Delete data part 1 (#360)

2026-01-12 03:05:14 +00:00 · 2022-02-01 12:09:33 +00:00
parent 1f494e6638
commit 9b8d144dfd
9 changed files with 177 additions and 35 deletions
--- a/user/handler/handler.go
+++ b/user/handler/handler.go
@@ -10,10 +10,10 @@ import (
 	"time"

 	"github.com/google/uuid"
-	"github.com/micro/micro/v3/service/auth"
 	"github.com/micro/micro/v3/service/errors"
 	"github.com/micro/micro/v3/service/logger"
 	"github.com/micro/micro/v3/service/store"
+	pauth "github.com/micro/services/pkg/auth"
 	adminpb "github.com/micro/services/pkg/service/proto"
 	"golang.org/x/crypto/bcrypt"

@@ -510,7 +510,7 @@ func (s *User) VerifyToken(ctx context.Context, req *pb.VerifyTokenRequest, rsp
 }

 func (s *User) DeleteData(ctx context.Context, request *adminpb.DeleteDataRequest, response *adminpb.DeleteDataResponse) error {
-	if _, err := verifyMicroAdmin(ctx, "user.DeleteData"); err != nil {
+	if _, err := pauth.VerifyMicroAdmin(ctx, "user.DeleteData"); err != nil {
 		return err
 	}

@@ -519,29 +519,3 @@ func (s *User) DeleteData(ctx context.Context, request *adminpb.DeleteDataReques
 	}
 	return s.domain.DeleteTenantData(request.TenantId)
 }
-
-func verifyMicroAdmin(ctx context.Context, method string) (*auth.Account, error) {
-	acc, ok := auth.AccountFromContext(ctx)
-	if !ok {
-		return nil, errors.Unauthorized(method, "Unauthorized")
-	}
-	if err := doVerifyMicroAdmin(acc, method); err != nil {
-		return nil, err
-	}
-	return acc, nil
-}
-
-func doVerifyMicroAdmin(acc *auth.Account, method string) error {
-	errForbid := errors.Forbidden(method, "Forbidden")
-	if acc.Issuer != "micro" {
-		return errForbid
-	}
-
-	for _, s := range acc.Scopes {
-		if (s == "admin" && acc.Type == "user") || (s == "service" && acc.Type == "service") {
-			return nil
-		}
-	}
-	return errForbid
-
-}