Gitiles
Code Review Sign In
gerrit.avm99963.com / gomodules / twpt-server / c147b6aac8960a5240803c3d2efd81ab17a5ef41^! / . / internal / db / authorized_users.go
commitc147b6aac8960a5240803c3d2efd81ab17a5ef41[log] [tgz]
authorAdrià Vilanova Martínez <me@avm99963.com>Wed Sep 01 17:25:38 2021 +0200
committerAdrià Vilanova Martínez <me@avm99963.com>Thu Sep 02 13:52:57 2021 +0200
tree2a6c47a1857fcd1a744170b8c64e042d405aaa2b
parent25e1211395cfecfbccad20f91fa03b9cd715b008 [diff] [blame]
Add credential checks

This change adds authentication/credential checks to sensitive API
methods, depending on the access level granted to the authenticated
user. It also adds the logic to save the authenticated user to the audit
log entries.

Note: the protobuf definitions were updated in a backwards-incompatible
way (KillSwitchAuthorizedUser.AccessLevel enum). This can be done since
this product hasn't yet launched.

Fixed: twpowertools:46
Change-Id: I9bf888d6108f463369143610d4bd5b256035b68f

diff --git a/internal/db/authorized_users.go b/internal/db/authorized_users.go
index 13a272f..50674af 100644
--- a/internal/db/authorized_users.go
+++ b/internal/db/authorized_users.go

@@ -20,7 +20,7 @@
 	return &u, nil
 }
 
-func AddAuthorizedUser(db *sql.DB, ctx context.Context, u *pb.KillSwitchAuthorizedUser) error {
+func AddAuthorizedUser(db *sql.DB, ctx context.Context, u *pb.KillSwitchAuthorizedUser, currentUser *pb.KillSwitchAuthorizedUser) error {
 	tx, err := db.BeginTx(ctx, nil)
 	if err != nil {
 		return err
@@ -41,6 +41,7 @@
 	u.Id = int32(id)
 
 	logEntry := &pb.KillSwitchAuditLogEntry{
+		User: currentUser,
 		Description: &pb.KillSwitchAuditLogEntry_AuthorizedUserAdded_{
 			&pb.KillSwitchAuditLogEntry_AuthorizedUserAdded{
 				User: u,
@@ -55,7 +56,7 @@
 	return tx.Commit()
 }
 
-func UpdateAuthorizedUser(db *sql.DB, ctx context.Context, id int32, newUser *pb.KillSwitchAuthorizedUser) error {
+func UpdateAuthorizedUser(db *sql.DB, ctx context.Context, id int32, newUser *pb.KillSwitchAuthorizedUser, currentUser *pb.KillSwitchAuthorizedUser) error {
 	oldUser, err := GetAuthorizedUserById(db, ctx, id)
 	if err != nil {
 		return err
@@ -77,6 +78,7 @@
 	newUser.Id = id
 
 	logEntry := &pb.KillSwitchAuditLogEntry{
+		User: currentUser,
 		Description: &pb.KillSwitchAuditLogEntry_AuthorizedUserUpdated_{
 			&pb.KillSwitchAuditLogEntry_AuthorizedUserUpdated{
 				Transformation: &pb.AuthorizedUserTransformation{
@@ -94,7 +96,7 @@
 	return tx.Commit()
 }
 
-func DeleteAuthorizedUser(db *sql.DB, ctx context.Context, id int32) error {
+func DeleteAuthorizedUser(db *sql.DB, ctx context.Context, id int32, currentUser *pb.KillSwitchAuthorizedUser) error {
 	u, err := GetAuthorizedUserById(db, ctx, id)
 	if err != nil {
 		return err
@@ -114,6 +116,7 @@
 	}
 
 	logEntry := &pb.KillSwitchAuditLogEntry{
+		User: currentUser,
 		Description: &pb.KillSwitchAuditLogEntry_AuthorizedUserDeleted_{
 			&pb.KillSwitchAuditLogEntry_AuthorizedUserDeleted{
 				OldUser: u,