diff options
author | Nick Frazier <nrflaw@gmail.com> | 2017-10-19 08:10:29 -0400 |
---|---|---|
committer | Joram Wilander <jwawilander@gmail.com> | 2017-10-19 08:10:29 -0400 |
commit | 7fa4913f902457dadb1a4806ce194eb122dbc090 (patch) | |
tree | ea340ad55f6dfa1e6ee647e0a87af69ac406e25d /store | |
parent | 8e19ba029f889519d93cf272960dce858971106c (diff) | |
download | chat-7fa4913f902457dadb1a4806ce194eb122dbc090.tar.gz chat-7fa4913f902457dadb1a4806ce194eb122dbc090.tar.bz2 chat-7fa4913f902457dadb1a4806ce194eb122dbc090.zip |
[PLT-7794] Add user access token enable/disable endpoints (#7630)
* Add column to UserAccessTokens table
* PLT-7794 Add user access token enable/disable endpoints
* replaced eliminated global variable
* updates to user_access_token_store and upgrade.go
* style fix and cleanup
Diffstat (limited to 'store')
-rw-r--r-- | store/sqlstore/upgrade.go | 12 | ||||
-rw-r--r-- | store/sqlstore/user_access_token_store.go | 62 | ||||
-rw-r--r-- | store/store.go | 2 | ||||
-rw-r--r-- | store/storetest/user_access_token_store.go | 37 |
4 files changed, 109 insertions, 4 deletions
diff --git a/store/sqlstore/upgrade.go b/store/sqlstore/upgrade.go index 5f466cf51..a6c1ecc43 100644 --- a/store/sqlstore/upgrade.go +++ b/store/sqlstore/upgrade.go @@ -312,8 +312,12 @@ func UpgradeDatabaseToVersion43(sqlStore SqlStore) { } func UpgradeDatabaseToVersion44(sqlStore SqlStore) { - // TODO: Uncomment following when version 4.4.0 is released - //if shouldPerformUpgrade(sqlStore, VERSION_4_3_0, VERSION_4_4_0) { - // saveSchemaVersion(sqlStore, VERSION_4_4_0) - //} + // TODO: Uncomment following condition when version 4.4.0 is released + // if shouldPerformUpgrade(sqlStore, VERSION_4_3_0, VERSION_4_4_0) { + + // Add the IsActive column to UserAccessToken. + sqlStore.CreateColumnIfNotExists("UserAccessTokens", "IsActive", "boolean", "boolean", "1") + + // saveSchemaVersion(sqlStore, VERSION_4_4_0) + // } } diff --git a/store/sqlstore/user_access_token_store.go b/store/sqlstore/user_access_token_store.go index 2535943c7..530ba8d16 100644 --- a/store/sqlstore/user_access_token_store.go +++ b/store/sqlstore/user_access_token_store.go @@ -198,3 +198,65 @@ func (s SqlUserAccessTokenStore) GetByUser(userId string, offset, limit int) sto result.Data = tokens }) } + +func (s SqlUserAccessTokenStore) UpdateTokenEnable(tokenId string) store.StoreChannel { + return store.Do(func(result *store.StoreResult) { + if _, err := s.GetMaster().Exec("UPDATE UserAccessTokens SET IsActive = TRUE WHERE Id = :Id", map[string]interface{}{"Id": tokenId}); err != nil { + result.Err = model.NewAppError("SqlUserAccessTokenStore.UpdateTokenEnable", "store.sql_user_access_token.update_token_enable.app_error", nil, "id="+tokenId+", "+err.Error(), http.StatusInternalServerError) + } else { + result.Data = tokenId + } + }) +} + +func (s SqlUserAccessTokenStore) UpdateTokenDisable(tokenId string) store.StoreChannel { + return store.Do(func(result *store.StoreResult) { + transaction, err := s.GetMaster().Begin() + if err != nil { + result.Err = model.NewAppError("SqlUserAccessTokenStore.UpdateTokenDisable", "store.sql_user_access_token.update_token_disble.app_error", nil, err.Error(), http.StatusInternalServerError) + } else { + if extrasResult := s.deleteSessionsAndDisableToken(transaction, tokenId); extrasResult.Err != nil { + *result = extrasResult + } + + if result.Err == nil { + if err := transaction.Commit(); err != nil { + // don't need to rollback here since the transaction is already closed + result.Err = model.NewAppError("SqlUserAccessTokenStore.UpdateTokenDisable", "store.sql_user_access_token.update_token_disable.app_error", nil, err.Error(), http.StatusInternalServerError) + } + } else { + if err := transaction.Rollback(); err != nil { + result.Err = model.NewAppError("SqlUserAccessTokenStore.UpdateTokenDisable", "store.sql_user_access_token.update_token_disable.app_error", nil, err.Error(), http.StatusInternalServerError) + } + } + } + }) +} + +func (s SqlUserAccessTokenStore) deleteSessionsAndDisableToken(transaction *gorp.Transaction, tokenId string) store.StoreResult { + result := store.StoreResult{} + + query := "" + if s.DriverName() == model.DATABASE_DRIVER_POSTGRES { + query = "DELETE FROM Sessions s USING UserAccessTokens o WHERE o.Token = s.Token AND o.Id = :Id" + } else if s.DriverName() == model.DATABASE_DRIVER_MYSQL { + query = "DELETE s.* FROM Sessions s INNER JOIN UserAccessTokens o ON o.Token = s.Token WHERE o.Id = :Id" + } + + if _, err := transaction.Exec(query, map[string]interface{}{"Id": tokenId}); err != nil { + result.Err = model.NewAppError("SqlUserAccessTokenStore.deleteSessionsAndDisableToken", "store.sql_user_access_token.update_token_disable.app_error", nil, "id="+tokenId+", err="+err.Error(), http.StatusInternalServerError) + return result + } + + return s.updateTokenDisable(transaction, tokenId) +} + +func (s SqlUserAccessTokenStore) updateTokenDisable(transaction *gorp.Transaction, tokenId string) store.StoreResult { + result := store.StoreResult{} + + if _, err := transaction.Exec("UPDATE UserAccessTokens SET IsActive = FALSE WHERE Id = :Id", map[string]interface{}{"Id": tokenId}); err != nil { + result.Err = model.NewAppError("SqlUserAccessTokenStore.updateTokenDisable", "store.sql_user_access_token.update_token_disable.app_error", nil, "", http.StatusInternalServerError) + } + + return result +} diff --git a/store/store.go b/store/store.go index 120778e84..7616ee7eb 100644 --- a/store/store.go +++ b/store/store.go @@ -436,4 +436,6 @@ type UserAccessTokenStore interface { Get(tokenId string) StoreChannel GetByToken(tokenString string) StoreChannel GetByUser(userId string, page, perPage int) StoreChannel + UpdateTokenEnable(tokenId string) StoreChannel + UpdateTokenDisable(tokenId string) StoreChannel } diff --git a/store/storetest/user_access_token_store.go b/store/storetest/user_access_token_store.go index 292929419..661c969da 100644 --- a/store/storetest/user_access_token_store.go +++ b/store/storetest/user_access_token_store.go @@ -12,6 +12,7 @@ import ( func TestUserAccessTokenStore(t *testing.T, ss store.Store) { t.Run("UserAccessTokenSaveGetDelete", func(t *testing.T) { testUserAccessTokenSaveGetDelete(t, ss) }) + t.Run("UserAccessTokenDisableEnable", func(t *testing.T) { testUserAccessTokenDisableEnable(t, ss) }) } func testUserAccessTokenSaveGetDelete(t *testing.T, ss store.Store) { @@ -87,3 +88,39 @@ func testUserAccessTokenSaveGetDelete(t *testing.T, ss store.Store) { t.Fatal("should error - access token should be deleted") } } + +func testUserAccessTokenDisableEnable(t *testing.T, ss store.Store) { + uat := &model.UserAccessToken{ + Token: model.NewId(), + UserId: model.NewId(), + Description: "testtoken", + } + + s1 := model.Session{} + s1.UserId = uat.UserId + s1.Token = uat.Token + + store.Must(ss.Session().Save(&s1)) + + if result := <-ss.UserAccessToken().Save(uat); result.Err != nil { + t.Fatal(result.Err) + } + + if err := (<-ss.UserAccessToken().UpdateTokenDisable(uat.Id)).Err; err != nil { + t.Fatal(err) + } + + if err := (<-ss.Session().Get(s1.Token)).Err; err == nil { + t.Fatal("should error - session should be deleted") + } + + s2 := model.Session{} + s2.UserId = uat.UserId + s2.Token = uat.Token + + store.Must(ss.Session().Save(&s2)) + + if err := (<-ss.UserAccessToken().UpdateTokenEnable(uat.Id)).Err; err != nil { + t.Fatal(err) + } +} |