsAccountId: { - Name: "CheckAwsAccountId", + CheckAwsAccountId: { + Name: "CheckAwsAccountId", Group: "CloudAccount", }, - GetCloudAccount: { - Name: "GetCloudAccount", + GetCloudAccount: { + Name: "GetCloudAccount", Group: "CloudAccount", }, - UpdateCloudAccount: { - Name: "UpdateCloudAccount", + UpdateCloudAccount: { + Name: "UpdateCloudAccount", Group: "CloudAccount", }, - DeleteCloudAccount: { - Name: "DeleteCloudAccount", + DeleteCloudAccount: { + Name: "DeleteCloudAccount", Group: "CloudAccount", }, - DeleteForceCloudAccount: { - Name: "DeleteForceCloudAccount", + DeleteForceCloudAccount: { + Name: "DeleteForceCloudAccount", Group: "CloudAccount", }, - GetResourceQuota: { - Name: "GetResourceQuota", + GetResourceQuota: { + Name: "GetResourceQuota", Group: "CloudAccount", }, - Admin_GetStackTemplates: { - Name: "Admin_GetStackTemplates", + Admin_GetStackTemplates: { + Name: "Admin_GetStackTemplates", Group: "StackTemplate", }, - Admin_GetStackTemplate: { - Name: "Admin_GetStackTemplate", + Admin_GetStackTemplate: { + Name: "Admin_GetStackTemplate", Group: "StackTemplate", }, - Admin_GetStackTemplateServices: { - Name: "Admin_GetStackTemplateServices", + Admin_GetStackTemplateServices: { + Name: "Admin_GetStackTemplateServices", Group: "StackTemplate", }, - Admin_GetStackTemplateTemplateIds: { - Name: "Admin_GetStackTemplateTemplateIds", + Admin_GetStackTemplateTemplateIds: { + Name: "Admin_GetStackTemplateTemplateIds", Group: "StackTemplate", }, - Admin_CreateStackTemplate: { - Name: "Admin_CreateStackTemplate", + Admin_CreateStackTemplate: { + Name: "Admin_CreateStackTemplate", Group: "StackTemplate", }, - Admin_UpdateStackTemplate: { - Name: "Admin_UpdateStackTemplate", + Admin_UpdateStackTemplate: { + Name: "Admin_UpdateStackTemplate", Group: "StackTemplate", }, - Admin_DeleteStackTemplate: { - Name: "Admin_DeleteStackTemplate", + Admin_DeleteStackTemplate: { + Name: "Admin_DeleteStackTemplate", Group: "StackTemplate", }, - Admin_UpdateStackTemplateOrganizations: { - Name: "Admin_UpdateStackTemplateOrganizations", + Admin_UpdateStackTemplateOrganizations: { + Name: "Admin_UpdateStackTemplateOrganizations", Group: "StackTemplate", }, - Admin_CheckStackTemplateName: { - Name: "Admin_CheckStackTemplateName", + Admin_CheckStackTemplateName: { + Name: "Admin_CheckStackTemplateName", Group: "StackTemplate", }, - GetOrganizationStackTemplates: { - Name: "GetOrganizationStackTemplates", + GetOrganizationStackTemplates: { + Name: "GetOrganizationStackTemplates", Group: "StackTemplate", }, - GetOrganizationStackTemplate: { - Name: "GetOrganizationStackTemplate", + GetOrganizationStackTemplate: { + Name: "GetOrganizationStackTemplate", Group: "StackTemplate", }, - AddOrganizationStackTemplates: { - Name: "AddOrganizationStackTemplates", + AddOrganizationStackTemplates: { + Name: "AddOrganizationStackTemplates", Group: "StackTemplate", }, - RemoveOrganizationStackTemplates: { - Name: "RemoveOrganizationStackTemplates", + RemoveOrganizationStackTemplates: { + Name: "RemoveOrganizationStackTemplates", Group: "StackTemplate", }, - CreateDashboard: { - Name: "CreateDashboard", + CreateDashboard: { + Name: "CreateDashboard", Group: "Dashboard", }, - GetDashboard: { - Name: "GetDashboard", + GetDashboard: { + Name: "GetDashboard", Group: "Dashboard", }, - UpdateDashboard: { - Name: "UpdateDashboard", + UpdateDashboard: { + Name: "UpdateDashboard", Group: "Dashboard", }, - GetChartsDashboard: { - Name: "GetChartsDashboard", + GetChartsDashboard: { + Name: "GetChartsDashboard", Group: "Dashboard", }, - GetChartDashboard: { - Name: "GetChartDashboard", + GetChartDashboard: { + Name: "GetChartDashboard", Group: "Dashboard", }, - GetStacksDashboard: { - Name: "GetStacksDashboard", + GetStacksDashboard: { + Name: "GetStacksDashboard", Group: "Dashboard", }, - GetResourcesDashboard: { - Name: "GetResourcesDashboard", + GetResourcesDashboard: { + Name: "GetResourcesDashboard", Group: "Dashboard", }, - GetPolicyStatusDashboard: { - Name: "GetPolicyStatusDashboard", + GetPolicyStatusDashboard: { + Name: "GetPolicyStatusDashboard", Group: "Dashboard", }, - GetPolicyUpdateDashboard: { - Name: "GetPolicyUpdateDashboard", + GetPolicyUpdateDashboard: { + Name: "GetPolicyUpdateDashboard", Group: "Dashboard", }, - GetPolicyEnforcementDashboard: { - Name: "GetPolicyEnforcementDashboard", + GetPolicyEnforcementDashboard: { + Name: "GetPolicyEnforcementDashboard", Group: "Dashboard", }, - GetPolicyViolationDashboard: { - Name: "GetPolicyViolationDashboard", + GetPolicyViolationDashboard: { + Name: "GetPolicyViolationDashboard", Group: "Dashboard", }, - GetPolicyViolationLogDashboard: { - Name: "GetPolicyViolationLogDashboard", + GetPolicyViolationLogDashboard: { + Name: "GetPolicyViolationLogDashboard", Group: "Dashboard", }, - GetPolicyStatisticsDashboard: { - Name: "GetPolicyStatisticsDashboard", + GetPolicyStatisticsDashboard: { + Name: "GetPolicyStatisticsDashboard", Group: "Dashboard", }, - GetWorkloadDashboard: { - Name: "GetWorkloadDashboard", + GetWorkloadDashboard: { + Name: "GetWorkloadDashboard", Group: "Dashboard", }, - GetPolicyViolationTop5Dashboard: { - Name: "GetPolicyViolationTop5Dashboard", + GetPolicyViolationTop5Dashboard: { + Name: "GetPolicyViolationTop5Dashboard", Group: "Dashboard", }, - Admin_CreateSystemNotificationTemplate: { - Name: "Admin_CreateSystemNotificationTemplate", + Admin_CreateSystemNotificationTemplate: { + Name: "Admin_CreateSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - Admin_UpdateSystemNotificationTemplate: { - Name: "Admin_UpdateSystemNotificationTemplate", + Admin_UpdateSystemNotificationTemplate: { + Name: "Admin_UpdateSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - Admin_DeleteSystemNotificationTemplate: { - Name: "Admin_DeleteSystemNotificationTemplate", + Admin_DeleteSystemNotificationTemplate: { + Name: "Admin_DeleteSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - Admin_GetSystemNotificationTemplates: { - Name: "Admin_GetSystemNotificationTemplates", + Admin_GetSystemNotificationTemplates: { + Name: "Admin_GetSystemNotificationTemplates", Group: "SystemNotificationTemplate", }, - Admin_GetSystemNotificationTemplate: { - Name: "Admin_GetSystemNotificationTemplate", + Admin_GetSystemNotificationTemplate: { + Name: "Admin_GetSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - Admin_CheckSystemNotificationTemplateName: { - Name: "Admin_CheckSystemNotificationTemplateName", + Admin_CheckSystemNotificationTemplateName: { + Name: "Admin_CheckSystemNotificationTemplateName", Group: "SystemNotificationTemplate", }, - GetOrganizationSystemNotificationTemplates: { - Name: "GetOrganizationSystemNotificationTemplates", + GetOrganizationSystemNotificationTemplates: { + Name: "GetOrganizationSystemNotificationTemplates", Group: "SystemNotificationTemplate", }, - GetOrganizationSystemNotificationTemplate: { - Name: "GetOrganizationSystemNotificationTemplate", + GetOrganizationSystemNotificationTemplate: { + Name: "GetOrganizationSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - AddOrganizationSystemNotificationTemplates: { - Name: "AddOrganizationSystemNotificationTemplates", + AddOrganizationSystemNotificationTemplates: { + Name: "AddOrganizationSystemNotificationTemplates", Group: "SystemNotificationTemplate", }, - RemoveOrganizationSystemNotificationTemplates: { - Name: "RemoveOrganizationSystemNotificationTemplates", + RemoveOrganizationSystemNotificationTemplates: { + Name: "RemoveOrganizationSystemNotificationTemplates", Group: "SystemNotificationTemplate", }, - CreateSystemNotificationRule: { - Name: "CreateSystemNotificationRule", + CreateSystemNotificationRule: { + Name: "CreateSystemNotificationRule", Group: "SystemNotificationRule", }, - GetSystemNotificationRules: { - Name: "GetSystemNotificationRules", + GetSystemNotificationRules: { + Name: "GetSystemNotificationRules", Group: "SystemNotificationRule", }, - GetSystemNotificationRule: { - Name: "GetSystemNotificationRule", + GetSystemNotificationRule: { + Name: "GetSystemNotificationRule", Group: "SystemNotificationRule", }, - CheckSystemNotificationRuleName: { - Name: "CheckSystemNotificationRuleName", + CheckSystemNotificationRuleName: { + Name: "CheckSystemNotificationRuleName", Group: "SystemNotificationRule", }, - DeleteSystemNotificationRule: { - Name: "DeleteSystemNotificationRule", + DeleteSystemNotificationRule: { + Name: "DeleteSystemNotificationRule", Group: "SystemNotificationRule", }, - UpdateSystemNotificationRule: { - Name: "UpdateSystemNotificationRule", + UpdateSystemNotificationRule: { + Name: "UpdateSystemNotificationRule", Group: "SystemNotificationRule", }, - MakeDefaultSystemNotificationRules: { - Name: "MakeDefaultSystemNotificationRules", + MakeDefaultSystemNotificationRules: { + Name: "MakeDefaultSystemNotificationRules", Group: "SystemNotificationRule", }, - CreateSystemNotification: { - Name: "CreateSystemNotification", + CreateSystemNotification: { + Name: "CreateSystemNotification", Group: "SystemNotification", }, - GetSystemNotifications: { - Name: "GetSystemNotifications", + GetSystemNotifications: { + Name: "GetSystemNotifications", Group: "SystemNotification", }, - GetSystemNotification: { - Name: "GetSystemNotification", + GetSystemNotification: { + Name: "GetSystemNotification", Group: "SystemNotification", }, - DeleteSystemNotification: { - Name: "DeleteSystemNotification", + DeleteSystemNotification: { + Name: "DeleteSystemNotification", Group: "SystemNotification", }, - UpdateSystemNotification: { - Name: "UpdateSystemNotification", + UpdateSystemNotification: { + Name: "UpdateSystemNotification", Group: "SystemNotification", }, - CreateSystemNotificationAction: { - Name: "CreateSystemNotificationAction", + CreateSystemNotificationAction: { + Name: "CreateSystemNotificationAction", Group: "SystemNotification", }, - GetPolicyNotifications: { - Name: "GetPolicyNotifications", + GetPolicyNotifications: { + Name: "GetPolicyNotifications", Group: "PolicyNotification", }, - GetPolicyNotification: { - Name: "GetPolicyNotification", + GetPolicyNotification: { + Name: "GetPolicyNotification", Group: "PolicyNotification", }, - CreateStack: { - Name: "CreateStack", + GetStacks: { + Name: "GetStacks", Group: "Stack", }, - GetStacks: { - Name: "GetStacks", + CreateStack: { + Name: "CreateStack", Group: "Stack", }, - GetStack: { - Name: "GetStack", + CheckStackName: { + Name: "CheckStackName", Group: "Stack", }, - UpdateStack: { - Name: "UpdateStack", + GetStack: { + Name: "GetStack", Group: "Stack", }, - DeleteStack: { - Name: "DeleteStack", + UpdateStack: { + Name: "UpdateStack", Group: "Stack", }, - CheckStackName: { - Name: "CheckStackName", + DeleteStack: { + Name: "DeleteStack", Group: "Stack", }, - GetStackStatus: { - Name: "GetStackStatus", + GetStackKubeConfig: { + Name: "GetStackKubeConfig", Group: "Stack", }, - GetStackKubeConfig: { - Name: "GetStackKubeConfig", + GetStackStatus: { + Name: "GetStackStatus", Group: "Stack", }, - SetFavoriteStack: { - Name: "SetFavoriteStack", + SetFavoriteStack: { + Name: "SetFavoriteStack", Group: "Stack", }, - DeleteFavoriteStack: { - Name: "DeleteFavoriteStack", + DeleteFavoriteStack: { + Name: "DeleteFavoriteStack", Group: "Stack", }, - InstallStack: { - Name: "InstallStack", + InstallStack: { + Name: "InstallStack", Group: "Stack", }, - CreateProject: { - Name: "CreateProject", + CreateProject: { + Name: "CreateProject", Group: "Project", }, - GetProjectRoles: { - Name: "GetProjectRoles", + GetProjectRoles: { + Name: "GetProjectRoles", Group: "Project", }, - GetProjectRole: { - Name: "GetProjectRole", + GetProjectRole: { + Name: "GetProjectRole", Group: "Project", }, - GetProjects: { - Name: "GetProjects", + GetProjects: { + Name: "GetProjects", Group: "Project", }, - GetProject: { - Name: "GetProject", + GetProject: { + Name: "GetProject", Group: "Project", }, - UpdateProject: { - Name: "UpdateProject", + UpdateProject: { + Name: "UpdateProject", Group: "Project", }, - DeleteProject: { - Name: "DeleteProject", + DeleteProject: { + Name: "DeleteProject", Group: "Project", }, - AddProjectMember: { - Name: "AddProjectMember", + AddProjectMember: { + Name: "AddProjectMember", Group: "Project", }, - GetProjectMember: { - Name: "GetProjectMember", + GetProjectMember: { + Name: "GetProjectMember", Group: "Project", }, - GetProjectMembers: { - Name: "GetProjectMembers", + GetProjectMembers: { + Name: "GetProjectMembers", Group: "Project", }, - RemoveProjectMember: { - Name: "RemoveProjectMember", + RemoveProjectMember: { + Name: "RemoveProjectMember", Group: "Project", }, - UpdateProjectMemberRole: { - Name: "UpdateProjectMemberRole", + UpdateProjectMemberRole: { + Name: "UpdateProjectMemberRole", Group: "Project", }, - CreateProjectNamespace: { - Name: "CreateProjectNamespace", + CreateProjectNamespace: { + Name: "CreateProjectNamespace", Group: "Project", }, - GetProjectNamespaces: { - Name: "GetProjectNamespaces", + GetProjectNamespaces: { + Name: "GetProjectNamespaces", Group: "Project", }, - GetProjectNamespace: { - Name: "GetProjectNamespace", + GetProjectNamespace: { + Name: "GetProjectNamespace", Group: "Project", }, - UpdateProjectNamespace: { - Name: "UpdateProjectNamespace", + UpdateProjectNamespace: { + Name: "UpdateProjectNamespace", Group: "Project", }, - DeleteProjectNamespace: { - Name: "DeleteProjectNamespace", + DeleteProjectNamespace: { + Name: "DeleteProjectNamespace", Group: "Project", }, - SetFavoriteProject: { - Name: "SetFavoriteProject", + SetFavoriteProject: { + Name: "SetFavoriteProject", Group: "Project", }, - SetFavoriteProjectNamespace: { - Name: "SetFavoriteProjectNamespace", + SetFavoriteProjectNamespace: { + Name: "SetFavoriteProjectNamespace", Group: "Project", }, - UnSetFavoriteProject: { - Name: "UnSetFavoriteProject", + UnSetFavoriteProject: { + Name: "UnSetFavoriteProject", Group: "Project", }, - UnSetFavoriteProjectNamespace: { - Name: "UnSetFavoriteProjectNamespace", + UnSetFavoriteProjectNamespace: { + Name: "UnSetFavoriteProjectNamespace", Group: "Project", }, - GetProjectKubeconfig: { - Name: "GetProjectKubeconfig", + GetProjectKubeconfig: { + Name: "GetProjectKubeconfig", Group: "Project", }, - GetProjectNamespaceK8sResources: { - Name: "GetProjectNamespaceK8sResources", + GetProjectNamespaceK8sResources: { + Name: "GetProjectNamespaceK8sResources", Group: "Project", }, - GetProjectNamespaceKubeconfig: { - Name: "GetProjectNamespaceKubeconfig", + GetProjectNamespaceKubeconfig: { + Name: "GetProjectNamespaceKubeconfig", Group: "Project", }, - GetAudits: { - Name: "GetAudits", + GetAudits: { + Name: "GetAudits", Group: "Audit", }, - GetAudit: { - Name: "GetAudit", + GetAudit: { + Name: "GetAudit", Group: "Audit", }, - DeleteAudit: { - Name: "DeleteAudit", + DeleteAudit: { + Name: "DeleteAudit", Group: "Audit", }, - CreateTksRole: { - Name: "CreateTksRole", + CreateTksRole: { + Name: "CreateTksRole", Group: "Role", }, - ListTksRoles: { - Name: "ListTksRoles", + ListTksRoles: { + Name: "ListTksRoles", Group: "Role", }, - GetTksRole: { - Name: "GetTksRole", + GetTksRole: { + Name: "GetTksRole", Group: "Role", }, - DeleteTksRole: { - Name: "DeleteTksRole", + DeleteTksRole: { + Name: "DeleteTksRole", Group: "Role", }, - UpdateTksRole: { - Name: "UpdateTksRole", + UpdateTksRole: { + Name: "UpdateTksRole", Group: "Role", }, - GetPermissionsByRoleId: { - Name: "GetPermissionsByRoleId", + GetPermissionsByRoleId: { + Name: "GetPermissionsByRoleId", Group: "Role", }, - UpdatePermissionsByRoleId: { - Name: "UpdatePermissionsByRoleId", + UpdatePermissionsByRoleId: { + Name: "UpdatePermissionsByRoleId", Group: "Role", }, - IsRoleNameExisted: { - Name: "IsRoleNameExisted", + IsRoleNameExisted: { + Name: "IsRoleNameExisted", Group: "Role", }, - AppendUsersToRole: { - Name: "AppendUsersToRole", + AppendUsersToRole: { + Name: "AppendUsersToRole", Group: "Role", }, - GetUsersInRoleId: { - Name: "GetUsersInRoleId", + GetUsersInRoleId: { + Name: "GetUsersInRoleId", Group: "Role", }, - RemoveUsersFromRole: { - Name: "RemoveUsersFromRole", + RemoveUsersFromRole: { + Name: "RemoveUsersFromRole", Group: "Role", }, - GetPermissionTemplates: { - Name: "GetPermissionTemplates", + GetPermissionTemplates: { + Name: "GetPermissionTemplates", Group: "Permission", }, - Admin_GetEndpoints: { - Name: "Admin_GetEndpoints", - Group: "Endpoint", - }, - Admin_CreateUser: { - Name: "Admin_CreateUser", + Admin_CreateUser: { + Name: "Admin_CreateUser", Group: "Admin_User", }, - Admin_ListUser: { - Name: "Admin_ListUser", + Admin_ListUser: { + Name: "Admin_ListUser", Group: "Admin_User", }, - Admin_GetUser: { - Name: "Admin_GetUser", + Admin_GetUser: { + Name: "Admin_GetUser", Group: "Admin_User", }, - Admin_DeleteUser: { - Name: "Admin_DeleteUser", + Admin_DeleteUser: { + Name: "Admin_DeleteUser", Group: "Admin_User", }, - Admin_UpdateUser: { - Name: "Admin_UpdateUser", + Admin_UpdateUser: { + Name: "Admin_UpdateUser", Group: "Admin_User", }, - Admin_ListTksRoles: { - Name: "Admin_ListTksRoles", + Admin_ListTksRoles: { + Name: "Admin_ListTksRoles", Group: "Admin Role", }, - Admin_GetTksRole: { - Name: "Admin_GetTksRole", + Admin_GetTksRole: { + Name: "Admin_GetTksRole", Group: "Admin Role", }, - Admin_GetProjects: { - Name: "Admin_GetProjects", + Admin_GetProjects: { + Name: "Admin_GetProjects", Group: "Admin Project", }, - Admin_ListPolicyTemplate: { - Name: "Admin_ListPolicyTemplate", + Admin_ListPolicyTemplate: { + Name: "Admin_ListPolicyTemplate", Group: "PolicyTemplate", }, - Admin_CreatePolicyTemplate: { - Name: "Admin_CreatePolicyTemplate", + Admin_CreatePolicyTemplate: { + Name: "Admin_CreatePolicyTemplate", Group: "PolicyTemplate", }, - Admin_DeletePolicyTemplate: { - Name: "Admin_DeletePolicyTemplate", + Admin_DeletePolicyTemplate: { + Name: "Admin_DeletePolicyTemplate", Group: "PolicyTemplate", }, - Admin_GetPolicyTemplate: { - Name: "Admin_GetPolicyTemplate", + Admin_GetPolicyTemplate: { + Name: "Admin_GetPolicyTemplate", Group: "PolicyTemplate", }, - Admin_UpdatePolicyTemplate: { - Name: "Admin_UpdatePolicyTemplate", + Admin_UpdatePolicyTemplate: { + Name: "Admin_UpdatePolicyTemplate", Group: "PolicyTemplate", }, - Admin_GetPolicyTemplateDeploy: { - Name: "Admin_GetPolicyTemplateDeploy", + Admin_GetPolicyTemplateDeploy: { + Name: "Admin_GetPolicyTemplateDeploy", Group: "PolicyTemplate", }, - Admin_ListPolicyTemplateStatistics: { - Name: "Admin_ListPolicyTemplateStatistics", + Admin_ListPolicyTemplateStatistics: { + Name: "Admin_ListPolicyTemplateStatistics", Group: "PolicyTemplate", }, - Admin_ListPolicyTemplateVersions: { - Name: "Admin_ListPolicyTemplateVersions", + Admin_ListPolicyTemplateVersions: { + Name: "Admin_ListPolicyTemplateVersions", Group: "PolicyTemplate", }, - Admin_CreatePolicyTemplateVersion: { - Name: "Admin_CreatePolicyTemplateVersion", + Admin_CreatePolicyTemplateVersion: { + Name: "Admin_CreatePolicyTemplateVersion", Group: "PolicyTemplate", }, - Admin_DeletePolicyTemplateVersion: { - Name: "Admin_DeletePolicyTemplateVersion", + Admin_DeletePolicyTemplateVersion: { + Name: "Admin_DeletePolicyTemplateVersion", Group: "PolicyTemplate", }, - Admin_GetPolicyTemplateVersion: { - Name: "Admin_GetPolicyTemplateVersion", + Admin_GetPolicyTemplateVersion: { + Name: "Admin_GetPolicyTemplateVersion", Group: "PolicyTemplate", }, - Admin_ExistsPolicyTemplateKind: { - Name: "Admin_ExistsPolicyTemplateKind", + Admin_ExistsPolicyTemplateKind: { + Name: "Admin_ExistsPolicyTemplateKind", Group: "PolicyTemplate", }, - Admin_ExistsPolicyTemplateName: { - Name: "Admin_ExistsPolicyTemplateName", + Admin_ExistsPolicyTemplateName: { + Name: "Admin_ExistsPolicyTemplateName", Group: "PolicyTemplate", }, - Admin_ExtractParameters: { - Name: "Admin_ExtractParameters", + Admin_ExtractParameters: { + Name: "Admin_ExtractParameters", Group: "PolicyTemplate", }, - Admin_AddPermittedPolicyTemplatesForOrganization: { - Name: "Admin_AddPermittedPolicyTemplatesForOrganization", + Admin_AddPermittedPolicyTemplatesForOrganization: { + Name: "Admin_AddPermittedPolicyTemplatesForOrganization", Group: "PolicyTemplate", }, - Admin_DeletePermittedPolicyTemplatesForOrganization: { - Name: "Admin_DeletePermittedPolicyTemplatesForOrganization", + Admin_DeletePermittedPolicyTemplatesForOrganization: { + Name: "Admin_DeletePermittedPolicyTemplatesForOrganization", Group: "PolicyTemplate", }, - ListStackPolicyStatus: { - Name: "ListStackPolicyStatus", + ListStackPolicyStatus: { + Name: "ListStackPolicyStatus", Group: "StackPolicyStatus", }, - GetStackPolicyTemplateStatus: { - Name: "GetStackPolicyTemplateStatus", + GetStackPolicyTemplateStatus: { + Name: "GetStackPolicyTemplateStatus", Group: "StackPolicyStatus", }, - UpdateStackPolicyTemplateStatus: { - Name: "UpdateStackPolicyTemplateStatus", + UpdateStackPolicyTemplateStatus: { + Name: "UpdateStackPolicyTemplateStatus", Group: "StackPolicyStatus", }, - GetMandatoryPolicies: { - Name: "GetMandatoryPolicies", + GetMandatoryPolicies: { + Name: "GetMandatoryPolicies", Group: "Policy", }, - SetMandatoryPolicies: { - Name: "SetMandatoryPolicies", + SetMandatoryPolicies: { + Name: "SetMandatoryPolicies", Group: "Policy", }, - GetPolicyStatistics: { - Name: "GetPolicyStatistics", + GetPolicyStatistics: { + Name: "GetPolicyStatistics", Group: "Policy", }, - ListPolicy: { - Name: "ListPolicy", + ListPolicy: { + Name: "ListPolicy", Group: "Policy", }, - CreatePolicy: { - Name: "CreatePolicy", + CreatePolicy: { + Name: "CreatePolicy", Group: "Policy", }, - DeletePolicy: { - Name: "DeletePolicy", + DeletePolicy: { + Name: "DeletePolicy", Group: "Policy", }, - GetPolicy: { - Name: "GetPolicy", + GetPolicy: { + Name: "GetPolicy", Group: "Policy", }, - UpdatePolicy: { - Name: "UpdatePolicy", + UpdatePolicy: { + Name: "UpdatePolicy", Group: "Policy", }, - UpdatePolicyTargetClusters: { - Name: "UpdatePolicyTargetClusters", + UpdatePolicyTargetClusters: { + Name: "UpdatePolicyTargetClusters", Group: "Policy", }, - ExistsPolicyName: { - Name: "ExistsPolicyName", + ExistsPolicyName: { + Name: "ExistsPolicyName", Group: "Policy", }, - ExistsPolicyResourceName: { - Name: "ExistsPolicyResourceName", + ExistsPolicyResourceName: { + Name: "ExistsPolicyResourceName", Group: "Policy", }, - GetPolicyEdit: { - Name: "GetPolicyEdit", + GetPolicyEdit: { + Name: "GetPolicyEdit", Group: "Policy", }, - AddPoliciesForStack: { - Name: "AddPoliciesForStack", + AddPoliciesForStack: { + Name: "AddPoliciesForStack", Group: "Policy", }, - DeletePoliciesForStack: { - Name: "DeletePoliciesForStack", + DeletePoliciesForStack: { + Name: "DeletePoliciesForStack", Group: "Policy", }, - StackPolicyStatistics: { - Name: "StackPolicyStatistics", + StackPolicyStatistics: { + Name: "StackPolicyStatistics", Group: "Policy", }, - ListPolicyTemplate: { - Name: "ListPolicyTemplate", + ListPolicyTemplate: { + Name: "ListPolicyTemplate", Group: "OrganizationPolicyTemplate", }, - CreatePolicyTemplate: { - Name: "CreatePolicyTemplate", + CreatePolicyTemplate: { + Name: "CreatePolicyTemplate", Group: "OrganizationPolicyTemplate", }, - DeletePolicyTemplate: { - Name: "DeletePolicyTemplate", + DeletePolicyTemplate: { + Name: "DeletePolicyTemplate", Group: "OrganizationPolicyTemplate", }, - GetPolicyTemplate: { - Name: "GetPolicyTemplate", + GetPolicyTemplate: { + Name: "GetPolicyTemplate", Group: "OrganizationPolicyTemplate", }, - UpdatePolicyTemplate: { - Name: "UpdatePolicyTemplate", + UpdatePolicyTemplate: { + Name: "UpdatePolicyTemplate", Group: "OrganizationPolicyTemplate", }, - GetPolicyTemplateDeploy: { - Name: "GetPolicyTemplateDeploy", + GetPolicyTemplateDeploy: { + Name: "GetPolicyTemplateDeploy", Group: "OrganizationPolicyTemplate", }, - ListPolicyTemplateStatistics: { - Name: "ListPolicyTemplateStatistics", + ListPolicyTemplateStatistics: { + Name: "ListPolicyTemplateStatistics", Group: "OrganizationPolicyTemplate", }, - ListPolicyTemplateVersions: { - Name: "ListPolicyTemplateVersions", + ListPolicyTemplateVersions: { + Name: "ListPolicyTemplateVersions", Group: "OrganizationPolicyTemplate", }, - CreatePolicyTemplateVersion: { - Name: "CreatePolicyTemplateVersion", + CreatePolicyTemplateVersion: { + Name: "CreatePolicyTemplateVersion", Group: "OrganizationPolicyTemplate", }, - DeletePolicyTemplateVersion: { - Name: "DeletePolicyTemplateVersion", + DeletePolicyTemplateVersion: { + Name: "DeletePolicyTemplateVersion", Group: "OrganizationPolicyTemplate", }, - GetPolicyTemplateVersion: { - Name: "GetPolicyTemplateVersion", + GetPolicyTemplateVersion: { + Name: "GetPolicyTemplateVersion", Group: "OrganizationPolicyTemplate", }, - ExistsPolicyTemplateKind: { - Name: "ExistsPolicyTemplateKind", + ExistsPolicyTemplateKind: { + Name: "ExistsPolicyTemplateKind", Group: "OrganizationPolicyTemplate", }, - ExistsPolicyTemplateName: { - Name: "ExistsPolicyTemplateName", + ExistsPolicyTemplateName: { + Name: "ExistsPolicyTemplateName", Group: "OrganizationPolicyTemplate", }, - ExtractParameters: { - Name: "ExtractParameters", + ExtractParameters: { + Name: "ExtractParameters", Group: "OrganizationPolicyTemplate", }, - ListPolicyTemplateExample: { - Name: "ListPolicyTemplateExample", + ListPolicyTemplateExample: { + Name: "ListPolicyTemplateExample", Group: "PolicyTemplateExample", }, - GetPolicyTemplateExample: { - Name: "GetPolicyTemplateExample", + GetPolicyTemplateExample: { + Name: "GetPolicyTemplateExample", Group: "PolicyTemplateExample", }, - UpdatePolicyTemplateExample: { - Name: "UpdatePolicyTemplateExample", + UpdatePolicyTemplateExample: { + Name: "UpdatePolicyTemplateExample", Group: "PolicyTemplateExample", }, - DeletePolicyTemplateExample: { - Name: "DeletePolicyTemplateExample", + DeletePolicyTemplateExample: { + Name: "DeletePolicyTemplateExample", Group: "PolicyTemplateExample", }, - CompileRego: { - Name: "CompileRego", + CompileRego: { + Name: "CompileRego", Group: "Utility", }, } -var MapWithName = reverseApiMap() - -func reverseApiMap() map[string]Endpoint { - m := make(map[string]Endpoint) - for k, v := range MapWithEndpoint { - m[v.Name] = k - } - return m -} - func (e Endpoint) String() string { - return MapWithEndpoint[e].Name + switch e { + case Login: + return "Login" + case Logout: + return "Logout" + case RefreshToken: + return "RefreshToken" + case FindId: + return "FindId" + case FindPassword: + return "FindPassword" + case VerifyIdentityForLostId: + return "VerifyIdentityForLostId" + case VerifyIdentityForLostPassword: + return "VerifyIdentityForLostPassword" + case VerifyToken: + return "VerifyToken" + case CreateUser: + return "CreateUser" + case ListUser: + return "ListUser" + case GetUser: + return "GetUser" + case DeleteUser: + return "DeleteUser" + case UpdateUsers: + return "UpdateUsers" + case UpdateUser: + return "UpdateUser" + case ResetPassword: + return "ResetPassword" + case CheckId: + return "CheckId" + case CheckEmail: + return "CheckEmail" + case GetPermissionsByAccountId: + return "GetPermissionsByAccountId" + case GetMyProfile: + return "GetMyProfile" + case UpdateMyProfile: + return "UpdateMyProfile" + case UpdateMyPassword: + return "UpdateMyPassword" + case RenewPasswordExpiredDate: + return "RenewPasswordExpiredDate" + case DeleteMyProfile: + return "DeleteMyProfile" + case Admin_CreateOrganization: + return "Admin_CreateOrganization" + case Admin_DeleteOrganization: + return "Admin_DeleteOrganization" + case GetOrganizations: + return "GetOrganizations" + case GetOrganization: + return "GetOrganization" + case CheckOrganizationName: + return "CheckOrganizationName" + case UpdateOrganization: + return "UpdateOrganization" + case UpdatePrimaryCluster: + return "UpdatePrimaryCluster" + case CreateCluster: + return "CreateCluster" + case GetClusters: + return "GetClusters" + case ImportCluster: + return "ImportCluster" + case GetCluster: + return "GetCluster" + case DeleteCluster: + return "DeleteCluster" + case GetClusterSiteValues: + return "GetClusterSiteValues" + case InstallCluster: + return "InstallCluster" + case CreateBootstrapKubeconfig: + return "CreateBootstrapKubeconfig" + case GetBootstrapKubeconfig: + return "GetBootstrapKubeconfig" + case GetNodes: + return "GetNodes" + case CreateAppgroup: + return "CreateAppgroup" + case GetAppgroups: + return "GetAppgroups" + case GetAppgroup: + return "GetAppgroup" + case DeleteAppgroup: + return "DeleteAppgroup" + case GetApplications: + return "GetApplications" + case CreateApplication: + return "CreateApplication" + case GetAppServeAppTasksByAppId: + return "GetAppServeAppTasksByAppId" + case GetAppServeAppTaskDetail: + return "GetAppServeAppTaskDetail" + case CreateAppServeApp: + return "CreateAppServeApp" + case GetAppServeApps: + return "GetAppServeApps" + case GetNumOfAppsOnStack: + return "GetNumOfAppsOnStack" + case GetAppServeApp: + return "GetAppServeApp" + case GetAppServeAppLatestTask: + return "GetAppServeAppLatestTask" + case IsAppServeAppExist: + return "IsAppServeAppExist" + case IsAppServeAppNameExist: + return "IsAppServeAppNameExist" + case DeleteAppServeApp: + return "DeleteAppServeApp" + case UpdateAppServeApp: + return "UpdateAppServeApp" + case UpdateAppServeAppStatus: + return "UpdateAppServeAppStatus" + case UpdateAppServeAppEndpoint: + return "UpdateAppServeAppEndpoint" + case RollbackAppServeApp: + return "RollbackAppServeApp" + case GetCloudAccounts: + return "GetCloudAccounts" + case CreateCloudAccount: + return "CreateCloudAccount" + case CheckCloudAccountName: + return "CheckCloudAccountName" + case CheckAwsAccountId: + return "CheckAwsAccountId" + case GetCloudAccount: + return "GetCloudAccount" + case UpdateCloudAccount: + return "UpdateCloudAccount" + case DeleteCloudAccount: + return "DeleteCloudAccount" + case DeleteForceCloudAccount: + return "DeleteForceCloudAccount" + case GetResourceQuota: + return "GetResourceQuota" + case Admin_GetStackTemplates: + return "Admin_GetStackTemplates" + case Admin_GetStackTemplate: + return "Admin_GetStackTemplate" + case Admin_GetStackTemplateServices: + return "Admin_GetStackTemplateServices" + case Admin_GetStackTemplateTemplateIds: + return "Admin_GetStackTemplateTemplateIds" + case Admin_CreateStackTemplate: + return "Admin_CreateStackTemplate" + case Admin_UpdateStackTemplate: + return "Admin_UpdateStackTemplate" + case Admin_DeleteStackTemplate: + return "Admin_DeleteStackTemplate" + case Admin_UpdateStackTemplateOrganizations: + return "Admin_UpdateStackTemplateOrganizations" + case Admin_CheckStackTemplateName: + return "Admin_CheckStackTemplateName" + case GetOrganizationStackTemplates: + return "GetOrganizationStackTemplates" + case GetOrganizationStackTemplate: + return "GetOrganizationStackTemplate" + case AddOrganizationStackTemplates: + return "AddOrganizationStackTemplates" + case RemoveOrganizationStackTemplates: + return "RemoveOrganizationStackTemplates" + case CreateDashboard: + return "CreateDashboard" + case GetDashboard: + return "GetDashboard" + case UpdateDashboard: + return "UpdateDashboard" + case GetChartsDashboard: + return "GetChartsDashboard" + case GetChartDashboard: + return "GetChartDashboard" + case GetStacksDashboard: + return "GetStacksDashboard" + case GetResourcesDashboard: + return "GetResourcesDashboard" + case GetPolicyStatusDashboard: + return "GetPolicyStatusDashboard" + case GetPolicyUpdateDashboard: + return "GetPolicyUpdateDashboard" + case GetPolicyEnforcementDashboard: + return "GetPolicyEnforcementDashboard" + case GetPolicyViolationDashboard: + return "GetPolicyViolationDashboard" + case GetPolicyViolationLogDashboard: + return "GetPolicyViolationLogDashboard" + case GetPolicyStatisticsDashboard: + return "GetPolicyStatisticsDashboard" + case GetWorkloadDashboard: + return "GetWorkloadDashboard" + case GetPolicyViolationTop5Dashboard: + return "GetPolicyViolationTop5Dashboard" + case Admin_CreateSystemNotificationTemplate: + return "Admin_CreateSystemNotificationTemplate" + case Admin_UpdateSystemNotificationTemplate: + return "Admin_UpdateSystemNotificationTemplate" + case Admin_DeleteSystemNotificationTemplate: + return "Admin_DeleteSystemNotificationTemplate" + case Admin_GetSystemNotificationTemplates: + return "Admin_GetSystemNotificationTemplates" + case Admin_GetSystemNotificationTemplate: + return "Admin_GetSystemNotificationTemplate" + case Admin_CheckSystemNotificationTemplateName: + return "Admin_CheckSystemNotificationTemplateName" + case GetOrganizationSystemNotificationTemplates: + return "GetOrganizationSystemNotificationTemplates" + case GetOrganizationSystemNotificationTemplate: + return "GetOrganizationSystemNotificationTemplate" + case AddOrganizationSystemNotificationTemplates: + return "AddOrganizationSystemNotificationTemplates" + case RemoveOrganizationSystemNotificationTemplates: + return "RemoveOrganizationSystemNotificationTemplates" + case CreateSystemNotificationRule: + return "CreateSystemNotificationRule" + case GetSystemNotificationRules: + return "GetSystemNotificationRules" + case GetSystemNotificationRule: + return "GetSystemNotificationRule" + case CheckSystemNotificationRuleName: + return "CheckSystemNotificationRuleName" + case DeleteSystemNotificationRule: + return "DeleteSystemNotificationRule" + case UpdateSystemNotificationRule: + return "UpdateSystemNotificationRule" + case MakeDefaultSystemNotificationRules: + return "MakeDefaultSystemNotificationRules" + case CreateSystemNotification: + return "CreateSystemNotification" + case GetSystemNotifications: + return "GetSystemNotifications" + case GetSystemNotification: + return "GetSystemNotification" + case DeleteSystemNotification: + return "DeleteSystemNotification" + case UpdateSystemNotification: + return "UpdateSystemNotification" + case CreateSystemNotificationAction: + return "CreateSystemNotificationAction" + case GetPolicyNotifications: + return "GetPolicyNotifications" + case GetPolicyNotification: + return "GetPolicyNotification" + case GetStacks: + return "GetStacks" + case CreateStack: + return "CreateStack" + case CheckStackName: + return "CheckStackName" + case GetStack: + return "GetStack" + case UpdateStack: + return "UpdateStack" + case DeleteStack: + return "DeleteStack" + case GetStackKubeConfig: + return "GetStackKubeConfig" + case GetStackStatus: + return "GetStackStatus" + case SetFavoriteStack: + return "SetFavoriteStack" + case DeleteFavoriteStack: + return "DeleteFavoriteStack" + case InstallStack: + return "InstallStack" + case CreateProject: + return "CreateProject" + case GetProjectRoles: + return "GetProjectRoles" + case GetProjectRole: + return "GetProjectRole" + case GetProjects: + return "GetProjects" + case GetProject: + return "GetProject" + case UpdateProject: + return "UpdateProject" + case DeleteProject: + return "DeleteProject" + case AddProjectMember: + return "AddProjectMember" + case GetProjectMember: + return "GetProjectMember" + case GetProjectMembers: + return "GetProjectMembers" + case RemoveProjectMember: + return "RemoveProjectMember" + case UpdateProjectMemberRole: + return "UpdateProjectMemberRole" + case CreateProjectNamespace: + return "CreateProjectNamespace" + case GetProjectNamespaces: + return "GetProjectNamespaces" + case GetProjectNamespace: + return "GetProjectNamespace" + case UpdateProjectNamespace: + return "UpdateProjectNamespace" + case DeleteProjectNamespace: + return "DeleteProjectNamespace" + case SetFavoriteProject: + return "SetFavoriteProject" + case SetFavoriteProjectNamespace: + return "SetFavoriteProjectNamespace" + case UnSetFavoriteProject: + return "UnSetFavoriteProject" + case UnSetFavoriteProjectNamespace: + return "UnSetFavoriteProjectNamespace" + case GetProjectKubeconfig: + return "GetProjectKubeconfig" + case GetProjectNamespaceK8sResources: + return "GetProjectNamespaceK8sResources" + case GetProjectNamespaceKubeconfig: + return "GetProjectNamespaceKubeconfig" + case GetAudits: + return "GetAudits" + case GetAudit: + return "GetAudit" + case DeleteAudit: + return "DeleteAudit" + case CreateTksRole: + return "CreateTksRole" + case ListTksRoles: + return "ListTksRoles" + case GetTksRole: + return "GetTksRole" + case DeleteTksRole: + return "DeleteTksRole" + case UpdateTksRole: + return "UpdateTksRole" + case GetPermissionsByRoleId: + return "GetPermissionsByRoleId" + case UpdatePermissionsByRoleId: + return "UpdatePermissionsByRoleId" + case IsRoleNameExisted: + return "IsRoleNameExisted" + case AppendUsersToRole: + return "AppendUsersToRole" + case GetUsersInRoleId: + return "GetUsersInRoleId" + case RemoveUsersFromRole: + return "RemoveUsersFromRole" + case GetPermissionTemplates: + return "GetPermissionTemplates" + case Admin_CreateUser: + return "Admin_CreateUser" + case Admin_ListUser: + return "Admin_ListUser" + case Admin_GetUser: + return "Admin_GetUser" + case Admin_DeleteUser: + return "Admin_DeleteUser" + case Admin_UpdateUser: + return "Admin_UpdateUser" + case Admin_ListTksRoles: + return "Admin_ListTksRoles" + case Admin_GetTksRole: + return "Admin_GetTksRole" + case Admin_GetProjects: + return "Admin_GetProjects" + case Admin_ListPolicyTemplate: + return "Admin_ListPolicyTemplate" + case Admin_CreatePolicyTemplate: + return "Admin_CreatePolicyTemplate" + case Admin_DeletePolicyTemplate: + return "Admin_DeletePolicyTemplate" + case Admin_GetPolicyTemplate: + return "Admin_GetPolicyTemplate" + case Admin_UpdatePolicyTemplate: + return "Admin_UpdatePolicyTemplate" + case Admin_GetPolicyTemplateDeploy: + return "Admin_GetPolicyTemplateDeploy" + case Admin_ListPolicyTemplateStatistics: + return "Admin_ListPolicyTemplateStatistics" + case Admin_ListPolicyTemplateVersions: + return "Admin_ListPolicyTemplateVersions" + case Admin_CreatePolicyTemplateVersion: + return "Admin_CreatePolicyTemplateVersion" + case Admin_DeletePolicyTemplateVersion: + return "Admin_DeletePolicyTemplateVersion" + case Admin_GetPolicyTemplateVersion: + return "Admin_GetPolicyTemplateVersion" + case Admin_ExistsPolicyTemplateKind: + return "Admin_ExistsPolicyTemplateKind" + case Admin_ExistsPolicyTemplateName: + return "Admin_ExistsPolicyTemplateName" + case Admin_ExtractParameters: + return "Admin_ExtractParameters" + case Admin_AddPermittedPolicyTemplatesForOrganization: + return "Admin_AddPermittedPolicyTemplatesForOrganization" + case Admin_DeletePermittedPolicyTemplatesForOrganization: + return "Admin_DeletePermittedPolicyTemplatesForOrganization" + case ListStackPolicyStatus: + return "ListStackPolicyStatus" + case GetStackPolicyTemplateStatus: + return "GetStackPolicyTemplateStatus" + case UpdateStackPolicyTemplateStatus: + return "UpdateStackPolicyTemplateStatus" + case GetMandatoryPolicies: + return "GetMandatoryPolicies" + case SetMandatoryPolicies: + return "SetMandatoryPolicies" + case GetPolicyStatistics: + return "GetPolicyStatistics" + case ListPolicy: + return "ListPolicy" + case CreatePolicy: + return "CreatePolicy" + case DeletePolicy: + return "DeletePolicy" + case GetPolicy: + return "GetPolicy" + case UpdatePolicy: + return "UpdatePolicy" + case UpdatePolicyTargetClusters: + return "UpdatePolicyTargetClusters" + case ExistsPolicyName: + return "ExistsPolicyName" + case ExistsPolicyResourceName: + return "ExistsPolicyResourceName" + case GetPolicyEdit: + return "GetPolicyEdit" + case AddPoliciesForStack: + return "AddPoliciesForStack" + case DeletePoliciesForStack: + return "DeletePoliciesForStack" + case StackPolicyStatistics: + return "StackPolicyStatistics" + case ListPolicyTemplate: + return "ListPolicyTemplate" + case CreatePolicyTemplate: + return "CreatePolicyTemplate" + case DeletePolicyTemplate: + return "DeletePolicyTemplate" + case GetPolicyTemplate: + return "GetPolicyTemplate" + case UpdatePolicyTemplate: + return "UpdatePolicyTemplate" + case GetPolicyTemplateDeploy: + return "GetPolicyTemplateDeploy" + case ListPolicyTemplateStatistics: + return "ListPolicyTemplateStatistics" + case ListPolicyTemplateVersions: + return "ListPolicyTemplateVersions" + case CreatePolicyTemplateVersion: + return "CreatePolicyTemplateVersion" + case DeletePolicyTemplateVersion: + return "DeletePolicyTemplateVersion" + case GetPolicyTemplateVersion: + return "GetPolicyTemplateVersion" + case ExistsPolicyTemplateKind: + return "ExistsPolicyTemplateKind" + case ExistsPolicyTemplateName: + return "ExistsPolicyTemplateName" + case ExtractParameters: + return "ExtractParameters" + case ListPolicyTemplateExample: + return "ListPolicyTemplateExample" + case GetPolicyTemplateExample: + return "GetPolicyTemplateExample" + case UpdatePolicyTemplateExample: + return "UpdatePolicyTemplateExample" + case DeletePolicyTemplateExample: + return "DeletePolicyTemplateExample" + case CompileRego: + return "CompileRego" + default: + return "" + } } - func GetEndpoint(name string) Endpoint { - return MapWithName[name] + switch name { + case "Login": + return Login + case "Logout": + return Logout + case "RefreshToken": + return RefreshToken + case "FindId": + return FindId + case "FindPassword": + return FindPassword + case "VerifyIdentityForLostId": + return VerifyIdentityForLostId + case "VerifyIdentityForLostPassword": + return VerifyIdentityForLostPassword + case "VerifyToken": + return VerifyToken + case "CreateUser": + return CreateUser + case "ListUser": + return ListUser + case "GetUser": + return GetUser + case "DeleteUser": + return DeleteUser + case "UpdateUsers": + return UpdateUsers + case "UpdateUser": + return UpdateUser + case "ResetPassword": + return ResetPassword + case "CheckId": + return CheckId + case "CheckEmail": + return CheckEmail + case "GetPermissionsByAccountId": + return GetPermissionsByAccountId + case "GetMyProfile": + return GetMyProfile + case "UpdateMyProfile": + return UpdateMyProfile + case "UpdateMyPassword": + return UpdateMyPassword + case "RenewPasswordExpiredDate": + return RenewPasswordExpiredDate + case "DeleteMyProfile": + return DeleteMyProfile + case "Admin_CreateOrganization": + return Admin_CreateOrganization + case "Admin_DeleteOrganization": + return Admin_DeleteOrganization + case "GetOrganizations": + return GetOrganizations + case "GetOrganization": + return GetOrganization + case "CheckOrganizationName": + return CheckOrganizationName + case "UpdateOrganization": + return UpdateOrganization + case "UpdatePrimaryCluster": + return UpdatePrimaryCluster + case "CreateCluster": + return CreateCluster + case "GetClusters": + return GetClusters + case "ImportCluster": + return ImportCluster + case "GetCluster": + return GetCluster + case "DeleteCluster": + return DeleteCluster + case "GetClusterSiteValues": + return GetClusterSiteValues + case "InstallCluster": + return InstallCluster + case "CreateBootstrapKubeconfig": + return CreateBootstrapKubeconfig + case "GetBootstrapKubeconfig": + return GetBootstrapKubeconfig + case "GetNodes": + return GetNodes + case "CreateAppgroup": + return CreateAppgroup + case "GetAppgroups": + return GetAppgroups + case "GetAppgroup": + return GetAppgroup + case "DeleteAppgroup": + return DeleteAppgroup + case "GetApplications": + return GetApplications + case "CreateApplication": + return CreateApplication + case "GetAppServeAppTasksByAppId": + return GetAppServeAppTasksByAppId + case "GetAppServeAppTaskDetail": + return GetAppServeAppTaskDetail + case "CreateAppServeApp": + return CreateAppServeApp + case "GetAppServeApps": + return GetAppServeApps + case "GetNumOfAppsOnStack": + return GetNumOfAppsOnStack + case "GetAppServeApp": + return GetAppServeApp + case "GetAppServeAppLatestTask": + return GetAppServeAppLatestTask + case "IsAppServeAppExist": + return IsAppServeAppExist + case "IsAppServeAppNameExist": + return IsAppServeAppNameExist + case "DeleteAppServeApp": + return DeleteAppServeApp + case "UpdateAppServeApp": + return UpdateAppServeApp + case "UpdateAppServeAppStatus": + return UpdateAppServeAppStatus + case "UpdateAppServeAppEndpoint": + return UpdateAppServeAppEndpoint + case "RollbackAppServeApp": + return RollbackAppServeApp + case "GetCloudAccounts": + return GetCloudAccounts + case "CreateCloudAccount": + return CreateCloudAccount + case "CheckCloudAccountName": + return CheckCloudAccountName + case "CheckAwsAccountId": + return CheckAwsAccountId + case "GetCloudAccount": + return GetCloudAccount + case "UpdateCloudAccount": + return UpdateCloudAccount + case "DeleteCloudAccount": + return DeleteCloudAccount + case "DeleteForceCloudAccount": + return DeleteForceCloudAccount + case "GetResourceQuota": + return GetResourceQuota + case "Admin_GetStackTemplates": + return Admin_GetStackTemplates + case "Admin_GetStackTemplate": + return Admin_GetStackTemplate + case "Admin_GetStackTemplateServices": + return Admin_GetStackTemplateServices + case "Admin_GetStackTemplateTemplateIds": + return Admin_GetStackTemplateTemplateIds + case "Admin_CreateStackTemplate": + return Admin_CreateStackTemplate + case "Admin_UpdateStackTemplate": + return Admin_UpdateStackTemplate + case "Admin_DeleteStackTemplate": + return Admin_DeleteStackTemplate + case "Admin_UpdateStackTemplateOrganizations": + return Admin_UpdateStackTemplateOrganizations + case "Admin_CheckStackTemplateName": + return Admin_CheckStackTemplateName + case "GetOrganizationStackTemplates": + return GetOrganizationStackTemplates + case "GetOrganizationStackTemplate": + return GetOrganizationStackTemplate + case "AddOrganizationStackTemplates": + return AddOrganizationStackTemplates + case "RemoveOrganizationStackTemplates": + return RemoveOrganizationStackTemplates + case "CreateDashboard": + return CreateDashboard + case "GetDashboard": + return GetDashboard + case "UpdateDashboard": + return UpdateDashboard + case "GetChartsDashboard": + return GetChartsDashboard + case "GetChartDashboard": + return GetChartDashboard + case "GetStacksDashboard": + return GetStacksDashboard + case "GetResourcesDashboard": + return GetResourcesDashboard + case "GetPolicyStatusDashboard": + return GetPolicyStatusDashboard + case "GetPolicyUpdateDashboard": + return GetPolicyUpdateDashboard + case "GetPolicyEnforcementDashboard": + return GetPolicyEnforcementDashboard + case "GetPolicyViolationDashboard": + return GetPolicyViolationDashboard + case "GetPolicyViolationLogDashboard": + return GetPolicyViolationLogDashboard + case "GetPolicyStatisticsDashboard": + return GetPolicyStatisticsDashboard + case "GetWorkloadDashboard": + return GetWorkloadDashboard + case "GetPolicyViolationTop5Dashboard": + return GetPolicyViolationTop5Dashboard + case "Admin_CreateSystemNotificationTemplate": + return Admin_CreateSystemNotificationTemplate + case "Admin_UpdateSystemNotificationTemplate": + return Admin_UpdateSystemNotificationTemplate + case "Admin_DeleteSystemNotificationTemplate": + return Admin_DeleteSystemNotificationTemplate + case "Admin_GetSystemNotificationTemplates": + return Admin_GetSystemNotificationTemplates + case "Admin_GetSystemNotificationTemplate": + return Admin_GetSystemNotificationTemplate + case "Admin_CheckSystemNotificationTemplateName": + return Admin_CheckSystemNotificationTemplateName + case "GetOrganizationSystemNotificationTemplates": + return GetOrganizationSystemNotificationTemplates + case "GetOrganizationSystemNotificationTemplate": + return GetOrganizationSystemNotificationTemplate + case "AddOrganizationSystemNotificationTemplates": + return AddOrganizationSystemNotificationTemplates + case "RemoveOrganizationSystemNotificationTemplates": + return RemoveOrganizationSystemNotificationTemplates + case "CreateSystemNotificationRule": + return CreateSystemNotificationRule + case "GetSystemNotificationRules": + return GetSystemNotificationRules + case "GetSystemNotificationRule": + return GetSystemNotificationRule + case "CheckSystemNotificationRuleName": + return CheckSystemNotificationRuleName + case "DeleteSystemNotificationRule": + return DeleteSystemNotificationRule + case "UpdateSystemNotificationRule": + return UpdateSystemNotificationRule + case "MakeDefaultSystemNotificationRules": + return MakeDefaultSystemNotificationRules + case "CreateSystemNotification": + return CreateSystemNotification + case "GetSystemNotifications": + return GetSystemNotifications + case "GetSystemNotification": + return GetSystemNotification + case "DeleteSystemNotification": + return DeleteSystemNotification + case "UpdateSystemNotification": + return UpdateSystemNotification + case "CreateSystemNotificationAction": + return CreateSystemNotificationAction + case "GetPolicyNotifications": + return GetPolicyNotifications + case "GetPolicyNotification": + return GetPolicyNotification + case "GetStacks": + return GetStacks + case "CreateStack": + return CreateStack + case "CheckStackName": + return CheckStackName + case "GetStack": + return GetStack + case "UpdateStack": + return UpdateStack + case "DeleteStack": + return DeleteStack + case "GetStackKubeConfig": + return GetStackKubeConfig + case "GetStackStatus": + return GetStackStatus + case "SetFavoriteStack": + return SetFavoriteStack + case "DeleteFavoriteStack": + return DeleteFavoriteStack + case "InstallStack": + return InstallStack + case "CreateProject": + return CreateProject + case "GetProjectRoles": + return GetProjectRoles + case "GetProjectRole": + return GetProjectRole + case "GetProjects": + return GetProjects + case "GetProject": + return GetProject + case "UpdateProject": + return UpdateProject + case "DeleteProject": + return DeleteProject + case "AddProjectMember": + return AddProjectMember + case "GetProjectMember": + return GetProjectMember + case "GetProjectMembers": + return GetProjectMembers + case "RemoveProjectMember": + return RemoveProjectMember + case "UpdateProjectMemberRole": + return UpdateProjectMemberRole + case "CreateProjectNamespace": + return CreateProjectNamespace + case "GetProjectNamespaces": + return GetProjectNamespaces + case "GetProjectNamespace": + return GetProjectNamespace + case "UpdateProjectNamespace": + return UpdateProjectNamespace + case "DeleteProjectNamespace": + return DeleteProjectNamespace + case "SetFavoriteProject": + return SetFavoriteProject + case "SetFavoriteProjectNamespace": + return SetFavoriteProjectNamespace + case "UnSetFavoriteProject": + return UnSetFavoriteProject + case "UnSetFavoriteProjectNamespace": + return UnSetFavoriteProjectNamespace + case "GetProjectKubeconfig": + return GetProjectKubeconfig + case "GetProjectNamespaceK8sResources": + return GetProjectNamespaceK8sResources + case "GetProjectNamespaceKubeconfig": + return GetProjectNamespaceKubeconfig + case "GetAudits": + return GetAudits + case "GetAudit": + return GetAudit + case "DeleteAudit": + return DeleteAudit + case "CreateTksRole": + return CreateTksRole + case "ListTksRoles": + return ListTksRoles + case "GetTksRole": + return GetTksRole + case "DeleteTksRole": + return DeleteTksRole + case "UpdateTksRole": + return UpdateTksRole + case "GetPermissionsByRoleId": + return GetPermissionsByRoleId + case "UpdatePermissionsByRoleId": + return UpdatePermissionsByRoleId + case "IsRoleNameExisted": + return IsRoleNameExisted + case "AppendUsersToRole": + return AppendUsersToRole + case "GetUsersInRoleId": + return GetUsersInRoleId + case "RemoveUsersFromRole": + return RemoveUsersFromRole + case "GetPermissionTemplates": + return GetPermissionTemplates + case "Admin_CreateUser": + return Admin_CreateUser + case "Admin_ListUser": + return Admin_ListUser + case "Admin_GetUser": + return Admin_GetUser + case "Admin_DeleteUser": + return Admin_DeleteUser + case "Admin_UpdateUser": + return Admin_UpdateUser + case "Admin_ListTksRoles": + return Admin_ListTksRoles + case "Admin_GetTksRole": + return Admin_GetTksRole + case "Admin_GetProjects": + return Admin_GetProjects + case "Admin_ListPolicyTemplate": + return Admin_ListPolicyTemplate + case "Admin_CreatePolicyTemplate": + return Admin_CreatePolicyTemplate + case "Admin_DeletePolicyTemplate": + return Admin_DeletePolicyTemplate + case "Admin_GetPolicyTemplate": + return Admin_GetPolicyTemplate + case "Admin_UpdatePolicyTemplate": + return Admin_UpdatePolicyTemplate + case "Admin_GetPolicyTemplateDeploy": + return Admin_GetPolicyTemplateDeploy + case "Admin_ListPolicyTemplateStatistics": + return Admin_ListPolicyTemplateStatistics + case "Admin_ListPolicyTemplateVersions": + return Admin_ListPolicyTemplateVersions + case "Admin_CreatePolicyTemplateVersion": + return Admin_CreatePolicyTemplateVersion + case "Admin_DeletePolicyTemplateVersion": + return Admin_DeletePolicyTemplateVersion + case "Admin_GetPolicyTemplateVersion": + return Admin_GetPolicyTemplateVersion + case "Admin_ExistsPolicyTemplateKind": + return Admin_ExistsPolicyTemplateKind + case "Admin_ExistsPolicyTemplateName": + return Admin_ExistsPolicyTemplateName + case "Admin_ExtractParameters": + return Admin_ExtractParameters + case "Admin_AddPermittedPolicyTemplatesForOrganization": + return Admin_AddPermittedPolicyTemplatesForOrganization + case "Admin_DeletePermittedPolicyTemplatesForOrganization": + return Admin_DeletePermittedPolicyTemplatesForOrganization + case "ListStackPolicyStatus": + return ListStackPolicyStatus + case "GetStackPolicyTemplateStatus": + return GetStackPolicyTemplateStatus + case "UpdateStackPolicyTemplateStatus": + return UpdateStackPolicyTemplateStatus + case "GetMandatoryPolicies": + return GetMandatoryPolicies + case "SetMandatoryPolicies": + return SetMandatoryPolicies + case "GetPolicyStatistics": + return GetPolicyStatistics + case "ListPolicy": + return ListPolicy + case "CreatePolicy": + return CreatePolicy + case "DeletePolicy": + return DeletePolicy + case "GetPolicy": + return GetPolicy + case "UpdatePolicy": + return UpdatePolicy + case "UpdatePolicyTargetClusters": + return UpdatePolicyTargetClusters + case "ExistsPolicyName": + return ExistsPolicyName + case "ExistsPolicyResourceName": + return ExistsPolicyResourceName + case "GetPolicyEdit": + return GetPolicyEdit + case "AddPoliciesForStack": + return AddPoliciesForStack + case "DeletePoliciesForStack": + return DeletePoliciesForStack + case "StackPolicyStatistics": + return StackPolicyStatistics + case "ListPolicyTemplate": + return ListPolicyTemplate + case "CreatePolicyTemplate": + return CreatePolicyTemplate + case "DeletePolicyTemplate": + return DeletePolicyTemplate + case "GetPolicyTemplate": + return GetPolicyTemplate + case "UpdatePolicyTemplate": + return UpdatePolicyTemplate + case "GetPolicyTemplateDeploy": + return GetPolicyTemplateDeploy + case "ListPolicyTemplateStatistics": + return ListPolicyTemplateStatistics + case "ListPolicyTemplateVersions": + return ListPolicyTemplateVersions + case "CreatePolicyTemplateVersion": + return CreatePolicyTemplateVersion + case "DeletePolicyTemplateVersion": + return DeletePolicyTemplateVersion + case "GetPolicyTemplateVersion": + return GetPolicyTemplateVersion + case "ExistsPolicyTemplateKind": + return ExistsPolicyTemplateKind + case "ExistsPolicyTemplateName": + return ExistsPolicyTemplateName + case "ExtractParameters": + return ExtractParameters + case "ListPolicyTemplateExample": + return ListPolicyTemplateExample + case "GetPolicyTemplateExample": + return GetPolicyTemplateExample + case "UpdatePolicyTemplateExample": + return UpdatePolicyTemplateExample + case "DeletePolicyTemplateExample": + return DeletePolicyTemplateExample + case "CompileRego": + return CompileRego + default: + return -1 + } } diff --git a/internal/delivery/http/endpoint.go b/internal/delivery/http/endpoint.go deleted file mode 100644 index 34a90b74..00000000 --- a/internal/delivery/http/endpoint.go +++ /dev/null @@ -1,59 +0,0 @@ -package http - -import ( - "github.com/openinfradev/tks-api/internal/model" - "github.com/openinfradev/tks-api/internal/pagination" - "github.com/openinfradev/tks-api/internal/usecase" - "github.com/openinfradev/tks-api/pkg/domain" - "net/http" -) - -type IEndpointHandler interface { - ListEndpoint(w http.ResponseWriter, r *http.Request) -} - -type EndpointHandler struct { - endpointUsecase usecase.IEndpointUsecase -} - -func NewEndpointHandler(usecase usecase.Usecase) *EndpointHandler { - return &EndpointHandler{ - endpointUsecase: usecase.Endpoint, - } -} - -// ListEndpoint godoc -// -// @Tags Endpoint -// @Summary List Endpoints -// @Description List Endpoints -// @Accept json -// @Produce json -// @Success 200 {object} domain.ListEndpointResponse -// @Router /admin/endpoints [get] -// @Security JWT -func (h EndpointHandler) ListEndpoint(w http.ResponseWriter, r *http.Request) { - urlParams := r.URL.Query() - pg := pagination.NewPagination(&urlParams) - - endpoints, err := h.endpointUsecase.ListEndpoints(r.Context(), pg) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - var out domain.ListEndpointResponse - - for _, endpoint := range endpoints { - out.Endpoints = append(out.Endpoints, convertEndpointToDomain(endpoint)) - } - - ResponseJSON(w, r, http.StatusOK, out) -} - -func convertEndpointToDomain(endpoint *model.Endpoint) domain.EndpointResponse { - return domain.EndpointResponse{ - Name: endpoint.Name, - Group: endpoint.Group, - } -} diff --git a/internal/delivery/http/organization.go b/internal/delivery/http/organization.go index 6549554a..524e78ae 100644 --- a/internal/delivery/http/organization.go +++ b/internal/delivery/http/organization.go @@ -34,7 +34,7 @@ func NewOrganizationHandler(u usecase.Usecase) *OrganizationHandler { } } -// Admin_CreateOrganization CreateOrganization godoc +// CreateOrganization godoc // // @Tags Organizations // @Summary Create organization in Admin portal diff --git a/internal/delivery/http/permission.go b/internal/delivery/http/permission.go index f3b8ed25..3ad7798f 100644 --- a/internal/delivery/http/permission.go +++ b/internal/delivery/http/permission.go @@ -2,10 +2,6 @@ package http import ( "context" - "fmt" - "github.com/google/uuid" - "github.com/gorilla/mux" - "github.com/openinfradev/tks-api/pkg/httpErrors" "net/http" "github.com/openinfradev/tks-api/internal/model" @@ -15,7 +11,6 @@ import ( type IPermissionHandler interface { GetPermissionTemplates(w http.ResponseWriter, r *http.Request) - GetEndpoints(w http.ResponseWriter, r *http.Request) } type PermissionHandler struct { @@ -61,7 +56,9 @@ func convertModelToPermissionTemplateResponse(ctx context.Context, permission *m permissionResponse.Key = permission.Key permissionResponse.Name = permission.Name - permissionResponse.EdgeKey = permission.EdgeKey + if permission.IsAllowed != nil { + permissionResponse.IsAllowed = permission.IsAllowed + } for _, child := range permission.Children { permissionResponse.Children = append(permissionResponse.Children, convertModelToPermissionTemplateResponse(ctx, child)) @@ -69,42 +66,3 @@ func convertModelToPermissionTemplateResponse(ctx context.Context, permission *m return &permissionResponse } - -// GetEndpoints godoc -// -// @Tags Permission -// @Summary Get Endpoints -// @Description Get Endpoints -// @Accept json -// @Produce json -// @Success 200 {object} domain.GetEndpointsResponse -// @Router /permissions/{permissionId}/endpoints [get] -// @Security JWT -func (h PermissionHandler) GetEndpoints(w http.ResponseWriter, r *http.Request) { - vars := mux.Vars(r) - permissionId, ok := vars["permissionId"] - if !ok { - ErrorJSON(w, r, httpErrors.NewBadRequestError(fmt.Errorf("permissionId not found"), "PE_INVALID_PERMISSIONID", "permissionId not found")) - return - } - - permissionUuid, err := uuid.Parse(permissionId) - if err != nil { - ErrorJSON(w, r, httpErrors.NewBadRequestError(fmt.Errorf("permissionId is invalid"), "PE_INVALID_PERMISSIONID", "permissionId is invalid")) - return - } - - endpoints, err := h.permissionUsecase.GetEndpointsByPermissionId(r.Context(), permissionUuid) - if err != nil { - ErrorJSON(w, r, httpErrors.NewInternalServerError(err, "PE_GET_ENDPOINTS_FAILED", "Failed to get endpoints")) - return - } - - var out domain.GetEndpointsResponse - out.Endpoints = make([]domain.EndpointResponse, 0) - for _, endpoint := range endpoints { - out.Endpoints = append(out.Endpoints, convertEndpointToDomain(endpoint)) - } - - ResponseJSON(w, r, http.StatusOK, out) -} diff --git a/internal/delivery/http/role.go b/internal/delivery/http/role.go index b43769af..1ff872be 100644 --- a/internal/delivery/http/role.go +++ b/internal/delivery/http/role.go @@ -348,6 +348,10 @@ func convertModelToPermissionResponse(ctx context.Context, permission *model.Per permissionResponse.ID = &permission.ID } + for _, endpoint := range permission.Endpoints { + permissionResponse.Endpoints = append(permissionResponse.Endpoints, convertModelToEndpointResponse(ctx, endpoint)) + } + for _, child := range permission.Children { permissionResponse.Children = append(permissionResponse.Children, convertModelToPermissionResponse(ctx, child)) } @@ -355,6 +359,15 @@ func convertModelToPermissionResponse(ctx context.Context, permission *model.Per return &permissionResponse } +func convertModelToEndpointResponse(_ context.Context, endpoint *model.Endpoint) *domain.EndpointResponse { + var endpointResponse domain.EndpointResponse + + endpointResponse.Name = endpoint.Name + endpointResponse.Group = endpoint.Group + + return &endpointResponse +} + // UpdatePermissionsByRoleId godoc // // @Tags Roles diff --git a/internal/middleware/audit/audit.go b/internal/middleware/audit/audit.go index 74f4717f..189232ec 100644 --- a/internal/middleware/audit/audit.go +++ b/internal/middleware/audit/audit.go @@ -78,7 +78,7 @@ func (a *defaultAudit) WithAudit(endpoint internalApi.Endpoint, handler http.Han dto := model.Audit{ OrganizationId: organizationId, OrganizationName: u.Organization.Name, - Group: internalApi.MapWithEndpoint[endpoint].Group, + Group: internalApi.ApiMap[endpoint].Group, Message: message, Description: description, ClientIP: GetClientIpAddress(w, r), diff --git a/internal/middleware/auth/authorizer/adminApiFilter.go b/internal/middleware/auth/authorizer/adminApiFilter.go deleted file mode 100644 index 2fb006f9..00000000 --- a/internal/middleware/auth/authorizer/adminApiFilter.go +++ /dev/null @@ -1,36 +0,0 @@ -package authorizer - -import ( - "fmt" - internalHttp "github.com/openinfradev/tks-api/internal/delivery/http" - "github.com/openinfradev/tks-api/internal/middleware/auth/request" - "github.com/openinfradev/tks-api/internal/repository" - "github.com/openinfradev/tks-api/pkg/httpErrors" - "net/http" - "strings" -) - -func AdminApiFilter(handler http.Handler, repo repository.Repository) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - requestUserInfo, ok := request.UserFrom(r.Context()) - if !ok { - internalHttp.ErrorJSON(w, r, httpErrors.NewInternalServerError(fmt.Errorf("user not found"), "", "")) - return - } - - endpointInfo, ok := request.EndpointFrom(r.Context()) - if !ok { - internalHttp.ErrorJSON(w, r, httpErrors.NewInternalServerError(fmt.Errorf("endpoint not found"), "", "")) - return - } - - if strings.HasPrefix(endpointInfo.String(), "Admin_") { - if requestUserInfo.GetOrganizationId() != "master" { - internalHttp.ErrorJSON(w, r, httpErrors.NewForbiddenError(fmt.Errorf("permission denied"), "A_INVALID_TOKEN", "Not allowed access to admin api")) - return - } - } - - handler.ServeHTTP(w, r) - }) -} diff --git a/internal/middleware/auth/authorizer/authorizer.go b/internal/middleware/auth/authorizer/authorizer.go index dc0b830d..1ce71727 100644 --- a/internal/middleware/auth/authorizer/authorizer.go +++ b/internal/middleware/auth/authorizer/authorizer.go @@ -22,7 +22,6 @@ func NewDefaultAuthorization(repo repository.Repository) *defaultAuthorization { //d.addFilters(RBACFilter) //d.addFilters(RBACFilterWithEndpoint) d.addFilters(AdminApiFilter) - d.addFilters(OrganizationFilter) return d } diff --git a/internal/middleware/auth/authorizer/organizationFilter.go b/internal/middleware/auth/authorizer/organizationFilter.go deleted file mode 100644 index 86e8715a..00000000 --- a/internal/middleware/auth/authorizer/organizationFilter.go +++ /dev/null @@ -1,43 +0,0 @@ -package authorizer - -import ( - "fmt" - "github.com/gorilla/mux" - internalHttp "github.com/openinfradev/tks-api/internal/delivery/http" - "github.com/openinfradev/tks-api/internal/middleware/auth/request" - "github.com/openinfradev/tks-api/internal/repository" - "github.com/openinfradev/tks-api/pkg/httpErrors" - "github.com/openinfradev/tks-api/pkg/log" - "net/http" -) - -func OrganizationFilter(handler http.Handler, repo repository.Repository) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - requestUserInfo, ok := request.UserFrom(r.Context()) - if !ok { - internalHttp.ErrorJSON(w, r, httpErrors.NewInternalServerError(fmt.Errorf("user not found"), "", "")) - return - } - - if requestUserInfo.GetOrganizationId() != "" && requestUserInfo.GetOrganizationId() == "master" { - handler.ServeHTTP(w, r) - return - } - - vars := mux.Vars(r) - requestedOrganization, ok := vars["organizationId"] - if !ok { - log.Warn(r.Context(), "OrganizationFilter: organizationId not found. Passing through unsafely.") - handler.ServeHTTP(w, r) - return - } - - if requestedOrganization != requestUserInfo.GetOrganizationId() { - log.Debugf(r.Context(), "OrganizationFilter: requestedOrganization: %s, userOrganization: %s", requestedOrganization, requestUserInfo.GetOrganizationId()) - internalHttp.ErrorJSON(w, r, httpErrors.NewForbiddenError(fmt.Errorf("permission denied"), "", "")) - return - } - - handler.ServeHTTP(w, r) - }) -} diff --git a/internal/middleware/auth/authorizer/rbac.go b/internal/middleware/auth/authorizer/rbac.go index 996379fc..9813558e 100644 --- a/internal/middleware/auth/authorizer/rbac.go +++ b/internal/middleware/auth/authorizer/rbac.go @@ -1,10 +1,62 @@ package authorizer import ( - "github.com/openinfradev/tks-api/internal/repository" + "fmt" "net/http" + "strings" + + "github.com/gorilla/mux" + "github.com/openinfradev/tks-api/internal" + internalHttp "github.com/openinfradev/tks-api/internal/delivery/http" + "github.com/openinfradev/tks-api/internal/middleware/auth/request" + "github.com/openinfradev/tks-api/internal/repository" + "github.com/openinfradev/tks-api/pkg/httpErrors" + "github.com/openinfradev/tks-api/pkg/log" ) +func RBACFilter(handler http.Handler, repo repository.Repository) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + requestUserInfo, ok := request.UserFrom(r.Context()) + if !ok { + internalHttp.ErrorJSON(w, r, httpErrors.NewInternalServerError(fmt.Errorf("user not found"), "", "")) + return + } + organizationRole := requestUserInfo.GetRoleOrganizationMapping()[requestUserInfo.GetOrganizationId()] + + // TODO: 추후 tks-admin role 수정 필요 + if organizationRole == "tks-admin" { + handler.ServeHTTP(w, r) + return + } + + vars := mux.Vars(r) + // Organization Filter + if organizationRole == "admin" || organizationRole == "user" { + if orgId, ok := vars["organizationId"]; ok { + if orgId != requestUserInfo.GetOrganizationId() { + internalHttp.ErrorJSON(w, r, httpErrors.NewForbiddenError(fmt.Errorf("permission denied"), "", "")) + return + } + } else { + log.Warn(r.Context(), "RBACFilter: organizationId not found. Passing through unsafely.") + } + } + + // User Resource Filter + if strings.HasPrefix(r.URL.Path, internal.API_PREFIX+internal.API_VERSION+"/organizations/"+requestUserInfo.GetOrganizationId()+"/user") { + switch r.Method { + case http.MethodPost, http.MethodPut, http.MethodDelete: + if organizationRole != "admin" { + internalHttp.ErrorJSON(w, r, httpErrors.NewForbiddenError(fmt.Errorf("permission denied"), "", "")) + return + } + } + } + + handler.ServeHTTP(w, r) + }) +} + func RBACFilterWithEndpoint(handler http.Handler, repo repository.Repository) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { //requestEndpointInfo, ok := request.EndpointFrom(r.Context()) @@ -39,3 +91,79 @@ func RBACFilterWithEndpoint(handler http.Handler, repo repository.Repository) ht handler.ServeHTTP(w, r) }) } + +func AdminApiFilter(handler http.Handler, repo repository.Repository) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + requestUserInfo, ok := request.UserFrom(r.Context()) + if !ok { + internalHttp.ErrorJSON(w, r, httpErrors.NewInternalServerError(fmt.Errorf("user not found"), "", "")) + return + } + + endpointInfo, ok := request.EndpointFrom(r.Context()) + if !ok { + internalHttp.ErrorJSON(w, r, httpErrors.NewInternalServerError(fmt.Errorf("endpoint not found"), "", "")) + return + } + + if strings.HasPrefix(endpointInfo.String(), "Admin") { + if requestUserInfo.GetOrganizationId() != "master" { + internalHttp.ErrorJSON(w, r, httpErrors.NewForbiddenError(fmt.Errorf("permission denied"), "", "")) + return + } + } + + handler.ServeHTTP(w, r) + }) +} + +func RequestOrganizationValidationFilter(handler http.Handler, repo repository.Repository) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + requestUserInfo, ok := request.UserFrom(r.Context()) + if !ok { + internalHttp.ErrorJSON(w, r, httpErrors.NewInternalServerError(fmt.Errorf("user not found"), "", "")) + return + } + + vars := mux.Vars(r) + organizationId, ok := vars["organizationId"] + if !ok { + //internalHttp.ErrorJSON(w, r, httpErrors.NewInternalServerError(fmt.Errorf("organizationId not found"), "", "")) + //return + log.Warn(r.Context(), "RequestOrganizationValidationFilter: organizationId not found. Passing through unsafely.") + } + if organizationId != requestUserInfo.GetOrganizationId() { + internalHttp.ErrorJSON(w, r, httpErrors.NewForbiddenError(fmt.Errorf("permission denied"), "", "")) + return + } + + handler.ServeHTTP(w, r) + }) +} + +//type pair struct { +// regexp string +// method string +//} +// +//var LeaderPair = []pair{ +// {`/organizations/o[A-Za-z0-9]{8}/projects(?:\?.*)?$`, http.MethodPost}, +// {`/organizations/o[A-Za-z0-9]{8}/projects(?:\?.*)?$`, http.MethodGet}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}(?:\?.*)?$`, http.MethodGet}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}(?:\?.*)?$`, http.MethodPut}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}(?:\?.*)?$`, http.MethodDelete}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}/members(?:\?.*)?$`, http.MethodPost}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}/members(?:\?.*)?$`, http.MethodGet}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}/members/[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}(?:\?.*)?$`, http.MethodDelete}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}/members/[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}/role(?:\?.*)?$`, http.MethodPut}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}/namespace(?:\?.*)?$`, http.MethodPost}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}/namespace(?:\?.*)?$`, http.MethodGet}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}/namespace/n[A-Za-z0-9]{8}(?:\?.*)?$`, http.MethodGet}, +// {`/organizations/o[A-Za-z0-9]{8}/projects/p[A-Za-z0-9]{8}/namespace/n[A-Za-z0-9]{8}(?:\?.*)?$`, http.MethodDelete}, +//} +//var roleApiMapper = make(map[string][]pair) +// +//func projectFilter(url string, method string, userInfo user.Info) bool { +// +// return true +//} diff --git a/internal/model/endpoint.go b/internal/model/end-point.go similarity index 100% rename from internal/model/endpoint.go rename to internal/model/end-point.go diff --git a/internal/model/permission-endpoint.go b/internal/model/permission-endpoint.go deleted file mode 100644 index b7fe0653..00000000 --- a/internal/model/permission-endpoint.go +++ /dev/null @@ -1,435 +0,0 @@ -package model - -import ( - "github.com/openinfradev/tks-api/internal/delivery/api" - "gorm.io/gorm" - "sort" -) - -type PermissionEndpoint struct { - EdgeKey string `gorm:"primaryKey;type:text;"` - EndpointName string `gorm:"primaryKey;type:text;"` - - Permission Permission `gorm:"foreignKey:EdgeKey;references:EdgeKey"` - Endpoint Endpoint `gorm:"foreignKey:EndpointName;references:Name"` -} - -var ( - // map[EdgeKey][]Endpoints - edgeKeyEndpointMap = map[string][]Endpoint{ - TopDashboardKey + "-" + MiddleDashboardKey + "-" + OperationRead: endpointObjects( - api.GetDashboard, - api.GetChartsDashboard, - api.GetChartDashboard, - api.GetStacksDashboard, - api.GetResourcesDashboard, - ), - TopDashboardKey + "-" + MiddleDashboardKey + "-" + OperationUpdate: endpointObjects( - api.CreateDashboard, - api.UpdateDashboard, - ), - - TopStackKey + "-" + MiddleStackKey + "-" + OperationRead: endpointObjects( - api.GetStacks, - api.GetStack, - api.CheckStackName, - api.GetStackStatus, - api.GetStackKubeConfig, - api.SetFavoriteStack, - api.DeleteFavoriteStack, - - // Cluster - api.GetCluster, - api.GetClusters, - api.GetClusterSiteValues, - api.GetBootstrapKubeconfig, - api.GetNodes, - - // AppGroup - api.GetAppgroups, - api.GetAppgroup, - api.GetApplications, - ), - - TopStackKey + "-" + MiddleStackKey + "-" + OperationCreate: endpointObjects( - api.CreateStack, - api.InstallStack, - - // Cluster - api.CreateBootstrapKubeconfig, - api.GetBootstrapKubeconfig, - api.GetNodes, - ), - TopStackKey + "-" + MiddleStackKey + "-" + OperationUpdate: endpointObjects( - api.UpdateStack, - ), - TopStackKey + "-" + MiddleStackKey + "-" + OperationDelete: endpointObjects( - // Stack - api.DeleteStack, - - // Cluster - api.DeleteCluster, - - // AppGroup - api.DeleteAppgroup, - ), - TopPolicyKey + "-" + MiddlePolicyKey + "-" + OperationRead: endpointObjects( - // PolicyTemplate - api.Admin_ListPolicyTemplate, - api.Admin_GetPolicyTemplate, - api.Admin_GetPolicyTemplateDeploy, - api.Admin_ListPolicyTemplateStatistics, - api.Admin_ListPolicyTemplateVersions, - api.Admin_GetPolicyTemplateVersion, - api.Admin_ExistsPolicyTemplateName, - api.Admin_ExistsPolicyTemplateKind, - - // StackPolicyStatus - api.ListStackPolicyStatus, - api.GetStackPolicyTemplateStatus, - - // Policy - api.GetMandatoryPolicies, - api.ListPolicy, - api.GetPolicy, - api.ExistsPolicyName, - - // OrganizationPolicyTemplate - api.ListPolicyTemplate, - api.GetPolicyTemplate, - api.GetPolicyTemplateDeploy, - api.ListPolicyTemplateStatistics, - api.ListPolicyTemplateVersions, - api.GetPolicyTemplateVersion, - api.ExistsPolicyTemplateKind, - api.ExistsPolicyTemplateName, - - // PolicyTemplateExample - api.ListPolicyTemplateExample, - api.GetPolicyTemplateExample, - ), - TopPolicyKey + "-" + MiddlePolicyKey + "-" + OperationCreate: endpointObjects( - // PolicyTemplate - api.Admin_CreatePolicyTemplate, - api.Admin_CreatePolicyTemplateVersion, - - // Policy - api.SetMandatoryPolicies, - api.CreatePolicy, - - // OrganizationPolicyTemplate - api.CreatePolicyTemplate, - api.CreatePolicyTemplateVersion, - ), - TopPolicyKey + "-" + MiddlePolicyKey + "-" + OperationUpdate: endpointObjects( - // PolicyTemplate - api.Admin_UpdatePolicyTemplate, - - // ClusterPolicyStatus - api.UpdateStackPolicyTemplateStatus, - - // Policy - api.UpdatePolicy, - api.UpdatePolicyTargetClusters, - - // OrganizationPolicyTemplate - api.UpdatePolicyTemplate, - - // PolicyTemplateExample - api.UpdatePolicyTemplateExample, - ), - - TopPolicyKey + "-" + MiddlePolicyKey + "-" + OperationDelete: endpointObjects( - api.Admin_DeletePolicyTemplate, - api.Admin_DeletePolicyTemplateVersion, - - // Policy - api.DeletePolicy, - - // OrganizationPolicyTemplate - api.DeletePolicyTemplate, - api.DeletePolicyTemplateVersion, - - // PolicyTemplateExample - api.DeletePolicyTemplateExample, - ), - TopNotificationKey + "-" + MiddleNotificationKey + "-" + OperationRead: endpointObjects( - api.GetSystemNotification, - api.GetSystemNotifications, - ), - TopNotificationKey + "-" + MiddleNotificationKey + "-" + OperationUpdate: endpointObjects( - api.UpdateSystemNotification, - api.CreateSystemNotificationAction, - ), - TopNotificationKey + "-" + MiddleNotificationKey + "-" + OperationDownload: endpointObjects(), - - TopProjectKey + "-" + MiddleProjectKey + "-" + OperationRead: endpointObjects( - api.GetProjects, - api.GetProject, - api.GetProjectKubeconfig, - ), - TopProjectKey + "-" + MiddleProjectKey + "-" + OperationCreate: endpointObjects( - api.CreateProject, - ), TopProjectKey + "-" + MiddleProjectKey + "-" + OperationUpdate: endpointObjects( - api.UpdateProject, - ), - TopProjectKey + "-" + MiddleProjectKey + "-" + OperationDelete: endpointObjects( - api.DeleteProject, - ), - TopProjectKey + "-" + MiddleProjectCommonConfigurationKey + "-" + OperationRead: endpointObjects( - api.GetProjects, - api.GetProject, - - api.GetProjectRoles, - api.GetProjectRole, - ), - TopProjectKey + "-" + MiddleProjectCommonConfigurationKey + "-" + OperationUpdate: endpointObjects( - api.UpdateProject, - ), - TopProjectKey + "-" + MiddleProjectMemberConfigurationKey + "-" + OperationRead: endpointObjects( - api.GetProjectMembers, - api.GetProjectMember, - api.GetProjectRoles, - api.GetProjectRole, - ), - TopProjectKey + "-" + MiddleProjectMemberConfigurationKey + "-" + OperationCreate: endpointObjects( - api.AddProjectMember, - ), - TopProjectKey + "-" + MiddleProjectMemberConfigurationKey + "-" + OperationUpdate: endpointObjects( - api.UpdateProjectMemberRole, - ), - TopProjectKey + "-" + MiddleProjectMemberConfigurationKey + "-" + OperationDelete: endpointObjects( - api.RemoveProjectMember, - ), - TopProjectKey + "-" + MiddleProjectNamespaceKey + "-" + OperationRead: endpointObjects( - api.GetProjectNamespaces, - api.GetProjectNamespace, - api.GetProjectNamespaceK8sResources, - ), - TopProjectKey + "-" + MiddleProjectNamespaceKey + "-" + OperationCreate: endpointObjects( - api.CreateProjectNamespace, - ), - TopProjectKey + "-" + MiddleProjectNamespaceKey + "-" + OperationUpdate: endpointObjects( - api.UpdateProjectNamespace, - ), - TopProjectKey + "-" + MiddleProjectNamespaceKey + "-" + OperationDelete: endpointObjects( - api.DeleteProjectNamespace, - ), - TopProjectKey + "-" + MiddleProjectAppServeKey + "-" + OperationRead: endpointObjects( - api.GetAppServeApps, - api.GetAppServeApp, - api.GetNumOfAppsOnStack, - api.GetAppServeAppLatestTask, - api.IsAppServeAppExist, - api.IsAppServeAppNameExist, - api.GetAppServeAppTaskDetail, - api.GetAppServeAppTasksByAppId, - ), - TopProjectKey + "-" + MiddleProjectAppServeKey + "-" + OperationCreate: endpointObjects( - api.CreateAppServeApp, - api.IsAppServeAppExist, - api.IsAppServeAppNameExist, - api.UpdateAppServeApp, - api.UpdateAppServeAppEndpoint, - api.UpdateAppServeAppStatus, - api.RollbackAppServeApp, - ), - TopProjectKey + "-" + MiddleProjectAppServeKey + "-" + OperationUpdate: endpointObjects( - api.CreateAppServeApp, - api.IsAppServeAppExist, - api.IsAppServeAppNameExist, - api.UpdateAppServeApp, - api.UpdateAppServeAppEndpoint, - api.UpdateAppServeAppStatus, - api.RollbackAppServeApp, - ), - TopProjectKey + "-" + MiddleProjectAppServeKey + "-" + OperationDelete: endpointObjects( - api.DeleteAppServeApp, - ), - TopConfigurationKey + "-" + MiddleConfigurationKey + "-" + OperationRead: endpointObjects(), - TopConfigurationKey + "-" + MiddleConfigurationKey + "-" + OperationUpdate: endpointObjects(), - TopConfigurationKey + "-" + MiddleConfigurationCloudAccountKey + "-" + OperationRead: endpointObjects( - api.GetCloudAccounts, - api.GetCloudAccount, - api.CheckCloudAccountName, - api.CheckAwsAccountId, - api.GetResourceQuota, - ), - TopConfigurationKey + "-" + MiddleConfigurationCloudAccountKey + "-" + OperationCreate: endpointObjects( - api.CreateCloudAccount, - ), - TopConfigurationKey + "-" + MiddleConfigurationCloudAccountKey + "-" + OperationUpdate: endpointObjects( - api.UpdateCloudAccount, - ), - TopConfigurationKey + "-" + MiddleConfigurationCloudAccountKey + "-" + OperationDelete: endpointObjects( - api.DeleteCloudAccount, - api.DeleteForceCloudAccount, - ), - TopConfigurationKey + "-" + MiddleConfigurationProjectKey + "-" + OperationRead: endpointObjects(), - TopConfigurationKey + "-" + MiddleConfigurationProjectKey + "-" + OperationCreate: endpointObjects(), - TopConfigurationKey + "-" + MiddleConfigurationUserKey + "-" + OperationRead: endpointObjects( - api.ListUser, - api.GetUser, - api.CheckId, - api.CheckEmail, - api.GetPermissionsByAccountId, - ), - TopConfigurationKey + "-" + MiddleConfigurationUserKey + "-" + OperationCreate: endpointObjects( - api.CreateUser, - ), - TopConfigurationKey + "-" + MiddleConfigurationUserKey + "-" + OperationUpdate: endpointObjects( - api.UpdateUser, - api.ResetPassword, - ), - TopConfigurationKey + "-" + MiddleConfigurationUserKey + "-" + OperationDelete: endpointObjects( - api.DeleteUser, - ), - TopConfigurationKey + "-" + MiddleConfigurationRoleKey + "-" + OperationRead: endpointObjects( - api.ListTksRoles, - api.GetTksRole, - api.GetPermissionsByRoleId, - api.GetPermissionTemplates, - ), - TopConfigurationKey + "-" + MiddleConfigurationRoleKey + "-" + OperationCreate: endpointObjects( - api.CreateTksRole, - ), - TopConfigurationKey + "-" + MiddleConfigurationRoleKey + "-" + OperationUpdate: endpointObjects( - api.UpdateTksRole, - api.UpdatePermissionsByRoleId, - ), - TopConfigurationKey + "-" + MiddleConfigurationRoleKey + "-" + OperationDelete: endpointObjects( - api.DeleteTksRole, - ), - TopConfigurationKey + "-" + MiddleConfigurationSystemNotificationKey + "-" + OperationRead: endpointObjects( - api.GetSystemNotificationRules, - api.GetSystemNotificationRule, - ), - TopConfigurationKey + "-" + MiddleConfigurationSystemNotificationKey + "-" + OperationCreate: endpointObjects( - api.CreateSystemNotificationRule, - ), - TopConfigurationKey + "-" + MiddleConfigurationSystemNotificationKey + "-" + OperationUpdate: endpointObjects( - api.UpdateSystemNotificationRule, - ), - TopConfigurationKey + "-" + MiddleConfigurationSystemNotificationKey + "-" + OperationDelete: endpointObjects( - api.DeleteSystemNotificationRule, - ), - CommonKey: endpointObjects( - // Auth - api.Login, - api.Logout, - api.RefreshToken, - api.FindId, - api.FindPassword, - api.VerifyIdentityForLostId, - api.VerifyIdentityForLostPassword, - api.VerifyToken, - - // User - api.GetUser, - api.GetPermissionsByAccountId, - - // MyProfile - api.GetMyProfile, - api.UpdateMyProfile, - api.UpdateMyPassword, - api.RenewPasswordExpiredDate, - api.DeleteMyProfile, - - // Organization - api.GetOrganization, - - // Role - api.GetPermissionsByRoleId, - - // Utiliy - api.CompileRego, - ), - } -) - -// ForceSyncToLatestPermissionEndpointMapping is used to sync the permission endpoint mapping to the latest version. -func ForceSyncToLatestPermissionEndpointMapping(db *gorm.DB, permissionSet *PermissionSet) error { - var storedPermissionEndpoints []PermissionEndpoint - var storedEdgeKeyEndpointMaps = make(map[string][]Endpoint) - if err := db.Find(&storedPermissionEndpoints).Error; err != nil { - return err - } - for _, pe := range storedPermissionEndpoints { - storedEdgeKeyEndpointMaps[pe.EdgeKey] = append(storedEdgeKeyEndpointMaps[pe.EdgeKey], pe.Endpoint) - } - - var shouldInsertEdgeKeyEndpointMaps, shouldReplaceEdgeKeyEndpointMaps map[string][]Endpoint - shouldReplaceEdgeKeyEndpointMaps = make(map[string][]Endpoint) - shouldInsertEdgeKeyEndpointMaps = edgeKeyEndpointMap - - for edgeKey, endpoints := range storedEdgeKeyEndpointMaps { - if compareEndpointArrays(endpoints, edgeKeyEndpointMap[edgeKey]) { - delete(shouldInsertEdgeKeyEndpointMaps, edgeKey) - } else { - shouldReplaceEdgeKeyEndpointMaps[edgeKey] = endpoints - } - } - - for edgeKey, endpoints := range shouldInsertEdgeKeyEndpointMaps { - for _, endpoint := range endpoints { - if err := db.Create(&PermissionEndpoint{ - EdgeKey: edgeKey, - EndpointName: endpoint.Name, - }).Error; err != nil { - return err - } - } - } - - for edgeKey, endpoints := range shouldReplaceEdgeKeyEndpointMaps { - if err := db.Where("edge_key = ?", edgeKey).Delete(&PermissionEndpoint{}).Error; err != nil { - return err - } - for _, endpoint := range endpoints { - if err := db.Create(&PermissionEndpoint{ - EdgeKey: edgeKey, - EndpointName: endpoint.Name, - }).Error; err != nil { - return err - } - } - } - - return nil -} - -// Compare two arrays of Endpoint objects -func compareEndpointArrays(a, b []Endpoint) bool { - if len(a) != len(b) { - return false - } - - // sort the arrays - sort.Slice(a, func(i, j int) bool { - return a[i].Name < a[j].Name - }) - - sort.Slice(b, func(i, j int) bool { - return b[i].Name < b[j].Name - }) - - // compare the arrays - for i := range a { - if a[i] != b[i] { - return false - } - } - - return true -} - -func endpointObjects(eps ...api.Endpoint) []Endpoint { - var result []Endpoint - for _, ep := range eps { - result = append(result, Endpoint{ - Name: api.MapWithEndpoint[ep].Name, - Group: api.MapWithEndpoint[ep].Group, - }) - } - return result -} diff --git a/internal/model/permission.go b/internal/model/permission.go index a84fa777..4c395c85 100644 --- a/internal/model/permission.go +++ b/internal/model/permission.go @@ -2,6 +2,7 @@ package model import ( "github.com/google/uuid" + "github.com/openinfradev/tks-api/internal/delivery/api" "github.com/openinfradev/tks-api/internal/helper" "gorm.io/gorm" ) @@ -53,22 +54,19 @@ const ( MiddleConfigurationUserKey = "CONFIGURATION-USER" MiddleConfigurationRoleKey = "CONFIGURATION-ROLE" MiddleConfigurationSystemNotificationKey = "CONFIGURATION-SYSTEM_NOTIFICATION" - CommonKey = "COMMON" ) type Permission struct { gorm.Model - ID uuid.UUID `gorm:"primarykey;type:uuid;" json:"ID"` - Name string `json:"name"` - Key string `gorm:"type:text;" json:"key,omitempty"` - EdgeKey *string `gorm:"type:text;"` + ID uuid.UUID `gorm:"primarykey;type:uuid;" json:"ID"` + Name string `json:"name"` + Key string `gorm:"type:text;" json:"key,omitempty"` IsAllowed *bool `gorm:"type:boolean;" json:"is_allowed,omitempty"` RoleID *string `json:"role_id,omitempty"` Role *Role `gorm:"foreignKey:RoleID;references:ID;" json:"role,omitempty"` - Endpoints []*Endpoint `gorm:"many2many:permission_endpoints;joinForeignKey:EdgeKey;joinReferences:EndpointName;" json:"endpoints,omitempty"` - //PermissionEndpoint []*PermissionEndpoint `gorm:"foreignKey:EdgeKey;references:EdgeKey;"` + Endpoints []*Endpoint `gorm:"many2many:permission_endpoints;" json:"endpoints,omitempty"` // omit empty ParentID *uuid.UUID `json:"parent_id,omitempty"` @@ -84,8 +82,7 @@ type PermissionSet struct { Notification *Permission `gorm:"-:all" json:"notification,omitempty"` Configuration *Permission `gorm:"-:all" json:"configuration,omitempty"` Common *Permission `gorm:"-:all" json:"common,omitempty"` - // ToDo: Need to consider whether to use Admin Permission - //Admin *Permission `gorm:"-:all" json:"admin,omitempty"` + Admin *Permission `gorm:"-:all" json:"admin,omitempty"` } func NewDefaultPermissionSet() *PermissionSet { @@ -97,13 +94,13 @@ func NewDefaultPermissionSet() *PermissionSet { Notification: newNotification(), Configuration: newConfiguration(), Common: newCommon(), - //Admin: nil, + Admin: nil, } } func NewAdminPermissionSet() *PermissionSet { return &PermissionSet{ - //Admin: newAdmin(), + Admin: newAdmin(), Dashboard: newDashboard(), Stack: newStack(), Policy: newPolicy(), @@ -129,6 +126,17 @@ func GetEdgePermission(root *Permission, edgePermissions []*Permission, f *func( return edgePermissions } +func endpointObjects(eps ...api.Endpoint) []*Endpoint { + var result []*Endpoint + for _, ep := range eps { + result = append(result, &Endpoint{ + Name: api.ApiMap[ep].Name, + Group: api.ApiMap[ep].Group, + }) + } + return result +} + func newDashboard() *Permission { dashboard := &Permission{ ID: uuid.New(), @@ -144,14 +152,18 @@ func newDashboard() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopDashboardKey + "-" + MiddleDashboardKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetChartsDashboard, + api.GetChartDashboard, + api.GetStacksDashboard, + api.GetResourcesDashboard, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopDashboardKey + "-" + MiddleDashboardKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), }, }, @@ -177,29 +189,74 @@ func newStack() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopStackKey + "-" + MiddleStackKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetStacks, + api.GetStack, + api.CheckStackName, + api.GetStackStatus, + api.GetStackKubeConfig, + + api.SetFavoriteStack, + api.DeleteFavoriteStack, + + // Cluster + api.GetCluster, + api.GetClusters, + api.GetClusterSiteValues, + api.GetBootstrapKubeconfig, + api.GetNodes, + + // AppGroup + api.GetAppgroups, + api.GetAppgroup, + api.GetApplications, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopStackKey + "-" + MiddleStackKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.CreateStack, + api.InstallStack, + api.CreateAppgroup, + + // Cluster + api.CreateCluster, + api.ImportCluster, + api.InstallCluster, + api.CreateBootstrapKubeconfig, + + // AppGroup + api.CreateAppgroup, + api.CreateApplication, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopStackKey + "-" + MiddleStackKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateStack, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopStackKey + "-" + MiddleStackKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.DeleteStack, + + // Cluster + api.DeleteCluster, + + // AppGroup + api.DeleteAppgroup, + ), }, }, }, @@ -224,29 +281,105 @@ func newPolicy() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopPolicyKey + "-" + MiddlePolicyKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + // PolicyTemplate + api.Admin_ListPolicyTemplate, + api.Admin_GetPolicyTemplate, + api.Admin_GetPolicyTemplateDeploy, + api.Admin_ListPolicyTemplateStatistics, + api.Admin_ListPolicyTemplateVersions, + api.Admin_GetPolicyTemplateVersion, + api.Admin_ExistsPolicyTemplateName, + api.Admin_ExistsPolicyTemplateKind, + + // StackPolicyStatus + api.ListStackPolicyStatus, + api.GetStackPolicyTemplateStatus, + + // Policy + api.GetMandatoryPolicies, + api.ListPolicy, + api.GetPolicy, + api.ExistsPolicyName, + + // OrganizationPolicyTemplate + api.ListPolicyTemplate, + api.GetPolicyTemplate, + api.GetPolicyTemplateDeploy, + api.ListPolicyTemplateStatistics, + api.ListPolicyTemplateVersions, + api.GetPolicyTemplateVersion, + api.ExistsPolicyTemplateKind, + api.ExistsPolicyTemplateName, + + // PolicyTemplateExample + api.ListPolicyTemplateExample, + api.GetPolicyTemplateExample, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopPolicyKey + "-" + MiddlePolicyKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + // PolicyTemplate + api.Admin_CreatePolicyTemplate, + api.Admin_CreatePolicyTemplateVersion, + + // Policy + api.SetMandatoryPolicies, + api.CreatePolicy, + + // OrganizationPolicyTemplate + api.CreatePolicyTemplate, + api.CreatePolicyTemplateVersion, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopPolicyKey + "-" + MiddlePolicyKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + // PolicyTemplate + api.Admin_UpdatePolicyTemplate, + + // ClusterPolicyStatus + api.UpdateStackPolicyTemplateStatus, + + // Policy + api.UpdatePolicy, + api.UpdatePolicyTargetClusters, + + // OrganizationPolicyTemplate + api.UpdatePolicyTemplate, + + // PolicyTemplateExample + api.UpdatePolicyTemplateExample, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopPolicyKey + "-" + MiddlePolicyKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + // PolicyTemplate + api.Admin_DeletePolicyTemplate, + api.Admin_DeletePolicyTemplateVersion, + + // Policy + api.DeletePolicy, + + // OrganizationPolicyTemplate + api.DeletePolicyTemplate, + api.DeletePolicyTemplateVersion, + + // PolicyTemplateExample + api.DeletePolicyTemplateExample, + ), }, }, }, @@ -271,21 +404,26 @@ func newNotification() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopNotificationKey + "-" + MiddleNotificationKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetSystemNotification, + api.GetSystemNotifications, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopNotificationKey + "-" + MiddleNotificationKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateSystemNotification, + api.CreateSystemNotificationAction, + ), }, { ID: uuid.New(), Name: "다운로드", Key: OperationDownload, - EdgeKey: helper.StringP(TopNotificationKey + "-" + MiddleNotificationKey + "-" + OperationDownload), IsAllowed: helper.BoolP(false), Children: []*Permission{}, }, @@ -300,7 +438,6 @@ func newNotification() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopNotificationKey + "-" + MiddlePolicyNotificationKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), Children: []*Permission{}, }, @@ -308,7 +445,6 @@ func newNotification() *Permission { ID: uuid.New(), Name: "다운로드", Key: OperationDownload, - EdgeKey: helper.StringP(TopNotificationKey + "-" + MiddlePolicyNotificationKey + "-" + OperationDownload), IsAllowed: helper.BoolP(false), Children: []*Permission{}, }, @@ -335,29 +471,39 @@ func newProject() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetProjects, + api.GetProject, + api.GetProjectKubeconfig, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.CreateProject, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateProject, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.DeleteProject, + ), }, }, }, @@ -370,15 +516,23 @@ func newProject() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectCommonConfigurationKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetProjects, + api.GetProject, + + api.GetProjectRoles, + api.GetProjectRole, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectCommonConfigurationKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateProject, + ), }, }, }, @@ -391,29 +545,40 @@ func newProject() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectMemberConfigurationKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetProjectMembers, + api.GetProjectMember, + api.GetProjectRoles, + api.GetProjectRole, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectMemberConfigurationKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.AddProjectMember, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectMemberConfigurationKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateProjectMemberRole, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectMemberConfigurationKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.RemoveProjectMember, + ), }, }, }, @@ -426,29 +591,39 @@ func newProject() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectNamespaceKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetProjectNamespaces, + api.GetProjectNamespace, + api.GetProjectNamespaceK8sResources, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectNamespaceKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.CreateProjectNamespace, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectNamespaceKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateProjectNamespace, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectNamespaceKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.DeleteProjectNamespace, + ), }, }, }, @@ -461,29 +636,56 @@ func newProject() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectAppServeKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetAppServeApps, + api.GetAppServeApp, + api.GetNumOfAppsOnStack, + api.GetAppServeAppLatestTask, + api.IsAppServeAppExist, + api.IsAppServeAppNameExist, + api.GetAppServeAppTaskDetail, + api.GetAppServeAppTasksByAppId, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectAppServeKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.CreateAppServeApp, + api.IsAppServeAppExist, + api.IsAppServeAppNameExist, + api.UpdateAppServeApp, + api.UpdateAppServeAppEndpoint, + api.UpdateAppServeAppStatus, + api.RollbackAppServeApp, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectAppServeKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.CreateAppServeApp, + api.IsAppServeAppExist, + api.IsAppServeAppNameExist, + api.UpdateAppServeApp, + api.UpdateAppServeAppEndpoint, + api.UpdateAppServeAppStatus, + api.RollbackAppServeApp, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopProjectKey + "-" + MiddleProjectAppServeKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.DeleteAppServeApp, + ), }, }, }, @@ -508,14 +710,12 @@ func newConfiguration() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), }, }, @@ -529,29 +729,42 @@ func newConfiguration() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationCloudAccountKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetCloudAccounts, + api.GetCloudAccount, + api.CheckCloudAccountName, + api.CheckAwsAccountId, + api.GetResourceQuota, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationCloudAccountKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.CreateCloudAccount, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationCloudAccountKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateCloudAccount, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationCloudAccountKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.DeleteCloudAccount, + api.DeleteForceCloudAccount, + ), }, }, }, @@ -564,14 +777,12 @@ func newConfiguration() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationProjectKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationProjectKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), }, }, @@ -585,29 +796,43 @@ func newConfiguration() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationUserKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.ListUser, + api.GetUser, + api.CheckId, + api.CheckEmail, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationUserKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.CreateUser, + api.CheckId, + api.CheckEmail, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationUserKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateUser, + api.ResetPassword, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationUserKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.DeleteUser, + ), }, }, }, @@ -620,29 +845,41 @@ func newConfiguration() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationRoleKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.ListTksRoles, + api.GetTksRole, + api.GetPermissionsByRoleId, + api.GetPermissionTemplates, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationRoleKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.CreateTksRole, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationRoleKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateTksRole, + api.UpdatePermissionsByRoleId, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationRoleKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.DeleteTksRole, + ), }, }, }, @@ -655,29 +892,38 @@ func newConfiguration() *Permission { ID: uuid.New(), Name: "조회", Key: OperationRead, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationSystemNotificationKey + "-" + OperationRead), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.GetSystemNotificationRules, + api.GetSystemNotificationRule, + ), }, { ID: uuid.New(), Name: "생성", Key: OperationCreate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationSystemNotificationKey + "-" + OperationCreate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.CreateSystemNotificationRule, + ), }, { ID: uuid.New(), Name: "수정", Key: OperationUpdate, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationSystemNotificationKey + "-" + OperationUpdate), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.UpdateSystemNotificationRule, + ), }, { ID: uuid.New(), Name: "삭제", Key: OperationDelete, - EdgeKey: helper.StringP(TopConfigurationKey + "-" + MiddleConfigurationSystemNotificationKey + "-" + OperationDelete), IsAllowed: helper.BoolP(false), + Endpoints: endpointObjects( + api.DeleteSystemNotificationRule, + ), }, }, }, @@ -692,72 +938,104 @@ func newCommon() *Permission { ID: uuid.New(), Name: "공통", IsAllowed: helper.BoolP(true), - Key: CommonKey, - EdgeKey: helper.StringP(CommonKey), + Endpoints: endpointObjects( + // Auth + api.Login, + api.Logout, + api.RefreshToken, + api.FindId, + api.FindPassword, + api.VerifyIdentityForLostId, + api.VerifyIdentityForLostPassword, + api.VerifyToken, + + // Stack + api.SetFavoriteStack, + api.DeleteFavoriteStack, + + // Project + api.SetFavoriteProject, + api.SetFavoriteProjectNamespace, + api.UnSetFavoriteProject, + api.UnSetFavoriteProjectNamespace, + + // MyProfile + api.GetMyProfile, + api.UpdateMyProfile, + api.UpdateMyPassword, + api.RenewPasswordExpiredDate, + api.DeleteMyProfile, + + // StackTemplate + api.GetOrganizationStackTemplates, + api.GetOrganizationStackTemplate, + + // Utiliy + api.CompileRego, + ), } return common } -//func newAdmin() *Permission { -// admin := &Permission{ -// ID: uuid.New(), -// Name: "관리자", -// IsAllowed: helper.BoolP(true), -// EdgeKey: helper.StringP("admin"), -// Endpoints: endpointObjects( -// // Organization -// api.Admin_CreateOrganization, -// api.Admin_DeleteOrganization, -// api.UpdateOrganization, -// api.GetOrganization, -// api.GetOrganizations, -// api.UpdatePrimaryCluster, -// api.CheckOrganizationName, -// -// // User -// api.ResetPassword, -// api.CheckId, -// api.CheckEmail, -// -// // StackTemplate -// api.Admin_GetStackTemplates, -// api.Admin_GetStackTemplate, -// api.Admin_GetStackTemplateServices, -// api.Admin_CreateStackTemplate, -// api.Admin_UpdateStackTemplate, -// api.Admin_DeleteStackTemplate, -// api.Admin_UpdateStackTemplateOrganizations, -// api.Admin_CheckStackTemplateName, -// -// // Admin -// api.Admin_GetUser, -// api.Admin_ListUser, -// api.Admin_CreateUser, -// api.Admin_UpdateUser, -// api.Admin_DeleteUser, -// api.Admin_GetSystemNotificationTemplate, -// api.Admin_CreateSystemNotificationTemplate, -// api.Admin_ListUser, -// api.Admin_GetTksRole, -// api.Admin_GetProjects, -// api.Admin_UpdateSystemNotificationTemplate, -// api.Admin_ListTksRoles, -// api.Admin_GetSystemNotificationTemplates, -// -// // Audit -// api.GetAudits, -// api.GetAudit, -// api.DeleteAudit, -// -// api.CreateSystemNotification, -// api.DeleteSystemNotification, -// ), -// } -// -// return admin -//} +func newAdmin() *Permission { + admin := &Permission{ + ID: uuid.New(), + Name: "관리자", + IsAllowed: helper.BoolP(true), + Endpoints: endpointObjects( + // Organization + api.Admin_CreateOrganization, + api.Admin_DeleteOrganization, + api.UpdateOrganization, + api.GetOrganization, + api.GetOrganizations, + api.UpdatePrimaryCluster, + api.CheckOrganizationName, + + // User + api.ResetPassword, + api.CheckId, + api.CheckEmail, + + // StackTemplate + api.Admin_GetStackTemplates, + api.Admin_GetStackTemplate, + api.Admin_GetStackTemplateServices, + api.Admin_CreateStackTemplate, + api.Admin_UpdateStackTemplate, + api.Admin_DeleteStackTemplate, + api.Admin_UpdateStackTemplateOrganizations, + api.Admin_CheckStackTemplateName, + + // Admin + api.Admin_GetUser, + api.Admin_ListUser, + api.Admin_CreateUser, + api.Admin_UpdateUser, + api.Admin_DeleteUser, + api.Admin_GetSystemNotificationTemplate, + api.Admin_CreateSystemNotificationTemplate, + api.Admin_ListUser, + api.Admin_GetTksRole, + api.Admin_GetProjects, + api.Admin_UpdateSystemNotificationTemplate, + api.Admin_ListTksRoles, + api.Admin_GetSystemNotificationTemplates, + + // Audit + api.GetAudits, + api.GetAudit, + api.DeleteAudit, + + api.CreateSystemNotification, + api.DeleteSystemNotification, + ), + } + + return admin +} func (p *PermissionSet) SetAllowedPermissionSet() { edgePermissions := make([]*Permission, 0) diff --git a/internal/repository/permission.go b/internal/repository/permission.go index 3d394b22..22a7d6bb 100644 --- a/internal/repository/permission.go +++ b/internal/repository/permission.go @@ -14,8 +14,6 @@ type IPermissionRepository interface { Get(ctx context.Context, id uuid.UUID) (*model.Permission, error) Delete(ctx context.Context, id uuid.UUID) error Update(ctx context.Context, permission *model.Permission) error - EdgeKeyOverwrite(ctx context.Context, permission *model.Permission) error - GetEndpointsByPermissionId(ctx context.Context, permissionId uuid.UUID) (*model.Permission, error) } type PermissionRepository struct { @@ -84,17 +82,3 @@ func (r PermissionRepository) Update(ctx context.Context, p *model.Permission) e // update on is_allowed return r.db.WithContext(ctx).Model(&model.Permission{}).Where("id = ?", p.ID).Updates(map[string]interface{}{"is_allowed": p.IsAllowed}).Error } - -func (r PermissionRepository) EdgeKeyOverwrite(ctx context.Context, p *model.Permission) error { - return r.db.WithContext(ctx).Model(&model.Permission{}).Where("id = ?", p.ID).Updates(map[string]interface{}{"edge_key": p.EdgeKey}).Error -} - -func (r PermissionRepository) GetEndpointsByPermissionId(ctx context.Context, permissionId uuid.UUID) (*model.Permission, error) { - var permission *model.Permission - err := r.db.WithContext(ctx).Preload("Permission_endpoints").First(&permission, "id = ?", permissionId).Error - if err != nil { - return nil, err - } - - return permission, nil -} diff --git a/internal/route/route.go b/internal/route/route.go index aa557fae..56e2500e 100644 --- a/internal/route/route.go +++ b/internal/route/route.go @@ -81,7 +81,6 @@ func SetupRouter(db *gorm.DB, argoClient argowf.ArgoClient, kc keycloak.IKeycloa Audit: usecase.NewAuditUsecase(repoFactory), Role: usecase.NewRoleUsecase(repoFactory, kc), Permission: usecase.NewPermissionUsecase(repoFactory), - Endpoint: usecase.NewEndpointUsecase(repoFactory), PolicyTemplate: usecase.NewPolicyTemplateUsecase(repoFactory), Policy: usecase.NewPolicyUsecase(repoFactory), } @@ -318,10 +317,6 @@ func SetupRouter(db *gorm.DB, argoClient argowf.ArgoClient, kc keycloak.IKeycloa permissionHandler := delivery.NewPermissionHandler(usecaseFactory) r.Handle(API_PREFIX+API_VERSION+"/permissions/templates", customMiddleware.Handle(internalApi.GetPermissionTemplates, http.HandlerFunc(permissionHandler.GetPermissionTemplates))).Methods(http.MethodGet) - r.Handle(API_PREFIX+API_VERSION+"/permissions/{permissionId}/endpoints", customMiddleware.Handle(internalApi.GetEndpointsByPermissionId, http.HandlerFunc(permissionHandler.GetEndpoints))).Methods(http.MethodGet) - - endpointHandler := delivery.NewEndpointHandler(usecaseFactory) - r.Handle(API_PREFIX+API_VERSION+ADMINAPI_PREFIX+"/endpoints", customMiddleware.Handle(internalApi.Admin_GetEndpoints, http.HandlerFunc(endpointHandler.ListEndpoint))).Methods(http.MethodGet) policyTemplateHandler := delivery.NewPolicyTemplateHandler(usecaseFactory) r.Handle(API_PREFIX+API_VERSION+ADMINAPI_PREFIX+"/policy-templates", customMiddleware.Handle(internalApi.Admin_ListPolicyTemplate, http.HandlerFunc(policyTemplateHandler.Admin_ListPolicyTemplate))).Methods(http.MethodGet) diff --git a/internal/usecase/endpoint.go b/internal/usecase/endpoint.go deleted file mode 100644 index 726042ca..00000000 --- a/internal/usecase/endpoint.go +++ /dev/null @@ -1,26 +0,0 @@ -package usecase - -import ( - "context" - "github.com/openinfradev/tks-api/internal/model" - "github.com/openinfradev/tks-api/internal/pagination" - "github.com/openinfradev/tks-api/internal/repository" -) - -type IEndpointUsecase interface { - ListEndpoints(ctx context.Context, pg *pagination.Pagination) ([]*model.Endpoint, error) -} - -type EndpointUsecase struct { - repo repository.IEndpointRepository -} - -func NewEndpointUsecase(repo repository.Repository) *EndpointUsecase { - return &EndpointUsecase{ - repo: repo.Endpoint, - } -} - -func (e EndpointUsecase) ListEndpoints(ctx context.Context, pg *pagination.Pagination) ([]*model.Endpoint, error) { - return e.repo.List(ctx, pg) -} diff --git a/internal/usecase/permission.go b/internal/usecase/permission.go index bd6b1fc2..532e723c 100644 --- a/internal/usecase/permission.go +++ b/internal/usecase/permission.go @@ -17,7 +17,6 @@ type IPermissionUsecase interface { GetUserPermissionSet(ctx context.Context) *model.PermissionSet UpdatePermission(ctx context.Context, permission *model.Permission) error MergePermissionWithOrOperator(ctx context.Context, permissionSet ...*model.PermissionSet) *model.PermissionSet - GetEndpointsByPermissionId(ctx context.Context, permissionId uuid.UUID) ([]*model.Endpoint, error) } type PermissionUsecase struct { @@ -134,20 +133,6 @@ func (p PermissionUsecase) GetUserPermissionSet(ctx context.Context) *model.Perm return permissionSet } -func (p PermissionUsecase) GetEndpointsByPermissionId(ctx context.Context, permissionId uuid.UUID) ([]*model.Endpoint, error) { - permission, err := p.repo.GetEndpointsByPermissionId(ctx, permissionId) - if err != nil { - return nil, err - } - - endpoints := make([]*model.Endpoint, 0) - for _, e := range permission.Endpoints { - endpoints = append(endpoints, e) - } - - return endpoints, nil -} - func (p PermissionUsecase) MergePermissionWithOrOperator(ctx context.Context, permissionSet ...*model.PermissionSet) *model.PermissionSet { var out *model.PermissionSet for i, ps := range permissionSet { diff --git a/internal/usecase/role.go b/internal/usecase/role.go index 40f29201..7b181c93 100644 --- a/internal/usecase/role.go +++ b/internal/usecase/role.go @@ -6,7 +6,6 @@ import ( "github.com/openinfradev/tks-api/internal/model" "github.com/openinfradev/tks-api/internal/pagination" "github.com/openinfradev/tks-api/internal/repository" - "github.com/openinfradev/tks-api/pkg/log" ) type IRoleUsecase interface { @@ -16,14 +15,11 @@ type IRoleUsecase interface { DeleteTksRole(ctx context.Context, organizationId string, id string) error UpdateTksRole(ctx context.Context, role *model.Role) error IsRoleNameExisted(ctx context.Context, organizationId string, roleName string) (bool, error) - SyncOldVersions(ctx context.Context) error } type RoleUsecase struct { - repo repository.IRoleRepository - kc keycloak.IKeycloak - orgRepo repository.IOrganizationRepository - permissionRepo repository.IPermissionRepository + repo repository.IRoleRepository + kc keycloak.IKeycloak } func NewRoleUsecase(repo repository.Repository, kc keycloak.IKeycloak) *RoleUsecase { @@ -101,193 +97,3 @@ func (r RoleUsecase) IsRoleNameExisted(ctx context.Context, organizationId strin return false, nil } - -func (r RoleUsecase) SyncOldVersions(ctx context.Context) error { - // Get all organizations - orgs, _ := r.orgRepo.Fetch(ctx, nil) - for _, org := range *orgs { - roles, _ := r.repo.ListTksRoles(ctx, org.ID, nil) - for _, role := range roles { - storedPermissionSet := &model.PermissionSet{} - - permissionList, err := r.permissionRepo.List(ctx, role.ID) - - if err != nil { - return err - } - for _, permission := range permissionList { - switch permission.Name { - case string(model.DashBoardPermission): - storedPermissionSet.Dashboard = permission - log.Debugf(ctx, "Dashboard Permission Set : %+v", storedPermissionSet.Dashboard) - case string(model.StackPermission): - storedPermissionSet.Stack = permission - log.Debugf(ctx, "Stack Permission Set : %+v", storedPermissionSet.Stack) - case string(model.PolicyPermission): - storedPermissionSet.Policy = permission - log.Debugf(ctx, "Policy Permission Set : %+v", storedPermissionSet.Policy) - case string(model.ProjectPermission): - storedPermissionSet.ProjectManagement = permission - log.Debugf(ctx, "Project Permission Set : %+v", storedPermissionSet.ProjectManagement) - case string(model.NotificationPermission): - storedPermissionSet.Notification = permission - log.Debugf(ctx, "Notification Permission Set : %+v", storedPermissionSet.Notification) - case string(model.ConfigurationPermission): - storedPermissionSet.Configuration = permission - log.Debugf(ctx, "Configuration Permission Set : %+v", storedPermissionSet.Configuration) - } - } - - // tmp - t := model.NewDefaultPermissionSet() - var overwritePermissions []*model.Permission - overwritePermissions = make([]*model.Permission, 0) - - // dashboard - storedPermissionSet.Dashboard.Children[0].Children[0].EdgeKey = t.Dashboard.Children[0].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Dashboard.Children[0].Children[0]) - storedPermissionSet.Dashboard.Children[0].Children[1].EdgeKey = t.Dashboard.Children[0].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Dashboard.Children[0].Children[1]) - - // stack - storedPermissionSet.Stack.Children[0].Children[0].EdgeKey = t.Stack.Children[0].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Stack.Children[0].Children[0]) - storedPermissionSet.Stack.Children[0].Children[1].EdgeKey = t.Stack.Children[0].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Stack.Children[0].Children[1]) - storedPermissionSet.Stack.Children[0].Children[2].EdgeKey = t.Stack.Children[0].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Stack.Children[0].Children[2]) - storedPermissionSet.Stack.Children[0].Children[3].EdgeKey = t.Stack.Children[0].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Stack.Children[0].Children[3]) - - // policy - storedPermissionSet.Policy.Children[0].Children[0].EdgeKey = t.Policy.Children[0].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Policy.Children[0].Children[0]) - storedPermissionSet.Policy.Children[0].Children[1].EdgeKey = t.Policy.Children[0].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Policy.Children[0].Children[1]) - storedPermissionSet.Policy.Children[0].Children[2].EdgeKey = t.Policy.Children[0].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Policy.Children[0].Children[2]) - storedPermissionSet.Policy.Children[0].Children[3].EdgeKey = t.Policy.Children[0].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Policy.Children[0].Children[3]) - - // notification - storedPermissionSet.Notification.Children[0].Children[0].EdgeKey = t.Notification.Children[0].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Notification.Children[0].Children[0]) - storedPermissionSet.Notification.Children[0].Children[1].EdgeKey = t.Notification.Children[0].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Notification.Children[0].Children[1]) - storedPermissionSet.Notification.Children[0].Children[2].EdgeKey = t.Notification.Children[0].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Notification.Children[0].Children[2]) - storedPermissionSet.Notification.Children[1].Children[0].EdgeKey = t.Notification.Children[1].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Notification.Children[1].Children[0]) - storedPermissionSet.Notification.Children[1].Children[1].EdgeKey = t.Notification.Children[1].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Notification.Children[1].Children[1]) - - // project - // 1depth - storedPermissionSet.ProjectManagement.Children[0].Children[0].EdgeKey = t.ProjectManagement.Children[0].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[0].Children[0]) - storedPermissionSet.ProjectManagement.Children[0].Children[1].EdgeKey = t.ProjectManagement.Children[0].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[0].Children[1]) - storedPermissionSet.ProjectManagement.Children[0].Children[2].EdgeKey = t.ProjectManagement.Children[0].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[0].Children[2]) - storedPermissionSet.ProjectManagement.Children[0].Children[3].EdgeKey = t.ProjectManagement.Children[0].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[0].Children[3]) - - // 2depth - storedPermissionSet.ProjectManagement.Children[1].Children[0].EdgeKey = t.ProjectManagement.Children[1].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[1].Children[0]) - storedPermissionSet.ProjectManagement.Children[1].Children[1].EdgeKey = t.ProjectManagement.Children[1].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[1].Children[1]) - - // 3depth - storedPermissionSet.ProjectManagement.Children[2].Children[0].EdgeKey = t.ProjectManagement.Children[2].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[2].Children[0]) - storedPermissionSet.ProjectManagement.Children[2].Children[1].EdgeKey = t.ProjectManagement.Children[2].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[2].Children[1]) - storedPermissionSet.ProjectManagement.Children[2].Children[2].EdgeKey = t.ProjectManagement.Children[2].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[2].Children[2]) - storedPermissionSet.ProjectManagement.Children[2].Children[3].EdgeKey = t.ProjectManagement.Children[2].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[2].Children[3]) - - // 4depth - storedPermissionSet.ProjectManagement.Children[3].Children[0].EdgeKey = t.ProjectManagement.Children[3].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[3].Children[0]) - storedPermissionSet.ProjectManagement.Children[3].Children[1].EdgeKey = t.ProjectManagement.Children[3].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[3].Children[1]) - storedPermissionSet.ProjectManagement.Children[3].Children[2].EdgeKey = t.ProjectManagement.Children[3].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[3].Children[2]) - storedPermissionSet.ProjectManagement.Children[3].Children[3].EdgeKey = t.ProjectManagement.Children[3].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[3].Children[3]) - - // 5depth - storedPermissionSet.ProjectManagement.Children[4].Children[0].EdgeKey = t.ProjectManagement.Children[4].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[4].Children[0]) - storedPermissionSet.ProjectManagement.Children[4].Children[1].EdgeKey = t.ProjectManagement.Children[4].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[4].Children[1]) - storedPermissionSet.ProjectManagement.Children[4].Children[2].EdgeKey = t.ProjectManagement.Children[4].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[4].Children[2]) - storedPermissionSet.ProjectManagement.Children[4].Children[3].EdgeKey = t.ProjectManagement.Children[4].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.ProjectManagement.Children[4].Children[3]) - - // configuration - storedPermissionSet.Configuration.Children[0].Children[0].EdgeKey = t.Configuration.Children[0].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[0].Children[0]) - storedPermissionSet.Configuration.Children[0].Children[1].EdgeKey = t.Configuration.Children[0].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[0].Children[1]) - - // 2depth - storedPermissionSet.Configuration.Children[1].Children[0].EdgeKey = t.Configuration.Children[1].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[1].Children[0]) - storedPermissionSet.Configuration.Children[1].Children[1].EdgeKey = t.Configuration.Children[1].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[1].Children[1]) - storedPermissionSet.Configuration.Children[1].Children[2].EdgeKey = t.Configuration.Children[1].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[1].Children[2]) - storedPermissionSet.Configuration.Children[1].Children[3].EdgeKey = t.Configuration.Children[1].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[1].Children[3]) - - // 3depth - storedPermissionSet.Configuration.Children[2].Children[0].EdgeKey = t.Configuration.Children[2].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[2].Children[0]) - storedPermissionSet.Configuration.Children[2].Children[1].EdgeKey = t.Configuration.Children[2].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[2].Children[1]) - - // 4depth - storedPermissionSet.Configuration.Children[3].Children[0].EdgeKey = t.Configuration.Children[3].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[3].Children[0]) - storedPermissionSet.Configuration.Children[3].Children[1].EdgeKey = t.Configuration.Children[3].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[3].Children[1]) - storedPermissionSet.Configuration.Children[3].Children[2].EdgeKey = t.Configuration.Children[3].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[3].Children[2]) - storedPermissionSet.Configuration.Children[3].Children[3].EdgeKey = t.Configuration.Children[3].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[3].Children[3]) - - // 5depth - storedPermissionSet.Configuration.Children[4].Children[0].EdgeKey = t.Configuration.Children[4].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[4].Children[0]) - storedPermissionSet.Configuration.Children[4].Children[1].EdgeKey = t.Configuration.Children[4].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[4].Children[1]) - storedPermissionSet.Configuration.Children[4].Children[2].EdgeKey = t.Configuration.Children[4].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[4].Children[2]) - storedPermissionSet.Configuration.Children[4].Children[3].EdgeKey = t.Configuration.Children[4].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[4].Children[3]) - - // 6depth - storedPermissionSet.Configuration.Children[5].Children[0].EdgeKey = t.Configuration.Children[5].Children[0].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[5].Children[0]) - storedPermissionSet.Configuration.Children[5].Children[1].EdgeKey = t.Configuration.Children[5].Children[1].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[5].Children[1]) - storedPermissionSet.Configuration.Children[5].Children[2].EdgeKey = t.Configuration.Children[5].Children[2].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[5].Children[2]) - storedPermissionSet.Configuration.Children[5].Children[3].EdgeKey = t.Configuration.Children[5].Children[3].EdgeKey - overwritePermissions = append(overwritePermissions, storedPermissionSet.Configuration.Children[5].Children[3]) - - for _, permission := range overwritePermissions { - if err = r.permissionRepo.EdgeKeyOverwrite(ctx, permission); err != nil { - return err - } - } - log.Debugf(ctx, "Dashboard EdgeKey Overwrite Success") - } - } - - return nil -} diff --git a/internal/usecase/usecase.go b/internal/usecase/usecase.go index cb580b9d..46302b69 100644 --- a/internal/usecase/usecase.go +++ b/internal/usecase/usecase.go @@ -17,7 +17,6 @@ type Usecase struct { Project IProjectUsecase Role IRoleUsecase Permission IPermissionUsecase - Endpoint IEndpointUsecase Audit IAuditUsecase PolicyTemplate IPolicyTemplateUsecase Policy IPolicyUsecase diff --git a/pkg/domain/endpoint.go b/pkg/domain/endpoint.go index b8ca18ee..33acdc92 100644 --- a/pkg/domain/endpoint.go +++ b/pkg/domain/endpoint.go @@ -4,7 +4,3 @@ type EndpointResponse struct { Name string `json:"name"` Group string `json:"group"` } - -type ListEndpointResponse struct { - Endpoints []EndpointResponse `json:"endpoints"` -} diff --git a/pkg/domain/permission.go b/pkg/domain/permission.go index 3d8ab656..3ae4805c 100644 --- a/pkg/domain/permission.go +++ b/pkg/domain/permission.go @@ -19,10 +19,10 @@ type GetPermissionTemplatesResponse struct { //} type TemplateResponse struct { - Name string `json:"name"` - Key string `json:"key"` - EdgeKey *string `json:"edgeKey,omitempty"` - Children []*TemplateResponse `json:"children,omitempty"` + Name string `json:"name"` + Key string `json:"key"` + IsAllowed *bool `json:"isAllowed,omitempty"` + Children []*TemplateResponse `json:"children,omitempty"` } type GetPermissionsByRoleIdResponse struct { @@ -44,6 +44,7 @@ type PermissionResponse struct { Name string `json:"name"` Key string `json:"key"` IsAllowed *bool `json:"isAllowed,omitempty"` + Endpoints []*EndpointResponse `json:"endpoints,omitempty"` Children []*PermissionResponse `json:"children,omitempty"` } @@ -75,10 +76,3 @@ type MergePermissionResponse struct { IsAllowed *bool `json:"isAllowed,omitempty"` Children []*MergePermissionResponse `json:"children,omitempty"` } - -type GetPermissionEdgeKeysResponse struct { -} - -type GetEndpointsResponse struct { - Endpoints []EndpointResponse `json:"endpoints"` -} diff --git a/pkg/httpErrors/errorCode.go b/pkg/httpErrors/errorCode.go index 3b7efb98..21fb3510 100644 --- a/pkg/httpErrors/errorCode.go +++ b/pkg/httpErrors/errorCode.go @@ -146,9 +146,6 @@ var errorMap = map[ErrorCode]string{ "P_CALL_TO_APPLY_KUBERNETES": "쿠버네티스 클러스터 호출에 실패했습니다.", "P_FAILED_TO_APPLY_KUBERNETES": "쿠버네티스 클러스터 변경사항 적용에 실패했습니다.", "P_INVALID_POLICY_PARAMETER": "정책 파라미터가 템플릿의 파라미터 스키마에 유효하지 않습니다. 파라미터를 확인하세요.", - - // Permission - "PE_INVALID_PERMISSIONID": "유효하지 않은 권한 아이디입니다. 권한 아이디를 확인하세요.", } func (m ErrorCode) GetText() string {