func (app *AdminApp) LoadOrgEntity() {
logger.Info("Loading org entity")
var err error
orgId := app.config.org.Data.Id
app.fs.api.Authenticate(orgId, "")
orgPublicJson, err := app.fs.home.Read(orgId)
checkAppFatal("Couldn't read org public entity: %s", err)
app.entities.org, err = entity.New(orgPublicJson)
checkAppFatal("Could not create org entity: %s", err)
orgEntity, err := app.fs.api.LoadPrivate(orgId)
checkAppFatal("Couldn't load org entity: %s", err)
orgContainer, err := document.NewContainer(orgEntity)
checkAppFatal("Could not load org container: %s", err)
err = app.entities.org.Verify(orgContainer)
checkAppFatal("Could not verify org: %s", err)
decryptedOrgJson, err := app.entities.admin.Decrypt(orgContainer)
checkAppFatal("Could not decrypt container: %s", err)
app.entities.org, err = entity.New(decryptedOrgJson)
checkAppFatal("Could not create org entity: %s", err)
}
func (cont *OrgController) List(params *OrgParams) ([]*entity.Entity, error) {
logger.Debug("listing orgs")
logger.Tracef("received params: %s", params)
var err error
if err := cont.env.LoadHomeFs(); err != nil {
return nil, err
}
if cont.env.controllers.admin == nil {
cont.env.controllers.admin, err = NewAdmin(cont.env)
if err != nil {
return nil, err
}
}
if err := cont.env.controllers.admin.LoadConfig(); err != nil {
return nil, err
}
orgs := make([]*entity.Entity, 0)
for _, org := range cont.env.controllers.admin.config.GetOrgs() {
o, err := entity.New(nil)
if err != nil {
return nil, err
}
o.Data.Body.Id = org.Id
o.Data.Body.Name = org.Name
orgs = append(orgs, o)
}
logger.Trace("returnings orgs")
return orgs, nil
}
func (cont *AdminController) LoadAdmin() error {
logger.Debug("loading admin")
orgName := cont.env.controllers.org.config.Data.Name
adminOrgConfig, err := cont.config.GetOrg(orgName)
if err != nil {
return err
}
adminId := adminOrgConfig.AdminId
logger.Debugf("reading file for admin id '%s'", adminId)
adminEntity, err := cont.env.fs.home.Read(adminId)
if err != nil {
return err
}
logger.Debug("creating entity")
cont.admin, err = entity.New(adminEntity)
if err != nil {
return err
}
logger.Trace("returning nil error")
return nil
}
func (app *AdminApp) GetAdminEntity(id string) *entity.Entity {
adminJson, err := app.fs.api.GetPublic(id, id)
checkAppFatal("Couldn't get admin json: %s", err)
admin, err := entity.New(adminJson)
checkAppFatal("Couldn't create admin entity: %s", err)
return admin
}
func (app *AdminApp) CreateOrgEntity(name string) {
var err error
logger.Info("Creating Org entity")
app.entities.org, err = entity.New(nil)
checkAppFatal("Could not create org entity: %s", err)
app.entities.org.Data.Body.Id = NewID()
app.entities.org.Data.Body.Name = name
logger.Info("Generating Org keys")
err = app.entities.org.GenerateKeys()
checkAppFatal("Could not generate org keys: %s", err)
}
func (app *AdminApp) ProcessNextInvite() {
orgId := app.entities.org.Data.Body.Id
inviteJson, err := app.fs.api.PopIncoming("invite")
checkAppFatal("Can't pop invite: %s", err)
container, err := document.NewContainer(inviteJson)
if err != nil {
app.fs.api.PushIncoming(orgId, "invite", inviteJson)
checkAppFatal("Can't load invite: %s", err)
}
inviteId := container.Data.Options.SignatureInputs["key-id"]
logger.Infof("Reading invite key: %s", inviteId)
inviteKey, err := app.index.org.GetInviteKey(inviteId)
if err != nil {
app.fs.api.PushIncoming(orgId, "invite", inviteJson)
checkAppFatal("Couldn't get invite key: %s", err)
}
logger.Info("Verifying and decrypting admin invite")
adminJson, err := app.entities.org.VerifyAuthenticationThenDecrypt(container, inviteKey.Key)
if err != nil {
app.fs.api.PushIncoming(orgId, "invite", inviteJson)
checkAppFatal("Couldn't verify then decrypt invite: %s", err)
}
admin, err := entity.New(adminJson)
if err != nil {
app.fs.api.PushIncoming(orgId, "invite", inviteJson)
checkAppFatal("Couldn't load admin entity: %s", err)
}
err = app.index.org.AddAdmin(admin.Data.Body.Name, admin.Data.Body.Id)
checkAppFatal("Couldn't add admin to index: %s", err)
app.SendOrgEntity()
//app.entities.org.EncryptThenSignString(app.entities.org.Dump(), app.GetAdminEntities())
orgContainer, err := app.entities.admin.EncryptThenAuthenticateString(app.entities.org.DumpPublic(), inviteId, inviteKey.Key)
checkAppFatal("Couldn't encrypt and authenticate org public: %s", err)
err = app.fs.api.PushIncoming(admin.Data.Body.Id, "invite", orgContainer.Dump())
checkAppFatal("Could not push org container: %s", err)
// Delete invite ID
}
func (app *AdminApp) LoadAdminEntity() {
var err error
logger.Info("Loading admin entity")
orgName := app.config.org.Data.Name
adminOrgConfig, err := app.config.admin.GetOrg(orgName)
checkAppFatal("Could not get org from admin config: %s", err)
adminId := adminOrgConfig.AdminId
adminEntity, err := app.fs.home.Read(adminId)
checkAppFatal("Couldn't read admin entity: %s", err)
app.entities.admin, err = entity.New(adminEntity)
checkAppFatal("Couldn't load admin entity: %s", err)
}
func (cont *AdminController) GetAdmin(id string) (*entity.Entity, error) {
logger.Debug("getting admin")
logger.Tracef("received id '%s'", id)
adminJson, err := cont.env.api.GetPublic(id, id)
if err != nil {
return nil, err
}
logger.Debug("creating entity")
admin, err := entity.New(adminJson)
if err != nil {
return nil, err
}
logger.Trace("returning admin")
return admin, nil
}
func (app *AdminApp) CompleteInvite(inviteId, inviteKey string) {
err := app.fs.api.Authenticate(app.entities.admin.Data.Body.Id, "")
checkAppFatal("Couldn't authenticate to API: %s", err)
orgContainerJson, err := app.fs.api.PopIncoming("invite")
checkAppFatal("Can't pop invite: %s", err)
orgContainer, err := document.NewContainer(orgContainerJson)
checkAppFatal("Can't create org container: %s", err)
orgJson, err := app.entities.admin.VerifyAuthenticationThenDecrypt(orgContainer, inviteKey)
checkAppFatal("Couldn't verify invite: %s", err)
app.entities.org, err = entity.New(orgJson)
checkAppFatal("Couldn't create org entitiy: %s", err)
app.SaveOrgEntityPublic()
}
func (cont *OrgController) CreateOrg(name string) error {
logger.Debug("creating org")
var err error
cont.org, err = entity.New(nil)
if err != nil {
return err
}
cont.org.Data.Body.Id = x509.NewID()
cont.org.Data.Body.Name = name
logger.Debug("generating keys")
if err := cont.org.GenerateKeys(); err != nil {
return err
}
logger.Trace("returning nil error")
return nil
}
func (cont *OrgController) LoadPublicOrg() error {
logger.Debug("loading public org")
orgId := cont.config.Data.Id
logger.Debugf("reading org with id '%s'", orgId)
orgPublicJson, err := cont.env.fs.home.Read(orgId)
if err != nil {
return err
}
logger.Debug("creating new org struct from JSON")
cont.org, err = entity.New(orgPublicJson)
if err != nil {
return err
}
logger.Trace("returning nil error")
return nil
}
func (cont *OrgController) LoadPrivateOrg() error {
logger.Debug("loading private org")
orgId := cont.config.Data.Id
logger.Debugf("loading private org with id '%s'", orgId)
orgEntity, err := cont.env.api.GetPrivate(orgId, orgId)
if err != nil {
return err
}
logger.Debug("creating new org container")
container, err := document.NewContainer(orgEntity)
if err != nil {
return err
}
logger.Debug("verifying container")
err = cont.org.Verify(container)
if err != nil {
return err
}
logger.Debug("decrypting container")
decryptedOrgJson, err := cont.env.controllers.admin.admin.Decrypt(container)
if err != nil {
return err
}
logger.Debug("creating org struct")
cont.org, err = entity.New(decryptedOrgJson)
if err != nil {
return err
}
logger.Trace("returning nil error")
return nil
}
func (cont *AdminController) CreateAdmin(name string) error {
logger.Debug("creating new admin")
var err error
// TODO validate name
logger.Debug("creating new entity")
cont.admin, err = entity.New(nil)
if err != nil {
return err
}
cont.admin.Data.Body.Id = x509.NewID()
cont.admin.Data.Body.Name = name
logger.Debug("generating keys")
err = cont.admin.GenerateKeys()
if err != nil {
return err
}
logger.Trace("returning nil error")
return nil
}
func (cont *AdminController) Complete(params *AdminParams) error {
var err error
logger.Tracef("received params: %s", params)
logger.Debug("validating parameters")
if err := cont.env.LoadLocalFs(); err != nil {
return err
}
if err := cont.env.LoadHomeFs(); err != nil {
return err
}
if err := cont.env.LoadAPI(); err != nil {
return err
}
logger.Debug("Initializing org controller")
if cont.env.controllers.org == nil {
if cont.env.controllers.org, err = NewOrg(cont.env); err != nil {
return err
}
}
if err := cont.env.controllers.org.LoadConfig(); err != nil {
return err
}
if err := cont.LoadConfig(); err != nil {
return err
}
if err := cont.LoadAdmin(); err != nil {
return err
}
orgContainerJson, err := cont.env.api.PopIncoming(cont.admin.Data.Body.Id, "invite")
if err != nil {
return err
}
orgContainer, err := document.NewContainer(orgContainerJson)
if err != nil {
return err
}
orgJson, err := cont.admin.VerifyAuthenticationThenDecrypt(orgContainer, *params.InviteKey)
if err != nil {
return err
}
org, err := entity.New(orgJson)
if err != nil {
return err
}
logger.Debug("Saving public org to home")
if err := cont.env.fs.home.Write(org.Data.Body.Id, org.DumpPublic()); err != nil {
return err
}
return nil
}
func (cont *AdminController) New(params *AdminParams) error {
logger.Tracef("received params: %s", params)
var err error
logger.Debug("Validating parameters")
if err := params.ValidateName(true); err != nil {
return err
}
logger.Debug("Loading local filesystem")
if err := cont.env.LoadLocalFs(); err != nil {
return err
}
logger.Debug("Loading home filesystem")
if err := cont.env.LoadHomeFs(); err != nil {
return err
}
logger.Debug("Loading API")
if err := cont.env.LoadAPI(); err != nil {
return err
}
logger.Debug("Initializing org controller")
if cont.env.controllers.org == nil {
if cont.env.controllers.org, err = NewOrg(cont.env); err != nil {
return err
}
}
logger.Debug("Loading org config")
if err := cont.env.controllers.org.LoadConfig(); err != nil {
return err
}
logger.Debug("Creating admin entity")
cont.admin, err = entity.New(nil)
if err != nil {
return nil
}
cont.admin.Data.Body.Id = x509.NewID()
cont.admin.Data.Body.Name = *params.Name
logger.Debug("Generating admin keys")
if err := cont.admin.GenerateKeys(); err != nil {
return err
}
if err := cont.SaveAdmin(); err != nil {
return nil
}
if err := cont.LoadConfig(); err != nil {
return err
}
orgId := cont.env.controllers.org.config.Data.Id
orgName := cont.env.controllers.org.config.Data.Name
if err := cont.config.AddOrg(orgName, orgId, cont.admin.Id()); err != nil {
return err
}
if err := cont.SaveConfig(); err != nil {
return err
}
if err := cont.SecureSendPublicToOrg(*params.InviteId, *params.InviteKey); err != nil {
return err
}
return nil
}
func (cont *AdminController) ProcessNextInvite() error {
org := cont.env.controllers.org.org
index, err := cont.env.controllers.org.GetIndex()
if err != nil {
return err
}
inviteJson, err := cont.env.api.PopIncoming(org.Id(), "invite")
if err != nil {
return err
}
container, err := document.NewContainer(inviteJson)
if err != nil {
cont.env.api.PushIncoming(org.Id(), "invite", inviteJson)
return err
}
inviteId := container.Data.Options.SignatureInputs["key-id"]
logger.Debugf("Reading invite key: %s", inviteId)
inviteKey, err := index.GetInviteKey(inviteId)
if err != nil {
cont.env.api.PushIncoming(org.Id(), "invite", inviteJson)
return err
}
logger.Debug("Verifying and decrypting admin invite")
adminJson, err := org.VerifyAuthenticationThenDecrypt(container, inviteKey.Key)
if err != nil {
cont.env.api.PushIncoming(org.Id(), "invite", inviteJson)
return err
}
admin, err := entity.New(adminJson)
if err != nil {
cont.env.api.PushIncoming(org.Id(), "invite", inviteJson)
return err
}
if err := index.AddAdmin(admin.Data.Body.Name, admin.Data.Body.Id); err != nil {
return err
}
if err := cont.env.controllers.org.SaveIndex(index); err != nil {
return err
}
if err := cont.SendOrgEntity(); err != nil {
return err
}
orgContainer, err := cont.admin.EncryptThenAuthenticateString(org.DumpPublic(), inviteId, inviteKey.Key)
if err != nil {
return err
}
if err := cont.env.api.PushIncoming(admin.Data.Body.Id, "invite", orgContainer.Dump()); err != nil {
return err
}
// Delete invite ID
return nil
}