init import

app/accoper/createacc.go

@@ -0,0 +1,64 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package accoper
+
+import (
+	"context"
+	"fmt"
+
+	"mbase/pkg/auxpwd"
+	"mbase/pkg/auxtool"
+	"mbase/pkg/auxuuid"
+	"mbase/pkg/descr"
+)
+
+type CreateAccountParams struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+type CreateAccountResult struct {
+	AccountID string `json:"accountId"`
+}
+
+func (oper *Operator) CreateAccount(ctx context.Context, operatorID string, params *CreateAccountParams) (*CreateAccountResult, error) {
+	var err error
+	res := &CreateAccountResult{}
+
+	if params.Username == "" {
+		err := fmt.Errorf("Empty username parameters")
+		return res, err
+	}
+
+	if params.Password == "" {
+		err := fmt.Errorf("Empty password parameter")
+		return res, err
+	}
+
+	accountExists, _, err := oper.mdb.GetAccountByUsername(ctx, params.Username)
+	if err != nil {
+		return res, err
+	}
+	if accountExists {
+		err := fmt.Errorf("Account with thist name already exists")
+		return res, err
+	}
+	now := auxtool.TimeNow()
+	passhash := auxpwd.MakeSHA256Hash([]byte(params.Password))
+	accountDescr := &descr.Account{
+		ID:        auxuuid.NewUUID(),
+		Username:  params.Username,
+		Passhash:  passhash,
+		Disabled:  false,
+		CreatedAt: now,
+		UpdatedAt: now,
+		CreatedBy: operatorID,
+		UpdatedBy: operatorID,
+	}
+	err = oper.mdb.InsertAccount(ctx, accountDescr)
+	if err != nil {
+		return res, err
+	}
+	res.AccountID = accountDescr.ID
+	return res, err
+}

app/accoper/creategrant.go

@@ -0,0 +1,97 @@
+package accoper
+
+import (
+	"context"
+	"fmt"
+	"regexp"
+
+	"mbase/pkg/auxtool"
+	"mbase/pkg/auxuuid"
+	"mbase/pkg/descr"
+)
+
+// CreateGrant
+type CreateGrantParams struct {
+	AccountID string `json:"accountID"`
+	Username  string `json:"username"`
+	Right     string `json:"operation"`
+	Pattern   string `json:"pattern"`
+}
+type CreateGrantResult struct {
+	GrantID string `json:"grantId"`
+}
+
+func (oper *Operator) CreateGrant(ctx context.Context, operatorID string, params *CreateGrantParams) (*CreateGrantResult, error) {
+	var err error
+	res := &CreateGrantResult{}
+
+	if params.AccountID == "" {
+		err := fmt.Errorf("Empty accountId parameters")
+		return res, err
+	}
+	if params.Right == "" {
+		err := fmt.Errorf("Empty operation parameter")
+		return res, err
+	}
+	if params.Pattern == "" {
+		err := fmt.Errorf("Empty pattern parameter")
+		return res, err
+	}
+
+	_, err = regexp.Compile(params.Pattern)
+	if err != nil {
+		err := fmt.Errorf("Cannot compile regexp %s: %v", err)
+		return res, err
+	}
+
+	var accountDescr *descr.Account
+	var accountExists bool
+	switch {
+	case params.AccountID != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByID(ctx, params.AccountID)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with ID %s dont exists", params.AccountID)
+			return res, err
+		}
+	case params.Username != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByUsername(ctx, params.Username)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with name %s dont exists", params.Username)
+			return res, err
+		}
+	default:
+		err := fmt.Errorf("Empty username and accountId parameter")
+		return res, err
+	}
+	grantExists, _, err := oper.mdb.GetGrantByAccoundIDRightPattern(ctx, params.AccountID, params.Right, params.Pattern)
+	if err != nil {
+		return res, err
+	}
+	if grantExists {
+		err := fmt.Errorf("Grant with this right already exists")
+		return res, err
+	}
+	now := auxtool.TimeNow()
+	grantDescr := &descr.Grant{
+		ID:        auxuuid.NewUUID(),
+		AccountID: accountDescr.ID,
+		Right:     params.Right,
+		Pattern:   params.Pattern,
+		CreatedAt: now,
+		UpdatedAt: now,
+		CreatedBy: operatorID,
+		UpdatedBy: operatorID,
+	}
+	err = oper.mdb.InsertGrant(ctx, grantDescr)
+	if err != nil {
+		return res, err
+	}
+	res.GrantID = grantDescr.ID
+	return res, err
+}

app/accoper/delacc.go

@@ -0,0 +1,66 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package accoper
+
+import (
+	"context"
+	"fmt"
+
+	"mbase/pkg/descr"
+)
+
+type DeleteAccountParams struct {
+	Username  string `json:"username"`
+	AccountID string `json:"accountId"`
+}
+type DeleteAccountResult struct{}
+
+func (oper *Operator) DeleteAccount(ctx context.Context, operatorID string, params *DeleteAccountParams) (*DeleteAccountResult, error) {
+	var err error
+	res := &DeleteAccountResult{}
+
+	if params.Username == "" && params.AccountID == "" {
+		err := fmt.Errorf("Empty username and accountId parameter")
+		return res, err
+	}
+
+	var accountDescr *descr.Account
+	var accountExists bool
+	switch {
+	case params.AccountID != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByID(ctx, params.AccountID)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with ID %s dont exists", params.AccountID)
+			return res, err
+		}
+	case params.Username != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByUsername(ctx, params.Username)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with name %s dont exists", params.Username)
+			return res, err
+		}
+	default:
+		err := fmt.Errorf("Empty username and accountId parameter")
+		return res, err
+	}
+	if accountDescr == nil {
+		err := fmt.Errorf("Null account desriptor")
+		return res, err
+	}
+	err = oper.mdb.DeleteAllGrantsForAccountID(ctx, accountDescr.ID)
+	if err != nil {
+		return res, err
+	}
+	err = oper.mdb.DeleteAccountByID(ctx, accountDescr.ID)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}

app/accoper/delgrant.go

@@ -0,0 +1,41 @@
+package accoper
+
+import (
+	"context"
+	"fmt"
+
+	"mbase/pkg/descr"
+)
+
+// DeleteGrant
+type DeleteGrantParams struct {
+	GrantID string `json:"grantId"`
+}
+type DeleteGrantResult struct{}
+
+func (oper *Operator) DeleteGrant(ctx context.Context, operatorID string, params *DeleteGrantParams) (*DeleteGrantResult, error) {
+	var err error
+	res := &DeleteGrantResult{}
+
+	if params.GrantID == "" {
+		err := fmt.Errorf("Empty grantId parameter")
+		return res, err
+	}
+
+	var grantDescr *descr.Grant
+	var grantExists bool
+
+	grantExists, grantDescr, err = oper.mdb.GetGrantByID(ctx, params.GrantID)
+	if err != nil {
+		return res, err
+	}
+	if !grantExists {
+		err := fmt.Errorf("Grant with ID %s dont exists", params.GrantID)
+		return res, err
+	}
+	err = oper.mdb.DeleteGrantByID(ctx, grantDescr.ID)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}

app/accoper/getacc.go

@@ -0,0 +1,78 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package accoper
+
+import (
+	"context"
+	"fmt"
+
+	"mbase/pkg/descr"
+)
+
+// GetAccount
+type GetAccountParams struct {
+	Username  string `json:"username"`
+	AccountID string `json:"accountId"`
+}
+type GetAccountResult struct {
+	Account *descr.AccountShort `json:"account"`
+}
+
+func (oper *Operator) GetAccount(ctx context.Context, operatorID string, params *GetAccountParams) (*GetAccountResult, error) {
+	var err error
+	res := &GetAccountResult{}
+
+	if params.Username == "" && params.AccountID == "" {
+		err := fmt.Errorf("Empty username and accountId parameter")
+		return res, err
+	}
+
+	var accountDescr *descr.Account
+	var accountExists bool
+	switch {
+	case params.AccountID != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByID(ctx, params.AccountID)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with ID %s dont exists", params.AccountID)
+			return res, err
+		}
+	case params.Username != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByUsername(ctx, params.Username)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with name %s dont exists", params.Username)
+			return res, err
+		}
+	default:
+		err := fmt.Errorf("Empty username and accountId parameter")
+		return res, err
+	}
+	if accountDescr == nil {
+		err := fmt.Errorf("Null account desriptor")
+		return res, err
+	}
+	accountShort := &descr.AccountShort{
+		ID:        accountDescr.ID,
+		Username:  accountDescr.Username,
+		CreatedAt: accountDescr.CreatedAt,
+		UpdatedAt: accountDescr.UpdatedAt,
+		CreatedBy: accountDescr.CreatedBy,
+		UpdatedBy: accountDescr.UpdatedBy,
+		Disabled:  accountDescr.Disabled,
+		Grants:    make([]descr.Grant, 0),
+	}
+	grantDescrs, err := oper.mdb.ListGrantsByAccountID(ctx, accountDescr.ID)
+	if err != nil {
+		return res, err
+	}
+	accountShort.Grants = grantDescrs
+
+	res.Account = accountShort
+	return res, err
+}

app/accoper/getgrant.go

@@ -0,0 +1,40 @@
+package accoper
+
+import (
+	"context"
+	"fmt"
+
+	"mbase/pkg/descr"
+)
+
+// Get Grants
+type GetGrantParams struct {
+	GrantID string `json:"grantId"`
+}
+type GetGrantResult struct {
+	Grant *descr.Grant `json:"grant"`
+}
+
+func (oper *Operator) GetGrant(ctx context.Context, operatorID string, params *GetGrantParams) (*GetGrantResult, error) {
+	var err error
+	res := &GetGrantResult{}
+
+	if params.GrantID == "" {
+		err := fmt.Errorf("Empty grantId parameter")
+		return res, err
+	}
+
+	var grantDescr *descr.Grant
+	var grantExists bool
+	grantExists, grantDescr, err = oper.mdb.GetGrantByID(ctx, params.GrantID)
+	if err != nil {
+		return res, err
+	}
+	if !grantExists {
+		err := fmt.Errorf("Grant with ID %s dont exists", params.GrantID)
+		return res, err
+	}
+
+	res.Grant = grantDescr
+	return res, err
+}

app/accoper/listacc.go

@@ -0,0 +1,44 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package accoper
+
+import (
+	"context"
+
+	"mbase/pkg/descr"
+)
+
+type ListAccountsParams struct{}
+type ListAccountsResult struct {
+	Accounts []descr.AccountShort `json:"accounts"`
+}
+
+func (oper *Operator) ListAccounts(ctx context.Context, params *ListAccountsParams) (*ListAccountsResult, error) {
+	var err error
+	res := &ListAccountsResult{}
+
+	accountDescrs, err := oper.mdb.ReducedListAccounts(ctx)
+	if err != nil {
+		return res, err
+	}
+	for _, accountDescr := range accountDescrs {
+		accountShort := descr.AccountShort{
+			ID:        accountDescr.ID,
+			Username:  accountDescr.Username,
+			Disabled:  accountDescr.Disabled,
+			CreatedAt: accountDescr.CreatedAt,
+			UpdatedAt: accountDescr.UpdatedAt,
+			CreatedBy: accountDescr.CreatedBy,
+			UpdatedBy: accountDescr.UpdatedBy,
+			Grants:    make([]descr.Grant, 0),
+		}
+		grantDescrs, err := oper.mdb.ListGrantsByAccountID(ctx, accountDescr.ID)
+		if err != nil {
+			return res, err
+		}
+		accountShort.Grants = grantDescrs
+		res.Accounts = append(res.Accounts, accountShort)
+	}
+	return res, err
+}

app/accoper/listgrant.go

@@ -0,0 +1,56 @@
+package accoper
+
+import (
+	"context"
+	"fmt"
+
+	"mbase/pkg/descr"
+)
+
+// ListGrants
+type ListGrantsParams struct {
+	Username  string
+	AccountID string
+}
+type ListGrantsResult struct {
+	Grants []descr.Grant `json:"grants"`
+}
+
+func (oper *Operator) ListGrants(ctx context.Context, operatorID string, params *ListGrantsParams) (*ListGrantsResult, error) {
+	var err error
+	res := &ListGrantsResult{
+		Grants: make([]descr.Grant, 0),
+	}
+	var accountDescr *descr.Account
+	var accountExists bool
+	switch {
+	case params.AccountID != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByID(ctx, params.AccountID)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with ID %s dont exists", params.AccountID)
+			return res, err
+		}
+	case params.Username != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByUsername(ctx, params.Username)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with name %s dont exists", params.Username)
+			return res, err
+		}
+	default:
+		err := fmt.Errorf("Empty username and accountId parameter")
+		return res, err
+	}
+	accountID := accountDescr.ID
+	grantDescrs, err := oper.mdb.ListGrantsByAccountID(ctx, accountID)
+	if err != nil {
+		return res, err
+	}
+	res.Grants = grantDescrs
+	return res, err
+}

app/accoper/operator.go

@@ -0,0 +1,27 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package accoper
+
+import (
+	"mbase/app/logger"
+	"mbase/app/maindb"
+)
+
+type OperatorParams struct {
+	MainDB *maindb.Database
+}
+
+type Operator struct {
+	mdb   *maindb.Database
+	logg  *logger.Logger
+}
+
+func NewOperator(params *OperatorParams) (*Operator, error) {
+	var err error
+	oper := &Operator{
+		mdb:   params.MainDB,
+	}
+	oper.logg = logger.NewLoggerWithSubject("imageoper")
+	return oper, err
+}

app/accoper/updacc.go

@@ -0,0 +1,80 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package accoper
+
+import (
+	"context"
+	"fmt"
+
+	"mbase/pkg/auxpwd"
+	"mbase/pkg/auxtool"
+	"mbase/pkg/descr"
+)
+
+type UpdateAccountParams struct {
+	Username    string `json:"username"`
+	AccountID   string `json:"accountId"`
+	NewUsername string `json:"newUsername"`
+	NewPassword string `json:"newPassword"`
+	Disabled    bool   `json:"disabled"`
+}
+type UpdateAccountResult struct{}
+
+func (oper *Operator) UpdateAccount(ctx context.Context, operatorID string, params *UpdateAccountParams) (*UpdateAccountResult, error) {
+	var err error
+	res := &UpdateAccountResult{}
+	if params.Username == "" && params.AccountID == "" {
+		err := fmt.Errorf("Empty username and accountId parameter")
+		return res, err
+	}
+	var accountDescr *descr.Account
+	var accountExists bool
+	switch {
+	case params.AccountID != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByID(ctx, params.AccountID)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with ID %s dont exists", params.AccountID)
+			return res, err
+		}
+	case params.Username != "":
+		accountExists, accountDescr, err = oper.mdb.GetAccountByUsername(ctx, params.Username)
+		if err != nil {
+			return res, err
+		}
+		if !accountExists {
+			err := fmt.Errorf("Account with name %s dont exists", params.Username)
+			return res, err
+		}
+	default:
+		err := fmt.Errorf("Empty username and accountId parameter")
+		return res, err
+	}
+	if accountDescr == nil {
+		err := fmt.Errorf("Null account desriptor")
+		return res, err
+	}
+	now := auxtool.TimeNow()
+	if params.NewUsername != "" {
+		accountDescr.UpdatedAt = now
+		accountDescr.Username = params.NewUsername
+	}
+	if params.NewPassword != "" {
+		accountDescr.UpdatedAt = now
+		passhash := auxpwd.MakeSHA256Hash([]byte(params.NewPassword))
+		accountDescr.Passhash = passhash
+	}
+	if params.Disabled != accountDescr.Disabled {
+		accountDescr.UpdatedAt = now
+		accountDescr.Disabled = params.Disabled
+	}
+
+	err = oper.mdb.UpdateAccountByID(ctx, accountDescr.ID, accountDescr)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}

app/accoper/updgrant.go

@@ -0,0 +1,52 @@
+package accoper
+
+import (
+	"context"
+	"fmt"
+
+	"mbase/pkg/auxtool"
+	"mbase/pkg/descr"
+)
+
+// UpdateGrant
+type UpdateGrantParams struct {
+	GrantID    string
+	NewPattern string
+}
+type UpdateGrantResult struct{}
+
+func (oper *Operator) UpdateGrant(ctx context.Context, operatorID string, params *UpdateGrantParams) (*UpdateGrantResult, error) {
+	var err error
+	res := &UpdateGrantResult{}
+
+	if params.NewPattern == "" {
+		err := fmt.Errorf("Empty newPattern parameter")
+		return res, err
+	}
+	if params.GrantID == "" {
+		err := fmt.Errorf("Empty grantId parameter")
+		return res, err
+	}
+	var grantDescr *descr.Grant
+	var grantExists bool
+
+	grantExists, grantDescr, err = oper.mdb.GetGrantByID(ctx, params.GrantID)
+	if err != nil {
+		return res, err
+	}
+	if !grantExists {
+		err := fmt.Errorf("Grant with ID %s dont exists", params.GrantID)
+		return res, err
+	}
+	now := auxtool.TimeNow()
+	if params.NewPattern != "" {
+		grantDescr.UpdatedAt = now
+		grantDescr.UpdatedBy = operatorID
+		grantDescr.Pattern = params.NewPattern
+	}
+	err = oper.mdb.UpdateGrantByID(ctx, grantDescr.ID, grantDescr)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}