Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
206639cf72 | ||
|
|
9a47a74764 | ||
|
|
8cbf36c5b3 | ||
|
|
21daaf1819 |
2
go.mod
2
go.mod
@@ -3,7 +3,7 @@ module gitea.tecamino.com/paadi/access-handler
|
|||||||
go 1.24.5
|
go 1.24.5
|
||||||
|
|
||||||
require (
|
require (
|
||||||
gitea.tecamino.com/paadi/dbHandler v1.1.6
|
gitea.tecamino.com/paadi/dbHandler v1.1.10
|
||||||
gitea.tecamino.com/paadi/tecamino-logger v0.2.1
|
gitea.tecamino.com/paadi/tecamino-logger v0.2.1
|
||||||
github.com/gin-gonic/gin v1.11.0
|
github.com/gin-gonic/gin v1.11.0
|
||||||
github.com/go-playground/assert/v2 v2.2.0
|
github.com/go-playground/assert/v2 v2.2.0
|
||||||
|
|||||||
4
go.sum
4
go.sum
@@ -1,5 +1,5 @@
|
|||||||
gitea.tecamino.com/paadi/dbHandler v1.1.6 h1:Mz7ioUmozXx22oV3P7GHsvQn/2QKOjkNyzdptvqbaN8=
|
gitea.tecamino.com/paadi/dbHandler v1.1.10 h1:zZQbDTJ0bu6CIW90Zms8yYIzTLHtWPNhVKRxLUXEDuE=
|
||||||
gitea.tecamino.com/paadi/dbHandler v1.1.6/go.mod h1:y/xn/POJg1DO++67uKvnO23lJQgh+XFQq7HZCS9Getw=
|
gitea.tecamino.com/paadi/dbHandler v1.1.10/go.mod h1:y/xn/POJg1DO++67uKvnO23lJQgh+XFQq7HZCS9Getw=
|
||||||
gitea.tecamino.com/paadi/tecamino-logger v0.2.1 h1:sQTBKYPdzn9mmWX2JXZBtGBvNQH7cuXIwsl4TD0aMgE=
|
gitea.tecamino.com/paadi/tecamino-logger v0.2.1 h1:sQTBKYPdzn9mmWX2JXZBtGBvNQH7cuXIwsl4TD0aMgE=
|
||||||
gitea.tecamino.com/paadi/tecamino-logger v0.2.1/go.mod h1:FkzRTldUBBOd/iy2upycArDftSZ5trbsX5Ira5OzJgM=
|
gitea.tecamino.com/paadi/tecamino-logger v0.2.1/go.mod h1:FkzRTldUBBOd/iy2upycArDftSZ5trbsX5Ira5OzJgM=
|
||||||
github.com/bytedance/sonic v1.14.0 h1:/OfKt8HFw0kh2rj8N0F6C/qPGRESq0BbaNZgcNXXzQQ=
|
github.com/bytedance/sonic v1.14.0 h1:/OfKt8HFw0kh2rj8N0F6C/qPGRESq0BbaNZgcNXXzQQ=
|
||||||
|
|||||||
@@ -15,8 +15,9 @@ import (
|
|||||||
// authentication and authorization operations can be performed
|
// authentication and authorization operations can be performed
|
||||||
// consistently across the application.
|
// consistently across the application.
|
||||||
type AccessHandler struct {
|
type AccessHandler struct {
|
||||||
dbHandler *dbHandler.DBHandler // Database handler used for managing users and roles
|
dbHandler *dbHandler.DBHandler // Database handler used for managing users and roles
|
||||||
logger *logging.Logger // Centralized application logger
|
logger *logging.Logger // Centralized application logger
|
||||||
|
NewDBCreated bool // inticator new user db created
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewAccessHandler
|
// NewAccessHandler
|
||||||
@@ -81,6 +82,9 @@ func NewAccessHandler(path string, logger *logging.Logger) (aH *AccessHandler, e
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//indicator that user database was created
|
||||||
|
aH.NewDBCreated = aH.dbHandler.NewCreatedDB
|
||||||
|
|
||||||
logger.Debug("NewAccessHandler", "add default role")
|
logger.Debug("NewAccessHandler", "add default role")
|
||||||
// Add default roles to the system
|
// Add default roles to the system
|
||||||
err = aH.AddDefaultRole()
|
err = aH.AddDefaultRole()
|
||||||
|
|||||||
@@ -241,7 +241,8 @@ func (aH *AccessHandler) getUserFromDB(c *gin.Context, userName string) (user mo
|
|||||||
hasError = true
|
hasError = true
|
||||||
// Fetch user record from DB
|
// Fetch user record from DB
|
||||||
var dbRecord []models.User
|
var dbRecord []models.User
|
||||||
err := aH.dbHandler.GetByKey(&dbRecord, "Role", "user_name", userName, false)
|
|
||||||
|
err := aH.dbHandler.GetByKey(&dbRecord, "user_name", userName, false, "Role")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
aH.logger.Error("Login", err)
|
aH.logger.Error("Login", err)
|
||||||
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
|
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
|
||||||
|
|||||||
@@ -132,7 +132,7 @@ func (aH *AccessHandler) AuthorizeRole(suffix string, exeptions ...string) gin.H
|
|||||||
|
|
||||||
// Fetch roles and associated permissions from the database or store
|
// Fetch roles and associated permissions from the database or store
|
||||||
var roles []models.Role
|
var roles []models.Role
|
||||||
err := aH.dbHandler.GetByKey(&roles, "", "role", role, false)
|
err := aH.dbHandler.GetByKey(&roles, "role", role, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
aH.logger.Error("AuthorizeRole", err)
|
aH.logger.Error("AuthorizeRole", err)
|
||||||
c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"message": http.StatusInternalServerError})
|
c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"message": http.StatusInternalServerError})
|
||||||
|
|||||||
@@ -17,7 +17,7 @@ func (aH *AccessHandler) AddDefaultRole() (err error) {
|
|||||||
role := "admin"
|
role := "admin"
|
||||||
|
|
||||||
// Check if a role with this name already exists
|
// Check if a role with this name already exists
|
||||||
if aH.dbHandler.Exists(&models.Role{}, "", "role", role, false) {
|
if aH.dbHandler.Exists(&models.Role{}, "role", role, false) {
|
||||||
// Found a role → skip creation
|
// Found a role → skip creation
|
||||||
aH.logger.Debug("AddDefaultRole", "role "+role+" exists already")
|
aH.logger.Debug("AddDefaultRole", "role "+role+" exists already")
|
||||||
return nil
|
return nil
|
||||||
@@ -52,7 +52,7 @@ func (aH *AccessHandler) AddRole(c *gin.Context) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check if a role with this name already exists
|
// Check if a role with this name already exists
|
||||||
if aH.dbHandler.Exists(&models.Role{}, "", "role", role.Role, false) {
|
if aH.dbHandler.Exists(&models.Role{}, "role", role.Role, false) {
|
||||||
aH.logger.Error("AddRole", fmt.Sprintf("role with name %s already exists", role.Role))
|
aH.logger.Error("AddRole", fmt.Sprintf("role with name %s already exists", role.Role))
|
||||||
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse(fmt.Sprintf("role with name %s already exists", role.Role)))
|
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse(fmt.Sprintf("role with name %s already exists", role.Role)))
|
||||||
return
|
return
|
||||||
@@ -78,7 +78,7 @@ func (aH *AccessHandler) GetRole(c *gin.Context) {
|
|||||||
id := c.Query("id")
|
id := c.Query("id")
|
||||||
|
|
||||||
if role != "" {
|
if role != "" {
|
||||||
err = aH.dbHandler.GetByKey(&roles, "", "role", role, false)
|
err = aH.dbHandler.GetByKey(&roles, "role", role, false)
|
||||||
} else if id != "" {
|
} else if id != "" {
|
||||||
i, err = strconv.Atoi(id)
|
i, err = strconv.Atoi(id)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -87,9 +87,9 @@ func (aH *AccessHandler) GetRole(c *gin.Context) {
|
|||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
err = aH.dbHandler.GetById(&roles, "", uint(i))
|
err = aH.dbHandler.GetById(&roles, uint(i))
|
||||||
} else {
|
} else {
|
||||||
err = aH.dbHandler.GetById(&roles, "", 0)
|
err = aH.dbHandler.GetById(&roles, 0)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -110,7 +110,7 @@ func (aH *AccessHandler) UpdateRole(c *gin.Context) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if role.Id != 0 {
|
if role.Id != 0 {
|
||||||
err := aH.dbHandler.UpdateValuesById(&role, "", role.Id)
|
err := aH.dbHandler.UpdateValuesById(&role, role.Id)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
aH.logger.Error("UpdateRole", err)
|
aH.logger.Error("UpdateRole", err)
|
||||||
c.JSON(http.StatusInternalServerError, nil)
|
c.JSON(http.StatusInternalServerError, nil)
|
||||||
@@ -160,7 +160,7 @@ func (aH *AccessHandler) DeleteRole(c *gin.Context) {
|
|||||||
ownRole = role
|
ownRole = role
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
err = aH.dbHandler.DeleteByKey(&models.Role{}, "", "role", role, false)
|
err = aH.dbHandler.DeleteByKey(&models.Role{}, "role", role, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
aH.logger.Error("DeleteRole", err)
|
aH.logger.Error("DeleteRole", err)
|
||||||
c.JSON(http.StatusInternalServerError, nil)
|
c.JSON(http.StatusInternalServerError, nil)
|
||||||
|
|||||||
@@ -29,7 +29,7 @@ func (aH *AccessHandler) AddDefaultUser() (err error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check if a user with this email already exists
|
// Check if a user with this email already exists
|
||||||
if aH.dbHandler.Exists(&models.User{}, "", "email", user.Email, false) {
|
if aH.dbHandler.Exists(&models.User{}, "email", user.Email, false) {
|
||||||
aH.logger.Debug("AddDefaultUser", "user email "+user.Email+" exists already")
|
aH.logger.Debug("AddDefaultUser", "user email "+user.Email+" exists already")
|
||||||
// Found a user → skip create
|
// Found a user → skip create
|
||||||
return nil
|
return nil
|
||||||
@@ -42,7 +42,7 @@ func (aH *AccessHandler) AddDefaultUser() (err error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
role := &models.Role{}
|
role := &models.Role{}
|
||||||
if err := aH.dbHandler.GetByKey(role, "", "role", "admin", false); err != nil {
|
if err := aH.dbHandler.GetByKey(role, "role", "admin", false); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
return aH.dbHandler.AddRelation(user, role, "Role")
|
return aH.dbHandler.AddRelation(user, role, "Role")
|
||||||
@@ -64,7 +64,7 @@ func (aH *AccessHandler) AddUser(c *gin.Context) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check if a user with this email already exists
|
// Check if a user with this email already exists
|
||||||
if aH.dbHandler.Exists(&models.User{}, "", "email", user.Email, false) {
|
if aH.dbHandler.Exists(&models.User{}, "email", user.Email, false) {
|
||||||
// Found a user → skip create
|
// Found a user → skip create
|
||||||
aH.logger.Error("AddUser", "user with email "+user.Email+" already exists")
|
aH.logger.Error("AddUser", "user with email "+user.Email+" already exists")
|
||||||
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse(fmt.Sprintf("user with email %s already exists", user.Email)))
|
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse(fmt.Sprintf("user with email %s already exists", user.Email)))
|
||||||
@@ -91,13 +91,13 @@ func (aH *AccessHandler) AddUser(c *gin.Context) {
|
|||||||
aH.logger.Debug("AddUser", "add new user "+user.Name+" with role "+user.Role.Role)
|
aH.logger.Debug("AddUser", "add new user "+user.Name+" with role "+user.Role.Role)
|
||||||
|
|
||||||
if user.Role.Id != 0 {
|
if user.Role.Id != 0 {
|
||||||
if err := aH.dbHandler.GetById(&user.Role, "", user.Role.Id); err != nil {
|
if err := aH.dbHandler.GetById(&user.Role, user.Role.Id); err != nil {
|
||||||
aH.logger.Error("AddUser", err)
|
aH.logger.Error("AddUser", err)
|
||||||
c.JSON(http.StatusInternalServerError, nil)
|
c.JSON(http.StatusInternalServerError, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if err := aH.dbHandler.GetByKey(&user.Role, "", "role", user.Role.Role, false); err != nil {
|
if err := aH.dbHandler.GetByKey(&user.Role, "role", user.Role.Role, false); err != nil {
|
||||||
aH.logger.Error("AddUser", err)
|
aH.logger.Error("AddUser", err)
|
||||||
c.JSON(http.StatusInternalServerError, nil)
|
c.JSON(http.StatusInternalServerError, nil)
|
||||||
return
|
return
|
||||||
@@ -128,7 +128,7 @@ func (aH *AccessHandler) ChangePassword(c *gin.Context) {
|
|||||||
|
|
||||||
// get user to check ChangePassword
|
// get user to check ChangePassword
|
||||||
var dbRecord models.User
|
var dbRecord models.User
|
||||||
err = aH.dbHandler.GetById(&dbRecord, "Role", user.Id)
|
err = aH.dbHandler.GetById(&dbRecord, user.Id, "Role")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
aH.logger.Error("ChangePassword", err)
|
aH.logger.Error("ChangePassword", err)
|
||||||
c.JSON(http.StatusInternalServerError, nil)
|
c.JSON(http.StatusInternalServerError, nil)
|
||||||
@@ -154,7 +154,7 @@ func (aH *AccessHandler) ChangePassword(c *gin.Context) {
|
|||||||
aH.logger.Debug("ChangePassword", "change user "+user.Name+" password")
|
aH.logger.Debug("ChangePassword", "change user "+user.Name+" password")
|
||||||
|
|
||||||
// Update user
|
// Update user
|
||||||
aH.dbHandler.UpdateValuesById(&user, "Role", user.Id)
|
aH.dbHandler.UpdateValuesById(&user, user.Id, "Role")
|
||||||
|
|
||||||
c.JSON(http.StatusOK, gin.H{
|
c.JSON(http.StatusOK, gin.H{
|
||||||
"message": fmt.Sprintf("password of user '%s' changed", user.Name),
|
"message": fmt.Sprintf("password of user '%s' changed", user.Name),
|
||||||
@@ -178,7 +178,7 @@ func (aH *AccessHandler) GetUser(c *gin.Context) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
var users []models.User
|
var users []models.User
|
||||||
err = aH.dbHandler.GetById(&users, "Role", uint(i))
|
err = aH.dbHandler.GetById(&users, uint(i), "Role")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
aH.logger.Error("GetUser", err)
|
aH.logger.Error("GetUser", err)
|
||||||
c.JSON(http.StatusInternalServerError, nil)
|
c.JSON(http.StatusInternalServerError, nil)
|
||||||
@@ -194,7 +194,7 @@ func (aH *AccessHandler) UpdateUser(c *gin.Context) {
|
|||||||
c.JSON(http.StatusInternalServerError, nil)
|
c.JSON(http.StatusInternalServerError, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
err := aH.dbHandler.UpdateValuesById(&user, "Role", user.Id)
|
err := aH.dbHandler.UpdateValuesById(&user, user.Id, "Role")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
aH.logger.Error("UpdateUser", err)
|
aH.logger.Error("UpdateUser", err)
|
||||||
c.JSON(http.StatusInternalServerError, nil)
|
c.JSON(http.StatusInternalServerError, nil)
|
||||||
|
|||||||
Reference in New Issue
Block a user