refactor: Align Epic 0 & Epic 1 with true microservices architecture
Refactor core kernel and infrastructure to support true microservices architecture where services are independently deployable. Phase 1: Core Kernel Cleanup - Remove database provider from CoreModule (services create their own) - Update ProvideHealthRegistry to not depend on database - Add schema support to database client (NewClientWithSchema) - Update main entry point to remove database dependency - Core kernel now provides only: config, logger, error bus, health, metrics, tracer, service registry Phase 2: Service Registry Implementation - Create ServiceRegistry interface (pkg/registry/registry.go) - Implement Consul registry (internal/registry/consul/consul.go) - Add Consul dependency (github.com/hashicorp/consul/api) - Add registry configuration to config/default.yaml - Add ProvideServiceRegistry() to DI container Phase 3: Service Client Interfaces - Create service client interfaces: - pkg/services/auth.go - AuthServiceClient - pkg/services/identity.go - IdentityServiceClient - pkg/services/authz.go - AuthzServiceClient - pkg/services/audit.go - AuditServiceClient - Create ServiceClientFactory (internal/client/factory.go) - Create stub gRPC client implementations (internal/client/grpc/) - Add ProvideServiceClientFactory() to DI container Phase 4: gRPC Service Definitions - Create proto files for all core services: - api/proto/auth.proto - api/proto/identity.proto - api/proto/authz.proto - api/proto/audit.proto - Add generate-proto target to Makefile Phase 5: API Gateway Implementation - Create API Gateway service entry point (cmd/api-gateway/main.go) - Create Gateway implementation (services/gateway/gateway.go) - Add gateway configuration to config/default.yaml - Gateway registers with Consul and routes requests to backend services All code compiles successfully. Core services (Auth, Identity, Authz, Audit) will be implemented in Epic 2 using these foundations.
This commit is contained in:
80
api/proto/authz.proto
Normal file
80
api/proto/authz.proto
Normal file
@@ -0,0 +1,80 @@
|
||||
syntax = "proto3";
|
||||
|
||||
package authz.v1;
|
||||
|
||||
option go_package = "git.dcentral.systems/toolz/goplt/api/proto/generated/authz/v1;authzv1";
|
||||
|
||||
// AuthzService provides authorization operations.
|
||||
service AuthzService {
|
||||
// Authorize checks if a user has a specific permission and returns an error if not.
|
||||
rpc Authorize(AuthorizeRequest) returns (AuthorizeResponse);
|
||||
|
||||
// HasPermission checks if a user has a specific permission.
|
||||
rpc HasPermission(HasPermissionRequest) returns (HasPermissionResponse);
|
||||
|
||||
// GetUserPermissions returns all permissions for a user.
|
||||
rpc GetUserPermissions(GetUserPermissionsRequest) returns (GetUserPermissionsResponse);
|
||||
|
||||
// GetUserRoles returns all roles for a user.
|
||||
rpc GetUserRoles(GetUserRolesRequest) returns (GetUserRolesResponse);
|
||||
}
|
||||
|
||||
// Permission represents a permission in the system.
|
||||
message Permission {
|
||||
string id = 1;
|
||||
string code = 2;
|
||||
string name = 3;
|
||||
string description = 4;
|
||||
}
|
||||
|
||||
// Role represents a role in the system.
|
||||
message Role {
|
||||
string id = 1;
|
||||
string name = 2;
|
||||
string description = 3;
|
||||
repeated string permissions = 4; // Permission codes
|
||||
}
|
||||
|
||||
// AuthorizeRequest contains user ID and permission to check.
|
||||
message AuthorizeRequest {
|
||||
string user_id = 1;
|
||||
string permission = 2;
|
||||
}
|
||||
|
||||
// AuthorizeResponse indicates authorization result.
|
||||
message AuthorizeResponse {
|
||||
bool authorized = 1;
|
||||
string message = 2;
|
||||
}
|
||||
|
||||
// HasPermissionRequest contains user ID and permission to check.
|
||||
message HasPermissionRequest {
|
||||
string user_id = 1;
|
||||
string permission = 2;
|
||||
}
|
||||
|
||||
// HasPermissionResponse indicates if the user has the permission.
|
||||
message HasPermissionResponse {
|
||||
bool has_permission = 1;
|
||||
}
|
||||
|
||||
// GetUserPermissionsRequest contains a user ID.
|
||||
message GetUserPermissionsRequest {
|
||||
string user_id = 1;
|
||||
}
|
||||
|
||||
// GetUserPermissionsResponse contains all permissions for the user.
|
||||
message GetUserPermissionsResponse {
|
||||
repeated Permission permissions = 1;
|
||||
}
|
||||
|
||||
// GetUserRolesRequest contains a user ID.
|
||||
message GetUserRolesRequest {
|
||||
string user_id = 1;
|
||||
}
|
||||
|
||||
// GetUserRolesResponse contains all roles for the user.
|
||||
message GetUserRolesResponse {
|
||||
repeated Role roles = 1;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user