diff --git a/entrypoint.go b/entrypoint.go index 363cc38..1e29996 100644 --- a/entrypoint.go +++ b/entrypoint.go @@ -118,6 +118,7 @@ func InitDaemon(appName string) { } type IDTokenClaims struct { + UserID string `json:"user_id"` PeerID string `json:"peer_id"` Groups []string `json:"groups"` } @@ -133,7 +134,7 @@ type Claims struct { Session SessionClaims `json:"session"` } -func ExtractTokenInfo(request http.Request) (string, []string) { +func ExtractTokenInfo(request http.Request) (string, string, []string) { reqToken := request.Header.Get("Authorization") splitToken := strings.Split(reqToken, "Bearer ") if len(splitToken) < 2 { @@ -146,17 +147,17 @@ func ExtractTokenInfo(request http.Request) (string, []string) { if len(token) > 2 { bytes, err := base64.StdEncoding.DecodeString(token[2]) if err != nil { - return "", []string{} + return "", "", []string{} } var c Claims err = json.Unmarshal(bytes, &c) if err != nil { - return "", []string{} + return "", "", []string{} } - return c.Session.IDToken.PeerID, c.Session.IDToken.Groups + return c.Session.IDToken.UserID, c.Session.IDToken.PeerID, c.Session.IDToken.Groups } } - return "", []string{} + return "", "", []string{} } func Init(appName string) { @@ -199,7 +200,7 @@ func SetConfig(mongoUrl string, database string, natsUrl string, lokiUrl string, If not we will store it Resource model is the model that will define the structure of the resources */ - accessor := (&resource_model.ResourceModel{}).GetAccessor("", []string{}, nil) + accessor := (&resource_model.ResourceModel{}).GetAccessor("", "", []string{}, nil) for _, model := range []string{tools.DATA_RESOURCE.String(), tools.PROCESSING_RESOURCE.String(), tools.STORAGE_RESOURCE.String(), tools.COMPUTE_RESOURCE.String(), tools.WORKFLOW_RESOURCE.String()} { data, code, _ := accessor.Search(nil, model) if code == 404 || len(data) == 0 { @@ -268,13 +269,14 @@ func GetConfLoader() *onion.Onion { type Request struct { collection LibDataEnum + user string peerID string groups []string caller *tools.HTTPCaller } -func NewRequest(collection LibDataEnum, peerID string, groups []string, caller *tools.HTTPCaller) *Request { - return &Request{collection: collection, peerID: peerID, groups: groups, caller: caller} +func NewRequest(collection LibDataEnum, user string, peerID string, groups []string, caller *tools.HTTPCaller) *Request { + return &Request{collection: collection, user: user, peerID: peerID, groups: groups, caller: caller} } /* @@ -292,7 +294,7 @@ func (r *Request) Search(filters *dbs.Filters, word string) (data LibDataShallow data = LibDataShallow{Data: nil, Code: 500, Err: "Panic recovered in LoadAll : " + fmt.Sprintf("%v", r) + " - " + string(debug.Stack())} } }() - d, code, err := models.Model(r.collection.EnumIndex()).GetAccessor(r.peerID, r.groups, r.caller).Search(filters, word) + d, code, err := models.Model(r.collection.EnumIndex()).GetAccessor(r.user, r.peerID, r.groups, r.caller).Search(filters, word) if err != nil { data = LibDataShallow{Data: d, Code: code, Err: err.Error()} return @@ -314,7 +316,7 @@ func (r *Request) LoadAll() (data LibDataShallow) { data = LibDataShallow{Data: nil, Code: 500, Err: "Panic recovered in LoadAll : " + fmt.Sprintf("%v", r) + " - " + string(debug.Stack())} } }() - d, code, err := models.Model(r.collection.EnumIndex()).GetAccessor(r.peerID, r.groups, r.caller).LoadAll() + d, code, err := models.Model(r.collection.EnumIndex()).GetAccessor(r.user, r.peerID, r.groups, r.caller).LoadAll() if err != nil { data = LibDataShallow{Data: d, Code: code, Err: err.Error()} return @@ -337,7 +339,7 @@ func (r *Request) LoadOne(id string) (data LibData) { data = LibData{Data: nil, Code: 500, Err: "Panic recovered in LoadOne : " + fmt.Sprintf("%v", r) + " - " + string(debug.Stack())} } }() - d, code, err := models.Model(r.collection.EnumIndex()).GetAccessor(r.peerID, r.groups, r.caller).LoadOne(id) + d, code, err := models.Model(r.collection.EnumIndex()).GetAccessor(r.user, r.peerID, r.groups, r.caller).LoadOne(id) if err != nil { data = LibData{Data: d, Code: code, Err: err.Error()} return @@ -362,7 +364,7 @@ func (r *Request) UpdateOne(set map[string]interface{}, id string) (data LibData } }() model := models.Model(r.collection.EnumIndex()) - d, code, err := model.GetAccessor(r.peerID, r.groups, r.caller).UpdateOne(model.Deserialize(set, model), id) + d, code, err := model.GetAccessor(r.user, r.peerID, r.groups, r.caller).UpdateOne(model.Deserialize(set, model), id) if err != nil { data = LibData{Data: d, Code: code, Err: err.Error()} return @@ -385,7 +387,7 @@ func (r *Request) DeleteOne(id string) (data LibData) { data = LibData{Data: nil, Code: 500, Err: "Panic recovered in DeleteOne : " + fmt.Sprintf("%v", r) + " - " + string(debug.Stack())} } }() - d, code, err := models.Model(r.collection.EnumIndex()).GetAccessor(r.peerID, r.groups, r.caller).DeleteOne(id) + d, code, err := models.Model(r.collection.EnumIndex()).GetAccessor(r.user, r.peerID, r.groups, r.caller).DeleteOne(id) if err != nil { data = LibData{Data: d, Code: code, Err: err.Error()} return @@ -409,7 +411,7 @@ func (r *Request) StoreOne(object map[string]interface{}) (data LibData) { } }() model := models.Model(r.collection.EnumIndex()) - d, code, err := model.GetAccessor(r.peerID, r.groups, r.caller).StoreOne(model.Deserialize(object, model)) + d, code, err := model.GetAccessor(r.user, r.peerID, r.groups, r.caller).StoreOne(model.Deserialize(object, model)) if err != nil { data = LibData{Data: d, Code: code, Err: err.Error()} return @@ -433,7 +435,7 @@ func (r *Request) CopyOne(object map[string]interface{}) (data LibData) { } }() model := models.Model(r.collection.EnumIndex()) - d, code, err := model.GetAccessor(r.peerID, r.groups, r.caller).CopyOne(model.Deserialize(object, model)) + d, code, err := model.GetAccessor(r.user, r.peerID, r.groups, r.caller).CopyOne(model.Deserialize(object, model)) if err != nil { data = LibData{Data: d, Code: code, Err: err.Error()} return @@ -445,72 +447,72 @@ func (r *Request) CopyOne(object map[string]interface{}) (data LibData) { // ================ CAST ========================= // func (l *LibData) ToDataResource() *resources.DataResource { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.DATA_RESOURCE { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.DATA_RESOURCE { return l.Data.(*resources.DataResource) } return nil } func (l *LibData) ToComputeResource() *resources.ComputeResource { - if l.Data != nil && l.Data.GetAccessor("", []string{}, nil).GetType() == tools.COMPUTE_RESOURCE { + if l.Data != nil && l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.COMPUTE_RESOURCE { return l.Data.(*resources.ComputeResource) } return nil } func (l *LibData) ToStorageResource() *resources.StorageResource { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.STORAGE_RESOURCE { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.STORAGE_RESOURCE { return l.Data.(*resources.StorageResource) } return nil } func (l *LibData) ToProcessingResource() *resources.ProcessingResource { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.PROCESSING_RESOURCE { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.PROCESSING_RESOURCE { return l.Data.(*resources.ProcessingResource) } return nil } func (l *LibData) ToWorkflowResource() *resources.WorkflowResource { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.WORKFLOW_RESOURCE { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.WORKFLOW_RESOURCE { return l.Data.(*resources.WorkflowResource) } return nil } func (l *LibData) ToPeer() *peer.Peer { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.PEER { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.PEER { return l.Data.(*peer.Peer) } return nil } func (l *LibData) ToWorkflow() *w2.Workflow { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.WORKFLOW { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.WORKFLOW { return l.Data.(*w2.Workflow) } return nil } func (l *LibData) ToWorkspace() *workspace.Workspace { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.WORKSPACE { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.WORKSPACE { return l.Data.(*workspace.Workspace) } return nil } func (l *LibData) ToCollaborativeArea() *collaborative_area.CollaborativeArea { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.COLLABORATIVE_AREA { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.COLLABORATIVE_AREA { return l.Data.(*collaborative_area.CollaborativeArea) } return nil } func (l *LibData) ToRule() *rule.Rule { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.COLLABORATIVE_AREA { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.COLLABORATIVE_AREA { return l.Data.(*rule.Rule) } return nil } func (l *LibData) ToWorkflowExecution() *workflow_execution.WorkflowExecution { - if l.Data.GetAccessor("", []string{}, nil).GetType() == tools.WORKFLOW_EXECUTION { + if l.Data.GetAccessor("", "", []string{}, nil).GetType() == tools.WORKFLOW_EXECUTION { return l.Data.(*workflow_execution.WorkflowExecution) } return nil diff --git a/models/booking/booking.go b/models/booking/booking.go index e557b24..274235d 100644 --- a/models/booking/booking.go +++ b/models/booking/booking.go @@ -26,7 +26,7 @@ func (wfa *Booking) CheckBooking(id string, start time.Time, end *time.Time) (bo return true, nil } e := *end - accessor := New(tools.BOOKING, "", nil, nil) + accessor := New(tools.BOOKING, "", "", nil, nil) res, code, err := accessor.Search(&dbs.Filters{ And: map[string][]dbs.Filter{ // check if there is a booking on the same compute resource by filtering on the compute_resource_id, the state and the execution date "compute_resource_id": {{Operator: dbs.EQUAL.String(), Value: id}}, @@ -53,6 +53,6 @@ func (d *Booking) GetName() string { return d.UUID + "_" + d.ExecDate.String() } -func (d *Booking) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New(tools.BOOKING, peerID, groups, caller) // Create a new instance of the accessor +func (d *Booking) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New(tools.BOOKING, username, peerID, groups, caller) // Create a new instance of the accessor } diff --git a/models/booking/booking_mongo_accessor.go b/models/booking/booking_mongo_accessor.go index 28c7f45..61aa6a8 100644 --- a/models/booking/booking_mongo_accessor.go +++ b/models/booking/booking_mongo_accessor.go @@ -15,13 +15,14 @@ type bookingMongoAccessor struct { } // New creates a new instance of the bookingMongoAccessor -func New(t tools.DataType, peerID string, groups []string, caller *tools.HTTPCaller) *bookingMongoAccessor { +func New(t tools.DataType, username string, peerID string, groups []string, caller *tools.HTTPCaller) *bookingMongoAccessor { return &bookingMongoAccessor{ AbstractAccessor: utils.AbstractAccessor{ Logger: logs.CreateLogger(t.String()), // Create a logger with the data type Caller: caller, PeerID: peerID, - Groups: groups, // Set the caller + Groups: groups, + User: username, // Set the caller Type: t, }, } diff --git a/models/collaborative_area/collaborative_area.go b/models/collaborative_area/collaborative_area.go index b08716d..a5b89e8 100644 --- a/models/collaborative_area/collaborative_area.go +++ b/models/collaborative_area/collaborative_area.go @@ -70,7 +70,7 @@ func (ao *CollaborativeArea) Clear(peerID string) { ao.CollaborativeAreaRule.CreatedAt = time.Now().UTC() } -func (ao *CollaborativeArea) VerifyAuth(peerID string, groups []string) bool { +func (ao *CollaborativeArea) VerifyAuth(username string, peerID string, groups []string) bool { if ao.AllowedPeersGroup != nil || config.GetConfig().Whitelist { if grps, ok := ao.AllowedPeersGroup[peerID]; ok || config.GetConfig().Whitelist { fmt.Println("grps", grps, "ok", ok, "config.GetConfig().Whitelist", config.GetConfig().Whitelist) @@ -87,8 +87,8 @@ func (ao *CollaborativeArea) VerifyAuth(peerID string, groups []string) bool { return false } -func (d *CollaborativeArea) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New(tools.COLLABORATIVE_AREA, peerID, groups, caller) // Create a new instance of the accessor +func (d *CollaborativeArea) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New(tools.COLLABORATIVE_AREA, username, peerID, groups, caller) // Create a new instance of the accessor } func (d *CollaborativeArea) Trim() *CollaborativeArea { diff --git a/models/collaborative_area/collaborative_area_mongo_accessor.go b/models/collaborative_area/collaborative_area_mongo_accessor.go index 6fdaebf..d67ecd5 100644 --- a/models/collaborative_area/collaborative_area_mongo_accessor.go +++ b/models/collaborative_area/collaborative_area_mongo_accessor.go @@ -26,7 +26,7 @@ type collaborativeAreaMongoAccessor struct { ruleAccessor utils.Accessor } -func New(t tools.DataType, peerID string, groups []string, caller *tools.HTTPCaller) *collaborativeAreaMongoAccessor { +func New(t tools.DataType, username string, peerID string, groups []string, caller *tools.HTTPCaller) *collaborativeAreaMongoAccessor { return &collaborativeAreaMongoAccessor{ AbstractAccessor: utils.AbstractAccessor{ Logger: logs.CreateLogger(t.String()), // Create a logger with the data type @@ -35,10 +35,10 @@ func New(t tools.DataType, peerID string, groups []string, caller *tools.HTTPCal Groups: groups, // Set the caller Type: t, }, - workspaceAccessor: (&workspace.Workspace{}).GetAccessor(peerID, groups, nil), - workflowAccessor: (&w.Workflow{}).GetAccessor(peerID, groups, nil), - peerAccessor: (&peer.Peer{}).GetAccessor(peerID, groups, nil), - ruleAccessor: (&rule.Rule{}).GetAccessor(peerID, groups, nil), + workspaceAccessor: (&workspace.Workspace{}).GetAccessor(username, peerID, groups, nil), + workflowAccessor: (&w.Workflow{}).GetAccessor(username, peerID, groups, nil), + peerAccessor: (&peer.Peer{}).GetAccessor(username, peerID, groups, nil), + ruleAccessor: (&rule.Rule{}).GetAccessor(username, peerID, groups, nil), } } diff --git a/models/collaborative_area/rules/rule/rule.go b/models/collaborative_area/rules/rule/rule.go index 1a2f2ec..23835b9 100644 --- a/models/collaborative_area/rules/rule/rule.go +++ b/models/collaborative_area/rules/rule/rule.go @@ -20,6 +20,6 @@ func (r *Rule) GenerateID() { r.UUID = uuid.New().String() } -func (d *Rule) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New(tools.RULE, peerID, groups, caller) +func (d *Rule) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New(tools.RULE, username, peerID, groups, caller) } diff --git a/models/collaborative_area/rules/rule/rule_mongo_accessor.go b/models/collaborative_area/rules/rule/rule_mongo_accessor.go index 632715d..eea81cf 100644 --- a/models/collaborative_area/rules/rule/rule_mongo_accessor.go +++ b/models/collaborative_area/rules/rule/rule_mongo_accessor.go @@ -13,13 +13,14 @@ type ruleMongoAccessor struct { } // New creates a new instance of the ruleMongoAccessor -func New(t tools.DataType, peerID string, groups []string, caller *tools.HTTPCaller) *ruleMongoAccessor { +func New(t tools.DataType, username string, peerID string, groups []string, caller *tools.HTTPCaller) *ruleMongoAccessor { return &ruleMongoAccessor{ AbstractAccessor: utils.AbstractAccessor{ Logger: logs.CreateLogger(t.String()), // Create a logger with the data type Caller: caller, PeerID: peerID, Groups: groups, // Set the caller + User: username, Type: t, }, } diff --git a/models/collaborative_area/shallow_collaborative_area/shallow_collaborative_area.go b/models/collaborative_area/shallow_collaborative_area/shallow_collaborative_area.go index 24429d3..340cfef 100644 --- a/models/collaborative_area/shallow_collaborative_area/shallow_collaborative_area.go +++ b/models/collaborative_area/shallow_collaborative_area/shallow_collaborative_area.go @@ -18,6 +18,6 @@ type ShallowCollaborativeArea struct { Rules []string `json:"rules,omitempty" bson:"rules,omitempty"` } -func (d *ShallowCollaborativeArea) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New(tools.COLLABORATIVE_AREA, peerID, groups, caller) +func (d *ShallowCollaborativeArea) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New(tools.COLLABORATIVE_AREA, username, peerID, groups, caller) } diff --git a/models/collaborative_area/shallow_collaborative_area/shallow_collaborative_area_mongo_accessor.go b/models/collaborative_area/shallow_collaborative_area/shallow_collaborative_area_mongo_accessor.go index 3748cba..1873271 100644 --- a/models/collaborative_area/shallow_collaborative_area/shallow_collaborative_area_mongo_accessor.go +++ b/models/collaborative_area/shallow_collaborative_area/shallow_collaborative_area_mongo_accessor.go @@ -11,13 +11,14 @@ type shallowSharedWorkspaceMongoAccessor struct { utils.AbstractAccessor } -func New(t tools.DataType, peerID string, groups []string, caller *tools.HTTPCaller) *shallowSharedWorkspaceMongoAccessor { +func New(t tools.DataType, username string, peerID string, groups []string, caller *tools.HTTPCaller) *shallowSharedWorkspaceMongoAccessor { return &shallowSharedWorkspaceMongoAccessor{ AbstractAccessor: utils.AbstractAccessor{ Logger: logs.CreateLogger(t.String()), // Create a logger with the data type Caller: caller, PeerID: peerID, - Groups: groups, // Set the caller + User: username, // Set the caller + Groups: groups, // Set the caller Type: t, }, } diff --git a/models/peer/peer.go b/models/peer/peer.go index 170fa3a..754c2a9 100644 --- a/models/peer/peer.go +++ b/models/peer/peer.go @@ -63,7 +63,7 @@ func (ao *Peer) RemoveExecution(exec PeerExecution) { // IsMySelf checks if the peer is the local peer func (ao *Peer) IsMySelf() (bool, string) { - d, code, err := New(tools.PEER, "", nil, nil).Search(nil, SELF.String()) + d, code, err := New(tools.PEER, "", "", nil, nil).Search(nil, SELF.String()) if code != 200 || err != nil || len(d) == 0 { return false, "" } @@ -76,7 +76,7 @@ func (p *Peer) LaunchPeerExecution(peerID string, dataID string, dt tools.DataTy p.UUID = peerID return cache.LaunchPeerExecution(peerID, dataID, dt, method, body, caller) // Launch the execution on the peer through the cache } -func (d *Peer) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - data := New(tools.PEER, peerID, groups, caller) // Create a new instance of the accessor +func (d *Peer) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + data := New(tools.PEER, username, peerID, groups, caller) // Create a new instance of the accessor return data } diff --git a/models/peer/peer_mongo_accessor.go b/models/peer/peer_mongo_accessor.go index 5c693ec..c79080a 100644 --- a/models/peer/peer_mongo_accessor.go +++ b/models/peer/peer_mongo_accessor.go @@ -23,12 +23,13 @@ func NewShallow() *peerMongoAccessor { } } -func New(t tools.DataType, peerID string, groups []string, caller *tools.HTTPCaller) *peerMongoAccessor { +func New(t tools.DataType, username string, peerID string, groups []string, caller *tools.HTTPCaller) *peerMongoAccessor { return &peerMongoAccessor{ utils.AbstractAccessor{ Logger: logs.CreateLogger(t.String()), // Create a logger with the data type Caller: caller, PeerID: peerID, + User: username, Groups: groups, // Set the caller Type: t, }, diff --git a/models/resources/compute.go b/models/resources/compute.go index 75d5dd9..d464954 100644 --- a/models/resources/compute.go +++ b/models/resources/compute.go @@ -23,8 +23,8 @@ type ComputeResource struct { GPUs []*GPU `bson:"gpus,omitempty" json:"gpus,omitempty"` // GPUs is the list of GPUs } -func (d *ComputeResource) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New[*ComputeResource](tools.COMPUTE_RESOURCE, peerID, groups, caller, func() utils.DBObject { return &ComputeResource{} }) +func (d *ComputeResource) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New[*ComputeResource](tools.COMPUTE_RESOURCE, username, peerID, groups, caller, func() utils.DBObject { return &ComputeResource{} }) } // CPU is a struct that represents a CPU diff --git a/models/resources/data.go b/models/resources/data.go index 5da620b..dbb31f9 100644 --- a/models/resources/data.go +++ b/models/resources/data.go @@ -37,6 +37,6 @@ type DataResource struct { Example string `json:"example,omitempty" bson:"example,omitempty" description:"base64 encoded data"` // Example is an example of the data } -func (d *DataResource) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New[*DataResource](tools.DATA_RESOURCE, peerID, groups, caller, func() utils.DBObject { return &DataResource{} }) // Create a new instance of the accessor +func (d *DataResource) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New[*DataResource](tools.DATA_RESOURCE, username, peerID, groups, caller, func() utils.DBObject { return &DataResource{} }) // Create a new instance of the accessor } diff --git a/models/resources/processing.go b/models/resources/processing.go index 2837365..f09b471 100644 --- a/models/resources/processing.go +++ b/models/resources/processing.go @@ -38,6 +38,6 @@ type ProcessingResource struct { Expose []Expose `bson:"expose,omitempty" json:"expose,omitempty"` // Expose is the execution } -func (d *ProcessingResource) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New[*ProcessingResource](tools.PROCESSING_RESOURCE, peerID, groups, caller, func() utils.DBObject { return &ProcessingResource{} }) // Create a new instance of the accessor +func (d *ProcessingResource) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New[*ProcessingResource](tools.PROCESSING_RESOURCE, username, peerID, groups, caller, func() utils.DBObject { return &ProcessingResource{} }) // Create a new instance of the accessor } diff --git a/models/resources/resource.go b/models/resources/resource.go index f164531..45785ea 100644 --- a/models/resources/resource.go +++ b/models/resources/resource.go @@ -38,7 +38,7 @@ func (r *ResourceSet) Clear() { r.WorkflowResources = nil } -func (r *ResourceSet) Fill(peerID string, groups []string) { +func (r *ResourceSet) Fill(username string, peerID string, groups []string) { for k, v := range map[utils.DBObject][]string{ (&DataResource{}): r.Datas, (&ComputeResource{}): r.Computes, @@ -47,7 +47,7 @@ func (r *ResourceSet) Fill(peerID string, groups []string) { (&WorkflowResource{}): r.Workflows, } { for _, id := range v { - d, _, e := k.GetAccessor(peerID, groups, nil).LoadOne(id) + d, _, e := k.GetAccessor(username, peerID, groups, nil).LoadOne(id) if e == nil { switch k.(type) { case *DataResource: diff --git a/models/resources/resource_accessor.go b/models/resources/resource_accessor.go index 1b06fd2..6c57b1d 100644 --- a/models/resources/resource_accessor.go +++ b/models/resources/resource_accessor.go @@ -14,14 +14,15 @@ type resourceMongoAccessor[T ResourceInterface] struct { } // New creates a new instance of the computeMongoAccessor -func New[T ResourceInterface](t tools.DataType, peerID string, groups []string, caller *tools.HTTPCaller, g func() utils.DBObject) *resourceMongoAccessor[T] { +func New[T ResourceInterface](t tools.DataType, username string, peerID string, groups []string, caller *tools.HTTPCaller, g func() utils.DBObject) *resourceMongoAccessor[T] { return &resourceMongoAccessor[T]{ AbstractAccessor: utils.AbstractAccessor{ ResourceModelAccessor: resource_model.New(), Logger: logs.CreateLogger(t.String()), // Create a logger with the data type Caller: caller, PeerID: peerID, - Groups: groups, // Set the caller + User: username, // Set the caller + Groups: groups, // Set the caller Type: t, }, generateData: g, diff --git a/models/resources/resource_model/resource_model.go b/models/resources/resource_model/resource_model.go index 001d4d4..faa008e 100644 --- a/models/resources/resource_model/resource_model.go +++ b/models/resources/resource_model/resource_model.go @@ -38,7 +38,7 @@ type AbstractResource struct { Currency string `json:"currency,omitempty" bson:"currency,omitempty"` // Currency is the currency of the price } -func (ao *AbstractResource) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { +func (ao *AbstractResource) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { return nil } @@ -46,7 +46,7 @@ func (abs *AbstractResource) SetResourceModel(model *ResourceModel) { abs.ResourceModel = model } -func (abs *AbstractResource) VerifyAuth(peerID string, groups []string) bool { +func (abs *AbstractResource) VerifyAuth(username string, peerID string, groups []string) bool { if grps, ok := abs.AllowedPeersGroup[peerID]; ok || config.GetConfig().Whitelist { if (ok && slices.Contains(grps, "*")) || (!ok && config.GetConfig().Whitelist) { return true @@ -135,16 +135,17 @@ func (d *ResourceModel) GetName() string { return d.UUID } -func (abs *ResourceModel) VerifyAuth(peerID string, groups []string) bool { +func (abs *ResourceModel) VerifyAuth(username string, peerID string, groups []string) bool { return true } -func (d *ResourceModel) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { +func (d *ResourceModel) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { return &ResourceModelMongoAccessor{ utils.AbstractAccessor{ Type: tools.RESOURCE_MODEL, PeerID: peerID, Groups: groups, + User: username, Caller: caller, }, } diff --git a/models/resources/storage.go b/models/resources/storage.go index ca8289c..aa3a019 100644 --- a/models/resources/storage.go +++ b/models/resources/storage.go @@ -56,6 +56,6 @@ type StorageResource struct { Throughput string `bson:"throughput,omitempty" json:"throughput,omitempty"` // Throughput is the throughput of the storage } -func (d *StorageResource) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New[*StorageResource](tools.STORAGE_RESOURCE, peerID, groups, caller, func() utils.DBObject { return &StorageResource{} }) // Create a new instance of the accessor +func (d *StorageResource) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New[*StorageResource](tools.STORAGE_RESOURCE, username, peerID, groups, caller, func() utils.DBObject { return &StorageResource{} }) // Create a new instance of the accessor } diff --git a/models/resources/workflow.go b/models/resources/workflow.go index 41eaa8c..f3173be 100644 --- a/models/resources/workflow.go +++ b/models/resources/workflow.go @@ -13,6 +13,6 @@ type WorkflowResource struct { WorkflowID string `bson:"workflow_id,omitempty" json:"workflow_id,omitempty"` // WorkflowID is the ID of the native workflow } -func (d *WorkflowResource) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New[*WorkflowResource](tools.WORKFLOW_RESOURCE, peerID, groups, caller, func() utils.DBObject { return &WorkflowResource{} }) // Create a new instance of the accessor +func (d *WorkflowResource) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New[*WorkflowResource](tools.WORKFLOW_RESOURCE, username, peerID, groups, caller, func() utils.DBObject { return &WorkflowResource{} }) // Create a new instance of the accessor } diff --git a/models/utils/abstracts.go b/models/utils/abstracts.go index 042c394..598bbf0 100644 --- a/models/utils/abstracts.go +++ b/models/utils/abstracts.go @@ -51,7 +51,7 @@ func (ao *AbstractObject) UpToDate() { // ao.LastPeerWriter, _ = static.GetMyLocalJsonPeer() } -func (ao *AbstractObject) VerifyAuth(peerID string, groups []string) bool { +func (ao *AbstractObject) VerifyAuth(username string, peerID string, groups []string) bool { return true } @@ -82,15 +82,19 @@ func (dma *AbstractObject) Serialize(obj DBObject) map[string]interface{} { } type AbstractAccessor struct { - Logger zerolog.Logger // Logger is the logger of the accessor, it's a specilized logger for the accessor - Type tools.DataType // Type is the data type of the accessor - Caller *tools.HTTPCaller // Caller is the http caller of the accessor (optionnal) only need in a peer connection - PeerID string // PeerID is the id of the peer - Groups []string // Groups is the list of groups that can access the accessor - + Logger zerolog.Logger // Logger is the logger of the accessor, it's a specilized logger for the accessor + Type tools.DataType // Type is the data type of the accessor + Caller *tools.HTTPCaller // Caller is the http caller of the accessor (optionnal) only need in a peer connection + PeerID string // PeerID is the id of the peer + Groups []string // Groups is the list of groups that can access the accessor + User string // User is the user that is using the accessor ResourceModelAccessor Accessor } +func (dma *AbstractAccessor) GetUser() string { + return dma.User +} + func (dma *AbstractAccessor) GetPeerID() string { return dma.PeerID } @@ -128,7 +132,7 @@ func GenericStoreOne(data DBObject, a Accessor) (DBObject, int, error) { }}, }, } - if !data.VerifyAuth(a.GetPeerID(), a.GetGroups()) { + if !data.VerifyAuth(a.GetUser(), a.GetPeerID(), a.GetGroups()) { return nil, 403, errors.New("You are not allowed to access this collaborative area") } if cursor, _, _ := a.Search(&f, ""); len(cursor) > 0 { @@ -153,7 +157,7 @@ func GenericDeleteOne(id string, a Accessor) (DBObject, int, error) { a.GetLogger().Error().Msg("Could not retrieve " + id + " to db. Error: " + err.Error()) return nil, code, err } - if !res.VerifyAuth(a.GetPeerID(), a.GetGroups()) { + if !res.VerifyAuth(a.GetUser(), a.GetPeerID(), a.GetGroups()) { return nil, 403, errors.New("You are not allowed to access this collaborative area") } _, code, err = mongo.MONGOService.DeleteOne(id, a.GetType().String()) @@ -171,7 +175,7 @@ func GenericUpdateOne(set DBObject, id string, a Accessor, new DBObject) (DBObje if err != nil { return nil, c, err } - if !r.VerifyAuth(a.GetPeerID(), a.GetGroups()) { + if !r.VerifyAuth(a.GetUser(), a.GetPeerID(), a.GetGroups()) { return nil, 403, errors.New("You are not allowed to access this collaborative area") } change := set.Serialize(set) // get the changes @@ -196,7 +200,7 @@ func GenericLoadOne[T DBObject](id string, f func(DBObject) (DBObject, int, erro return nil, code, err } res_mongo.Decode(&data) - if !data.VerifyAuth(a.GetPeerID(), a.GetGroups()) { + if !data.VerifyAuth(a.GetUser(), a.GetPeerID(), a.GetGroups()) { return nil, 403, errors.New("You are not allowed to access this collaborative area") } return f(data) @@ -213,7 +217,7 @@ func genericLoadAll[T DBObject](res *mgb.Cursor, code int, err error, f func(DBO return nil, 404, err } for _, r := range results { - if !r.VerifyAuth(a.GetPeerID(), a.GetGroups()) { + if !r.VerifyAuth(a.GetUser(), a.GetPeerID(), a.GetGroups()) { continue } objs = append(objs, f(r)) diff --git a/models/utils/interfaces.go b/models/utils/interfaces.go index 7ae4f44..782cc82 100644 --- a/models/utils/interfaces.go +++ b/models/utils/interfaces.go @@ -21,15 +21,16 @@ type DBObject interface { GetID() string GetName() string UpToDate() - VerifyAuth(PeerID string, groups []string) bool + VerifyAuth(username string, PeerID string, groups []string) bool Deserialize(j map[string]interface{}, obj DBObject) DBObject Serialize(obj DBObject) map[string]interface{} - GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) Accessor + GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) Accessor } // Accessor is an interface that defines the basic methods for an Accessor type Accessor interface { GetType() tools.DataType + GetUser() string GetPeerID() string GetGroups() []string GetLogger() *zerolog.Logger diff --git a/models/workflow/workflow.go b/models/workflow/workflow.go index f24fd92..1cafc09 100644 --- a/models/workflow/workflow.go +++ b/models/workflow/workflow.go @@ -98,15 +98,15 @@ type Workflow struct { AbstractWorkflow // AbstractWorkflow contains the basic fields of a workflow } -func (ao *Workflow) VerifyAuth(peerID string, groups []string) bool { +func (ao *Workflow) VerifyAuth(username string, peerID string, groups []string) bool { isAuthorized := false if len(ao.Shared) > 0 { for _, shared := range ao.Shared { - shared, code, _ := shallow_collaborative_area.New(tools.COLLABORATIVE_AREA, peerID, groups, nil).LoadOne(shared) + shared, code, _ := shallow_collaborative_area.New(tools.COLLABORATIVE_AREA, username, peerID, groups, nil).LoadOne(shared) if code != 200 || shared == nil { isAuthorized = false } - isAuthorized = shared.VerifyAuth(peerID, groups) + isAuthorized = shared.VerifyAuth(username, peerID, groups) } } else { isAuthorized = true @@ -122,7 +122,7 @@ func (wfa *Workflow) CheckBooking(caller *tools.HTTPCaller) (bool, error) { if wfa.Graph == nil { // no graph no booking return false, nil } - accessor := (&resources.ComputeResource{}).GetAccessor("", []string{}, caller) + accessor := (&resources.ComputeResource{}).GetAccessor("", "", []string{}, caller) for _, link := range wfa.Graph.Links { if ok, dc_id := wfa.isDCLink(link); ok { // check if the link is a link between a compute and a resource dc, code, _ := accessor.LoadOne(dc_id) @@ -143,6 +143,6 @@ func (wfa *Workflow) CheckBooking(caller *tools.HTTPCaller) (bool, error) { return true, nil } -func (d *Workflow) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New(tools.WORKFLOW, peerID, groups, caller) // Create a new instance of the accessor +func (d *Workflow) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New(tools.WORKFLOW, username, peerID, groups, caller) // Create a new instance of the accessor } diff --git a/models/workflow/workflow_history_mongo_accessor.go b/models/workflow/workflow_history_mongo_accessor.go index 09ae09e..13f197a 100644 --- a/models/workflow/workflow_history_mongo_accessor.go +++ b/models/workflow/workflow_history_mongo_accessor.go @@ -8,8 +8,8 @@ import ( type WorkflowHistory struct{ Workflow } -func (d *WorkflowHistory) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New(tools.WORKSPACE_HISTORY, peerID, groups, caller) // Create a new instance of the accessor +func (d *WorkflowHistory) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New(tools.WORKSPACE_HISTORY, username, peerID, groups, caller) // Create a new instance of the accessor } func (r *WorkflowHistory) GenerateID() { r.UUID = uuid.New().String() diff --git a/models/workflow/workflow_mongo_accessor.go b/models/workflow/workflow_mongo_accessor.go index 3fe1b30..5f68f8e 100644 --- a/models/workflow/workflow_mongo_accessor.go +++ b/models/workflow/workflow_mongo_accessor.go @@ -30,16 +30,17 @@ type workflowMongoAccessor struct { } // New creates a new instance of the workflowMongoAccessor -func New(t tools.DataType, peerID string, groups []string, caller *tools.HTTPCaller) *workflowMongoAccessor { +func New(t tools.DataType, username string, peerID string, groups []string, caller *tools.HTTPCaller) *workflowMongoAccessor { return &workflowMongoAccessor{ - computeResourceAccessor: (&resources.ComputeResource{}).GetAccessor(peerID, groups, nil), - collaborativeAreaAccessor: (&shallow_collaborative_area.ShallowCollaborativeArea{}).GetAccessor(peerID, groups, nil), - executionAccessor: (&workflow_execution.WorkflowExecution{}).GetAccessor(peerID, groups, nil), - workspaceAccessor: (&workspace.Workspace{}).GetAccessor(peerID, groups, nil), + computeResourceAccessor: (&resources.ComputeResource{}).GetAccessor(username, peerID, groups, nil), + collaborativeAreaAccessor: (&shallow_collaborative_area.ShallowCollaborativeArea{}).GetAccessor(username, peerID, groups, nil), + executionAccessor: (&workflow_execution.WorkflowExecution{}).GetAccessor(username, peerID, groups, nil), + workspaceAccessor: (&workspace.Workspace{}).GetAccessor(username, peerID, groups, nil), AbstractAccessor: utils.AbstractAccessor{ Logger: logs.CreateLogger(t.String()), // Create a logger with the data type Caller: caller, PeerID: peerID, + User: username, Groups: groups, // Set the caller Type: t, }, diff --git a/models/workflow/workflow_test.go b/models/workflow/workflow_test.go index e5345bc..366edf7 100644 --- a/models/workflow/workflow_test.go +++ b/models/workflow/workflow_test.go @@ -13,7 +13,7 @@ func TestStoreOneWorkflow(t *testing.T) { AbstractObject: utils.AbstractObject{Name: "testWorkflow"}, } - wma := New(tools.WORKFLOW, "", nil, nil) + wma := New(tools.WORKFLOW, "", "", nil, nil) id, _, _ := wma.StoreOne(&w) assert.NotEmpty(t, id) @@ -24,7 +24,7 @@ func TestLoadOneWorkflow(t *testing.T) { AbstractObject: utils.AbstractObject{Name: "testWorkflow"}, } - wma := New(tools.WORKFLOW, "", nil, nil) + wma := New(tools.WORKFLOW, "", "", nil, nil) new_w, _, _ := wma.StoreOne(&w) assert.Equal(t, w, new_w) } diff --git a/models/workflow_execution/workflow_execution.go b/models/workflow_execution/workflow_execution.go index a948984..607ebcf 100644 --- a/models/workflow_execution/workflow_execution.go +++ b/models/workflow_execution/workflow_execution.go @@ -115,6 +115,6 @@ func (d *WorkflowExecution) GetName() string { return d.UUID + "_" + d.ExecDate.String() } -func (d *WorkflowExecution) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New(tools.WORKFLOW_EXECUTION, peerID, groups, caller) // Create a new instance of the accessor +func (d *WorkflowExecution) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New(tools.WORKFLOW_EXECUTION, username, peerID, groups, caller) // Create a new instance of the accessor } diff --git a/models/workflow_execution/workflow_execution_mongo_accessor.go b/models/workflow_execution/workflow_execution_mongo_accessor.go index 79d7af2..9254459 100644 --- a/models/workflow_execution/workflow_execution_mongo_accessor.go +++ b/models/workflow_execution/workflow_execution_mongo_accessor.go @@ -13,13 +13,14 @@ type workflowExecutionMongoAccessor struct { utils.AbstractAccessor } -func New(t tools.DataType, peerID string, groups []string, caller *tools.HTTPCaller) *workflowExecutionMongoAccessor { +func New(t tools.DataType, username string, peerID string, groups []string, caller *tools.HTTPCaller) *workflowExecutionMongoAccessor { return &workflowExecutionMongoAccessor{ utils.AbstractAccessor{ Logger: logs.CreateLogger(t.String()), // Create a logger with the data type Caller: caller, PeerID: peerID, - Groups: groups, // Set the caller + User: username, // Set the caller + Groups: groups, // Set the caller Type: t, }, } diff --git a/models/workspace/workspace.go b/models/workspace/workspace.go index d6983f8..f738217 100644 --- a/models/workspace/workspace.go +++ b/models/workspace/workspace.go @@ -18,18 +18,18 @@ type Workspace struct { Shared string `json:"shared,omitempty" bson:"shared,omitempty"` // Shared is the ID of the shared workspace } -func (d *Workspace) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New(tools.WORKSPACE, peerID, groups, caller) // Create a new instance of the accessor +func (d *Workspace) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New(tools.WORKSPACE, username, peerID, groups, caller) // Create a new instance of the accessor } -func (ao *Workspace) VerifyAuth(peerID string, groups []string) bool { +func (ao *Workspace) VerifyAuth(username string, peerID string, groups []string) bool { fmt.Println("Workspace.VerifyAuth", ao.Shared) if ao.Shared != "" { - shared, code, _ := shallow_collaborative_area.New(tools.COLLABORATIVE_AREA, peerID, groups, nil).LoadOne(ao.Shared) + shared, code, _ := shallow_collaborative_area.New(tools.COLLABORATIVE_AREA, username, peerID, groups, nil).LoadOne(ao.Shared) if code != 200 || shared == nil { return false } - return shared.VerifyAuth(peerID, groups) + return shared.VerifyAuth(username, peerID, groups) } return true } diff --git a/models/workspace/workspace_history_mongo_accessor.go b/models/workspace/workspace_history_mongo_accessor.go index bacc566..ab38f4f 100644 --- a/models/workspace/workspace_history_mongo_accessor.go +++ b/models/workspace/workspace_history_mongo_accessor.go @@ -8,8 +8,8 @@ import ( type WorkspaceHistory struct{ Workspace } -func (d *WorkspaceHistory) GetAccessor(peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { - return New(tools.WORKFLOW_HISTORY, peerID, groups, caller) // Create a new instance of the accessor +func (d *WorkspaceHistory) GetAccessor(username string, peerID string, groups []string, caller *tools.HTTPCaller) utils.Accessor { + return New(tools.WORKFLOW_HISTORY, username, peerID, groups, caller) // Create a new instance of the accessor } func (r *WorkspaceHistory) GenerateID() { r.UUID = uuid.New().String() diff --git a/models/workspace/workspace_mongo_accessor.go b/models/workspace/workspace_mongo_accessor.go index 4a3c6b0..e1adb93 100644 --- a/models/workspace/workspace_mongo_accessor.go +++ b/models/workspace/workspace_mongo_accessor.go @@ -18,12 +18,13 @@ type workspaceMongoAccessor struct { } // New creates a new instance of the workspaceMongoAccessor -func New(t tools.DataType, peerID string, groups []string, caller *tools.HTTPCaller) *workspaceMongoAccessor { +func New(t tools.DataType, username string, peerID string, groups []string, caller *tools.HTTPCaller) *workspaceMongoAccessor { return &workspaceMongoAccessor{ utils.AbstractAccessor{ Logger: logs.CreateLogger(t.String()), // Create a logger with the data type Caller: caller, PeerID: peerID, + User: username, Groups: groups, // Set the caller Type: t, }, @@ -86,21 +87,21 @@ func (a *workspaceMongoAccessor) CopyOne(data utils.DBObject) (utils.DBObject, i func (a *workspaceMongoAccessor) LoadOne(id string) (utils.DBObject, int, error) { return utils.GenericLoadOne[*Workspace](id, func(d utils.DBObject) (utils.DBObject, int, error) { - d.(*Workspace).Fill(a.PeerID, a.Groups) + d.(*Workspace).Fill(a.GetUser(), a.PeerID, a.Groups) return d, 200, nil }, a) } func (a *workspaceMongoAccessor) LoadAll() ([]utils.ShallowDBObject, int, error) { return utils.GenericLoadAll[*Workspace](func(d utils.DBObject) utils.ShallowDBObject { - d.(*Workspace).Fill(a.PeerID, a.Groups) + d.(*Workspace).Fill(a.GetUser(), a.PeerID, a.Groups) return d }, a) } func (a *workspaceMongoAccessor) Search(filters *dbs.Filters, search string) ([]utils.ShallowDBObject, int, error) { return utils.GenericSearch[*Workspace](filters, search, (&Workspace{}).GetObjectFilters(search), func(d utils.DBObject) utils.ShallowDBObject { - d.(*Workspace).Fill(a.PeerID, a.Groups) + d.(*Workspace).Fill(a.GetUser(), a.PeerID, a.Groups) return d }, a) } @@ -114,7 +115,7 @@ func (a *workspaceMongoAccessor) share(realData *Workspace, method tools.METHOD, return } shallow := &shallow_collaborative_area.ShallowCollaborativeArea{} - access := (shallow).GetAccessor(a.PeerID, a.Groups, nil) + access := (shallow).GetAccessor(a.GetUser(), a.PeerID, a.Groups, nil) res, code, _ := access.LoadOne(realData.Shared) if code != 200 { return