DevChat 初探之 RBAC 模型的实现

今天我们来尝试一款编程辅助助手 DevChat, 看能不能提升咱们的日常编程效率。作为一款编程助手，我们来看看它与 Copilot, CodeWhisperer 同领域产品的一些区别和特色。定个小目标，通过 DevChat 实现一个简单的 RBAC 模型，小试牛刀一下，看看整个过程是不是足够丝滑。

首先讲讲这个安装过程还是挺便捷的，以 VsCode 插件的形式，便于开发者直接在开发过程中无缝衔接，不需要单独下载软件，边开发边聊天，跟它聊完天，开发任务也完成了，整个思路还是不错的。插件仅需将对应的 Key 填写即可生效，相对于其他的几个产品有一定便捷性的优势，不要额外登陆账号。

接下来开始我们的编程，小小的让它用 Go 语言实现一个 RBAC 权限模型。

/code Can you implement the RBAC model by Golang?

package main

import "fmt"

// Define roles
const (
	RoleGuest = "guest"
	RoleUser  = "user"
	RoleAdmin = "admin"
)

// User struct to hold user information
type User struct {
	Name string
	Role string
}

// Permissions struct to define allowed actions for a role
type Permissions struct {
	CanView   bool
	CanEdit   bool
	CanDelete bool
}

// RolePermissionsMap maps roles to their respective permissions
var RolePermissionsMap = map[string]Permissions{
	RoleGuest: {
		CanView:   true,
		CanEdit:   false,
		CanDelete: false,
	},
	RoleUser: {
		CanView:   true,
		CanEdit:   true,
		CanDelete: false,
	},
	RoleAdmin: {
		CanView:   true,
		CanEdit:   true,
		CanDelete: true,
	},
}

// CheckPermission checks if a user has permission for a specific action
func CheckPermission(user User, action string) bool {
	permissions := RolePermissionsMap[user.Role]

	switch action {
	case "view":
		return permissions.CanView
	case "edit":
		return permissions.CanEdit
	case "delete":
		return permissions.CanDelete
	default:
		return false
	}
}

func main() {
	// Create some users
	user1 := User{"John", RoleGuest}
	user2 := User{"Alice", RoleUser}
	user3 := User{"Admin", RoleAdmin}

	// Example usage
	fmt.Println(user1.Name, "can view:", CheckPermission(user1, "view"))     // Output: true
	fmt.Println(user2.Name, "can delete:", CheckPermission(user2, "delete")) // Output: false
	fmt.Println(user3.Name, "can edit:", CheckPermission(user3, "edit"))     // Output: true
}

这里我们可以看到，给出的 Demo 基本符合要求，实现了一个简单的 RBAC 模型，同时为我们生成了一定的例子。

接下来我们要进行一定的业务调整考考它，现在假如来了一个新的需求，添加一个超级管理员，如果是超级管理员，拥有所有权限，看它能否成功实现。

/code Based on the above code, implement a super administrator role, if it is a super administrator it has all permissions

这里其实有两个考点，一个是能否正常的关联上下文，牛头不对马嘴的回答就毫无意义，然后是正确理解需求，实现需求的过程。我们来看看它的回答。

Certainly! Here is an implementation that includes a super administrator role, which has all permissions:

```go
package main

import "fmt"

// Define roles
const (
	RoleGuest   = "guest"
	RoleUser    = "user"
	RoleAdmin   = "admin"
	RoleSuperAdmin = "superadmin"
)

// User struct to hold user information
type User struct {
	Name string
	Role string
}

// Permissions struct to define allowed actions for a role
type Permissions struct {
	CanView   bool
	CanEdit   bool
	CanDelete bool
}

// RolePermissionsMap maps roles to their respective permissions
var RolePermissionsMap = map[string]Permissions{
	RoleGuest: {
		CanView:   true,
		CanEdit:   false,
		CanDelete: false,
	},
	RoleUser: {
		CanView:   true,
		CanEdit:   true,
		CanDelete: false,
	},
	RoleAdmin: {
		CanView:   true,
		CanEdit:   true,
		CanDelete: true,
	},
	RoleSuperAdmin: {
		CanView:   true,
		CanEdit:   true,
		CanDelete: true,
	},
}

// CheckPermission checks if a user has permission for a specific action
func CheckPermission(user User, action string) bool {
	permissions := RolePermissionsMap[user.Role]

	switch action {
	case "view":
		return permissions.CanView
	case "edit":
		return permissions.CanEdit
	case "delete":
		return permissions.CanDelete
	default:
		return false
	}
}

func main() {
	// Create some users
	user1 := User{"John", RoleGuest}
	user2 := User{"Alice", RoleUser}
	user3 := User{"Admin", RoleAdmin}
	user4 := User{"SuperAdmin", RoleSuperAdmin}

	// Example usage
	fmt.Println(user1.Name, "can view:", CheckPermission(user1, "view"))      // Output: true
	fmt.Println(user2.Name, "can delete:", CheckPermission(user2, "delete"))  // Output: false
	fmt.Println(user3.Name, "can edit:", CheckPermission(user3, "edit"))      // Output: true
	fmt.Println(user4.Name, "can delete:", CheckPermission(user4, "delete"))  // Output: true
}
```

In this implementation, the super administrator has all permissions, so it will return `true` for all actions.

很好，上下文关联正常，没有出现新生成的内容和历史内容无关的情况，并且成功实现了对应的超级管理员需求。

成功实现了实现初始需求，和新增需求，我们是不是该测试一下它测试用例实现情况。

/code Generate corresponding test cases based on the above code

package main

import (
	"fmt"
	"testing"
)

func TestCheckPermission(t *testing.T) {
	user1 := User{"John", RoleGuest}
	user2 := User{"Alice", RoleUser}
	user3 := User{"Admin", RoleAdmin}
	user4 := User{"SuperAdmin", RoleSuperAdmin}

	testCases := []struct {
		user          User
		action        string
		expectedValue bool
	}{
		{user1, "view", true},         // Guest user can view
		{user1, "edit", false},        // Guest user can't edit
		{user2, "view", true},         // User can view
		{user2, "edit", true},         // User can edit
		{user2, "delete", false},      // User can't delete
		{user3, "view", true},         // Admin can view
		{user3, "edit", true},         // Admin can edit
		{user3, "delete", true},       // Admin can delete
		{user4, "view", true},         // SuperAdmin can view
		{user4, "edit", true},         // SuperAdmin can edit
		{user4, "delete", true},       // SuperAdmin can delete
		{User{"Unknown", "unknown"}, "view", false}, // Unknown user role
		{user1, "unknown", false},     // Unknown action
	}

	for _, testCase := range testCases {
		result := CheckPermission(testCase.user, testCase.action)
		if result != testCase.expectedValue {
			t.Errorf("Failed test case for user '%s' and action '%s'. Expected: %t, got: %t",
				testCase.user.Name, testCase.action, testCase.expectedValue, result)
		}
	}
}

不错，对应的测试用例也补充完整了，测试用例也成功通过。

从初期的 Demo 实现到需求变更，最后的测试用例编写。DevChat 都能很好的胜任我们的工作，语义的正确理解，上下文的正确关联，都表现得十分出色。体验下来还是有不错的产品特色，支持多个大语言模型，从海外的 ChatGPT 到国内的火星大模型，都有对应的接入，像一个聚合的百宝箱一样，给开发人员带来惊喜。

KOL粉丝专属福利介绍，参赛成功的KOL会有专属红包兑换码，11月31日之前，粉丝可借助邀请码在Devchat兑换10元余额。

下载官网：https://www.devchat.ai