scottk/databunker
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/databunker.git synced 2025-11-03 19:37:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor code - adding new utils module

Browse Source
This commit is contained in:
yuli
2024-12-26 23:13:11 +02:00
parent e16ef588a7
commit 836f16d74d
26 changed files with 601 additions and 467 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
src/requests_api.go
View File

@@ -7,11 +7,12 @@ import (
"strings"
"github.com/julienschmidt/httprouter"
"github.com/securitybunker/databunker/src/utils"
)
// This function retrieves all requests that require admin approval. This function supports result pager.
func (e mainEnv) getUserRequests(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
if e.enforceAuth(w, r, nil) == "" {
if e.EnforceAuth(w, r, nil) == "" {
return
}
var offset int32
@@ -19,17 +20,17 @@ func (e mainEnv) getUserRequests(w http.ResponseWriter, r *http.Request, ps http
status := "open"
args := r.URL.Query()
if value, ok := args["offset"]; ok {
offset = atoi(value[0])
offset = utils.Atoi(value[0])
}
if value, ok := args["limit"]; ok {
limit = atoi(value[0])
limit = utils.Atoi(value[0])
}
if value, ok := args["status"]; ok {
status = value[0]
}
resultJSON, counter, err := e.db.getRequests(status, offset, limit)
if err != nil {
returnError(w, r, "internal error", 405, err, nil)
ReturnError(w, r, "internal error", 405, err, nil)
return
}
w.Header().Set("Content-Type", "application/json; charset=utf-8")
@@ -45,7 +46,7 @@ func (e mainEnv) getCustomUserRequests(w http.ResponseWriter, r *http.Request, p
event := audit("get user privacy requests", identity, mode, identity)
defer func() { event.submit(e.db, e.conf) }()
if e.enforceAuth(w, r, event) == "" {
if e.EnforceAuth(w, r, event) == "" {
return
}
userTOKEN := e.loadUserToken(w, r, mode, identity, event)
@@ -56,14 +57,14 @@ func (e mainEnv) getCustomUserRequests(w http.ResponseWriter, r *http.Request, p
var limit int32 = 10
args := r.URL.Query()
if value, ok := args["offset"]; ok {
offset = atoi(value[0])
offset = utils.Atoi(value[0])
}
if value, ok := args["limit"]; ok {
limit = atoi(value[0])
limit = utils.Atoi(value[0])
}
resultJSON, counter, err := e.db.getUserRequests(userTOKEN, offset, limit)
if err != nil {
returnError(w, r, "internal error", 405, err, nil)
ReturnError(w, r, "internal error", 405, err, nil)
return
}
w.Header().Set("Content-Type", "application/json; charset=utf-8")
@@ -77,30 +78,30 @@ func (e mainEnv) getUserRequest(w http.ResponseWriter, r *http.Request, ps httpr
event := audit("get user request by request token", request, "request", request)
defer func() { event.submit(e.db, e.conf) }()
if enforceUUID(w, request, event) == false {
if EnforceUUID(w, request, event) == false {
return
}
requestInfo, err := e.db.getRequest(request)
if err != nil {
returnError(w, r, "internal error", 405, err, nil)
ReturnError(w, r, "internal error", 405, err, nil)
return
}
if len(requestInfo) == 0 {
returnError(w, r, "not found", 405, err, event)
ReturnError(w, r, "not found", 405, err, event)
return
}
var resultJSON []byte
action := getStringValue(requestInfo["action"])
userTOKEN := getStringValue(requestInfo["token"])
action := utils.GetStringValue(requestInfo["action"])
userTOKEN := utils.GetStringValue(requestInfo["token"])
if len(userTOKEN) != 0 {
event.Record = userTOKEN
}
if e.enforceAdmin(w, r, event) == "" {
if e.EnforceAdmin(w, r, event) == "" {
return
}
change := getStringValue(requestInfo["change"])
appName := getStringValue(requestInfo["app"])
brief := getStringValue(requestInfo["brief"])
change := utils.GetStringValue(requestInfo["change"])
appName := utils.GetStringValue(requestInfo["app"])
brief := utils.GetStringValue(requestInfo["brief"])
if strings.HasPrefix(action, "plugin") {
brief = ""
}
@@ -112,11 +113,11 @@ func (e mainEnv) getUserRequest(w http.ResponseWriter, r *http.Request, ps httpr
resultJSON, err = e.db.getUserJSON(userTOKEN)
}
if err != nil {
returnError(w, r, "internal error", 405, err, event)
ReturnError(w, r, "internal error", 405, err, event)
return
}
if resultJSON == nil {
returnError(w, r, "not found", 405, err, event)
ReturnError(w, r, "not found", 405, err, event)
return
}
//fmt.Printf("Full json: %s\n", resultJSON)
@@ -145,49 +146,49 @@ func (e mainEnv) approveUserRequest(w http.ResponseWriter, r *http.Request, ps h
event := audit("approve user request", request, "request", request)
defer func() { event.submit(e.db, e.conf) }()
if enforceUUID(w, request, event) == false {
if EnforceUUID(w, request, event) == false {
return
}
authResult := e.enforceAdmin(w, r, event)
authResult := e.EnforceAdmin(w, r, event)
if authResult == "" {
return
}
records, err := getJSONPostMap(r)
records, err := utils.GetJSONPostMap(r)
if err != nil {
returnError(w, r, "failed to decode request body", 405, err, event)
ReturnError(w, r, "failed to decode request body", 405, err, event)
return
}
reason := getStringValue(records["reason"])
reason := utils.GetStringValue(records["reason"])
requestInfo, err := e.db.getRequest(request)
if err != nil {
returnError(w, r, "internal error", 405, err, event)
ReturnError(w, r, "internal error", 405, err, event)
return
}
if len(requestInfo) == 0 {
returnError(w, r, "not found", 405, err, event)
ReturnError(w, r, "not found", 405, err, event)
return
}
userTOKEN := getStringValue(requestInfo["token"])
userTOKEN := utils.GetStringValue(requestInfo["token"])
if len(userTOKEN) != 0 {
event.Record = userTOKEN
}
action := getStringValue(requestInfo["action"])
status := getStringValue(requestInfo["status"])
action := utils.GetStringValue(requestInfo["action"])
status := utils.GetStringValue(requestInfo["status"])
if status != "open" {
returnError(w, r, "wrong status: "+status, 405, err, event)
ReturnError(w, r, "wrong status: "+status, 405, err, event)
return
}
userJSON, userBSON, err := e.db.getUser(userTOKEN)
if err != nil {
returnError(w, r, "internal error", 405, err, event)
ReturnError(w, r, "internal error", 405, err, event)
return
}
if userJSON == nil {
returnError(w, r, "not found", 405, err, event)
ReturnError(w, r, "not found", 405, err, event)
return
}
if action == "forget-me" {
email := getStringValue(userBSON["email"])
email := utils.GetStringValue(userBSON["email"])
if len(email) > 0 {
e.globalUserDelete(email)
}
@@ -198,7 +199,7 @@ func (e mainEnv) approveUserRequest(w http.ResponseWriter, r *http.Request, ps h
event.Msg = "failed to delete"
}
if err != nil {
returnError(w, r, "internal error", 405, err, event)
ReturnError(w, r, "internal error", 405, err, event)
return
}
notifyURL := e.conf.Notification.NotificationURL
@@ -206,21 +207,21 @@ func (e mainEnv) approveUserRequest(w http.ResponseWriter, r *http.Request, ps h
} else if action == "change-profile" {
oldJSON, newJSON, lookupErr, err := e.db.updateUserRecord(requestInfo["change"].([]uint8), userTOKEN, userBSON, event, e.conf)
if lookupErr {
returnError(w, r, "internal error", 405, errors.New("not found"), event)
ReturnError(w, r, "internal error", 405, errors.New("not found"), event)
return
}
if err != nil {
returnError(w, r, "internal error", 405, err, event)
ReturnError(w, r, "internal error", 405, err, event)
return
}
returnUUID(w, userTOKEN)
utils.ReturnUUID(w, userTOKEN)
notifyURL := e.conf.Notification.NotificationURL
notifyProfileChange(notifyURL, oldJSON, newJSON, "token", userTOKEN)
} else if action == "change-app-data" {
app := requestInfo["app"].(string)
_, err = e.db.updateAppRecord(requestInfo["change"].([]uint8), userTOKEN, app, event, e.conf)
if err != nil {
returnError(w, r, "internal error", 405, err, event)
ReturnError(w, r, "internal error", 405, err, event)
return
}
} else if action == "agreement-withdraw" {
@@ -243,43 +244,43 @@ func (e mainEnv) cancelUserRequest(w http.ResponseWriter, r *http.Request, ps ht
event := audit("cancel user request", request, "request", request)
defer func() { event.submit(e.db, e.conf) }()
if enforceUUID(w, request, event) == false {
if EnforceUUID(w, request, event) == false {
return
}
records, err := getJSONPostMap(r)
records, err := utils.GetJSONPostMap(r)
if err != nil {
returnError(w, r, "failed to decode request body", 405, err, event)
ReturnError(w, r, "failed to decode request body", 405, err, event)
return
}
reason := getStringValue(records["reason"])
reason := utils.GetStringValue(records["reason"])
requestInfo, err := e.db.getRequest(request)
if err != nil {
returnError(w, r, "internal error", 405, err, event)
ReturnError(w, r, "internal error", 405, err, event)
return
}
if len(requestInfo) == 0 {
returnError(w, r, "not found", 405, err, event)
ReturnError(w, r, "not found", 405, err, event)
return
}
userTOKEN := getStringValue(requestInfo["token"])
userTOKEN := utils.GetStringValue(requestInfo["token"])
if len(userTOKEN) != 0 {
event.Record = userTOKEN
}
authResult := e.enforceAuth(w, r, event)
authResult := e.EnforceAuth(w, r, event)
if authResult == "" {
return
}
if requestInfo["status"].(string) != "open" {
returnError(w, r, "wrong status: "+requestInfo["status"].(string), 405, err, event)
ReturnError(w, r, "wrong status: "+requestInfo["status"].(string), 405, err, event)
return
}
resultJSON, err := e.db.getUserJSON(userTOKEN)
if err != nil {
returnError(w, r, "internal error", 405, err, event)
ReturnError(w, r, "internal error", 405, err, event)
return
}
if resultJSON == nil {
returnError(w, r, "not found", 405, err, event)
ReturnError(w, r, "not found", 405, err, event)
return
}
if len(reason) == 0 && authResult == "login" {