示例#1
0
func processGenericVDL(vdlOperation string, variadicArgs ...interface{}) ([]map[string]interface{}, int, error) {
	funcName := util.GetCallerName()
	if vdlOperation == "" {
		return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName))
	}

	log.Printf("%s -- Calling operation %s with %v", funcName, vdlOperation, variadicArgs)
	// Get the Postgres Function information
	pgfunc, _ := pgreflect.GetPgFuncInfo(vdlOperation)
	//
	// Check the argument list size agrees
	if pgfunc.NumArgs != len(variadicArgs) {
		log.Printf("%s -- Error with number of argument for %s has %d, passing in %d", funcName, vdlOperation, pgfunc.NumArgs, len(variadicArgs))
		return nil, -1, errors.New(fmt.Sprintf("Error with number of argument for %s has %d, passing in %d", vdlOperation, pgfunc.NumArgs, len(variadicArgs)))
	}
	//Call the function and get return values
	retMap, retCode, err := pgfunc.VariadicScan(variadicArgs...)
	if err != nil || retMap == nil || len(retMap) == 0 {
		log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, pgfunc)
		return nil, -1, err
	}
	log.Printf("%s -- Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err)

	return retMap, retCode, nil
}
示例#2
0
func (trm TagRevisionModel) processVDLCall(vdlOperation string, variadicArgs ...interface{}) (relationship *dto.EntityRelationship, retCode int, err error) {
	funcName := util.GetCallerName()
	if vdlOperation == "" {
		return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName))
	}
	log.Printf("%s -- Calling operation %s with %v", funcName, vdlOperation, variadicArgs)
	// Get the Postgres Function information
	pgfunc, _ := pgreflect.GetPgFuncInfo(vdlOperation)
	//Call the function and get return values
	retMap, retCode, err := pgfunc.VariadicScan(variadicArgs...)
	if err != nil || retMap == nil {
		log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, pgfunc)
		return nil, -1, err
	}
	log.Printf("%s -- Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err)
	//construct transfer object with return values
	newTRRelationship := &dto.EntityRelationship{
		RelId2:   retMap[0]["ret_tag_uid"].(int64),
		RelId1:   retMap[0]["ret_revision_uid"].(int64),
		RelName1: "dto.Revision",
		RelName2: "dto.Tag",
		RelType2: reflect.TypeOf(dto.Tag{}),
		RelType1: reflect.TypeOf(dto.Revision{}),
		Status:   dto.SetStatus(dto.StatusType(retMap[0]["ret_status"].(int64))),
		Created:  &dto.JsonTime{retMap[0]["ret_created"].(time.Time), time.RFC3339},
		Modified: &dto.JsonTime{retMap[0]["ret_modified"].(time.Time), time.RFC3339},
	}
	log.Printf("%s -- created %v, modified %v", funcName, retMap[0]["ret_created"].(time.Time), retMap[0]["ret_modified"].(time.Time).Format(time.RFC3339))
	log.Printf("%s -- Excution result %#v", funcName, newTRRelationship)
	return newTRRelationship, retCode, nil
}
示例#3
0
func (rm SectionModel) processVDLCall(vdlOperation string, variadicArgs ...interface{}) (*dto.Section, int, error) {
	funcName := util.GetCallerName()
	if vdlOperation == "" {
		return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName))
	}

	log.Printf("%s -- Calling operation %s with %v", funcName, vdlOperation, variadicArgs)
	// Get the Postgres Function information
	pgfunc, err := pgreflect.GetPgFuncInfo(vdlOperation)
	if err != nil {
		log.Printf("%s -- Error Getting Postgres Function Information- %s ", funcName, vdlOperation)
		return nil, -1, err
	}
	//
	// Check the argument list size agrees
	if pgfunc.NumArgs != len(variadicArgs) {
		log.Printf("%s -- Error with number of argument for %s has %d, passing in %d", funcName, vdlOperation, pgfunc.NumArgs, len(variadicArgs))
		return nil, -1, errors.New(fmt.Sprintf("Error with number of argument for %s has %d, passing in %d", vdlOperation, pgfunc.NumArgs, len(variadicArgs)))
	}
	//Call the function and get return values
	retMap, retCode, err := pgfunc.VariadicScan(variadicArgs...)
	if err != nil || retMap == nil {
		log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, pgfunc)
		return nil, -1, err
	}
	log.Printf("%s -- Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err)
	//construct transfer object with return values
	if len(retMap) > 0 {
		dbResults := &dto.Section{
			Id:       retMap[0]["ret_uid"].(int64),
			PageId:   retMap[0]["ret_page_uid"].(int64),
			AuthorId: retMap[0]["ret_user_uid"].(int64),
			Name:     retMap[0]["ret_name"].(string),
			OrderNum: int(retMap[0]["ret_ordernum"].(int64)),
			Status:   dto.SetStatus(dto.StatusType(retMap[0]["ret_status"].(int64))),
			Created:  &dto.JsonTime{retMap[0]["ret_created"].(time.Time), time.RFC3339},
			Modified: &dto.JsonTime{retMap[0]["ret_modified"].(time.Time), time.RFC3339},
		}
		log.Printf("%s -- created %v, modified %v", funcName, retMap[0]["ret_created"].(time.Time), retMap[0]["ret_modified"].(time.Time).Format(time.RFC3339))
		log.Printf("%s -- Excution result %#v", funcName, dbResults)
		return dbResults, retCode, nil
	}

	return nil, 1, errors.New("No data returned")
}
示例#4
0
func authorizeRating(req *restful.Request, resp *restful.Response, chain *restful.FilterChain) {
	funcName := util.GetCallerName()
	log.Printf("%s Authorizing Request %s", funcName, req.Request.URL.RequestURI())
	// Get client preauth user id
	preAuthId, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-client-preauth-id"), 0, 64)
	if err != nil {
		resp.WriteErrorString(403, "403: Rating authoriztion was unavailable")
		log.Printf("%s  - %s 403: Rating authoriztion was unavailable", funcName, req.SelectedRoutePath())
		return
	}
	// Get information to call for postgres function to get user rating
	vdlOperation := "find_user_rating"
	pgfunc, err := pgreflect.GetPgFuncInfo(vdlOperation)
	if err != nil {
		log.Printf("%s -- Error Getting Postgres Function Information- %s ", funcName, vdlOperation)
		return
	}
	// Call postgres function
	var rating int64
	retMap, retCode, err := pgfunc.VariadicScan(preAuthId)
	if err != nil || retMap == nil || retCode != 0 {
		log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, err)
		resp.WriteErrorString(403, "403: Rating authoriztion was unavailable")
		return
	} else if len(retMap) <= 0 {
		log.Printf("%s No Rating for user  [%d]", funcName, preAuthId)
		rating = 0
	} else {
		rating = retMap[0]["ret_user_rating"].(int64)
		log.Printf("%s Rating for user (%d) = %d", funcName,
			retMap[0]["ret_user_uid"].(int64),
			retMap[0]["ret_user_rating"].(int64))
	}
	globalThreshold, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-global-threshold"), 0, 64)
	if err != nil {
		globalThreshold = int64(0)
	}
	// Check rating against
	if rating < globalThreshold {
		log.Printf("%s -- Insufficent rating for - %s", funcName, req.Request.URL.RequestURI())
		resp.WriteErrorString(403, fmt.Sprintf("403: Insufficient Rating to Perform %s", req.Request.URL.RequestURI()))
		return
	}
	chain.ProcessFilter(req, resp)
}
示例#5
0
func (sm SectionModel) processVDLMultiResults(vdlOperation string, variadicArgs ...interface{}) (*[]dto.Section, int, error) {
	funcName := util.GetCallerName()
	if vdlOperation == "" {
		return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName))
	}

	log.Printf("%s -- Calling operation %s with %v", funcName, vdlOperation, variadicArgs)
	// Get the Postgres Function information
	pgfunc, _ := pgreflect.GetPgFuncInfo(vdlOperation)
	//
	// Check the argument list size agrees
	if pgfunc.NumArgs != len(variadicArgs) {
		log.Printf("%s -- Error with number of argument for %s has %d, passing in %d", funcName, vdlOperation, pgfunc.NumArgs, len(variadicArgs))
		return nil, -1, errors.New(fmt.Sprintf("Error with number of argument for %s has %d, passing in %d", vdlOperation, pgfunc.NumArgs, len(variadicArgs)))
	}
	//Call the function and get return values
	retMap, retCode, err := pgfunc.VariadicScan(variadicArgs...)
	if err != nil || retMap == nil || len(retMap) == 0 {
		log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, pgfunc)
		return nil, -1, err
	}
	log.Printf("%s -- Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err)

	dbResults := make([]dto.Section, 0)
	for _, row := range retMap {
		//construct transfer object with return values
		dbResult := dto.Section{
			Id:       row["uid"].(int64),
			PageId:   row["page_uid"].(int64),
			AuthorId: row["user_uid"].(int64),
			Name:     row["name"].(string),
			OrderNum: int(row["ordernum"].(int64)),
			Status:   dto.SetStatus(dto.StatusType(row["status"].(int64))),
			Created:  &dto.JsonTime{row["created"].(time.Time), time.RFC3339},
			Modified: &dto.JsonTime{row["modified"].(time.Time), time.RFC3339},
		}
		log.Printf("%s -- created %v, modified %v", funcName, row["created"].(time.Time), row["modified"].(time.Time).Format(time.RFC3339))
		log.Printf("%s -- Excution result %#v", funcName, dbResult)
		dbResults = append(dbResults, dbResult)
	}
	return &dbResults, retCode, nil
}
示例#6
0
func (tm RatingModel) CreateRelationship(vdlOperation string, account_uid int64, revision_uid int64, rating int64) (foundRating *dto.Rating, retCode int, err error) {
	funcName := util.GetCallerName()
	//newRating := newRef.(dto.Rating)
	//newRating := *newRef\\
	log.Printf("%s Calling %s with %s, %d, %d %d", funcName, reflect.TypeOf(tm), vdlOperation, account_uid, revision_uid, rating)
	//
	//Use field annotations to find method
	//tt := reflect.TypeOf(tm)
	//vdlField, ok := tt.FieldByName(operation)
	//if ok != true {
	//	return nil, -1, errors.New(fmt.Sprintf("%s: VDL Opeartion Field (%s)) not found", funcName, operation))
	//}
	//vdlOperation := vdlField.Tag.Get("vdl")
	if vdlOperation == "" {
		return nil, -1, errors.New(fmt.Sprintf("%s: VDL annotation not set", funcName))
	} else {
		// Get the Postgres Function information
		pgfunc, _ := pgreflect.GetPgFuncInfo(vdlOperation)
		retMap, retCode, err := pgfunc.VariadicScan(
			account_uid,
			revision_uid,
			rating)
		if err != nil || retMap == nil {
			log.Printf("%s Error Calling Postgres Function - %#v", funcName, err)
			return nil, -1, err
		}
		log.Printf("%s Postgres Function Returned- %#v, %d, %#v", funcName, retMap, retCode, err)

		foundRating := &dto.Rating{
			AccountId:  retMap[0]["ret_account_uid"].(int64),
			RevisionId: retMap[0]["ret_revision_uid"].(int64),
			Rating:     retMap[0]["ret_rating"].(int64),
			Created:    &dto.JsonTime{retMap[0]["ret_created"].(time.Time), time.RFC3339},
			Modified:   &dto.JsonTime{retMap[0]["ret_modified"].(time.Time), time.RFC3339},
		}
		log.Printf("%s Excution result %#v", funcName, foundRating)
		return foundRating, retCode, nil
	}

}
示例#7
0
//
// Helper function for route filters to call to centalize logic for call
// "model" authorizationWithOwnership function
func authorizeRatingWithOwnership(dbModel interface{}, entityId int64, req *restful.Request, resp *restful.Response) bool {
	funcName := util.GetCallerName()
	log.Printf("%s Authorizing Ownership for Request %s", funcName, req.Request.URL.RequestURI())
	// Get client preauth user id
	preAuthId, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-client-preauth-id"), 0, 64)
	if err != nil {
		resp.WriteErrorString(http.StatusPreconditionFailed, "Rating authoriztion was unavailable")
		log.Printf("%s  - %s Rating authoriztion was unavailable", funcName, req.SelectedRoutePath())
		return false
	}
	//		get the globalThreshold
	globalThreshold, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-global-threshold"), 0, 64)
	if err != nil {
		log.Printf("%s - no global threshold set to Perform %s %s.", funcName, req.Request.Method, req.Request.URL.RequestURI())
		resp.WriteErrorString(http.StatusPreconditionFailed, fmt.Sprintf(" no global threshold set to Perform %s %s", req.Request.Method, req.Request.URL.RequestURI()))
		return false
	}
	// 		get the ownerThreshold
	ownerThreshold, err := strconv.ParseInt(req.Request.Header.Get("X-meritwiki-owner-threshold"), 0, 64)
	if err != nil {
		log.Printf("%s - no threshold set to Perform %s %s.", funcName, req.Request.Method, req.Request.URL.RequestURI())
		resp.WriteErrorString(http.StatusPreconditionFailed, fmt.Sprintf(" no threshold set to perform %s %s", req.Request.Method, req.Request.URL.RequestURI()))
		return false
	}
	// get the vdl operation from the model
	vdlOperation, err := model.GetVDLOperation(dbModel, "authorizeOwnership")
	if err != nil {
		resp.WriteErrorString(http.StatusPreconditionFailed, "Ownership authoriztion was unavailable")
		log.Printf("%s  - %s Ownership  authoriztion was unavailable", funcName, req.SelectedRoutePath())
		return false
	}
	log.Printf("%s Ownership operation for [%v] - [%s]", funcName, reflect.TypeOf(dbModel), vdlOperation)
	// call the function for the operation
	pgfunc, err := pgreflect.GetPgFuncInfo(vdlOperation)
	if err != nil {
		log.Printf("%s -- Error Getting Postgres Function Information- %s ", funcName, vdlOperation)
		return false
	}
	retMap, retCode, err := pgfunc.VariadicScan(preAuthId, entityId)
	//process the results
	var user_rating int64
	var is_owner bool
	if err != nil || retMap == nil || retCode != 0 {
		log.Printf("%s -- Error Calling Postgres Function - %s ( %#v)", funcName, pgfunc.Name, err)
		resp.WriteErrorString(http.StatusPreconditionFailed, "Ownership authoriztion was unavailable")
		return false
	} else if len(retMap) <= 0 {
		log.Printf("%s No Ownership for user  [%d]", funcName, preAuthId)
		user_rating = 0 //??
	} else {
		// 		get user rating
		user_rating = retMap[0]["ret_user_rating"].(int64)
		// 		get ownership (true/false)
		is_owner = retMap[0]["ret_owns"].(bool)
		log.Printf("%s Ownership for user (%d) = %t and has %d", funcName,
			retMap[0]["ret_auth_uid"].(int64),
			is_owner,
			user_rating)
	}
	//if owned enity
	if is_owner {
		// 		compare against the user rating
		if user_rating < ownerThreshold {
			log.Printf("%s - [%d] has insufficient rating [%d] as an owner of [%d] to Perform %s %s, need [%d]",
				funcName, preAuthId, user_rating, entityId, req.Request.Method, req.Request.URL.RequestURI(), ownerThreshold)
			resp.WriteErrorString(http.StatusUnauthorized, fmt.Sprintf("[%d] has insufficient rating [%d] as an owner of [%d] to Perform %s %s, need [%d]",
				preAuthId, user_rating, entityId, req.Request.Method, req.Request.URL.RequestURI(), ownerThreshold))
			return false
		}
		log.Printf("%s -- [%d] as owner of [%d] has rating [%d] meets threshold of [%d]", funcName, preAuthId, entityId, user_rating, ownerThreshold)
		return true
	} else {

		//		compare against the user rating
		if user_rating < globalThreshold {
			log.Printf("%s - [%d] has insufficient rating [%d] as a non-owner of [%d] to Perform %s %s, need [%d]",
				funcName, preAuthId, user_rating, entityId, req.Request.Method, req.Request.URL.RequestURI(), globalThreshold)
			resp.WriteErrorString(http.StatusUnauthorized, fmt.Sprintf("[%d] has insufficient rating [%d] as a non-owner of [%d] to Perform %s %s, need [%d]",
				preAuthId, user_rating, entityId, req.Request.Method, req.Request.URL.RequestURI(), globalThreshold))
			return false
		}

		log.Printf("%s -- [%d] as non-owner of [%d] has rating [%d] meets global threshold of [%d]", funcName, preAuthId, entityId, user_rating, globalThreshold)
		return true
	}
	log.Printf("%s -- Insufficent rating for - %s %s", funcName, req.Request.Method, req.Request.URL.RequestURI())
	return false
}