80 lines
2.5 KiB
Go
80 lines
2.5 KiB
Go
package redis
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"fmt"
|
|
"time"
|
|
|
|
"wm-backend/global"
|
|
|
|
"github.com/rs/zerolog/log"
|
|
)
|
|
|
|
const (
|
|
userRBACPrefix = "user:rbac:"
|
|
defaultTTL = 60 * time.Minute
|
|
)
|
|
|
|
// RBACCachedData represents the cached roles and permissions for a user.
|
|
type RBACCachedData struct {
|
|
Roles []RoleCacheItem `json:"roles"`
|
|
Permissions []string `json:"permissions"`
|
|
}
|
|
|
|
// RoleCacheItem represents a cached role item.
|
|
type RoleCacheItem struct {
|
|
ID string `json:"id"`
|
|
Name string `json:"name"`
|
|
Description string `json:"description"`
|
|
}
|
|
|
|
func buildKey(userID string) string {
|
|
return fmt.Sprintf("%s%s", userRBACPrefix, userID)
|
|
}
|
|
|
|
// CacheUserPermissions stores the user's roles and permissions in Redis with TTL.
|
|
func CacheUserPermissions(ctx context.Context, userID string, data RBACCachedData, ttl time.Duration) error {
|
|
jsonData, err := json.Marshal(data)
|
|
if err != nil {
|
|
log.Error().Err(err).Str("userID", userID).Msg("Failed to marshal RBAC data for caching")
|
|
return err
|
|
}
|
|
if err := global.Cache.Set(ctx, buildKey(userID), jsonData, ttl).Err(); err != nil {
|
|
log.Error().Err(err).Str("userID", userID).Msg("Failed to cache user permissions in Redis")
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// GetCachedUserPermissions retrieves the cached RBAC data from Redis.
|
|
// Returns (nil, false) if not found or on error (graceful fallback).
|
|
func GetCachedUserPermissions(ctx context.Context, userID string) (*RBACCachedData, bool) {
|
|
val, err := global.Cache.Get(ctx, buildKey(userID)).Result()
|
|
if err != nil {
|
|
// Key doesn't exist or Redis error; silently fallback to DB
|
|
return nil, false
|
|
}
|
|
|
|
var data RBACCachedData
|
|
if err := json.Unmarshal([]byte(val), &data); err != nil {
|
|
log.Error().Err(err).Str("userID", userID).Msg("Failed to unmarshal cached RBAC data")
|
|
return nil, false
|
|
}
|
|
return &data, true
|
|
}
|
|
|
|
// RefreshTTL resets the TTL on a cached RBAC entry when a cache hit occurs.
|
|
func RefreshTTL(ctx context.Context, userID string, ttl time.Duration) {
|
|
if err := global.Cache.Expire(ctx, buildKey(userID), ttl).Err(); err != nil {
|
|
log.Error().Err(err).Str("userID", userID).Msg("Failed to refresh TTL for RBAC cache")
|
|
}
|
|
}
|
|
|
|
// DeleteUserPermissionsCache removes the cached RBAC data for a user (for cache invalidation).
|
|
func DeleteUserPermissionsCache(ctx context.Context, userID string) {
|
|
if err := global.Cache.Del(ctx, buildKey(userID)).Err(); err != nil {
|
|
log.Error().Err(err).Str("userID", userID).Msg("Failed to delete RBAC cache")
|
|
}
|
|
}
|