有一个permissions
集合,其中包含权限以及为给定资源分配了该权限的用户或组。permissions
[{
"_id": 1,
"resource": "resource:docs/61",
"permissions": [
{
"permission": "role:documentOwner",
"users": [
"user:abc",
"user:def",
"group:abc",
"group:bff"
]
},
{
"permission": "document.read",
"users": ["user:xxx"]
},
{
"permission": "document.update",
"users": ["user:xxx"]
}
]
}]
和将用户分配到组的groups
集合。groups
[
{
"_id": 1,
"id": "abc",
"name": "Test Group",
"users": ["cpo", "yyy"]
},
{
"_id": 2,
"id": "bff",
"name": "Another Group",
"users": ["xxx"]
}
]
我正在尝试查询permissions
集合中的resource:docs/61
,对于每个权限,将users
属性中的任何组解析为匹配组的users
。
预期结果
{
"resource": "resource:docs/61",
"permissions": [
{
"permission": "role:documentOwner",
"users": [
"user:abc",
"user:def",
"user:cpo",
"user:yyy",
"user:xxx"
]
},
{
"permission": "document.read",
"users": ["user:xxx"]
},
{
"permission": "document.update",
"users": ["user:xxx"]
}
]
}
型
我安装了一个Mongo Playground,我一直在尝试让它工作......但没有成功。下面是我目前的尝试。我不知道如何将组Map到他们尊敬的用户,然后逆转$unwind
。或者我甚至不需要$unwind
🤷 ♂️
db.permissions.aggregate([
{
"$match": {
"resource": "resource:docs/61"
}
},
{
$unwind: "$permissions"
},
{
"$lookup": {
"from": "groups",
"let": {
"users": {
"$filter": {
"input": "$permissions.users",
"as": "user",
"cond": {
"$ne": [
-1,
{
"$indexOfCP": [
"$$user",
"group:"
]
}
]
}
}
}
},
"pipeline": [
{
"$match": {
"$expr": {
"$in": [
{
"$concat": [
"group:",
"$id"
]
},
"$$users"
]
}
}
},
{
"$project": {
"_id": 0,
"id": {
"$concat": [
"group:",
"$id"
]
},
"users": 1
}
}
],
"as": "groups"
}
},
{
"$project": {
"groups": 1,
"permissions": {
"permission": "$permissions.permission",
"users": "permissions.users"
}
}
}
])
1条答案
按热度按时间fwzugrvs1#
您需要:
$unwind
permissions
使后续阶段的处理更轻松1.带有“已处理”键的
$lookup
:group:
1.使用
$lookup
结果对您的permissions.users
数组执行$setUnion
。请记住首先对组条目执行$filter
。$group
以取回原始/预期结构。Mongo Playground