neki/Enshi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Massive rework has been started

Browse Source
This commit is contained in:
Max 2024-11-15 01:04:48 +03:00
parent 8f12afae7e
commit 01da5ec2ee
16 changed files with 263 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
enshi_back/ABAC/globalRules/authorizedRule.go Normal file
View File

@ -0,0 +1,24 @@
package globalrules
import (
"enshi/auth"
"enshi/global"
"net/http"
"github.com/gin-gonic/gin"
)
func AuthorizedRule(c *gin.Context) (bool, error) {
tokenFromCookies := c.Request.CookiesNamed("auth_cookie")[0].Value
cookieClimes, err := auth.ValidateToken(tokenFromCookies)
if err != nil {
c.IndentedJSON(http.StatusUnauthorized, gin.H{"error auth": err.Error()})
c.Abort()
return false, err
} else {
c.Set(global.ContextUserId, cookieClimes["id"])
c.Set(global.ContextTokenData, cookieClimes)
}
return true, nil
}

50
enshi_back/ABAC/postsPolicies/postPolicy.go Normal file
View File

@ -0,0 +1,50 @@
package postspolicies
import (
postRules "enshi/ABAC/postsPolicies/postRules"
"github.com/gin-gonic/gin"
)
const (
DELETE_POST = "delete_post"
UPDATE_POST = "update_post"
CREATE_POST = "create_post"
GET_POST = "get_post"
)
func checkRule(
c *gin.Context,
ruleChecker func(*gin.Context) (bool, error),
) (bool, error) {
IsAllowed, err := ruleChecker(c)
if err != nil {
return false, err
}
return IsAllowed, nil
}
func PostsPolicies(c *gin.Context) (bool, error) {
target, exists := c.Get("target")
if !exists {
return false, nil
}
switch target {
case DELETE_POST:
return checkRule(c, postRules.DeleteRule)
case UPDATE_POST:
return checkRule(c, postRules.PostUpdateRule)
case GET_POST:
return checkRule(c, postRules.PostReadRule)
case CREATE_POST:
return checkRule(c, postRules.PostCreateRule)
}
return false, nil
}

10
enshi_back/ABAC/postsPolicies/postRules/createRule.go Normal file
View File

@ -0,0 +1,10 @@
package postRules
import (
"github.com/gin-gonic/gin"
)
// Only owner of the post can change it
func PostCreateRule(c *gin.Context) (bool, error) {
return true, nil
}

22
enshi_back/ABAC/postsPolicies/postRules/deleteRule.go Normal file
View File

@ -0,0 +1,22 @@
package postRules
import (
"enshi/middleware/checkRole"
"github.com/gin-gonic/gin"
)
// Only owner or admin can delete post
func DeleteRule(c *gin.Context) (bool, error) {
isOwner, err := checkRole.IsOwnerOfThePost(c)
if err != nil {
return false, err
}
isAdmin, err := checkRole.IsAdmin(c)
if err != nil {
return false, err
}
return isAdmin || isOwner, err
}

10
enshi_back/ABAC/postsPolicies/postRules/readRule.go Normal file
View File

@ -0,0 +1,10 @@
package postRules
import (
"github.com/gin-gonic/gin"
)
// Only owner of the post can change it
func PostReadRule(c *gin.Context) (bool, error) {
return true, nil
}

17
enshi_back/ABAC/postsPolicies/postRules/updateRule.go Normal file
View File

@ -0,0 +1,17 @@
package postRules
import (
"enshi/middleware/checkRole"
"github.com/gin-gonic/gin"
)
// Only owner of the post can change it
func PostUpdateRule(c *gin.Context) (bool, error) {
isOwner, err := checkRole.IsOwnerOfThePost(c)
if err != nil {
return false, err
}
return isOwner, nil
}

10
enshi_back/middleware/adminMiddleware.go
View File

@ -3,7 +3,6 @@ package middleware
import ( import (
rest_api_stuff "enshi/REST_API_stuff" rest_api_stuff "enshi/REST_API_stuff"
"enshi/middleware/checkRole" "enshi/middleware/checkRole"
"enshi/middleware/getters"
"fmt" "fmt"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
@ -12,14 +11,7 @@ import (
func AdminMiddleware() gin.HandlerFunc { func AdminMiddleware() gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
userId, err := getters.GetUserIdFromContext(c) isAdmin, err := checkRole.IsAdmin(c)
if err != nil || userId == 0 {
rest_api_stuff.BadRequestAnswer(c, err)
c.Abort()
}
isAdmin, err := checkRole.IsAdmin(userId)
if err != nil { if err != nil {
rest_api_stuff.BadRequestAnswer(c, err) rest_api_stuff.BadRequestAnswer(c, err)

11
enshi_back/middleware/checkRole/isAdmin.go
View File

@ -4,9 +4,18 @@ import (
"context" "context"
db_repo "enshi/db/go_queries" db_repo "enshi/db/go_queries"
"enshi/db_connection" "enshi/db_connection"
"enshi/middleware/getters"
"github.com/gin-gonic/gin"
) )
func IsAdmin(userId int64) (bool, error) { func IsAdmin(c *gin.Context) (bool, error) {
userId, err := getters.GetUserIdFromContext(c)
if err != nil {
return false, err
}
user, err := user, err :=
db_repo.New(db_connection.Dbx). db_repo.New(db_connection.Dbx).
GetUserById(context.Background(), userId) GetUserById(context.Background(), userId)

17
enshi_back/middleware/checkRole/isOwner.go → enshi_back/middleware/checkRole/isOwnerOfThePost.go
View File

@ -4,9 +4,24 @@ import (
"context" "context"
db_repo "enshi/db/go_queries" db_repo "enshi/db/go_queries"
"enshi/db_connection" "enshi/db_connection"
"enshi/middleware/getters"
"github.com/gin-gonic/gin"
) )
func IsOwnerOfThePost(userId int64, postId int64) (bool, error) { func IsOwnerOfThePost(c *gin.Context) (bool, error) {
postId, err := getters.GetInt64Param(c, "post-id")
if err != nil {
return false, err
}
userId, err := getters.GetUserIdFromContext(c)
if err != nil {
return false, err
}
post, err := post, err :=
db_repo.New(db_connection.Dbx). db_repo.New(db_connection.Dbx).
GetPostsByPostId(context.Background(), postId) GetPostsByPostId(context.Background(), postId)

17
enshi_back/middleware/getters/getIntParam.go Normal file
View File

@ -0,0 +1,17 @@
package getters
import (
"strconv"
"github.com/gin-gonic/gin"
)
func GetInt64Param(c *gin.Context, paramName string) (int64, error) {
int64ParamValue, err := strconv.ParseInt(c.Param(paramName), 10, 64)
if err != nil {
return -1, err
}
return int64ParamValue, nil
}

41
enshi_back/middleware/postsMiddleware.go Normal file
View File

@ -0,0 +1,41 @@
package middleware
import (
postspolicies "enshi/ABAC/postsPolicies"
rest_api_stuff "enshi/REST_API_stuff"
"fmt"
"github.com/gin-gonic/gin"
)
func PostsMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
switch c.Request.Method {
case "DELETE":
c.Set("target", postspolicies.DELETE_POST)
case "PUT":
c.Set("target", postspolicies.UPDATE_POST)
case "POST":
c.Set("target", postspolicies.CREATE_POST)
case "GET":
c.Set("target", postspolicies.GET_POST)
}
isAllowed, err := postspolicies.PostsPolicies(c)
if err != nil {
rest_api_stuff.InternalErrorAnswer(c, err)
c.Abort()
return
}
if !isAllowed {
rest_api_stuff.UnauthorizedAnswer(c, fmt.Errorf("you have no permission"))
c.Abort()
return
}
c.Next()
}
}

17
enshi_back/routes/changeUserProfile.go
View File

@ -1,17 +0,0 @@
package routes
import (
rest_api_stuff "enshi/REST_API_stuff"
db_repo "enshi/db/go_queries"
"github.com/gin-gonic/gin"
)
func ChangeUserProfile(c *gin.Context) {
var userProfileParams db_repo.UpdateProfileByUserIdParams
if err := c.BindJSON(&userProfileParams); err != nil {
rest_api_stuff.BadRequestAnswer(c, err)
}
}

11
enshi_back/routes/postsRoutes/deletePost.go
View File

@ -7,16 +7,15 @@ import (
"enshi/db_connection" "enshi/db_connection"
"enshi/middleware/getters" "enshi/middleware/getters"
"fmt" "fmt"
"strconv"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
func DeletePost(c *gin.Context) { func DeletePost(c *gin.Context) {
var deletePostId struct { postId, err := strconv.ParseInt(c.Param("post-id"), 10, 64)
PostId int64 `json:"post_id"`
}
if err := c.BindJSON(&deletePostId); err != nil { if err != nil {
rest_api_stuff.BadRequestAnswer(c, err) rest_api_stuff.BadRequestAnswer(c, err)
return return
} }
@ -28,7 +27,7 @@ func DeletePost(c *gin.Context) {
} }
query := db_repo.New(db_connection.Dbx) query := db_repo.New(db_connection.Dbx)
post, err := query.GetPostsByPostId(context.Background(), deletePostId.PostId) post, err := query.GetPostsByPostId(context.Background(), postId)
if err != nil { if err != nil {
rest_api_stuff.InternalErrorAnswer(c, err) rest_api_stuff.InternalErrorAnswer(c, err)
return return
@ -41,7 +40,7 @@ func DeletePost(c *gin.Context) {
// TODO: Add block of code, so admin could delete anything // TODO: Add block of code, so admin could delete anything
err = query.DeletePostByPostId(context.Background(), deletePostId.PostId) err = query.DeletePostByPostId(context.Background(), postId)
if err != nil { if err != nil {
rest_api_stuff.InternalErrorAnswer(c, err) rest_api_stuff.InternalErrorAnswer(c, err)
return return

9
enshi_back/routes/postsRoutes/getPost.go
View File

@ -5,24 +5,23 @@ import (
rest_api_stuff "enshi/REST_API_stuff" rest_api_stuff "enshi/REST_API_stuff"
db_repo "enshi/db/go_queries" db_repo "enshi/db/go_queries"
"enshi/db_connection" "enshi/db_connection"
"enshi/middleware/getters"
"net/http" "net/http"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
func GetPost(c *gin.Context) { func GetPost(c *gin.Context) {
var postParams struct { postId, err := getters.GetInt64Param(c, "post-id")
PostId int64 `json:"post_id"`
}
if err := c.BindJSON(&postParams); err != nil { if err != nil {
rest_api_stuff.BadRequestAnswer(c, err) rest_api_stuff.BadRequestAnswer(c, err)
return return
} }
postData, err := postData, err :=
db_repo.New(db_connection.Dbx). db_repo.New(db_connection.Dbx).
GetPostsByPostId(context.Background(), postParams.PostId) GetPostsByPostId(context.Background(), postId)
if err != nil { if err != nil {
rest_api_stuff.InternalErrorAnswer(c, err) rest_api_stuff.InternalErrorAnswer(c, err)

18
enshi_back/routes/postsRoutes/updatePost.go
View File

@ -5,9 +5,7 @@ import (
rest_api_stuff "enshi/REST_API_stuff" rest_api_stuff "enshi/REST_API_stuff"
db_repo "enshi/db/go_queries" db_repo "enshi/db/go_queries"
"enshi/db_connection" "enshi/db_connection"
"enshi/middleware/checkRole"
"enshi/middleware/getters" "enshi/middleware/getters"
"fmt"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
@ -20,20 +18,20 @@ func UpdatePost(c *gin.Context) {
return return
} }
userId, err := getters.GetUserIdFromContext(c) _, err := getters.GetUserIdFromContext(c)
if err != nil { if err != nil {
rest_api_stuff.InternalErrorAnswer(c, err) rest_api_stuff.InternalErrorAnswer(c, err)
return return
} }
if isOwner, _ := checkRole.IsOwnerOfThePost( // if isOwner, _ := checkRole.IsOwnerOfThePost(
userId, // userId,
UpdatedPostParams.PostID, // UpdatedPostParams.PostID,
); !isOwner { // ); !isOwner {
rest_api_stuff.UnauthorizedAnswer(c, fmt.Errorf("you are now allowed to change this")) // rest_api_stuff.UnauthorizedAnswer(c, fmt.Errorf("you are now allowed to change this"))
return // return
} // }
_, err = db_repo.New( _, err = db_repo.New(
db_connection.Dbx, db_connection.Dbx,

37
enshi_back/utils/routesSetup.go
View File

@ -2,7 +2,6 @@ package utils
import ( import (
"enshi/middleware" "enshi/middleware"
"enshi/routes"
"enshi/routes/authRoutes" "enshi/routes/authRoutes"
"enshi/routes/postsRoutes" "enshi/routes/postsRoutes"
"enshi/routes/userProfileRoutes" "enshi/routes/userProfileRoutes"
@ -29,20 +28,40 @@ func SetupRotes(g *gin.Engine) error {
freeGroup.GET("getCookie", testCookie) freeGroup.GET("getCookie", testCookie)
freeGroup.POST("login", authRoutes.Login) freeGroup.POST(
freeGroup.POST("registerUser", authRoutes.RegisterUser) "login",
freeGroup.GET("getPost", postsRoutes.GetPost) authRoutes.Login,
)
freeGroup.POST(
"users",
authRoutes.RegisterUser,
)
freeGroup.GET(
"posts/:post-id",
postsRoutes.GetPost,
)
// Auth group routes // Auth group routes
authGroup := g.Group("/") authGroup := g.Group("/")
authGroup.Use(middleware.AuthMiddleware()) authGroup.Use(middleware.AuthMiddleware())
authGroup.POST("updatePost", postsRoutes.UpdatePost) authGroup.PUT(
authGroup.POST("createPost", postsRoutes.CreatePost) "posts/:post-id",
authGroup.POST("changeUserProfile", routes.ChangeUserProfile) postsRoutes.UpdatePost,
authGroup.POST("updateProfile", userProfileRoutes.UpdateUserProfile) )
authGroup.POST(
"posts",
postsRoutes.CreatePost,
)
authGroup.DELETE(
"posts/:post-id",
postsRoutes.DeletePost,
)
authGroup.DELETE("deletePost", postsRoutes.DeletePost) authGroup.PUT(
"user-profiles",
userProfileRoutes.UpdateUserProfile,
)
// Admin group routes // Admin group routes
adminGroup := authGroup.Group("/admin/") adminGroup := authGroup.Group("/admin/")