From d5917878d0fa57c8d1ffa7475beb0aac68661354 Mon Sep 17 00:00:00 2001 From: zhulongcheng Date: Sun, 14 Apr 2019 16:42:46 +0800 Subject: [PATCH] feat(http): find auths by org --- auth.go | 3 + bolt/authorization.go | 20 ++++++ http/auth_service.go | 22 +++++++ http/swagger.yml | 10 +++ inmem/auth_service.go | 25 +++++++ kv/auth.go | 21 ++++++ testing/auth.go | 149 ++++++++++++++++++++++++++++++++++++++++++ 7 files changed, 250 insertions(+) diff --git a/auth.go b/auth.go index e41fdb3ded..983561e67f 100644 --- a/auth.go +++ b/auth.go @@ -117,4 +117,7 @@ type AuthorizationFilter struct { UserID *ID User *string + + OrgID *ID + Org *string } diff --git a/bolt/authorization.go b/bolt/authorization.go index e46f2179ed..0ec6e563f6 100644 --- a/bolt/authorization.go +++ b/bolt/authorization.go @@ -118,6 +118,18 @@ func filterAuthorizationsFn(filter platform.AuthorizationFilter) func(a *platfor return a.Token == *filter.Token } } + // Filter by org and user + if filter.OrgID != nil && filter.UserID != nil { + return func(a *platform.Authorization) bool { + return a.OrgID == *filter.OrgID && a.UserID == *filter.UserID + } + } + + if filter.OrgID != nil { + return func(a *platform.Authorization) bool { + return a.OrgID == *filter.OrgID + } + } if filter.UserID != nil { return func(a *platform.Authorization) bool { @@ -186,6 +198,14 @@ func (c *Client) findAuthorizations(ctx context.Context, tx *bolt.Tx, f platform f.UserID = &u.ID } + if f.Org != nil { + o, err := c.findOrganizationByName(ctx, tx, *f.Org) + if err != nil { + return nil, err + } + f.OrgID = &o.ID + } + as := []*platform.Authorization{} filterFn := filterAuthorizationsFn(f) err := c.forEachAuthorization(ctx, tx, func(a *platform.Authorization) bool { diff --git a/http/auth_service.go b/http/auth_service.go index fb9251255b..d78e3d251d 100644 --- a/http/auth_service.go +++ b/http/auth_service.go @@ -381,6 +381,20 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA req.filter.User = &user } + orgID := qp.Get("orgID") + if orgID != "" { + id, err := platform.IDFromString(orgID) + if err != nil { + return nil, err + } + req.filter.OrgID = id + } + + org := qp.Get("org") + if org != "" { + req.filter.Org = &org + } + authID := qp.Get("id") if authID != "" { id, err := platform.IDFromString(authID) @@ -665,6 +679,14 @@ func (s *AuthorizationService) FindAuthorizations(ctx context.Context, filter pl query.Add("user", *filter.User) } + if filter.OrgID != nil { + query.Add("orgID", filter.OrgID.String()) + } + + if filter.Org != nil { + query.Add("org", *filter.Org) + } + req.URL.RawQuery = query.Encode() SetToken(s.Token, req) diff --git a/http/swagger.yml b/http/swagger.yml index 62911f1998..bcff434829 100644 --- a/http/swagger.yml +++ b/http/swagger.yml @@ -2806,6 +2806,16 @@ paths: schema: type: string description: filter authorizations belonging to a user name + - in: query + name: orgID + schema: + type: string + description: filter authorizations belonging to a org id + - in: query + name: org + schema: + type: string + description: filter authorizations belonging to a org name responses: '200': description: A list of authorizations diff --git a/inmem/auth_service.go b/inmem/auth_service.go index 8deec1c982..9379a19058 100644 --- a/inmem/auth_service.go +++ b/inmem/auth_service.go @@ -86,6 +86,19 @@ func filterAuthorizationsFn(filter platform.AuthorizationFilter) func(a *platfor } } + // Filter by org and user + if filter.OrgID != nil && filter.UserID != nil { + return func(a *platform.Authorization) bool { + return a.OrgID == *filter.OrgID && a.UserID == *filter.UserID + } + } + + if filter.OrgID != nil { + return func(a *platform.Authorization) bool { + return a.OrgID == *filter.OrgID + } + } + if filter.UserID != nil { return func(a *platform.Authorization) bool { return a.UserID == *filter.UserID @@ -121,6 +134,18 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter platform.Author } filter.UserID = &u.ID } + + if filter.Org != nil { + o, err := s.findOrganizationByName(ctx, *filter.Org) + if err != nil { + return nil, 0, &platform.Error{ + Op: op, + Err: err, + } + } + filter.OrgID = &o.ID + } + var err error filterF := filterAuthorizationsFn(filter) s.authorizationKV.Range(func(k, v interface{}) bool { diff --git a/kv/auth.go b/kv/auth.go index 350f2628ec..e8b73a17db 100644 --- a/kv/auth.go +++ b/kv/auth.go @@ -140,6 +140,19 @@ func filterAuthorizationsFn(filter influxdb.AuthorizationFilter) func(a *influxd } } + // Filter by org and user + if filter.OrgID != nil && filter.UserID != nil { + return func(a *influxdb.Authorization) bool { + return a.OrgID == *filter.OrgID && a.UserID == *filter.UserID + } + } + + if filter.OrgID != nil { + return func(a *influxdb.Authorization) bool { + return a.OrgID == *filter.OrgID + } + } + if filter.UserID != nil { return func(a *influxdb.Authorization) bool { return a.UserID == *filter.UserID @@ -204,6 +217,14 @@ func (s *Service) findAuthorizations(ctx context.Context, tx Tx, f influxdb.Auth f.UserID = &u.ID } + if f.Org != nil { + o, err := s.findOrganizationByName(ctx, tx, *f.Org) + if err != nil { + return nil, err + } + f.OrgID = &o.ID + } + as := []*influxdb.Authorization{} filterFn := filterAuthorizationsFn(f) err := s.forEachAuthorization(ctx, tx, func(a *influxdb.Authorization) bool { diff --git a/testing/auth.go b/testing/auth.go index 0547074e34..d281abea7e 100644 --- a/testing/auth.go +++ b/testing/auth.go @@ -815,6 +815,7 @@ func FindAuthorizations( type args struct { ID platform.ID UserID platform.ID + OrgID platform.ID token string } @@ -954,6 +955,151 @@ func FindAuthorizations( }, }, }, + { + name: "find authorization by org id", + fields: AuthorizationFields{ + Users: []*platform.User{ + { + Name: "cooluser", + ID: MustIDBase16(userOneID), + }, + }, + Orgs: []*platform.Organization{ + { + Name: "o1", + ID: MustIDBase16(orgOneID), + }, + { + Name: "o2", + ID: MustIDBase16(orgTwoID), + }, + }, + Authorizations: []*platform.Authorization{ + { + ID: MustIDBase16(authOneID), + UserID: MustIDBase16(userOneID), + OrgID: MustIDBase16(orgOneID), + Status: platform.Active, + Token: "rand1", + Permissions: createUsersPermission(MustIDBase16(orgOneID)), + }, + { + ID: MustIDBase16(authTwoID), + UserID: MustIDBase16(userOneID), + OrgID: MustIDBase16(orgOneID), + Status: platform.Active, + Token: "rand2", + Permissions: deleteUsersPermission(MustIDBase16(orgOneID)), + }, + { + ID: MustIDBase16(authThreeID), + UserID: MustIDBase16(userOneID), + OrgID: MustIDBase16(orgTwoID), + Status: platform.Active, + Token: "rand3", + Permissions: allUsersPermission(MustIDBase16(orgTwoID)), + }, + }, + }, + args: args{ + OrgID: MustIDBase16(orgOneID), + }, + wants: wants{ + authorizations: []*platform.Authorization{ + { + ID: MustIDBase16(authOneID), + UserID: MustIDBase16(userOneID), + OrgID: MustIDBase16(orgOneID), + Status: platform.Active, + Token: "rand1", + Permissions: createUsersPermission(MustIDBase16(orgOneID)), + }, + { + ID: MustIDBase16(authTwoID), + UserID: MustIDBase16(userOneID), + OrgID: MustIDBase16(orgOneID), + Status: platform.Active, + Token: "rand2", + Permissions: deleteUsersPermission(MustIDBase16(orgOneID)), + }, + }, + }, + }, + { + name: "find authorization by org id and user id", + fields: AuthorizationFields{ + Users: []*platform.User{ + { + Name: "cooluser", + ID: MustIDBase16(userOneID), + }, + { + Name: "regularuser", + ID: MustIDBase16(userTwoID), + }, + }, + Orgs: []*platform.Organization{ + { + Name: "o1", + ID: MustIDBase16(orgOneID), + }, + { + Name: "o2", + ID: MustIDBase16(orgTwoID), + }, + }, + Authorizations: []*platform.Authorization{ + { + ID: MustIDBase16(authOneID), + UserID: MustIDBase16(userOneID), + OrgID: MustIDBase16(orgOneID), + Status: platform.Active, + Token: "rand1", + Permissions: allUsersPermission(MustIDBase16(orgOneID)), + }, + { + ID: MustIDBase16(authTwoID), + UserID: MustIDBase16(userOneID), + OrgID: MustIDBase16(orgTwoID), + Status: platform.Active, + Token: "rand2", + Permissions: allUsersPermission(MustIDBase16(orgTwoID)), + }, + { + ID: MustIDBase16(authThreeID), + UserID: MustIDBase16(userTwoID), + OrgID: MustIDBase16(orgOneID), + Status: platform.Active, + Token: "rand3", + Permissions: allUsersPermission(MustIDBase16(orgOneID)), + }, + { + ID: MustIDBase16(authThreeID), + UserID: MustIDBase16(userTwoID), + OrgID: MustIDBase16(orgTwoID), + Status: platform.Active, + Token: "rand4", + Permissions: allUsersPermission(MustIDBase16(orgTwoID)), + }, + }, + }, + args: args{ + UserID: MustIDBase16(userOneID), + OrgID: MustIDBase16(orgTwoID), + }, + wants: wants{ + authorizations: []*platform.Authorization{ + { + ID: MustIDBase16(authTwoID), + UserID: MustIDBase16(userOneID), + OrgID: MustIDBase16(orgTwoID), + Status: platform.Active, + Token: "rand2", + Permissions: allUsersPermission(MustIDBase16(orgTwoID)), + }, + }, + }, + }, { name: "find authorization by token", fields: AuthorizationFields{ @@ -1035,6 +1181,9 @@ func FindAuthorizations( if tt.args.UserID.Valid() { filter.UserID = &tt.args.UserID } + if tt.args.OrgID.Valid() { + filter.OrgID = &tt.args.OrgID + } if tt.args.token != "" { filter.Token = &tt.args.token }