ziggi/certmanager
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
master
certmanager/internal/logic/account.go
Олег Бородин 0bafb086bc certmanager updates
2024-08-10 15:08:14 +02:00

216 lines
5.5 KiB
Go
Raw Permalink Blame History

package logic
import (
"context"
"fmt"
"time"
"certmanager/internal/descriptor"
"certmanager/pkg/auxid"
"certmanager/pkg/cmctl"
)
func (lg *Logic) ValidateAcount(ctx context.Context, username, password string) (bool, int64, error) {
var err error
var accountID int64
var valid bool
accountExists, accountDescr, err := lg.db.GetAccountByUsername(ctx, username)
if !accountExists {
err := fmt.Errorf("Account not exists")
return valid, accountID, err
}
if password != accountDescr.Password {
err := fmt.Errorf("Login data mismatch")
return valid, accountID, err
}
valid = true
accountID = accountDescr.ID
return valid, accountID, err
}
func (lg *Logic) CreateAccount(ctx context.Context, accountID int64, params *cmctl.CreateAccountParams) (*cmctl.CreateAccountResult, error) {
var err error
res := &cmctl.CreateAccountResult{}
grantExists, _, err := lg.db.GetGrant(ctx, accountID, descriptor.GrantModifyUsers)
if err != nil {
return res, err
}
if !grantExists {
err := fmt.Errorf("Operation not allowed for the user")
return res, err
}
if params.Username == "" {
err := fmt.Errorf("Empty username parameters")
return res, err
}
if params.Password == "" {
err := fmt.Errorf("Empty password parameter")
return res, err
}
accountExists, _, err := lg.db.GetAccountByUsername(ctx, params.Username)
if err != nil {
return res, err
}
if accountExists {
err := fmt.Errorf("Account with thist name already exists")
return res, err
}
now := time.Now().Format(time.RFC3339)
accountDescr := &descriptor.Account{
ID: auxid.GenID(),
Username: params.Username,
Password: params.Password,
Disabled: false,
CreatedAt: now,
UpdatedAt: now,
}
err = lg.db.InsertAccount(ctx, accountDescr)
if err != nil {
return res, err
}
res.AccountID = accountDescr.ID
return res, err
}
func (lg *Logic) UpdateAccount(ctx context.Context, accountID int64, params *cmctl.UpdateAccountParams) (*cmctl.UpdateAccountResult, error) {
var err error
res := &cmctl.UpdateAccountResult{}
grantExists, _, err := lg.db.GetGrant(ctx, accountID, descriptor.GrantModifyUsers)
if err != nil {
return res, err
}
if !grantExists {
err := fmt.Errorf("Operation not allowed for the user")
return res, err
}
var accountDescr *descriptor.Account
var accountExists bool
switch {
case params.AccountID != 0:
accountExists, accountDescr, err = lg.db.GetAccountByID(ctx, params.AccountID)
if err != nil {
return res, err
}
case params.Username != "":
accountExists, accountDescr, err = lg.db.GetAccountByUsername(ctx, params.Username)
if err != nil {
return res, err
}
}
if !accountExists {
err := fmt.Errorf("Account with this is or name dont exists")
return res, err
}
now := time.Now().Format(time.RFC3339)
if params.NewUsername != "" {
accountDescr.UpdatedAt = now
accountDescr.Username = params.NewUsername
}
if params.NewPassword != "" {
accountDescr.UpdatedAt = now
accountDescr.Password = params.NewPassword
}
if params.Disabled != accountDescr.Disabled {
accountDescr.UpdatedAt = now
accountDescr.Disabled = params.Disabled
}
err = lg.db.UpdateAccountByID(ctx, accountDescr.ID, accountDescr)
if err != nil {
return res, err
}
return res, err
}
func (lg *Logic) DeleteAccount(ctx context.Context, accountID int64, params *cmctl.DeleteAccountParams) (*cmctl.DeleteAccountResult, error) {
var err error
res := &cmctl.DeleteAccountResult{}
grantExists, _, err := lg.db.GetGrant(ctx, accountID, descriptor.GrantModifyUsers)
if err != nil {
return res, err
}
if !grantExists {
err := fmt.Errorf("Operation not allowed for the user")
return res, err
}
var accountDescr *descriptor.Account
var accountExists bool
switch {
case params.AccountID != 0:
accountExists, accountDescr, err = lg.db.GetAccountByID(ctx, params.AccountID)
if err != nil {
return res, err
}
case params.Username != "":
accountExists, accountDescr, err = lg.db.GetAccountByUsername(ctx, params.Username)
if err != nil {
return res, err
}
}
if !accountExists {
err := fmt.Errorf("Account with this is or name dont exists")
return res, err
}
err = lg.db.DeleteAllGrantsForAccountID(ctx, accountDescr.ID)
if err != nil {
return res, err
}
err = lg.db.DeleteAccountByID(ctx, accountDescr.ID)
if err != nil {
return res, err
}
return res, err
}
func (lg *Logic) ListAccounts(ctx context.Context, accountID int64, params *cmctl.ListAccountsParams) (*cmctl.ListAccountsResult, error) {
var err error
res := &cmctl.ListAccountsResult{
Accounts: make([]*cmctl.AccountShortDescr, 0),
}
grantExists, _, err := lg.db.GetGrant(ctx, accountID, descriptor.GrantModifyUsers)
if err != nil {
return res, err
}
if !grantExists {
err := fmt.Errorf("Operation not allowed for the user")
return res, err
}
accountDescrs, err := lg.db.ListAccounts(ctx)
if err != nil {
return res, err
}
for _, accountDescr := range accountDescrs {
accountShortDescr := &cmctl.AccountShortDescr{
Username: accountDescr.Username,
Disabled: accountDescr.Disabled,
CreatedAt: accountDescr.CreatedAt,
UpdatedAt: accountDescr.UpdatedAt,
Grants: make([]*cmctl.GrantShortDescr, 0),
}
grantDescrs, err := lg.db.ListGrantsByAccountID(ctx, accountDescr.ID)
if err != nil {
return res, err
}
for _, grantDescrs := range grantDescrs {
grantShortDescrs := &cmctl.GrantShortDescr{
Operation: grantDescrs.Operation,
CreatedAt: grantDescrs.CreatedAt,
}
accountShortDescr.Grants = append(accountShortDescr.Grants, grantShortDescrs)
}
res.Accounts = append(res.Accounts, accountShortDescr)
}
return res, err
}
Reference in New Issue View Git Blame Copy Permalink