wire up permission mode and access grant list in share handler (#432)

This commit is contained in:
Michael Quigley 2024-03-04 12:55:04 -05:00
parent dce32b58d2
commit d2f747db27
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
2 changed files with 28 additions and 1 deletions

View File

@ -54,6 +54,19 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
return share.NewShareUnauthorized()
}
var accessGrantAcctIds []int
if store.PermissionMode(params.Body.PermissionMode) == store.ClosedPermissionMode {
for _, email := range params.Body.AccessGrants {
acct, err := str.FindAccountWithEmail(email, trx)
if err != nil {
logrus.Errorf("unable to find account '%v' for share request from '%v'", email, principal.Email)
return share.NewShareNotFound()
}
logrus.Debugf("found id '%d' for '%v'", acct.Id, acct.Email)
accessGrantAcctIds = append(accessGrantAcctIds, acct.Id)
}
}
edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil {
logrus.Error(err)
@ -126,6 +139,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
}
logrus.Debugf("allocated share '%v'", shrToken)
logrus.Infof("permission mode '%v'", params.Body.PermissionMode)
sshr := &store.Share{
ZId: shrZId,
@ -136,6 +150,9 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
Reserved: reserved,
PermissionMode: store.OpenPermissionMode,
}
if params.Body.PermissionMode != "" {
sshr.PermissionMode = store.PermissionMode(params.Body.PermissionMode)
}
if len(params.Body.FrontendSelection) > 0 {
sshr.FrontendSelection = &params.Body.FrontendSelection[0]
}
@ -151,6 +168,16 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
return share.NewShareInternalServerError()
}
if sshr.PermissionMode == store.ClosedPermissionMode {
for _, acctId := range accessGrantAcctIds {
_, err := str.CreateAccessGrant(sid, acctId, trx)
if err != nil {
logrus.Errorf("error creating access grant for '%v': %v", principal.Email, err)
return share.NewShareInternalServerError()
}
}
}
if err := trx.Commit(); err != nil {
logrus.Errorf("error committing share record: %v", err)
return share.NewShareInternalServerError()

View File

@ -11,7 +11,7 @@ type AccessGrant struct {
AccountId int
}
func (str *Store) CreateAccessGrant(shareId, accountId, tx *sqlx.Tx) (int, error) {
func (str *Store) CreateAccessGrant(shareId, accountId int, tx *sqlx.Tx) (int, error) {
stmt, err := tx.Prepare("insert into access_grants (share_id, account_id) values ($1, $2) returning id")
if err != nil {
return 0, errors.Wrap(err, "error preparing access_grant insert statement")