Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #13391 from zhulongcheng/find-auth-by-org 

feat(http): find auths by org
pull/13392/head
Jade McGough 2019-04-14 18:56:37 -07:00 committed by GitHub
parent 5dfb7660f6 d5917878d0
commit b87c4b57bc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 250 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
auth.go
View File

@ -117,4 +117,7 @@ type AuthorizationFilter struct {
UserID *ID
User *string
OrgID *ID
Org *string
}

20
bolt/authorization.go
View File

@ -118,6 +118,18 @@ func filterAuthorizationsFn(filter platform.AuthorizationFilter) func(a *platfor
return a.Token == *filter.Token
}
}
// Filter by org and user
if filter.OrgID != nil && filter.UserID != nil {
return func(a *platform.Authorization) bool {
return a.OrgID == *filter.OrgID && a.UserID == *filter.UserID
}
}
if filter.OrgID != nil {
return func(a *platform.Authorization) bool {
return a.OrgID == *filter.OrgID
}
}
if filter.UserID != nil {
return func(a *platform.Authorization) bool {
@ -186,6 +198,14 @@ func (c *Client) findAuthorizations(ctx context.Context, tx *bolt.Tx, f platform
f.UserID = &u.ID
}
if f.Org != nil {
o, err := c.findOrganizationByName(ctx, tx, *f.Org)
if err != nil {
return nil, err
}
f.OrgID = &o.ID
}
as := []*platform.Authorization{}
filterFn := filterAuthorizationsFn(f)
err := c.forEachAuthorization(ctx, tx, func(a *platform.Authorization) bool {

22
http/auth_service.go
View File

@ -381,6 +381,20 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA
req.filter.User = &user
}
orgID := qp.Get("orgID")
if orgID != "" {
id, err := platform.IDFromString(orgID)
if err != nil {
return nil, err
}
req.filter.OrgID = id
}
org := qp.Get("org")
if org != "" {
req.filter.Org = &org
}
authID := qp.Get("id")
if authID != "" {
id, err := platform.IDFromString(authID)
@ -665,6 +679,14 @@ func (s *AuthorizationService) FindAuthorizations(ctx context.Context, filter pl
query.Add("user", *filter.User)
}
if filter.OrgID != nil {
query.Add("orgID", filter.OrgID.String())
}
if filter.Org != nil {
query.Add("org", *filter.Org)
}
req.URL.RawQuery = query.Encode()
SetToken(s.Token, req)

10
http/swagger.yml
View File

@ -2806,6 +2806,16 @@ paths:
schema:
type: string
description: filter authorizations belonging to a user name
- in: query
name: orgID
schema:
type: string
description: filter authorizations belonging to a org id
- in: query
name: org
schema:
type: string
description: filter authorizations belonging to a org name
responses:
'200':
description: A list of authorizations

25
inmem/auth_service.go
View File

@ -86,6 +86,19 @@ func filterAuthorizationsFn(filter platform.AuthorizationFilter) func(a *platfor
}
}
// Filter by org and user
if filter.OrgID != nil && filter.UserID != nil {
return func(a *platform.Authorization) bool {
return a.OrgID == *filter.OrgID && a.UserID == *filter.UserID
}
}
if filter.OrgID != nil {
return func(a *platform.Authorization) bool {
return a.OrgID == *filter.OrgID
}
}
if filter.UserID != nil {
return func(a *platform.Authorization) bool {
return a.UserID == *filter.UserID
@ -121,6 +134,18 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter platform.Author
}
filter.UserID = &u.ID
}
if filter.Org != nil {
o, err := s.findOrganizationByName(ctx, *filter.Org)
if err != nil {
return nil, 0, &platform.Error{
Op: op,
Err: err,
}
}
filter.OrgID = &o.ID
}
var err error
filterF := filterAuthorizationsFn(filter)
s.authorizationKV.Range(func(k, v interface{}) bool {

21
kv/auth.go
View File

@ -140,6 +140,19 @@ func filterAuthorizationsFn(filter influxdb.AuthorizationFilter) func(a *influxd
}
}
// Filter by org and user
if filter.OrgID != nil && filter.UserID != nil {
return func(a *influxdb.Authorization) bool {
return a.OrgID == *filter.OrgID && a.UserID == *filter.UserID
}
}
if filter.OrgID != nil {
return func(a *influxdb.Authorization) bool {
return a.OrgID == *filter.OrgID
}
}
if filter.UserID != nil {
return func(a *influxdb.Authorization) bool {
return a.UserID == *filter.UserID
@ -204,6 +217,14 @@ func (s *Service) findAuthorizations(ctx context.Context, tx Tx, f influxdb.Auth
f.UserID = &u.ID
}
if f.Org != nil {
o, err := s.findOrganizationByName(ctx, tx, *f.Org)
if err != nil {
return nil, err
}
f.OrgID = &o.ID
}
as := []*influxdb.Authorization{}
filterFn := filterAuthorizationsFn(f)
err := s.forEachAuthorization(ctx, tx, func(a *influxdb.Authorization) bool {

149
testing/auth.go
View File

@ -815,6 +815,7 @@ func FindAuthorizations(
type args struct {
ID platform.ID
UserID platform.ID
OrgID platform.ID
token string
}
@ -954,6 +955,151 @@ func FindAuthorizations(
},
},
},
{
name: "find authorization by org id",
fields: AuthorizationFields{
Users: []*platform.User{
{
Name: "cooluser",
ID: MustIDBase16(userOneID),
},
},
Orgs: []*platform.Organization{
{
Name: "o1",
ID: MustIDBase16(orgOneID),
},
{
Name: "o2",
ID: MustIDBase16(orgTwoID),
},
},
Authorizations: []*platform.Authorization{
{
ID: MustIDBase16(authOneID),
UserID: MustIDBase16(userOneID),
OrgID: MustIDBase16(orgOneID),
Status: platform.Active,
Token: "rand1",
Permissions: createUsersPermission(MustIDBase16(orgOneID)),
},
{
ID: MustIDBase16(authTwoID),
UserID: MustIDBase16(userOneID),
OrgID: MustIDBase16(orgOneID),
Status: platform.Active,
Token: "rand2",
Permissions: deleteUsersPermission(MustIDBase16(orgOneID)),
},
{
ID: MustIDBase16(authThreeID),
UserID: MustIDBase16(userOneID),
OrgID: MustIDBase16(orgTwoID),
Status: platform.Active,
Token: "rand3",
Permissions: allUsersPermission(MustIDBase16(orgTwoID)),
},
},
},
args: args{
OrgID: MustIDBase16(orgOneID),
},
wants: wants{
authorizations: []*platform.Authorization{
{
ID: MustIDBase16(authOneID),
UserID: MustIDBase16(userOneID),
OrgID: MustIDBase16(orgOneID),
Status: platform.Active,
Token: "rand1",
Permissions: createUsersPermission(MustIDBase16(orgOneID)),
},
{
ID: MustIDBase16(authTwoID),
UserID: MustIDBase16(userOneID),
OrgID: MustIDBase16(orgOneID),
Status: platform.Active,
Token: "rand2",
Permissions: deleteUsersPermission(MustIDBase16(orgOneID)),
},
},
},
},
{
name: "find authorization by org id and user id",
fields: AuthorizationFields{
Users: []*platform.User{
{
Name: "cooluser",
ID: MustIDBase16(userOneID),
},
{
Name: "regularuser",
ID: MustIDBase16(userTwoID),
},
},
Orgs: []*platform.Organization{
{
Name: "o1",
ID: MustIDBase16(orgOneID),
},
{
Name: "o2",
ID: MustIDBase16(orgTwoID),
},
},
Authorizations: []*platform.Authorization{
{
ID: MustIDBase16(authOneID),
UserID: MustIDBase16(userOneID),
OrgID: MustIDBase16(orgOneID),
Status: platform.Active,
Token: "rand1",
Permissions: allUsersPermission(MustIDBase16(orgOneID)),
},
{
ID: MustIDBase16(authTwoID),
UserID: MustIDBase16(userOneID),
OrgID: MustIDBase16(orgTwoID),
Status: platform.Active,
Token: "rand2",
Permissions: allUsersPermission(MustIDBase16(orgTwoID)),
},
{
ID: MustIDBase16(authThreeID),
UserID: MustIDBase16(userTwoID),
OrgID: MustIDBase16(orgOneID),
Status: platform.Active,
Token: "rand3",
Permissions: allUsersPermission(MustIDBase16(orgOneID)),
},
{
ID: MustIDBase16(authThreeID),
UserID: MustIDBase16(userTwoID),
OrgID: MustIDBase16(orgTwoID),
Status: platform.Active,
Token: "rand4",
Permissions: allUsersPermission(MustIDBase16(orgTwoID)),
},
},
},
args: args{
UserID: MustIDBase16(userOneID),
OrgID: MustIDBase16(orgTwoID),
},
wants: wants{
authorizations: []*platform.Authorization{
{
ID: MustIDBase16(authTwoID),
UserID: MustIDBase16(userOneID),
OrgID: MustIDBase16(orgTwoID),
Status: platform.Active,
Token: "rand2",
Permissions: allUsersPermission(MustIDBase16(orgTwoID)),
},
},
},
},
{
name: "find authorization by token",
fields: AuthorizationFields{
@ -1035,6 +1181,9 @@ func FindAuthorizations(
if tt.args.UserID.Valid() {
filter.UserID = &tt.args.UserID
}
if tt.args.OrgID.Valid() {
filter.OrgID = &tt.args.OrgID
}
if tt.args.token != "" {
filter.Token = &tt.args.token
}