From ad1f0de31aaeff402a56892e2bc085dc733022bb Mon Sep 17 00:00:00 2001
From: ZzIsGod1019 <1498852723@qq.com>
Date: Thu, 21 Mar 2024 11:09:52 +0800
Subject: [PATCH] iam: add cert api on ci (#649)

* iam: api update

* iam-ci: add api get_cert_by_id

* iam: add cert api on ci
---
 .../console_interface/api/iam_ci_cert_api.rs  | 19 +++++++++--------
 .../console_interface/api/iam_ci_role_api.rs  | 21 +++++++++++++++----
 2 files changed, 27 insertions(+), 13 deletions(-)

diff --git a/support/iam/src/console_interface/api/iam_ci_cert_api.rs b/support/iam/src/console_interface/api/iam_ci_cert_api.rs
index 5e134a183..2cf223fe8 100644
--- a/support/iam/src/console_interface/api/iam_ci_cert_api.rs
+++ b/support/iam/src/console_interface/api/iam_ci_cert_api.rs
@@ -11,8 +11,10 @@ use crate::console_interface::serv::iam_ci_oauth2_token_serv::IamCiOauth2AkSkSer
 use crate::iam_constants;
 use crate::iam_enumeration::Oauth2GrantType;
 use bios_basic::helper::request_helper::add_remote_ip;
-use bios_basic::rbum::dto::rbum_cert_dto::{RbumCertSummaryResp, RbumCertSummaryWithSkResp};
+use bios_basic::rbum::dto::rbum_cert_dto::RbumCertSummaryWithSkResp;
 use bios_basic::rbum::dto::rbum_filer_dto::RbumCertFilterReq;
+use bios_basic::rbum::serv::rbum_cert_serv::RbumCertServ;
+use bios_basic::rbum::serv::rbum_crud_serv::RbumCrudOperation;
 use tardis::basic::dto::TardisContext;
 use tardis::basic::error::TardisError;
 use tardis::web::context_extractor::TardisContextExtractor;
@@ -74,24 +76,23 @@ impl IamCiCertManageApi {
 #[poem_openapi::OpenApi(prefix_path = "/ci/cert", tag = "bios_basic::ApiTag::Interface")]
 impl IamCiCertApi {
     #[oai(path = "/get/:id", method = "get")]
-    async fn get_cert_by_id(&self, id: Path<String>, ctx: TardisContextExtractor, request: &Request) -> TardisApiResult<RbumCertSummaryResp> {
+    async fn get_cert_by_id(&self, id: Path<String>, ctx: TardisContextExtractor, request: &Request) -> TardisApiResult<IamCertAkSkResp> {
         add_remote_ip(request, &ctx.0).await?;
         let funs = iam_constants::get_tardis_inst();
-        let result = IamCertServ::find_certs(
+        let ak = RbumCertServ::find_one_detail_rbum(
             &RbumCertFilterReq {
-                id: Some(id.0),
+                id: Some(id.0.clone()),
                 ..Default::default()
             },
-            None,
-            None,
             &funs,
             &ctx.0,
         )
         .await?
-        .pop()
-        .ok_or_else(|| funs.err().internal_error("iam_ci_cert", "get_cert_by_id", "cert is not found", "401-iam-cert-code-not-exist"))?;
+        .ok_or_else(|| funs.err().internal_error("iam_ci_cert", "get_cert_by_id", "cert is not found", "401-iam-cert-code-not-exist"))?
+        .ak;
+        let sk = RbumCertServ::show_sk(&id.0, &RbumCertFilterReq::default(), &funs, &ctx.0).await?;
         ctx.0.execute_task().await?;
-        TardisResp::ok(result)
+        TardisResp::ok(IamCertAkSkResp { id: id.clone(), ak, sk })
     }
     /// Find Cert By Kind And Supplier
     ///
diff --git a/support/iam/src/console_interface/api/iam_ci_role_api.rs b/support/iam/src/console_interface/api/iam_ci_role_api.rs
index 9f481e445..d77e79c4e 100644
--- a/support/iam/src/console_interface/api/iam_ci_role_api.rs
+++ b/support/iam/src/console_interface/api/iam_ci_role_api.rs
@@ -1,4 +1,6 @@
 use crate::basic::dto::iam_role_dto::IamRoleRelAccountCertResp;
+use bios_basic::rbum::serv::rbum_crud_serv::RbumCrudOperation;
+use bios_basic::rbum::serv::rbum_item_serv::RbumItemServ;
 use itertools::Itertools;
 
 use crate::basic::serv::iam_app_serv::IamAppServ;
@@ -150,12 +152,23 @@ impl IamCiRoleApi {
         TardisResp::ok(Void {})
     }
 
-    /// get Rel Account by role_id
-    #[oai(path = "/:role_id/accounts", method = "get")]
-    async fn get_rel_accounts(&self, role_id: Path<String>, ctx: TardisContextExtractor, request: &Request) -> TardisApiResult<Vec<IamRoleRelAccountCertResp>> {
+    /// get Rel Account by role_code
+    #[oai(path = "/:role_code/accounts", method = "get")]
+    async fn get_rel_accounts(&self, role_code: Path<String>, ctx: TardisContextExtractor, request: &Request) -> TardisApiResult<Vec<IamRoleRelAccountCertResp>> {
         add_remote_ip(request, &ctx.0).await?;
         let funs = iam_constants::get_tardis_inst();
-        let account_ids = IamRoleServ::find_id_rel_accounts(&role_id.0, None, None, &funs, &ctx.0).await?;
+        let role_id = RbumItemServ::find_one_rbum(
+            &RbumBasicFilterReq {
+                code: Some(role_code.0),
+                ..Default::default()
+            },
+            &funs,
+            &ctx.0,
+        )
+        .await?
+        .ok_or_else(|| funs.err().internal_error("iam_ci_role", "get_rel_accounts", "role is not found", "404-iam-res-not-exist"))?
+        .id;
+        let account_ids = IamRoleServ::find_id_rel_accounts(&role_id, None, None, &funs, &ctx.0).await?;
         let certs = IamCertServ::find_certs(
             &RbumCertFilterReq {
                 basic: RbumBasicFilterReq {