From 795c1262c60255d3110d2696ebffa4e0f74f450b Mon Sep 17 00:00:00 2001 From: icecheng Date: Mon, 21 Jul 2025 09:31:37 +0800 Subject: [PATCH] feat(role_management): add assign permissions to role api --- .../backend/infra/permission/role_handler.py | 24 +++++++++++- .../services/permission/role_service.py | 8 +++- .../webapi/routes/role/__init__.py | 4 +- .../webapi/routes/role/assign_permissions.py | 38 +++++++++++++++++++ 4 files changed, 70 insertions(+), 4 deletions(-) create mode 100644 apps/authentication/webapi/routes/role/assign_permissions.py diff --git a/apps/authentication/backend/infra/permission/role_handler.py b/apps/authentication/backend/infra/permission/role_handler.py index b18df20..83a1bbd 100644 --- a/apps/authentication/backend/infra/permission/role_handler.py +++ b/apps/authentication/backend/infra/permission/role_handler.py @@ -2,7 +2,7 @@ from typing import Optional, List, Tuple from fastapi.exceptions import RequestValidationError -from backend.models.permission.models import RoleDoc +from backend.models.permission.models import RoleDoc, PermissionDoc from beanie import PydanticObjectId from datetime import datetime @@ -71,3 +71,25 @@ class RoleHandler: total = await cursor.count() docs = await cursor.skip(skip).limit(limit).to_list() return docs, total + + async def assign_permissions_to_role(self, role_id: PydanticObjectId, permission_ids: List[str]) -> Optional[RoleDoc]: + """Assign permissions to a role by updating the permission_ids field""" + if not role_id or not permission_ids: + raise RequestValidationError("role_id and permission_ids are required.") + doc = await RoleDoc.get(role_id) + if not doc: + raise RequestValidationError("Role not found.") + + # Validate that all permission_ids exist in the permission collection + for permission_id in permission_ids: + permission_doc = await PermissionDoc.get(PydanticObjectId(permission_id)) + if not permission_doc: + raise RequestValidationError(f"Permission with id {permission_id} not found.") + + # Remove duplicates from permission_ids + unique_permission_ids = list(dict.fromkeys(permission_ids)) + + doc.permission_ids = unique_permission_ids + doc.updated_at = datetime.now() + await doc.save() + return doc diff --git a/apps/authentication/backend/services/permission/role_service.py b/apps/authentication/backend/services/permission/role_service.py index 8aba63e..0c15b0c 100644 --- a/apps/authentication/backend/services/permission/role_service.py +++ b/apps/authentication/backend/services/permission/role_service.py @@ -1,4 +1,4 @@ -from typing import Optional, Dict, Any +from typing import Optional, Dict, Any, List from fastapi.exceptions import RequestValidationError @@ -33,4 +33,8 @@ class RoleService: "total": total, "page": page, "page_size": page_size - } \ No newline at end of file + } + + async def assign_permissions_to_role(self, role_id: str, permission_ids: List[str]) -> RoleDoc: + """Assign permissions to a role by updating the permission_ids field""" + return await self.role_handler.assign_permissions_to_role(PydanticObjectId(role_id), permission_ids) \ No newline at end of file diff --git a/apps/authentication/webapi/routes/role/__init__.py b/apps/authentication/webapi/routes/role/__init__.py index eaad8a3..60573a0 100644 --- a/apps/authentication/webapi/routes/role/__init__.py +++ b/apps/authentication/webapi/routes/role/__init__.py @@ -2,9 +2,11 @@ from fastapi import APIRouter from .create_role import router as create_role_router from .update_role import router as update_role_router from .query_role import router as query_role_router +from .assign_permissions import router as assign_permissions_router router = APIRouter() router.include_router(create_role_router, prefix="/role", tags=["role"]) router.include_router(update_role_router, prefix="/role", tags=["role"]) -router.include_router(query_role_router, prefix="/role", tags=["role"]) \ No newline at end of file +router.include_router(query_role_router, prefix="/role", tags=["role"]) +router.include_router(assign_permissions_router, prefix="/role", tags=["role"]) \ No newline at end of file diff --git a/apps/authentication/webapi/routes/role/assign_permissions.py b/apps/authentication/webapi/routes/role/assign_permissions.py new file mode 100644 index 0000000..7640520 --- /dev/null +++ b/apps/authentication/webapi/routes/role/assign_permissions.py @@ -0,0 +1,38 @@ +from datetime import datetime + +from fastapi import APIRouter +from pydantic import BaseModel +from typing import List +from backend.services.permission.role_service import RoleService +from common.token.token_manager import TokenManager + +router = APIRouter() +token_manager = TokenManager() +role_service = RoleService() + +class AssignPermissionsRequest(BaseModel): + role_id: str + permission_ids: List[str] + +class RoleResponse(BaseModel): + id: str + role_key: str + role_name: str + role_description: str + permission_ids: List[str] + role_level: int + created_at: datetime + updated_at: datetime + +@router.post( + "/assign-permissions", + response_model=RoleResponse, + operation_id="assign-permissions-to-role", + summary="Assign Permissions to Role", + description="Assign permissions to a role by updating the permission_ids field." +) +async def assign_permissions_to_role( + req: AssignPermissionsRequest, +) -> RoleResponse: + doc = await role_service.assign_permissions_to_role(req.role_id, req.permission_ids) + return RoleResponse(**doc.dict()) \ No newline at end of file