func processGenericVDL(vdlOperation string, variadicArgs ...interface{}) ([]map[string]interface{}, int, error) { funcName := util.GetCallerName() if vdlOperation == "" { return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName)) } log.Printf("%s -- Calling operation %s with %v", funcName, vdlOperation, variadicArgs) // Get the Postgres Function information pgfunc, _ := pgreflect.GetPgFuncInfo(vdlOperation) // // Check the argument list size agrees if pgfunc.NumArgs != len(variadicArgs) { log.Printf("%s -- Error with number of argument for %s has %d, passing in %d", funcName, vdlOperation, pgfunc.NumArgs, len(variadicArgs)) return nil, -1, errors.New(fmt.Sprintf("Error with number of argument for %s has %d, passing in %d", vdlOperation, pgfunc.NumArgs, len(variadicArgs))) } //Call the function and get return values retMap, retCode, err := pgfunc.VariadicScan(variadicArgs...) if err != nil || retMap == nil || len(retMap) == 0 { log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, pgfunc) return nil, -1, err } log.Printf("%s -- Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err) return retMap, retCode, nil }
func (trm TagRevisionModel) processVDLCall(vdlOperation string, variadicArgs ...interface{}) (relationship *dto.EntityRelationship, retCode int, err error) { funcName := util.GetCallerName() if vdlOperation == "" { return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName)) } log.Printf("%s -- Calling operation %s with %v", funcName, vdlOperation, variadicArgs) // Get the Postgres Function information pgfunc, _ := pgreflect.GetPgFuncInfo(vdlOperation) //Call the function and get return values retMap, retCode, err := pgfunc.VariadicScan(variadicArgs...) if err != nil || retMap == nil { log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, pgfunc) return nil, -1, err } log.Printf("%s -- Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err) //construct transfer object with return values newTRRelationship := &dto.EntityRelationship{ RelId2: retMap[0]["ret_tag_uid"].(int64), RelId1: retMap[0]["ret_revision_uid"].(int64), RelName1: "dto.Revision", RelName2: "dto.Tag", RelType2: reflect.TypeOf(dto.Tag{}), RelType1: reflect.TypeOf(dto.Revision{}), Status: dto.SetStatus(dto.StatusType(retMap[0]["ret_status"].(int64))), Created: &dto.JsonTime{retMap[0]["ret_created"].(time.Time), time.RFC3339}, Modified: &dto.JsonTime{retMap[0]["ret_modified"].(time.Time), time.RFC3339}, } log.Printf("%s -- created %v, modified %v", funcName, retMap[0]["ret_created"].(time.Time), retMap[0]["ret_modified"].(time.Time).Format(time.RFC3339)) log.Printf("%s -- Excution result %#v", funcName, newTRRelationship) return newTRRelationship, retCode, nil }
func (rm SectionModel) processVDLCall(vdlOperation string, variadicArgs ...interface{}) (*dto.Section, int, error) { funcName := util.GetCallerName() if vdlOperation == "" { return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName)) } log.Printf("%s -- Calling operation %s with %v", funcName, vdlOperation, variadicArgs) // Get the Postgres Function information pgfunc, err := pgreflect.GetPgFuncInfo(vdlOperation) if err != nil { log.Printf("%s -- Error Getting Postgres Function Information- %s ", funcName, vdlOperation) return nil, -1, err } // // Check the argument list size agrees if pgfunc.NumArgs != len(variadicArgs) { log.Printf("%s -- Error with number of argument for %s has %d, passing in %d", funcName, vdlOperation, pgfunc.NumArgs, len(variadicArgs)) return nil, -1, errors.New(fmt.Sprintf("Error with number of argument for %s has %d, passing in %d", vdlOperation, pgfunc.NumArgs, len(variadicArgs))) } //Call the function and get return values retMap, retCode, err := pgfunc.VariadicScan(variadicArgs...) if err != nil || retMap == nil { log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, pgfunc) return nil, -1, err } log.Printf("%s -- Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err) //construct transfer object with return values if len(retMap) > 0 { dbResults := &dto.Section{ Id: retMap[0]["ret_uid"].(int64), PageId: retMap[0]["ret_page_uid"].(int64), AuthorId: retMap[0]["ret_user_uid"].(int64), Name: retMap[0]["ret_name"].(string), OrderNum: int(retMap[0]["ret_ordernum"].(int64)), Status: dto.SetStatus(dto.StatusType(retMap[0]["ret_status"].(int64))), Created: &dto.JsonTime{retMap[0]["ret_created"].(time.Time), time.RFC3339}, Modified: &dto.JsonTime{retMap[0]["ret_modified"].(time.Time), time.RFC3339}, } log.Printf("%s -- created %v, modified %v", funcName, retMap[0]["ret_created"].(time.Time), retMap[0]["ret_modified"].(time.Time).Format(time.RFC3339)) log.Printf("%s -- Excution result %#v", funcName, dbResults) return dbResults, retCode, nil } return nil, 1, errors.New("No data returned") }
func authorizeRating(req *restful.Request, resp *restful.Response, chain *restful.FilterChain) { funcName := util.GetCallerName() log.Printf("%s Authorizing Request %s", funcName, req.Request.URL.RequestURI()) // Get client preauth user id preAuthId, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-client-preauth-id"), 0, 64) if err != nil { resp.WriteErrorString(403, "403: Rating authoriztion was unavailable") log.Printf("%s - %s 403: Rating authoriztion was unavailable", funcName, req.SelectedRoutePath()) return } // Get information to call for postgres function to get user rating vdlOperation := "find_user_rating" pgfunc, err := pgreflect.GetPgFuncInfo(vdlOperation) if err != nil { log.Printf("%s -- Error Getting Postgres Function Information- %s ", funcName, vdlOperation) return } // Call postgres function var rating int64 retMap, retCode, err := pgfunc.VariadicScan(preAuthId) if err != nil || retMap == nil || retCode != 0 { log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, err) resp.WriteErrorString(403, "403: Rating authoriztion was unavailable") return } else if len(retMap) <= 0 { log.Printf("%s No Rating for user [%d]", funcName, preAuthId) rating = 0 } else { rating = retMap[0]["ret_user_rating"].(int64) log.Printf("%s Rating for user (%d) = %d", funcName, retMap[0]["ret_user_uid"].(int64), retMap[0]["ret_user_rating"].(int64)) } globalThreshold, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-global-threshold"), 0, 64) if err != nil { globalThreshold = int64(0) } // Check rating against if rating < globalThreshold { log.Printf("%s -- Insufficent rating for - %s", funcName, req.Request.URL.RequestURI()) resp.WriteErrorString(403, fmt.Sprintf("403: Insufficient Rating to Perform %s", req.Request.URL.RequestURI())) return } chain.ProcessFilter(req, resp) }
func (sm SectionModel) processVDLMultiResults(vdlOperation string, variadicArgs ...interface{}) (*[]dto.Section, int, error) { funcName := util.GetCallerName() if vdlOperation == "" { return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName)) } log.Printf("%s -- Calling operation %s with %v", funcName, vdlOperation, variadicArgs) // Get the Postgres Function information pgfunc, _ := pgreflect.GetPgFuncInfo(vdlOperation) // // Check the argument list size agrees if pgfunc.NumArgs != len(variadicArgs) { log.Printf("%s -- Error with number of argument for %s has %d, passing in %d", funcName, vdlOperation, pgfunc.NumArgs, len(variadicArgs)) return nil, -1, errors.New(fmt.Sprintf("Error with number of argument for %s has %d, passing in %d", vdlOperation, pgfunc.NumArgs, len(variadicArgs))) } //Call the function and get return values retMap, retCode, err := pgfunc.VariadicScan(variadicArgs...) if err != nil || retMap == nil || len(retMap) == 0 { log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, pgfunc) return nil, -1, err } log.Printf("%s -- Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err) dbResults := make([]dto.Section, 0) for _, row := range retMap { //construct transfer object with return values dbResult := dto.Section{ Id: row["uid"].(int64), PageId: row["page_uid"].(int64), AuthorId: row["user_uid"].(int64), Name: row["name"].(string), OrderNum: int(row["ordernum"].(int64)), Status: dto.SetStatus(dto.StatusType(row["status"].(int64))), Created: &dto.JsonTime{row["created"].(time.Time), time.RFC3339}, Modified: &dto.JsonTime{row["modified"].(time.Time), time.RFC3339}, } log.Printf("%s -- created %v, modified %v", funcName, row["created"].(time.Time), row["modified"].(time.Time).Format(time.RFC3339)) log.Printf("%s -- Excution result %#v", funcName, dbResult) dbResults = append(dbResults, dbResult) } return &dbResults, retCode, nil }
func (tm RatingModel) CreateRelationship(vdlOperation string, account_uid int64, revision_uid int64, rating int64) (foundRating *dto.Rating, retCode int, err error) { funcName := util.GetCallerName() //newRating := newRef.(dto.Rating) //newRating := *newRef\\ log.Printf("%s Calling %s with %s, %d, %d %d", funcName, reflect.TypeOf(tm), vdlOperation, account_uid, revision_uid, rating) // //Use field annotations to find method //tt := reflect.TypeOf(tm) //vdlField, ok := tt.FieldByName(operation) //if ok != true { // return nil, -1, errors.New(fmt.Sprintf("%s: VDL Opeartion Field (%s)) not found", funcName, operation)) //} //vdlOperation := vdlField.Tag.Get("vdl") if vdlOperation == "" { return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName)) } else { // Get the Postgres Function information pgfunc, _ := pgreflect.GetPgFuncInfo(vdlOperation) retMap, retCode, err := pgfunc.VariadicScan( account_uid, revision_uid, rating) if err != nil || retMap == nil { log.Printf("%s Error Calling Postgres Function - %#v", funcName, err) return nil, -1, err } log.Printf("%s Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err) foundRating := &dto.Rating{ AccountId: retMap[0]["ret_account_uid"].(int64), RevisionId: retMap[0]["ret_revision_uid"].(int64), Rating: retMap[0]["ret_rating"].(int64), Created: &dto.JsonTime{retMap[0]["ret_created"].(time.Time), time.RFC3339}, Modified: &dto.JsonTime{retMap[0]["ret_modified"].(time.Time), time.RFC3339}, } log.Printf("%s Excution result %#v", funcName, foundRating) return foundRating, retCode, nil } }
// // Helper function for route filters to call to centalize logic for call // "model" authorizationWithOwnership function func authorizeRatingWithOwnership(dbModel interface{}, entityId int64, req *restful.Request, resp *restful.Response) bool { funcName := util.GetCallerName() log.Printf("%s Authorizing Ownership for Request %s", funcName, req.Request.URL.RequestURI()) // Get client preauth user id preAuthId, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-client-preauth-id"), 0, 64) if err != nil { resp.WriteErrorString(http.StatusPreconditionFailed, "Rating authoriztion was unavailable") log.Printf("%s - %s Rating authoriztion was unavailable", funcName, req.SelectedRoutePath()) return false } // get the globalThreshold globalThreshold, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-global-threshold"), 0, 64) if err != nil { log.Printf("%s - no global threshold set to Perform %s %s.", funcName, req.Request.Method, req.Request.URL.RequestURI()) resp.WriteErrorString(http.StatusPreconditionFailed, fmt.Sprintf(" no global threshold set to Perform %s %s", req.Request.Method, req.Request.URL.RequestURI())) return false } // get the ownerThreshold ownerThreshold, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-owner-threshold"), 0, 64) if err != nil { log.Printf("%s - no threshold set to Perform %s %s.", funcName, req.Request.Method, req.Request.URL.RequestURI()) resp.WriteErrorString(http.StatusPreconditionFailed, fmt.Sprintf(" no threshold set to perform %s %s", req.Request.Method, req.Request.URL.RequestURI())) return false } // get the vdl operation from the model vdlOperation, err := model.GetVDLOperation(dbModel, "authorizeOwnership") if err != nil { resp.WriteErrorString(http.StatusPreconditionFailed, "Ownership authoriztion was unavailable") log.Printf("%s - %s Ownership authoriztion was unavailable", funcName, req.SelectedRoutePath()) return false } log.Printf("%s Ownership operation for [%v] - [%s]", funcName, reflect.TypeOf(dbModel), vdlOperation) // call the function for the operation pgfunc, err := pgreflect.GetPgFuncInfo(vdlOperation) if err != nil { log.Printf("%s -- Error Getting Postgres Function Information- %s ", funcName, vdlOperation) return false } retMap, retCode, err := pgfunc.VariadicScan(preAuthId, entityId) //process the results var user_rating int64 var is_owner bool if err != nil || retMap == nil || retCode != 0 { log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, err) resp.WriteErrorString(http.StatusPreconditionFailed, "Ownership authoriztion was unavailable") return false } else if len(retMap) <= 0 { log.Printf("%s No Ownership for user [%d]", funcName, preAuthId) user_rating = 0 //?? } else { // get user rating user_rating = retMap[0]["ret_user_rating"].(int64) // get ownership (true/false) is_owner = retMap[0]["ret_owns"].(bool) log.Printf("%s Ownership for user (%d) = %t and has %d", funcName, retMap[0]["ret_auth_uid"].(int64), is_owner, user_rating) } //if owned enity if is_owner { // compare against the user rating if user_rating < ownerThreshold { log.Printf("%s - [%d] has insufficient rating [%d] as an owner of [%d] to Perform %s %s, need [%d]", funcName, preAuthId, user_rating, entityId, req.Request.Method, req.Request.URL.RequestURI(), ownerThreshold) resp.WriteErrorString(http.StatusUnauthorized, fmt.Sprintf("[%d] has insufficient rating [%d] as an owner of [%d] to Perform %s %s, need [%d]", preAuthId, user_rating, entityId, req.Request.Method, req.Request.URL.RequestURI(), ownerThreshold)) return false } log.Printf("%s -- [%d] as owner of [%d] has rating [%d] meets threshold of [%d]", funcName, preAuthId, entityId, user_rating, ownerThreshold) return true } else { // compare against the user rating if user_rating < globalThreshold { log.Printf("%s - [%d] has insufficient rating [%d] as a non-owner of [%d] to Perform %s %s, need [%d]", funcName, preAuthId, user_rating, entityId, req.Request.Method, req.Request.URL.RequestURI(), globalThreshold) resp.WriteErrorString(http.StatusUnauthorized, fmt.Sprintf("[%d] has insufficient rating [%d] as a non-owner of [%d] to Perform %s %s, need [%d]", preAuthId, user_rating, entityId, req.Request.Method, req.Request.URL.RequestURI(), globalThreshold)) return false } log.Printf("%s -- [%d] as non-owner of [%d] has rating [%d] meets global threshold of [%d]", funcName, preAuthId, entityId, user_rating, globalThreshold) return true } log.Printf("%s -- Insufficent rating for - %s %s", funcName, req.Request.Method, req.Request.URL.RequestURI()) return false }