From a6c1f5e7ad629ad7ad5844e0cdc45ab29e7fa6fc Mon Sep 17 00:00:00 2001 From: yuli Date: Tue, 13 Aug 2024 23:00:10 +0300 Subject: [PATCH] code optimization --- src/audit_api.go | 3 +-- src/lbasis_api.go | 9 +++------ src/pactivities_api.go | 15 +++++---------- src/requests_api.go | 3 +-- src/sessions_api.go | 14 +++++--------- src/users_api.go | 4 ++-- 6 files changed, 17 insertions(+), 31 deletions(-) diff --git a/src/audit_api.go b/src/audit_api.go index 47cf0d9..248f98b 100644 --- a/src/audit_api.go +++ b/src/audit_api.go @@ -40,8 +40,7 @@ func (e mainEnv) getAuditEvents(w http.ResponseWriter, r *http.Request, ps httpr } func (e mainEnv) getAdminAuditEvents(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } var offset int32 diff --git a/src/lbasis_api.go b/src/lbasis_api.go index 7e3450d..b5c6aa2 100644 --- a/src/lbasis_api.go +++ b/src/lbasis_api.go @@ -12,8 +12,7 @@ import ( func (e mainEnv) createLegalBasis(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { brief := ps.ByName("brief") - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } brief = normalizeBrief(brief) @@ -83,8 +82,7 @@ func (e mainEnv) createLegalBasis(w http.ResponseWriter, r *http.Request, ps htt func (e mainEnv) deleteLegalBasis(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { brief := ps.ByName("brief") - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } brief = normalizeBrief(brief) @@ -100,8 +98,7 @@ func (e mainEnv) deleteLegalBasis(w http.ResponseWriter, r *http.Request, ps htt } func (e mainEnv) listLegalBasisRecords(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } resultJSON, numRecords, err := e.db.getLegalBasisRecords() diff --git a/src/pactivities_api.go b/src/pactivities_api.go index de514f8..6e27a34 100644 --- a/src/pactivities_api.go +++ b/src/pactivities_api.go @@ -12,8 +12,7 @@ import ( func (e mainEnv) pactivityCreate(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { activity := ps.ByName("activity") - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } activity = normalizeBrief(activity) @@ -71,8 +70,7 @@ func (e mainEnv) pactivityCreate(w http.ResponseWriter, r *http.Request, ps http func (e mainEnv) pactivityDelete(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { activity := ps.ByName("activity") - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } activity = normalizeBrief(activity) @@ -89,8 +87,7 @@ func (e mainEnv) pactivityDelete(w http.ResponseWriter, r *http.Request, ps http func (e mainEnv) pactivityLink(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { activity := ps.ByName("activity") brief := ps.ByName("brief") - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } activity = normalizeBrief(activity) @@ -125,8 +122,7 @@ func (e mainEnv) pactivityLink(w http.ResponseWriter, r *http.Request, ps httpro func (e mainEnv) pactivityUnlink(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { activity := ps.ByName("activity") brief := ps.ByName("brief") - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } activity = normalizeBrief(activity) @@ -150,8 +146,7 @@ func (e mainEnv) pactivityUnlink(w http.ResponseWriter, r *http.Request, ps http } func (e mainEnv) pactivityList(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } resultJSON, numRecords, err := e.db.listProcessingActivities() diff --git a/src/requests_api.go b/src/requests_api.go index cfdff23..114054a 100644 --- a/src/requests_api.go +++ b/src/requests_api.go @@ -114,8 +114,7 @@ func (e mainEnv) getUserRequest(w http.ResponseWriter, r *http.Request, ps httpr if len(userTOKEN) != 0 { event.Record = userTOKEN } - authResult := e.enforceAuth(w, r, event) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } change := getStringValue(requestInfo["change"]) diff --git a/src/sessions_api.go b/src/sessions_api.go index 19fbb68..a386b51 100644 --- a/src/sessions_api.go +++ b/src/sessions_api.go @@ -3,12 +3,13 @@ package main import ( "encoding/json" "fmt" + "net/http" + "strings" + uuid "github.com/hashicorp/go-uuid" "github.com/julienschmidt/httprouter" "github.com/securitybunker/databunker/src/storage" "go.mongodb.org/mongo-driver/bson" - "net/http" - "strings" ) func (e mainEnv) createSession(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { @@ -23,8 +24,7 @@ func (e mainEnv) createSession(w http.ResponseWriter, r *http.Request, ps httpro //returnError(w, r, "bad session format", nil, event) return } - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } expiration := e.conf.Policy.MaxSessionRetentionPeriod @@ -77,8 +77,7 @@ func (e mainEnv) deleteSession(w http.ResponseWriter, r *http.Request, ps httpro //returnError(w, r, "bad session format", nil, event) return } - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } e.db.deleteSession(session) @@ -147,7 +146,6 @@ func (e mainEnv) newUserSession(w http.ResponseWriter, r *http.Request, ps httpr w.Header().Set("Content-Type", "application/json; charset=utf-8") w.WriteHeader(200) fmt.Fprintf(w, `{"status":"ok","session":"%s"}`, sessionID) - return } func (e mainEnv) getUserSessions(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { @@ -201,7 +199,6 @@ func (e mainEnv) getUserSessions(w http.ResponseWriter, r *http.Request, ps http w.Header().Set("Content-Type", "application/json; charset=utf-8") w.WriteHeader(200) fmt.Fprintf(w, `{"status":"ok","total":%d,"rows":[%s]}`, count, data) - return } func (e mainEnv) getSession(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { @@ -227,5 +224,4 @@ func (e mainEnv) getSession(w http.ResponseWriter, r *http.Request, ps httproute w.Header().Set("Content-Type", "application/json; charset=utf-8") w.WriteHeader(200) fmt.Fprintf(w, `{"status":"ok","session":"%s","when":%d,"data":%s}`, session, when, record) - return } diff --git a/src/users_api.go b/src/users_api.go index 60e30a2..73b6f3d 100644 --- a/src/users_api.go +++ b/src/users_api.go @@ -128,6 +128,7 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P mode := ps.ByName("mode") event := audit("get user record by "+mode, identity, mode, identity) defer func() { event.submit(e.db, e.conf) }() + if validateMode(mode) == false { returnError(w, r, "bad mode", 405, nil, event) return @@ -165,8 +166,7 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P } func (e mainEnv) userList(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - authResult := e.enforceAdmin(w, r) - if authResult == "" { + if e.enforceAdmin(w, r) == "" { return } if e.conf.Generic.ListUsers == false {