Add project secret & bug fix

2025-12-10 21:48:52 +00:00 · 2019-02-19 19:38:54 -05:00
parent 94c3ce3267
commit f235bfb588
27 changed files with 443 additions and 54 deletions
--- a/api/main.go
+++ b/api/main.go
@@ -91,6 +91,8 @@ func New() *WebAPI {
 	api.router.POST("/project/request_access", LogRequestMiddleware(api.CreateWorkerAccess))
 	api.router.POST("/project/accept_request/:id/:wid", LogRequestMiddleware(api.AcceptAccessRequest))
 	api.router.POST("/project/reject_request/:id/:wid", LogRequestMiddleware(api.RejectAccessRequest))
+	api.router.GET("/project/secret/:id", LogRequestMiddleware(api.GetSecret))
+	api.router.POST("/project/secret/:id", LogRequestMiddleware(api.SetSecret))

 	api.router.POST("/task/submit", LogRequestMiddleware(api.SubmitTask))
 	api.router.GET("/task/get/:project", LogRequestMiddleware(api.GetTaskFromProject))
--- a/api/models.go
+++ b/api/models.go
@@ -214,6 +214,10 @@ type ReleaseTaskRequest struct {
 	Verification int64              `json:"verification"`
 }

+func (r *ReleaseTaskRequest) IsValid() bool {
+	return r.TaskId != 0
+}
+
 type ReleaseTaskResponse struct {
 	Updated bool `json:"updated"`
 }
@@ -276,3 +280,11 @@ type Info struct {
 	Name    string `json:"name"`
 	Version string `json:"version"`
 }
+
+type SetSecretRequest struct {
+	Secret string `json:"secret"`
+}
+
+type GetSecretResponse struct {
+	Secret string `json:"secret"`
+}
--- a/api/project.go
+++ b/api/project.go
@@ -10,7 +10,13 @@ import (
 func (api *WebAPI) GetProject(r *Request) {

 	id, err := strconv.ParseInt(r.Ctx.UserValue("id").(string), 10, 64)
-	handleErr(err, r) //todo handle invalid id
+	if err != nil || id <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid worker id",
+		}, 400)
+		return
+	}

 	sess := api.Session.StartFasthttp(r.Ctx)
 	manager := sess.Get("manager")
@@ -263,7 +269,13 @@ func (api *WebAPI) GetProjectList(r *Request) {
 func (api *WebAPI) GetAssigneeStatsForProject(r *Request) {

 	id, err := strconv.ParseInt(r.Ctx.UserValue("id").(string), 10, 64)
-	handleErr(err, r) //todo handle invalid id
+	if err != nil || id <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid worker id",
+		}, 400)
+		return
+	}

 	stats := api.Database.GetAssigneeStats(id, 16)

@@ -281,7 +293,13 @@ func (api *WebAPI) GetWorkerAccessListForProject(r *Request) {
 	manager := sess.Get("manager")

 	id, err := strconv.ParseInt(r.Ctx.UserValue("id").(string), 10, 64)
-	handleErr(err, r) //todo handle invalid id
+	if err != nil || id <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid worker id",
+		}, 400)
+		return
+	}

 	if !isActionOnProjectAuthorized(id, manager, storage.ROLE_MANAGE_ACCESS, api.Database) {
 		r.Json(JsonResponse{
@@ -352,10 +370,22 @@ func (api *WebAPI) CreateWorkerAccess(r *Request) {
 func (api *WebAPI) AcceptAccessRequest(r *Request) {

 	pid, err := strconv.ParseInt(r.Ctx.UserValue("id").(string), 10, 64)
-	handleErr(err, r) //todo handle invalid id
+	if err != nil || pid <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid worker id",
+		}, 400)
+		return
+	}

 	wid, err := strconv.ParseInt(r.Ctx.UserValue("wid").(string), 10, 64)
-	handleErr(err, r) //todo handle invalid id
+	if err != nil || wid <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid worker id",
+		}, 400)
+		return
+	}

 	sess := api.Session.StartFasthttp(r.Ctx)
 	manager := sess.Get("manager")
@@ -385,10 +415,22 @@ func (api *WebAPI) AcceptAccessRequest(r *Request) {
 func (api *WebAPI) RejectAccessRequest(r *Request) {

 	pid, err := strconv.ParseInt(r.Ctx.UserValue("id").(string), 10, 64)
-	handleErr(err, r) //todo handle invalid id
+	if err != nil || pid <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid project id",
+		}, 400)
+		return
+	}

 	wid, err := strconv.ParseInt(r.Ctx.UserValue("wid").(string), 10, 64)
-	handleErr(err, r) //todo handle invalid id
+	if err != nil || wid <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid worker id",
+		}, 400)
+		return
+	}

 	ok := api.Database.RejectAccessRequest(wid, pid)

@@ -407,7 +449,13 @@ func (api *WebAPI) RejectAccessRequest(r *Request) {
 func (api *WebAPI) SetManagerRoleOnProject(r *Request) {

 	pid, err := strconv.ParseInt(r.Ctx.UserValue("id").(string), 10, 64)
-	handleErr(err, r) //todo handle invalid id
+	if err != nil || pid <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid project id",
+		}, 400)
+		return
+	}

 	req := &SetManagerRoleOnProjectRequest{}
 	err = json.Unmarshal(r.Ctx.Request.Body(), req)
@@ -435,3 +483,95 @@ func (api *WebAPI) SetManagerRoleOnProject(r *Request) {
 		Ok: true,
 	})
 }
+
+func (api *WebAPI) SetSecret(r *Request) {
+
+	pid, err := strconv.ParseInt(r.Ctx.UserValue("id").(string), 10, 64)
+	handleErr(err, r) //todo handle invalid id
+	if err != nil || pid <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid project id",
+		}, 400)
+		return
+	}
+
+	sess := api.Session.StartFasthttp(r.Ctx)
+	manager := sess.Get("manager")
+
+	if !isActionOnProjectAuthorized(pid, manager, storage.ROLE_EDIT, api.Database) {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Unauthorized",
+		}, 403)
+		return
+	}
+
+	req := &SetSecretRequest{}
+	err = json.Unmarshal(r.Ctx.Request.Body(), req)
+	if err != nil {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Could not parse request",
+		}, 400)
+		return
+	}
+
+	api.Database.SetSecret(pid, req.Secret)
+
+	r.OkJson(JsonResponse{
+		Ok: true,
+	})
+}
+
+func (api *WebAPI) GetSecret(r *Request) {
+
+	pid, err := strconv.ParseInt(r.Ctx.UserValue("id").(string), 10, 64)
+	if err != nil || pid <= 0 {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid project id",
+		}, 400)
+		return
+	}
+
+	var secret string
+
+	worker, err := api.validateSignature(r)
+	if err == nil {
+		secret, err = api.Database.GetSecret(pid, worker.Id)
+		if err != nil {
+			r.Json(JsonResponse{
+				Ok:      false,
+				Message: "Unauthorized",
+			}, 403)
+			return
+		}
+		r.OkJson(JsonResponse{
+			Ok: true,
+			Content: GetSecretResponse{
+				Secret: secret,
+			},
+		})
+		return
+	}
+
+	sess := api.Session.StartFasthttp(r.Ctx)
+	manager := sess.Get("manager")
+
+	if !isActionOnProjectAuthorized(pid, manager, storage.ROLE_EDIT, api.Database) {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Unauthorized",
+		}, 403)
+		return
+	}
+
+	secret, _ = api.Database.GetSecret(pid, 0)
+	r.OkJson(JsonResponse{
+		Ok: true,
+		Content: GetSecretResponse{
+			Secret: secret,
+		},
+	})
+}
--- a/api/task.go
+++ b/api/task.go
@@ -209,7 +209,17 @@ func (api *WebAPI) ReleaseTask(r *Request) {
 			Ok:      false,
 			Message: "Could not parse request",
 		}, 400)
+		return
 	}
+
+	if !req.IsValid() {
+		r.Json(JsonResponse{
+			Ok:      false,
+			Message: "Invalid request",
+		}, 400)
+		return
+	}
+
 	res := api.Database.ReleaseTask(req.TaskId, worker.Id, req.Result, req.Verification)

 	response := JsonResponse{