refactor: 数据库授权凭证迁移

server/internal/db/api/db_instance.go

@@ -1,28 +1,41 @@
 package api
 
 import (
+	"mayfly-go/internal/common/consts"
 	"mayfly-go/internal/db/api/form"
 	"mayfly-go/internal/db/api/vo"
 	"mayfly-go/internal/db/application"
 	"mayfly-go/internal/db/domain/entity"
+
+	tagapp "mayfly-go/internal/tag/application"
+	tagentity "mayfly-go/internal/tag/domain/entity"
 	"mayfly-go/pkg/biz"
 	"mayfly-go/pkg/req"
-	"mayfly-go/pkg/utils/cryptox"
+	"mayfly-go/pkg/utils/collx"
 	"strconv"
 	"strings"
 )
 
 type Instance struct {
-	InstanceApp application.Instance `inject:"DbInstanceApp"`
-	DbApp       application.Db       `inject:""`
+	InstanceApp         application.Instance    `inject:"DbInstanceApp"`
+	DbApp               application.Db          `inject:""`
+	ResourceAuthCertApp tagapp.ResourceAuthCert `inject:""`
 }
 
 // Instances 获取数据库实例信息
 // @router /api/instances [get]
 func (d *Instance) Instances(rc *req.Ctx) {
 	queryCond, page := req.BindQueryAndPage[*entity.InstanceQuery](rc, new(entity.InstanceQuery))
-	res, err := d.InstanceApp.GetPageList(queryCond, page, new([]vo.InstanceListVO))
+
+	var instvos []*vo.InstanceListVO
+	res, err := d.InstanceApp.GetPageList(queryCond, page, &instvos)
 	biz.ErrIsNil(err)
+
+	// 填充授权凭证信息
+	d.ResourceAuthCertApp.FillAuthCert(consts.ResourceTypeDb, collx.ArrayMap(instvos, func(vos *vo.InstanceListVO) tagentity.IAuthCert {
+		return vos
+	})...)
+
 	rc.ResData = res
 }
 
@@ -30,12 +43,7 @@ func (d *Instance) TestConn(rc *req.Ctx) {
 	form := &form.InstanceForm{}
 	instance := req.BindJsonAndCopyTo[*entity.DbInstance](rc, form, new(entity.DbInstance))
 
-	// 密码解密，并使用解密后的赋值
-	originPwd, err := cryptox.DefaultRsaDecrypt(form.Password, true)
-	biz.ErrIsNilAppendErr(err, "解密密码错误: %s")
-	instance.Password = originPwd
-
-	biz.ErrIsNil(d.InstanceApp.TestConn(instance))
+	biz.ErrIsNil(d.InstanceApp.TestConn(instance, form.AuthCerts[0]))
 }
 
 // SaveInstance 保存数据库实例信息
@@ -44,15 +52,11 @@ func (d *Instance) SaveInstance(rc *req.Ctx) {
 	form := &form.InstanceForm{}
 	instance := req.BindJsonAndCopyTo[*entity.DbInstance](rc, form, new(entity.DbInstance))
 
-	// 密码解密，并使用解密后的赋值
-	originPwd, err := cryptox.DefaultRsaDecrypt(form.Password, true)
-	biz.ErrIsNilAppendErr(err, "解密密码错误: %s")
-	instance.Password = originPwd
-
-	// 密码脱敏记录日志
-	form.Password = "****"
 	rc.ReqParam = form
-	biz.ErrIsNil(d.InstanceApp.Save(rc.MetaCtx, instance))
+	biz.ErrIsNil(d.InstanceApp.SaveDbInstance(rc.MetaCtx, &application.SaveDbInstanceParam{
+		DbInstance: instance,
+		AuthCerts:  form.AuthCerts,
+	}))
 }
 
 // GetInstance 获取数据库实例密码，由于数据库是加密存储，故提供该接口展示原文密码
@@ -61,20 +65,9 @@ func (d *Instance) GetInstance(rc *req.Ctx) {
 	dbId := getInstanceId(rc)
 	dbEntity, err := d.InstanceApp.GetById(new(entity.DbInstance), dbId)
 	biz.ErrIsNil(err, "获取数据库实例错误")
-	dbEntity.Password = ""
 	rc.ResData = dbEntity
 }
 
-// GetInstancePwd 获取数据库实例密码，由于数据库是加密存储，故提供该接口展示原文密码
-// @router /api/instances/:instance/pwd [GET]
-func (d *Instance) GetInstancePwd(rc *req.Ctx) {
-	instanceId := getInstanceId(rc)
-	instanceEntity, err := d.InstanceApp.GetById(new(entity.DbInstance), instanceId, "Password")
-	biz.ErrIsNil(err, "获取数据库实例错误")
-	biz.ErrIsNil(instanceEntity.PwdDecrypt())
-	rc.ResData = instanceEntity.Password
-}
-
 // DeleteInstance 删除数据库实例信息
 // @router /api/instances/:instance [DELETE]
 func (d *Instance) DeleteInstance(rc *req.Ctx) {
@@ -94,10 +87,13 @@ func (d *Instance) DeleteInstance(rc *req.Ctx) {
 // 获取数据库实例的所有数据库名
 func (d *Instance) GetDatabaseNames(rc *req.Ctx) {
 	instanceId := getInstanceId(rc)
-	instance, err := d.InstanceApp.GetById(new(entity.DbInstance), instanceId, "Password")
+	authCertName := rc.Query("authCertName")
+	biz.NotEmpty(authCertName, "授权凭证名不能为空")
+
+	instance, err := d.InstanceApp.GetById(new(entity.DbInstance), instanceId)
 	biz.ErrIsNil(err, "获取数据库实例错误")
-	biz.ErrIsNil(instance.PwdDecrypt())
-	res, err := d.InstanceApp.GetDatabases(instance)
+
+	res, err := d.InstanceApp.GetDatabases(instance, authCertName)
 	biz.ErrIsNil(err)
 	rc.ResData = res
 }