adding userId to the jwt and updated routes to use scope requirements

This commit is contained in:
James Tombleson 2024-05-07 19:14:37 -07:00
parent c539a20cc7
commit 471ef4fdd8
9 changed files with 176 additions and 127 deletions

View File

@ -1,5 +1,10 @@
package domain package domain
type LoginFormRequest struct {
Username string `form:"username"`
Password string `form:"password"`
}
type GetSourceBySourceAndNameParamRequest struct { type GetSourceBySourceAndNameParamRequest struct {
Name string `query:"name"` Name string `query:"name"`
Source string `query:"source"` Source string `query:"source"`

View File

@ -1,8 +1,14 @@
package domain package domain
const ( const (
ScopeAll = "newsbot:all" ScopeAll = "newsbot:all"
ScopeArticleRead = "newsbot:article:read"
ScopeSourceCreate = "newsbot:source:create" ScopeArticleRead = "newsbot:article:read"
ScopeArticleDisable = "newsbot:article:disable"
ScopeSourceRead = "newsbot:source:read"
ScopeSourceCreate = "newsbot:source:create"
ScopeDiscordWebHookCreate = "newsbot:discordwebhook:create" ScopeDiscordWebHookCreate = "newsbot:discordwebhook:create"
ScopeDiscordWebhookRead = "newsbot:discordwebhook:read"
) )

View File

@ -20,6 +20,8 @@ import (
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) listArticles(c echo.Context) error { func (s *Handler) listArticles(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeArticleRead)
resp := domain.ArticleResponse{ resp := domain.ArticleResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -51,6 +53,7 @@ func (s *Handler) listArticles(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) getArticle(c echo.Context) error { func (s *Handler) getArticle(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeArticleRead)
p := domain.ArticleResponse{ p := domain.ArticleResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -86,13 +89,12 @@ func (s *Handler) getArticle(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) getArticleDetails(c echo.Context) error { func (s *Handler) getArticleDetails(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeArticleRead)
p := domain.ArticleDetailedResponse{ p := domain.ArticleDetailedResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
}, },
Payload: domain.ArticleAndSourceModel{ Payload: domain.ArticleAndSourceModel{},
},
} }
id, err := strconv.Atoi(c.Param("ID")) id, err := strconv.Atoi(c.Param("ID"))
@ -128,6 +130,7 @@ func (s *Handler) getArticleDetails(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) ListArticlesBySourceId(c echo.Context) error { func (s *Handler) ListArticlesBySourceId(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeArticleRead)
p := domain.ArticleResponse{ p := domain.ArticleResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,

View File

@ -90,7 +90,7 @@ func (h *Handler) AuthLogin(c echo.Context) error {
// TODO think about moving this down some? // TODO think about moving this down some?
expiresAt := time.Now().Add(time.Hour * 48) expiresAt := time.Now().Add(time.Hour * 48)
jwt, err := h.generateJwtWithExp(username, user.Scopes, h.config.ServerAddress, expiresAt) jwt, err := h.generateJwtWithExp(username, user.Scopes, h.config.ServerAddress, user.ID, expiresAt)
if err != nil { if err != nil {
return h.InternalServerErrorResponse(c, err.Error()) return h.InternalServerErrorResponse(c, err.Error())
} }
@ -121,7 +121,7 @@ func (h *Handler) createAdminToken(c echo.Context, password string) error {
return h.UnauthorizedResponse(c, ErrUserNotFound) return h.UnauthorizedResponse(c, ErrUserNotFound)
} }
token, err := h.generateJwt("admin", domain.ScopeAll, h.config.ServerAddress) token, err := h.generateJwt("admin", domain.ScopeAll, h.config.ServerAddress, -1)
if err != nil { if err != nil {
return h.InternalServerErrorResponse(c, err.Error()) return h.InternalServerErrorResponse(c, err.Error())
} }
@ -130,8 +130,8 @@ func (h *Handler) createAdminToken(c echo.Context, password string) error {
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: "OK", Message: "OK",
}, },
Token: token, Token: token,
Type: "Bearer", Type: "Bearer",
}) })
} }
@ -163,7 +163,7 @@ func (h *Handler) RefreshJwtToken(c echo.Context) error {
return h.InternalServerErrorResponse(c, err.Error()) return h.InternalServerErrorResponse(c, err.Error())
} }
jwt, err := h.generateJwtWithExp(request.Username, user.Scopes, h.config.ServerAddress, time.Now().Add(time.Hour*48)) jwt, err := h.generateJwtWithExp(request.Username, user.Scopes, h.config.ServerAddress, user.ID, time.Now().Add(time.Hour*48))
if err != nil { if err != nil {
return h.InternalServerErrorResponse(c, err.Error()) return h.InternalServerErrorResponse(c, err.Error())
} }

View File

@ -18,7 +18,9 @@ import (
// @Success 200 {object} domain.DiscordWebhookResponse // @Success 200 {object} domain.DiscordWebhookResponse
// @Failure 400 {object} domain.BaseResponse // @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) ListDiscordWebHooks(c echo.Context) error { func (s *Handler) ListDiscordWebHooks(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebhookRead)
p := domain.DiscordWebhookResponse{ p := domain.DiscordWebhookResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -42,7 +44,9 @@ func (s *Handler) ListDiscordWebHooks(c echo.Context) error {
// @Success 200 {object} domain.DiscordWebhookResponse "OK" // @Success 200 {object} domain.DiscordWebhookResponse "OK"
// @Failure 400 {object} domain.BaseResponse // @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) GetDiscordWebHooksById(c echo.Context) error { func (s *Handler) GetDiscordWebHooksById(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebhookRead)
p := domain.DiscordWebhookResponse{ p := domain.DiscordWebhookResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -74,7 +78,9 @@ func (s *Handler) GetDiscordWebHooksById(c echo.Context) error {
// @Success 200 {object} domain.DiscordWebhookResponse "OK" // @Success 200 {object} domain.DiscordWebhookResponse "OK"
// @Failure 400 {object} domain.BaseResponse // @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) GetDiscordWebHooksByServerAndChannel(c echo.Context) error { func (s *Handler) GetDiscordWebHooksByServerAndChannel(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebhookRead)
p := domain.DiscordWebhookResponse{ p := domain.DiscordWebhookResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -110,13 +116,9 @@ func (s *Handler) GetDiscordWebHooksByServerAndChannel(c echo.Context) error {
// @Success 200 {object} domain.DiscordWebhookResponse "OK" // @Success 200 {object} domain.DiscordWebhookResponse "OK"
// @Failure 400 {object} domain.BaseResponse // @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) NewDiscordWebHook(c echo.Context) error { func (s *Handler) NewDiscordWebHook(c echo.Context) error {
token, err := s.getJwtToken(c) token := s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
if err != nil {
return c.JSON(http.StatusUnauthorized, domain.BaseResponse{
Message: ErrJwtMissing,
})
}
_url := c.QueryParam("url") _url := c.QueryParam("url")
_server := c.QueryParam("server") _server := c.QueryParam("server")
@ -181,7 +183,9 @@ func (s *Handler) NewDiscordWebHook(c echo.Context) error {
// @Success 200 {object} domain.DiscordWebhookResponse "OK" // @Success 200 {object} domain.DiscordWebhookResponse "OK"
// @Failure 400 {object} domain.BaseResponse // @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) disableDiscordWebHook(c echo.Context) error { func (s *Handler) disableDiscordWebHook(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
id, err := strconv.Atoi(c.Param("ID")) id, err := strconv.Atoi(c.Param("ID"))
if err != nil { if err != nil {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{ return c.JSON(http.StatusBadRequest, domain.BaseResponse{
@ -190,11 +194,15 @@ func (s *Handler) disableDiscordWebHook(c echo.Context) error {
} }
// Check to make sure we can find the record // Check to make sure we can find the record
_, err = s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id)) record, err := s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
if err != nil { if err != nil {
s.WriteError(c, err, http.StatusInternalServerError) s.WriteError(c, err, http.StatusInternalServerError)
} }
if record.UserID != s.GetUserIdFromJwtToken(c) {
s.WriteMessage(c, ErrYouDontOwnTheRecord, http.StatusBadRequest)
}
// flip the it // flip the it
updated, err := s.repo.DiscordWebHooks.Disable(c.Request().Context(), int64(id)) updated, err := s.repo.DiscordWebHooks.Disable(c.Request().Context(), int64(id))
if err != nil { if err != nil {
@ -226,18 +234,24 @@ func (s *Handler) disableDiscordWebHook(c echo.Context) error {
// @Param id path int true "id" // @Param id path int true "id"
// @Tags DiscordWebhook // @Tags DiscordWebhook
// @Router /v1/discord/webhooks/{ID}/enable [post] // @Router /v1/discord/webhooks/{ID}/enable [post]
// @Security Bearer
func (s *Handler) enableDiscordWebHook(c echo.Context) error { func (s *Handler) enableDiscordWebHook(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
id, err := strconv.Atoi(c.Param("ID")) id, err := strconv.Atoi(c.Param("ID"))
if err != nil { if err != nil {
s.WriteError(c, err, http.StatusBadRequest) s.WriteError(c, err, http.StatusBadRequest)
} }
// Check to make sure we can find the record // Check to make sure we can find the record
_, err = s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id)) record, err := s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
if err != nil { if err != nil {
s.WriteError(c, err, http.StatusBadRequest) s.WriteError(c, err, http.StatusBadRequest)
} }
if record.UserID != s.GetUserIdFromJwtToken(c) {
s.WriteMessage(c, ErrYouDontOwnTheRecord, http.StatusBadRequest)
}
updated, err := s.repo.DiscordWebHooks.Enable(c.Request().Context(), int64(id)) updated, err := s.repo.DiscordWebHooks.Enable(c.Request().Context(), int64(id))
if err != nil { if err != nil {
s.WriteError(c, err, http.StatusInternalServerError) s.WriteError(c, err, http.StatusInternalServerError)
@ -271,17 +285,22 @@ func (s *Handler) enableDiscordWebHook(c echo.Context) error {
// @Failure 400 {object} domain.BaseResponse // @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
func (s *Handler) deleteDiscordWebHook(c echo.Context) error { func (s *Handler) deleteDiscordWebHook(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
id, err := strconv.Atoi(c.Param("ID")) id, err := strconv.Atoi(c.Param("ID"))
if err != nil { if err != nil {
return c.JSON(http.StatusBadRequest, err.Error()) return c.JSON(http.StatusBadRequest, err.Error())
} }
// Check to make sure we can find the record // Check to make sure we can find the record
_, err = s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id)) record, err := s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, err.Error()) return c.JSON(http.StatusInternalServerError, err.Error())
} }
if record.UserID != s.GetUserIdFromJwtToken(c) {
s.WriteMessage(c, ErrYouDontOwnTheRecord, http.StatusBadRequest)
}
// Soft delete the record // Soft delete the record
updated, err := s.repo.DiscordWebHooks.SoftDelete(c.Request().Context(), int64(id)) updated, err := s.repo.DiscordWebHooks.SoftDelete(c.Request().Context(), int64(id))
if err != nil { if err != nil {

View File

@ -12,25 +12,28 @@ import (
swagger "github.com/swaggo/echo-swagger" swagger "github.com/swaggo/echo-swagger"
_ "git.jamestombleson.com/jtom38/newsbot-api/docs" _ "git.jamestombleson.com/jtom38/newsbot-api/docs"
"git.jamestombleson.com/jtom38/newsbot-api/internal/database"
"git.jamestombleson.com/jtom38/newsbot-api/internal/domain" "git.jamestombleson.com/jtom38/newsbot-api/internal/domain"
"git.jamestombleson.com/jtom38/newsbot-api/internal/services" "git.jamestombleson.com/jtom38/newsbot-api/internal/services"
) )
type Handler struct { type Handler struct {
Router *echo.Echo Router *echo.Echo
Db *database.Queries //Db *database.Queries
config services.Configs config services.Configs
repo services.RepositoryService repo services.RepositoryService
} }
const ( const (
ErrParameterIdMissing = "The requested parameter ID was not found." ErrParameterIdMissing = "The requested parameter ID was not found."
ErrParameterMissing = "The requested parameter was not found found:" ErrParameterMissing = "The requested parameter was not found found:"
ErrUnableToParseId = "Unable to parse the requested ID" ErrUnableToParseId = "Unable to parse the requested ID"
ErrRecordMissing = "The requested record was not found" ErrRecordMissing = "The requested record was not found"
ErrFailedToCreateRecord = "The record was not created due to a database problem" ErrFailedToCreateRecord = "The record was not created due to a database problem"
ErrUserUnknown = "User is unknown" ErrFailedToUpdateRecord = "The requested record was not updated due to a database problem"
ErrUserUnknown = "User is unknown"
ErrYouDontOwnTheRecord = "The record requested does not belong to you"
ResponseMessageSuccess = "Success" ResponseMessageSuccess = "Success"
) )
@ -170,3 +173,12 @@ func (s *Handler) ValidateJwtToken(c echo.Context, requiredScope string) JwtToke
return token return token
} }
func (s *Handler) GetUserIdFromJwtToken(c echo.Context) int64 {
token, err := s.getJwtTokenFromContext(c)
if err != nil {
s.WriteMessage(c, ErrJwtMissing, http.StatusUnauthorized)
}
return token.GetUserId()
}

View File

@ -23,6 +23,7 @@ type JwtToken struct {
Iss string `json:"iss"` Iss string `json:"iss"`
Authorized bool `json:"authorized"` Authorized bool `json:"authorized"`
UserName string `json:"username"` UserName string `json:"username"`
UserId int64 `json:"userId"`
Scopes []string `json:"scopes"` Scopes []string `json:"scopes"`
jwt.RegisteredClaims jwt.RegisteredClaims
} }
@ -52,6 +53,10 @@ func (j JwtToken) GetUsername() string {
return j.UserName return j.UserName
} }
func (j JwtToken) GetUserId() int64 {
return j.UserId
}
func (j JwtToken) hasExpired() error { func (j JwtToken) hasExpired() error {
// Check to see if the token has expired // Check to see if the token has expired
hasExpired := j.Exp.Compare(time.Now()) hasExpired := j.Exp.Compare(time.Now())
@ -77,11 +82,11 @@ func (j JwtToken) hasScope(scope string) error {
return errors.New(ErrJwtScopeMissing) return errors.New(ErrJwtScopeMissing)
} }
func (h *Handler) generateJwt(username, scopes, issuer string) (string, error) { func (h *Handler) generateJwt(username, scopes, issuer string, userId int64) (string, error) {
return h.generateJwtWithExp(username, scopes, issuer, time.Now().Add(10*time.Minute)) return h.generateJwtWithExp(username, scopes, issuer, userId, time.Now().Add(10*time.Minute))
} }
func (h *Handler) generateJwtWithExp(username, userScopes, issuer string, expiresAt time.Time) (string, error) { func (h *Handler) generateJwtWithExp(username, userScopes, issuer string, userId int64, expiresAt time.Time) (string, error) {
secret := []byte(h.config.JwtSecret) secret := []byte(h.config.JwtSecret)
// Anyone who wants to decrypt the key needs to use the same method // Anyone who wants to decrypt the key needs to use the same method
@ -91,6 +96,7 @@ func (h *Handler) generateJwtWithExp(username, userScopes, issuer string, expire
claims["authorized"] = true claims["authorized"] = true
claims["username"] = username claims["username"] = username
claims["iss"] = issuer claims["iss"] = issuer
claims["userId"] = userId
var scopes []string var scopes []string
scopes = append(scopes, domain.ScopeAll) scopes = append(scopes, domain.ScopeAll)

View File

@ -1,17 +1,13 @@
package v1 package v1
import ( import (
"context"
"encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"strconv" "strconv"
"strings" "strings"
"git.jamestombleson.com/jtom38/newsbot-api/internal/database"
"git.jamestombleson.com/jtom38/newsbot-api/internal/domain" "git.jamestombleson.com/jtom38/newsbot-api/internal/domain"
"git.jamestombleson.com/jtom38/newsbot-api/internal/services" "git.jamestombleson.com/jtom38/newsbot-api/internal/services"
"github.com/google/uuid"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
) )
@ -25,6 +21,7 @@ import (
// @Failure 400 {object} domain.BaseResponse "Unable to reach SQL or Data problems" // @Failure 400 {object} domain.BaseResponse "Unable to reach SQL or Data problems"
// @Security Bearer // @Security Bearer
func (s *Handler) listSources(c echo.Context) error { func (s *Handler) listSources(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceRead)
resp := domain.SourcesResponse{ resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -58,6 +55,7 @@ func (s *Handler) listSources(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) listSourcesBySource(c echo.Context) error { func (s *Handler) listSourcesBySource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceRead)
resp := domain.SourcesResponse{ resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -97,6 +95,7 @@ func (s *Handler) listSourcesBySource(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) getSource(c echo.Context) error { func (s *Handler) getSource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceRead)
resp := domain.SourcesResponse{ resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -133,6 +132,7 @@ func (s *Handler) getSource(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) GetSourceBySourceAndName(c echo.Context) error { func (s *Handler) GetSourceBySourceAndName(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceRead)
resp := domain.SourcesResponse{ resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -169,6 +169,8 @@ func (s *Handler) GetSourceBySourceAndName(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) newRedditSource(c echo.Context) error { func (s *Handler) newRedditSource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
resp := domain.SourcesResponse{ resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -178,20 +180,13 @@ func (s *Handler) newRedditSource(c echo.Context) error {
var param domain.NewSourceParamRequest var param domain.NewSourceParamRequest
err := c.Bind(&param) err := c.Bind(&param)
if err != nil { if err != nil {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{ s.WriteError(c, err, http.StatusBadRequest)
Message: err.Error(),
})
} }
if param.Url == "" { if param.Url == "" {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{ s.WriteMessage(c, "url is missing", http.StatusBadRequest)
Message: "Url is missing a value",
})
} }
if !strings.Contains(param.Url, "reddit.com") { if !strings.Contains(param.Url, "reddit.com") {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{ s.WriteMessage(c, "invalid url", http.StatusBadRequest)
Message: "Invalid URL given",
})
} }
tags := fmt.Sprintf("twitch, %v, %s", param.Name, param.Tags) tags := fmt.Sprintf("twitch, %v, %s", param.Name, param.Tags)
@ -223,61 +218,54 @@ func (s *Handler) newRedditSource(c echo.Context) error {
// @Router /v1/sources/new/youtube [post] // @Router /v1/sources/new/youtube [post]
// @Security Bearer // @Security Bearer
func (s *Handler) newYoutubeSource(c echo.Context) error { func (s *Handler) newYoutubeSource(c echo.Context) error {
// Validate the jwt
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
var param domain.NewSourceParamRequest var param domain.NewSourceParamRequest
err := c.Bind(&param) err := c.Bind(&param)
if err != nil { if err != nil {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{ s.WriteError(c, err, http.StatusBadRequest)
Message: err.Error(),
})
} }
//query := r.URL.Query()
//_name := query["name"][0]
//_url := query["url"][0]
////_tags := query["tags"][0]
if param.Url == "" { if param.Url == "" {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{ s.WriteMessage(c, "url is missing a value", http.StatusBadRequest)
Message: "url is missing a value",
})
} }
if !strings.Contains(param.Url, "youtube.com") { if !strings.Contains(param.Url, "youtube.com") {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{ s.WriteMessage(c, "invalid url", http.StatusBadRequest)
Message: "Invalid URL", }
})
resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
},
}
item, err := s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorYoutube, param.Name)
if err == nil {
var dto []domain.SourceDto
dto = append(dto, services.SourceToDto(item))
resp.Payload = dto
return c.JSON(http.StatusOK, resp)
} }
/*
if _tags == "" {
tags = fmt.Sprintf("twitch, %v", _name)
} else {
}
*/
tags := fmt.Sprintf("twitch, %v", param.Name) tags := fmt.Sprintf("twitch, %v", param.Name)
rows, err := s.repo.Sources.Create(c.Request().Context(), domain.SourceCollectorYoutube, param.Name, param.Url, tags, true)
params := database.CreateSourceParams{
ID: uuid.New(),
Site: "youtube",
Name: param.Name,
Source: "youtube",
Type: "feed",
Enabled: true,
Url: param.Url,
Tags: tags,
}
err = s.Db.CreateSource(context.Background(), params)
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, err.Error()) return c.JSON(http.StatusInternalServerError, err.Error())
} }
bJson, err := json.Marshal(&params) if rows != 1 {
if err != nil { s.WriteMessage(c, ErrFailedToCreateRecord, http.StatusInternalServerError)
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: err.Error(),
})
} }
return c.JSON(http.StatusOK, bJson) item, err = s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorYoutube, param.Name)
if err == nil {
var dto []domain.SourceDto
dto = append(dto, services.SourceToDto(item))
resp.Payload = dto
return c.JSON(http.StatusOK, resp)
}
return c.JSON(http.StatusOK, resp)
} }
// NewTwitchSource // NewTwitchSource
@ -287,6 +275,8 @@ func (s *Handler) newYoutubeSource(c echo.Context) error {
// @Router /v1/sources/new/twitch [post] // @Router /v1/sources/new/twitch [post]
// @Security Bearer // @Security Bearer
func (s *Handler) newTwitchSource(c echo.Context) error { func (s *Handler) newTwitchSource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
var param domain.NewSourceParamRequest var param domain.NewSourceParamRequest
err := c.Bind(&param) err := c.Bind(&param)
if err != nil { if err != nil {
@ -295,37 +285,41 @@ func (s *Handler) newTwitchSource(c echo.Context) error {
}) })
} }
//query := r.URL.Query() resp := domain.SourcesResponse{
//_name := query["name"][0] BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
},
}
tags := fmt.Sprintf("twitch, %v", param.Name) tags := fmt.Sprintf("twitch, %v", param.Name)
_url := fmt.Sprintf("https://twitch.tv/%v", param.Name) url := fmt.Sprintf("https://twitch.tv/%v", param.Name)
params := database.CreateSourceParams{ // Check if the record already exists
ID: uuid.New(), item, err := s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorTwitch, param.Name)
Site: "twitch", if err == nil {
Name: param.Name, var dto []domain.SourceDto
Source: "twitch", dto = append(dto, services.SourceToDto(item))
Type: "api", resp.Payload = dto
Enabled: true, return c.JSON(http.StatusOK, resp)
Url: _url,
Tags: tags,
} }
err = s.Db.CreateSource(c.Request().Context(), params)
rows, err := s.repo.Sources.Create(c.Request().Context(), domain.SourceCollectorTwitch, param.Name, url, tags, true)
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{ return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: err.Error(), Message: err.Error(),
}) })
} }
bJson, err := json.Marshal(&params) if rows != 1 {
if err != nil { s.WriteMessage(c, ErrFailedToCreateRecord, http.StatusInternalServerError)
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: err.Error(),
})
} }
return c.JSON(http.StatusOK, bJson) item, err = s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorTwitch, param.Name)
var dto []domain.SourceDto
dto = append(dto, services.SourceToDto(item))
resp.Payload = dto
return c.JSON(http.StatusOK, resp)
} }
// NewRssSource // NewRssSource
@ -339,6 +333,8 @@ func (s *Handler) newTwitchSource(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse // @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) newRssSource(c echo.Context) error { func (s *Handler) newRssSource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
resp := domain.SourcesResponse{ resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{ BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess, Message: ResponseMessageSuccess,
@ -382,48 +378,50 @@ func (s *Handler) newRssSource(c echo.Context) error {
// DeleteSource // DeleteSource
// @Summary Marks a source as deleted based on its ID value. // @Summary Marks a source as deleted based on its ID value.
// @Param id path string true "id" // @Param id path int true "id"
// @Tags Source // @Tags Source
// @Router /v1/sources/{id} [POST] // @Router /v1/sources/{id} [POST]
// @Success 200 {object} domain.SourcesResponse "ok"
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer // @Security Bearer
func (s *Handler) deleteSources(c echo.Context) error { func (s *Handler) deleteSources(c echo.Context) error {
id := c.Param("ID") s.ValidateJwtToken(c, domain.ScopeAll)
uuid, err := uuid.Parse(id) id, err := strconv.Atoi(c.Param("ID"))
if err != nil { if err != nil {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{ s.WriteError(c, err, http.StatusBadRequest)
Message: err.Error(),
})
} }
// Check to make sure we can find the record // Check to make sure we can find the record
_, err = s.Db.GetSourceByID(c.Request().Context(), uuid) _, err = s.repo.Sources.GetById(c.Request().Context(), int64(id))
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{ s.WriteError(c, err, http.StatusInternalServerError)
Message: err.Error(),
})
} }
// Delete the record // Delete the record
err = s.Db.DeleteSource(c.Request().Context(), uuid) rows, err := s.repo.Sources.SoftDelete(c.Request().Context(), int64(id))
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{ s.WriteError(c, err, http.StatusInternalServerError)
Message: err.Error(), }
}) if rows != 1 {
s.WriteMessage(c, ErrFailedToUpdateRecord, http.StatusInternalServerError)
} }
p := ApiStatusModel{ // pull the record with its updated value
Message: "OK", item, err := s.repo.Sources.GetById(c.Request().Context(), int64(id))
StatusCode: http.StatusOK,
}
b, err := json.Marshal(p)
if err != nil { if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{ s.WriteError(c, err, http.StatusInternalServerError)
Message: err.Error(),
})
} }
return c.JSON(http.StatusOK, b) var items []domain.SourceDto
items = append(items, services.SourceToDto(item))
return c.JSON(http.StatusOK, domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: "OK",
},
Payload: items,
})
} }
// DisableSource // DisableSource

View File

@ -130,7 +130,7 @@ func (us UserService) Create(ctx context.Context, name, password, scope string)
return domain.UserEntity{}, err return domain.UserEntity{}, err
} }
us.repo.Create(ctx, name, password, domain.ScopeRead) us.repo.Create(ctx, name, password, domain.ScopeArticleRead)
return domain.UserEntity{}, nil return domain.UserEntity{}, nil
} }