diff --git a/models/booking/booking.go b/models/booking/booking.go index 274235d..fd19911 100644 --- a/models/booking/booking.go +++ b/models/booking/booking.go @@ -56,3 +56,7 @@ func (d *Booking) GetName() string { func (d *Booking) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { return New(tools.BOOKING, username, peerID, groups, caller) // Create a new instance of the accessor } + +func (d *Booking) VerifyAuth(username string, peerID string, groups []string) bool { + return true +} diff --git a/models/collaborative_area/collaborative_area.go b/models/collaborative_area/collaborative_area.go index a5b89e8..a7a51be 100644 --- a/models/collaborative_area/collaborative_area.go +++ b/models/collaborative_area/collaborative_area.go @@ -84,7 +84,7 @@ func (ao *CollaborativeArea) VerifyAuth(username string, peerID string, groups [ } } } - return false + return ao.AbstractObject.VerifyAuth(username, peerID, groups) } func (d *CollaborativeArea) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { diff --git a/models/collaborative_area/rules/rule/rule.go b/models/collaborative_area/rules/rule/rule.go index 23835b9..e881ca7 100644 --- a/models/collaborative_area/rules/rule/rule.go +++ b/models/collaborative_area/rules/rule/rule.go @@ -23,3 +23,7 @@ func (r *Rule) GenerateID() { func (d *Rule) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { return New(tools.RULE, username, peerID, groups, caller) } + +func (d *Rule) VerifyAuth(username string, peerID string, groups []string) bool { + return true +} diff --git a/models/peer/peer.go b/models/peer/peer.go index 754c2a9..8032545 100644 --- a/models/peer/peer.go +++ b/models/peer/peer.go @@ -80,3 +80,7 @@ func (d *Peer) GetAccessor(username string, peerID string, groups []string, call data := New(tools.PEER, username, peerID, groups, caller) // Create a new instance of the accessor return data } + +func (d *Peer) VerifyAuth(username string, peerID string, groups []string) bool { + return true +} diff --git a/models/resources/resource_model/resource_model.go b/models/resources/resource_model/resource_model.go index faa008e..c4aaff4 100644 --- a/models/resources/resource_model/resource_model.go +++ b/models/resources/resource_model/resource_model.go @@ -57,7 +57,7 @@ func (abs *AbstractResource) VerifyAuth(username string, peerID string, groups [ } } } - return false + return abs.AbstractObject.VerifyAuth(username, peerID, groups) } /* @@ -125,7 +125,7 @@ func (ao *ResourceModel) GetID() string { return ao.UUID } -func (ao *ResourceModel) UpToDate() {} +func (ao *ResourceModel) UpToDate(user string, create bool) {} func (r *ResourceModel) GenerateID() { r.UUID = uuid.New().String() diff --git a/models/utils/abstracts.go b/models/utils/abstracts.go index 598bbf0..9a386d5 100644 --- a/models/utils/abstracts.go +++ b/models/utils/abstracts.go @@ -18,16 +18,25 @@ import ( // single instance of the validator used in every model Struct to validate the fields var validate = validator.New(validator.WithRequiredStructEnabled()) +type AccessMode int + +const ( + Private AccessMode = iota + Public +) + /* * AbstractObject is a struct that represents the basic fields of an object * it defines the object id and name * every data in base root model should inherit from this struct (only exception is the ResourceModel) */ type AbstractObject struct { - UUID string `json:"id,omitempty" bson:"id,omitempty" validate:"required"` - Name string `json:"name,omitempty" bson:"name,omitempty" validate:"required"` - UpdateDate time.Time `json:"update_date" bson:"update_date"` - LastPeerWriter string `json:"last_peer_writer" bson:"last_peer_writer"` + UUID string `json:"id,omitempty" bson:"id,omitempty" validate:"required"` + Name string `json:"name,omitempty" bson:"name,omitempty" validate:"required"` + UpdateDate time.Time `json:"update_date" bson:"update_date"` + LastPeerWriter string `json:"last_peer_writer" bson:"last_peer_writer"` + CreatorID string `json:"creator_id" bson:"creator_id" default:"unknown"` + AccessMode AccessMode `json:"access_mode" bson:"access_mode" default:"0"` } func (r *AbstractObject) GenerateID() { @@ -46,13 +55,16 @@ func (ao AbstractObject) GetName() string { return ao.Name } -func (ao *AbstractObject) UpToDate() { +func (ao *AbstractObject) UpToDate(user string, create bool) { ao.UpdateDate = time.Now() - // ao.LastPeerWriter, _ = static.GetMyLocalJsonPeer() + ao.LastPeerWriter = user + if create { + ao.CreatorID = user + } } func (ao *AbstractObject) VerifyAuth(username string, peerID string, groups []string) bool { - return true + return ao.AccessMode == Public || ao.CreatorID == username } func (ao *AbstractObject) GetObjectFilters(search string) *dbs.Filters { @@ -120,6 +132,7 @@ func (dma *AbstractAccessor) GetCaller() *tools.HTTPCaller { // GenericLoadOne loads one object from the database (generic) func GenericStoreOne(data DBObject, a Accessor) (DBObject, int, error) { data.GenerateID() + data.UpToDate(a.GetUser(), true) f := dbs.Filters{ Or: map[string][]dbs.Filter{ "abstractresource.abstractobject.name": {{ @@ -175,6 +188,7 @@ func GenericUpdateOne(set DBObject, id string, a Accessor, new DBObject) (DBObje if err != nil { return nil, c, err } + r.UpToDate(a.GetUser(), false) if !r.VerifyAuth(a.GetUser(), a.GetPeerID(), a.GetGroups()) { return nil, 403, errors.New("You are not allowed to access this collaborative area") } diff --git a/models/utils/interfaces.go b/models/utils/interfaces.go index 782cc82..c99aa62 100644 --- a/models/utils/interfaces.go +++ b/models/utils/interfaces.go @@ -20,7 +20,7 @@ type DBObject interface { GenerateID() GetID() string GetName() string - UpToDate() + UpToDate(user string, create bool) VerifyAuth(username string, PeerID string, groups []string) bool Deserialize(j map[string]interface{}, obj DBObject) DBObject Serialize(obj DBObject) map[string]interface{} diff --git a/models/workflow/workflow.go b/models/workflow/workflow.go index 1cafc09..ddd6cdb 100644 --- a/models/workflow/workflow.go +++ b/models/workflow/workflow.go @@ -108,10 +108,8 @@ func (ao *Workflow) VerifyAuth(username string, peerID string, groups []string) } isAuthorized = shared.VerifyAuth(username, peerID, groups) } - } else { - isAuthorized = true } - return isAuthorized + return ao.AbstractObject.VerifyAuth(username, peerID, groups) || isAuthorized } /* diff --git a/models/workflow_execution/workflow_execution.go b/models/workflow_execution/workflow_execution.go index 607ebcf..e802b29 100644 --- a/models/workflow_execution/workflow_execution.go +++ b/models/workflow_execution/workflow_execution.go @@ -118,3 +118,7 @@ func (d *WorkflowExecution) GetName() string { func (d *WorkflowExecution) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { return New(tools.WORKFLOW_EXECUTION, username, peerID, groups, caller) // Create a new instance of the accessor } + +func (d *WorkflowExecution) VerifyAuth(username string, peerID string, groups []string) bool { + return true +} diff --git a/models/workspace/workspace.go b/models/workspace/workspace.go index f738217..cff7246 100644 --- a/models/workspace/workspace.go +++ b/models/workspace/workspace.go @@ -1,8 +1,6 @@ package workspace import ( - "fmt" - "cloud.o-forge.io/core/oc-lib/models/collaborative_area/shallow_collaborative_area" "cloud.o-forge.io/core/oc-lib/models/resources" "cloud.o-forge.io/core/oc-lib/models/utils" @@ -23,7 +21,6 @@ func (d *Workspace) GetAccessor(username string, peerID string, groups []string, } func (ao *Workspace) VerifyAuth(username string, peerID string, groups []string) bool { - fmt.Println("Workspace.VerifyAuth", ao.Shared) if ao.Shared != "" { shared, code, _ := shallow_collaborative_area.New(tools.COLLABORATIVE_AREA, username, peerID, groups, nil).LoadOne(ao.Shared) if code != 200 || shared == nil { @@ -31,5 +28,5 @@ func (ao *Workspace) VerifyAuth(username string, peerID string, groups []string) } return shared.VerifyAuth(username, peerID, groups) } - return true + return ao.AbstractObject.VerifyAuth(username, peerID, groups) }