-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathdetails.go
109 lines (99 loc) · 2.86 KB
/
details.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
package space
import (
"errors"
"fmt"
"net/http"
"strconv"
"github.com/factly/kavach-server/model"
"github.com/factly/kavach-server/util/user"
"github.com/factly/x/errorx"
"github.com/factly/x/loggerx"
"github.com/factly/x/renderx"
"github.com/go-chi/chi"
)
// details - Get space by id
// @Summary Show a space by id
// @Description Get space by ID
// @Tags Spaces
// @ID get-organisation-application-space-by-id
// @Produce json
// @Param X-User header string true "User ID"
// @Param organisation_id path string true "Organisation ID"
// @Param application_id path string true "Application ID"
// @Param application_id path string true "Space ID"
// @Success 200 {object} model.Space
// @Router /organisations/{organisation_id}/applications/{application_id}/spaces/{space_id} [get]
func details(w http.ResponseWriter, r *http.Request) {
uID, err := strconv.Atoi(r.Header.Get("X-User"))
if err != nil {
loggerx.Error(err)
errorx.Render(w, errorx.Parser(errorx.InvalidID()))
return
}
organisationID := chi.URLParam(r, "organisation_id")
orgID, err := strconv.Atoi(organisationID)
if err != nil {
loggerx.Error(err)
errorx.Render(w, errorx.Parser(errorx.InvalidID()))
return
}
applicationID := chi.URLParam(r, "application_id")
appID, err := strconv.Atoi(applicationID)
if err != nil {
loggerx.Error(err)
errorx.Render(w, errorx.Parser(errorx.InvalidID()))
return
}
spaceID := chi.URLParam(r, "space_id")
sID, err := strconv.Atoi(spaceID)
if err != nil {
loggerx.Error(err)
errorx.Render(w, errorx.Parser(errorx.InvalidID()))
return
}
// VERIFY WHETHER THE USER IS PART OF space OR NOT
objectID := fmt.Sprintf("org:%d:app:%d:space:%d", orgID, appID, sID)
isAuthorised, err := user.IsUserAuthorised(
namespace,
objectID,
fmt.Sprintf("%d", uID),
)
if err != nil {
loggerx.Error(err)
errorx.Render(w, errorx.Parser(errorx.InternalServerError()))
return
}
if !isAuthorised {
loggerx.Error(errors.New("user is not part of the space"))
errorx.Render(w, errorx.Parser(errorx.Unauthorized()))
return
}
space := model.Space{}
err = model.DB.Model(&model.Space{}).Where(&model.Space{
Base: model.Base{
ID: uint(sID),
},
}).Preload("Users").Preload("Organisation").Preload("Application").Preload("Tokens").Preload("Medium").Find(&space).Error
if err != nil {
loggerx.Error(err)
errorx.Render(w, errorx.Parser(errorx.DBError()))
return
}
err = model.DB.Model(&model.SpaceRole{}).Where(&model.SpaceRole{
SpaceID: uint(sID),
}).Find(&space.Roles).Error
if err != nil {
loggerx.Error(err)
errorx.Render(w, errorx.Parser(errorx.DBError()))
return
}
err = model.DB.Model(&model.SpacePolicy{}).Where(&model.SpacePolicy{
SpaceID: uint(sID),
}).Find(&space.Policy).Preload("Roles").Error
if err != nil {
loggerx.Error(err)
errorx.Render(w, errorx.Parser(errorx.DBError()))
return
}
renderx.JSON(w, http.StatusOK, space)
}