mirror of https://github.com/harness/drone.git
300 lines
8.4 KiB
Go
300 lines
8.4 KiB
Go
// Copyright 2023 Harness, Inc.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package database
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"strings"
|
|
|
|
gitness_store "github.com/harness/gitness/store"
|
|
"github.com/harness/gitness/store/database"
|
|
"github.com/harness/gitness/store/database/dbtx"
|
|
"github.com/harness/gitness/types"
|
|
"github.com/harness/gitness/types/enum"
|
|
|
|
"github.com/pkg/errors"
|
|
"github.com/rs/zerolog/log"
|
|
)
|
|
|
|
// user is a DB representation of a user principal.
|
|
// It is required to allow storing transformed UIDs used for uniquness constraints and searching.
|
|
type user struct {
|
|
types.User
|
|
UIDUnique string `db:"principal_uid_unique"`
|
|
}
|
|
|
|
const userColumns = principalCommonColumns + `
|
|
,principal_user_password`
|
|
|
|
const userSelectBase = `
|
|
SELECT` + userColumns + `
|
|
FROM principals`
|
|
|
|
// FindUser finds the user by id.
|
|
func (s *PrincipalStore) FindUser(ctx context.Context, id int64) (*types.User, error) {
|
|
const sqlQuery = userSelectBase + `
|
|
WHERE principal_type = 'user' AND principal_id = $1`
|
|
|
|
db := dbtx.GetAccessor(ctx, s.db)
|
|
|
|
dst := new(user)
|
|
if err := db.GetContext(ctx, dst, sqlQuery, id); err != nil {
|
|
return nil, database.ProcessSQLErrorf(ctx, err, "Select by id query failed")
|
|
}
|
|
|
|
return s.mapDBUser(dst), nil
|
|
}
|
|
|
|
// FindUserByUID finds the user by uid.
|
|
func (s *PrincipalStore) FindUserByUID(ctx context.Context, uid string) (*types.User, error) {
|
|
const sqlQuery = userSelectBase + `
|
|
WHERE principal_type = 'user' AND principal_uid_unique = $1`
|
|
|
|
// map the UID to unique UID before searching!
|
|
uidUnique, err := s.uidTransformation(uid)
|
|
if err != nil {
|
|
// in case we fail to transform, return a not found (as it can't exist in the first place)
|
|
log.Ctx(ctx).Debug().Msgf("failed to transform uid '%s': %s", uid, err.Error())
|
|
return nil, gitness_store.ErrResourceNotFound
|
|
}
|
|
|
|
db := dbtx.GetAccessor(ctx, s.db)
|
|
|
|
dst := new(user)
|
|
if err = db.GetContext(ctx, dst, sqlQuery, uidUnique); err != nil {
|
|
return nil, database.ProcessSQLErrorf(ctx, err, "Select by uid query failed")
|
|
}
|
|
|
|
return s.mapDBUser(dst), nil
|
|
}
|
|
|
|
// FindUserByEmail finds the user by email.
|
|
func (s *PrincipalStore) FindUserByEmail(ctx context.Context, email string) (*types.User, error) {
|
|
const sqlQuery = userSelectBase + `
|
|
WHERE principal_type = 'user' AND LOWER(principal_email) = $1`
|
|
|
|
db := dbtx.GetAccessor(ctx, s.db)
|
|
|
|
dst := new(user)
|
|
if err := db.GetContext(ctx, dst, sqlQuery, strings.ToLower(email)); err != nil {
|
|
return nil, database.ProcessSQLErrorf(ctx, err, "Select by email query failed")
|
|
}
|
|
|
|
return s.mapDBUser(dst), nil
|
|
}
|
|
|
|
// CreateUser saves the user details.
|
|
func (s *PrincipalStore) CreateUser(ctx context.Context, user *types.User) error {
|
|
const sqlQuery = `
|
|
INSERT INTO principals (
|
|
principal_type
|
|
,principal_uid
|
|
,principal_uid_unique
|
|
,principal_email
|
|
,principal_display_name
|
|
,principal_admin
|
|
,principal_blocked
|
|
,principal_salt
|
|
,principal_created
|
|
,principal_updated
|
|
,principal_user_password
|
|
) values (
|
|
'user'
|
|
,:principal_uid
|
|
,:principal_uid_unique
|
|
,:principal_email
|
|
,:principal_display_name
|
|
,:principal_admin
|
|
,:principal_blocked
|
|
,:principal_salt
|
|
,:principal_created
|
|
,:principal_updated
|
|
,:principal_user_password
|
|
) RETURNING principal_id`
|
|
|
|
dbUser, err := s.mapToDBUser(user)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to map db user: %w", err)
|
|
}
|
|
|
|
db := dbtx.GetAccessor(ctx, s.db)
|
|
|
|
query, arg, err := db.BindNamed(sqlQuery, dbUser)
|
|
if err != nil {
|
|
return database.ProcessSQLErrorf(ctx, err, "Failed to bind user object")
|
|
}
|
|
|
|
if err = db.QueryRowContext(ctx, query, arg...).Scan(&user.ID); err != nil {
|
|
return database.ProcessSQLErrorf(ctx, err, "Insert query failed")
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// UpdateUser updates an existing user.
|
|
func (s *PrincipalStore) UpdateUser(ctx context.Context, user *types.User) error {
|
|
const sqlQuery = `
|
|
UPDATE principals
|
|
SET
|
|
principal_uid = :principal_uid
|
|
,principal_uid_unique = :principal_uid_unique
|
|
,principal_email = :principal_email
|
|
,principal_display_name = :principal_display_name
|
|
,principal_admin = :principal_admin
|
|
,principal_blocked = :principal_blocked
|
|
,principal_salt = :principal_salt
|
|
,principal_updated = :principal_updated
|
|
,principal_user_password = :principal_user_password
|
|
WHERE principal_type = 'user' AND principal_id = :principal_id`
|
|
|
|
dbUser, err := s.mapToDBUser(user)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to map db user: %w", err)
|
|
}
|
|
|
|
db := dbtx.GetAccessor(ctx, s.db)
|
|
|
|
query, arg, err := db.BindNamed(sqlQuery, dbUser)
|
|
if err != nil {
|
|
return database.ProcessSQLErrorf(ctx, err, "Failed to bind user object")
|
|
}
|
|
|
|
if _, err = db.ExecContext(ctx, query, arg...); err != nil {
|
|
return database.ProcessSQLErrorf(ctx, err, "Update query failed")
|
|
}
|
|
|
|
return err
|
|
}
|
|
|
|
// DeleteUser deletes the user.
|
|
func (s *PrincipalStore) DeleteUser(ctx context.Context, id int64) error {
|
|
const sqlQuery = `
|
|
DELETE FROM principals
|
|
WHERE principal_type = 'user' AND principal_id = $1`
|
|
|
|
db := dbtx.GetAccessor(ctx, s.db)
|
|
|
|
if _, err := db.ExecContext(ctx, sqlQuery, id); err != nil {
|
|
return database.ProcessSQLErrorf(ctx, err, "The delete query failed")
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// ListUsers returns a list of users.
|
|
func (s *PrincipalStore) ListUsers(ctx context.Context, opts *types.UserFilter) ([]*types.User, error) {
|
|
db := dbtx.GetAccessor(ctx, s.db)
|
|
dst := []*user{}
|
|
|
|
stmt := database.Builder.
|
|
Select(userColumns).
|
|
From("principals").
|
|
Where("principal_type = 'user'")
|
|
stmt = stmt.Limit(database.Limit(opts.Size))
|
|
stmt = stmt.Offset(database.Offset(opts.Page, opts.Size))
|
|
|
|
order := opts.Order
|
|
if order == enum.OrderDefault {
|
|
order = enum.OrderAsc
|
|
}
|
|
|
|
switch opts.Sort {
|
|
case enum.UserAttrName, enum.UserAttrNone:
|
|
// NOTE: string concatenation is safe because the
|
|
// order attribute is an enum and is not user-defined,
|
|
// and is therefore not subject to injection attacks.
|
|
stmt = stmt.OrderBy("principal_display_name " + order.String())
|
|
case enum.UserAttrCreated:
|
|
stmt = stmt.OrderBy("principal_created " + order.String())
|
|
case enum.UserAttrUpdated:
|
|
stmt = stmt.OrderBy("principal_updated " + order.String())
|
|
case enum.UserAttrEmail:
|
|
stmt = stmt.OrderBy("LOWER(principal_email) " + order.String())
|
|
case enum.UserAttrUID:
|
|
stmt = stmt.OrderBy("principal_uid " + order.String())
|
|
case enum.UserAttrAdmin:
|
|
stmt = stmt.OrderBy("principal_admin " + order.String())
|
|
}
|
|
|
|
sql, _, err := stmt.ToSql()
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "Failed to convert query to sql")
|
|
}
|
|
|
|
if err = db.SelectContext(ctx, &dst, sql); err != nil {
|
|
return nil, database.ProcessSQLErrorf(ctx, err, "Failed executing custom list query")
|
|
}
|
|
|
|
return s.mapDBUsers(dst), nil
|
|
}
|
|
|
|
// CountUsers returns a count of users matching the given filter.
|
|
func (s *PrincipalStore) CountUsers(ctx context.Context, opts *types.UserFilter) (int64, error) {
|
|
stmt := database.Builder.
|
|
Select("count(*)").
|
|
From("principals").
|
|
Where("principal_type = 'user'")
|
|
|
|
if opts.Admin {
|
|
stmt = stmt.Where("principal_admin = ?", opts.Admin)
|
|
}
|
|
|
|
sql, args, err := stmt.ToSql()
|
|
if err != nil {
|
|
return 0, errors.Wrap(err, "Failed to convert query to sql")
|
|
}
|
|
|
|
db := dbtx.GetAccessor(ctx, s.db)
|
|
|
|
var count int64
|
|
err = db.QueryRowContext(ctx, sql, args...).Scan(&count)
|
|
if err != nil {
|
|
return 0, database.ProcessSQLErrorf(ctx, err, "Failed executing count query")
|
|
}
|
|
|
|
return count, nil
|
|
}
|
|
|
|
func (s *PrincipalStore) mapDBUser(dbUser *user) *types.User {
|
|
return &dbUser.User
|
|
}
|
|
|
|
func (s *PrincipalStore) mapDBUsers(dbUsers []*user) []*types.User {
|
|
res := make([]*types.User, len(dbUsers))
|
|
for i := range dbUsers {
|
|
res[i] = s.mapDBUser(dbUsers[i])
|
|
}
|
|
return res
|
|
}
|
|
|
|
func (s *PrincipalStore) mapToDBUser(usr *types.User) (*user, error) {
|
|
// user comes from outside.
|
|
if usr == nil {
|
|
return nil, fmt.Errorf("user is nil")
|
|
}
|
|
|
|
uidUnique, err := s.uidTransformation(usr.UID)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to transform user UID: %w", err)
|
|
}
|
|
dbUser := &user{
|
|
User: *usr,
|
|
UIDUnique: uidUnique,
|
|
}
|
|
|
|
return dbUser, nil
|
|
}
|