From 40e98aaa3494a0232744b7da9bdf37b3eeb02823 Mon Sep 17 00:00:00 2001 From: Yuli Date: Tue, 12 May 2020 23:29:07 +0300 Subject: [PATCH] user can now view his own requests --- src/bunker.go | 1 + src/requests_api.go | 56 ++++++++ src/requests_db.go | 28 ++++ ui/site/user-apps.html | 1 + ui/site/user-audit.html | 1 + ui/site/user-privacy-portal.html | 1 + ui/site/user-profile.html | 1 + ui/site/user-requests.html | 222 +++++++++++++++++++++++++++++++ 8 files changed, 311 insertions(+) create mode 100644 ui/site/user-requests.html diff --git a/src/bunker.go b/src/bunker.go index 91efc3b..ef84a51 100644 --- a/src/bunker.go +++ b/src/bunker.go @@ -200,6 +200,7 @@ func (e mainEnv) setupRouter() *httprouter.Router { router.GET("/v1/request/:request", e.getUserRequest) router.POST("/v1/request/:request", e.approveUserRequest) router.DELETE("/v1/request/:request", e.cancelUserRequest) + router.GET("/v1/requests/:mode/:address", e.getCustomUserRequests) router.GET("/v1/requests", e.getUserRequests) router.GET("/v1/consent/:mode/:address", e.consentAllUserRecords) diff --git a/src/requests_api.go b/src/requests_api.go index 7b54c62..ec7475f 100644 --- a/src/requests_api.go +++ b/src/requests_api.go @@ -6,6 +6,7 @@ import ( "net/http" "github.com/julienschmidt/httprouter" + "go.mongodb.org/mongo-driver/bson" ) func (e mainEnv) getUserRequests(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { @@ -39,6 +40,61 @@ func (e mainEnv) getUserRequests(w http.ResponseWriter, r *http.Request, ps http w.Write([]byte(str)) } +func (e mainEnv) getCustomUserRequests(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + address := ps.ByName("address") + mode := ps.ByName("mode") + event := audit("get user privacy requests", address, mode, address) + defer func() { event.submit(e.db) }() + + if validateMode(mode) == false { + returnError(w, r, "bad mode", 405, nil, event) + return + } + userTOKEN := address + var userBson bson.M + if mode == "token" { + if enforceUUID(w, address, event) == false { + return + } + userBson, _ = e.db.lookupUserRecord(address) + } else { + userBson, _ = e.db.lookupUserRecordByIndex(mode, address, e.conf) + if userBson != nil { + userTOKEN = userBson["token"].(string) + event.Record = userTOKEN + } + } + if userBson == nil { + returnError(w, r, "internal error", 405, nil, event) + return + } + if e.enforceAuth(w, r, event) == "" { + return + } + + var offset int32 + var limit int32 = 10 + args := r.URL.Query() + if value, ok := args["offset"]; ok { + offset = atoi(value[0]) + } + if value, ok := args["limit"]; ok { + limit = atoi(value[0]) + } + resultJSON, counter, err := e.db.getUserRequests(userTOKEN, offset, limit) + if err != nil { + returnError(w, r, "internal error", 405, err, nil) + return + } + fmt.Printf("Total count of custom user requests: %d\n", counter) + //fmt.Fprintf(w, "title") + w.Header().Set("Access-Control-Allow-Origin", "*") + w.Header().Set("Content-Type", "application/json; charset=utf-8") + w.WriteHeader(200) + str := fmt.Sprintf(`{"status":"ok","total":%d,"rows":%s}`, counter, resultJSON) + w.Write([]byte(str)) +} + func (e mainEnv) getUserRequest(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { request := ps.ByName("request") event := audit("get user request by request token", request, "request", request) diff --git a/src/requests_db.go b/src/requests_db.go index 4840c11..50d7f89 100644 --- a/src/requests_db.go +++ b/src/requests_db.go @@ -77,6 +77,34 @@ func (dbobj dbcon) getRequests(status string, offset int32, limit int32) ([]byte return resultJSON, count, nil } +func (dbobj dbcon) getUserRequests(userTOKEN string, offset int32, limit int32) ([]byte, int64, error) { + //var results []*auditEvent + count, err := dbobj.store.CountRecords(storage.TblName.Requests, "token", userTOKEN) + if err != nil { + return nil, 0, err + } + var results []bson.M + records, err := dbobj.store.GetList(storage.TblName.Requests, "token", userTOKEN, offset, limit) + if err != nil { + return nil, 0, err + } + for _, element := range records { + element["more"] = false + if _, ok := element["change"]; ok { + element["more"] = true + delete(element, "change") + } + results = append(results, element) + } + + resultJSON, err := json.Marshal(records) + if err != nil { + return nil, 0, err + } + //fmt.Printf("Found multiple documents (array of pointers): %+v\n", results) + return resultJSON, count, nil +} + func (dbobj dbcon) getRequest(rtoken string) (bson.M, error) { record, err := dbobj.store.GetRecord(storage.TblName.Requests, "rtoken", rtoken) if err != nil { diff --git a/ui/site/user-apps.html b/ui/site/user-apps.html index 6efd2e6..f269487 100644 --- a/ui/site/user-apps.html +++ b/ui/site/user-apps.html @@ -54,6 +54,7 @@ if (conf["custom_css_file"]) { Profile App data Privacy portal + My requests History Logout diff --git a/ui/site/user-audit.html b/ui/site/user-audit.html index e0418d5..af2c1df 100644 --- a/ui/site/user-audit.html +++ b/ui/site/user-audit.html @@ -188,6 +188,7 @@ if (conf["custom_css_file"]) { App data Privacy portal History + My requests Logout diff --git a/ui/site/user-privacy-portal.html b/ui/site/user-privacy-portal.html index b8b024b..3fa4136 100644 --- a/ui/site/user-privacy-portal.html +++ b/ui/site/user-privacy-portal.html @@ -47,6 +47,7 @@ if (conf["custom_css_file"]) { App data Privacy portal History + My requests Logout diff --git a/ui/site/user-profile.html b/ui/site/user-profile.html index 58abd4c..191ad5e 100644 --- a/ui/site/user-profile.html +++ b/ui/site/user-profile.html @@ -51,6 +51,7 @@ if (conf["custom_css_file"]) { App data Privacy portal History + My requests Logout diff --git a/ui/site/user-requests.html b/ui/site/user-requests.html new file mode 100644 index 0000000..ef41b63 --- /dev/null +++ b/ui/site/user-requests.html @@ -0,0 +1,222 @@ + + + + + + + Data Bunker - admin / view user requests + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ +
+
+

User requests

+

All open requests listed below.

+ + + + + + + + + + +
TimeUser IdentifierActivityStatusActions
+
+
+
+ + +