diff --git a/pkg/model/resource.go b/pkg/model/resource.go new file mode 100644 index 0000000..712f528 --- /dev/null +++ b/pkg/model/resource.go @@ -0,0 +1,13 @@ +package model + +type ResourceType int32 +const ( + ResourceUnknown ResourceType = 0 + ResourceMapfix ResourceType = 1 + ResourceSubmission ResourceType = 2 +) + +type Resource struct{ + ID int64 + Type ResourceType +} diff --git a/pkg/model/script.go b/pkg/model/script.go index 61b011e..f2d7ade 100644 --- a/pkg/model/script.go +++ b/pkg/model/script.go @@ -23,13 +23,6 @@ func HashParse(hash string) (uint64, error){ return strconv.ParseUint(hash, 16, 64) } -type ResourceType int32 -const ( - ResourceUnknown ResourceType = 0 - ResourceMapfix ResourceType = 1 - ResourceSubmission ResourceType = 2 -) - type Script struct { ID int64 `gorm:"primaryKey"` Name string diff --git a/pkg/service/audit_events.go b/pkg/service/audit_events.go index 8dfaf6e..d8ab5a6 100644 --- a/pkg/service/audit_events.go +++ b/pkg/service/audit_events.go @@ -3,7 +3,6 @@ package service import ( "context" "encoding/json" - "io" "git.itzana.me/strafesnet/go-grpc/users" "git.itzana.me/strafesnet/maps-service/pkg/api" @@ -11,83 +10,13 @@ import ( "git.itzana.me/strafesnet/maps-service/pkg/model" ) -// CreateMapfixAuditComment implements createMapfixAuditComment operation. -// -// Post a comment to the audit log -// -// POST /mapfixes/{MapfixID}/comment -func (svc *Service) CreateMapfixAuditComment(ctx context.Context, req api.CreateMapfixAuditCommentReq, params api.CreateMapfixAuditCommentParams) (error) { - userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle) - if !ok { - return ErrUserInfo - } - - has_role, err := userInfo.HasRoleMapfixReview() - if err != nil { - return err - } - - userId, err := userInfo.GetUserID() - if err != nil { - return err - } - - if !has_role { - // Submitter has special permission to comment on their mapfix - mapfix, err := svc.DB.Mapfixes().Get(ctx, params.MapfixID) - if err != nil { - return err - } - - if mapfix.Submitter != userId { - return ErrPermissionDeniedNeedRoleMapfixReview - } - } - - data, err := io.ReadAll(req) - if err != nil { - return err - } - - event_data := model.AuditEventDataComment{ - Comment: string(data), - } - - EventData, err := json.Marshal(&event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeComment, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil -} - -// ListMapfixAuditEvents invokes listMapfixAuditEvents operation. -// -// Retrieve a list of audit events. -// -// GET /mapfixes/{MapfixID}/audit-events -func (svc *Service) ListMapfixAuditEvents(ctx context.Context, params api.ListMapfixAuditEventsParams) ([]api.AuditEvent, error) { +func (svc *Service) ListAuditEvents(ctx context.Context, resource model.Resource, page model.Page) ([]api.AuditEvent, error){ filter := datastore.Optional() - filter.Add("resource_type", model.ResourceMapfix) - filter.Add("resource_id", params.MapfixID) + filter.Add("resource_type", resource.Type) + filter.Add("resource_id", resource.ID) - items, err := svc.DB.AuditEvents().List(ctx, filter, model.Page{ - Number: params.Page, - Size: params.Limit, - }) + items, err := svc.DB.AuditEvents().List(ctx, filter, page) if err != nil { return nil, err } @@ -139,49 +68,8 @@ func (svc *Service) ListMapfixAuditEvents(ctx context.Context, params api.ListMa return resp, nil } -// CreateSubmissionAuditComment implements createSubmissionAuditComment operation. -// -// Post a comment to the audit log -// -// POST /submissions/{SubmissionID}/comment -func (svc *Service) CreateSubmissionAuditComment(ctx context.Context, req api.CreateSubmissionAuditCommentReq, params api.CreateSubmissionAuditCommentParams) (error) { - userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle) - if !ok { - return ErrUserInfo - } - - has_role, err := userInfo.HasRoleSubmissionReview() - if err != nil { - return err - } - - userId, err := userInfo.GetUserID() - if err != nil { - return err - } - - if !has_role { - // Submitter has special permission to comment on their submission - submission, err := svc.DB.Submissions().Get(ctx, params.SubmissionID) - if err != nil { - return err - } - - if submission.Submitter != userId { - return ErrPermissionDeniedNeedRoleSubmissionReview - } - } - - data, err := io.ReadAll(req) - if err != nil { - return err - } - - event_data := model.AuditEventDataComment{ - Comment: string(data), - } - - EventData, err := json.Marshal(&event_data) +func (svc *Service) CreateAuditEventAction(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataAction) error { + EventData, err := json.Marshal(event_data) if err != nil { return err } @@ -189,8 +77,29 @@ func (svc *Service) CreateSubmissionAuditComment(ctx context.Context, req api.Cr _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ ID: 0, User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, + ResourceType: resource.Type, + ResourceID: resource.ID, + EventType: model.AuditEventTypeAction, + EventData: EventData, + }) + if err != nil { + return err + } + + return nil +} + +func (svc *Service) CreateAuditEventComment(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataComment) error { + EventData, err := json.Marshal(event_data) + if err != nil { + return err + } + + _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ + ID: 0, + User: userId, + ResourceType: resource.Type, + ResourceID: resource.ID, EventType: model.AuditEventTypeComment, EventData: EventData, }) @@ -201,68 +110,23 @@ func (svc *Service) CreateSubmissionAuditComment(ctx context.Context, req api.Cr return nil } -// ListSubmissionAuditEvents invokes listSubmissionAuditEvents operation. -// -// Retrieve a list of audit events. -// -// GET /submissions/{SubmissionID}/audit-events -func (svc *Service) ListSubmissionAuditEvents(ctx context.Context, params api.ListSubmissionAuditEventsParams) ([]api.AuditEvent, error) { - filter := datastore.Optional() +func (svc *Service) CreateAuditEventChangeModel(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataChangeModel) error { + EventData, err := json.Marshal(event_data) + if err != nil { + return err + } - filter.Add("resource_type", model.ResourceSubmission) - filter.Add("resource_id", params.SubmissionID) - - items, err := svc.DB.AuditEvents().List(ctx, filter, model.Page{ - Number: params.Page, - Size: params.Limit, + _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ + ID: 0, + User: userId, + ResourceType: resource.Type, + ResourceID: resource.ID, + EventType: model.AuditEventTypeChangeModel, + EventData: EventData, }) if err != nil { - return nil, err + return err } - idMap := make(map[int64]bool) - for _, item := range items { - idMap[int64(item.User)] = true - } - - var idList users.IdList - idList.ID = make([]int64,len(idMap)) - for userId := range idMap { - idList.ID = append(idList.ID, userId) - } - - userList, err := svc.Users.GetList(ctx, &idList) - if err != nil { - return nil, err - } - - userMap := make(map[int64]*users.UserResponse) - for _,user := range userList.Users { - userMap[user.ID] = user - } - - var resp []api.AuditEvent - for _, item := range items { - EventData := api.AuditEventEventData{} - err = EventData.UnmarshalJSON(item.EventData) - if err != nil { - return nil, err - } - username := "" - if userMap[int64(item.User)] != nil { - username = userMap[int64(item.User)].Username - } - resp = append(resp, api.AuditEvent{ - ID: item.ID, - Date: item.CreatedAt.Unix(), - User: int64(item.User), - Username: username, - ResourceType: int32(item.ResourceType), - ResourceID: item.ResourceID, - EventType: int32(item.EventType), - EventData: EventData, - }) - } - - return resp, nil + return nil } diff --git a/pkg/service/mapfixes.go b/pkg/service/mapfixes.go index c43f708..4c40393 100644 --- a/pkg/service/mapfixes.go +++ b/pkg/service/mapfixes.go @@ -5,6 +5,7 @@ import ( "encoding/json" "errors" "fmt" + "io" "time" "git.itzana.me/strafesnet/go-grpc/maps" @@ -298,24 +299,15 @@ func (svc *Service) UpdateMapfixModel(ctx context.Context, params api.UpdateMapf NewModelVersion: NewModelVersion, } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeChangeModel, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventChangeModel( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixReject invokes actionMapfixReject operation. @@ -356,24 +348,15 @@ func (svc *Service) ActionMapfixReject(ctx context.Context, params api.ActionMap TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixRequestChanges invokes actionMapfixRequestChanges operation. @@ -414,24 +397,15 @@ func (svc *Service) ActionMapfixRequestChanges(ctx context.Context, params api.A TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixRevoke invokes actionMapfixRevoke operation. @@ -475,24 +449,15 @@ func (svc *Service) ActionMapfixRevoke(ctx context.Context, params api.ActionMap TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixTriggerSubmit invokes actionMapfixTriggerSubmit operation. @@ -551,24 +516,15 @@ func (svc *Service) ActionMapfixTriggerSubmit(ctx context.Context, params api.Ac TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixBypassSubmit invokes actionMapfixBypassSubmit operation. @@ -621,24 +577,15 @@ func (svc *Service) ActionMapfixBypassSubmit(ctx context.Context, params api.Act TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixResetSubmitting implements actionMapfixResetSubmitting operation. @@ -686,24 +633,15 @@ func (svc *Service) ActionMapfixResetSubmitting(ctx context.Context, params api. TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixTriggerUpload invokes actionMapfixTriggerUpload operation. @@ -762,24 +700,15 @@ func (svc *Service) ActionMapfixTriggerUpload(ctx context.Context, params api.Ac TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixValidate invokes actionMapfixValidate operation. @@ -830,24 +759,15 @@ func (svc *Service) ActionMapfixValidated(ctx context.Context, params api.Action TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixTriggerValidate invokes actionMapfixTriggerValidate operation. @@ -939,24 +859,15 @@ func (svc *Service) ActionMapfixTriggerValidate(ctx context.Context, params api. TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixRetryValidate invokes actionMapfixRetryValidate operation. @@ -1019,24 +930,15 @@ func (svc *Service) ActionMapfixRetryValidate(ctx context.Context, params api.Ac TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixAccepted implements actionMapfixAccepted operation. @@ -1087,22 +989,85 @@ func (svc *Service) ActionMapfixAccepted(ctx context.Context, params api.ActionM TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) +} + +// CreateMapfixAuditComment implements createMapfixAuditComment operation. +// +// Post a comment to the audit log +// +// POST /mapfixes/{MapfixID}/comment +func (svc *Service) CreateMapfixAuditComment(ctx context.Context, req api.CreateMapfixAuditCommentReq, params api.CreateMapfixAuditCommentParams) (error) { + userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle) + if !ok { + return ErrUserInfo + } + + has_role, err := userInfo.HasRoleMapfixReview() + if err != nil { + return err + } + + userId, err := userInfo.GetUserID() + if err != nil { + return err + } + + if !has_role { + // Submitter has special permission to comment on their mapfix + mapfix, err := svc.DB.Mapfixes().Get(ctx, params.MapfixID) + if err != nil { + return err + } + + if mapfix.Submitter != userId { + return ErrPermissionDeniedNeedRoleMapfixReview + } + } + + data, err := io.ReadAll(req) + if err != nil { + return err + } + + event_data := model.AuditEventDataComment{ + Comment: string(data), + } + + return svc.CreateAuditEventComment( + ctx, + userId, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) +} + +// ListMapfixAuditEvents invokes listMapfixAuditEvents operation. +// +// Retrieve a list of audit events. +// +// GET /mapfixes/{MapfixID}/audit-events +func (svc *Service) ListMapfixAuditEvents(ctx context.Context, params api.ListMapfixAuditEventsParams) ([]api.AuditEvent, error) { + return svc.ListAuditEvents( + ctx, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + model.Page{ + Number: params.Page, + Size: params.Limit, + }, + ) } diff --git a/pkg/service/submissions.go b/pkg/service/submissions.go index b2f0538..dc4543e 100644 --- a/pkg/service/submissions.go +++ b/pkg/service/submissions.go @@ -5,6 +5,7 @@ import ( "encoding/json" "errors" "fmt" + "io" "time" "git.itzana.me/strafesnet/go-grpc/maps" @@ -365,24 +366,15 @@ func (svc *Service) UpdateSubmissionModel(ctx context.Context, params api.Update NewModelVersion: NewModelVersion, } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: submission.ID, - EventType: model.AuditEventTypeChangeModel, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventChangeModel( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionReject invokes actionSubmissionReject operation. @@ -423,24 +415,15 @@ func (svc *Service) ActionSubmissionReject(ctx context.Context, params api.Actio TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionRequestChanges invokes actionSubmissionRequestChanges operation. @@ -481,24 +464,15 @@ func (svc *Service) ActionSubmissionRequestChanges(ctx context.Context, params a TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionRevoke invokes actionSubmissionRevoke operation. @@ -542,24 +516,15 @@ func (svc *Service) ActionSubmissionRevoke(ctx context.Context, params api.Actio TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionTriggerSubmit invokes actionSubmissionTriggerSubmit operation. @@ -626,24 +591,15 @@ func (svc *Service) ActionSubmissionTriggerSubmit(ctx context.Context, params ap TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionBypassSubmit invokes actionSubmissionBypassSubmit operation. @@ -696,24 +652,15 @@ func (svc *Service) ActionSubmissionBypassSubmit(ctx context.Context, params api TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionResetSubmitting implements actionSubmissionResetSubmitting operation. @@ -761,24 +708,15 @@ func (svc *Service) ActionSubmissionResetSubmitting(ctx context.Context, params TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionTriggerUpload invokes actionSubmissionTriggerUpload operation. @@ -844,24 +782,15 @@ func (svc *Service) ActionSubmissionTriggerUpload(ctx context.Context, params ap TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionValidate invokes actionSubmissionValidate operation. @@ -912,24 +841,15 @@ func (svc *Service) ActionSubmissionValidated(ctx context.Context, params api.Ac TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionTriggerValidate invokes actionSubmissionTriggerValidate operation. @@ -1004,24 +924,15 @@ func (svc *Service) ActionSubmissionTriggerValidate(ctx context.Context, params TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionRetryValidate invokes actionSubmissionRetryValidate operation. @@ -1084,24 +995,15 @@ func (svc *Service) ActionSubmissionRetryValidate(ctx context.Context, params ap TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionAccepted implements actionSubmissionAccepted operation. @@ -1152,24 +1054,15 @@ func (svc *Service) ActionSubmissionAccepted(ctx context.Context, params api.Act TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: userId, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ReleaseSubmissions invokes releaseSubmissions operation. @@ -1239,3 +1132,75 @@ func (svc *Service) ReleaseSubmissions(ctx context.Context, request []api.Releas return nil } + +// CreateSubmissionAuditComment implements createSubmissionAuditComment operation. +// +// Post a comment to the audit log +// +// POST /submissions/{SubmissionID}/comment +func (svc *Service) CreateSubmissionAuditComment(ctx context.Context, req api.CreateSubmissionAuditCommentReq, params api.CreateSubmissionAuditCommentParams) (error) { + userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle) + if !ok { + return ErrUserInfo + } + + has_role, err := userInfo.HasRoleSubmissionReview() + if err != nil { + return err + } + + userId, err := userInfo.GetUserID() + if err != nil { + return err + } + + if !has_role { + // Submitter has special permission to comment on their submission + submission, err := svc.DB.Submissions().Get(ctx, params.SubmissionID) + if err != nil { + return err + } + + if submission.Submitter != userId { + return ErrPermissionDeniedNeedRoleSubmissionReview + } + } + + data, err := io.ReadAll(req) + if err != nil { + return err + } + + event_data := model.AuditEventDataComment{ + Comment: string(data), + } + + return svc.CreateAuditEventComment( + ctx, + userId, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) +} + +// ListSubmissionAuditEvents invokes listSubmissionAuditEvents operation. +// +// Retrieve a list of audit events. +// +// GET /submissions/{SubmissionID}/audit-events +func (svc *Service) ListSubmissionAuditEvents(ctx context.Context, params api.ListSubmissionAuditEventsParams) ([]api.AuditEvent, error) { + return svc.ListAuditEvents( + ctx, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + model.Page{ + Number: params.Page, + Size: params.Limit, + }, + ) +} diff --git a/pkg/service_internal/audit_events.go b/pkg/service_internal/audit_events.go new file mode 100644 index 0000000..82e6dd6 --- /dev/null +++ b/pkg/service_internal/audit_events.go @@ -0,0 +1,71 @@ +package service_internal + +import ( + "context" + "encoding/json" + + "git.itzana.me/strafesnet/maps-service/pkg/model" +) + +func (svc *Service) CreateAuditEventAction(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataAction) error { + EventData, err := json.Marshal(event_data) + if err != nil { + return err + } + + _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ + ID: 0, + User: userId, + ResourceType: resource.Type, + ResourceID: resource.ID, + EventType: model.AuditEventTypeAction, + EventData: EventData, + }) + if err != nil { + return err + } + + return nil +} + +func (svc *Service) CreateAuditEventChangeValidatedModel(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataChangeValidatedModel) error { + EventData, err := json.Marshal(event_data) + if err != nil { + return err + } + + _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ + ID: 0, + User: userId, + ResourceType: resource.Type, + ResourceID: resource.ID, + EventType: model.AuditEventTypeChangeValidatedModel, + EventData: EventData, + }) + if err != nil { + return err + } + + return nil +} + +func (svc *Service) CreateAuditEventError(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataError) error { + EventData, err := json.Marshal(event_data) + if err != nil { + return err + } + + _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ + ID: 0, + User: userId, + ResourceType: resource.Type, + ResourceID: resource.ID, + EventType: model.AuditEventTypeError, + EventData: EventData, + }) + if err != nil { + return err + } + + return nil +} diff --git a/pkg/service_internal/mapfixes.go b/pkg/service_internal/mapfixes.go index e6a4e74..3a86ae9 100644 --- a/pkg/service_internal/mapfixes.go +++ b/pkg/service_internal/mapfixes.go @@ -2,7 +2,6 @@ package service_internal import ( "context" - "encoding/json" "errors" "fmt" @@ -54,24 +53,15 @@ func (svc *Service) UpdateMapfixValidatedModel(ctx context.Context, params inter ValidatedModelVersion: ValidatedModelVersion, } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeChangeValidatedModel, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventChangeValidatedModel( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixSubmitted invokes actionMapfixSubmitted operation. @@ -97,24 +87,15 @@ func (svc *Service) ActionMapfixSubmitted(ctx context.Context, params internal.A TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixRequestChanges implements actionMapfixRequestChanges operation. @@ -137,19 +118,15 @@ func (svc *Service) ActionMapfixRequestChanges(ctx context.Context, params inter Error: params.ErrorMessage, } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeError, - EventData: EventData, - }) + err = svc.CreateAuditEventError( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) if err != nil { return err } @@ -159,24 +136,15 @@ func (svc *Service) ActionMapfixRequestChanges(ctx context.Context, params inter TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixValidate invokes actionMapfixValidate operation. @@ -212,19 +180,15 @@ func (svc *Service) ActionMapfixAccepted(ctx context.Context, params internal.Ac Error: params.ErrorMessage, } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeError, - EventData: EventData, - }) + err = svc.CreateAuditEventError( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) if err != nil { return err } @@ -235,24 +199,15 @@ func (svc *Service) ActionMapfixAccepted(ctx context.Context, params internal.Ac TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // ActionMapfixUploaded implements actionMapfixUploaded operation. @@ -274,24 +229,15 @@ func (svc *Service) ActionMapfixUploaded(ctx context.Context, params internal.Ac TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceMapfix, - ResourceID: params.MapfixID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.MapfixID, + Type: model.ResourceMapfix, + }, + event_data, + ) } // POST /mapfixes diff --git a/pkg/service_internal/submissions.go b/pkg/service_internal/submissions.go index 1ce1e4c..23d7415 100644 --- a/pkg/service_internal/submissions.go +++ b/pkg/service_internal/submissions.go @@ -2,7 +2,6 @@ package service_internal import ( "context" - "encoding/json" "errors" "fmt" @@ -54,24 +53,15 @@ func (svc *Service) UpdateSubmissionValidatedModel(ctx context.Context, params i ValidatedModelVersion: ValidatedModelVersion, } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeChangeValidatedModel, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventChangeValidatedModel( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionSubmitted invokes actionSubmissionSubmitted operation. @@ -97,24 +87,15 @@ func (svc *Service) ActionSubmissionSubmitted(ctx context.Context, params intern TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionRequestChanges implements actionSubmissionRequestChanges operation. @@ -138,19 +119,15 @@ func (svc *Service) ActionSubmissionRequestChanges(ctx context.Context, params i Error: params.ErrorMessage, } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeError, - EventData: EventData, - }) + err = svc.CreateAuditEventError( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) if err != nil { return err } @@ -161,24 +138,15 @@ func (svc *Service) ActionSubmissionRequestChanges(ctx context.Context, params i TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionValidate invokes actionSubmissionValidate operation. @@ -200,24 +168,15 @@ func (svc *Service) ActionSubmissionValidated(ctx context.Context, params intern TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionAccepted implements actionSubmissionAccepted operation. @@ -242,19 +201,15 @@ func (svc *Service) ActionSubmissionAccepted(ctx context.Context, params interna Error: params.ErrorMessage, } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeError, - EventData: EventData, - }) + err = svc.CreateAuditEventError( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) if err != nil { return err } @@ -265,24 +220,15 @@ func (svc *Service) ActionSubmissionAccepted(ctx context.Context, params interna TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // ActionSubmissionUploaded implements actionSubmissionUploaded operation. @@ -305,24 +251,15 @@ func (svc *Service) ActionSubmissionUploaded(ctx context.Context, params interna TargetStatus: uint32(target_status), } - EventData, err := json.Marshal(event_data) - if err != nil { - return err - } - - _, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{ - ID: 0, - User: ValidtorUserID, - ResourceType: model.ResourceSubmission, - ResourceID: params.SubmissionID, - EventType: model.AuditEventTypeAction, - EventData: EventData, - }) - if err != nil { - return err - } - - return nil + return svc.CreateAuditEventAction( + ctx, + ValidtorUserID, + model.Resource{ + ID: params.SubmissionID, + Type: model.ResourceSubmission, + }, + event_data, + ) } // POST /submissions