Ejemplo n.º 1
0
func generateAppToken(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	userID, _ := util.GetUserIDFromContext(ctx)
	appID, _ := util.GetParamValueAsID(ctx, "appID")
	generateAppTokenReq := ctx.Value(constants.CtxKeyParsedBody).(*generateAppTokenRequest)

	if !data.DB.App.HasPermission(appID, userID, data.ADMIN, data.OWNER) {
		utils.RespondEx(w, nil, 0, errors.ErrorAuthorizeAccess)
		return
	}

	permission, err := data.GetPermssionString(*generateAppTokenReq.Permission)

	if err != nil {
		utils.RespondEx(w, nil, 0, errors.ErrorSomethingWentWrong)
		return
	}

	claims := map[string]interface{}{
		"app_id":     fmt.Sprintf("%v", appID),
		"permission": fmt.Sprintf("%v", permission),
	}
	_, tokenStr, err := security.TokenAuth.Encode(claims)

	if err != nil {
		utils.RespondEx(w, nil, 0, errors.ErrorSomethingWentWrong)
		return
	}

	utils.RespondEx(w, generateAppTokenResponse{Token: tokenStr}, http.StatusOK, nil)
}
Ejemplo n.º 2
0
func lockRelease(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	userID, _ := util.GetUserIDFromContext(ctx)
	appID, _ := util.GetParamValueAsID(ctx, "appID")
	releaseID, _ := util.GetParamValueAsID(ctx, "releaseID")

	err := data.DB.Release.LockRelease(releaseID, appID, userID)
	utils.RespondEx(w, nil, 0, err)
}
Ejemplo n.º 3
0
func getAllBundles(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	userID, _ := util.GetUserIDFromContext(ctx)
	appID, _ := util.GetParamValueAsID(ctx, "appID")
	releaseID, _ := util.GetParamValueAsID(ctx, "releaseID")

	bundles, err := data.DB.Bundle.FindAllBundles(releaseID, appID, userID)
	utils.RespondEx(w, bundles, 0, err)
}
Ejemplo n.º 4
0
func getAllReleases(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	//get userID and appID
	userID, _ := util.GetUserIDFromContext(ctx)
	appID, _ := util.GetParamValueAsID(ctx, "appID")

	releases, err := data.DB.Release.FindAllReleases(userID, appID)

	utils.RespondEx(w, releases, 0, err)
}
Ejemplo n.º 5
0
func deleteBundle(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	userID, _ := util.GetUserIDFromContext(ctx)
	appID, _ := util.GetParamValueAsID(ctx, "appID")
	releaseID, _ := util.GetParamValueAsID(ctx, "releaseID")
	bundleID, _ := util.GetParamValueAsID(ctx, "bundleID")

	err := data.DB.Bundle.RemoveBundle(bundleID, releaseID, appID, userID)
	utils.RespondEx(w, nil, 0, err)
}
Ejemplo n.º 6
0
func loginUser(w http.ResponseWriter, email, password string) {
	user, err := data.DB.User.FindByEmailPassword(email, password)

	if err != nil {
		utils.RespondEx(w, nil, 0, errors.ErrorAuthorizeAccess)
		return
	}

	claims := map[string]interface{}{"user_id": fmt.Sprintf("%v", user.ID)}
	_, tokenStr, err := security.TokenAuth.Encode(claims)
	if err != nil {
		security.RemoveJwtCookie(w)
		utils.RespondEx(w, nil, 0, errors.ErrorAuthorizeAccess)
		return
	}

	security.SetJwtCookie(tokenStr, w)
	utils.RespondEx(w, loginResponse{ID: user.ID, Jwt: tokenStr}, 0, nil)
}
Ejemplo n.º 7
0
func updateRelease(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	userID, _ := util.GetUserIDFromContext(ctx)
	appID, _ := util.GetParamValueAsID(ctx, "appID")
	releaseID, _ := util.GetParamValueAsID(ctx, "releaseID")

	//grabing update release request
	updateReleaseReq := ctx.Value(constants.CtxKeyParsedBody).(*updateReleaseRequest)

	err := data.DB.Release.UpdateRelease(updateReleaseReq.Note, updateReleaseReq.Platform, updateReleaseReq.Version, releaseID, appID, userID)
	utils.RespondEx(w, nil, 0, err)
}
Ejemplo n.º 8
0
func register(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	registerReq := ctx.Value(constants.CtxKeyParsedBody).(*registerRequest)

	_, err := data.DB.User.Create(*registerReq.Fullname, *registerReq.Email, *registerReq.Password)
	if err != nil {
		utils.RespondEx(w, nil, 0, err)
		return
	}

	loginUser(w, *registerReq.Email, *registerReq.Password)
}
Ejemplo n.º 9
0
func acceptAppToken(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	userID, _ := util.GetUserIDFromContext(ctx)
	appID, _ := util.GetParamValueAsID(ctx, "appID")
	appTokenReq := ctx.Value(constants.CtxKeyParsedBody).(*appTokenRequest)

	//decode jwt token
	token, err := security.TokenAuth.Decode(*appTokenReq.Token)
	if err != nil || !token.Valid {
		utils.RespondEx(w, nil, 401, errors.ErrorAuthorizeAccess)
		return
	}

	tokenAppID, err := strconv.ParseInt(token.Claims["app_id"].(string), 10, 64)
	if err != nil || tokenAppID != appID {
		utils.RespondEx(w, nil, 402, errors.ErrorAuthorizeAccess)
		return
	}

	tokenPermission, err := data.GetPermissionByName(token.Claims["permission"].(string))
	if err != nil || tokenPermission == data.ANONYMOUSE {
		utils.RespondEx(w, nil, 403, errors.ErrorAuthorizeAccess)
		return
	}

	//check if user has already have an access
	if data.DB.App.HasPermission(appID, userID, data.ADMIN, data.OWNER, data.MEMBER) {
		utils.RespondEx(w, nil, 404, errors.ErrorAlreadyAcceessed)
		return
	}

	//try to grand access to app with authorized permission
	if !data.DB.App.GrantAccess(appID, userID, tokenPermission) {
		utils.RespondEx(w, nil, 405, errors.ErrorAppNotFound)
		return
	}

	utils.Respond(w, 200, nil)
}
Ejemplo n.º 10
0
func downloadBundle(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	userID, _ := util.GetUserIDFromContext(ctx)
	appID, _ := util.GetParamValueAsID(ctx, "appID")
	releaseID, _ := util.GetParamValueAsID(ctx, "releaseID")

	bundles, err := data.DB.Bundle.FindAllBundles(releaseID, appID, userID)

	if err != nil {
		utils.RespondEx(w, nil, 0, err)
		return
	}

	//set the header to application/zip
	w.Header().Set("Content-Type", "application/zip")

	//zip the files
	compress := zip.NewWriter(w)
	defer compress.Close()

	type meta struct {
		Name string `json:"actual_file_name"`
		File string `json:"file_name"`
	}

	var bundleMeta []*meta
	bundleMeta = make([]*meta, 0)

	for _, bundle := range bundles {
		bundleMeta = append(bundleMeta, &meta{Name: bundle.Name, File: bundle.Hash})

		//create a file with hash name
		conatinFile, _ := compress.Create(bundle.Hash)
		targetFile, _ := os.Open(config.Conf.FileUpload.Bundle + bundle.Hash)

		io.Copy(conatinFile, targetFile)

		targetFile.Close()
	}

	//bundle meta information which maps every file inside the zip file
	bundle, _ := compress.Create("bundle.json")
	json.NewEncoder(bundle).Encode(bundleMeta)
}
Ejemplo n.º 11
0
func uploadBundles(ctx context.Context, w http.ResponseWriter, r *http.Request) {
	userID, _ := util.GetUserIDFromContext(ctx)
	appID, _ := util.GetParamValueAsID(ctx, "appID")
	releaseID, _ := util.GetParamValueAsID(ctx, "releaseID")

	//check if user has permission admin or owner
	if !data.DB.App.HasPermission(appID, userID, data.ADMIN, data.OWNER) {
		utils.RespondEx(w, nil, 0, internalErrors.ErrorAuthorizeAccess)
		return
	}

	if err := r.ParseMultipartForm(config.Conf.FileUpload.MaxSize); err != nil {
		utils.RespondEx(w, nil, 0, internalErrors.ErrorSomethingWentWrong)
		logme.Warn(err.Error())
		return
	}

	var fileInfos []*common.FileInfo
	var path string

	fileInfos = make([]*common.FileInfo, 0)

	//saving all the files into temp folder
	for _, fileHeaders := range r.MultipartForm.File {
		for _, fileHeader := range fileHeaders {
			file, _ := fileHeader.Open()
			path = config.Conf.FileUpload.Temp + uuid()
			if err := copyDataToFile(file, path); err != nil {
				utils.RespondEx(w, nil, 0, internalErrors.ErrorSomethingWentWrong)
				logme.Warn(err.Error())
				return
			}

			file.Close()

			hash, err := crypto.HashFile(path)
			if err != nil {
				utils.RespondEx(w, nil, 0, internalErrors.ErrorSomethingWentWrong)
				logme.Warn(err.Error())
				return
			}

			fileInfos = append(fileInfos, &common.FileInfo{
				Filename:     fileHeader.Filename,
				Hash:         hash,
				TempLocation: path,
			})
		}
	}

	bundles, err := data.DB.Bundle.UploadBundles(releaseID, appID, userID, fileInfos)

	if err != nil {
		logme.Warn(err.Error())
		//remove all temp files
		for _, fileInfo := range fileInfos {
			os.Remove(fileInfo.TempLocation)
		}
	} else {
		for _, fileInfo := range fileInfos {
			err = os.Rename(fileInfo.TempLocation, config.Conf.FileUpload.Bundle+fileInfo.Hash)
			logme.Info(fileInfo.TempLocation)
			if err != nil {
				logme.Warn(err.Error())
			}
		}
	}

	utils.RespondEx(w, bundles, 0, err)
}