Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
423942da44
smallstep-certificates/authority/mgmt/db/nosql/admin.go

168 lines
4.5 KiB
Go
Raw Normal View History

first commit
2021-05-03 19:48:20 +00:00
package nosql
import (
"context"
"encoding/json"
"time"
"github.com/pkg/errors"
wip
2021-05-18 23:50:54 +00:00
"github.com/smallstep/certificates/authority/admin"
first commit
2021-05-03 19:48:20 +00:00
"github.com/smallstep/certificates/authority/mgmt"
wip
2021-05-18 23:50:54 +00:00
"github.com/smallstep/certificates/authority/status"
first commit
2021-05-03 19:48:20 +00:00
"github.com/smallstep/nosql"
)
// dbAdmin is the database representation of the Admin type.
type dbAdmin struct {
wip
2021-05-18 23:50:54 +00:00
ID string `json:"id"`
AuthorityID string `json:"authorityID"`
ProvisionerID string `json:"provisionerID"`
Subject string `json:"subject"`
Type admin.Type `json:"type"`
CreatedAt time.Time `json:"createdAt"`
DeletedAt time.Time `json:"deletedAt"`
first commit
2021-05-03 19:48:20 +00:00
}
func (dbp *dbAdmin) clone() *dbAdmin {
u := *dbp
return &u
}
func (db *DB) getDBAdminBytes(ctx context.Context, id string) ([]byte, error) {
data, err := db.db.Get(authorityAdminsTable, []byte(id))
if nosql.IsErrNotFound(err) {
return nil, mgmt.NewError(mgmt.ErrorNotFoundType, "admin %s not found", id)
} else if err != nil {
return nil, errors.Wrapf(err, "error loading admin %s", id)
}
return data, nil
}
func (db *DB) getDBAdmin(ctx context.Context, id string) (*dbAdmin, error) {
data, err := db.getDBAdminBytes(ctx, id)
if err != nil {
return nil, err
}
dba, err := unmarshalDBAdmin(data, id)
if err != nil {
return nil, err
}
if dba.AuthorityID != db.authorityID {
return nil, mgmt.NewError(mgmt.ErrorAuthorityMismatchType,
"admin %s is not owned by authority %s", dba.ID, db.authorityID)
}
return dba, nil
}
func unmarshalDBAdmin(data []byte, id string) (*dbAdmin, error) {
var dba = new(dbAdmin)
if err := json.Unmarshal(data, dba); err != nil {
return nil, errors.Wrapf(err, "error unmarshaling admin %s into dbAdmin", id)
}
return dba, nil
}
func unmarshalAdmin(data []byte, id string) (*mgmt.Admin, error) {
var dba = new(dbAdmin)
if err := json.Unmarshal(data, dba); err != nil {
return nil, errors.Wrapf(err, "error unmarshaling admin %s into dbAdmin", id)
}
adm := &mgmt.Admin{
lots of codes
2021-05-06 06:02:42 +00:00
ID: dba.ID,
AuthorityID: dba.AuthorityID,
ProvisionerID: dba.ProvisionerID,
wip
2021-05-18 04:07:25 +00:00
Subject: dba.Subject,
Type: dba.Type,
wip
2021-05-18 23:50:54 +00:00
Status: status.Active,
first commit
2021-05-03 19:48:20 +00:00
}
if !dba.DeletedAt.IsZero() {
wip
2021-05-18 23:50:54 +00:00
adm.Status = status.Deleted
first commit
2021-05-03 19:48:20 +00:00
}
return adm, nil
}
wip
2021-05-18 04:07:25 +00:00
// GetAdmin retrieves and unmarshals a admin from the database.
func (db *DB) GetAdmin(ctx context.Context, id string) (*mgmt.Admin, error) {
data, err := db.getDBAdminBytes(ctx, id)
if err != nil {
return nil, err
}
adm, err := unmarshalAdmin(data, id)
if err != nil {
return nil, err
}
wip
2021-05-18 23:50:54 +00:00
if adm.Status == status.Deleted {
wip
2021-05-18 04:07:25 +00:00
return nil, mgmt.NewError(mgmt.ErrorDeletedType, "admin %s is deleted", adm.ID)
}
if adm.AuthorityID != db.authorityID {
return nil, mgmt.NewError(mgmt.ErrorAuthorityMismatchType,
"admin %s is not owned by authority %s", adm.ID, db.authorityID)
}
return adm, nil
}
first commit
2021-05-03 19:48:20 +00:00
// GetAdmins retrieves and unmarshals all active (not deleted) admins
// from the database.
// TODO should we be paginating?
first steps
2021-05-07 00:03:12 +00:00
func (db *DB) GetAdmins(ctx context.Context) ([]*mgmt.Admin, error) {
first commit
2021-05-03 19:48:20 +00:00
dbEntries, err := db.db.List(authorityAdminsTable)
if err != nil {
return nil, errors.Wrap(err, "error loading admins")
}
wip
2021-05-18 23:50:54 +00:00
var admins = []*mgmt.Admin{}
first commit
2021-05-03 19:48:20 +00:00
for _, entry := range dbEntries {
adm, err := unmarshalAdmin(entry.Value, string(entry.Key))
if err != nil {
return nil, err
}
wip
2021-05-18 23:50:54 +00:00
if adm.Status == status.Deleted {
first commit
2021-05-03 19:48:20 +00:00
continue
}
if adm.AuthorityID != db.authorityID {
continue
}
admins = append(admins, adm)
}
return admins, nil
}
// CreateAdmin stores a new admin to the database.
func (db *DB) CreateAdmin(ctx context.Context, adm *mgmt.Admin) error {
var err error
adm.ID, err = randID()
if err != nil {
wip
2021-05-18 04:07:25 +00:00
return mgmt.WrapErrorISE(err, "error generating random id for admin")
first commit
2021-05-03 19:48:20 +00:00
}
wip admin CRUD
2021-05-12 07:03:40 +00:00
adm.AuthorityID = db.authorityID
first commit
2021-05-03 19:48:20 +00:00
dba := &dbAdmin{
lots of codes
2021-05-06 06:02:42 +00:00
ID: adm.ID,
AuthorityID: db.authorityID,
ProvisionerID: adm.ProvisionerID,
wip
2021-05-18 04:07:25 +00:00
Subject: adm.Subject,
Type: adm.Type,
lots of codes
2021-05-06 06:02:42 +00:00
CreatedAt: clock.Now(),
first commit
2021-05-03 19:48:20 +00:00
}
return db.save(ctx, dba.ID, dba, nil, "admin", authorityAdminsTable)
}
// UpdateAdmin saves an updated admin to the database.
func (db *DB) UpdateAdmin(ctx context.Context, adm *mgmt.Admin) error {
old, err := db.getDBAdmin(ctx, adm.ID)
if err != nil {
return err
}
nu := old.clone()
// If the admin was active but is now deleted ...
wip
2021-05-18 23:50:54 +00:00
if old.DeletedAt.IsZero() && adm.Status == status.Deleted {
first commit
2021-05-03 19:48:20 +00:00
nu.DeletedAt = clock.Now()
}
wip
2021-05-18 04:07:25 +00:00
nu.Type = adm.Type
first commit
2021-05-03 19:48:20 +00:00
return db.save(ctx, old.ID, nu, old, "admin", authorityAdminsTable)
}
Reference in New Issue Copy Permalink