Added the example on how to remove a scope from someone

updated how it looks to see what scopes to add
added remove scopes to the handler
2024-04-04 15:31:23 -07:00 · 2024-04-04 15:30:59 -07:00 · 2024-04-04 15:30:38 -07:00 · 2024-04-04 15:30:22 -07:00 · 2024-04-04 15:29:39 -07:00
5 changed files with 51 additions and 15 deletions
--- a/api/domain/requests.go
+++ b/api/domain/requests.go
@ -4,7 +4,7 @@ type HelloBodyRequest struct {
 	Name string `json:"name" validate:"required"`
 }

-type AddScopeRequest struct {
+type UpdateScopesRequest struct {
 	Username string   `json:"name"`
 	Scopes   []string `json:"scopes" validate:"required"`
 }
--- a/api/handlers/v1/auth.go
+++ b/api/handlers/v1/auth.go
@ -90,6 +90,12 @@ func (h *Handler) AuthLogin(c echo.Context) error {
 }

 func (h *Handler) validateAdminToken(c echo.Context, password string) error {
+	// if the admin token is blank, then the admin wanted this disabled.
+	// this will fail right away and not progress.
+	if h.Config.AdminToken == "" {
+		return h.InternalServerErrorResponse(c, ErrUserNotFound)
+	}
+
 	if h.Config.AdminToken != password {
 		return h.ReturnUnauthorizedResponse(c, ErrUserNotFound)
 	}
@ -102,7 +108,7 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error {
 	return c.JSON(http.StatusOK, token)
 }

-func (h *Handler) AddScope(c echo.Context) error {
+func (h *Handler) AddScopes(c echo.Context) error {
 	token, err := h.getJwtToken(c)
 	if err != nil {
 		return h.ReturnUnauthorizedResponse(c, err.Error())
@ -113,7 +119,7 @@ func (h *Handler) AddScope(c echo.Context) error {
 		return h.ReturnUnauthorizedResponse(c, err.Error())
 	}

-	request := domain.AddScopeRequest{}
+	request := domain.UpdateScopesRequest{}
 	err = (&echo.DefaultBinder{}).BindBody(c, &request)
 	if err != nil {
 		return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
@ -132,10 +138,33 @@ func (h *Handler) AddScope(c echo.Context) error {
 	})
 }

-func (h *Handler) RemoveScope(c echo.Context) error {
-	return c.JSON(http.StatusOK, domain.ErrorResponse{
+func (h *Handler) RemoveScopes(c echo.Context) error {
+	token, err := h.getJwtToken(c)
+	if err != nil {
+		return h.ReturnUnauthorizedResponse(c, err.Error())
+	}
+
+	err = token.IsValid(domain.ScopeAll)
+	if err != nil {
+		return h.ReturnUnauthorizedResponse(c, err.Error())
+	}
+	
+	request := domain.UpdateScopesRequest{}
+	err = (&echo.DefaultBinder{}).BindBody(c, &request)
+	if err != nil {
+		return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
 			Success: false,
-		Message: "Not Implemented",
+			Message: err.Error(),
+		})
+	}
+
+	err = h.UserService.RemoveScopes(request.Username, request.Scopes)
+	if err != nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	return c.JSON(http.StatusOK, domain.ErrorResponse{
+		Success: true,
 	})
 }

--- a/api/handlers/v1/handler.go
+++ b/api/handlers/v1/handler.go
@ -41,8 +41,8 @@ func (h *Handler) Register(v1 *echo.Group) {
 	auth.POST("/login", h.AuthLogin)
 	auth.POST("/register", h.AuthRegister)
 	auth.Use(echojwt.WithConfig(jwtConfig))
-	auth.POST("/scopes/add", h.AddScope)
-	//auth.POST("/refresh", h.RefreshJwtToken)
+	auth.POST("/scopes/add", h.AddScopes)
+	auth.POST("/scopes/remove", h.RemoveScopes)
 	
 	demo := v1.Group("/demo")
 	demo.GET("/hello", h.DemoHello)
--- a/api/services/userService.go
+++ b/api/services/userService.go
@ -63,15 +63,15 @@ func (us UserService) AddScopes(username string, scopes []string) error {
 		return errors.New(repositories.ErrUserNotFound)
 	}

-	newScopes := strings.Split(usr.Scopes, ",")
+	currentScopes := strings.Split(usr.Scopes, ",")

 	// check the current scopes
-	for _, item := range strings.Split(usr.Scopes, ",") {
-		if !us.doesScopeExist(scopes, item) {
-			newScopes = append(newScopes, item)
+	for _, item := range scopes {
+		if !strings.Contains(usr.Scopes, item) {
+			currentScopes = append(currentScopes, item)
 		}
 	}
-	return us.repo.UpdateScopes(username, strings.Join(newScopes, ","))
+	return us.repo.UpdateScopes(username, strings.Join(currentScopes, ","))
 }

 func (us UserService) RemoveScopes(username string, scopes []string) error {
--- a/rest.http
+++ b/rest.http
@ -1,5 +1,5 @@
 ### Create a standard User
-POST http://localhost:1323/api/v1/auth/register?username=test&password=test1234!
+POST http://localhost:1323/api/v1/auth/register
 Content-Type: application/x-www-form-urlencoded

 name=test&password=test1234!
@ -9,6 +9,7 @@ Content-Type: application/x-www-form-urlencoded

 name=test&password=test1234!

+
 ### Login with the admin token
 POST http://localhost:1323/api/v1/auth/login
 Content-Type: application/x-www-form-urlencoded
@ -33,6 +34,12 @@ POST http://localhost:1323/api/v1/auth/scopes/remove
 Content-Type: application/json
 Authorization: Bearer

+{
+    "name": "test",
+    "scopes": [
+        "recipe:create"
+    ]
+}

 ###
 POST http://localhost:1323/api/v1/
Author	SHA1	Message	Date
James Tombleson	e0a517a765	Added the example on how to remove a scope from someone	2024-04-04 15:31:23 -07:00
James Tombleson	69fb7a683b	updated how it looks to see what scopes to add	2024-04-04 15:30:59 -07:00
James Tombleson	8f0e8e4d85	added remove scopes to the handler	2024-04-04 15:30:38 -07:00
James Tombleson	9bc36bae7f	if the admin token is null then it will fail an admin login. Also added the remove scopes logic and it worked for me	2024-04-04 15:30:22 -07:00
James Tombleson	8a43c166a8	Renamed struct to update a users scopes	2024-04-04 15:29:39 -07:00