Skip to content

Commit

Permalink
refactor: update claim check logic
Browse files Browse the repository at this point in the history
  • Loading branch information
@MuZhou233
MuZhou233 committed Dec 21, 2023
1 parent edb2fa6 commit 643cc5a
Show file tree
Hide file tree
Showing 13 changed files with 182 additions and 259 deletions.
33 changes: 14 additions & 19 deletions app/sephirah/internal/biz/bizchesed/chesed.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"strconv"
"sync"

"github.com/tuihub/librarian/app/sephirah/internal/biz/bizutils"
"github.com/tuihub/librarian/app/sephirah/internal/client"
"github.com/tuihub/librarian/app/sephirah/internal/model/modelbinah"
"github.com/tuihub/librarian/app/sephirah/internal/model/modelchesed"
Expand Down Expand Up @@ -97,8 +98,8 @@ func NewImageCache(

func (c *Chesed) UploadImage(ctx context.Context, image modelchesed.Image,
metadata modelbinah.FileMetadata) (string, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return "", pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx) == nil {
return "", bizutils.NoPermissionError()
}
if err := metadata.Check(); err != nil {
return "", pb.ErrorErrorReasonBadRequest("invalid file metadata: %s", err.Error())
Expand All @@ -121,9 +122,9 @@ func (c *Chesed) UploadImage(ctx context.Context, image modelchesed.Image,
}

func (c *Chesed) UploadImageCallback(ctx context.Context, id model.InternalID) error {
claims, exist := libauth.FromContext(ctx)
if !exist {
return pb.ErrorErrorReasonForbidden("no permission")
claims := libauth.FromContext(ctx)
if claims == nil {
return bizutils.NoPermissionError()
}
image, err := c.imageCache.Get(ctx, id)
if err != nil {
Expand Down Expand Up @@ -181,12 +182,9 @@ func (c *Chesed) ScanImage(ctx context.Context) {
}

func (c *Chesed) ListImages(ctx context.Context, paging model.Paging) ([]model.InternalID, int64, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return nil, 0, pb.ErrorErrorReasonForbidden("no permission")
}
claims, exist := libauth.FromContext(ctx)
if !exist {
return nil, 0, pb.ErrorErrorReasonForbidden("no permission")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return nil, 0, bizutils.NoPermissionError()
}
images, total, err := c.repo.ListImages(ctx, claims.InternalID, paging)
if err != nil {
Expand All @@ -201,8 +199,8 @@ func (c *Chesed) ListImages(ctx context.Context, paging model.Paging) ([]model.I

func (c *Chesed) SearchImages(ctx context.Context, paging model.Paging, keywords string) (
[]model.InternalID, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return nil, pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx) == nil {
return nil, bizutils.NoPermissionError()
}
ids, err := c.searcher.SearchID(ctx,
paging,
Expand All @@ -216,12 +214,9 @@ func (c *Chesed) SearchImages(ctx context.Context, paging model.Paging, keywords
}

func (c *Chesed) DownloadImage(ctx context.Context, id model.InternalID) (string, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return "", pb.ErrorErrorReasonForbidden("no permission")
}
claims, exist := libauth.FromContext(ctx)
if !exist {
return "", pb.ErrorErrorReasonUnauthorized("empty token")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return "", pb.ErrorErrorReasonUnauthorized("no permission")
}
image, err := c.repo.GetImage(ctx, claims.InternalID, id)
if err != nil {
Expand Down
45 changes: 21 additions & 24 deletions app/sephirah/internal/biz/bizgebura/app.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"strconv"

"github.com/tuihub/librarian/app/sephirah/internal/biz/bizutils"
"github.com/tuihub/librarian/app/sephirah/internal/model/modelangela"
"github.com/tuihub/librarian/app/sephirah/internal/model/modelgebura"
"github.com/tuihub/librarian/internal/lib/libauth"
Expand All @@ -16,8 +17,8 @@ import (
)

func (g *Gebura) CreateApp(ctx context.Context, app *modelgebura.App) (*modelgebura.App, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin) {
return nil, pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin) == nil {
return nil, bizutils.NoPermissionError()
}
id, err := g.searcher.NewID(ctx)
if err != nil {
Expand All @@ -44,8 +45,8 @@ func (g *Gebura) CreateApp(ctx context.Context, app *modelgebura.App) (*modelgeb
}

func (g *Gebura) UpdateApp(ctx context.Context, app *modelgebura.App) *errors.Error {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin) {
return pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin) == nil {
return bizutils.NoPermissionError()
}
app.Source = modelgebura.AppSourceInternal
err := g.repo.UpdateApp(ctx, app)
Expand All @@ -64,8 +65,8 @@ func (g *Gebura) ListApps(
ids []model.InternalID,
containDetails bool,
) ([]*modelgebura.App, int64, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin) {
return nil, 0, pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin) == nil {
return nil, 0, bizutils.NoPermissionError()
}
apps, total, err := g.repo.ListApps(ctx, paging, sources, types, ids, containDetails)
if err != nil {
Expand All @@ -75,8 +76,8 @@ func (g *Gebura) ListApps(
}

func (g *Gebura) MergeApps(ctx context.Context, base modelgebura.App, merged model.InternalID) *errors.Error {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin) {
return pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin) == nil {
return bizutils.NoPermissionError()
}
if base.Source != modelgebura.AppSourceInternal {
return pb.ErrorErrorReasonBadRequest("source must be INTERNAL")
Expand All @@ -90,8 +91,8 @@ func (g *Gebura) MergeApps(ctx context.Context, base modelgebura.App, merged mod

func (g *Gebura) SearchApps(ctx context.Context, paging model.Paging, keyword string) (
[]*modelgebura.App, int, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return nil, 0, pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx) == nil {
return nil, 0, bizutils.NoPermissionError()
}
ids, err := g.searcher.SearchID(ctx, paging, keyword, searcherpb.Index_INDEX_GEBURA_APP)
if err != nil {
Expand All @@ -109,8 +110,8 @@ func (g *Gebura) SearchApps(ctx context.Context, paging model.Paging, keyword st
}

func (g *Gebura) GetApp(ctx context.Context, id model.InternalID) (*modelgebura.App, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return nil, pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx) == nil {
return nil, bizutils.NoPermissionError()
}
apps, err := g.repo.GetBoundApps(ctx, id)
if err != nil {
Expand All @@ -129,8 +130,8 @@ func (g *Gebura) GetApp(ctx context.Context, id model.InternalID) (*modelgebura.
}

func (g *Gebura) GetBindApps(ctx context.Context, id model.InternalID) ([]*modelgebura.App, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return nil, pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx) == nil {
return nil, bizutils.NoPermissionError()
}
apps, err := g.repo.GetBoundApps(ctx, id)
if err != nil {
Expand All @@ -140,11 +141,9 @@ func (g *Gebura) GetBindApps(ctx context.Context, id model.InternalID) ([]*model
}

func (g *Gebura) PurchaseApp(ctx context.Context, id model.InternalID) *errors.Error {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return pb.ErrorErrorReasonForbidden("no permission")
}
if claims, ok := libauth.FromContext(ctx); !ok {
return pb.ErrorErrorReasonForbidden("no permission")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return bizutils.NoPermissionError()
} else {
err := g.repo.PurchaseApp(ctx, claims.InternalID, id)
if err != nil {
Expand All @@ -155,11 +154,9 @@ func (g *Gebura) PurchaseApp(ctx context.Context, id model.InternalID) *errors.E
}

func (g *Gebura) GetPurchasedApps(ctx context.Context) ([]*modelgebura.App, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return nil, pb.ErrorErrorReasonForbidden("no permission")
}
if claims, ok := libauth.FromContext(ctx); !ok {
return nil, pb.ErrorErrorReasonForbidden("no permission")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return nil, bizutils.NoPermissionError()
} else {
apps, err := g.repo.GetPurchasedApps(ctx, claims.InternalID)
if err != nil {
Expand Down
52 changes: 21 additions & 31 deletions app/sephirah/internal/biz/bizgebura/app_package.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package bizgebura
import (
"context"

"github.com/tuihub/librarian/app/sephirah/internal/biz/bizutils"
"github.com/tuihub/librarian/app/sephirah/internal/model/modelgebura"
"github.com/tuihub/librarian/internal/lib/libauth"
"github.com/tuihub/librarian/internal/model"
Expand All @@ -17,12 +18,9 @@ func (g *Gebura) CreateAppPackage(
ctx context.Context,
a *modelgebura.AppPackage,
) (*modelgebura.AppPackage, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return nil, pb.ErrorErrorReasonForbidden("no permission")
}
claims, exist := libauth.FromContext(ctx)
if !exist {
return nil, pb.ErrorErrorReasonUnauthorized("empty token")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return nil, bizutils.NoPermissionError()
}
id, err := g.searcher.NewID(ctx)
if err != nil {
Expand All @@ -46,12 +44,9 @@ func (g *Gebura) CreateAppPackage(
}

func (g *Gebura) UpdateAppPackage(ctx context.Context, a *modelgebura.AppPackage) *errors.Error {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return pb.ErrorErrorReasonForbidden("no permission")
}
claims, exist := libauth.FromContext(ctx)
if !exist {
return pb.ErrorErrorReasonUnauthorized("empty token")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return bizutils.NoPermissionError()
}
a.Source = modelgebura.AppPackageSourceManual
err := g.repo.UpdateAppPackage(ctx, claims.InternalID, a)
Expand All @@ -67,8 +62,8 @@ func (g *Gebura) ListAppPackages(
sources []modelgebura.AppPackageSource,
ids []model.InternalID,
) ([]*modelgebura.AppPackage, int, *errors.Error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return nil, 0, pb.ErrorErrorReasonForbidden("no permission")
if libauth.FromContextAssertUserType(ctx) == nil {
return nil, 0, bizutils.NoPermissionError()
}
res, total, err := g.repo.ListAppPackages(ctx, paging, sources, ids)
if err != nil {
Expand All @@ -82,26 +77,21 @@ func (g *Gebura) AssignAppPackage(
appID model.InternalID,
appPackageID model.InternalID,
) *errors.Error {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return pb.ErrorErrorReasonForbidden("no permission")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return bizutils.NoPermissionError()
}
if claims, ok := libauth.FromContext(ctx); !ok {
return pb.ErrorErrorReasonForbidden("no permission")
} else {
err := g.repo.AssignAppPackage(ctx, claims.InternalID, appID, appPackageID)
if err != nil {
return pb.ErrorErrorReasonUnspecified("%s", err)
}
err := g.repo.AssignAppPackage(ctx, claims.InternalID, appID, appPackageID)
if err != nil {
return pb.ErrorErrorReasonUnspecified("%s", err)
}
return nil
}

func (g *Gebura) UnAssignAppPackage(ctx context.Context, appPackageID model.InternalID) *errors.Error {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return pb.ErrorErrorReasonForbidden("no permission")
}
if claims, ok := libauth.FromContext(ctx); !ok {
return pb.ErrorErrorReasonForbidden("no permission")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return bizutils.NoPermissionError()
} else {
err := g.repo.UnAssignAppPackage(ctx, claims.InternalID, appPackageID)
if err != nil {
Expand All @@ -112,9 +102,9 @@ func (g *Gebura) UnAssignAppPackage(ctx context.Context, appPackageID model.Inte
}

func (g *Gebura) NewReportAppPackageHandler(ctx context.Context) (ReportAppPackageHandler, *errors.Error) {
claims, exist := libauth.FromContext(ctx)
if !exist || claims == nil {
return nil, pb.ErrorErrorReasonUnauthorized("token required")
claims := libauth.FromContext(ctx)
if claims == nil {
return nil, bizutils.NoPermissionError()
}
checksums, err := g.repo.ListAppPackageBinaryChecksumOfOneSource(ctx,
modelgebura.AppPackageSourceSentinel, claims.InternalID)
Expand Down
19 changes: 7 additions & 12 deletions app/sephirah/internal/biz/bizgebura/run_time.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"time"

"github.com/tuihub/librarian/app/sephirah/internal/biz/bizutils"
"github.com/tuihub/librarian/internal/lib/libauth"
"github.com/tuihub/librarian/internal/model"
pb "github.com/tuihub/protos/pkg/librarian/sephirah/v1"
Expand All @@ -16,16 +17,13 @@ func (g *Gebura) AddAppPackageRunTime(
packageID model.InternalID,
timeRange *model.TimeRange,
) *errors.Error {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return pb.ErrorErrorReasonForbidden("no permission")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return bizutils.NoPermissionError()
}
if timeRange == nil {
return pb.ErrorErrorReasonBadRequest("empty time range")
}
claims, exist := libauth.FromContext(ctx)
if !exist {
return pb.ErrorErrorReasonUnauthorized("empty token")
}
err := g.repo.AddAppPackageRunTime(ctx, claims.InternalID, packageID, timeRange)
if err != nil {
return pb.ErrorErrorReasonUnspecified("%s", err.Error())
Expand All @@ -38,16 +36,13 @@ func (g *Gebura) SumAppPackageRunTime(
packageID model.InternalID,
timeRange *model.TimeRange,
) (time.Duration, error) {
if !libauth.FromContextAssertUserType(ctx, libauth.UserTypeAdmin, libauth.UserTypeNormal) {
return time.Duration(0), pb.ErrorErrorReasonForbidden("no permission")
claims := libauth.FromContextAssertUserType(ctx)
if claims == nil {
return time.Duration(0), bizutils.NoPermissionError()
}
if timeRange == nil {
return time.Duration(0), pb.ErrorErrorReasonBadRequest("empty time range")
}
claims, exist := libauth.FromContext(ctx)
if !exist {
return time.Duration(0), pb.ErrorErrorReasonUnauthorized("empty token")
}
res, err := g.repo.SumAppPackageRunTime(ctx, claims.InternalID, packageID, timeRange)
if err != nil {
return time.Duration(0), pb.ErrorErrorReasonUnspecified("%s", err.Error())
Expand Down
Loading

0 comments on commit 643cc5a

Please sign in to comment.