2023-10-12 15:42:36 +02:00
package server
import (
2024-07-03 11:33:02 +02:00
"context"
2024-05-30 15:22:42 +02:00
"encoding/json"
2024-03-10 19:09:45 +01:00
"errors"
2024-02-22 12:27:08 +01:00
"fmt"
2024-09-16 15:47:03 +02:00
"net"
2024-06-13 12:39:19 +02:00
"os"
2023-10-12 15:42:36 +02:00
"path/filepath"
"runtime"
2024-07-02 12:40:26 +02:00
"runtime/debug"
2024-10-09 20:17:25 +02:00
"strconv"
2023-10-12 15:42:36 +02:00
"strings"
"sync"
"time"
log "github.com/sirupsen/logrus"
2024-05-16 18:28:37 +02:00
"gorm.io/driver/postgres"
2023-10-12 15:42:36 +02:00
"gorm.io/driver/sqlite"
"gorm.io/gorm"
"gorm.io/gorm/clause"
"gorm.io/gorm/logger"
2023-11-28 13:45:26 +01:00
nbdns "github.com/netbirdio/netbird/dns"
2023-11-30 11:51:35 +01:00
"github.com/netbirdio/netbird/management/server/account"
2024-03-27 18:48:48 +01:00
nbgroup "github.com/netbirdio/netbird/management/server/group"
2023-11-28 13:45:26 +01:00
nbpeer "github.com/netbirdio/netbird/management/server/peer"
2024-02-20 09:59:56 +01:00
"github.com/netbirdio/netbird/management/server/posture"
2023-11-28 13:45:26 +01:00
"github.com/netbirdio/netbird/management/server/status"
"github.com/netbirdio/netbird/management/server/telemetry"
"github.com/netbirdio/netbird/route"
2023-10-12 15:42:36 +02:00
)
2024-06-13 12:39:19 +02:00
const (
2024-11-11 20:29:59 +01:00
storeSqliteFileName = "store.db"
idQueryCondition = "id = ?"
keyQueryCondition = "key = ?"
accountAndIDQueryCondition = "account_id = ? and id = ?"
accountAndIDsQueryCondition = "account_id = ? AND id IN ?"
accountIDCondition = "account_id = ?"
peerNotFoundFMT = "peer %s not found"
2024-06-13 12:39:19 +02:00
)
2024-05-16 18:28:37 +02:00
// SqlStore represents an account storage backed by a Sql DB persisted to disk
type SqlStore struct {
2023-10-12 15:42:36 +02:00
db * gorm . DB
2024-07-31 14:53:32 +02:00
resourceLocks sync . Map
2023-10-12 15:42:36 +02:00
globalAccountLock sync . Mutex
metrics telemetry . AppMetrics
installationPK int
2024-05-16 18:28:37 +02:00
storeEngine StoreEngine
2023-10-12 15:42:36 +02:00
}
type installation struct {
ID uint ` gorm:"primaryKey" `
InstallationIDValue string
}
2024-04-18 18:14:21 +02:00
type migrationFunc func ( * gorm . DB ) error
2024-05-16 18:28:37 +02:00
// NewSqlStore creates a new SqlStore instance.
2024-07-03 11:33:02 +02:00
func NewSqlStore ( ctx context . Context , db * gorm . DB , storeEngine StoreEngine , metrics telemetry . AppMetrics ) ( * SqlStore , error ) {
2023-10-12 15:42:36 +02:00
sql , err := db . DB ( )
if err != nil {
return nil , err
}
2024-10-09 20:17:25 +02:00
conns , err := strconv . Atoi ( os . Getenv ( "NB_SQL_MAX_OPEN_CONNS" ) )
if err != nil {
conns = runtime . NumCPU ( )
}
2024-11-07 16:32:35 +01:00
if storeEngine == SqliteStoreEngine {
if err == nil {
log . WithContext ( ctx ) . Warnf ( "setting NB_SQL_MAX_OPEN_CONNS is not supported for sqlite, using default value 1" )
}
conns = 1
}
2024-10-09 20:17:25 +02:00
sql . SetMaxOpenConns ( conns )
2024-11-07 16:32:35 +01:00
log . WithContext ( ctx ) . Infof ( "Set max open db connections to %d" , conns )
2023-10-12 15:42:36 +02:00
2024-07-03 11:33:02 +02:00
if err := migrate ( ctx , db ) ; err != nil {
2024-04-18 18:14:21 +02:00
return nil , fmt . Errorf ( "migrate: %w" , err )
}
2023-10-12 15:42:36 +02:00
err = db . AutoMigrate (
2024-03-27 18:48:48 +01:00
& SetupKey { } , & nbpeer . Peer { } , & User { } , & PersonalAccessToken { } , & nbgroup . Group { } ,
2023-10-12 15:42:36 +02:00
& Account { } , & Policy { } , & PolicyRule { } , & route . Route { } , & nbdns . NameServerGroup { } ,
2024-02-20 11:53:11 +01:00
& installation { } , & account . ExtraSettings { } , & posture . Checks { } , & nbpeer . NetworkAddress { } ,
2023-10-12 15:42:36 +02:00
)
if err != nil {
2024-04-18 18:14:21 +02:00
return nil , fmt . Errorf ( "auto migrate: %w" , err )
2023-10-12 15:42:36 +02:00
}
2024-05-16 18:28:37 +02:00
return & SqlStore { db : db , storeEngine : storeEngine , metrics : metrics , installationPK : 1 } , nil
2023-10-12 15:42:36 +02:00
}
// AcquireGlobalLock acquires global lock across all the accounts and returns a function that releases the lock
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) AcquireGlobalLock ( ctx context . Context ) ( unlock func ( ) ) {
log . WithContext ( ctx ) . Tracef ( "acquiring global lock" )
2023-10-12 15:42:36 +02:00
start := time . Now ( )
s . globalAccountLock . Lock ( )
unlock = func ( ) {
s . globalAccountLock . Unlock ( )
2024-07-03 11:33:02 +02:00
log . WithContext ( ctx ) . Tracef ( "released global lock in %v" , time . Since ( start ) )
2023-10-12 15:42:36 +02:00
}
took := time . Since ( start )
2024-07-03 11:33:02 +02:00
log . WithContext ( ctx ) . Tracef ( "took %v to acquire global lock" , took )
2023-10-12 15:42:36 +02:00
if s . metrics != nil {
s . metrics . StoreMetrics ( ) . CountGlobalLockAcquisitionDuration ( took )
}
return unlock
}
2024-07-31 14:53:32 +02:00
// AcquireWriteLockByUID acquires an ID lock for writing to a resource and returns a function that releases the lock
func ( s * SqlStore ) AcquireWriteLockByUID ( ctx context . Context , uniqueID string ) ( unlock func ( ) ) {
log . WithContext ( ctx ) . Tracef ( "acquiring write lock for ID %s" , uniqueID )
2023-10-12 15:42:36 +02:00
start := time . Now ( )
2024-07-31 14:53:32 +02:00
value , _ := s . resourceLocks . LoadOrStore ( uniqueID , & sync . RWMutex { } )
2024-05-07 14:30:03 +02:00
mtx := value . ( * sync . RWMutex )
2023-10-12 15:42:36 +02:00
mtx . Lock ( )
unlock = func ( ) {
mtx . Unlock ( )
2024-07-31 14:53:32 +02:00
log . WithContext ( ctx ) . Tracef ( "released write lock for ID %s in %v" , uniqueID , time . Since ( start ) )
2024-05-07 14:30:03 +02:00
}
return unlock
}
2024-07-31 14:53:32 +02:00
// AcquireReadLockByUID acquires an ID lock for writing to a resource and returns a function that releases the lock
func ( s * SqlStore ) AcquireReadLockByUID ( ctx context . Context , uniqueID string ) ( unlock func ( ) ) {
log . WithContext ( ctx ) . Tracef ( "acquiring read lock for ID %s" , uniqueID )
2024-05-07 14:30:03 +02:00
start := time . Now ( )
2024-07-31 14:53:32 +02:00
value , _ := s . resourceLocks . LoadOrStore ( uniqueID , & sync . RWMutex { } )
2024-05-07 14:30:03 +02:00
mtx := value . ( * sync . RWMutex )
mtx . RLock ( )
unlock = func ( ) {
mtx . RUnlock ( )
2024-07-31 14:53:32 +02:00
log . WithContext ( ctx ) . Tracef ( "released read lock for ID %s in %v" , uniqueID , time . Since ( start ) )
2023-10-12 15:42:36 +02:00
}
return unlock
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) SaveAccount ( ctx context . Context , account * Account ) error {
2023-10-12 15:42:36 +02:00
start := time . Now ( )
2024-08-23 18:42:55 +02:00
defer func ( ) {
elapsed := time . Since ( start )
if elapsed > 1 * time . Second {
log . WithContext ( ctx ) . Tracef ( "SaveAccount for account %s exceeded 1s, took: %v" , account . Id , elapsed )
}
} ( )
2023-10-12 15:42:36 +02:00
2024-07-02 12:40:26 +02:00
// todo: remove this check after the issue is resolved
2024-07-03 11:33:02 +02:00
s . checkAccountDomainBeforeSave ( ctx , account . Id , account . Domain )
2023-10-12 15:42:36 +02:00
2024-07-02 12:40:26 +02:00
generateAccountSQLTypes ( account )
2023-10-12 15:42:36 +02:00
err := s . db . Transaction ( func ( tx * gorm . DB ) error {
result := tx . Select ( clause . Associations ) . Delete ( account . Policies , "account_id = ?" , account . Id )
if result . Error != nil {
return result . Error
}
result = tx . Select ( clause . Associations ) . Delete ( account . UsersG , "account_id = ?" , account . Id )
if result . Error != nil {
return result . Error
}
result = tx . Select ( clause . Associations ) . Delete ( account )
if result . Error != nil {
return result . Error
}
result = tx .
Session ( & gorm . Session { FullSaveAssociations : true } ) .
2024-04-20 22:04:20 +02:00
Clauses ( clause . OnConflict { UpdateAll : true } ) .
Create ( account )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
return result . Error
}
return nil
} )
took := time . Since ( start )
if s . metrics != nil {
s . metrics . StoreMetrics ( ) . CountPersistenceDuration ( took )
}
2024-07-03 11:33:02 +02:00
log . WithContext ( ctx ) . Debugf ( "took %d ms to persist an account to the store" , took . Milliseconds ( ) )
2023-10-12 15:42:36 +02:00
return err
}
2024-07-02 12:40:26 +02:00
// generateAccountSQLTypes generates the GORM compatible types for the account
func generateAccountSQLTypes ( account * Account ) {
for _ , key := range account . SetupKeys {
account . SetupKeysG = append ( account . SetupKeysG , * key )
}
for id , peer := range account . Peers {
peer . ID = id
account . PeersG = append ( account . PeersG , * peer )
}
for id , user := range account . Users {
user . Id = id
for id , pat := range user . PATs {
pat . ID = id
user . PATsG = append ( user . PATsG , * pat )
}
account . UsersG = append ( account . UsersG , * user )
}
for id , group := range account . Groups {
group . ID = id
account . GroupsG = append ( account . GroupsG , * group )
}
for id , route := range account . Routes {
route . ID = id
account . RoutesG = append ( account . RoutesG , * route )
}
for id , ns := range account . NameServerGroups {
ns . ID = id
account . NameServerGroupsG = append ( account . NameServerGroupsG , * ns )
}
}
// checkAccountDomainBeforeSave temporary method to troubleshoot an issue with domains getting blank
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) checkAccountDomainBeforeSave ( ctx context . Context , accountID , newDomain string ) {
2024-07-02 12:40:26 +02:00
var acc Account
var domain string
result := s . db . Model ( & acc ) . Select ( "domain" ) . Where ( idQueryCondition , accountID ) . First ( & domain )
if result . Error != nil {
if ! errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-07-03 11:33:02 +02:00
log . WithContext ( ctx ) . Errorf ( "error when getting account %s from the store to check domain: %s" , accountID , result . Error )
2024-07-02 12:40:26 +02:00
}
return
}
if domain != "" && newDomain == "" {
2024-07-03 11:33:02 +02:00
log . WithContext ( ctx ) . Warnf ( "saving an account with empty domain when there was a domain set. Previous domain %s, Account ID: %s, Trace: %s" , domain , accountID , debug . Stack ( ) )
2024-07-02 12:40:26 +02:00
}
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) DeleteAccount ( ctx context . Context , account * Account ) error {
2023-11-28 14:23:38 +01:00
start := time . Now ( )
err := s . db . Transaction ( func ( tx * gorm . DB ) error {
result := tx . Select ( clause . Associations ) . Delete ( account . Policies , "account_id = ?" , account . Id )
if result . Error != nil {
return result . Error
}
result = tx . Select ( clause . Associations ) . Delete ( account . UsersG , "account_id = ?" , account . Id )
if result . Error != nil {
return result . Error
}
result = tx . Select ( clause . Associations ) . Delete ( account )
if result . Error != nil {
return result . Error
}
return nil
} )
took := time . Since ( start )
if s . metrics != nil {
s . metrics . StoreMetrics ( ) . CountPersistenceDuration ( took )
}
2024-07-03 11:33:02 +02:00
log . WithContext ( ctx ) . Debugf ( "took %d ms to delete an account to the store" , took . Milliseconds ( ) )
2023-11-28 14:23:38 +01:00
return err
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) SaveInstallationID ( _ context . Context , ID string ) error {
2023-10-12 15:42:36 +02:00
installation := installation { InstallationIDValue : ID }
installation . ID = uint ( s . installationPK )
return s . db . Clauses ( clause . OnConflict { UpdateAll : true } ) . Create ( & installation ) . Error
}
2024-05-16 18:28:37 +02:00
func ( s * SqlStore ) GetInstallationID ( ) string {
2023-10-12 15:42:36 +02:00
var installation installation
2024-07-02 12:40:26 +02:00
if result := s . db . First ( & installation , idQueryCondition , s . installationPK ) ; result . Error != nil {
2023-10-12 15:42:36 +02:00
return ""
}
return installation . InstallationIDValue
}
2024-11-14 17:24:51 +01:00
func ( s * SqlStore ) SavePeer ( ctx context . Context , lockStrength LockingStrength , accountID string , peer * nbpeer . Peer ) error {
2024-07-26 07:49:05 +02:00
// To maintain data integrity, we create a copy of the peer's to prevent unintended updates to other fields.
peerCopy := peer . Copy ( )
peerCopy . AccountID = accountID
2024-11-14 17:24:51 +01:00
err := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Transaction ( func ( tx * gorm . DB ) error {
2024-07-26 07:49:05 +02:00
// check if peer exists before saving
var peerID string
result := tx . Model ( & nbpeer . Peer { } ) . Select ( "id" ) . Find ( & peerID , accountAndIDQueryCondition , accountID , peer . ID )
if result . Error != nil {
return result . Error
}
if peerID == "" {
return status . Errorf ( status . NotFound , peerNotFoundFMT , peer . ID )
}
result = tx . Model ( & nbpeer . Peer { } ) . Where ( accountAndIDQueryCondition , accountID , peer . ID ) . Save ( peerCopy )
if result . Error != nil {
return result . Error
}
return nil
} )
if err != nil {
return err
}
return nil
}
2024-10-12 08:35:51 +02:00
func ( s * SqlStore ) UpdateAccountDomainAttributes ( ctx context . Context , accountID string , domain string , category string , isPrimaryDomain bool ) error {
accountCopy := Account {
Domain : domain ,
DomainCategory : category ,
IsDomainPrimaryAccount : isPrimaryDomain ,
}
fieldsToUpdate := [ ] string { "domain" , "domain_category" , "is_domain_primary_account" }
2024-11-08 15:49:00 +01:00
result := s . db . Model ( & Account { } ) .
2024-10-12 08:35:51 +02:00
Select ( fieldsToUpdate ) .
Where ( idQueryCondition , accountID ) .
Updates ( & accountCopy )
if result . Error != nil {
return result . Error
}
if result . RowsAffected == 0 {
return status . Errorf ( status . NotFound , "account %s" , accountID )
}
return nil
}
2024-11-14 17:24:51 +01:00
func ( s * SqlStore ) SavePeerStatus ( ctx context . Context , lockStrength LockingStrength , accountID , peerID string , peerStatus nbpeer . PeerStatus ) error {
2024-05-07 14:30:03 +02:00
var peerCopy nbpeer . Peer
peerCopy . Status = & peerStatus
2024-07-16 17:38:12 +02:00
fieldsToUpdate := [ ] string {
"peer_status_last_seen" , "peer_status_connected" ,
"peer_status_login_expired" , "peer_status_required_approval" ,
}
2024-11-14 17:24:51 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & nbpeer . Peer { } ) .
2024-07-16 17:38:12 +02:00
Select ( fieldsToUpdate ) .
2024-07-26 07:49:05 +02:00
Where ( accountAndIDQueryCondition , accountID , peerID ) .
2024-07-16 17:38:12 +02:00
Updates ( & peerCopy )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
2024-05-07 14:30:03 +02:00
return result . Error
2023-10-12 15:42:36 +02:00
}
2024-05-07 14:30:03 +02:00
if result . RowsAffected == 0 {
2024-07-26 07:49:05 +02:00
return status . Errorf ( status . NotFound , peerNotFoundFMT , peerID )
2024-05-07 14:30:03 +02:00
}
2023-10-12 15:42:36 +02:00
2024-05-07 14:30:03 +02:00
return nil
2023-10-12 15:42:36 +02:00
}
2024-11-14 17:24:51 +01:00
func ( s * SqlStore ) SavePeerLocation ( ctx context . Context , lockStrength LockingStrength , accountID string , peerWithLocation * nbpeer . Peer ) error {
2024-05-07 14:30:03 +02:00
// To maintain data integrity, we create a copy of the peer's location to prevent unintended updates to other fields.
var peerCopy nbpeer . Peer
// Since the location field has been migrated to JSON serialization,
// updating the struct ensures the correct data format is inserted into the database.
peerCopy . Location = peerWithLocation . Location
2024-11-14 17:24:51 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & nbpeer . Peer { } ) .
2024-07-26 07:49:05 +02:00
Where ( accountAndIDQueryCondition , accountID , peerWithLocation . ID ) .
2024-05-07 14:30:03 +02:00
Updates ( peerCopy )
2024-02-20 09:59:56 +01:00
if result . Error != nil {
2024-05-07 14:30:03 +02:00
return result . Error
2024-02-20 09:59:56 +01:00
}
2024-05-07 14:30:03 +02:00
if result . RowsAffected == 0 {
2024-07-26 07:49:05 +02:00
return status . Errorf ( status . NotFound , peerNotFoundFMT , peerWithLocation . ID )
2024-05-07 14:30:03 +02:00
}
2024-02-20 09:59:56 +01:00
2024-05-07 14:30:03 +02:00
return nil
2024-02-20 09:59:56 +01:00
}
2024-07-15 16:04:06 +02:00
// SaveUsers saves the given list of users to the database.
2024-11-19 21:42:27 +01:00
func ( s * SqlStore ) SaveUsers ( ctx context . Context , lockStrength LockingStrength , users [ ] * User ) error {
if len ( users ) == 0 {
return nil
2024-11-01 10:58:39 +01:00
}
2024-11-19 21:42:27 +01:00
result := s . db . WithContext ( ctx ) . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Save ( & users )
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to save users to store: %s" , result . Error )
return status . Errorf ( status . Internal , "failed to save users to store" )
}
2024-11-01 10:58:39 +01:00
return nil
2024-07-15 16:04:06 +02:00
}
2024-10-04 16:17:01 +02:00
// SaveUser saves the given user to the database.
func ( s * SqlStore ) SaveUser ( ctx context . Context , lockStrength LockingStrength , user * User ) error {
2024-11-19 21:42:27 +01:00
result := s . db . WithContext ( ctx ) . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Select ( clause . Associations ) . Save ( user )
2024-10-04 16:17:01 +02:00
if result . Error != nil {
2024-11-19 21:42:27 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to save user to store: %s" , result . Error )
return status . Errorf ( status . Internal , "failed to save user to store" )
2024-10-04 16:17:01 +02:00
}
return nil
}
2024-07-15 16:04:06 +02:00
// SaveGroups saves the given list of groups to the database.
2024-10-04 16:17:01 +02:00
func ( s * SqlStore ) SaveGroups ( ctx context . Context , lockStrength LockingStrength , groups [ ] * nbgroup . Group ) error {
if len ( groups ) == 0 {
return nil
}
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Save ( & groups )
2024-10-04 16:17:01 +02:00
if result . Error != nil {
return status . Errorf ( status . Internal , "failed to save groups to store: %v" , result . Error )
2024-07-15 16:04:06 +02:00
}
2024-10-04 16:17:01 +02:00
return nil
2024-07-15 16:04:06 +02:00
}
2024-05-16 18:28:37 +02:00
// DeleteHashedPAT2TokenIDIndex is noop in SqlStore
func ( s * SqlStore ) DeleteHashedPAT2TokenIDIndex ( hashedToken string ) error {
2023-10-12 15:42:36 +02:00
return nil
}
2024-05-16 18:28:37 +02:00
// DeleteTokenID2UserIDIndex is noop in SqlStore
func ( s * SqlStore ) DeleteTokenID2UserIDIndex ( tokenID string ) error {
2023-10-12 15:42:36 +02:00
return nil
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetAccountByPrivateDomain ( ctx context . Context , domain string ) ( * Account , error ) {
2024-09-27 16:10:50 +02:00
accountID , err := s . GetAccountIDByPrivateDomain ( ctx , LockingStrengthShare , domain )
if err != nil {
return nil , err
}
// TODO: rework to not call GetAccount
return s . GetAccount ( ctx , accountID )
}
2023-10-12 15:42:36 +02:00
2024-09-27 16:10:50 +02:00
func ( s * SqlStore ) GetAccountIDByPrivateDomain ( ctx context . Context , lockStrength LockingStrength , domain string ) ( string , error ) {
var accountID string
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & Account { } ) . Select ( "id" ) .
2024-09-27 16:10:50 +02:00
Where ( "domain = ? and is_domain_primary_account = ? and domain_category = ?" ,
strings . ToLower ( domain ) , true , PrivateCategory ,
) . First ( & accountID )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
2024-03-10 19:09:45 +01:00
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-09-27 16:10:50 +02:00
return "" , status . Errorf ( status . NotFound , "account not found: provided domain is not registered or is not private" )
2024-03-10 19:09:45 +01:00
}
2024-07-03 11:33:02 +02:00
log . WithContext ( ctx ) . Errorf ( "error when getting account from the store: %s" , result . Error )
2024-10-09 14:33:58 +02:00
return "" , status . NewGetAccountFromStoreError ( result . Error )
2023-10-12 15:42:36 +02:00
}
2024-09-27 16:10:50 +02:00
return accountID , nil
2023-10-12 15:42:36 +02:00
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetAccountBySetupKey ( ctx context . Context , setupKey string ) ( * Account , error ) {
2023-10-12 15:42:36 +02:00
var key SetupKey
2024-11-08 15:49:00 +01:00
result := s . db . Select ( "account_id" ) . First ( & key , keyQueryCondition , setupKey )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
2024-03-10 19:09:45 +01:00
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-11-11 17:46:10 +01:00
return nil , status . NewSetupKeyNotFoundError ( setupKey )
2024-03-10 19:09:45 +01:00
}
2024-11-11 17:46:10 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to get account by setup key from store: %v" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get account by setup key from store" )
2023-10-12 15:42:36 +02:00
}
if key . AccountID == "" {
return nil , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-07-03 11:33:02 +02:00
return s . GetAccount ( ctx , key . AccountID )
2023-10-12 15:42:36 +02:00
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetTokenIDByHashedToken ( ctx context . Context , hashedToken string ) ( string , error ) {
2023-10-12 15:42:36 +02:00
var token PersonalAccessToken
result := s . db . First ( & token , "hashed_token = ?" , hashedToken )
if result . Error != nil {
2024-03-10 19:09:45 +01:00
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return "" , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-07-03 11:33:02 +02:00
log . WithContext ( ctx ) . Errorf ( "error when getting token from the store: %s" , result . Error )
2024-10-09 14:33:58 +02:00
return "" , status . NewGetAccountFromStoreError ( result . Error )
2023-10-12 15:42:36 +02:00
}
return token . ID , nil
}
2024-11-19 21:42:27 +01:00
func ( s * SqlStore ) GetUserByPATID ( ctx context . Context , lockStrength LockingStrength , patID string ) ( * User , error ) {
var user User
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Joins ( "JOIN personal_access_tokens ON personal_access_tokens.user_id = users.id" ) .
Where ( "personal_access_tokens.id = ?" , patID ) . First ( & user )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
2024-03-10 19:09:45 +01:00
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-11-19 21:42:27 +01:00
return nil , status . NewPATNotFoundError ( patID )
2024-03-10 19:09:45 +01:00
}
2024-11-19 21:42:27 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to get token user from the store: %s" , result . Error )
return nil , status . NewGetUserFromStoreError ( )
2023-10-12 15:42:36 +02:00
}
return & user , nil
}
2024-09-16 15:47:03 +02:00
func ( s * SqlStore ) GetUserByUserID ( ctx context . Context , lockStrength LockingStrength , userID string ) ( * User , error ) {
2024-08-19 12:50:11 +02:00
var user User
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
2024-09-27 16:10:50 +02:00
Preload ( clause . Associations ) . First ( & user , idQueryCondition , userID )
2024-08-19 12:50:11 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-09-16 15:47:03 +02:00
return nil , status . NewUserNotFoundError ( userID )
2024-08-19 12:50:11 +02:00
}
2024-09-16 15:47:03 +02:00
return nil , status . NewGetUserFromStoreError ( )
2024-08-19 12:50:11 +02:00
}
return & user , nil
}
2024-11-19 21:42:27 +01:00
func ( s * SqlStore ) DeleteUser ( ctx context . Context , lockStrength LockingStrength , accountID , userID string ) error {
err := s . db . Transaction ( func ( tx * gorm . DB ) error {
result := tx . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Delete ( & PersonalAccessToken { } , "user_id = ?" , userID )
if result . Error != nil {
return result . Error
}
return tx . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Delete ( & User { } , accountAndIDQueryCondition , accountID , userID ) . Error
} )
if err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to delete user from the store: %s" , err )
return status . Errorf ( status . Internal , "failed to delete user from store" )
}
return nil
}
2024-11-08 16:39:36 +01:00
func ( s * SqlStore ) GetAccountUsers ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * User , error ) {
2024-10-12 08:35:51 +02:00
var users [ ] * User
2024-11-08 16:39:36 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & users , accountIDCondition , accountID )
2024-10-12 08:35:51 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . Errorf ( status . NotFound , "accountID not found: index lookup failed" )
}
log . WithContext ( ctx ) . Errorf ( "error when getting users from the store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "issue getting users from store" )
}
return users , nil
}
2024-11-07 22:31:41 +01:00
func ( s * SqlStore ) GetAccountGroups ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * nbgroup . Group , error ) {
2024-08-19 12:50:11 +02:00
var groups [ ] * nbgroup . Group
2024-11-11 17:46:10 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & groups , accountIDCondition , accountID )
2024-08-19 12:50:11 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . Errorf ( status . NotFound , "accountID not found: index lookup failed" )
}
2024-11-07 22:31:41 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to get account groups from the store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get account groups from the store" )
2024-08-19 12:50:11 +02:00
}
return groups , nil
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetAllAccounts ( ctx context . Context ) ( all [ ] * Account ) {
2023-10-12 15:42:36 +02:00
var accounts [ ] Account
result := s . db . Find ( & accounts )
if result . Error != nil {
return all
}
for _ , account := range accounts {
2024-07-03 11:33:02 +02:00
if acc , err := s . GetAccount ( ctx , account . Id ) ; err == nil {
2023-10-12 15:42:36 +02:00
all = append ( all , acc )
}
}
return all
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetAccount ( ctx context . Context , accountID string ) ( * Account , error ) {
2024-08-23 18:42:55 +02:00
start := time . Now ( )
defer func ( ) {
elapsed := time . Since ( start )
if elapsed > 1 * time . Second {
log . WithContext ( ctx ) . Tracef ( "GetAccount for account %s exceeded 1s, took: %v" , accountID , elapsed )
}
} ( )
2024-05-07 14:30:03 +02:00
2023-10-12 15:42:36 +02:00
var account Account
result := s . db . Model ( & account ) .
Preload ( "UsersG.PATsG" ) . // have to be specifies as this is nester reference
Preload ( clause . Associations ) .
2024-07-02 12:40:26 +02:00
First ( & account , idQueryCondition , accountID )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
2024-07-03 11:33:02 +02:00
log . WithContext ( ctx ) . Errorf ( "error when getting account %s from the store: %s" , accountID , result . Error )
2024-03-10 19:09:45 +01:00
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-09-16 15:47:03 +02:00
return nil , status . NewAccountNotFoundError ( accountID )
2024-03-10 19:09:45 +01:00
}
2024-10-09 14:33:58 +02:00
return nil , status . NewGetAccountFromStoreError ( result . Error )
2023-10-12 15:42:36 +02:00
}
// we have to manually preload policy rules as it seems that gorm preloading doesn't do it for us
for i , policy := range account . Policies {
var rules [ ] * PolicyRule
err := s . db . Model ( & PolicyRule { } ) . Find ( & rules , "policy_id = ?" , policy . ID ) . Error
if err != nil {
2023-11-28 14:23:38 +01:00
return nil , status . Errorf ( status . NotFound , "rule not found" )
2023-10-12 15:42:36 +02:00
}
account . Policies [ i ] . Rules = rules
}
account . SetupKeys = make ( map [ string ] * SetupKey , len ( account . SetupKeysG ) )
for _ , key := range account . SetupKeysG {
account . SetupKeys [ key . Key ] = key . Copy ( )
}
account . SetupKeysG = nil
2023-11-28 13:45:26 +01:00
account . Peers = make ( map [ string ] * nbpeer . Peer , len ( account . PeersG ) )
2023-10-12 15:42:36 +02:00
for _ , peer := range account . PeersG {
account . Peers [ peer . ID ] = peer . Copy ( )
}
account . PeersG = nil
account . Users = make ( map [ string ] * User , len ( account . UsersG ) )
for _ , user := range account . UsersG {
user . PATs = make ( map [ string ] * PersonalAccessToken , len ( user . PATs ) )
for _ , pat := range user . PATsG {
user . PATs [ pat . ID ] = pat . Copy ( )
}
account . Users [ user . Id ] = user . Copy ( )
}
account . UsersG = nil
2024-03-27 18:48:48 +01:00
account . Groups = make ( map [ string ] * nbgroup . Group , len ( account . GroupsG ) )
2023-10-12 15:42:36 +02:00
for _ , group := range account . GroupsG {
account . Groups [ group . ID ] = group . Copy ( )
}
account . GroupsG = nil
2024-05-06 14:47:49 +02:00
account . Routes = make ( map [ route . ID ] * route . Route , len ( account . RoutesG ) )
2023-10-12 15:42:36 +02:00
for _ , route := range account . RoutesG {
account . Routes [ route . ID ] = route . Copy ( )
}
account . RoutesG = nil
account . NameServerGroups = make ( map [ string ] * nbdns . NameServerGroup , len ( account . NameServerGroupsG ) )
for _ , ns := range account . NameServerGroupsG {
account . NameServerGroups [ ns . ID ] = ns . Copy ( )
}
account . NameServerGroupsG = nil
return & account , nil
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetAccountByUser ( ctx context . Context , userID string ) ( * Account , error ) {
2023-10-12 15:42:36 +02:00
var user User
2024-11-08 15:49:00 +01:00
result := s . db . Select ( "account_id" ) . First ( & user , idQueryCondition , userID )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
2024-03-10 19:09:45 +01:00
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-10-09 14:33:58 +02:00
return nil , status . NewGetAccountFromStoreError ( result . Error )
2023-10-12 15:42:36 +02:00
}
if user . AccountID == "" {
return nil , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-07-03 11:33:02 +02:00
return s . GetAccount ( ctx , user . AccountID )
2023-10-12 15:42:36 +02:00
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetAccountByPeerID ( ctx context . Context , peerID string ) ( * Account , error ) {
2023-11-28 13:45:26 +01:00
var peer nbpeer . Peer
2024-11-08 15:49:00 +01:00
result := s . db . Select ( "account_id" ) . First ( & peer , idQueryCondition , peerID )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
2024-03-10 19:09:45 +01:00
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-10-09 14:33:58 +02:00
return nil , status . NewGetAccountFromStoreError ( result . Error )
2023-10-12 15:42:36 +02:00
}
if peer . AccountID == "" {
return nil , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-07-03 11:33:02 +02:00
return s . GetAccount ( ctx , peer . AccountID )
2023-10-12 15:42:36 +02:00
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetAccountByPeerPubKey ( ctx context . Context , peerKey string ) ( * Account , error ) {
2024-11-01 10:58:39 +01:00
var peer nbpeer . Peer
2024-11-08 15:49:00 +01:00
result := s . db . Select ( "account_id" ) . First ( & peer , keyQueryCondition , peerKey )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
2024-03-10 19:09:45 +01:00
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-10-09 14:33:58 +02:00
return nil , status . NewGetAccountFromStoreError ( result . Error )
2023-10-12 15:42:36 +02:00
}
if peer . AccountID == "" {
return nil , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-07-03 11:33:02 +02:00
return s . GetAccount ( ctx , peer . AccountID )
2023-10-12 15:42:36 +02:00
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetAccountIDByPeerPubKey ( ctx context . Context , peerKey string ) ( string , error ) {
2024-05-07 14:30:03 +02:00
var peer nbpeer . Peer
var accountID string
2024-11-08 15:49:00 +01:00
result := s . db . Model ( & peer ) . Select ( "account_id" ) . Where ( keyQueryCondition , peerKey ) . First ( & accountID )
2024-05-07 14:30:03 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return "" , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-10-09 14:33:58 +02:00
return "" , status . NewGetAccountFromStoreError ( result . Error )
2024-05-07 14:30:03 +02:00
}
return accountID , nil
}
2024-11-14 17:24:51 +01:00
func ( s * SqlStore ) GetAccountIDByUserID ( ctx context . Context , lockStrength LockingStrength , userID string ) ( string , error ) {
2024-05-31 16:41:12 +02:00
var accountID string
2024-11-14 17:24:51 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & User { } ) .
Select ( "account_id" ) . Where ( idQueryCondition , userID ) . First ( & accountID )
2024-05-31 16:41:12 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return "" , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
}
2024-10-09 14:33:58 +02:00
return "" , status . NewGetAccountFromStoreError ( result . Error )
2024-05-31 16:41:12 +02:00
}
return accountID , nil
}
2024-11-18 13:06:25 +01:00
func ( s * SqlStore ) GetAccountIDByPeerID ( ctx context . Context , lockStrength LockingStrength , peerID string ) ( string , error ) {
var accountID string
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & nbpeer . Peer { } ) .
Select ( "account_id" ) . Where ( idQueryCondition , peerID ) . First ( & accountID )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return "" , status . Errorf ( status . NotFound , "peer %s account not found" , peerID )
}
return "" , status . NewGetAccountFromStoreError ( result . Error )
}
return accountID , nil
}
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) GetAccountIDBySetupKey ( ctx context . Context , setupKey string ) ( string , error ) {
2024-05-31 16:41:12 +02:00
var accountID string
2024-11-08 15:49:00 +01:00
result := s . db . Model ( & SetupKey { } ) . Select ( "account_id" ) . Where ( keyQueryCondition , setupKey ) . First ( & accountID )
2024-05-31 16:41:12 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-11-11 17:46:10 +01:00
return "" , status . NewSetupKeyNotFoundError ( setupKey )
2024-05-31 16:41:12 +02:00
}
2024-11-11 17:46:10 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to get account ID by setup key from store: %v" , result . Error )
return "" , status . Errorf ( status . Internal , "failed to get account ID by setup key from store" )
2024-09-16 15:47:03 +02:00
}
if accountID == "" {
return "" , status . Errorf ( status . NotFound , "account not found: index lookup failed" )
2024-05-31 16:41:12 +02:00
}
return accountID , nil
}
2024-09-16 15:47:03 +02:00
func ( s * SqlStore ) GetTakenIPs ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] net . IP , error ) {
var ipJSONStrings [ ] string
// Fetch the IP addresses as JSON strings
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & nbpeer . Peer { } ) .
2024-09-16 15:47:03 +02:00
Where ( "account_id = ?" , accountID ) .
Pluck ( "ip" , & ipJSONStrings )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . Errorf ( status . NotFound , "no peers found for the account" )
}
2024-10-09 14:33:58 +02:00
return nil , status . Errorf ( status . Internal , "issue getting IPs from store: %s" , result . Error )
2024-09-16 15:47:03 +02:00
}
// Convert the JSON strings to net.IP objects
ips := make ( [ ] net . IP , len ( ipJSONStrings ) )
for i , ipJSON := range ipJSONStrings {
var ip net . IP
if err := json . Unmarshal ( [ ] byte ( ipJSON ) , & ip ) ; err != nil {
return nil , status . Errorf ( status . Internal , "issue parsing IP JSON from store" )
}
ips [ i ] = ip
}
return ips , nil
}
func ( s * SqlStore ) GetPeerLabelsInAccount ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] string , error ) {
2024-11-01 10:58:39 +01:00
var labels [ ] string
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & nbpeer . Peer { } ) .
2024-09-16 15:47:03 +02:00
Where ( "account_id = ?" , accountID ) .
Pluck ( "dns_label" , & labels )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . Errorf ( status . NotFound , "no peers found for the account" )
}
log . WithContext ( ctx ) . Errorf ( "error when getting dns labels from the store: %s" , result . Error )
2024-10-09 14:33:58 +02:00
return nil , status . Errorf ( status . Internal , "issue getting dns labels from store: %s" , result . Error )
2024-09-16 15:47:03 +02:00
}
return labels , nil
}
func ( s * SqlStore ) GetAccountNetwork ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( * Network , error ) {
2024-11-01 10:58:39 +01:00
var accountNetwork AccountNetwork
2024-11-08 15:49:00 +01:00
if err := s . db . Model ( & Account { } ) . Where ( idQueryCondition , accountID ) . First ( & accountNetwork ) . Error ; err != nil {
2024-09-16 15:47:03 +02:00
if errors . Is ( err , gorm . ErrRecordNotFound ) {
return nil , status . NewAccountNotFoundError ( accountID )
}
2024-10-09 14:33:58 +02:00
return nil , status . Errorf ( status . Internal , "issue getting network from store: %s" , err )
2024-09-16 15:47:03 +02:00
}
return accountNetwork . Network , nil
}
func ( s * SqlStore ) GetPeerByPeerPubKey ( ctx context . Context , lockStrength LockingStrength , peerKey string ) ( * nbpeer . Peer , error ) {
2024-05-31 16:41:12 +02:00
var peer nbpeer . Peer
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . First ( & peer , keyQueryCondition , peerKey )
2024-05-31 16:41:12 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-11-19 08:47:26 +01:00
return nil , status . NewPeerNotFoundError ( peerKey )
2024-05-31 16:41:12 +02:00
}
2024-10-09 14:33:58 +02:00
return nil , status . Errorf ( status . Internal , "issue getting peer from store: %s" , result . Error )
2024-05-31 16:41:12 +02:00
}
return & peer , nil
}
2024-09-16 15:47:03 +02:00
func ( s * SqlStore ) GetAccountSettings ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( * Settings , error ) {
2024-05-31 16:41:12 +02:00
var accountSettings AccountSettings
2024-11-08 15:49:00 +01:00
if err := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & Account { } ) . Where ( idQueryCondition , accountID ) . First ( & accountSettings ) . Error ; err != nil {
2024-05-31 16:41:12 +02:00
if errors . Is ( err , gorm . ErrRecordNotFound ) {
return nil , status . Errorf ( status . NotFound , "settings not found" )
}
2024-10-09 14:33:58 +02:00
return nil , status . Errorf ( status . Internal , "issue getting settings from store: %s" , err )
2024-05-31 16:41:12 +02:00
}
return accountSettings . Settings , nil
}
2024-11-19 21:42:27 +01:00
func ( s * SqlStore ) GetAccountCreatedBy ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( string , error ) {
var createdBy string
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & Account { } ) .
Select ( "created_by" ) . First ( & createdBy , idQueryCondition , accountID )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return "" , status . NewAccountNotFoundError ( accountID )
}
return "" , status . NewGetAccountFromStoreError ( result . Error )
}
return createdBy , nil
}
2023-10-12 15:42:36 +02:00
// SaveUserLastLogin stores the last login time for a user in DB.
2024-09-16 15:47:03 +02:00
func ( s * SqlStore ) SaveUserLastLogin ( ctx context . Context , accountID , userID string , lastLogin time . Time ) error {
2024-11-01 10:58:39 +01:00
var user User
2024-11-08 15:49:00 +01:00
result := s . db . First ( & user , accountAndIDQueryCondition , accountID , userID )
2023-10-12 15:42:36 +02:00
if result . Error != nil {
2024-03-10 19:09:45 +01:00
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-09-16 15:47:03 +02:00
return status . NewUserNotFoundError ( userID )
2024-03-10 19:09:45 +01:00
}
2024-09-16 15:47:03 +02:00
return status . NewGetUserFromStoreError ( )
2023-10-12 15:42:36 +02:00
}
2023-10-23 16:08:21 +02:00
user . LastLogin = lastLogin
2023-10-12 15:42:36 +02:00
2024-09-16 15:47:03 +02:00
return s . db . Save ( & user ) . Error
2023-10-12 15:42:36 +02:00
}
2024-05-30 15:22:42 +02:00
func ( s * SqlStore ) GetPostureCheckByChecksDefinition ( accountID string , checks * posture . ChecksDefinition ) ( * posture . Checks , error ) {
definitionJSON , err := json . Marshal ( checks )
if err != nil {
return nil , err
}
var postureCheck posture . Checks
err = s . db . Where ( "account_id = ? AND checks = ?" , accountID , string ( definitionJSON ) ) . First ( & postureCheck ) . Error
if err != nil {
return nil , err
}
return & postureCheck , nil
}
2024-02-22 12:27:08 +01:00
// Close closes the underlying DB connection
2024-07-03 11:33:02 +02:00
func ( s * SqlStore ) Close ( _ context . Context ) error {
2024-02-20 15:06:32 +01:00
sql , err := s . db . DB ( )
if err != nil {
2024-02-22 12:27:08 +01:00
return fmt . Errorf ( "get db: %w" , err )
2024-02-20 15:06:32 +01:00
}
return sql . Close ( )
2023-10-12 15:42:36 +02:00
}
2024-05-16 18:28:37 +02:00
// GetStoreEngine returns underlying store engine
func ( s * SqlStore ) GetStoreEngine ( ) StoreEngine {
return s . storeEngine
}
// NewSqliteStore creates a new SQLite store.
2024-07-03 11:33:02 +02:00
func NewSqliteStore ( ctx context . Context , dataDir string , metrics telemetry . AppMetrics ) ( * SqlStore , error ) {
2024-06-13 12:39:19 +02:00
storeStr := fmt . Sprintf ( "%s?cache=shared" , storeSqliteFileName )
2024-05-16 18:28:37 +02:00
if runtime . GOOS == "windows" {
// Vo avoid `The process cannot access the file because it is being used by another process` on Windows
2024-06-13 12:39:19 +02:00
storeStr = storeSqliteFileName
2024-05-16 18:28:37 +02:00
}
file := filepath . Join ( dataDir , storeStr )
2024-07-12 09:28:53 +02:00
db , err := gorm . Open ( sqlite . Open ( file ) , getGormConfig ( ) )
2024-05-16 18:28:37 +02:00
if err != nil {
return nil , err
}
2024-07-03 11:33:02 +02:00
return NewSqlStore ( ctx , db , SqliteStoreEngine , metrics )
2024-05-16 18:28:37 +02:00
}
// NewPostgresqlStore creates a new Postgres store.
2024-07-03 11:33:02 +02:00
func NewPostgresqlStore ( ctx context . Context , dsn string , metrics telemetry . AppMetrics ) ( * SqlStore , error ) {
2024-07-12 09:28:53 +02:00
db , err := gorm . Open ( postgres . Open ( dsn ) , getGormConfig ( ) )
2024-05-16 18:28:37 +02:00
if err != nil {
return nil , err
}
2024-07-03 11:33:02 +02:00
return NewSqlStore ( ctx , db , PostgresStoreEngine , metrics )
2023-10-12 15:42:36 +02:00
}
2024-04-18 18:14:21 +02:00
2024-07-12 09:28:53 +02:00
func getGormConfig ( ) * gorm . Config {
return & gorm . Config {
Logger : logger . Default . LogMode ( logger . Silent ) ,
CreateBatchSize : 400 ,
PrepareStmt : true ,
}
}
2024-06-13 12:39:19 +02:00
// newPostgresStore initializes a new Postgres store.
2024-07-03 11:33:02 +02:00
func newPostgresStore ( ctx context . Context , metrics telemetry . AppMetrics ) ( Store , error ) {
2024-06-13 12:39:19 +02:00
dsn , ok := os . LookupEnv ( postgresDsnEnv )
if ! ok {
return nil , fmt . Errorf ( "%s is not set" , postgresDsnEnv )
}
2024-07-03 11:33:02 +02:00
return NewPostgresqlStore ( ctx , dsn , metrics )
2024-06-13 12:39:19 +02:00
}
2024-05-16 18:28:37 +02:00
// NewSqliteStoreFromFileStore restores a store from FileStore and stores SQLite DB in the file located in datadir.
2024-07-03 11:33:02 +02:00
func NewSqliteStoreFromFileStore ( ctx context . Context , fileStore * FileStore , dataDir string , metrics telemetry . AppMetrics ) ( * SqlStore , error ) {
store , err := NewSqliteStore ( ctx , dataDir , metrics )
2024-05-16 18:28:37 +02:00
if err != nil {
return nil , err
}
2024-04-18 18:14:21 +02:00
2024-07-03 11:33:02 +02:00
err = store . SaveInstallationID ( ctx , fileStore . InstallationID )
2024-05-16 18:28:37 +02:00
if err != nil {
return nil , err
}
2024-07-03 11:33:02 +02:00
for _ , account := range fileStore . GetAllAccounts ( ctx ) {
err := store . SaveAccount ( ctx , account )
2024-05-16 18:28:37 +02:00
if err != nil {
return nil , err
2024-04-18 18:14:21 +02:00
}
}
2024-05-16 18:28:37 +02:00
return store , nil
2024-04-18 18:14:21 +02:00
}
2024-10-03 15:50:35 +02:00
// NewPostgresqlStoreFromSqlStore restores a store from SqlStore and stores Postgres DB.
func NewPostgresqlStoreFromSqlStore ( ctx context . Context , sqliteStore * SqlStore , dsn string , metrics telemetry . AppMetrics ) ( * SqlStore , error ) {
store , err := NewPostgresqlStore ( ctx , dsn , metrics )
if err != nil {
return nil , err
}
err = store . SaveInstallationID ( ctx , sqliteStore . GetInstallationID ( ) )
if err != nil {
return nil , err
}
for _ , account := range sqliteStore . GetAllAccounts ( ctx ) {
err := store . SaveAccount ( ctx , account )
if err != nil {
return nil , err
}
}
return store , nil
}
2024-09-16 15:47:03 +02:00
func ( s * SqlStore ) GetSetupKeyBySecret ( ctx context . Context , lockStrength LockingStrength , key string ) ( * SetupKey , error ) {
var setupKey SetupKey
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
2024-10-28 17:52:23 +01:00
First ( & setupKey , keyQueryCondition , key )
2024-09-16 15:47:03 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-11-11 17:46:10 +01:00
return nil , status . NewSetupKeyNotFoundError ( key )
2024-09-16 15:47:03 +02:00
}
2024-11-11 17:46:10 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to get setup key by secret from store: %v" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get setup key by secret from store" )
2024-09-16 15:47:03 +02:00
}
return & setupKey , nil
}
func ( s * SqlStore ) IncrementSetupKeyUsage ( ctx context . Context , setupKeyID string ) error {
2024-11-08 15:49:00 +01:00
result := s . db . Model ( & SetupKey { } ) .
2024-09-16 15:47:03 +02:00
Where ( idQueryCondition , setupKeyID ) .
Updates ( map [ string ] interface { } {
"used_times" : gorm . Expr ( "used_times + 1" ) ,
"last_used" : time . Now ( ) ,
} )
if result . Error != nil {
return status . Errorf ( status . Internal , "issue incrementing setup key usage count: %s" , result . Error )
}
if result . RowsAffected == 0 {
2024-11-11 17:46:10 +01:00
return status . NewSetupKeyNotFoundError ( setupKeyID )
2024-09-16 15:47:03 +02:00
}
return nil
}
func ( s * SqlStore ) AddPeerToAllGroup ( ctx context . Context , accountID string , peerID string ) error {
2024-11-01 10:58:39 +01:00
var group nbgroup . Group
2024-11-08 15:49:00 +01:00
result := s . db . Where ( "account_id = ? AND name = ?" , accountID , "All" ) . First ( & group )
2024-09-16 15:47:03 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return status . Errorf ( status . NotFound , "group 'All' not found for account" )
}
2024-10-09 14:33:58 +02:00
return status . Errorf ( status . Internal , "issue finding group 'All': %s" , result . Error )
2024-09-16 15:47:03 +02:00
}
for _ , existingPeerID := range group . Peers {
if existingPeerID == peerID {
return nil
}
}
group . Peers = append ( group . Peers , peerID )
if err := s . db . Save ( & group ) . Error ; err != nil {
2024-10-09 14:33:58 +02:00
return status . Errorf ( status . Internal , "issue updating group 'All': %s" , err )
2024-09-16 15:47:03 +02:00
}
return nil
}
func ( s * SqlStore ) AddPeerToGroup ( ctx context . Context , accountId string , peerId string , groupID string ) error {
2024-11-01 10:58:39 +01:00
var group nbgroup . Group
2024-11-08 15:49:00 +01:00
result := s . db . Where ( accountAndIDQueryCondition , accountId , groupID ) . First ( & group )
2024-09-16 15:47:03 +02:00
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-11-08 16:58:04 +01:00
return status . NewGroupNotFoundError ( groupID )
2024-09-16 15:47:03 +02:00
}
2024-11-08 15:49:00 +01:00
2024-10-09 14:33:58 +02:00
return status . Errorf ( status . Internal , "issue finding group: %s" , result . Error )
2024-09-16 15:47:03 +02:00
}
for _ , existingPeerID := range group . Peers {
if existingPeerID == peerId {
return nil
}
}
group . Peers = append ( group . Peers , peerId )
if err := s . db . Save ( & group ) . Error ; err != nil {
2024-10-09 14:33:58 +02:00
return status . Errorf ( status . Internal , "issue updating group: %s" , err )
2024-09-16 15:47:03 +02:00
}
return nil
}
2024-11-14 17:24:51 +01:00
// GetAccountPeers retrieves peers for an account.
func ( s * SqlStore ) GetAccountPeers ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * nbpeer . Peer , error ) {
var peers [ ] * nbpeer . Peer
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & peers , accountIDCondition , accountID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get peers from the store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get peers from store" )
}
return peers , nil
}
2024-10-04 16:17:01 +02:00
// GetUserPeers retrieves peers for a user.
func ( s * SqlStore ) GetUserPeers ( ctx context . Context , lockStrength LockingStrength , accountID , userID string ) ( [ ] * nbpeer . Peer , error ) {
2024-11-14 11:04:36 +01:00
var peers [ ] * nbpeer . Peer
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Find ( & peers , "account_id = ? AND user_id = ?" , accountID , userID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get peers from the store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get peers from store" )
}
return peers , nil
2024-10-04 16:17:01 +02:00
}
2024-09-16 15:47:03 +02:00
func ( s * SqlStore ) AddPeerToAccount ( ctx context . Context , peer * nbpeer . Peer ) error {
2024-11-08 15:49:00 +01:00
if err := s . db . Create ( peer ) . Error ; err != nil {
2024-10-09 14:33:58 +02:00
return status . Errorf ( status . Internal , "issue adding peer to account: %s" , err )
2024-09-16 15:47:03 +02:00
}
return nil
}
2024-11-08 16:39:36 +01:00
// GetPeerByID retrieves a peer by its ID and account ID.
func ( s * SqlStore ) GetPeerByID ( ctx context . Context , lockStrength LockingStrength , accountID , peerID string ) ( * nbpeer . Peer , error ) {
var peer * nbpeer . Peer
2024-11-08 17:48:13 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
2024-11-08 16:39:36 +01:00
First ( & peer , accountAndIDQueryCondition , accountID , peerID )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-11-19 08:47:26 +01:00
return nil , status . NewPeerNotFoundError ( peerID )
2024-11-08 16:39:36 +01:00
}
log . WithContext ( ctx ) . Errorf ( "failed to get peer from store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get peer from store" )
}
return peer , nil
}
2024-11-11 20:58:22 +01:00
// GetPeersByIDs retrieves peers by their IDs and account ID.
func ( s * SqlStore ) GetPeersByIDs ( ctx context . Context , lockStrength LockingStrength , accountID string , peerIDs [ ] string ) ( map [ string ] * nbpeer . Peer , error ) {
var peers [ ] * nbpeer . Peer
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & peers , accountAndIDsQueryCondition , accountID , peerIDs )
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get peers by ID's from the store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get peers by ID's from the store" )
}
peersMap := make ( map [ string ] * nbpeer . Peer )
for _ , peer := range peers {
peersMap [ peer . ID ] = peer
}
return peersMap , nil
}
2024-11-14 11:04:36 +01:00
// GetAccountPeersWithExpiration retrieves a list of peers that have login expiration enabled and added by a user.
func ( s * SqlStore ) GetAccountPeersWithExpiration ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * nbpeer . Peer , error ) {
var peers [ ] * nbpeer . Peer
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Where ( "login_expiration_enabled = ? AND user_id IS NOT NULL AND user_id != ''" , true ) .
Find ( & peers , accountIDCondition , accountID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get peers with expiration from the store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get peers with expiration from store" )
}
return peers , nil
}
// GetAccountPeersWithInactivity retrieves a list of peers that have login expiration enabled and added by a user.
func ( s * SqlStore ) GetAccountPeersWithInactivity ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * nbpeer . Peer , error ) {
var peers [ ] * nbpeer . Peer
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Where ( "inactivity_expiration_enabled = ? AND user_id IS NOT NULL AND user_id != ''" , true ) .
Find ( & peers , accountIDCondition , accountID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get peers with inactivity from the store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get peers with inactivity from store" )
}
return peers , nil
}
// GetAllEphemeralPeers retrieves all peers with Ephemeral set to true across all accounts, optimized for batch processing.
func ( s * SqlStore ) GetAllEphemeralPeers ( ctx context . Context , lockStrength LockingStrength ) ( [ ] * nbpeer . Peer , error ) {
var allEphemeralPeers , batchPeers [ ] * nbpeer . Peer
result := s . db . WithContext ( ctx ) . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Where ( "ephemeral = ?" , true ) .
FindInBatches ( & batchPeers , 1000 , func ( tx * gorm . DB , batch int ) error {
allEphemeralPeers = append ( allEphemeralPeers , batchPeers ... )
return nil
} )
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to retrieve ephemeral peers: %s" , result . Error )
return nil , fmt . Errorf ( "failed to retrieve ephemeral peers" )
}
return allEphemeralPeers , nil
}
// DeletePeer removes a peer from the store.
func ( s * SqlStore ) DeletePeer ( ctx context . Context , lockStrength LockingStrength , accountID string , peerID string ) error {
result := s . db . WithContext ( ctx ) . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Delete ( & nbpeer . Peer { } , accountAndIDQueryCondition , accountID , peerID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to delete peer from the store: %s" , err )
return status . Errorf ( status . Internal , "failed to delete peer from store" )
}
if result . RowsAffected == 0 {
2024-11-19 08:47:26 +01:00
return status . NewPeerNotFoundError ( peerID )
2024-11-14 11:04:36 +01:00
}
return nil
}
2024-11-08 16:39:36 +01:00
func ( s * SqlStore ) IncrementNetworkSerial ( ctx context . Context , lockStrength LockingStrength , accountId string ) error {
2024-11-11 20:29:59 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
2024-11-08 16:39:36 +01:00
Model ( & Account { } ) . Where ( idQueryCondition , accountId ) . Update ( "network_serial" , gorm . Expr ( "network_serial + 1" ) )
2024-09-16 15:47:03 +02:00
if result . Error != nil {
2024-11-11 20:29:59 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to increment network serial count in store: %v" , result . Error )
return status . Errorf ( status . Internal , "failed to increment network serial count in store" )
2024-09-16 15:47:03 +02:00
}
return nil
}
func ( s * SqlStore ) ExecuteInTransaction ( ctx context . Context , operation func ( store Store ) error ) error {
2024-11-08 15:49:00 +01:00
tx := s . db . Begin ( )
2024-09-16 15:47:03 +02:00
if tx . Error != nil {
return tx . Error
}
repo := s . withTx ( tx )
err := operation ( repo )
if err != nil {
tx . Rollback ( )
return err
}
return tx . Commit ( ) . Error
}
func ( s * SqlStore ) withTx ( tx * gorm . DB ) Store {
return & SqlStore {
2024-11-08 23:16:03 +01:00
db : tx ,
storeEngine : s . storeEngine ,
2024-09-16 15:47:03 +02:00
}
}
2024-09-25 18:22:27 +02:00
func ( s * SqlStore ) GetDB ( ) * gorm . DB {
return s . db
}
2024-09-27 16:10:50 +02:00
func ( s * SqlStore ) GetAccountDNSSettings ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( * DNSSettings , error ) {
2024-11-01 10:58:39 +01:00
var accountDNSSettings AccountDNSSettings
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & Account { } ) .
2024-09-27 16:10:50 +02:00
First ( & accountDNSSettings , idQueryCondition , accountID )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-11-13 11:15:47 +01:00
return nil , status . NewAccountNotFoundError ( accountID )
2024-09-27 16:10:50 +02:00
}
2024-11-13 11:15:47 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to get dns settings from store: %v" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get dns settings from store" )
2024-09-27 16:10:50 +02:00
}
return & accountDNSSettings . DNSSettings , nil
}
// AccountExists checks whether an account exists by the given ID.
func ( s * SqlStore ) AccountExists ( ctx context . Context , lockStrength LockingStrength , id string ) ( bool , error ) {
2024-11-01 10:58:39 +01:00
var accountID string
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & Account { } ) .
2024-09-27 16:10:50 +02:00
Select ( "id" ) . First ( & accountID , idQueryCondition , id )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return false , nil
}
return false , result . Error
}
return accountID != "" , nil
}
// GetAccountDomainAndCategory retrieves the Domain and DomainCategory fields for an account based on the given accountID.
func ( s * SqlStore ) GetAccountDomainAndCategory ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( string , string , error ) {
2024-11-01 10:58:39 +01:00
var account Account
2024-11-08 15:49:00 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & Account { } ) . Select ( "domain" , "domain_category" ) .
2024-09-27 16:10:50 +02:00
Where ( idQueryCondition , accountID ) . First ( & account )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return "" , "" , status . Errorf ( status . NotFound , "account not found" )
}
return "" , "" , status . Errorf ( status . Internal , "failed to get domain category from store: %v" , result . Error )
}
return account . Domain , account . DomainCategory , nil
}
// GetGroupByID retrieves a group by ID and account ID.
2024-11-08 16:39:36 +01:00
func ( s * SqlStore ) GetGroupByID ( ctx context . Context , lockStrength LockingStrength , accountID , groupID string ) ( * nbgroup . Group , error ) {
var group * nbgroup . Group
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . First ( & group , accountAndIDQueryCondition , accountID , groupID )
if err := result . Error ; err != nil {
if errors . Is ( err , gorm . ErrRecordNotFound ) {
2024-11-08 16:58:04 +01:00
return nil , status . NewGroupNotFoundError ( groupID )
2024-11-08 16:39:36 +01:00
}
log . WithContext ( ctx ) . Errorf ( "failed to get group from store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get group from store" )
}
return group , nil
2024-09-27 16:10:50 +02:00
}
// GetGroupByName retrieves a group by name and account ID.
2024-11-08 16:39:36 +01:00
func ( s * SqlStore ) GetGroupByName ( ctx context . Context , lockStrength LockingStrength , accountID , groupName string ) ( * nbgroup . Group , error ) {
2024-09-27 16:10:50 +02:00
var group nbgroup . Group
2024-10-16 17:55:30 +02:00
// TODO: This fix is accepted for now, but if we need to handle this more frequently
// we may need to reconsider changing the types.
2024-11-08 16:39:36 +01:00
query := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Preload ( clause . Associations )
2024-10-16 17:55:30 +02:00
if s . storeEngine == PostgresStoreEngine {
query = query . Order ( "json_array_length(peers::json) DESC" )
} else {
query = query . Order ( "json_array_length(peers) DESC" )
}
2024-11-08 16:39:36 +01:00
result := query . First ( & group , "account_id = ? AND name = ?" , accountID , groupName )
2024-09-27 16:10:50 +02:00
if err := result . Error ; err != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
2024-11-08 16:58:04 +01:00
return nil , status . NewGroupNotFoundError ( groupName )
2024-09-27 16:10:50 +02:00
}
2024-11-08 16:39:36 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to get group by name from store: %v" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get group by name from store" )
2024-09-27 16:10:50 +02:00
}
return & group , nil
}
2024-11-11 17:46:10 +01:00
// GetGroupsByIDs retrieves groups by their IDs and account ID.
func ( s * SqlStore ) GetGroupsByIDs ( ctx context . Context , lockStrength LockingStrength , accountID string , groupIDs [ ] string ) ( map [ string ] * nbgroup . Group , error ) {
var groups [ ] * nbgroup . Group
2024-11-11 20:29:59 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & groups , accountAndIDsQueryCondition , accountID , groupIDs )
2024-11-11 17:46:10 +01:00
if result . Error != nil {
2024-11-12 16:53:10 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to get groups by ID's from store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get groups by ID's from store" )
2024-11-11 17:46:10 +01:00
}
groupsMap := make ( map [ string ] * nbgroup . Group )
for _ , group := range groups {
groupsMap [ group . ID ] = group
}
return groupsMap , nil
}
2024-10-04 16:17:01 +02:00
// SaveGroup saves a group to the store.
func ( s * SqlStore ) SaveGroup ( ctx context . Context , lockStrength LockingStrength , group * nbgroup . Group ) error {
2024-11-08 16:39:36 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Save ( group )
2024-10-04 16:17:01 +02:00
if result . Error != nil {
2024-11-08 16:39:36 +01:00
log . WithContext ( ctx ) . Errorf ( "failed to save group to store: %v" , result . Error )
return status . Errorf ( status . Internal , "failed to save group to store" )
2024-10-04 16:17:01 +02:00
}
return nil
}
2024-11-08 16:39:36 +01:00
// DeleteGroup deletes a group from the database.
func ( s * SqlStore ) DeleteGroup ( ctx context . Context , lockStrength LockingStrength , accountID , groupID string ) error {
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Delete ( & nbgroup . Group { } , accountAndIDQueryCondition , accountID , groupID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to delete group from store: %s" , result . Error )
return status . Errorf ( status . Internal , "failed to delete group from store" )
}
if result . RowsAffected == 0 {
2024-11-08 16:58:04 +01:00
return status . NewGroupNotFoundError ( groupID )
2024-11-08 16:39:36 +01:00
}
return nil
}
// DeleteGroups deletes groups from the database.
func ( s * SqlStore ) DeleteGroups ( ctx context . Context , strength LockingStrength , accountID string , groupIDs [ ] string ) error {
result := s . db . Clauses ( clause . Locking { Strength : string ( strength ) } ) .
2024-11-11 20:29:59 +01:00
Delete ( & nbgroup . Group { } , accountAndIDsQueryCondition , accountID , groupIDs )
2024-11-08 16:39:36 +01:00
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to delete groups from store: %v" , result . Error )
return status . Errorf ( status . Internal , "failed to delete groups from store: %v" , result . Error )
}
return nil
}
2024-09-27 16:10:50 +02:00
// GetAccountPolicies retrieves policies for an account.
func ( s * SqlStore ) GetAccountPolicies ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * Policy , error ) {
2024-11-12 09:17:16 +01:00
var policies [ ] * Policy
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Preload ( clause . Associations ) . Find ( & policies , accountIDCondition , accountID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get policies from the store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get policies from store" )
}
return policies , nil
2024-09-27 16:10:50 +02:00
}
// GetPolicyByID retrieves a policy by its ID and account ID.
2024-11-12 09:17:16 +01:00
func ( s * SqlStore ) GetPolicyByID ( ctx context . Context , lockStrength LockingStrength , accountID , policyID string ) ( * Policy , error ) {
var policy * Policy
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Preload ( clause . Associations ) .
First ( & policy , accountAndIDQueryCondition , accountID , policyID )
if err := result . Error ; err != nil {
if errors . Is ( err , gorm . ErrRecordNotFound ) {
return nil , status . NewPolicyNotFoundError ( policyID )
}
log . WithContext ( ctx ) . Errorf ( "failed to get policy from store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get policy from store" )
}
return policy , nil
}
func ( s * SqlStore ) CreatePolicy ( ctx context . Context , lockStrength LockingStrength , policy * Policy ) error {
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Create ( policy )
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to create policy in store: %s" , result . Error )
return status . Errorf ( status . Internal , "failed to create policy in store" )
}
return nil
}
// SavePolicy saves a policy to the database.
func ( s * SqlStore ) SavePolicy ( ctx context . Context , lockStrength LockingStrength , policy * Policy ) error {
result := s . db . Session ( & gorm . Session { FullSaveAssociations : true } ) .
Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Save ( policy )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to save policy to the store: %s" , err )
return status . Errorf ( status . Internal , "failed to save policy to store" )
}
return nil
}
func ( s * SqlStore ) DeletePolicy ( ctx context . Context , lockStrength LockingStrength , accountID , policyID string ) error {
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Delete ( & Policy { } , accountAndIDQueryCondition , accountID , policyID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to delete policy from store: %s" , err )
return status . Errorf ( status . Internal , "failed to delete policy from store" )
}
if result . RowsAffected == 0 {
return status . NewPolicyNotFoundError ( policyID )
}
return nil
2024-09-27 16:10:50 +02:00
}
// GetAccountPostureChecks retrieves posture checks for an account.
func ( s * SqlStore ) GetAccountPostureChecks ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * posture . Checks , error ) {
2024-11-11 10:37:19 +01:00
var postureChecks [ ] * posture . Checks
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & postureChecks , accountIDCondition , accountID )
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get posture checks from store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get posture checks from store" )
}
return postureChecks , nil
2024-09-27 16:10:50 +02:00
}
// GetPostureChecksByID retrieves posture checks by their ID and account ID.
2024-11-11 10:37:19 +01:00
func ( s * SqlStore ) GetPostureChecksByID ( ctx context . Context , lockStrength LockingStrength , accountID , postureChecksID string ) ( * posture . Checks , error ) {
var postureCheck * posture . Checks
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
First ( & postureCheck , accountAndIDQueryCondition , accountID , postureChecksID )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . NewPostureChecksNotFoundError ( postureChecksID )
}
log . WithContext ( ctx ) . Errorf ( "failed to get posture check from store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get posture check from store" )
}
return postureCheck , nil
}
2024-11-12 16:53:10 +01:00
// GetPostureChecksByIDs retrieves posture checks by their IDs and account ID.
func ( s * SqlStore ) GetPostureChecksByIDs ( ctx context . Context , lockStrength LockingStrength , accountID string , postureChecksIDs [ ] string ) ( map [ string ] * posture . Checks , error ) {
var postureChecks [ ] * posture . Checks
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & postureChecks , accountAndIDsQueryCondition , accountID , postureChecksIDs )
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get posture checks by ID's from store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get posture checks by ID's from store" )
}
postureChecksMap := make ( map [ string ] * posture . Checks )
for _ , postureCheck := range postureChecks {
postureChecksMap [ postureCheck . ID ] = postureCheck
}
return postureChecksMap , nil
}
2024-11-11 10:37:19 +01:00
// SavePostureChecks saves a posture checks to the database.
func ( s * SqlStore ) SavePostureChecks ( ctx context . Context , lockStrength LockingStrength , postureCheck * posture . Checks ) error {
2024-11-12 09:17:16 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Save ( postureCheck )
2024-11-11 10:37:19 +01:00
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to save posture checks to store: %s" , result . Error )
return status . Errorf ( status . Internal , "failed to save posture checks to store" )
}
return nil
}
// DeletePostureChecks deletes a posture checks from the database.
func ( s * SqlStore ) DeletePostureChecks ( ctx context . Context , lockStrength LockingStrength , accountID , postureChecksID string ) error {
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Delete ( & posture . Checks { } , accountAndIDQueryCondition , accountID , postureChecksID )
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to delete posture checks from store: %s" , result . Error )
return status . Errorf ( status . Internal , "failed to delete posture checks from store" )
}
if result . RowsAffected == 0 {
return status . NewPostureChecksNotFoundError ( postureChecksID )
}
return nil
2024-09-27 16:10:50 +02:00
}
// GetAccountRoutes retrieves network routes for an account.
func ( s * SqlStore ) GetAccountRoutes ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * route . Route , error ) {
2024-11-08 15:49:00 +01:00
return getRecords [ * route . Route ] ( s . db , lockStrength , accountID )
2024-09-27 16:10:50 +02:00
}
// GetRouteByID retrieves a route by its ID and account ID.
func ( s * SqlStore ) GetRouteByID ( ctx context . Context , lockStrength LockingStrength , routeID string , accountID string ) ( * route . Route , error ) {
2024-11-08 15:49:00 +01:00
return getRecordByID [ route . Route ] ( s . db , lockStrength , routeID , accountID )
2024-09-27 16:10:50 +02:00
}
// GetAccountSetupKeys retrieves setup keys for an account.
func ( s * SqlStore ) GetAccountSetupKeys ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * SetupKey , error ) {
2024-11-07 22:31:41 +01:00
var setupKeys [ ] * SetupKey
2024-11-11 17:46:10 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
2024-11-07 22:31:41 +01:00
Find ( & setupKeys , accountIDCondition , accountID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get setup keys from the store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get setup keys from store" )
}
return setupKeys , nil
2024-09-27 16:10:50 +02:00
}
// GetSetupKeyByID retrieves a setup key by its ID and account ID.
2024-11-07 22:31:41 +01:00
func ( s * SqlStore ) GetSetupKeyByID ( ctx context . Context , lockStrength LockingStrength , accountID , setupKeyID string ) ( * SetupKey , error ) {
var setupKey * SetupKey
2024-11-11 17:46:10 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
2024-11-07 22:31:41 +01:00
First ( & setupKey , accountAndIDQueryCondition , accountID , setupKeyID )
if err := result . Error ; err != nil {
if errors . Is ( err , gorm . ErrRecordNotFound ) {
2024-11-11 17:46:10 +01:00
return nil , status . NewSetupKeyNotFoundError ( setupKeyID )
2024-11-07 22:31:41 +01:00
}
log . WithContext ( ctx ) . Errorf ( "failed to get setup key from the store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get setup key from store" )
}
return setupKey , nil
}
// SaveSetupKey saves a setup key to the database.
func ( s * SqlStore ) SaveSetupKey ( ctx context . Context , lockStrength LockingStrength , setupKey * SetupKey ) error {
2024-11-11 17:46:10 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Save ( setupKey )
2024-11-07 22:31:41 +01:00
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to save setup key to store: %s" , result . Error )
return status . Errorf ( status . Internal , "failed to save setup key to store" )
}
return nil
}
// DeleteSetupKey deletes a setup key from the database.
func ( s * SqlStore ) DeleteSetupKey ( ctx context . Context , lockStrength LockingStrength , accountID , keyID string ) error {
2024-11-11 17:46:10 +01:00
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Delete ( & SetupKey { } , accountAndIDQueryCondition , accountID , keyID )
2024-11-07 22:31:41 +01:00
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to delete setup key from store: %s" , result . Error )
return status . Errorf ( status . Internal , "failed to delete setup key from store" )
}
if result . RowsAffected == 0 {
2024-11-11 17:46:10 +01:00
return status . NewSetupKeyNotFoundError ( keyID )
2024-11-07 22:31:41 +01:00
}
return nil
2024-09-27 16:10:50 +02:00
}
// GetAccountNameServerGroups retrieves name server groups for an account.
func ( s * SqlStore ) GetAccountNameServerGroups ( ctx context . Context , lockStrength LockingStrength , accountID string ) ( [ ] * nbdns . NameServerGroup , error ) {
2024-11-13 18:41:30 +01:00
var nsGroups [ ] * nbdns . NameServerGroup
result := s . db . WithContext ( ctx ) . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & nsGroups , accountIDCondition , accountID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get name server groups from the store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get name server groups from store" )
}
return nsGroups , nil
2024-09-27 16:10:50 +02:00
}
// GetNameServerGroupByID retrieves a name server group by its ID and account ID.
2024-11-13 18:41:30 +01:00
func ( s * SqlStore ) GetNameServerGroupByID ( ctx context . Context , lockStrength LockingStrength , accountID , nsGroupID string ) ( * nbdns . NameServerGroup , error ) {
var nsGroup * nbdns . NameServerGroup
result := s . db . WithContext ( ctx ) . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
First ( & nsGroup , accountAndIDQueryCondition , accountID , nsGroupID )
if err := result . Error ; err != nil {
if errors . Is ( err , gorm . ErrRecordNotFound ) {
return nil , status . NewNameServerGroupNotFoundError ( nsGroupID )
}
log . WithContext ( ctx ) . Errorf ( "failed to get name server group from the store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get name server group from store" )
}
return nsGroup , nil
}
// SaveNameServerGroup saves a name server group to the database.
func ( s * SqlStore ) SaveNameServerGroup ( ctx context . Context , lockStrength LockingStrength , nameServerGroup * nbdns . NameServerGroup ) error {
result := s . db . WithContext ( ctx ) . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Save ( nameServerGroup )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to save name server group to the store: %s" , err )
return status . Errorf ( status . Internal , "failed to save name server group to store" )
}
return nil
}
// DeleteNameServerGroup deletes a name server group from the database.
func ( s * SqlStore ) DeleteNameServerGroup ( ctx context . Context , lockStrength LockingStrength , accountID , nsGroupID string ) error {
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Delete ( & nbdns . NameServerGroup { } , accountAndIDQueryCondition , accountID , nsGroupID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to delete name server group from the store: %s" , err )
return status . Errorf ( status . Internal , "failed to delete name server group from store" )
}
if result . RowsAffected == 0 {
return status . NewNameServerGroupNotFoundError ( nsGroupID )
}
return nil
2024-09-27 16:10:50 +02:00
}
// getRecords retrieves records from the database based on the account ID.
func getRecords [ T any ] ( db * gorm . DB , lockStrength LockingStrength , accountID string ) ( [ ] T , error ) {
var record [ ] T
result := db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & record , accountIDCondition , accountID )
if err := result . Error ; err != nil {
parts := strings . Split ( fmt . Sprintf ( "%T" , record ) , "." )
recordType := parts [ len ( parts ) - 1 ]
return nil , status . Errorf ( status . Internal , "failed to get account %ss from store: %v" , recordType , err )
}
return record , nil
}
// getRecordByID retrieves a record by its ID and account ID from the database.
func getRecordByID [ T any ] ( db * gorm . DB , lockStrength LockingStrength , recordID , accountID string ) ( * T , error ) {
var record T
result := db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
First ( & record , accountAndIDQueryCondition , accountID , recordID )
if err := result . Error ; err != nil {
parts := strings . Split ( fmt . Sprintf ( "%T" , record ) , "." )
recordType := parts [ len ( parts ) - 1 ]
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . Errorf ( status . NotFound , "%s not found" , recordType )
}
return nil , status . Errorf ( status . Internal , "failed to get %s from store: %v" , recordType , err )
}
return & record , nil
}
2024-11-13 11:15:47 +01:00
// SaveDNSSettings saves the DNS settings to the store.
func ( s * SqlStore ) SaveDNSSettings ( ctx context . Context , lockStrength LockingStrength , accountID string , settings * DNSSettings ) error {
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Model ( & Account { } ) .
Where ( idQueryCondition , accountID ) . Updates ( & AccountDNSSettings { DNSSettings : * settings } )
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to save dns settings to store: %v" , result . Error )
return status . Errorf ( status . Internal , "failed to save dns settings to store" )
}
if result . RowsAffected == 0 {
return status . NewAccountNotFoundError ( accountID )
}
return nil
}
2024-11-19 21:42:27 +01:00
// GetPATByHashedToken returns a PersonalAccessToken by its hashed token.
func ( s * SqlStore ) GetPATByHashedToken ( ctx context . Context , lockStrength LockingStrength , hashedToken string ) ( * PersonalAccessToken , error ) {
var pat PersonalAccessToken
result := s . db . WithContext ( ctx ) . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . First ( & pat , "hashed_token = ?" , hashedToken )
if result . Error != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . NewPATNotFoundError ( hashedToken )
}
log . WithContext ( ctx ) . Errorf ( "failed to get pat by hash from the store: %s" , result . Error )
return nil , status . Errorf ( status . Internal , "failed to get pat by hash from store" )
}
return & pat , nil
}
// GetPATByID retrieves a personal access token by its ID and user ID.
func ( s * SqlStore ) GetPATByID ( ctx context . Context , lockStrength LockingStrength , userID string , patID string ) ( * PersonalAccessToken , error ) {
var pat PersonalAccessToken
result := s . db . WithContext ( ctx ) . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
First ( & pat , "id = ? AND user_id = ?" , patID , userID )
if err := result . Error ; err != nil {
if errors . Is ( result . Error , gorm . ErrRecordNotFound ) {
return nil , status . NewPATNotFoundError ( patID )
}
log . WithContext ( ctx ) . Errorf ( "failed to get pat from the store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get pat from store" )
}
return & pat , nil
}
// GetUserPATs retrieves personal access tokens for a user.
func ( s * SqlStore ) GetUserPATs ( ctx context . Context , lockStrength LockingStrength , userID string ) ( [ ] * PersonalAccessToken , error ) {
var pats [ ] * PersonalAccessToken
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Find ( & pats , "user_id = ?" , userID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to get user pat's from the store: %s" , err )
return nil , status . Errorf ( status . Internal , "failed to get user pat's from store" )
}
return pats , nil
}
// MarkPATUsed marks a personal access token as used.
func ( s * SqlStore ) MarkPATUsed ( ctx context . Context , lockStrength LockingStrength , patID string ) error {
patCopy := PersonalAccessToken {
LastUsed : time . Now ( ) . UTC ( ) ,
}
fieldsToUpdate := [ ] string { "last_used" }
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Select ( fieldsToUpdate ) .
Where ( idQueryCondition , patID ) . Updates ( & patCopy )
if result . Error != nil {
log . WithContext ( ctx ) . Errorf ( "failed to mark pat as used: %s" , result . Error )
return status . Errorf ( status . Internal , "failed to mark pat as used" )
}
if result . RowsAffected == 0 {
return status . NewPATNotFoundError ( patID )
}
return nil
}
// SavePAT saves a personal access token to the database.
func ( s * SqlStore ) SavePAT ( ctx context . Context , lockStrength LockingStrength , pat * PersonalAccessToken ) error {
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) . Save ( pat )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to save pat to the store: %s" , err )
return status . Errorf ( status . Internal , "failed to save pat to store" )
}
return nil
}
// DeletePAT deletes a personal access token from the database.
func ( s * SqlStore ) DeletePAT ( ctx context . Context , lockStrength LockingStrength , userID , patID string ) error {
result := s . db . Clauses ( clause . Locking { Strength : string ( lockStrength ) } ) .
Delete ( & PersonalAccessToken { } , "user_id = ? AND id = ?" , userID , patID )
if err := result . Error ; err != nil {
log . WithContext ( ctx ) . Errorf ( "failed to delete pat from the store: %s" , err )
return status . Errorf ( status . Internal , "failed to delete pat from store" )
}
if result . RowsAffected == 0 {
return status . NewPATNotFoundError ( patID )
}
return nil
}