Jannex
/
admin-dashboard-backend
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added permission check and swagger doc

main
alex 2023-08-27 21:58:26 +02:00
parent 0b78d26151
commit 0a0c0317d2
20 changed files with 1270 additions and 458 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
modules/logger/logger.go
View File

@ -70,7 +70,7 @@ func addLog(logMessage structs.LogMessage, systemLog bool) {
}
}
func ReadLogs(date string, systemLogs bool, language string) []structs.LogMessageResponse {
func ReadLogs(date string, systemLogs bool, language string) []structs.LogListMessage {
path := config.Cfg.FolderPaths.LogsSystem
if !systemLogs {
@ -88,7 +88,7 @@ func ReadLogs(date string, systemLogs bool, language string) []structs.LogMessag
fileScanner := bufio.NewScanner(file)
var logMessages []structs.LogMessageResponse
var logMessages []structs.LogListMessage
for fileScanner.Scan() {
var logMessage structs.LogMessage
@ -116,8 +116,8 @@ func ReadLogs(date string, systemLogs bool, language string) []structs.LogMessag
return logMessages
}
func getLogMessage(languageLogMessages []structs.LanguageLogMessages, logMessage structs.LogMessage, language string) structs.LogMessageResponse {
logMessageResponse := structs.LogMessageResponse{
func getLogMessage(languageLogMessages []structs.LanguageLogMessages, logMessage structs.LogMessage, language string) structs.LogListMessage {
logListMessage := structs.LogListMessage{
Time: logMessage.Time,
Type: logMessage.Type,
LogData: logMessage.Messages,
@ -125,13 +125,13 @@ func getLogMessage(languageLogMessages []structs.LanguageLogMessages, logMessage
for _, systemLanguageLogMessage := range languageLogMessages {
if logMessage.Id == systemLanguageLogMessage.Id {
logMessageResponse.Message = getLogLanguageMessage(systemLanguageLogMessage.Languages, language)
logListMessage.Message = getLogLanguageMessage(systemLanguageLogMessage.Languages, language)
return logMessageResponse
return logListMessage
}
}
return logMessageResponse
return logListMessage
}
func getLogLanguageMessage(languages []structs.LanguageLogMessagesLanguage, language string) string {

7
modules/structs/adminarea.go Normal file
View File

@ -0,0 +1,7 @@
package structs
// swagger:model AdminAreaRolesResponse
type AdminAreaRolesResponse struct {
Roles []Role
RolesPermissions []RolePermissions
}

7
modules/structs/grouptasks.go
View File

@ -103,3 +103,10 @@ type ApiGroupTaskRequest struct {
Description string
GlobalInputs json.RawMessage
}
// swagger:model GroupTasksResponse
type GroupTasksResponse struct {
CategoryGroups []CategoryGroup
GroupTasks []GroupTasks
GroupTasksSteps []GroupTaskSteps
}

12
modules/structs/log.go
View File

@ -26,9 +26,19 @@ type LanguageLogMessagesLanguage struct {
Message string
}
type LogMessageResponse struct {
type LogListMessage struct {
Time time.Time
Type uint8
Message string
LogData []LogData
}
type LogMessageResponse struct {
Logs []LogListMessage
Dates []string
Users []AllUsers
Roles []Role
CategoryGroups []CategoryGroup
GroupTasks []GroupTasks
GroupTasksSteps []GroupTaskSteps
}

16
modules/structs/socket.go
View File

@ -83,8 +83,9 @@ func (socketClient *SocketClient) writeMessage(messageType int, message SendSock
return nil
}
/*
type InitUserSocketConnection struct {
User UserData
User UserProfile
CategoryGroups []CategoryGroup // config specific group tasks
GroupTasks []GroupTasks // in database saved group tasks
GroupTasksSteps []GroupTaskSteps
@ -92,7 +93,7 @@ type InitUserSocketConnection struct {
Scanners []Scanner
AllRoles []Role
AdminArea InitUserSocketConnectionAdminArea
}
} */
type InitUserSocketConnectionAdminArea struct {
RolesPermissions []RolePermissions `json:"RolesPermissions,omitempty"`
@ -108,17 +109,6 @@ type AllUsers struct {
LastOnline time.Time
}
type UserData struct {
Id string
RoleId string
Avatar string
Username string
Email string
Sessions []UserSessionSocket
Permissions []string
ApiKeys []UserApiKey
}
type UserSessionSocket struct {
IdForDeletion string
UserAgent string

10
modules/structs/user.go
View File

@ -56,9 +56,19 @@ type UserApiKey struct {
LastUsed time.Time
}
// swagger:model UserInfoResponse
type UserInfoResponse struct {
UserId string
Username string
Avatar string
Permissions []string
AvailableGroupTasks []string
Users []AllUsers
}
// swagger:model UserProfileResponse
type UserProfileResponse struct {
Email string
Sessions []UserSessionSocket
ApiKeys []UserApiKey
}

1
modules/structs/users.go
View File

@ -1,5 +1,6 @@
package structs
// swagger:model UsersResponse
type UsersResponse struct {
RoleId string
Users []AllUsers

4
modules/utils/globals.go
View File

@ -145,6 +145,8 @@ var (
const (
_equipmentDocumentation = "equipment_documentation."
PermissionEquipmentDocumentationView = _equipmentDocumentation + "view"
PermissionEquipmentDocumentationEdit = _equipmentDocumentation + "edit"
PermissionEquipmentDocumentationCreate = _equipmentDocumentation + "create"
_groupTasks = "group_tasks."
PermissionGroupTasksOverviewXYNewTask = _groupTasks + "overview.XY.new_task"
PermissionGroupTasksOverviewXYReloadGroupConfig = _groupTasks + "overview.XY.reload_group_config"
@ -172,6 +174,8 @@ const (
var SystemPermissions = []string{
PermissionEquipmentDocumentationView,
PermissionEquipmentDocumentationEdit,
PermissionEquipmentDocumentationCreate,
PermissionGroupTasksHistory,
PermissionGroupTasksInstallGlobalPythonPackages,
PermissionGroupTasksCheckingForCategoryGroupChanges,

640
public/swagger/swagger.json
View File

@ -16,6 +16,42 @@
"host": "jannex",
"basePath": "/v1",
"paths": {
"/adminarea/roles": {
"get": {
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"adminarea"
],
"summary": "Get all roles",
"operationId": "adminareaGetRoles",
"parameters": [
{
"description": "You can create a new api key in your user profile",
"name": "X-Api-Key",
"in": "header"
}
],
"responses": {
"200": {
"description": "All roles",
"schema": {
"$ref": "#/definitions/AdminAreaRolesResponse"
}
},
"401": {
"description": "No permissions"
},
"500": {
"description": "Failed to get roles"
}
}
}
},
"/equipment/documentation/create": {
"post": {
"consumes": [
@ -239,6 +275,42 @@
}
}
},
"/grouptasks": {
"get": {
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"grouptask"
],
"summary": "Get all group tasks",
"operationId": "grouptaskGetGroupTasks",
"parameters": [
{
"description": "You can create a new api key in your user profile",
"name": "X-Api-Key",
"in": "header"
}
],
"responses": {
"200": {
"description": "All group tasks",
"schema": {
"$ref": "#/definitions/GroupTasksResponse"
}
},
"401": {
"description": "No permissions"
},
"500": {
"description": "Failed to get group tasks"
}
}
}
},
"/grouptasks/start": {
"post": {
"consumes": [
@ -404,6 +476,78 @@
}
}
},
"/user/info": {
"get": {
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"user"
],
"summary": "Get user info",
"operationId": "userInfo",
"parameters": [
{
"description": "You can create a new api key in your user profile",
"name": "X-Api-Key",
"in": "header"
}
],
"responses": {
"200": {
"description": "User info",
"schema": {
"$ref": "#/definitions/UserInfoResponse"
}
},
"401": {
"description": "No permissions"
},
"500": {
"description": "Failed to get user info"
}
}
}
},
"/user/profile": {
"get": {
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"user"
],
"summary": "Get user profile",
"operationId": "userProfile",
"parameters": [
{
"description": "You can create a new api key in your user profile",
"name": "X-Api-Key",
"in": "header"
}
],
"responses": {
"200": {
"description": "User profile",
"schema": {
"$ref": "#/definitions/UserProfileResponse"
}
},
"401": {
"description": "No permissions"
},
"500": {
"description": "Failed to get user profile"
}
}
}
},
"/user/session/{idForDeletion}": {
"delete": {
"consumes": [
@ -444,9 +588,92 @@
}
}
}
},
"/users": {
"get": {
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Get all users",
"operationId": "usersGetUsers",
"parameters": [
{
"description": "You can create a new api key in your user profile",
"name": "X-Api-Key",
"in": "header"
}
],
"responses": {
"200": {
"description": "All users",
"schema": {
"$ref": "#/definitions/UsersResponse"
}
},
"401": {
"description": "No permissions"
},
"500": {
"description": "Failed to get users"
}
}
}
}
},
"definitions": {
"AdminAreaRolesResponse": {
"type": "object",
"properties": {
"Roles": {
"type": "array",
"items": {
"$ref": "#/definitions/Role"
}
},
"RolesPermissions": {
"type": "array",
"items": {
"$ref": "#/definitions/RolePermissions"
}
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"AllUsers": {
"type": "object",
"properties": {
"Avatar": {
"type": "string"
},
"ConnectionStatus": {
"type": "integer",
"format": "uint8"
},
"Deactivated": {
"type": "boolean"
},
"Id": {
"type": "string"
},
"LastOnline": {
"type": "string",
"format": "date-time"
},
"RoleId": {
"type": "string"
},
"Username": {
"type": "string"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"ApiGroupTaskRequest": {
"type": "object",
"properties": {
@ -465,6 +692,23 @@
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"CategoryGroup": {
"type": "object",
"properties": {
"category": {
"type": "string",
"x-go-name": "Category"
},
"groups": {
"type": "array",
"items": {
"$ref": "#/definitions/Group"
},
"x-go-name": "Groups"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"CreateEquipmentDocumentationRequest": {
"type": "object",
"properties": {
@ -560,6 +804,336 @@
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"GlobalInputs": {
"type": "object",
"properties": {
"displayName": {
"type": "string",
"x-go-name": "DisplayName"
},
"parameterName": {
"type": "string",
"x-go-name": "ParameterName"
},
"type": {
"type": "string",
"x-go-name": "Type"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"Group": {
"type": "object",
"properties": {
"category": {
"type": "string",
"x-go-name": "Category"
},
"globalInputs": {
"type": "array",
"items": {
"$ref": "#/definitions/GlobalInputs"
},
"x-go-name": "GlobalInputs"
},
"id": {
"type": "string",
"x-go-name": "Id"
},
"name": {
"type": "string",
"x-go-name": "Name"
},
"tasks": {
"type": "array",
"items": {
"$ref": "#/definitions/Task"
},
"x-go-name": "Tasks"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"GroupTaskSteps": {
"type": "object",
"properties": {
"CreatorUserId": {
"type": "string"
},
"EndedAt": {
"type": "string",
"format": "date-time"
},
"Files": {
"type": "string"
},
"GroupTasksId": {
"type": "string"
},
"Id": {
"type": "string"
},
"Inputs": {
"type": "string"
},
"LockedByUserId": {
"type": "string"
},
"Log": {
"type": "string"
},
"StartedAt": {
"type": "string",
"format": "date-time"
},
"Status": {
"type": "integer",
"format": "uint8"
},
"Step": {
"type": "integer",
"format": "uint8"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"GroupTasks": {
"type": "object",
"properties": {
"Category": {
"type": "string"
},
"CreatorUserId": {
"type": "string"
},
"CurrentTasksStep": {
"type": "integer",
"format": "uint8"
},
"Description": {
"type": "string"
},
"EndedAt": {
"type": "string",
"format": "date-time"
},
"GlobalInputs": {
"type": "string"
},
"GroupId": {
"type": "string"
},
"GroupName": {
"type": "string"
},
"Id": {
"type": "string"
},
"NumberOfSteps": {
"type": "integer",
"format": "uint8"
},
"RememberId": {
"type": "string"
},
"StartedAt": {
"type": "string",
"format": "date-time"
},
"Status": {
"type": "integer",
"format": "uint8"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"GroupTasksResponse": {
"type": "object",
"properties": {
"CategoryGroups": {
"type": "array",
"items": {
"$ref": "#/definitions/CategoryGroup"
}
},
"GroupTasks": {
"type": "array",
"items": {
"$ref": "#/definitions/GroupTasks"
}
},
"GroupTasksSteps": {
"type": "array",
"items": {
"$ref": "#/definitions/GroupTaskSteps"
}
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"Role": {
"type": "object",
"properties": {
"CreatedAt": {
"type": "string",
"format": "date-time"
},
"Description": {
"type": "string"
},
"DisplayName": {
"type": "string"
},
"Id": {
"type": "string"
},
"Master": {
"type": "boolean"
},
"SortingOrder": {
"type": "integer",
"format": "int64"
},
"UpdatedAt": {
"type": "string",
"format": "date-time"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"RolePermissions": {
"type": "object",
"properties": {
"Permissions": {
"type": "array",
"items": {
"type": "string"
}
},
"RoleId": {
"type": "string"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"Task": {
"type": "object",
"properties": {
"name": {
"type": "string",
"x-go-name": "Name"
},
"onFinish": {
"type": "string",
"x-go-name": "OnFinish"
},
"parameters": {
"type": "array",
"items": {
"$ref": "#/definitions/TaskParameter"
},
"x-go-name": "Parameters"
},
"repeatPossible": {
"type": "boolean",
"x-go-name": "RepeatPossible"
},
"scriptPath": {
"type": "string",
"x-go-name": "ScriptPath"
},
"undoPossible": {
"type": "boolean",
"x-go-name": "UndoPossible"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"TaskParameter": {
"type": "object",
"properties": {
"displayName": {
"type": "string",
"x-go-name": "DisplayName"
},
"global": {
"type": "boolean",
"x-go-name": "Global"
},
"parameterName": {
"type": "string",
"x-go-name": "ParameterName"
},
"type": {
"type": "string",
"x-go-name": "Type"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"UserApiKey": {
"type": "object",
"properties": {
"CreatedAt": {
"type": "string",
"format": "date-time"
},
"Id": {
"type": "string"
},
"LastUsed": {
"type": "string",
"format": "date-time"
},
"Name": {
"type": "string"
},
"Token": {
"type": "string"
},
"UsageCount": {
"type": "integer",
"format": "uint64"
},
"UserId": {
"type": "string"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"UserInfoResponse": {
"type": "object",
"properties": {
"AvailableGroupTasks": {
"type": "array",
"items": {
"type": "string"
}
},
"Avatar": {
"type": "string"
},
"Permissions": {
"type": "array",
"items": {
"type": "string"
}
},
"UserId": {
"type": "string"
},
"Username": {
"type": "string"
},
"Users": {
"type": "array",
"items": {
"$ref": "#/definitions/AllUsers"
}
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"UserLoginRequest": {
"type": "object",
"properties": {
@ -580,6 +1154,72 @@
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"UserProfileResponse": {
"type": "object",
"properties": {
"ApiKeys": {
"type": "array",
"items": {
"$ref": "#/definitions/UserApiKey"
}
},
"Email": {
"type": "string"
},
"Sessions": {
"type": "array",
"items": {
"$ref": "#/definitions/UserSessionSocket"
}
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"UserSessionSocket": {
"type": "object",
"properties": {
"ConnectionStatus": {
"type": "integer",
"format": "uint8"
},
"ExpiresAt": {
"type": "string",
"format": "date-time"
},
"IdForDeletion": {
"type": "string"
},
"LastUsed": {
"type": "string",
"format": "date-time"
},
"UserAgent": {
"type": "string"
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
},
"UsersResponse": {
"type": "object",
"properties": {
"RoleId": {
"type": "string"
},
"Roles": {
"type": "array",
"items": {
"$ref": "#/definitions/Role"
}
},
"Users": {
"type": "array",
"items": {
"$ref": "#/definitions/AllUsers"
}
}
},
"x-go-package": "jannex/admin-dashboard-backend/modules/structs"
}
}
}

45
routers/router/api/v1/adminArea/roles.go Normal file
View File

@ -0,0 +1,45 @@
package adminarea
import (
"jannex/admin-dashboard-backend/modules/structs"
"jannex/admin-dashboard-backend/modules/utils"
"jannex/admin-dashboard-backend/socketclients"
"github.com/gofiber/fiber/v2"
)
func GetRoles(c *fiber.Ctx) error {
// swagger:operation GET /adminarea/roles adminarea adminareaGetRoles
// ---
// summary: Get all roles
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: X-Api-Key
// in: header
// description: You can create a new api key in your user profile
// responses:
// '200':
// description: All roles
// schema:
// "$ref": "#/definitions/AdminAreaRolesResponse"
// '401':
// description: No permissions
// '500':
// description: Failed to get roles
if !socketclients.HasOnePermission(c.Locals("userId").(string),
[]string{utils.PermissionAdminAreaCreateNewRole,
utils.PermissionAdminAreaDeleteRole,
utils.PermissionAdminAreaMoveRoleUpDown,
utils.PermissionAdminAreaUpdateRole}) {
return c.SendStatus(fiber.StatusUnauthorized)
}
return c.JSON(structs.AdminAreaRolesResponse{
Roles: socketclients.GetAllRoles(),
RolesPermissions: socketclients.GetAdminAreaRolesPermissions(),
})
}

17
routers/router/api/v1/equipment/equipment.go
View File

@ -4,6 +4,7 @@ import (
"jannex/admin-dashboard-backend/modules/equipment"
"jannex/admin-dashboard-backend/modules/structs"
"jannex/admin-dashboard-backend/modules/utils"
"jannex/admin-dashboard-backend/socketclients"
"github.com/gofiber/fiber/v2"
)
@ -34,6 +35,10 @@ func CreateEquipmentDocumentation(c *fiber.Ctx) error {
// '500':
// description: Failed to create equipment documentation
if !socketclients.HasPermission(c.Locals("userId").(string), utils.PermissionEquipmentDocumentationCreate) {
return c.SendStatus(fiber.StatusUnauthorized)
}
var body structs.CreateEquipmentDocumentationRequest
if err := utils.BodyParserHelper(c, &body); err != nil {
@ -72,6 +77,10 @@ func GetEquipmentDocumentations(c *fiber.Ctx) error {
// '500':
// description: Failed to get equipment documentations
if !socketclients.HasPermission(c.Locals("userId").(string), utils.PermissionEquipmentDocumentationView) {
return c.SendStatus(fiber.StatusUnauthorized)
}
var params structs.EquipmentRequest
if err := utils.ParamsParserHelper(c, &params); err != nil {
@ -115,6 +124,10 @@ func GetEquipmentDocumentation(c *fiber.Ctx) error {
// '500':
// description: Failed to get equipment documentation
if !socketclients.HasPermission(c.Locals("userId").(string), utils.PermissionEquipmentDocumentationView) {
return c.SendStatus(fiber.StatusUnauthorized)
}
var params structs.GetDocumentationEquipmentRequest
if err := utils.ParamsParserHelper(c, &params); err != nil {
@ -150,6 +163,10 @@ func EditEquipmentDocumentation(c *fiber.Ctx) error {
// '500':
// description: Failed to edit equipment documentation
if !socketclients.HasPermission(c.Locals("userId").(string), utils.PermissionEquipmentDocumentationEdit) {
return c.SendStatus(fiber.StatusUnauthorized)
}
var body structs.EditEquipmentDocumentationRequest
if err := utils.BodyParserHelper(c, &body); err != nil {

29
routers/router/api/v1/grouptask/grouptask.go
View File

@ -12,6 +12,35 @@ import (
"github.com/rs/zerolog/log"
)
func GetGroupTasks(c *fiber.Ctx) error {
// swagger:operation GET /grouptasks grouptask grouptaskGetGroupTasks
// ---
// summary: Get all group tasks
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: X-Api-Key
// in: header
// description: You can create a new api key in your user profile
// responses:
// '200':
// description: All group tasks
// schema:
// "$ref": "#/definitions/GroupTasksResponse"
// '401':
// description: No permissions
// '500':
// description: Failed to get group tasks
return c.JSON(structs.GroupTasksResponse{
CategoryGroups: cache.GetCategoryGroupsSorted(),
GroupTasks: grouptasks.GetAllGroupTasks(),
GroupTasksSteps: grouptasks.GetAllGroupTasksSteps(),
})
}
func StartGroupTask(c *fiber.Ctx) error {
// swagger:operation POST /grouptasks/start grouptask grouptaskStartGroupTask
// ---

27
routers/router/api/v1/logger/logger.go
View File

@ -1,6 +1,8 @@
package logger
import (
"jannex/admin-dashboard-backend/modules/cache"
"jannex/admin-dashboard-backend/modules/grouptasks"
"jannex/admin-dashboard-backend/modules/logger"
"jannex/admin-dashboard-backend/modules/structs"
"jannex/admin-dashboard-backend/modules/utils"
@ -38,22 +40,29 @@ func GetSystemLog(c *fiber.Ctx) error {
},
})
if t == "g" { // grouptasks logs
return c.JSON(struct {
Logs []structs.LogMessageResponse
Dates []string
}{
// / TODO: remove this by rendering the log message on backend site
if t == "g" {
// grouptasks logs
return c.JSON(structs.LogMessageResponse{
Logs: logger.ReadLogs(date, false, lang),
Dates: logger.GetAllLogMessagesDates(false),
Users: socketclients.GetAllUsers(),
Roles: socketclients.GetAllRoles(),
CategoryGroups: cache.GetCategoryGroupsSorted(),
GroupTasks: grouptasks.GetAllGroupTasks(),
GroupTasksSteps: grouptasks.GetAllGroupTasksSteps(),
})
}
// system logs
return c.JSON(struct {
Logs []structs.LogMessageResponse
Dates []string
}{
return c.JSON(structs.LogMessageResponse{
Logs: logger.ReadLogs(date, true, lang),
Dates: logger.GetAllLogMessagesDates(true),
Users: socketclients.GetAllUsers(),
Roles: socketclients.GetAllRoles(),
CategoryGroups: cache.GetCategoryGroupsSorted(),
GroupTasks: grouptasks.GetAllGroupTasks(),
GroupTasksSteps: grouptasks.GetAllGroupTasksSteps(),
})
}

28
routers/router/api/v1/user/profile.go
View File

@ -9,19 +9,35 @@ import (
)
func GetUserProfile(c *fiber.Ctx) error {
// swagger:operation GET /user/profile user userProfile
// ---
// summary: Get user profile
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: X-Api-Key
// in: header
// description: You can create a new api key in your user profile
// responses:
// '200':
// description: User profile
// schema:
// "$ref": "#/definitions/UserProfileResponse"
// '401':
// description: No permissions
// '500':
// description: Failed to get user profile
var user structs.User
userId := c.Locals("userId").(string)
database.DB.First(&user, "id = ?", userId)
return c.JSON(structs.UserData{
Id: user.Id,
//RoleId: user.RoleId,
Avatar: user.Avatar,
Username: user.Username,
return c.JSON(structs.UserProfileResponse{
Email: user.Email,
Sessions: socketclients.GetUserSessions(userId),
//Permissions: socketclients.GetPermissionsByRoleId(user.RoleId),
ApiKeys: socketclients.GetUserApiKeys(userId),
})
}

25
routers/router/api/v1/user/user.go
View File

@ -9,14 +9,37 @@ import (
)
func UserInfo(c *fiber.Ctx) error {
// swagger:operation GET /user/info user userInfo
// ---
// summary: Get user info
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: X-Api-Key
// in: header
// description: You can create a new api key in your user profile
// responses:
// '200':
// description: User info
// schema:
// "$ref": "#/definitions/UserInfoResponse"
// '401':
// description: No permissions
// '500':
// description: Failed to get user info
var user structs.User
database.DB.First(&user, "id = ?", c.Locals("userId").(string))
database.DB.Select("id, username, avatar", "role_id").First(&user, "id = ?", c.Locals("userId").(string))
return c.JSON(structs.UserInfoResponse{
UserId: user.Id,
Username: user.Username,
Avatar: user.Avatar,
Permissions: socketclients.GetPermissionsByRoleId(user.RoleId),
AvailableGroupTasks: []string{},
Users: socketclients.GetAllUsers(),
})
}

21
routers/router/api/v1/users/users.go
View File

@ -9,6 +9,27 @@ import (
)
func GetUsers(c *fiber.Ctx) error {
// swagger:operation GET /users users usersGetUsers
// ---
// summary: Get all users
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: X-Api-Key
// in: header
// description: You can create a new api key in your user profile
// responses:
// '200':
// description: All users
// schema:
// "$ref": "#/definitions/UsersResponse"
// '401':
// description: No permissions
// '500':
// description: Failed to get users
var user structs.User
database.DB.Select("role_id").First(&user, "id = ?", c.Locals("userId").(string))

21
routers/router/router.go
View File

@ -6,6 +6,7 @@ import (
"jannex/admin-dashboard-backend/modules/logger"
"jannex/admin-dashboard-backend/modules/structs"
"jannex/admin-dashboard-backend/modules/utils"
adminarea "jannex/admin-dashboard-backend/routers/router/api/v1/adminArea"
"jannex/admin-dashboard-backend/routers/router/api/v1/equipment"
"jannex/admin-dashboard-backend/routers/router/api/v1/grouptask"
log "jannex/admin-dashboard-backend/routers/router/api/v1/logger"
@ -41,6 +42,7 @@ func SetupRoutes(app *fiber.App) {
l.Get("/", requestAccessValidation, log.GetSystemLog)
g := v1.Group("/grouptasks")
g.Get("/", requestAccessValidation, grouptask.GetGroupTasks)
g.Post("/start", requestAccessValidation, grouptask.StartGroupTask)
e := v1.Group("/equipment")
@ -50,6 +52,9 @@ func SetupRoutes(app *fiber.App) {
e.Post("/documentation/edit", requestAccessValidation, equipment.EditEquipmentDocumentation)
e.Get("/thumbnail/:stockItemId", equipment.GetEquipmentThumbnail)
a := v1.Group("/adminarea")
a.Get("/roles", requestAccessValidation, adminarea.GetRoles)
app.Static("/", config.Cfg.FolderPaths.PublicStatic)
}
@ -86,6 +91,22 @@ func userApikeyTokenValidation(c *fiber.Ctx) error {
return fiber.ErrUnauthorized
}
// check if user has permission to use api keys
if !socketclients.HasPermission(apiKey.UserId, utils.PermissionUserProfileApiKeys) {
// delete api key from database
database.DB.Delete(&apiKey)
logger.AddSystemLog(structs.LogMessage{
Id: 26,
Type: utils.LogTypeInfo,
Messages: []structs.LogData{
{Type: "userId", Value: apiKey.UserId},
},
})
return fiber.ErrUnauthorized
}
lastUsed := time.Now()
database.DB.Model(&structs.UserApiKey{}).Where("id = ?", apiKey.Id).Updates(map[string]interface{}{

25
socketclients/socketclients.go
View File

@ -714,6 +714,31 @@ func HasPermission(userId string, permission string) bool {
return rolePermission.PermissionId == permission
}
// This function is used to check if a user has one of the provided permissions
// For example if a user has one of the permissions "user.create" or "user.delete"
func HasOnePermission(userId string, permissions []string) bool {
var user structs.User
database.DB.Where("id = ?", userId).First(&user)
var userPermissions []structs.RolePermission
database.DB.Where("role_id = ?", user.RoleId).Find(&userPermissions)
// loop through all provided permissions
for _, permission := range permissions {
// loop through all user permissions
for _, userPermission := range userPermissions {
// check if the user has the permission
if userPermission.PermissionId == permission {
return true
}
}
}
return false
}
func HasXYPermission(userId string, permission string, category string) bool {
return HasPermission(userId, systempermissions.ConvertXYPermission(permission, category))
}

78
socketserver/hub.go
View File

@ -57,35 +57,6 @@ func RunHub() {
ExpiresAt: utils.GetSessionExpiresAtTime(),
})
// init data message
var user structs.User
database.DB.First(&user, "id = ?", userId)
newSocketClient.SendMessage(structs.SendSocketMessage{
Cmd: utils.SentCmdInitUserSocketConnection,
Body: structs.InitUserSocketConnection{
User: structs.UserData{
Id: user.Id,
RoleId: user.RoleId,
Username: user.Username,
Email: user.Email,
Sessions: socketclients.GetUserSessions(userId),
Permissions: socketclients.GetPermissionsByRoleId(user.RoleId),
ApiKeys: socketclients.GetUserApiKeys(userId),
},
CategoryGroups: cache.GetCategoryGroupsSorted(),
GroupTasks: grouptasks.GetAllGroupTasks(),
GroupTasksSteps: grouptasks.GetAllGroupTasksSteps(),
AllUsers: socketclients.GetAllUsers(),
Scanners: socketclients.GetAllScanners(),
AllRoles: socketclients.GetAllRoles(),
AdminArea: structs.InitUserSocketConnectionAdminArea{
RolesPermissions: socketclients.GetAdminAreaRolesPermissions(),
},
},
})
socketclients.UpdateConnectedUsers(userId)
socketclients.UpdateUserSessionsForUser(userId, sessionId)
@ -93,7 +64,7 @@ func RunHub() {
Id: 0,
Type: utils.LogTypeInfo,
Messages: []structs.LogData{
{Type: "userId", Value: user.Id}}})
{Type: "userId", Value: userId}}})
case data := <-broadcast:
var receivedMessage structs.ReceivedMessage
@ -128,53 +99,6 @@ func RunHub() {
GlobalInputs: globalInputsJsonString,
RememberId: receivedMessage.Body["rememberId"].(string),
})
//groupTaskId := uuid.New().String()
/*
groupTasks := structs.GroupTasks{
Id: groupTaskId,
CreatorUserId: data.Conn.Locals("userId").(string),
Category: category,
GroupId: groupId,
GroupName: receivedMessage.Body["groupName"].(string),
Description: receivedMessage.Body["description"].(string),
CurrentTasksStep: 1,
NumberOfSteps: uint8(receivedMessage.Body["numberOfSteps"].(float64)),
Status: utils.GroupTasksStatusRunning,
GlobalInputs: globalInputsJsonString,
StartedAt: time.Now(),
RememberId: receivedMessage.Body["rememberId"].(string),
}
database.DB.Create(&groupTasks)
socketclients.BroadcastMessage(structs.SendSocketMessage{
Cmd: utils.SentCmdNewGroupTaskStarted,
Body: groupTasks,
})
go grouptasks.RunGroupTask(grouptasks.RunGroupTaskArgs{
CreatorUserId: data.Conn.Locals("userId").(string),
StartType: grouptasks.RunGroupTaskStartTypeNormal,
GroupTaskId: groupTaskId,
Category: category,
GroupId: groupId,
Step: 1,
TaskStepId: "",
GlobalInputs: globalInputsJsonString,
})
logger.AddGroupTasksLog(structs.LogMessage{
Id: 0,
Type: utils.LogTypeInfo,
Messages: []structs.LogData{
{Type: "userId", Value: data.Conn.Locals("userId").(string)},
{Type: "groupTaskId", Value: groupTaskId},
{Type: "groupTaskName", Value: groupTasks.GroupName},
},
}) */
break
case utils.ReceivedCmdTaskFailedTryAgainRunTaskStep:
groupTaskArgs := grouptasks.RunGroupTaskArgs{

13
system_lang_log_messages.json
View File

@ -336,5 +336,18 @@
"message": "%userId% hat einen seiner Api-Schlüssel verwendet"
}
]
},
{
"id": 26,
"languages": [
{
"lang": "en",
"message": "%userId% has tried to use one of its api keys, but has no longer permission to do so"
},
{
"lang": "de",
"message": "%userId% hat versucht einen seiner Api-Schlüssel zu verwenden, hat aber keine Berechtigung mehr dazu"
}
]
}
]