refactor(tasks): auth user id (#17562)

2020-04-02 09:40:00 -04:00 · 2020-04-02 09:40:00 -04:00 · b5c24f3c9d
parent 0a7772ac93
commit b5c24f3c9d
2 changed files with 10 additions and 1 deletions
--- a/jsonweb/token.go
+++ b/jsonweb/token.go
@ -89,6 +89,8 @@ type Token struct {
 	KeyID string `json:"kid"`
 	// Permissions is the set of authorized permissions for the token
 	Permissions []influxdb.Permission `json:"permissions"`
+	// UserID for the token
+	UserID string `json:"uid,omitempty"`
 }

 // Allowed returns whether or not a permission is allowed based
@ -121,7 +123,11 @@ func (t *Token) Identifier() influxdb.ID {
 // GetUserID returns an invalid id as tokens are generated
 // with permissions rather than for or by a particular user
 func (t *Token) GetUserID() influxdb.ID {
-	return influxdb.InvalidID()
+	id, err := influxdb.IDFromString(t.UserID)
+	if err != nil {
+		return influxdb.InvalidID()
+	}
+	return *id
 }

 // Kind returns the string "jwt" which is used for auditing
--- a/task/backend/executor/executor.go
+++ b/task/backend/executor/executor.go
@ -208,6 +208,9 @@ func (e *Executor) createPromise(ctx context.Context, run *influxdb.Run) (*promi
 	if err != nil {
 		return nil, err
 	}
+	if !t.Authorization.GetUserID().Valid() {
+		t.Authorization.UserID = t.OwnerID
+	}

 	ctx, cancel := context.WithCancel(ctx)
 	// create promise