Go CLI: Fix alter role (#16226)

### What problem does this PR solve?

As title.

### Type of change

- [x] Bug Fix (non-breaking change which fixes an issue)

---------

Signed-off-by: Jin Hai <haijin.chn@gmail.com>
This commit is contained in:
Jin Hai
2026-06-22 17:33:47 +08:00
committed by GitHub
parent 329e09f16a
commit 05e758e4fe
10 changed files with 453 additions and 396 deletions

View File

@@ -252,7 +252,7 @@ func (c *CLI) AdminAlterRole(cmd *Command) (ResponseIf, error) {
return nil, fmt.Errorf("failed to alter role: HTTP %d, body: %s", resp.StatusCode, string(resp.Body))
}
var result SimpleResponse
var result CommonDataResponse
if err = json.Unmarshal(resp.Body, &result); err != nil {
return nil, fmt.Errorf("alter role failed: invalid JSON (%w)", err)
@@ -265,8 +265,8 @@ func (c *CLI) AdminAlterRole(cmd *Command) (ResponseIf, error) {
return &result, nil
}
// GrantAdmin grants admin privileges to a user (admin mode only)
func (c *CLI) GrantAdmin(cmd *Command) (ResponseIf, error) {
// AdminGrantUserAdminCommand grants admin privileges to a user (admin mode only)
func (c *CLI) AdminGrantUserAdminCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
@@ -301,8 +301,8 @@ func (c *CLI) GrantAdmin(cmd *Command) (ResponseIf, error) {
return &result, nil
}
// RevokeAdmin revokes admin privileges from a user (admin mode only)
func (c *CLI) RevokeAdmin(cmd *Command) (ResponseIf, error) {
// AdminRevokeUserAdminCommand revokes admin privileges from a user (admin mode only)
func (c *CLI) AdminRevokeUserAdminCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
@@ -337,6 +337,140 @@ func (c *CLI) RevokeAdmin(cmd *Command) (ResponseIf, error) {
return &result, nil
}
// AdminGrantRolePermissionCommand grants permission to role (admin mode only)
func (c *CLI) AdminGrantRolePermissionCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
actions, ok := cmd.Params["actions"].([]string)
if !ok {
return nil, fmt.Errorf("actions not provided")
}
resource, ok := cmd.Params["resource"].(string)
if !ok {
return nil, fmt.Errorf("resource not provided")
}
roleName, ok := cmd.Params["role_name"].(string)
if !ok {
return nil, fmt.Errorf("role_name not provided")
}
payload := map[string]interface{}{
"actions": actions,
"resource": resource,
}
apiURL := fmt.Sprintf("/admin/roles/%s/permission", roleName)
resp, err := c.AdminServerClient.Request("POST", apiURL, "admin", nil, payload)
if err != nil {
return nil, fmt.Errorf("failed to grant permission to role: %w", err)
}
if resp.StatusCode != 200 {
return nil, fmt.Errorf("failed to grant permission to role: HTTP %d, body: %s", resp.StatusCode, string(resp.Body))
}
var result CommonDataResponse
if err = json.Unmarshal(resp.Body, &result); err != nil {
return nil, fmt.Errorf("grant permission to role failed: invalid JSON (%w)", err)
}
if result.Code != 0 {
return nil, fmt.Errorf("%s", result.Message)
}
result.Duration = resp.Duration
return &result, nil
}
// AdminRevokeRolePermissionCommand revokes permission from role (admin mode only)
func (c *CLI) AdminRevokeRolePermissionCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
actions, ok := cmd.Params["actions"].([]string)
if !ok {
return nil, fmt.Errorf("actions not provided")
}
resource, ok := cmd.Params["resource"].(string)
if !ok {
return nil, fmt.Errorf("resource not provided")
}
roleName, ok := cmd.Params["role_name"].(string)
if !ok {
return nil, fmt.Errorf("role_name not provided")
}
payload := map[string]interface{}{
"actions": actions,
"resource": resource,
}
apiURL := fmt.Sprintf("/admin/roles/%s/permission", roleName)
resp, err := c.AdminServerClient.Request("DELETE", apiURL, "admin", nil, payload)
if err != nil {
return nil, fmt.Errorf("failed to revoke permission from role: %w", err)
}
if resp.StatusCode != 200 {
return nil, fmt.Errorf("failed to revoke permission from role: HTTP %d, body: %s", resp.StatusCode, string(resp.Body))
}
var result CommonDataResponse
if err = json.Unmarshal(resp.Body, &result); err != nil {
return nil, fmt.Errorf("revoke permission from role failed: invalid JSON (%w)", err)
}
if result.Code != 0 {
return nil, fmt.Errorf("%s", result.Message)
}
result.Duration = resp.Duration
return &result, nil
}
// AdminShowRolePermissionCommand shows admin privileges from a user (admin mode only)
func (c *CLI) AdminShowRolePermissionCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
roleName, ok := cmd.Params["role_name"].(string)
if !ok {
return nil, fmt.Errorf("role_name not provided")
}
apiURL := fmt.Sprintf("/admin/roles/%s/permission", roleName)
resp, err := c.AdminServerClient.Request("GET", apiURL, "admin", nil, nil)
if err != nil {
return nil, fmt.Errorf("failed to show role permission: %w", err)
}
if resp.StatusCode != 200 {
return nil, fmt.Errorf("failed to show role permission: HTTP %d, body: %s", resp.StatusCode, string(resp.Body))
}
var result CommonDataResponse
if err = json.Unmarshal(resp.Body, &result); err != nil {
return nil, fmt.Errorf("show role permission failed: invalid JSON (%w)", err)
}
if result.Code != 0 {
return nil, fmt.Errorf("%s", result.Message)
}
result.Duration = resp.Duration
return &result, nil
}
// AdminCreateUserCommand creates a new user (admin mode only)
func (c *CLI) AdminCreateUserCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
@@ -563,27 +697,112 @@ func (c *CLI) AdminListServicesCommand(cmd *Command) (ResponseIf, error) {
return &result, nil
}
// AdminStartServiceCommand starts a service (admin mode only)
func (c *CLI) AdminStartServiceCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
serviceIndex := cmd.Params["service_index"].(int)
endPoint := fmt.Sprintf("/admin/services/%d", serviceIndex)
resp, err := c.AdminServerClient.Request("POST", endPoint, "admin", nil, nil)
if err != nil {
return nil, fmt.Errorf("failed to start service: %w", err)
}
if resp.StatusCode != 200 {
return nil, fmt.Errorf("failed to start service: HTTP %d, body: %s", resp.StatusCode, string(resp.Body))
}
var result CommonDataResponse
if err = json.Unmarshal(resp.Body, &result); err != nil {
return nil, fmt.Errorf("start service failed: invalid JSON (%w)", err)
}
if result.Code != 0 {
return nil, fmt.Errorf("%s", result.Message)
}
result.Duration = resp.Duration
return &result, nil
}
// AdminRestartServiceCommand restarts a service (admin mode only)
func (c *CLI) AdminRestartServiceCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
serviceIndex := cmd.Params["service_index"].(int)
endPoint := fmt.Sprintf("/admin/services/%d", serviceIndex)
resp, err := c.AdminServerClient.Request("PUT", endPoint, "admin", nil, nil)
if err != nil {
return nil, fmt.Errorf("failed to restart service: %w", err)
}
if resp.StatusCode != 200 {
return nil, fmt.Errorf("failed to restart service: HTTP %d, body: %s", resp.StatusCode, string(resp.Body))
}
var result CommonDataResponse
if err = json.Unmarshal(resp.Body, &result); err != nil {
return nil, fmt.Errorf("restart service failed: invalid JSON (%w)", err)
}
if result.Code != 0 {
return nil, fmt.Errorf("%s", result.Message)
}
result.Duration = resp.Duration
return &result, nil
}
// AdminShutdownServiceCommand shuts down a service (admin mode only)
func (c *CLI) AdminShutdownServiceCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
serviceIndex := cmd.Params["service_index"].(int)
endPoint := fmt.Sprintf("/admin/services/%d", serviceIndex)
resp, err := c.AdminServerClient.Request("DELETE", endPoint, "admin", nil, nil)
if err != nil {
return nil, fmt.Errorf("failed to shutdown service: %w", err)
}
if resp.StatusCode != 200 {
return nil, fmt.Errorf("failed to shutdown service: HTTP %d, body: %s", resp.StatusCode, string(resp.Body))
}
var result CommonDataResponse
if err = json.Unmarshal(resp.Body, &result); err != nil {
return nil, fmt.Errorf("shutdown service failed: invalid JSON (%w)", err)
}
if result.Code != 0 {
return nil, fmt.Errorf("%s", result.Message)
}
result.Duration = resp.Duration
return &result, nil
}
// AdminShowService show service (admin mode only)
func (c *CLI) AdminShowService(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
serviceIndex := cmd.Params["number"].(int)
// Check for benchmark iterations
iterations := 1
if val, ok := cmd.Params["iterations"].(int); ok && val > 1 {
iterations = val
}
serviceIndex := cmd.Params["service_index"].(int)
endPoint := fmt.Sprintf("/admin/services/%d", serviceIndex)
if iterations > 1 {
// Benchmark mode - return raw result for benchmark stats
return c.AdminServerClient.RequestWithIterations("GET", endPoint, "admin", nil, nil, iterations)
}
resp, err := c.AdminServerClient.Request("GET", endPoint, "admin", nil, nil)
if err != nil {
return nil, fmt.Errorf("failed to show service: %w", err)
@@ -1031,46 +1250,6 @@ func (c *CLI) ShowUserPermission(cmd *Command) (ResponseIf, error) {
return &result, nil
}
// GenerateAdminToken generates an API token for a user (admin mode only)
func (c *CLI) GenerateAdminToken(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
userName, ok := cmd.Params["user_name"].(string)
if !ok {
return nil, fmt.Errorf("user_name not provided")
}
encodedUserName := common.EncodeEmail(userName)
apiURL := fmt.Sprintf("/admin/users/%s/keys", encodedUserName)
resp, err := c.AdminServerClient.Request("POST", apiURL, "admin", nil, nil)
if err != nil {
return nil, fmt.Errorf("failed to generate token: %w", err)
}
if resp.StatusCode != 200 {
return nil, fmt.Errorf("failed to generate token: HTTP %d, body: %s", resp.StatusCode, string(resp.Body))
}
var result CommonDataResponse
if err = json.Unmarshal(resp.Body, &result); err != nil {
return nil, fmt.Errorf("generate token failed: invalid JSON (%w)", err)
}
if result.Code != 0 {
return nil, fmt.Errorf("%s", result.Message)
}
delete(result.Data, "update_date")
delete(result.Data, "update_time")
delete(result.Data, "create_time")
result.Duration = resp.Duration
return &result, nil
}
func (c *CLI) ListAdminTasks(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
@@ -1394,41 +1573,6 @@ func (c *CLI) UserShowMessageQueueCommand(cmd *Command) (ResponseIf, error) {
return &result, nil
}
func (c *CLI) AdminRemoveServiceCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {
return nil, fmt.Errorf("this command is only allowed in ADMIN mode or already login")
}
serviceNumber, ok := cmd.Params["service_number"].(int)
if !ok {
return nil, fmt.Errorf("service_number not provided")
}
payload := map[string]interface{}{
"service_number": serviceNumber,
}
resp, err := c.AdminServerClient.Request("DELETE", "/admin/services", "admin", nil, payload)
if err != nil {
return nil, fmt.Errorf("failed to remove unavailable service: %w", err)
}
if resp.StatusCode != 200 {
return nil, fmt.Errorf("failed to remove unavailable service: HTTP %d, body: %s", resp.StatusCode, string(resp.Body))
}
var result SimpleResponse
if err = json.Unmarshal(resp.Body, &result); err != nil {
return nil, fmt.Errorf("remove unavailable service failed: invalid JSON (%w)", err)
}
if result.Code != 0 {
return nil, fmt.Errorf("%s", result.Message)
}
result.Duration = resp.Duration
return &result, nil
}
// AdminCheckLicenseCommand check license command (admin mode only)
func (c *CLI) AdminCheckLicenseCommand(cmd *Command) (ResponseIf, error) {
if c.Config.CLIMode != AdminMode || c.AdminServerClient.LoginToken == nil {