Gitiles
Code Review Sign In
gerrit.avm99963.com / gomodules / twpt-server / 55e31b42759c032cde98ecf4074c9a3739a25a8d / . / internal / db / authorized_users.go
blob: 50674af7625111b15d4b2abf353c6697e0b17e6d [file] [log] [blame]
package db
import (
"context"
"database/sql"
"fmt"
pb "gomodules.avm99963.com/twpt-server/api_proto"
)
func GetAuthorizedUserById(db *sql.DB, ctx context.Context, id int32) (*pb.KillSwitchAuthorizedUser, error) {
query := db.QueryRowContext(ctx, "SELECT user_id, google_uid, email, access_level FROM KillSwitchAuthorizedUser WHERE user_id = ?", id)
var u pb.KillSwitchAuthorizedUser
if err := query.Scan(&u.Id, &u.GoogleUid, &u.Email, &u.AccessLevel); err != nil {
if err == sql.ErrNoRows {
return nil, nil
}
return nil, fmt.Errorf("GetAuthorizedUserById: %v.", err)
}
return &u, nil
}
func AddAuthorizedUser(db *sql.DB, ctx context.Context, u *pb.KillSwitchAuthorizedUser, currentUser *pb.KillSwitchAuthorizedUser) error {
tx, err := db.BeginTx(ctx, nil)
if err != nil {
return err
}
result, err := db.ExecContext(ctx, "INSERT INTO KillSwitchAuthorizedUser (google_uid, email, access_level) VALUES (?, ?, ?)", u.GoogleUid, u.Email, u.AccessLevel)
if err != nil {
tx.Rollback()
return err
}
id, err := result.LastInsertId()
if err != nil {
tx.Rollback()
return err
}
u.Id = int32(id)
logEntry := &pb.KillSwitchAuditLogEntry{
User: currentUser,
Description: &pb.KillSwitchAuditLogEntry_AuthorizedUserAdded_{
&pb.KillSwitchAuditLogEntry_AuthorizedUserAdded{
User: u,
},
},
}
if err := AddKillSwitchAuditLogEntry(tx, ctx, logEntry); err != nil {
tx.Rollback()
return err
}
return tx.Commit()
}
func UpdateAuthorizedUser(db *sql.DB, ctx context.Context, id int32, newUser *pb.KillSwitchAuthorizedUser, currentUser *pb.KillSwitchAuthorizedUser) error {
oldUser, err := GetAuthorizedUserById(db, ctx, id)
if err != nil {
return err
}
if oldUser == nil {
return fmt.Errorf("Such user doesn't exist")
}
tx, err := db.BeginTx(ctx, nil)
if err != nil {
return err
}
if _, err := tx.ExecContext(ctx, "UPDATE KillSwitchAuthorizedUser SET google_uid = ?, email = ?, access_level = ? WHERE user_id = ?", newUser.GoogleUid, newUser.Email, newUser.AccessLevel, id); err != nil {
tx.Rollback()
return err
}
newUser.Id = id
logEntry := &pb.KillSwitchAuditLogEntry{
User: currentUser,
Description: &pb.KillSwitchAuditLogEntry_AuthorizedUserUpdated_{
&pb.KillSwitchAuditLogEntry_AuthorizedUserUpdated{
Transformation: &pb.AuthorizedUserTransformation{
Old: oldUser,
New: newUser,
},
},
},
}
if err := AddKillSwitchAuditLogEntry(tx, ctx, logEntry); err != nil {
tx.Rollback()
return err
}
return tx.Commit()
}
func DeleteAuthorizedUser(db *sql.DB, ctx context.Context, id int32, currentUser *pb.KillSwitchAuthorizedUser) error {
u, err := GetAuthorizedUserById(db, ctx, id)
if err != nil {
return err
}
if u == nil {
return fmt.Errorf("Such user doesn't exist")
}
tx, err := db.BeginTx(ctx, nil)
if err != nil {
return err
}
if _, err := tx.ExecContext(ctx, "DELETE FROM KillSwitchAuthorizedUser WHERE user_id = ?", id); err != nil {
tx.Rollback()
return err
}
logEntry := &pb.KillSwitchAuditLogEntry{
User: currentUser,
Description: &pb.KillSwitchAuditLogEntry_AuthorizedUserDeleted_{
&pb.KillSwitchAuditLogEntry_AuthorizedUserDeleted{
OldUser: u,
},
},
}
if err := AddKillSwitchAuditLogEntry(tx, ctx, logEntry); err != nil {
tx.Rollback()
return err
}
return tx.Commit()
}
func ListAuthorizedUsers(db *sql.DB, ctx context.Context) ([]*pb.KillSwitchAuthorizedUser, error) {
var rows *sql.Rows
var err error
rows, err = db.QueryContext(ctx, "SELECT user_id, google_uid, email, access_level FROM KillSwitchAuthorizedUser")
if err != nil {
return nil, fmt.Errorf("ListAuthorizedUsers: %v", err)
}
defer rows.Close()
var users []*pb.KillSwitchAuthorizedUser
for rows.Next() {
var u pb.KillSwitchAuthorizedUser
if err := rows.Scan(&u.Id, &u.GoogleUid, &u.Email, &u.AccessLevel); err != nil {
return nil, fmt.Errorf("ListAuthorizedUsers: %v", err)
}
users = append(users, &u)
}
if err := rows.Err(); err != nil {
return nil, fmt.Errorf("ListAuthorizedUsers: %v", err)
}
return users, nil
}