-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathdb.go
74 lines (66 loc) · 2.11 KB
/
db.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
package authinfo
import (
"context"
"errors"
"github.com/glasskube/distr/internal/apierrors"
"github.com/glasskube/distr/internal/authn"
"github.com/glasskube/distr/internal/db"
"github.com/glasskube/distr/internal/types"
"github.com/glasskube/distr/internal/util"
)
type DbAuthInfo struct {
AuthInfo
user *types.UserAccount
org *types.Organization
}
func (a DbAuthInfo) CurrentUser() *types.UserAccount {
return a.user
}
func (a DbAuthInfo) CurrentOrg() *types.Organization {
return a.org
}
func DbAuthenticator() authn.Authenticator[AuthInfo, *DbAuthInfo] {
return authn.AuthenticatorFunc[AuthInfo, *DbAuthInfo](func(ctx context.Context, a AuthInfo) (*DbAuthInfo, error) {
var user *types.UserAccount
var org *types.Organization
var err error
if a.CurrentOrgID() != nil && a.CurrentUserRole() != nil {
if user, org, err = db.GetUserAccountAndOrg(
ctx, a.CurrentUserID(), *a.CurrentOrgID(), *a.CurrentUserRole()); errors.Is(err, apierrors.ErrNotFound) {
return nil, authn.ErrBadAuthentication
}
} else if user, err = db.GetUserAccountByID(ctx, a.CurrentUserID()); errors.Is(err, apierrors.ErrNotFound) {
return nil, authn.ErrBadAuthentication
}
if err != nil {
return nil, err
}
return &DbAuthInfo{
AuthInfo: a,
user: user,
org: org,
}, nil
})
}
func AgentDbAuthenticator() authn.Authenticator[AgentAuthInfo, *DbAuthInfo] {
return authn.AuthenticatorFunc[AgentAuthInfo, *DbAuthInfo](func(ctx context.Context, a AgentAuthInfo) (*DbAuthInfo, error) {
userWithRole, org, err := db.GetUserAccountAndOrgForDeploymentTarget(ctx, a.CurrentDeploymentTargetID())
if errors.Is(err, apierrors.ErrNotFound) {
return nil, authn.ErrBadAuthentication
} else if err != nil {
return nil, err
}
return &DbAuthInfo{
AuthInfo: &SimpleAuthInfo{
organizationID: &org.ID,
userID: userWithRole.ID,
userEmail: userWithRole.Email,
emailVerified: userWithRole.EmailVerifiedAt != nil,
userRole: util.PtrTo(userWithRole.UserRole),
rawToken: a.Token(),
},
user: util.PtrTo(userWithRole.AsUserAccount()),
org: org,
}, nil
})
}