feat(api): clear cached user token upon exiting authenticated namespace

heiytor · gustavosbarreto · commit 3063a3dc759d · 2024-11-13T09:36:12.000-03:00
Ensure user tokens are removed from cache when users leave the
authenticated namespace.
diff --git a/api/routes/nsadm_test.go b/api/routes/nsadm_test.go
@@ -410,11 +410,12 @@ func TestHandler_LeaveNamespace(t *testing.T) {
 			description: "fails to leave the namespace",
 			tenantID:    "00000000-0000-4000-0000-000000000000",
 			headers: map[string]string{
-				"X-ID": "000000000000000000000000",
+				"X-ID":        "000000000000000000000000",
+				"X-Tenant-ID": "00000000-0000-4000-0000-000000000000",
 			},
 			requiredMocks: func() {
 				svcMock.
-					On("LeaveNamespace", gomock.Anything, &requests.LeaveNamespace{UserID: "000000000000000000000000", TenantID: "00000000-0000-4000-0000-000000000000"}).
+					On("LeaveNamespace", gomock.Anything, &requests.LeaveNamespace{UserID: "000000000000000000000000", TenantID: "00000000-0000-4000-0000-000000000000", AuthenticatedTenantID: "00000000-0000-4000-0000-000000000000"}).
 					Return(errors.New("error")).
 					Once()
 			},
@@ -429,7 +430,7 @@ func TestHandler_LeaveNamespace(t *testing.T) {
 			},
 			requiredMocks: func() {
 				svcMock.
-					On("LeaveNamespace", gomock.Anything, &requests.LeaveNamespace{UserID: "000000000000000000000000", TenantID: "00000000-0000-4000-0000-000000000000"}).
+					On("LeaveNamespace", gomock.Anything, &requests.LeaveNamespace{UserID: "000000000000000000000000", TenantID: "00000000-0000-4000-0000-000000000000", AuthenticatedTenantID: "00000000-0000-4000-0000-000000000000"}).
 					Return(nil).
 					Once()
 			},
diff --git a/api/services/member.go b/api/services/member.go
@@ -42,7 +42,8 @@ type MemberService interface {
 	// authority than the target member. Owners cannot be removed. Returns the updated namespace and an error, if any.
 	RemoveNamespaceMember(ctx context.Context, req *requests.NamespaceRemoveMember) (*models.Namespace, error)
 
-	// LeaveNamespace allows the authenticated user to remove themselves from the namespace. Owners cannot leave the namespace.
+	// LeaveNamespace allows an authenticated user to remove themselves from a namespace. Owners cannot leave a namespace.
+	// If the user attempts to leave the namespace they are authenticated to, their authentication token will be invalidated.
 	// Returns an error, if any.
 	LeaveNamespace(ctx context.Context, req *requests.LeaveNamespace) error
 }
@@ -221,6 +222,13 @@ func (s *service) RemoveNamespaceMember(ctx context.Context, req *requests.Names
 		return nil, err
 	}
 
+	if err := s.AuthUncacheToken(ctx, req.TenantID, req.UserID); err != nil {
+		log.WithError(err).
+			WithField("tenant_id", req.TenantID).
+			WithField("user_id", req.UserID).
+			Error("failed to uncache the token")
+	}
+
 	return s.store.NamespaceGet(ctx, req.TenantID, s.store.Options().CountAcceptedDevices(), s.store.Options().EnrichMembersData())
 }
 
@@ -238,6 +246,15 @@ func (s *service) LeaveNamespace(ctx context.Context, req *requests.LeaveNamespa
 		return err
 	}
 
+	if req.TenantID == req.AuthenticatedTenantID {
+		if err := s.AuthUncacheToken(ctx, req.TenantID, req.UserID); err != nil {
+			log.WithError(err).
+				WithField("tenant_id", req.TenantID).
+				WithField("user_id", req.UserID).
+				Error("failed to uncache the token")
+		}
+	}
+
 	return nil
 }
 
@@ -253,12 +270,5 @@ func (s *service) removeMember(ctx context.Context, ns *models.Namespace, userID
 		}
 	}
 
-	if err := s.AuthUncacheToken(ctx, ns.TenantID, userID); err != nil {
-		log.WithError(err).
-			WithField("tenant_id", ns.TenantID).
-			WithField("user_id", userID).
-			Error("failed to remove the member")
-	}
-
 	return nil
 }
diff --git a/api/services/member_test.go b/api/services/member_test.go
@@ -11,6 +11,7 @@ import (
 	"github.com/shellhub-io/shellhub/pkg/api/authorizer"
 	"github.com/shellhub-io/shellhub/pkg/api/requests"
 	storecache "github.com/shellhub-io/shellhub/pkg/cache"
+	cachemock "github.com/shellhub-io/shellhub/pkg/cache/mocks"
 	"github.com/shellhub-io/shellhub/pkg/clock"
 	clockmock "github.com/shellhub-io/shellhub/pkg/clock/mocks"
 	"github.com/shellhub-io/shellhub/pkg/envs"
@@ -1565,6 +1566,7 @@ func TestService_LeaveNamespace(t *testing.T) {
 	}
 
 	storeMock := new(storemock.Store)
+	cacheMock := new(cachemock.Cache)
 
 	cases := []struct {
 		description   string
@@ -1575,8 +1577,9 @@ func TestService_LeaveNamespace(t *testing.T) {
 		{
 			description: "fails when the namespace was not found",
 			req: &requests.LeaveNamespace{
-				UserID:   "000000000000000000000000",
-				TenantID: "00000000-0000-4000-0000-000000000000",
+				UserID:                "000000000000000000000000",
+				TenantID:              "00000000-0000-4000-0000-000000000000",
+				AuthenticatedTenantID: "00000000-0000-4000-0000-000000000001",
 			},
 			requiredMocks: func(ctx context.Context) {
 				storeMock.
@@ -1589,8 +1592,9 @@ func TestService_LeaveNamespace(t *testing.T) {
 		{
 			description: "fails when the user is not on the namespace",
 			req: &requests.LeaveNamespace{
-				UserID:   "000000000000000000000000",
-				TenantID: "00000000-0000-4000-0000-000000000000",
+				UserID:                "000000000000000000000000",
+				TenantID:              "00000000-0000-4000-0000-000000000000",
+				AuthenticatedTenantID: "00000000-0000-4000-0000-000000000001",
 			},
 			requiredMocks: func(ctx context.Context) {
 				storeMock.
@@ -1608,8 +1612,9 @@ func TestService_LeaveNamespace(t *testing.T) {
 		{
 			description: "fails when the user is owner",
 			req: &requests.LeaveNamespace{
-				UserID:   "000000000000000000000000",
-				TenantID: "00000000-0000-4000-0000-000000000000",
+				UserID:                "000000000000000000000000",
+				TenantID:              "00000000-0000-4000-0000-000000000000",
+				AuthenticatedTenantID: "00000000-0000-4000-0000-000000000001",
 			},
 			requiredMocks: func(ctx context.Context) {
 				storeMock.
@@ -1632,8 +1637,9 @@ func TestService_LeaveNamespace(t *testing.T) {
 		{
 			description: "fails when cannot remove the member",
 			req: &requests.LeaveNamespace{
-				UserID:   "000000000000000000000000",
-				TenantID: "00000000-0000-4000-0000-000000000000",
+				UserID:                "000000000000000000000000",
+				TenantID:              "00000000-0000-4000-0000-000000000000",
+				AuthenticatedTenantID: "00000000-0000-4000-0000-000000000001",
 			},
 			requiredMocks: func(ctx context.Context) {
 				storeMock.
@@ -1660,8 +1666,38 @@ func TestService_LeaveNamespace(t *testing.T) {
 		{
 			description: "succeeds",
 			req: &requests.LeaveNamespace{
-				UserID:   "000000000000000000000000",
-				TenantID: "00000000-0000-4000-0000-000000000000",
+				UserID:                "000000000000000000000000",
+				TenantID:              "00000000-0000-4000-0000-000000000000",
+				AuthenticatedTenantID: "00000000-0000-4000-0000-000000000001",
+			},
+			requiredMocks: func(ctx context.Context) {
+				storeMock.
+					On("NamespaceGet", ctx, "00000000-0000-4000-0000-000000000000").
+					Return(&models.Namespace{
+						TenantID: "00000000-0000-4000-0000-000000000000",
+						Name:     "namespace",
+						Owner:    "000000000000000000000000",
+						Members: []models.Member{
+							{
+								ID:   "000000000000000000000000",
+								Role: authorizer.RoleAdministrator,
+							},
+						},
+					}, nil).
+					Once()
+				storeMock.
+					On("NamespaceRemoveMember", ctx, "00000000-0000-4000-0000-000000000000", "000000000000000000000000").
+					Return(nil).
+					Once()
+			},
+			expected: Expected{err: nil},
+		},
+		{
+			description: "succeeds when TenantID is equal to AuthenticatedTenantID",
+			req: &requests.LeaveNamespace{
+				UserID:                "000000000000000000000000",
+				TenantID:              "00000000-0000-4000-0000-000000000000",
+				AuthenticatedTenantID: "00000000-0000-4000-0000-000000000000",
 			},
 			requiredMocks: func(ctx context.Context) {
 				storeMock.
@@ -1682,12 +1718,16 @@ func TestService_LeaveNamespace(t *testing.T) {
 					On("NamespaceRemoveMember", ctx, "00000000-0000-4000-0000-000000000000", "000000000000000000000000").
 					Return(nil).
 					Once()
+				cacheMock.
+					On("Delete", ctx, "token_00000000-0000-4000-0000-000000000000000000000000000000000000").
+					Return(nil).
+					Once()
 			},
 			expected: Expected{err: nil},
 		},
 	}
 
-	s := NewService(storeMock, privateKey, publicKey, storecache.NewNullCache(), clientMock)
+	s := NewService(storeMock, privateKey, publicKey, cacheMock, clientMock)
 
 	for _, tc := range cases {
 		t.Run(tc.description, func(t *testing.T) {
diff --git a/pkg/api/requests/namespace.go b/pkg/api/requests/namespace.go
@@ -75,8 +75,11 @@ type NamespaceRemoveMember struct {
 }
 
 type LeaveNamespace struct {
-	UserID   string `header:"X-ID" validate:"required"`
+	UserID string `header:"X-ID" validate:"required"`
+	// TenantID represents the namespace that the user intends to leave.
 	TenantID string `param:"tenant" validate:"required,uuid"`
+	// AuthenticatedTenantID represents the namespace to which the user is currently authenticated.
+	AuthenticatedTenantID string `header:"X-Tenant-ID" validate:"required"`
 }
 
 // SessionEditRecordStatus is the structure to represent the request data for edit session record status endpoint.

Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,8 @@ type MemberService interface {`
`42`	`42`	`// authority than the target member. Owners cannot be removed. Returns the updated namespace and an error, if any.`
`43`	`43`	`RemoveNamespaceMember(ctx context.Context, req requests.NamespaceRemoveMember) (models.Namespace, error)`
`44`	`44`
`45`		`- // LeaveNamespace allows the authenticated user to remove themselves from the namespace. Owners cannot leave the namespace.`
	`45`	`+ // LeaveNamespace allows an authenticated user to remove themselves from a namespace. Owners cannot leave a namespace.`
	`46`	`+ // If the user attempts to leave the namespace they are authenticated to, their authentication token will be invalidated.`
`46`	`47`	`// Returns an error, if any.`
`47`	`48`	`LeaveNamespace(ctx context.Context, req *requests.LeaveNamespace) error`
`48`	`49`	`}`
`@@ -221,6 +222,13 @@ func (s service) RemoveNamespaceMember(ctx context.Context, req requests.Names`
`221`	`222`	`return nil, err`
`222`	`223`	`}`
`223`	`224`
	`225`	`+ if err := s.AuthUncacheToken(ctx, req.TenantID, req.UserID); err != nil {`
	`226`	`+ log.WithError(err).`
	`227`	`+ WithField("tenant_id", req.TenantID).`
	`228`	`+ WithField("user_id", req.UserID).`
	`229`	`+ Error("failed to uncache the token")`
	`230`	`+ }`
	`231`	`+`
`224`	`232`	`return s.store.NamespaceGet(ctx, req.TenantID, s.store.Options().CountAcceptedDevices(), s.store.Options().EnrichMembersData())`
`225`	`233`	`}`
`226`	`234`
`@@ -238,6 +246,15 @@ func (s service) LeaveNamespace(ctx context.Context, req requests.LeaveNamespa`
`238`	`246`	`return err`
`239`	`247`	`}`
`240`	`248`
	`249`	`+ if req.TenantID == req.AuthenticatedTenantID {`
	`250`	`+ if err := s.AuthUncacheToken(ctx, req.TenantID, req.UserID); err != nil {`
	`251`	`+ log.WithError(err).`
	`252`	`+ WithField("tenant_id", req.TenantID).`
	`253`	`+ WithField("user_id", req.UserID).`
	`254`	`+ Error("failed to uncache the token")`
	`255`	`+ }`
	`256`	`+ }`
	`257`	`+`
`241`	`258`	`return nil`
`242`	`259`	`}`
`243`	`260`
`@@ -253,12 +270,5 @@ func (s service) removeMember(ctx context.Context, ns models.Namespace, userID`
`253`	`270`	`}`
`254`	`271`	`}`
`255`	`272`
`256`		`- if err := s.AuthUncacheToken(ctx, ns.TenantID, userID); err != nil {`
`257`		`- log.WithError(err).`
`258`		`- WithField("tenant_id", ns.TenantID).`
`259`		`- WithField("user_id", userID).`
`260`		`- Error("failed to remove the member")`
`261`		`- }`
`262`		`-`
`263`	`273`	`return nil`
`264`	`274`	`}`
Original file line number	Diff line number	Diff line change
`@@ -75,8 +75,11 @@ type NamespaceRemoveMember struct {`
`75`	`75`	`}`
`76`	`76`
`77`	`77`	`type LeaveNamespace struct {`
`78`		- UserID string `header:"X-ID" validate:"required"`
	`78`	+ UserID string `header:"X-ID" validate:"required"`
	`79`	`+ // TenantID represents the namespace that the user intends to leave.`
`79`	`80`	TenantID string `param:"tenant" validate:"required,uuid"`
	`81`	`+ // AuthenticatedTenantID represents the namespace to which the user is currently authenticated.`
	`82`	+ AuthenticatedTenantID string `header:"X-Tenant-ID" validate:"required"`
`80`	`83`	`}`
`81`	`84`
`82`	`85`	`// SessionEditRecordStatus is the structure to represent the request data for edit session record status endpoint.`