zishuo/oneterm
1
0
Fork 0
mirror of https://github.com/veops/oneterm.git synced 2025-09-27 03:36:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor(backend): migrate CheckAssetDependencies to use V2 authorization system

Browse Source
This commit is contained in:
pycook
2025-08-06 12:02:06 +08:00
parent 4cd3af9461
commit 5c21355e41
1 changed files with 45 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
backend/internal/repository/account.go
View File

@@ -121,25 +121,55 @@ func (r *accountRepository) AttachAssetCount(ctx context.Context, accounts []*mo
return nil return nil
} }
// CheckAssetDependencies checks if account has dependent assets // CheckAssetDependencies checks if account has dependent assets using V2 authorization system
func (r *accountRepository) CheckAssetDependencies(ctx context.Context, id int) (string, error) { func (r *accountRepository) CheckAssetDependencies(ctx context.Context, id int) (string, error) {
var assetName string // Get all V2 authorization rules where both account and asset selectors are 'ids' type
err := dbpkg.DB. var rules []*model.AuthorizationV2
Model(model.DefaultAsset). if err := dbpkg.DB.Model(&model.AuthorizationV2{}).
Select("name"). Where("enabled = ? AND JSON_EXTRACT(account_selector, '$.type') = ? AND JSON_EXTRACT(asset_selector, '$.type') = ?",
Where("id = (?)", dbpkg.DB.Model(&model.Authorization{}).Select("asset_id").Where("account_id = ?", id).Limit(1)). true, "ids", "ids").
First(&assetName). Find(&rules).Error; err != nil {
Error
if errors.Is(err, gorm.ErrRecordNotFound) {
return "", nil
}
if err != nil {
return "", err return "", err
} }
return assetName, errors.New("account has dependent assets") // Check if any rule contains this account ID
for _, rule := range rules {
// Extract account IDs from account selector
ruleAccountIds := lo.FilterMap(rule.AccountSelector.Values, func(value string, _ int) (int, bool) {
if accountId, err := strconv.Atoi(value); err == nil {
return accountId, true
}
return 0, false
})
// Check if this account ID is in the rule
if lo.Contains(ruleAccountIds, id) {
// Extract asset IDs from asset selector
ruleAssetIds := lo.FilterMap(rule.AssetSelector.Values, func(value string, _ int) (int, bool) {
if assetId, err := strconv.Atoi(value); err == nil {
return assetId, true
}
return 0, false
})
// If there are assets in this rule, return the first asset name
if len(ruleAssetIds) > 0 {
var assetName string
err := dbpkg.DB.
Model(model.DefaultAsset).
Select("name").
Where("id = ?", ruleAssetIds[0]).
First(&assetName).
Error
if err == nil {
return assetName, errors.New("account has dependent assets")
}
}
}
}
return "", nil
} }
// GetAccountIdsByAuthorization gets account IDs by authorization and asset IDs // GetAccountIdsByAuthorization gets account IDs by authorization and asset IDs