Skip to content

Commit 2fd8eb4

Browse files
michaelistmichaelist
committed
working permissions first commit
1 parent 61ec92c commit 2fd8eb4

23 files changed

+544
-352
lines changed

controllers/controllers.go

Lines changed: 114 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
package controllers
22

33
import (
4+
"context"
5+
"fmt"
46
"html/template"
57
"io/ioutil"
68
"log"
@@ -15,6 +17,8 @@ import (
1517
"github.com/gorilla/sessions"
1618
"go.mongodb.org/mongo-driver/mongo"
1719
"google.golang.org/grpc"
20+
21+
"github.com/go-stuff/grpc/api"
1822
)
1923

2024
var (
@@ -65,27 +69,32 @@ func initTemplates() error {
6569
return err
6670
}
6771

72+
// // build noauth template
73+
// err = initTemplateNoAuth()
74+
// if err != nil {
75+
// return err
76+
// }
77+
6878
return nil
6979
}
7080

7181
// <html> head, header, content, footer </html
7282
func initTemplatesWithContent() error {
7383
log.Println("INFO > controllers/controllers.go > initTemplatesWithContent()")
74-
var err error
84+
85+
layout = template.New("mainContent.html")
86+
87+
layout.Funcs(timestampFM())
88+
layout.Funcs(permissionFM(nil))
7589

7690
// check the validity of login.html by parsing
77-
layout, err = template.ParseFiles(
91+
layout.ParseFiles(
7892
"./templates/layout/mainContent.html",
7993
"./templates/layout/head.html",
8094
"./templates/layout/header.html",
8195
"./templates/layout/bypass.html",
8296
"./templates/layout/footer.html",
8397
)
84-
if err != nil {
85-
return err
86-
}
87-
88-
layout.Funcs(timestampFM())
8998

9099
// recurse content files templates and build separate templates for each of them
91100
filepath.Walk("./templates/mainContent", walkTemplatesPath)
@@ -96,10 +105,15 @@ func initTemplatesWithContent() error {
96105
// <html> head, header, menu, content, footer </html
97106
func initTemplatesWithNavAndContent() error {
98107
log.Println("INFO > controllers/controllers.go > initTemplatesWithNavAndContent()")
99-
var err error
108+
//var err error
109+
110+
layout = template.New("mainNavContent.html")
111+
112+
layout.Funcs(timestampFM())
113+
layout.Funcs(permissionFM(nil))
100114

101115
// check the validity of the files that make up layout.html by parsing
102-
layout, err = template.ParseFiles(
116+
layout.ParseFiles(
103117
"./templates/layout/mainNavContent.html",
104118
"./templates/layout/head.html",
105119
"./templates/layout/header.html",
@@ -108,18 +122,44 @@ func initTemplatesWithNavAndContent() error {
108122
"./templates/layout/nav.html",
109123
"./templates/layout/footer.html",
110124
)
111-
if err != nil {
112-
return err
113-
}
114-
115-
layout.Funcs(timestampFM())
125+
// if err != nil {
126+
// return err
127+
// }
116128

117129
// recurse content files templates and build separate templates for each of them
118130
filepath.Walk("./templates/mainMenuContent", walkTemplatesPath)
119131

120132
return nil
121133
}
122134

135+
// // <html> head, header, menu, content, footer </html
136+
// func initTemplateNoAuth() error {
137+
// log.Println("INFO > controllers/controllers.go > initTemplateNoAuth()")
138+
// //var err error
139+
140+
// layout = template.New("mainContent.html")
141+
142+
// layout.Funcs(timestampFM())
143+
// layout.Funcs(permissionFM(nil))
144+
145+
// // check the validity of the files that make up layout.html by parsing
146+
// layout.ParseFiles(
147+
// "./templates/layout/mainContent.html",
148+
// "./templates/layout/head.html",
149+
// "./templates/layout/header.html",
150+
// "./templates/layout/bypass.html",
151+
// "./templates/layout/footer.html",
152+
// )
153+
// // if err != nil {
154+
// // return err
155+
// // }
156+
157+
// // recurse content files templates and build separate templates for each of them
158+
// filepath.Walk("./templates/mainNoAuth", walkTemplatesPath)
159+
160+
// return nil
161+
// }
162+
123163
// recurse a directory and build templates
124164
func walkTemplatesPath(path string, fileInfo os.FileInfo, err error) error {
125165

@@ -142,6 +182,7 @@ func walkTemplatesPath(path string, fileInfo os.FileInfo, err error) error {
142182
// clone the base template
143183
content := template.Must(layout.Clone())
144184
content.Funcs(timestampFM())
185+
content.Funcs(permissionFM(nil))
145186

146187
// merge the base template and fileContents
147188
_, err = content.Parse(string(fileContents))
@@ -175,7 +216,8 @@ func render(w http.ResponseWriter, r *http.Request, tmpl string, data interface{
175216
// Set the content type.
176217
w.Header().Set("Content-Type", "text/html")
177218

178-
//templates[tmpl].Funcs(timestampFM())
219+
templates[tmpl].Funcs(timestampFM())
220+
templates[tmpl].Funcs(permissionFM(r))
179221

180222
// Execute the template.
181223
err := templates[tmpl].Execute(w, data)
@@ -199,8 +241,7 @@ func initRouter() *mux.Router {
199241
router.HandleFunc("/role/update/{id}", roleUpdateHandler).Methods("GET", "POST")
200242
router.HandleFunc("/role/delete/{id}", roleDeleteHandler).Methods("GET")
201243

202-
router.HandleFunc("/route/list", routeListHandler).Methods("GET")
203-
router.HandleFunc("/route/update", routeUpdateHandler).Methods("GET")
244+
router.HandleFunc("/route/list", routeListHandler).Methods("GET", "POST")
204245

205246
router.HandleFunc("/user/list", userListHandler).Methods("GET")
206247
router.HandleFunc("/user/update/{id}", userUpdateHandler).Methods("GET", "POST")
@@ -209,14 +250,15 @@ func initRouter() *mux.Router {
209250
router.HandleFunc("/login", loginHandler).Methods("GET", "POST")
210251
router.HandleFunc("/logout", loginHandler).Methods("GET")
211252

253+
router.HandleFunc("/noauth", noauthHandler).Methods("GET")
254+
212255
// App Routes
213256
router.HandleFunc("/", rootHandler).Methods("GET", "POST")
214257
router.HandleFunc("/home", homeHandler).Methods("GET")
215258

216259
router.HandleFunc("/server/list", serverListHandler).Methods("GET")
217260
router.HandleFunc("/server/create", serverCreateHandler).Methods("GET", "POST")
218261

219-
220262
// Setup or static files.
221263
router.PathPrefix("/static/").Handler(http.StripPrefix("/static/", http.FileServer(http.Dir("static"))))
222264

@@ -253,6 +295,60 @@ func timestampFM() template.FuncMap {
253295
}
254296
}
255297

298+
// funcMapPermissions allows us to inject our own way of using permissions in an html template.
299+
func permissionFM(r *http.Request) template.FuncMap {
300+
// the first time the template is generated r will be nil
301+
if r == nil {
302+
return template.FuncMap{
303+
"P": func(route string) bool {
304+
return false
305+
},
306+
}
307+
}
308+
309+
return template.FuncMap{
310+
"P": func(route string) bool {
311+
// get session
312+
session, err := store.Get(r, "session")
313+
if err != nil {
314+
log.Printf("ERROR > controllers/controllers.go > permissionFM() > store.Get(): %s\n", err.Error())
315+
// //http.Error(w, err.Error(), http.StatusInternalServerError)
316+
return false
317+
}
318+
319+
if session.Values["roleid"] == nil || session.Values["roleid"] == "" {
320+
return false
321+
}
322+
323+
//currentRoute := mux.CurrentRoute(r)
324+
//pathTemplate, _ := currentRoute.GetPathTemplate()
325+
326+
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
327+
defer cancel()
328+
329+
routeSvc := api.NewRouteServiceClient(apiClient)
330+
331+
// use the api to find a role
332+
routeReq := new(api.RouteReadByRoleIDAndPathReq)
333+
334+
roleid := fmt.Sprintf("%v", session.Values["roleid"])
335+
336+
log.Printf("INFO > controllers/controllers.go > get permissions for roleid: %v, pathtemplate: %v\n", roleid, route)
337+
338+
routeReq.Route = new(api.Route)
339+
routeReq.Route.RoleID = roleid
340+
routeReq.Route.Path = route
341+
routeRes, err := routeSvc.ReadByRoleIDAndPath(ctx, routeReq)
342+
if err != nil {
343+
log.Printf("ERROR > controllers/controllers.go > permissionFM() > routeSvc.RouteReadByRoleIDAndPath(): %s\n", err.Error())
344+
return false
345+
}
346+
347+
return routeRes.Route.Permission
348+
},
349+
}
350+
}
351+
256352
// addNotification adds a notification message to session.Values
257353
func addNotification(session *sessions.Session, notification string) {
258354
session.Values["notification"] = notification

controllers/loginHandler.go

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -166,14 +166,17 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
166166
userReq.User.ID = foundRes.User.ID
167167
userReq.User.Username = user.Username
168168
userReq.User.Groups = user.Groups
169+
userReq.User.RoleID = foundRes.User.RoleID
169170
userReq.User.ModifiedBy = "System"
170-
171+
171172
_, err := userSvc.Update(ctx, userReq)
172173
if err != nil {
173174
log.Printf("controllers/loginHandler.go > ERROR > userSvc.Update(): %s\n", err.Error())
174175
http.Error(w, err.Error(), http.StatusInternalServerError)
175176
return
176177
}
178+
179+
session.Values["roleid"] = foundRes.User.RoleID
177180
}
178181

179182
// save the session

controllers/noauthHandler.go

Lines changed: 20 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,25 @@
11
package controllers
22

3-
import "net/http"
3+
import (
4+
"fmt"
5+
"log"
6+
"net/http"
7+
//"github.com/gorilla/mux"
8+
)
49

510
func noauthHandler(w http.ResponseWriter, r *http.Request) {
6-
render(w, r, "noauth.html", nil)
11+
//currentRoute := mux.CurrentRoute(r)
12+
//pathTemplate, _ := currentRoute.GetPathTemplate()
13+
14+
// get session
15+
session, err := store.Get(r, "session")
16+
if err != nil {
17+
log.Printf("ERROR > middleware/Permissions.go > store.Get(): %s\n", err.Error())
18+
http.Error(w, err.Error(), http.StatusInternalServerError)
19+
return
20+
}
21+
22+
noauth := fmt.Sprintf("%v", session.Values["pathtemplate"])
23+
24+
render(w, r, "noauth.html", noauth)
725
}

0 commit comments

Comments
 (0)