1191 lines
31 KiB
Go
1191 lines
31 KiB
Go
// Copyright 2019 Sorint.lab
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package command
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"path"
|
|
|
|
"github.com/sorintlab/agola/internal/db"
|
|
"github.com/sorintlab/agola/internal/services/configstore/readdb"
|
|
"github.com/sorintlab/agola/internal/services/types"
|
|
"github.com/sorintlab/agola/internal/util"
|
|
"github.com/sorintlab/agola/internal/wal"
|
|
|
|
"github.com/pkg/errors"
|
|
uuid "github.com/satori/go.uuid"
|
|
"go.uber.org/zap"
|
|
)
|
|
|
|
type CommandHandler struct {
|
|
log *zap.SugaredLogger
|
|
readDB *readdb.ReadDB
|
|
wal *wal.WalManager
|
|
}
|
|
|
|
func NewCommandHandler(logger *zap.Logger, readDB *readdb.ReadDB, wal *wal.WalManager) *CommandHandler {
|
|
return &CommandHandler{
|
|
log: logger.Sugar(),
|
|
readDB: readDB,
|
|
wal: wal,
|
|
}
|
|
}
|
|
|
|
func (s *CommandHandler) CreateProjectGroup(ctx context.Context, projectGroup *types.ProjectGroup) (*types.ProjectGroup, error) {
|
|
if projectGroup.Name == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("project group name required"))
|
|
}
|
|
if projectGroup.Parent.ID == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("project group parent id required"))
|
|
}
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
parentProjectGroup, err := s.readDB.GetProjectGroup(tx, projectGroup.Parent.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if parentProjectGroup == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("project group with id %q doesn't exist", projectGroup.Parent.ID))
|
|
}
|
|
projectGroup.Parent.ID = parentProjectGroup.ID
|
|
|
|
groupPath, err := s.readDB.GetProjectGroupPath(tx, parentProjectGroup)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
pp := path.Join(groupPath, projectGroup.Name)
|
|
|
|
cgNames := []string{pp}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check duplicate project name
|
|
p, err := s.readDB.GetProjectByName(tx, projectGroup.Parent.ID, projectGroup.Name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if p != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("project with name %q, path %q already exists", p.Name, pp))
|
|
}
|
|
// check duplicate project group name
|
|
pg, err := s.readDB.GetProjectGroupByName(tx, projectGroup.Parent.ID, projectGroup.Name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if pg != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("project group with name %q, path %q already exists", pg.Name, pp))
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
projectGroup.ID = uuid.NewV4().String()
|
|
projectGroup.Parent.Type = types.ConfigTypeProjectGroup
|
|
|
|
pcj, err := json.Marshal(projectGroup)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal projectGroup")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeProjectGroup),
|
|
ID: projectGroup.ID,
|
|
Data: pcj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return projectGroup, err
|
|
}
|
|
|
|
func (s *CommandHandler) CreateProject(ctx context.Context, project *types.Project) (*types.Project, error) {
|
|
if project.Name == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("project name required"))
|
|
}
|
|
if project.Parent.ID == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("project parent id required"))
|
|
}
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
group, err := s.readDB.GetProjectGroup(tx, project.Parent.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if group == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("project group with id %q doesn't exist", project.Parent.ID))
|
|
}
|
|
project.Parent.ID = group.ID
|
|
|
|
groupPath, err := s.readDB.GetProjectGroupPath(tx, group)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
pp := path.Join(groupPath, project.Name)
|
|
|
|
cgNames := []string{pp}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check duplicate project name
|
|
p, err := s.readDB.GetProjectByName(tx, project.Parent.ID, project.Name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if p != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("project with name %q, path %q already exists", p.Name, pp))
|
|
}
|
|
// check duplicate project group name
|
|
pg, err := s.readDB.GetProjectGroupByName(tx, project.Parent.ID, project.Name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if pg != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("project group with name %q, path %q already exists", pg.Name, pp))
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
project.ID = uuid.NewV4().String()
|
|
project.Parent.Type = types.ConfigTypeProjectGroup
|
|
|
|
pcj, err := json.Marshal(project)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal project")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeProject),
|
|
ID: project.ID,
|
|
Data: pcj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return project, err
|
|
}
|
|
|
|
func (s *CommandHandler) DeleteProject(ctx context.Context, projectRef string) error {
|
|
var project *types.Project
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
|
|
// check project existance
|
|
project, err = s.readDB.GetProject(tx, projectRef)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if project == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("project %q doesn't exist", projectRef))
|
|
}
|
|
group, err := s.readDB.GetProjectGroup(tx, project.Parent.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
cgNames := []string{group.ID}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// TODO(sgotti) delete project secrets/variables
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypeDelete,
|
|
DataType: string(types.ConfigTypeProject),
|
|
ID: project.ID,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return err
|
|
}
|
|
|
|
type CreateUserRequest struct {
|
|
UserName string
|
|
|
|
CreateUserLARequest *CreateUserLARequest
|
|
}
|
|
|
|
func (s *CommandHandler) CreateUser(ctx context.Context, req *CreateUserRequest) (*types.User, error) {
|
|
if req.UserName == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("user name required"))
|
|
}
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
cgNames := []string{req.UserName}
|
|
var rs *types.RemoteSource
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check duplicate user name
|
|
u, err := s.readDB.GetUserByName(tx, req.UserName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if u != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("user with name %q already exists", u.UserName))
|
|
}
|
|
|
|
if req.CreateUserLARequest != nil {
|
|
rs, err = s.readDB.GetRemoteSourceByName(tx, req.CreateUserLARequest.RemoteSourceName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if rs == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("remote source %q doesn't exist", req.CreateUserLARequest.RemoteSourceName))
|
|
}
|
|
user, err := s.readDB.GetUserByLinkedAccountRemoteUserIDandSource(tx, req.CreateUserLARequest.RemoteUserID, rs.ID)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "failed to get user for remote user id %q and remote source %q", req.CreateUserLARequest.RemoteUserID, rs.ID)
|
|
}
|
|
if user != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("user for remote user id %q for remote source %q already exists", req.CreateUserLARequest.RemoteUserID, req.CreateUserLARequest.RemoteSourceName))
|
|
}
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
user := &types.User{
|
|
ID: uuid.NewV4().String(),
|
|
UserName: req.UserName,
|
|
}
|
|
if req.CreateUserLARequest != nil {
|
|
if user.LinkedAccounts == nil {
|
|
user.LinkedAccounts = make(map[string]*types.LinkedAccount)
|
|
}
|
|
|
|
la := &types.LinkedAccount{
|
|
ID: uuid.NewV4().String(),
|
|
RemoteSourceID: rs.ID,
|
|
RemoteUserID: req.CreateUserLARequest.RemoteUserID,
|
|
RemoteUserName: req.CreateUserLARequest.RemoteUserName,
|
|
UserAccessToken: req.CreateUserLARequest.UserAccessToken,
|
|
Oauth2AccessToken: req.CreateUserLARequest.Oauth2AccessToken,
|
|
Oauth2RefreshToken: req.CreateUserLARequest.Oauth2RefreshToken,
|
|
}
|
|
|
|
user.LinkedAccounts[la.ID] = la
|
|
}
|
|
|
|
userj, err := json.Marshal(user)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal user")
|
|
}
|
|
|
|
pg := &types.ProjectGroup{
|
|
ID: uuid.NewV4().String(),
|
|
Parent: types.Parent{
|
|
Type: types.ConfigTypeUser,
|
|
ID: user.ID,
|
|
},
|
|
}
|
|
pgj, err := json.Marshal(pg)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal project group")
|
|
}
|
|
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeUser),
|
|
ID: user.ID,
|
|
Data: userj,
|
|
},
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeProjectGroup),
|
|
ID: pg.ID,
|
|
Data: pgj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return user, err
|
|
}
|
|
|
|
func (s *CommandHandler) DeleteUser(ctx context.Context, userName string) error {
|
|
var user *types.User
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
cgNames := []string{user.UserName}
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check user existance
|
|
user, err = s.readDB.GetUserByName(tx, userName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if user == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("user %q doesn't exist", userName))
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypeDelete,
|
|
DataType: string(types.ConfigTypeUser),
|
|
ID: user.ID,
|
|
},
|
|
}
|
|
|
|
// changegroup is the username (and in future the email) to ensure no
|
|
// concurrent user creation/modification using the same name
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return err
|
|
}
|
|
|
|
type CreateUserLARequest struct {
|
|
UserName string
|
|
RemoteSourceName string
|
|
RemoteUserID string
|
|
RemoteUserName string
|
|
UserAccessToken string
|
|
Oauth2AccessToken string
|
|
Oauth2RefreshToken string
|
|
}
|
|
|
|
func (s *CommandHandler) CreateUserLA(ctx context.Context, req *CreateUserLARequest) (*types.LinkedAccount, error) {
|
|
if req.UserName == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("user name required"))
|
|
}
|
|
if req.RemoteSourceName == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("remote source name required"))
|
|
}
|
|
|
|
var user *types.User
|
|
var rs *types.RemoteSource
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
user, err = s.readDB.GetUserByName(tx, req.UserName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if user == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("user %q doesn't exist", req.UserName))
|
|
}
|
|
|
|
cgNames := []string{user.ID}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
rs, err = s.readDB.GetRemoteSourceByName(tx, req.RemoteSourceName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if rs == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("remote source %q doesn't exist", req.RemoteSourceName))
|
|
}
|
|
|
|
user, err := s.readDB.GetUserByLinkedAccountRemoteUserIDandSource(tx, req.RemoteUserID, rs.ID)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "failed to get user for remote user id %q and remote source %q", req.RemoteUserID, rs.ID)
|
|
}
|
|
if user != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("user for remote user id %q for remote source %q already exists", req.RemoteUserID, req.RemoteSourceName))
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if user.LinkedAccounts == nil {
|
|
user.LinkedAccounts = make(map[string]*types.LinkedAccount)
|
|
}
|
|
|
|
la := &types.LinkedAccount{
|
|
ID: uuid.NewV4().String(),
|
|
RemoteSourceID: rs.ID,
|
|
RemoteUserID: req.RemoteUserID,
|
|
RemoteUserName: req.RemoteUserName,
|
|
UserAccessToken: req.UserAccessToken,
|
|
Oauth2AccessToken: req.Oauth2AccessToken,
|
|
Oauth2RefreshToken: req.Oauth2RefreshToken,
|
|
}
|
|
|
|
user.LinkedAccounts[la.ID] = la
|
|
|
|
userj, err := json.Marshal(user)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal user")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeUser),
|
|
ID: user.ID,
|
|
Data: userj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return la, err
|
|
}
|
|
|
|
func (s *CommandHandler) DeleteUserLA(ctx context.Context, userName, laID string) error {
|
|
if userName == "" {
|
|
return util.NewErrBadRequest(errors.Errorf("user name required"))
|
|
}
|
|
if laID == "" {
|
|
return util.NewErrBadRequest(errors.Errorf("user linked account id required"))
|
|
}
|
|
|
|
var user *types.User
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
user, err = s.readDB.GetUserByName(tx, userName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if user == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("user %q doesn't exist", userName))
|
|
}
|
|
|
|
cgNames := []string{user.ID}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
_, ok := user.LinkedAccounts[laID]
|
|
if !ok {
|
|
return util.NewErrBadRequest(errors.Errorf("linked account id %q for user %q doesn't exist", laID, userName))
|
|
}
|
|
|
|
delete(user.LinkedAccounts, laID)
|
|
|
|
userj, err := json.Marshal(user)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "failed to marshal user")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeUser),
|
|
ID: user.ID,
|
|
Data: userj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return err
|
|
}
|
|
|
|
type UpdateUserLARequest struct {
|
|
UserName string
|
|
LinkedAccountID string
|
|
RemoteUserID string
|
|
RemoteUserName string
|
|
UserAccessToken string
|
|
Oauth2AccessToken string
|
|
Oauth2RefreshToken string
|
|
}
|
|
|
|
func (s *CommandHandler) UpdateUserLA(ctx context.Context, req *UpdateUserLARequest) (*types.LinkedAccount, error) {
|
|
if req.UserName == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("user name required"))
|
|
}
|
|
|
|
var user *types.User
|
|
var rs *types.RemoteSource
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
user, err = s.readDB.GetUserByName(tx, req.UserName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if user == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("user %q doesn't exist", req.UserName))
|
|
}
|
|
|
|
cgNames := []string{user.ID}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
la, ok := user.LinkedAccounts[req.LinkedAccountID]
|
|
if !ok {
|
|
return util.NewErrBadRequest(errors.Errorf("linked account id %q for user %q doesn't exist", req.LinkedAccountID, user.UserName))
|
|
}
|
|
|
|
rs, err = s.readDB.GetRemoteSource(tx, la.RemoteSourceID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if rs == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("remote source with id %q doesn't exist", la.RemoteSourceID))
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
la := user.LinkedAccounts[req.LinkedAccountID]
|
|
|
|
la.RemoteUserID = req.RemoteUserID
|
|
la.RemoteUserName = req.RemoteUserName
|
|
la.UserAccessToken = req.UserAccessToken
|
|
la.Oauth2AccessToken = req.Oauth2AccessToken
|
|
la.Oauth2RefreshToken = req.Oauth2RefreshToken
|
|
|
|
userj, err := json.Marshal(user)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal user")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeUser),
|
|
ID: user.ID,
|
|
Data: userj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return la, err
|
|
}
|
|
|
|
func (s *CommandHandler) CreateUserToken(ctx context.Context, userName, tokenName string) (string, error) {
|
|
if userName == "" {
|
|
return "", util.NewErrBadRequest(errors.Errorf("user name required"))
|
|
}
|
|
|
|
var user *types.User
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
user, err = s.readDB.GetUserByName(tx, userName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if user == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("user %q doesn't exist", userName))
|
|
}
|
|
|
|
cgNames := []string{user.ID}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
if user.Tokens != nil {
|
|
if _, ok := user.Tokens[tokenName]; ok {
|
|
return "", util.NewErrBadRequest(errors.Errorf("token %q for user %q already exists", tokenName, userName))
|
|
}
|
|
}
|
|
|
|
if user.Tokens == nil {
|
|
user.Tokens = make(map[string]string)
|
|
}
|
|
|
|
token := util.EncodeSha1Hex(uuid.NewV4().String())
|
|
user.Tokens[tokenName] = token
|
|
|
|
userj, err := json.Marshal(user)
|
|
if err != nil {
|
|
return "", errors.Wrapf(err, "failed to marshal user")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeUser),
|
|
ID: user.ID,
|
|
Data: userj,
|
|
},
|
|
}
|
|
|
|
// changegroup is the userid
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return token, err
|
|
}
|
|
|
|
func (s *CommandHandler) DeleteUserToken(ctx context.Context, userName, tokenName string) error {
|
|
if userName == "" {
|
|
return util.NewErrBadRequest(errors.Errorf("user name required"))
|
|
}
|
|
if tokenName == "" {
|
|
return util.NewErrBadRequest(errors.Errorf("token name required"))
|
|
}
|
|
|
|
var user *types.User
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
user, err = s.readDB.GetUserByName(tx, userName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if user == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("user %q doesn't exist", userName))
|
|
}
|
|
|
|
cgNames := []string{user.ID}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
_, ok := user.Tokens[tokenName]
|
|
if !ok {
|
|
return util.NewErrBadRequest(errors.Errorf("token %q for user %q doesn't exist", tokenName, userName))
|
|
}
|
|
|
|
delete(user.Tokens, tokenName)
|
|
|
|
userj, err := json.Marshal(user)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "failed to marshal user")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeUser),
|
|
ID: user.ID,
|
|
Data: userj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return err
|
|
}
|
|
|
|
func (s *CommandHandler) CreateRemoteSource(ctx context.Context, remoteSource *types.RemoteSource) (*types.RemoteSource, error) {
|
|
if remoteSource.Name == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("remotesource name required"))
|
|
}
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
cgNames := []string{remoteSource.Name}
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check duplicate remoteSource name
|
|
u, err := s.readDB.GetRemoteSourceByName(tx, remoteSource.Name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if u != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("remoteSource %q already exists", u.Name))
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
remoteSource.ID = uuid.NewV4().String()
|
|
|
|
rsj, err := json.Marshal(remoteSource)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal remotesource")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeRemoteSource),
|
|
ID: remoteSource.ID,
|
|
Data: rsj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return remoteSource, err
|
|
}
|
|
|
|
func (s *CommandHandler) DeleteRemoteSource(ctx context.Context, remoteSourceName string) error {
|
|
var remoteSource *types.RemoteSource
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
cgNames := []string{remoteSource.ID}
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check remoteSource existance
|
|
remoteSource, err = s.readDB.GetRemoteSourceByName(tx, remoteSourceName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if remoteSource == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("remotesource %q doesn't exist", remoteSourceName))
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypeDelete,
|
|
DataType: string(types.ConfigTypeRemoteSource),
|
|
ID: remoteSource.ID,
|
|
},
|
|
}
|
|
|
|
// changegroup is all the remote sources
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return err
|
|
}
|
|
|
|
func (s *CommandHandler) CreateOrg(ctx context.Context, org *types.Organization) (*types.Organization, error) {
|
|
if org.Name == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("org name required"))
|
|
}
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
cgNames := []string{org.Name}
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check duplicate org name
|
|
u, err := s.readDB.GetOrgByName(tx, org.Name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if u != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("org %q already exists", u.Name))
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
org.ID = uuid.NewV4().String()
|
|
orgj, err := json.Marshal(org)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal org")
|
|
}
|
|
|
|
pg := &types.ProjectGroup{
|
|
ID: uuid.NewV4().String(),
|
|
Parent: types.Parent{
|
|
Type: types.ConfigTypeOrg,
|
|
ID: org.ID,
|
|
},
|
|
}
|
|
pgj, err := json.Marshal(pg)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal project group")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeOrg),
|
|
ID: org.ID,
|
|
Data: orgj,
|
|
},
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeProjectGroup),
|
|
ID: pg.ID,
|
|
Data: pgj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return org, err
|
|
}
|
|
|
|
func (s *CommandHandler) DeleteOrg(ctx context.Context, orgName string) error {
|
|
var org *types.Organization
|
|
var projects []*types.Project
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
cgNames := []string{orgName}
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check org existance
|
|
org, err = s.readDB.GetOrgByName(tx, orgName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if org == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("org %q doesn't exist", orgName))
|
|
}
|
|
// TODO(sgotti) delete all project groups, projects etc...
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypeDelete,
|
|
DataType: string(types.ConfigTypeOrg),
|
|
ID: org.ID,
|
|
},
|
|
}
|
|
// delete all org projects
|
|
for _, project := range projects {
|
|
actions = append(actions, &wal.Action{
|
|
ActionType: wal.ActionTypeDelete,
|
|
DataType: string(types.ConfigTypeProject),
|
|
ID: project.ID,
|
|
})
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return err
|
|
}
|
|
|
|
func (s *CommandHandler) CreateSecret(ctx context.Context, secret *types.Secret) (*types.Secret, error) {
|
|
if secret.Name == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("secret name required"))
|
|
}
|
|
if secret.Type != types.SecretTypeInternal {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("wrong secret type %q", secret.Type))
|
|
}
|
|
switch secret.Type {
|
|
case types.SecretTypeInternal:
|
|
if len(secret.Data) == 0 {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("empty secret data"))
|
|
}
|
|
}
|
|
if secret.Parent.Type == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("secret parent type required"))
|
|
}
|
|
if secret.Parent.ID == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("secret parentid required"))
|
|
}
|
|
if secret.Parent.Type != types.ConfigTypeProject && secret.Parent.Type != types.ConfigTypeProjectGroup {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("invalid secret parent type %q", secret.Parent.Type))
|
|
}
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
cgNames := []string{secret.Name}
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
parentID, err := s.readDB.ResolveConfigID(tx, secret.Parent.Type, secret.Parent.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
secret.Parent.ID = parentID
|
|
|
|
// check duplicate secret name
|
|
s, err := s.readDB.GetSecretByName(tx, secret.Parent.ID, secret.Name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if s != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("secret with name %q for %s with id %q already exists", secret.Name, secret.Parent.Type, secret.Parent.ID))
|
|
}
|
|
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
secret.ID = uuid.NewV4().String()
|
|
|
|
secretj, err := json.Marshal(secret)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal secret")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeSecret),
|
|
ID: secret.ID,
|
|
Data: secretj,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return secret, err
|
|
}
|
|
|
|
func (s *CommandHandler) DeleteSecret(ctx context.Context, parentType types.ConfigType, parentRef, secretName string) error {
|
|
var secret *types.Secret
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
parentID, err := s.readDB.ResolveConfigID(tx, parentType, parentRef)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check secret existance
|
|
secret, err = s.readDB.GetSecretByName(tx, parentID, secretName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if secret == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("secret with name %q doesn't exist", secretName))
|
|
}
|
|
|
|
cgNames := []string{secretName}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypeDelete,
|
|
DataType: string(types.ConfigTypeSecret),
|
|
ID: secret.ID,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return err
|
|
}
|
|
|
|
func (s *CommandHandler) CreateVariable(ctx context.Context, variable *types.Variable) (*types.Variable, error) {
|
|
if variable.Name == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("variable name required"))
|
|
}
|
|
if len(variable.Values) == 0 {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("variable values required"))
|
|
}
|
|
if variable.Parent.Type == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("variable parent type required"))
|
|
}
|
|
if variable.Parent.ID == "" {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("variable parent id required"))
|
|
}
|
|
if variable.Parent.Type != types.ConfigTypeProject && variable.Parent.Type != types.ConfigTypeProjectGroup {
|
|
return nil, util.NewErrBadRequest(errors.Errorf("invalid variable parent type %q", variable.Parent.Type))
|
|
}
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
cgNames := []string{variable.Name}
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
parentID, err := s.readDB.ResolveConfigID(tx, variable.Parent.Type, variable.Parent.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
variable.Parent.ID = parentID
|
|
|
|
// check duplicate variable name
|
|
s, err := s.readDB.GetVariableByName(tx, variable.Parent.ID, variable.Name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if s != nil {
|
|
return util.NewErrBadRequest(errors.Errorf("variable with name %q for %s with id %q already exists", variable.Name, variable.Parent.Type, variable.Parent.ID))
|
|
}
|
|
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
variable.ID = uuid.NewV4().String()
|
|
|
|
variablej, err := json.Marshal(variable)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "failed to marshal variable")
|
|
}
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypePut,
|
|
DataType: string(types.ConfigTypeVariable),
|
|
ID: variable.ID,
|
|
Data: variablej,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return variable, err
|
|
}
|
|
|
|
func (s *CommandHandler) DeleteVariable(ctx context.Context, parentType types.ConfigType, parentRef, variableName string) error {
|
|
var variable *types.Variable
|
|
|
|
var cgt *wal.ChangeGroupsUpdateToken
|
|
|
|
// must do all the check in a single transaction to avoid concurrent changes
|
|
err := s.readDB.Do(func(tx *db.Tx) error {
|
|
var err error
|
|
parentID, err := s.readDB.ResolveConfigID(tx, parentType, parentRef)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// check variable existance
|
|
variable, err = s.readDB.GetVariableByName(tx, parentID, variableName)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if variable == nil {
|
|
return util.NewErrBadRequest(errors.Errorf("variable with name %q doesn't exist", variableName))
|
|
}
|
|
|
|
cgNames := []string{variableName}
|
|
cgt, err = s.readDB.GetChangeGroupsUpdateTokens(tx, cgNames)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
actions := []*wal.Action{
|
|
{
|
|
ActionType: wal.ActionTypeDelete,
|
|
DataType: string(types.ConfigTypeVariable),
|
|
ID: variable.ID,
|
|
},
|
|
}
|
|
|
|
_, err = s.wal.WriteWal(ctx, actions, cgt)
|
|
return err
|
|
}
|