update

2024-03-07 20:58:50 +01:00 · 2024-03-07 20:58:50 +01:00 · 7ed986e4eb
commit 7ed986e4eb
parent ae9ee91bc4
21 changed files with 547 additions and 93 deletions
--- a/backend/internal/database/db.go
+++ b/backend/internal/database/db.go
@ -14,9 +14,13 @@ import (
 type Database interface {
 	AddUser(username string, password string) error
 	RemoveUser(username string) error
+	PromoteToAdmin(username string) error
 	GetUserId(username string) (int, error)
 	AddProject(name string, description string, username string) error
 	Migrate(dirname string) error
+	// AddTimeReport(projectname string, start time.Time, end time.Time) error
+	// AddUserToProject(username string, projectname string) error
+	// ChangeUserRole(username string, projectname string, role string) error
 }

 // This struct is a wrapper type that holds the database connection
@ -30,6 +34,11 @@ var scripts embed.FS

 const userInsert = "INSERT INTO users (username, password) VALUES (?, ?)"
 const projectInsert = "INSERT INTO projects (name, description, user_id) SELECT ?, ?, id FROM users WHERE username = ?"
+const promoteToAdmin = "INSERT INTO site_admin (admin_id) SELECT id FROM users WHERE username = ?"
+
+// const addTimeReport = ""
+// const addUserToProject = ""
+// const changeUserRole = ""

 // DbConnect connects to the database
 func DbConnect(dbpath string) Database {
@ -48,6 +57,18 @@ func DbConnect(dbpath string) Database {
 	return &Db{db}
 }

+// func (d *Db) AddTimeReport(projectname string, start time.Time, end time.Time) error {
+
+// }
+
+// func (d *Db) AddUserToProject(username string, projectname string) error {
+
+// }
+
+// func (d *Db) ChangeUserRole(username string, projectname string, role string) error {
+
+// }
+
 // AddUser adds a user to the database
 func (d *Db) AddUser(username string, password string) error {
 	_, err := d.Exec(userInsert, username, password)
@ -60,6 +81,11 @@ func (d *Db) RemoveUser(username string) error {
 	return err
 }

+func (d *Db) PromoteToAdmin(username string) error {
+	_, err := d.Exec(promoteToAdmin, username)
+	return err
+}
+
 func (d *Db) GetUserId(username string) (int, error) {
 	var id int
 	err := d.Get(&id, "SELECT id FROM users WHERE username = ?", username)
--- a/backend/internal/database/db_test.go
+++ b/backend/internal/database/db_test.go
@ -74,3 +74,32 @@ func TestDbRemoveUser(t *testing.T) {
 		t.Error("RemoveUser failed:", err)
 	}
 }
+
+func TestPromoteToAdmin(t *testing.T) {
+	db, err := setupState()
+	if err != nil {
+		t.Error("setupState failed:", err)
+	}
+
+	err = db.AddUser("test", "password")
+	if err != nil {
+		t.Error("AddUser failed:", err)
+	}
+
+	err = db.PromoteToAdmin("test")
+	if err != nil {
+		t.Error("PromoteToAdmin failed:", err)
+	}
+}
+
+// func TestAddTimeReport(t *testing.T) {
+
+// }
+
+// func TestAddUserToProject(t *testing.T) {
+
+// }
+
+// func TestChangeUserRole(t *testing.T) {
+
+// }
--- a/backend/internal/database/migrations/0060_site_admin.sql
+++ b/backend/internal/database/migrations/0060_site_admin.sql
@ -0,0 +1,4 @@
+CREATE TABLE IF NOT EXISTS site_admin (
+    admin_id INTEGER PRIMARY KEY,
+    FOREIGN KEY (admin_id) REFERENCES users (id) ON DELETE CASCADE
+)
--- a/backend/internal/handlers/global_state.go
+++ b/backend/internal/handlers/global_state.go
@ -1,25 +1,49 @@
 package handlers

 import (
+	"time"
 	"ttime/internal/database"
 	"ttime/internal/types"

 	"github.com/gofiber/fiber/v2"
+	"github.com/golang-jwt/jwt/v5"
 )

 // The actual interface that we will use
 type GlobalState interface {
-	Register(c *fiber.Ctx) error
+	Register(c *fiber.Ctx) error   // To register a new user
+	UserDelete(c *fiber.Ctx) error // To delete a user
+	Login(c *fiber.Ctx) error      // To get the token
+	LoginRenew(c *fiber.Ctx) error // To renew the token
+	// CreateProject(c *fiber.Ctx) error        // To create a new project
+	// GetProjects(c *fiber.Ctx) error          // To get all projects
+	// GetProject(c *fiber.Ctx) error           // To get a specific project
+	// UpdateProject(c *fiber.Ctx) error        // To update a project
+	// DeleteProject(c *fiber.Ctx) error        // To delete a project
+	// CreateTask(c *fiber.Ctx) error           // To create a new task
+	// GetTasks(c *fiber.Ctx) error             // To get all tasks
+	// GetTask(c *fiber.Ctx) error              // To get a specific task
+	// UpdateTask(c *fiber.Ctx) error           // To update a task
+	// DeleteTask(c *fiber.Ctx) error           // To delete a task
+	// CreateCollection(c *fiber.Ctx) error     // To create a new collection
+	// GetCollections(c *fiber.Ctx) error       // To get all collections
+	// GetCollection(c *fiber.Ctx) error        // To get a specific collection
+	// UpdateCollection(c *fiber.Ctx) error     // To update a collection
+	// DeleteCollection(c *fiber.Ctx) error     // To delete a collection
+	// SignCollection(c *fiber.Ctx) error       // To sign a collection
+	GetButtonCount(c *fiber.Ctx) error       // For demonstration purposes
+	IncrementButtonCount(c *fiber.Ctx) error // For demonstration purposes
 }

 // "Constructor"
 func NewGlobalState(db database.Database) GlobalState {
-	return &GState{Db: db}
+	return &GState{Db: db, ButtonCount: 0}
 }

 // The global state, which implements all the handlers
 type GState struct {
-	Db database.Database
+	Db          database.Database
+	ButtonCount int
 }

 func (gs *GState) Register(c *fiber.Ctx) error {
@ -34,3 +58,76 @@ func (gs *GState) Register(c *fiber.Ctx) error {

 	return c.Status(200).SendString("User added")
 }
+
+// This path should obviously be protected in the future
+// UserDelete deletes a user from the database
+func (gs *GState) UserDelete(c *fiber.Ctx) error {
+	u := new(types.User)
+	if err := c.BodyParser(u); err != nil {
+		return c.Status(400).SendString(err.Error())
+	}
+
+	if err := gs.Db.RemoveUser(u.Username); err != nil {
+		return c.Status(500).SendString(err.Error())
+	}
+
+	return c.Status(200).SendString("User deleted")
+}
+
+func (gs *GState) GetButtonCount(c *fiber.Ctx) error {
+	return c.Status(200).JSON(fiber.Map{"pressCount": gs.ButtonCount})
+}
+
+func (gs *GState) IncrementButtonCount(c *fiber.Ctx) error {
+	gs.ButtonCount++
+	return c.Status(200).JSON(fiber.Map{"pressCount": gs.ButtonCount})
+}
+
+// Login is a simple login handler that returns a JWT token
+func (gs *GState) Login(c *fiber.Ctx) error {
+	// To test: curl --data "user=user&pass=pass" http://localhost:8080/api/login
+	user := c.FormValue("user")
+	pass := c.FormValue("pass")
+
+	// Throws Unauthorized error
+	if user != "user" || pass != "pass" {
+		return c.SendStatus(fiber.StatusUnauthorized)
+	}
+
+	// Create the Claims
+	claims := jwt.MapClaims{
+		"name":  user,
+		"admin": false,
+		"exp":   time.Now().Add(time.Hour * 72).Unix(),
+	}
+
+	// Create token
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+
+	// Generate encoded token and send it as response.
+	t, err := token.SignedString([]byte("secret"))
+	if err != nil {
+		return c.SendStatus(fiber.StatusInternalServerError)
+	}
+
+	return c.JSON(fiber.Map{"token": t})
+}
+
+// LoginRenew is a simple handler that renews the token
+func (gs *GState) LoginRenew(c *fiber.Ctx) error {
+	// For testing: curl localhost:3000/restricted -H "Authorization: Bearer <token>"
+	user := c.Locals("user").(*jwt.Token)
+	claims := user.Claims.(jwt.MapClaims)
+	claims["exp"] = time.Now().Add(time.Hour * 72).Unix()
+	renewed := jwt.MapClaims{
+		"name":  claims["name"],
+		"admin": claims["admin"],
+		"exp":   claims["exp"],
+	}
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, renewed)
+	t, err := token.SignedString([]byte("secret"))
+	if err != nil {
+		return c.SendStatus(fiber.StatusInternalServerError)
+	}
+	return c.JSON(fiber.Map{"token": t})
+}