mirror of
https://github.com/openziti/zrok.git
synced 2024-11-07 08:44:14 +01:00
full 'zrok modify share' implementation (#432)
This commit is contained in:
parent
749e229505
commit
466e695b1c
@ -23,11 +23,12 @@ type modifyShareCommand struct {
|
||||
func newModifyShareCommand() *modifyShareCommand {
|
||||
cmd := &cobra.Command{
|
||||
Use: "share <shareToken>",
|
||||
Args: cobra.ExactArgs(1),
|
||||
Short: "Modify a share",
|
||||
}
|
||||
command := &modifyShareCommand{cmd: cmd}
|
||||
cmd.Flags().StringArrayVar(&command.addAccessGrants, "add-access-grant", []string{}, "Add an additional access grant")
|
||||
cmd.Flags().StringArrayVar(&command.removeAccessGrants, "remove-access-grant", []string{}, "Remove an access grant")
|
||||
cmd.Flags().StringArrayVar(&command.addAccessGrants, "add-access-grant", []string{}, "Add an access grant (email address)")
|
||||
cmd.Flags().StringArrayVar(&command.removeAccessGrants, "remove-access-grant", []string{}, "Remove an access grant (email address)")
|
||||
cmd.Run = command.run
|
||||
return command
|
||||
}
|
||||
|
@ -25,7 +25,7 @@ func (str *Store) CreateAccessGrant(shareId, accountId int, tx *sqlx.Tx) (int, e
|
||||
|
||||
func (str *Store) CheckAccessGrantForShareAndAccount(shrId, acctId int, tx *sqlx.Tx) (int, error) {
|
||||
count := 0
|
||||
err := tx.QueryRowx("select count(0) from access_grants where share_id = $1 and account_id = $2", shrId, acctId).Scan(&count)
|
||||
err := tx.QueryRowx("select count(0) from access_grants where share_id = $1 and account_id = $2 and not deleted", shrId, acctId).Scan(&count)
|
||||
if err != nil {
|
||||
return 0, errors.Wrap(err, "error selecting access_grants by share_id and account_id")
|
||||
}
|
||||
@ -43,3 +43,15 @@ func (str *Store) DeleteAccessGrantsForShare(shrId int, tx *sqlx.Tx) error {
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (str *Store) DeleteAccessGrantsForShareAndAccount(shrId, acctId int, tx *sqlx.Tx) error {
|
||||
stmt, err := tx.Prepare("update access_grants set updated_at = current_timestamp, deleted = true where share_id = $1 and account_id = $2")
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "error preparing access_grants delete for share and account statement")
|
||||
}
|
||||
_, err = stmt.Exec(shrId, acctId)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "error executing access_grants delete for share and account statement")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
@ -48,15 +48,49 @@ func (h *updateShareHandler) Handle(params share.UpdateShareParams, principal *r
|
||||
return share.NewUpdateShareNotFound()
|
||||
}
|
||||
|
||||
sshr.BackendProxyEndpoint = &backendProxyEndpoint
|
||||
if err := str.UpdateShare(sshr, tx); err != nil {
|
||||
logrus.Errorf("error updating share '%v': %v", shrToken, err)
|
||||
return share.NewUpdateShareInternalServerError()
|
||||
doCommit := false
|
||||
if backendProxyEndpoint != "" {
|
||||
sshr.BackendProxyEndpoint = &backendProxyEndpoint
|
||||
if err := str.UpdateShare(sshr, tx); err != nil {
|
||||
logrus.Errorf("error updating share '%v': %v", shrToken, err)
|
||||
return share.NewUpdateShareInternalServerError()
|
||||
}
|
||||
doCommit = true
|
||||
}
|
||||
|
||||
if err := tx.Commit(); err != nil {
|
||||
logrus.Errorf("error committing transaction for share '%v' update: %v", shrToken, err)
|
||||
return share.NewUpdateShareInternalServerError()
|
||||
for _, addr := range params.Body.AddAccessGrants {
|
||||
acct, err := str.FindAccountWithEmail(addr, tx)
|
||||
if err != nil {
|
||||
logrus.Errorf("error looking up account by email '%v' for user '%v': %v", addr, principal.Email, err)
|
||||
return share.NewUpdateShareBadRequest()
|
||||
}
|
||||
if _, err := str.CreateAccessGrant(sshr.Id, acct.Id, tx); err != nil {
|
||||
logrus.Errorf("error adding access grant '%v' for share '%v': %v", acct.Email, shrToken, err)
|
||||
return share.NewUpdateShareInternalServerError()
|
||||
}
|
||||
logrus.Infof("added access grant '%v' to share '%v'", acct.Email, shrToken)
|
||||
doCommit = true
|
||||
}
|
||||
|
||||
for _, addr := range params.Body.RemoveAccessGrants {
|
||||
acct, err := str.FindAccountWithEmail(addr, tx)
|
||||
if err != nil {
|
||||
logrus.Errorf("error looking up account by email '%v' for user '%v': %v", addr, principal.Email, err)
|
||||
return share.NewUpdateShareBadRequest()
|
||||
}
|
||||
if err := str.DeleteAccessGrantsForShareAndAccount(sshr.Id, acct.Id, tx); err != nil {
|
||||
logrus.Errorf("error removing access grant '%v' for share '%v': %v", acct.Email, shrToken, err)
|
||||
return share.NewUpdateShareInternalServerError()
|
||||
}
|
||||
logrus.Infof("removed access grant '%v' from share '%v'", acct.Email, shrToken)
|
||||
doCommit = true
|
||||
}
|
||||
|
||||
if doCommit {
|
||||
if err := tx.Commit(); err != nil {
|
||||
logrus.Errorf("error committing transaction for share '%v' update: %v", shrToken, err)
|
||||
return share.NewUpdateShareInternalServerError()
|
||||
}
|
||||
}
|
||||
|
||||
return share.NewUpdateShareOK()
|
||||
|
Loading…
Reference in New Issue
Block a user