pwrpln/auth-api
3
0
Fork 0
Code Pull Requests Actions Releases Activity

More tests and DELETE account

Browse Source
This commit is contained in:
Lilleman auf Larv
2021-06-24 00:42:54 +02:00
parent 2f5a7918d2
commit ee15057b13
11 changed files with 450 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/db/accounts.go
View File

@@ -2,6 +2,7 @@ package db
import (
"context"
"errors"
"strings"
"github.com/google/uuid"
@@ -48,6 +49,36 @@ func (d Db) AccountCreate(input AccountCreateInput) (CreatedAccount, error) {
}, nil
}
func (d Db) AccountDel(accountID string) error {
d.Log.Info("Trying to delete account", "accountID", accountID)
_, renewalTokensErr := d.DbPool.Exec(context.Background(), "DELETE FROM \"renewalTokens\" WHERE \"accountId\" = $1;", accountID)
if renewalTokensErr != nil {
d.Log.Error("Could not remove renewal tokens for account", "err", renewalTokensErr.Error(), "accountID", accountID)
return renewalTokensErr
}
_, fieldsErr := d.DbPool.Exec(context.Background(), "DELETE FROM \"accountsFields\" WHERE \"accountId\" = $1;", accountID)
if fieldsErr != nil {
d.Log.Error("Could not remove account fields", "err", fieldsErr.Error(), "accountID", accountID)
return fieldsErr
}
res, err := d.DbPool.Exec(context.Background(), "DELETE FROM accounts WHERE id = $1", accountID)
if err != nil {
d.Log.Error("Could not remove account", "err", err.Error(), "accountID", accountID)
return err
}
if string(res) == "DELETE 0" {
d.Log.Info("Tried to delete account, but none exists", "accountID", accountID)
err := errors.New("No account found for given accountID")
return err
}
return nil
}
// AccountGet fetches an account from the database
func (d Db) AccountGet(accountID string, APIKey string, Name string) (Account, error) {
d.Log.Debug("Trying to get account", "accountID", accountID, "len(APIKey)", len(APIKey))

97
src/docs/docs.go
View File

@@ -54,12 +54,105 @@ var doc = `{
}
],
"responses": {
"200": {
"description": "OK",
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/db.CreatedAccount"
}
},
"400": {
"description": "Bad Request",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"401": {
"description": "Unauthorized",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"403": {
"description": "Forbidden",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"409": {
"description": "Conflict",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"415": {
"description": "Unsupported Media Type",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"500": {
"description": "Internal Server Error",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
}
}
}
},
"/account/:id": {
"delete": {
"description": "Requires Authorization-header with role \"admin\".\nExample: Authorization: bearer xxx\nWhere \"xxx\" is a valid JWT token",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"summary": "Delete an account",
"operationId": "account-del",
"parameters": [
{
"type": "string",
"description": "Account ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "No Content",
"schema": {
"type": "string"
}
},
"400": {
"description": "Bad Request",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"401": {
"description": "Unauthorized",
"schema": {

97
src/docs/swagger.json
View File

@@ -38,12 +38,105 @@
}
],
"responses": {
"200": {
"description": "OK",
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/db.CreatedAccount"
}
},
"400": {
"description": "Bad Request",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"401": {
"description": "Unauthorized",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"403": {
"description": "Forbidden",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"409": {
"description": "Conflict",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"415": {
"description": "Unsupported Media Type",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"500": {
"description": "Internal Server Error",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
}
}
}
},
"/account/:id": {
"delete": {
"description": "Requires Authorization-header with role \"admin\".\nExample: Authorization: bearer xxx\nWhere \"xxx\" is a valid JWT token",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"summary": "Delete an account",
"operationId": "account-del",
"parameters": [
{
"type": "string",
"description": "Account ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "No Content",
"schema": {
"type": "string"
}
},
"400": {
"description": "Bad Request",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/handlers.ResJSONError"
}
}
},
"401": {
"description": "Unauthorized",
"schema": {

71
src/docs/swagger.yaml
View File

@@ -96,10 +96,75 @@ paths:
produces:
- application/json
responses:
"200":
description: OK
"201":
description: Created
schema:
$ref: '#/definitions/db.CreatedAccount'
"400":
description: Bad Request
schema:
items:
$ref: '#/definitions/handlers.ResJSONError'
type: array
"401":
description: Unauthorized
schema:
items:
$ref: '#/definitions/handlers.ResJSONError'
type: array
"403":
description: Forbidden
schema:
items:
$ref: '#/definitions/handlers.ResJSONError'
type: array
"409":
description: Conflict
schema:
items:
$ref: '#/definitions/handlers.ResJSONError'
type: array
"415":
description: Unsupported Media Type
schema:
items:
$ref: '#/definitions/handlers.ResJSONError'
type: array
"500":
description: Internal Server Error
schema:
items:
$ref: '#/definitions/handlers.ResJSONError'
type: array
summary: Create an account
/account/:id:
delete:
consumes:
- application/json
description: |-
Requires Authorization-header with role "admin".
Example: Authorization: bearer xxx
Where "xxx" is a valid JWT token
operationId: account-del
parameters:
- description: Account ID
in: path
name: id
required: true
type: string
produces:
- application/json
responses:
"204":
description: No Content
schema:
type: string
"400":
description: Bad Request
schema:
items:
$ref: '#/definitions/handlers.ResJSONError'
type: array
"401":
description: Unauthorized
schema:
@@ -124,7 +189,7 @@ paths:
items:
$ref: '#/definitions/handlers.ResJSONError'
type: array
summary: Create an account
summary: Delete an account
/account/{id}:
get:
consumes:

48
src/handlers/delete.go Normal file
View File

@@ -0,0 +1,48 @@
package handlers
import (
"github.com/gofiber/fiber/v2"
"github.com/google/uuid"
)
// AccountDel godoc
// @Summary Delete an account
// @Description Requires Authorization-header with role "admin".
// @Description Example: Authorization: bearer xxx
// @Description Where "xxx" is a valid JWT token
// @ID account-del
// @Accept json
// @Produce json
// @Param id path string true "Account ID"
// @Success 204 {string} string ""
// @Failure 400 {object} []ResJSONError
// @Failure 401 {object} []ResJSONError
// @Failure 403 {object} []ResJSONError
// @Failure 404 {object} []ResJSONError
// @Failure 415 {object} []ResJSONError
// @Failure 500 {object} []ResJSONError
// @Router /account/:id [delete]
func (h Handlers) AccountDel(c *fiber.Ctx) error {
accountID := c.Params("accountID")
_, uuidErr := uuid.Parse(accountID)
if uuidErr != nil {
return c.Status(400).JSON([]ResJSONError{{Error: "Invalid uuid format"}})
}
authErr := h.RequireAdminRole(c)
if authErr != nil {
return c.Status(403).JSON([]ResJSONError{{Error: authErr.Error()}})
}
err := h.Db.AccountDel(accountID)
if err != nil {
if err.Error() == "No account found for given accountID" {
return c.Status(404).JSON([]ResJSONError{{Error: err.Error()}})
} else {
return c.Status(500).JSON([]ResJSONError{{Error: "Database error when trying to remove account"}})
}
}
return c.Status(204).Send(nil)
}

7
src/handlers/get.go
View File

@@ -21,7 +21,6 @@ import (
// @Router /account/{id} [get]
func (h Handlers) AccountGet(c *fiber.Ctx) error {
accountID := c.Params("accountID")
// logContext := log.WithFields(log.Fields{"accountID": accountID})
authErr := h.RequireAdminRoleOrAccountID(c, accountID)
if authErr != nil {
@@ -30,7 +29,11 @@ func (h Handlers) AccountGet(c *fiber.Ctx) error {
account, accountErr := h.Db.AccountGet(accountID, "", "")
if accountErr != nil {
return c.Status(500).JSON([]ResJSONError{{Error: accountErr.Error()}})
if accountErr.Error() == "no rows in result set" {
return c.Status(404).JSON([]ResJSONError{{Error: "No account found for given accountID"}})
} else {
return c.Status(500).JSON([]ResJSONError{{Error: accountErr.Error()}})
}
}
return c.JSON(account)

4
src/handlers/helpers.go
View File

@@ -73,7 +73,9 @@ func (h Handlers) parseHeaders(c *fiber.Ctx) map[string]string {
lineParts := strings.Split(line, ": ")
if len(lineParts) == 1 {
h.Log.Debug("Ignoring header line", "line", line)
if len(line) != 0 {
h.Log.Debug("Ignoring header line", "line", line)
}
} else {
headersMap[lineParts[0]] = lineParts[1]
}

1
src/main.go
View File

@@ -91,6 +91,7 @@ func main() {
app.Get("/swagger", func(c *fiber.Ctx) error { return c.Redirect("/swagger/index.html") })
app.Get("/swagger/*", swagger.Handler)
app.Delete("/account/:accountID", handlers.AccountDel)
app.Get("/account/:accountID", handlers.AccountGet)
app.Post("/account", handlers.AccountCreate)
app.Post("/auth/api-key", handlers.AccountAuthAPIKey)