louis/oktopus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refact(controller): user level types

Browse Source
This commit is contained in:
leandrofars 2024-07-02 12:32:15 -03:00
parent 9b2a39b66b
commit b7b5bdfe90
4 changed files with 21 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
backend/services/controller/internal/api/api.go
View File

@ -29,11 +29,6 @@ type Api struct {
const REQUEST_TIMEOUT = time.Second * 30
const (
NormalUser = iota
AdminUser
)
func NewApi(c *config.Config, js jetstream.JetStream, nc *nats.Conn, bridge bridge.Bridge, d db.Database, kv jetstream.KeyValue) Api {
return Api{
port: c.RestApi.Port,

3
backend/services/controller/internal/api/device.go
View File

@ -8,6 +8,7 @@ import (
"strconv"
"github.com/leandrofars/oktopus/internal/bridge"
"github.com/leandrofars/oktopus/internal/db"
local "github.com/leandrofars/oktopus/internal/nats"
"github.com/leandrofars/oktopus/internal/utils"
"github.com/nats-io/nats.go/jetstream"
@ -134,7 +135,7 @@ func (a *Api) deviceAuth(w http.ResponseWriter, r *http.Request) {
utils.MarshallEncoder(err, w)
return
}
if user.Level != AdminUser {
if user.Level != db.AdminUser {
w.WriteHeader(http.StatusForbidden)
return
}

12
backend/services/controller/internal/api/user.go
View File

@ -51,7 +51,7 @@ func (a *Api) registerUser(w http.ResponseWriter, r *http.Request) {
//Check if user which is requesting creation has the necessary privileges
rUser, err := a.db.FindUser(email)
if rUser.Level != AdminUser {
if rUser.Level != db.AdminUser {
w.WriteHeader(http.StatusForbidden)
return
}
@ -63,7 +63,7 @@ func (a *Api) registerUser(w http.ResponseWriter, r *http.Request) {
return
}
user.Level = NormalUser
user.Level = db.NormalUser
if err := user.HashPassword(user.Password); err != nil {
w.WriteHeader(http.StatusInternalServerError)
@ -112,7 +112,7 @@ func (a *Api) deleteUser(w http.ResponseWriter, r *http.Request) {
userEmail := mux.Vars(r)["user"]
if rUser.Email == userEmail || (rUser.Level == AdminUser && rUser.Email != userEmail) { //Admin can delete any account, but admin account can never be deleted
if rUser.Email == userEmail || (rUser.Level == db.AdminUser && rUser.Email != userEmail) { //Admin can delete any account, but admin account can never be deleted
if err := a.db.DeleteUser(userEmail); err != nil {
w.WriteHeader(http.StatusInternalServerError)
json.NewEncoder(w).Encode(err)
@ -138,7 +138,7 @@ func (a *Api) changePassword(w http.ResponseWriter, r *http.Request) {
userToChangePasswd := mux.Vars(r)["user"]
if userToChangePasswd != "" && userToChangePasswd != email {
rUser, _ := a.db.FindUser(email)
if rUser.Level != AdminUser {
if rUser.Level != db.AdminUser {
w.WriteHeader(http.StatusForbidden)
return
}
@ -189,7 +189,7 @@ func (a *Api) registerAdminUser(w http.ResponseWriter, r *http.Request) {
return
}
user.Level = AdminUser
user.Level = db.AdminUser
if err := user.HashPassword(user.Password); err != nil {
w.WriteHeader(http.StatusInternalServerError)
@ -204,7 +204,7 @@ func (a *Api) registerAdminUser(w http.ResponseWriter, r *http.Request) {
func adminUserExists(users []map[string]interface{}) bool {
for _, x := range users {
if x["level"].(int32) == AdminUser {
if x["level"].(db.UserLevels) == db.AdminUser {
log.Println("Admin exists")
return true
}

18
backend/services/controller/internal/db/user.go
View File

@ -9,12 +9,20 @@ import (
"golang.org/x/crypto/bcrypt"
)
type UserLevels int32
const (
NormalUser UserLevels = iota
AdminUser
OktopusUser
)
type User struct {
Email string `json:"email"`
Name string `json:"name"`
Password string `json:"password,omitempty"`
Level int `json:"level"`
Phone string `json:"phone"`
Email string `json:"email"`
Name string `json:"name"`
Password string `json:"password,omitempty"`
Level UserLevels `json:"level"`
Phone string `json:"phone"`
}
var ErrorUserExists = errors.New("User already exists")