Skip to content

Commit

Permalink
RBAC privielge group API
Browse files Browse the repository at this point in the history
Signed-off-by: shaoting-huang <[email protected]>
  • Loading branch information
shaoting-huang committed Nov 13, 2024
1 parent d472ccd commit 88d525b
Show file tree
Hide file tree
Showing 3 changed files with 50 additions and 9 deletions.
6 changes: 4 additions & 2 deletions client/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -92,8 +92,10 @@ type Client interface {
DropPrivilegeGroup(ctx context.Context, groupName string) error
// ListPrivilegeGroups lists all privilege groups
ListPrivilegeGroups(ctx context.Context) ([]*entity.PrivilegeGroup, error)
// OperatePrivilegeGroup adds privileges to a privilege group or remove privileges from a privilege group
OperatePrivilegeGroup(ctx context.Context, groupName string, privileges []string) error
// AddPrivilegeToGroup adds privileges to a privilege group
AddPrivilegesToGroup(ctx context.Context, groupName string, privileges []string) error
// RemovePrivilegesFromGroup removes privileges from a privilege group
RemovePrivilegesFromGroup(ctx context.Context, groupName string, privileges []string) error

// -- authentication --

Expand Down
12 changes: 11 additions & 1 deletion client/client_mock_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -256,6 +256,7 @@ const (
MAlterCollection ServiceMethod = 109
MGetLoadingProgress ServiceMethod = 110
MGetLoadState ServiceMethod = 111
MAlterCollectionField ServiceMethod = 112

MCreatePartition ServiceMethod = 201
MDropPartition ServiceMethod = 202
Expand Down Expand Up @@ -1085,6 +1086,15 @@ func (m *MockServer) RestoreRBAC(ctx context.Context, req *milvuspb.RestoreRBACM
return SuccessStatus()
}

func (m *MockServer) AlterCollectionField(ctx context.Context, req *milvuspb.AlterCollectionFieldRequest) (*commonpb.Status, error) {
f := m.GetInjection(MAlterCollectionField)
if f != nil {
r, err := f(ctx, req)
return r.(*commonpb.Status), err
}
return SuccessStatus()
}

func (m *MockServer) CreatePrivilegeGroup(ctx context.Context, req *milvuspb.CreatePrivilegeGroupRequest) (*commonpb.Status, error) {
f := m.GetInjection(MCreatePrivilegeGroup)
if f != nil {
Expand Down Expand Up @@ -1113,7 +1123,7 @@ func (m *MockServer) ListPrivilegeGroups(ctx context.Context, req *milvuspb.List
return &milvuspb.ListPrivilegeGroupsResponse{Status: s}, err
}

func (m *MockServer) OperatePrivilegeGroupRequest(ctx context.Context, req *milvuspb.OperatePrivilegeGroupRequest) (*commonpb.Status, error) {
func (m *MockServer) OperatePrivilegeGroup(ctx context.Context, req *milvuspb.OperatePrivilegeGroupRequest) (*commonpb.Status, error) {
f := m.GetInjection(MOperatePrivilegeGroup)
if f != nil {
r, err := f(ctx, req)
Expand Down
41 changes: 35 additions & 6 deletions client/rbac.go
Original file line number Diff line number Diff line change
Expand Up @@ -557,8 +557,8 @@ func (c *GrpcClient) DropPrivilegeGroup(ctx context.Context, groupName string) e
return handleRespStatus(resp)
}

func (c *GrpcClient) ListPrivilegeGroups(ctx context.Context) ([]entity.PrivilegeGroup, error) {
PrivilegeGroupList := make([]entity.PrivilegeGroup, 0)
func (c *GrpcClient) ListPrivilegeGroups(ctx context.Context) ([]*entity.PrivilegeGroup, error) {
PrivilegeGroupList := make([]*entity.PrivilegeGroup, 0)
if c.Service == nil {
return PrivilegeGroupList, ErrClientNotReady
}
Expand All @@ -581,7 +581,7 @@ func (c *GrpcClient) ListPrivilegeGroups(ctx context.Context) ([]entity.Privileg
}

for _, pg := range results {
PrivilegeGroup := entity.PrivilegeGroup{
PrivilegeGroup := &entity.PrivilegeGroup{
GroupName: pg.GroupName,
Privileges: lo.Map(pg.Privileges, func(p *milvuspb.PrivilegeEntity, _ int) string {
return p.Name
Expand All @@ -593,16 +593,45 @@ func (c *GrpcClient) ListPrivilegeGroups(ctx context.Context) ([]entity.Privileg
return PrivilegeGroupList, nil
}

func (c *GrpcClient) OperatePrivilegeGroup(ctx context.Context, groupName string, privileges []string) error {
func (c *GrpcClient) AddPrivilegesToGroup(ctx context.Context, groupName string, privileges []string) error {
if c.Service == nil {
return ErrClientNotReady
}

req := &milvuspb.DropPrivilegeGroupRequest{
req := &milvuspb.OperatePrivilegeGroupRequest{
GroupName: groupName,
Privileges: lo.Map(privileges, func(p string, _ int) *milvuspb.PrivilegeEntity {
return &milvuspb.PrivilegeEntity{
Name: p,
}
}),
Type: milvuspb.OperatePrivilegeGroupType_AddPrivilegesToGroup,
}

resp, err := c.Service.DropPrivilegeGroup(ctx, req)
resp, err := c.Service.OperatePrivilegeGroup(ctx, req)
if err != nil {
return err
}

return handleRespStatus(resp)
}

func (c *GrpcClient) RemovePrivilegesFromGroup(ctx context.Context, groupName string, privileges []string) error {
if c.Service == nil {
return ErrClientNotReady
}

req := &milvuspb.OperatePrivilegeGroupRequest{
GroupName: groupName,
Privileges: lo.Map(privileges, func(p string, _ int) *milvuspb.PrivilegeEntity {
return &milvuspb.PrivilegeEntity{
Name: p,
}
}),
Type: milvuspb.OperatePrivilegeGroupType_RemovePrivilegesFromGroup,
}

resp, err := c.Service.OperatePrivilegeGroup(ctx, req)
if err != nil {
return err
}
Expand Down

0 comments on commit 88d525b

Please sign in to comment.