refactor:
This commit is contained in:
Vyacheslav1557
parent
81e75e5a9c
commit
d62ae666d5
57 changed files with 656 additions and 310 deletions
4
internal/contests/delivery.go
Normal file
4
internal/contests/delivery.go
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
package contests
|
||||
|
||||
type ContestHandlers interface {
|
||||
}
|
||||
1
internal/contests/delivery/grpc/handlers.go
Normal file
1
internal/contests/delivery/grpc/handlers.go
Normal file
|
|
@ -0,0 +1 @@
|
|||
package grpc
|
||||
13
internal/contests/pg_repository.go
Normal file
13
internal/contests/pg_repository.go
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
package contests
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
)
|
||||
|
||||
type ContestRepository interface {
|
||||
CreateContest(ctx context.Context, contest *models.Contest) (int32, error)
|
||||
ReadContestById(ctx context.Context, id int32) (*models.Contest, error)
|
||||
UpdateContest(ctx context.Context, contest *models.Contest) error
|
||||
DeleteContest(ctx context.Context, id int32) error
|
||||
}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package storage
|
||||
package repository
|
||||
|
||||
import (
|
||||
"context"
|
||||
97
internal/contests/repository/pg_repository.go
Normal file
97
internal/contests/repository/pg_repository.go
Normal file
|
|
@ -0,0 +1,97 @@
|
|||
package repository
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"git.sch9.ru/new_gate/ms-tester/pkg/utils"
|
||||
"github.com/jackc/pgerrcode"
|
||||
"github.com/jackc/pgx/v5/pgconn"
|
||||
"github.com/jmoiron/sqlx"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
type ContestRepository struct {
|
||||
db *sqlx.DB
|
||||
logger *zap.Logger
|
||||
}
|
||||
|
||||
func NewContestRepository(db *sqlx.DB, logger *zap.Logger) *ContestRepository {
|
||||
return &ContestRepository{
|
||||
db: db,
|
||||
logger: logger,
|
||||
}
|
||||
}
|
||||
|
||||
func (r *ContestRepository) CreateContest(ctx context.Context, contest *models.Contest) (int32, error) {
|
||||
query := r.db.Rebind(`
|
||||
INSERT INTO contests
|
||||
(name)
|
||||
VALUES (?)
|
||||
RETURNING id
|
||||
`)
|
||||
|
||||
rows, err := r.db.QueryxContext(
|
||||
ctx,
|
||||
query,
|
||||
contest.Name,
|
||||
)
|
||||
if err != nil {
|
||||
return 0, handlePgErr(err)
|
||||
}
|
||||
|
||||
defer rows.Close()
|
||||
var id int32
|
||||
err = rows.StructScan(&id)
|
||||
if err != nil {
|
||||
return 0, handlePgErr(err)
|
||||
}
|
||||
|
||||
return id, nil
|
||||
|
||||
}
|
||||
|
||||
func (r *ContestRepository) ReadContestById(ctx context.Context, id int32) (*models.Contest, error) {
|
||||
var contest models.Contest
|
||||
query := r.db.Rebind("SELECT * from contests WHERE id=? LIMIT 1")
|
||||
err := r.db.GetContext(ctx, &contest, query, id)
|
||||
if err != nil {
|
||||
return nil, handlePgErr(err)
|
||||
}
|
||||
return &contest, nil
|
||||
}
|
||||
|
||||
func (r *ContestRepository) UpdateContest(ctx context.Context, contest *models.Contest) error {
|
||||
query := r.db.Rebind("UPDATE contests SET name=? WHERE id=?")
|
||||
_, err := r.db.ExecContext(ctx, query, contest.Name, contest.Id)
|
||||
if err != nil {
|
||||
return handlePgErr(err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (r *ContestRepository) DeleteContest(ctx context.Context, id int32) error {
|
||||
query := r.db.Rebind("DELETE FROM contests WHERE id=?")
|
||||
_, err := r.db.ExecContext(ctx, query, id)
|
||||
if err != nil {
|
||||
return handlePgErr(err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func handlePgErr(err error) error {
|
||||
var pgErr *pgconn.PgError
|
||||
if !errors.As(err, &pgErr) {
|
||||
return utils.StorageError(err, utils.ErrUnknown, "unexpected error from postgres")
|
||||
}
|
||||
if pgerrcode.IsIntegrityConstraintViolation(pgErr.Code) {
|
||||
// TODO: probably should specify which constraint
|
||||
return utils.StorageError(err, utils.ErrConflict, pgErr.Message)
|
||||
}
|
||||
if pgerrcode.IsNoData(pgErr.Code) {
|
||||
return utils.StorageError(err, utils.ErrNotFound, pgErr.Message)
|
||||
}
|
||||
return utils.StorageError(err, utils.ErrUnimplemented, "unimplemented error")
|
||||
}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package storage
|
||||
package repository
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package storage
|
||||
package repository
|
||||
|
||||
import (
|
||||
"context"
|
||||
13
internal/contests/usecase.go
Normal file
13
internal/contests/usecase.go
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
package contests
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
)
|
||||
|
||||
type ContestUseCase interface {
|
||||
CreateContest(ctx context.Context, contest *models.Contest) (int32, error)
|
||||
ReadContestById(ctx context.Context, id int32) (*models.Contest, error)
|
||||
UpdateContest(ctx context.Context, contest *models.Contest) error
|
||||
DeleteContest(ctx context.Context, id int32) error
|
||||
}
|
||||
44
internal/contests/usecase/all.rego
Normal file
44
internal/contests/usecase/all.rego
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
package problem.rbac
|
||||
|
||||
import rego.v1
|
||||
|
||||
spectator := 0
|
||||
participant := 1
|
||||
moderator := 2
|
||||
admin := 3
|
||||
|
||||
permissions := {
|
||||
"read": is_spectator,
|
||||
"participate": is_participant,
|
||||
"update": is_moderator,
|
||||
"create": is_moderator,
|
||||
"delete": is_moderator,
|
||||
}
|
||||
|
||||
default allow := false
|
||||
|
||||
allow if is_admin
|
||||
|
||||
allow if {
|
||||
permissions[input.action]
|
||||
}
|
||||
|
||||
default is_admin := false
|
||||
is_admin if {
|
||||
input.user.role == admin
|
||||
}
|
||||
|
||||
default is_moderator := false
|
||||
is_moderator if {
|
||||
input.user.role >= moderator
|
||||
}
|
||||
|
||||
default is_participant := false
|
||||
is_participant if {
|
||||
input.user.role >= participant
|
||||
}
|
||||
|
||||
default is_spectator := true
|
||||
is_spectator if {
|
||||
input.user.role >= spectator
|
||||
}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package services
|
||||
package usecase
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package services
|
||||
package usecase
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
|
@ -1,9 +1,9 @@
|
|||
package services
|
||||
package usecase
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"git.sch9.ru/new_gate/ms-tester/internal/lib"
|
||||
"git.sch9.ru/new_gate/ms-tester/pkg/utils"
|
||||
)
|
||||
|
||||
type TaskStorage interface {
|
||||
|
|
@ -28,14 +28,14 @@ func NewTaskService(
|
|||
|
||||
func (service *TaskService) CreateTask(ctx context.Context, task models.Task) (int32, error) {
|
||||
if !service.permissionService.Allowed(ctx, extractUser(ctx), "create") {
|
||||
return 0, lib.ServiceError(nil, lib.ErrNoPermission, "permission denied")
|
||||
return 0, utils.ServiceError(nil, utils.ErrNoPermission, "permission denied")
|
||||
}
|
||||
return service.taskStorage.CreateTask(ctx, task)
|
||||
}
|
||||
|
||||
func (service *TaskService) DeleteTask(ctx context.Context, id int32) error {
|
||||
if !service.permissionService.Allowed(ctx, extractUser(ctx), "delete") {
|
||||
return lib.ServiceError(nil, lib.ErrNoPermission, "permission denied")
|
||||
return utils.ServiceError(nil, utils.ErrNoPermission, "permission denied")
|
||||
}
|
||||
return service.taskStorage.DeleteTask(ctx, id)
|
||||
}
|
||||
|
|
@ -1,20 +1,13 @@
|
|||
package services
|
||||
package usecase
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"git.sch9.ru/new_gate/ms-tester/internal/lib"
|
||||
"git.sch9.ru/new_gate/ms-tester/internal/contests"
|
||||
)
|
||||
|
||||
type ContestStorage interface {
|
||||
CreateContest(ctx context.Context, contest *models.Contest) (int32, error)
|
||||
ReadContestById(ctx context.Context, id int32) (*models.Contest, error)
|
||||
UpdateContest(ctx context.Context, contest *models.Contest) error
|
||||
DeleteContest(ctx context.Context, id int32) error
|
||||
}
|
||||
|
||||
type ContestService struct {
|
||||
contestStorage ContestStorage
|
||||
contestStorage contests.ContestRepository
|
||||
permissionService IPermissionService
|
||||
}
|
||||
|
||||
4
internal/languages/delivery.go
Normal file
4
internal/languages/delivery.go
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
package languages
|
||||
|
||||
type languageHandlers interface {
|
||||
}
|
||||
1
internal/languages/delivery/grpc/handlers.go
Normal file
1
internal/languages/delivery/grpc/handlers.go
Normal file
|
|
@ -0,0 +1 @@
|
|||
package grpc
|
||||
10
internal/languages/pg_repository.go
Normal file
10
internal/languages/pg_repository.go
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
package languages
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
)
|
||||
|
||||
type LanguageRepository interface {
|
||||
ReadLanguageById(ctx context.Context, id int32) (*models.Language, error)
|
||||
}
|
||||
28
internal/languages/repository/pg_repository.go
Normal file
28
internal/languages/repository/pg_repository.go
Normal file
|
|
@ -0,0 +1,28 @@
|
|||
package repository
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"git.sch9.ru/new_gate/ms-tester/pkg/utils"
|
||||
"github.com/jmoiron/sqlx"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
type LanguageRepository struct {
|
||||
db *sqlx.DB
|
||||
logger *zap.Logger
|
||||
}
|
||||
|
||||
func NewLanguageRepository(db *sqlx.DB, logger *zap.Logger) *LanguageRepository {
|
||||
return &LanguageRepository{
|
||||
db: db,
|
||||
logger: logger,
|
||||
}
|
||||
}
|
||||
|
||||
func (r *LanguageRepository) ReadLanguageById(ctx context.Context, id int32) (*models.Language, error) {
|
||||
if id <= int32(len(models.Languages)) {
|
||||
return nil, utils.StorageError(nil, utils.ErrNotFound, "languages not found")
|
||||
}
|
||||
return &models.Languages[id], nil
|
||||
}
|
||||
10
internal/languages/usecase.go
Normal file
10
internal/languages/usecase.go
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
package languages
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
)
|
||||
|
||||
type LanguageUseCase interface {
|
||||
ReadLanguageById(ctx context.Context, id int32) (*models.Language, error)
|
||||
}
|
||||
44
internal/languages/usecase/all.rego
Normal file
44
internal/languages/usecase/all.rego
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
package problem.rbac
|
||||
|
||||
import rego.v1
|
||||
|
||||
spectator := 0
|
||||
participant := 1
|
||||
moderator := 2
|
||||
admin := 3
|
||||
|
||||
permissions := {
|
||||
"read": is_spectator,
|
||||
"participate": is_participant,
|
||||
"update": is_moderator,
|
||||
"create": is_moderator,
|
||||
"delete": is_moderator,
|
||||
}
|
||||
|
||||
default allow := false
|
||||
|
||||
allow if is_admin
|
||||
|
||||
allow if {
|
||||
permissions[input.action]
|
||||
}
|
||||
|
||||
default is_admin := false
|
||||
is_admin if {
|
||||
input.user.role == admin
|
||||
}
|
||||
|
||||
default is_moderator := false
|
||||
is_moderator if {
|
||||
input.user.role >= moderator
|
||||
}
|
||||
|
||||
default is_participant := false
|
||||
is_participant if {
|
||||
input.user.role >= participant
|
||||
}
|
||||
|
||||
default is_spectator := true
|
||||
is_spectator if {
|
||||
input.user.role >= spectator
|
||||
}
|
||||
39
internal/languages/usecase/permission.go
Normal file
39
internal/languages/usecase/permission.go
Normal file
|
|
@ -0,0 +1,39 @@
|
|||
package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"github.com/open-policy-agent/opa/rego"
|
||||
)
|
||||
|
||||
type PermissionService struct {
|
||||
query *rego.PreparedEvalQuery
|
||||
}
|
||||
|
||||
func NewPermissionService() *PermissionService {
|
||||
query, err := rego.New(
|
||||
rego.Query("allow = data.problem.rbac.allow"),
|
||||
rego.Load([]string{"./opa/all.rego"}, nil),
|
||||
).PrepareForEval(context.TODO())
|
||||
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return &PermissionService{
|
||||
query: &query,
|
||||
}
|
||||
}
|
||||
|
||||
func (s *PermissionService) Allowed(ctx context.Context, user *models.User, action string) bool {
|
||||
input := map[string]interface{}{
|
||||
"user": user,
|
||||
"action": action,
|
||||
}
|
||||
|
||||
result, err := s.query.Eval(ctx, rego.EvalInput(input))
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
return result[0].Bindings["allow"].(bool)
|
||||
}
|
||||
|
|
@ -1,16 +1,13 @@
|
|||
package services
|
||||
package usecase
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"git.sch9.ru/new_gate/ms-tester/internal/languages"
|
||||
)
|
||||
|
||||
type LanguageStorage interface {
|
||||
ReadLanguageById(ctx context.Context, id int32) (*models.Language, error)
|
||||
}
|
||||
|
||||
type LanguageService struct {
|
||||
languageStorage LanguageStorage
|
||||
type LanguageUseCase struct {
|
||||
languageRepo languages.LanguageRepository
|
||||
}
|
||||
|
||||
func NewLanguageService(
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
package lib
|
||||
|
||||
type Config struct {
|
||||
Env string `env:"ENV" env-default:"prod"`
|
||||
Pandoc string `env:"PANDOC" required:"true"`
|
||||
Auth string `env:"AUTH" required:"true"`
|
||||
Address string `env:"ADDRESS" required:"true"`
|
||||
PostgresDSN string `env:"POSTGRES_DSN" required:"true"`
|
||||
}
|
||||
|
|
@ -1,132 +0,0 @@
|
|||
package lib
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"go.uber.org/zap/zapcore"
|
||||
"runtime"
|
||||
)
|
||||
|
||||
type code uint8
|
||||
|
||||
const (
|
||||
ErrValidationFailed code = 1
|
||||
ErrInternal code = 2
|
||||
ErrExternal code = 3
|
||||
ErrNoPermission code = 4
|
||||
ErrUnknown code = 5
|
||||
ErrDeadlineExceeded code = 6
|
||||
ErrNotFound code = 7
|
||||
ErrAlreadyExists code = 8
|
||||
ErrConflict code = 9
|
||||
ErrUnimplemented code = 10
|
||||
ErrBadInput code = 11
|
||||
ErrUnauthenticated code = 12
|
||||
)
|
||||
|
||||
func (c code) String() string {
|
||||
switch {
|
||||
case errors.Is(c, ErrValidationFailed):
|
||||
return "validation error"
|
||||
case errors.Is(c, ErrInternal):
|
||||
return "internal error"
|
||||
case errors.Is(c, ErrExternal):
|
||||
return "external error"
|
||||
case errors.Is(c, ErrNoPermission):
|
||||
return "permission error"
|
||||
case errors.Is(c, ErrUnknown):
|
||||
return "unknown error"
|
||||
case errors.Is(c, ErrDeadlineExceeded):
|
||||
return "deadline error"
|
||||
case errors.Is(c, ErrNotFound):
|
||||
return "not found error"
|
||||
case errors.Is(c, ErrAlreadyExists):
|
||||
return "already exists error"
|
||||
case errors.Is(c, ErrConflict):
|
||||
return "conflict error"
|
||||
case errors.Is(c, ErrUnimplemented):
|
||||
return "unimplemented error"
|
||||
case errors.Is(c, ErrBadInput):
|
||||
return "bad input error"
|
||||
}
|
||||
|
||||
panic("unimplemented")
|
||||
}
|
||||
|
||||
func (c code) Error() string {
|
||||
return c.String()
|
||||
}
|
||||
|
||||
type layer uint8
|
||||
|
||||
const (
|
||||
LayerTransport layer = 1
|
||||
LayerService layer = 2
|
||||
LayerStorage layer = 3
|
||||
)
|
||||
|
||||
func (l layer) String() string {
|
||||
switch l {
|
||||
case LayerTransport:
|
||||
return "transport"
|
||||
case LayerService:
|
||||
return "service"
|
||||
case LayerStorage:
|
||||
return "storage"
|
||||
}
|
||||
|
||||
panic("unimplemented")
|
||||
}
|
||||
|
||||
func location(skip int) string {
|
||||
_, file, line, _ := runtime.Caller(skip)
|
||||
return fmt.Sprintf("%s:%d", file, line)
|
||||
}
|
||||
|
||||
type Error struct {
|
||||
src error
|
||||
layer layer
|
||||
code code
|
||||
msg string
|
||||
loc string
|
||||
}
|
||||
|
||||
func wrap(src error, layer layer, class code, msg string, loc string) *Error {
|
||||
return &Error{
|
||||
src: src,
|
||||
layer: layer,
|
||||
code: class,
|
||||
msg: msg,
|
||||
loc: loc,
|
||||
}
|
||||
}
|
||||
|
||||
func (e *Error) Unwrap() []error {
|
||||
return []error{e.src, e.code}
|
||||
}
|
||||
|
||||
func (e *Error) Error() string {
|
||||
return fmt.Sprintf("%s: %s", e.code.String(), e.msg)
|
||||
}
|
||||
|
||||
func (e *Error) MarshalLogObject(encoder zapcore.ObjectEncoder) error {
|
||||
if e.src != nil {
|
||||
encoder.AddString("src", e.src.Error())
|
||||
}
|
||||
encoder.AddString("layer", e.layer.String())
|
||||
encoder.AddString("code", e.code.String())
|
||||
encoder.AddString("msg", e.msg)
|
||||
return nil
|
||||
}
|
||||
|
||||
func TransportError(src error, code code, msg string) error {
|
||||
return wrap(src, LayerTransport, code, msg, location(2))
|
||||
}
|
||||
|
||||
func ServiceError(src error, code code, msg string) error {
|
||||
return wrap(src, LayerService, code, msg, location(2))
|
||||
}
|
||||
|
||||
func StorageError(src error, code code, msg string) error {
|
||||
return wrap(src, LayerStorage, code, msg, location(2))
|
||||
}
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
package lib
|
||||
|
||||
import (
|
||||
"time"
|
||||
)
|
||||
|
||||
func AsTimeP(t time.Time) *time.Time {
|
||||
return &t
|
||||
}
|
||||
|
||||
func AsInt32P(v int32) *int32 {
|
||||
return &v
|
||||
}
|
||||
|
||||
func AsStringP(str string) *string {
|
||||
return &str
|
||||
}
|
||||
|
|
@ -1,67 +0,0 @@
|
|||
package lib
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"io"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
type PandocClient struct {
|
||||
client *http.Client
|
||||
address string
|
||||
}
|
||||
|
||||
func NewPandocClient(client *http.Client, address string) *PandocClient {
|
||||
return &PandocClient{
|
||||
client: client,
|
||||
address: address,
|
||||
}
|
||||
}
|
||||
|
||||
type convertRequest struct {
|
||||
Text string `json:"text"`
|
||||
From string `json:"from"`
|
||||
To string `json:"to"`
|
||||
}
|
||||
|
||||
func (client *PandocClient) convert(ctx context.Context, text, from, to string) (string, error) {
|
||||
body, err := json.Marshal(convertRequest{
|
||||
Text: text,
|
||||
From: from,
|
||||
To: to,
|
||||
})
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
buf := bytes.NewBuffer(body)
|
||||
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodPost, client.address, buf)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
resp, err := client.client.Do(req)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
defer resp.Body.Close()
|
||||
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
return "", err
|
||||
}
|
||||
|
||||
body, err = io.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return string(body), nil
|
||||
}
|
||||
|
||||
func (client *PandocClient) ConvertLatexToHtml5(ctx context.Context, text string) (string, error) {
|
||||
return client.convert(ctx, text, "latex", "html5")
|
||||
}
|
||||
13
internal/problems/delivery.go
Normal file
13
internal/problems/delivery.go
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
package problems
|
||||
|
||||
import (
|
||||
"context"
|
||||
problemv1 "git.sch9.ru/new_gate/ms-tester/pkg/go/gen/proto/problem/v1"
|
||||
"google.golang.org/protobuf/types/known/emptypb"
|
||||
)
|
||||
|
||||
type Handlers interface {
|
||||
CreateProblem(server problemv1.ProblemService_CreateProblemServer) error
|
||||
ReadProblem(ctx context.Context, req *problemv1.ReadProblemRequest) (*problemv1.ReadProblemResponse, error)
|
||||
DeleteProblem(ctx context.Context, req *problemv1.DeleteProblemRequest) (*emptypb.Empty, error)
|
||||
}
|
||||
|
|
@ -1,10 +1,12 @@
|
|||
package transport
|
||||
package grpc
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"git.sch9.ru/new_gate/ms-tester/internal/lib"
|
||||
"git.sch9.ru/new_gate/ms-tester/internal/problems"
|
||||
problemv1 "git.sch9.ru/new_gate/ms-tester/pkg/go/gen/proto/problem/v1"
|
||||
"git.sch9.ru/new_gate/ms-tester/pkg/utils"
|
||||
"google.golang.org/grpc/codes"
|
||||
"google.golang.org/grpc/status"
|
||||
"google.golang.org/protobuf/types/known/emptypb"
|
||||
|
|
@ -12,10 +14,16 @@ import (
|
|||
"os"
|
||||
)
|
||||
|
||||
func (s *TesterServer) CreateProblem(server problemv1.ProblemService_CreateProblemServer) error {
|
||||
type problemHandlers struct {
|
||||
problemv1.UnimplementedProblemServiceServer
|
||||
|
||||
problemUC problems.ProblemUseCase
|
||||
}
|
||||
|
||||
func (h *problemHandlers) CreateProblem(server problemv1.ProblemService_CreateProblemServer) error {
|
||||
ctx := server.Context()
|
||||
|
||||
if err := s.problemService.CanCreateProblem(ctx); err != nil {
|
||||
if err := h.problemUC.CanCreateProblem(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
|
@ -42,7 +50,7 @@ func (s *TesterServer) CreateProblem(server problemv1.ProblemService_CreateProbl
|
|||
return err // FIXME
|
||||
}
|
||||
|
||||
id, err := s.problemService.CreateProblem(ctx, p) // FIXME
|
||||
id, err := h.problemUC.CreateProblem(ctx, p) // FIXME
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -113,8 +121,8 @@ func readChunks(ctx context.Context, server problemv1.ProblemService_CreateProbl
|
|||
return ch
|
||||
}
|
||||
|
||||
func (s *TesterServer) ReadProblem(ctx context.Context, req *problemv1.ReadProblemRequest) (*problemv1.ReadProblemResponse, error) {
|
||||
problem, err := s.problemService.ReadProblemById(ctx, req.GetId())
|
||||
func (h *problemHandlers) ReadProblem(ctx context.Context, req *problemv1.ReadProblemRequest) (*problemv1.ReadProblemResponse, error) {
|
||||
problem, err := h.problemUC.ReadProblemById(ctx, req.GetId())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -125,13 +133,13 @@ func (s *TesterServer) ReadProblem(ctx context.Context, req *problemv1.ReadProbl
|
|||
Description: *problem.Description,
|
||||
TimeLimit: *problem.TimeLimit,
|
||||
MemoryLimit: *problem.MemoryLimit,
|
||||
CreatedAt: AsTimestampP(problem.CreatedAt),
|
||||
UpdatedAt: AsTimestampP(problem.UpdatedAt),
|
||||
CreatedAt: utils.TimestampP(problem.CreatedAt),
|
||||
UpdatedAt: utils.TimestampP(problem.UpdatedAt),
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
//func (s *TesterServer) UpdateProblem(ctx context.Context, req *problemv1.UpdateProblemRequest) (*emptypb.Empty, error) {
|
||||
//func (h *problemHandlers) UpdateProblem(ctx context.Context, req *problemv1.UpdateProblemRequest) (*emptypb.Empty, error) {
|
||||
// problem := req.GetProblem()
|
||||
// if problem == nil {
|
||||
// return nil, status.Errorf(codes.Unknown, "") // FIXME
|
||||
|
|
@ -153,8 +161,8 @@ func (s *TesterServer) ReadProblem(ctx context.Context, req *problemv1.ReadProbl
|
|||
// return &emptypb.Empty{}, nil
|
||||
//}
|
||||
|
||||
func (s *TesterServer) DeleteProblem(ctx context.Context, req *problemv1.DeleteProblemRequest) (*emptypb.Empty, error) {
|
||||
err := s.problemService.DeleteProblem(ctx, req.GetId())
|
||||
func (h *problemHandlers) DeleteProblem(ctx context.Context, req *problemv1.DeleteProblemRequest) (*emptypb.Empty, error) {
|
||||
err := h.problemUC.DeleteProblem(ctx, req.GetId())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
13
internal/problems/pg_repository.go
Normal file
13
internal/problems/pg_repository.go
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
package problems
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
)
|
||||
|
||||
type ProblemPostgresRepository interface {
|
||||
CreateProblem(ctx context.Context, problem *models.Problem, testGroupData []models.TestGroupData) (int32, error)
|
||||
ReadProblemById(ctx context.Context, id int32) (*models.Problem, error)
|
||||
UpdateProblem(ctx context.Context, problem *models.Problem) error
|
||||
DeleteProblem(ctx context.Context, id int32) error
|
||||
}
|
||||
|
|
@ -1,26 +1,29 @@
|
|||
package storage
|
||||
package repository
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"git.sch9.ru/new_gate/ms-tester/pkg/utils"
|
||||
"github.com/jackc/pgerrcode"
|
||||
"github.com/jackc/pgx/v5/pgconn"
|
||||
"github.com/jmoiron/sqlx"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
type ProblemStorage struct {
|
||||
type ProblemRepository struct {
|
||||
db *sqlx.DB
|
||||
logger *zap.Logger
|
||||
}
|
||||
|
||||
func NewProblemStorage(db *sqlx.DB, logger *zap.Logger) *ProblemStorage {
|
||||
return &ProblemStorage{
|
||||
func NewProblemRepository(db *sqlx.DB, logger *zap.Logger) *ProblemRepository {
|
||||
return &ProblemRepository{
|
||||
db: db,
|
||||
logger: logger,
|
||||
}
|
||||
}
|
||||
|
||||
func (storage *ProblemStorage) CreateProblem(ctx context.Context, problem *models.Problem, testGroupData []models.TestGroupData) (int32, error) {
|
||||
func (storage *ProblemRepository) CreateProblem(ctx context.Context, problem *models.Problem, testGroupData []models.TestGroupData) (int32, error) {
|
||||
tx, err := storage.db.Beginx()
|
||||
if err != nil {
|
||||
return 0, handlePgErr(err)
|
||||
|
|
@ -80,7 +83,7 @@ RETURNING id
|
|||
return id, nil
|
||||
}
|
||||
|
||||
func (storage *ProblemStorage) ReadProblemById(ctx context.Context, id int32) (*models.Problem, error) {
|
||||
func (storage *ProblemRepository) ReadProblemById(ctx context.Context, id int32) (*models.Problem, error) {
|
||||
var problem models.Problem
|
||||
query := storage.db.Rebind("SELECT * from problems WHERE id=? LIMIT 1")
|
||||
err := storage.db.GetContext(ctx, &problem, query, id)
|
||||
|
|
@ -90,7 +93,7 @@ func (storage *ProblemStorage) ReadProblemById(ctx context.Context, id int32) (*
|
|||
return &problem, nil
|
||||
}
|
||||
|
||||
func (storage *ProblemStorage) UpdateProblem(ctx context.Context, problem *models.Problem) error {
|
||||
func (storage *ProblemRepository) UpdateProblem(ctx context.Context, problem *models.Problem) error {
|
||||
query := storage.db.Rebind("UPDATE problems SET name=?,description=?,time_limit=?,memory_limit=? WHERE id=?")
|
||||
_, err := storage.db.ExecContext(ctx, query, problem.Name, problem.Description, problem.TimeLimit, problem.MemoryLimit, problem.Id)
|
||||
if err != nil {
|
||||
|
|
@ -99,7 +102,7 @@ func (storage *ProblemStorage) UpdateProblem(ctx context.Context, problem *model
|
|||
return nil
|
||||
}
|
||||
|
||||
func (storage *ProblemStorage) DeleteProblem(ctx context.Context, id int32) error {
|
||||
func (storage *ProblemRepository) DeleteProblem(ctx context.Context, id int32) error {
|
||||
query := storage.db.Rebind("DELETE FROM problems WHERE id=?")
|
||||
_, err := storage.db.ExecContext(ctx, query, id)
|
||||
if err != nil {
|
||||
|
|
@ -108,3 +111,18 @@ func (storage *ProblemStorage) DeleteProblem(ctx context.Context, id int32) erro
|
|||
|
||||
return nil
|
||||
}
|
||||
|
||||
func handlePgErr(err error) error {
|
||||
var pgErr *pgconn.PgError
|
||||
if !errors.As(err, &pgErr) {
|
||||
return utils.StorageError(err, utils.ErrUnknown, "unexpected error from postgres")
|
||||
}
|
||||
if pgerrcode.IsIntegrityConstraintViolation(pgErr.Code) {
|
||||
// TODO: probably should specify which constraint
|
||||
return utils.StorageError(err, utils.ErrConflict, pgErr.Message)
|
||||
}
|
||||
if pgerrcode.IsNoData(pgErr.Code) {
|
||||
return utils.StorageError(err, utils.ErrNotFound, pgErr.Message)
|
||||
}
|
||||
return utils.StorageError(err, utils.ErrUnimplemented, "unimplemented error")
|
||||
}
|
||||
17
internal/problems/usecase.go
Normal file
17
internal/problems/usecase.go
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
package problems
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
)
|
||||
|
||||
type ProblemUseCase interface {
|
||||
CanCreateProblem(ctx context.Context) error
|
||||
CanReadProblemById(ctx context.Context) error
|
||||
CanUpdateProblem(ctx context.Context) error
|
||||
CanDeleteProblem(ctx context.Context) error
|
||||
CreateProblem(ctx context.Context, problem *models.Problem) (int32, error)
|
||||
ReadProblemById(ctx context.Context, id int32) (*models.Problem, error)
|
||||
UpdateProblem(ctx context.Context, problem *models.Problem) error
|
||||
DeleteProblem(ctx context.Context, id int32) error
|
||||
}
|
||||
44
internal/problems/usecase/all.rego
Normal file
44
internal/problems/usecase/all.rego
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
package problem.rbac
|
||||
|
||||
import rego.v1
|
||||
|
||||
spectator := 0
|
||||
participant := 1
|
||||
moderator := 2
|
||||
admin := 3
|
||||
|
||||
permissions := {
|
||||
"read": is_spectator,
|
||||
"participate": is_participant,
|
||||
"update": is_moderator,
|
||||
"create": is_moderator,
|
||||
"delete": is_moderator,
|
||||
}
|
||||
|
||||
default allow := false
|
||||
|
||||
allow if is_admin
|
||||
|
||||
allow if {
|
||||
permissions[input.action]
|
||||
}
|
||||
|
||||
default is_admin := false
|
||||
is_admin if {
|
||||
input.user.role == admin
|
||||
}
|
||||
|
||||
default is_moderator := false
|
||||
is_moderator if {
|
||||
input.user.role >= moderator
|
||||
}
|
||||
|
||||
default is_participant := false
|
||||
is_participant if {
|
||||
input.user.role >= participant
|
||||
}
|
||||
|
||||
default is_spectator := true
|
||||
is_spectator if {
|
||||
input.user.role >= spectator
|
||||
}
|
||||
39
internal/problems/usecase/permission.go
Normal file
39
internal/problems/usecase/permission.go
Normal file
|
|
@ -0,0 +1,39 @@
|
|||
package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"github.com/open-policy-agent/opa/rego"
|
||||
)
|
||||
|
||||
type PermissionService struct {
|
||||
query *rego.PreparedEvalQuery
|
||||
}
|
||||
|
||||
func NewPermissionService() *PermissionService {
|
||||
query, err := rego.New(
|
||||
rego.Query("allow = data.problem.rbac.allow"),
|
||||
rego.Load([]string{"./opa/all.rego"}, nil),
|
||||
).PrepareForEval(context.TODO())
|
||||
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return &PermissionService{
|
||||
query: &query,
|
||||
}
|
||||
}
|
||||
|
||||
func (s *PermissionService) Allowed(ctx context.Context, user *models.User, action string) bool {
|
||||
input := map[string]interface{}{
|
||||
"user": user,
|
||||
"action": action,
|
||||
}
|
||||
|
||||
result, err := s.query.Eval(ctx, rego.EvalInput(input))
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
return result[0].Bindings["allow"].(bool)
|
||||
}
|
||||
|
|
@ -1,9 +1,10 @@
|
|||
package services
|
||||
package usecase
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"git.sch9.ru/new_gate/ms-tester/internal/lib"
|
||||
"git.sch9.ru/new_gate/ms-tester/pkg/external/pandoc"
|
||||
)
|
||||
|
||||
type ProblemStorage interface {
|
||||
|
|
@ -13,26 +14,22 @@ type ProblemStorage interface {
|
|||
DeleteProblem(ctx context.Context, id int32) error
|
||||
}
|
||||
|
||||
type PandocClient interface {
|
||||
ConvertLatexToHtml5(ctx context.Context, text string) (string, error)
|
||||
}
|
||||
|
||||
type IPermissionService interface {
|
||||
Allowed(ctx context.Context, user *models.User, action string) bool
|
||||
}
|
||||
|
||||
type ProblemService struct {
|
||||
type ProblemUseCase struct {
|
||||
problemStorage ProblemStorage
|
||||
pandocClient PandocClient
|
||||
pandocClient pandoc.PandocClient
|
||||
permissionService IPermissionService
|
||||
}
|
||||
|
||||
func NewProblemService(
|
||||
func NewProblemUseCase(
|
||||
problemStorage ProblemStorage,
|
||||
pandocClient PandocClient,
|
||||
pandocClient pandoc.PandocClient,
|
||||
permissionService IPermissionService,
|
||||
) *ProblemService {
|
||||
return &ProblemService{
|
||||
) *ProblemUseCase {
|
||||
return &ProblemUseCase{
|
||||
problemStorage: problemStorage,
|
||||
pandocClient: pandocClient,
|
||||
permissionService: permissionService,
|
||||
|
|
@ -43,35 +40,35 @@ func extractUser(ctx context.Context) *models.User {
|
|||
return ctx.Value("user").(*models.User)
|
||||
}
|
||||
|
||||
func (service *ProblemService) CanCreateProblem(ctx context.Context) error {
|
||||
func (service *ProblemUseCase) CanCreateProblem(ctx context.Context) error {
|
||||
if !service.permissionService.Allowed(ctx, extractUser(ctx), "create") {
|
||||
return lib.ServiceError(nil, lib.ErrNoPermission, "permission denied")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (service *ProblemService) CanReadProblemById(ctx context.Context) error {
|
||||
func (service *ProblemUseCase) CanReadProblemById(ctx context.Context) error {
|
||||
if !service.permissionService.Allowed(ctx, extractUser(ctx), "read") {
|
||||
return lib.ServiceError(nil, lib.ErrNoPermission, "permission denied")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (service *ProblemService) CanUpdateProblem(ctx context.Context) error {
|
||||
func (service *ProblemUseCase) CanUpdateProblem(ctx context.Context) error {
|
||||
if !service.permissionService.Allowed(ctx, extractUser(ctx), "update") {
|
||||
return lib.ServiceError(nil, lib.ErrNoPermission, "permission denied")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (service *ProblemService) CanDeleteProblem(ctx context.Context) error {
|
||||
func (service *ProblemUseCase) CanDeleteProblem(ctx context.Context) error {
|
||||
if !service.permissionService.Allowed(ctx, extractUser(ctx), "delete") {
|
||||
return lib.ServiceError(nil, lib.ErrNoPermission, "permission denied")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (service *ProblemService) CreateProblem(ctx context.Context, problem *models.Problem) (int32, error) {
|
||||
func (service *ProblemUseCase) CreateProblem(ctx context.Context, problem *models.Problem) (int32, error) {
|
||||
if err := service.CanCreateProblem(ctx); err != nil {
|
||||
return 0, err
|
||||
}
|
||||
|
|
@ -82,21 +79,21 @@ func (service *ProblemService) CreateProblem(ctx context.Context, problem *model
|
|||
return service.problemStorage.CreateProblem(ctx, problem, nil)
|
||||
}
|
||||
|
||||
func (service *ProblemService) ReadProblemById(ctx context.Context, id int32) (*models.Problem, error) {
|
||||
func (service *ProblemUseCase) ReadProblemById(ctx context.Context, id int32) (*models.Problem, error) {
|
||||
if err := service.CanReadProblemById(ctx); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return service.problemStorage.ReadProblemById(ctx, id)
|
||||
}
|
||||
|
||||
func (service *ProblemService) UpdateProblem(ctx context.Context, problem *models.Problem) error {
|
||||
func (service *ProblemUseCase) UpdateProblem(ctx context.Context, problem *models.Problem) error {
|
||||
if err := service.CanUpdateProblem(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
return service.problemStorage.UpdateProblem(ctx, problem)
|
||||
}
|
||||
|
||||
func (service *ProblemService) DeleteProblem(ctx context.Context, id int32) error {
|
||||
func (service *ProblemUseCase) DeleteProblem(ctx context.Context, id int32) error {
|
||||
if err := service.CanDeleteProblem(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -1,29 +0,0 @@
|
|||
package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
)
|
||||
|
||||
type UserStorage interface {
|
||||
CreateUser(ctx context.Context, user *models.User) error
|
||||
ReadUserById(ctx context.Context, userId int32) (*models.User, error)
|
||||
}
|
||||
|
||||
type UserService struct {
|
||||
userStorage UserStorage
|
||||
}
|
||||
|
||||
func NewUserService(userStorage UserStorage) *UserService {
|
||||
return &UserService{
|
||||
userStorage: userStorage,
|
||||
}
|
||||
}
|
||||
|
||||
func (s *UserService) CreateUser(ctx context.Context, user *models.User) error {
|
||||
return s.userStorage.CreateUser(ctx, user)
|
||||
}
|
||||
|
||||
func (s *UserService) ReadUserById(ctx context.Context, userId int32) (*models.User, error) {
|
||||
return s.userStorage.ReadUserById(ctx, userId)
|
||||
}
|
||||
|
|
@ -1,78 +0,0 @@
|
|||
package storage
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"github.com/jmoiron/sqlx"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
type ContestStorage struct {
|
||||
db *sqlx.DB
|
||||
logger *zap.Logger
|
||||
}
|
||||
|
||||
func NewContestStorage(db *sqlx.DB, logger *zap.Logger) *ContestStorage {
|
||||
return &ContestStorage{
|
||||
db: db,
|
||||
logger: logger,
|
||||
}
|
||||
}
|
||||
|
||||
func (storage *ContestStorage) CreateContest(ctx context.Context, contest *models.Contest) (int32, error) {
|
||||
query := storage.db.Rebind(`
|
||||
INSERT INTO contests
|
||||
(name)
|
||||
VALUES (?)
|
||||
RETURNING id
|
||||
`)
|
||||
|
||||
rows, err := storage.db.QueryxContext(
|
||||
ctx,
|
||||
query,
|
||||
contest.Name,
|
||||
)
|
||||
if err != nil {
|
||||
return 0, handlePgErr(err)
|
||||
}
|
||||
|
||||
defer rows.Close()
|
||||
var id int32
|
||||
err = rows.StructScan(&id)
|
||||
if err != nil {
|
||||
return 0, handlePgErr(err)
|
||||
}
|
||||
|
||||
return id, nil
|
||||
|
||||
}
|
||||
|
||||
func (storage *ContestStorage) ReadContestById(ctx context.Context, id int32) (*models.Contest, error) {
|
||||
var contest models.Contest
|
||||
query := storage.db.Rebind("SELECT * from contests WHERE id=? LIMIT 1")
|
||||
err := storage.db.GetContext(ctx, &contest, query, id)
|
||||
if err != nil {
|
||||
return nil, handlePgErr(err)
|
||||
}
|
||||
return &contest, nil
|
||||
}
|
||||
|
||||
func (storage *ContestStorage) UpdateContest(ctx context.Context, contest *models.Contest) error {
|
||||
query := storage.db.Rebind("UPDATE contests SET name=? WHERE id=?")
|
||||
_, err := storage.db.ExecContext(ctx, query, contest.Name, contest.Id)
|
||||
if err != nil {
|
||||
return handlePgErr(err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (storage *ContestStorage) DeleteContest(ctx context.Context, id int32) error {
|
||||
query := storage.db.Rebind("DELETE FROM contests WHERE id=?")
|
||||
_, err := storage.db.ExecContext(ctx, query, id)
|
||||
if err != nil {
|
||||
return handlePgErr(err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
@ -1,23 +0,0 @@
|
|||
package storage
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"git.sch9.ru/new_gate/ms-tester/internal/lib"
|
||||
"github.com/jackc/pgerrcode"
|
||||
"github.com/jackc/pgx/v5/pgconn"
|
||||
)
|
||||
|
||||
func handlePgErr(err error) error {
|
||||
var pgErr *pgconn.PgError
|
||||
if !errors.As(err, &pgErr) {
|
||||
return lib.StorageError(err, lib.ErrUnknown, "unexpected error from postgres")
|
||||
}
|
||||
if pgerrcode.IsIntegrityConstraintViolation(pgErr.Code) {
|
||||
// TODO: probably should specify which constraint
|
||||
return lib.StorageError(err, lib.ErrConflict, pgErr.Message)
|
||||
}
|
||||
if pgerrcode.IsNoData(pgErr.Code) {
|
||||
return lib.StorageError(err, lib.ErrNotFound, pgErr.Message)
|
||||
}
|
||||
return lib.StorageError(err, lib.ErrUnimplemented, "unimplemented error")
|
||||
}
|
||||
|
|
@ -1,28 +0,0 @@
|
|||
package storage
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"git.sch9.ru/new_gate/ms-tester/internal/lib"
|
||||
"github.com/jmoiron/sqlx"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
type LanguageStorage struct {
|
||||
db *sqlx.DB
|
||||
logger *zap.Logger
|
||||
}
|
||||
|
||||
func NewLanguageStorage(db *sqlx.DB, logger *zap.Logger) *LanguageStorage {
|
||||
return &LanguageStorage{
|
||||
db: db,
|
||||
logger: logger,
|
||||
}
|
||||
}
|
||||
|
||||
func (storage *LanguageStorage) ReadLanguageById(ctx context.Context, id int32) (*models.Language, error) {
|
||||
if id <= int32(len(models.Languages)) {
|
||||
return nil, lib.StorageError(nil, lib.ErrNotFound, "language not found")
|
||||
}
|
||||
return &models.Languages[id], nil
|
||||
}
|
||||
|
|
@ -1,42 +0,0 @@
|
|||
package storage
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"github.com/jmoiron/sqlx"
|
||||
)
|
||||
|
||||
type UserStorage struct {
|
||||
db *sqlx.DB
|
||||
}
|
||||
|
||||
func NewUserStorage(db *sqlx.DB) *UserStorage {
|
||||
return &UserStorage{
|
||||
db: db,
|
||||
}
|
||||
}
|
||||
|
||||
func (storage *UserStorage) CreateUser(ctx context.Context, user *models.User) error {
|
||||
query := storage.db.Rebind("INSERT INTO users (user_id, role) VALUES (?, ?)")
|
||||
_, err := storage.db.ExecContext(ctx, query, user.UserId, user.Role)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (storage *UserStorage) ReadUserById(ctx context.Context, userId int32) (*models.User, error) {
|
||||
query := storage.db.Rebind(`
|
||||
SELECT *
|
||||
FROM users
|
||||
WHERE user_id = ?
|
||||
LIMIT 1;
|
||||
`)
|
||||
|
||||
var user models.User
|
||||
err := storage.db.GetContext(ctx, &user, query, userId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &user, nil
|
||||
}
|
||||
1
internal/tester/delivery.go
Normal file
1
internal/tester/delivery.go
Normal file
|
|
@ -0,0 +1 @@
|
|||
package tester
|
||||
1
internal/tester/delivery/grpc/handlers.go
Normal file
1
internal/tester/delivery/grpc/handlers.go
Normal file
|
|
@ -0,0 +1 @@
|
|||
package grpc
|
||||
1
internal/tester/pg_repository.go
Normal file
1
internal/tester/pg_repository.go
Normal file
|
|
@ -0,0 +1 @@
|
|||
package tester
|
||||
1
internal/tester/repository/pg_repository.go
Normal file
1
internal/tester/repository/pg_repository.go
Normal file
|
|
@ -0,0 +1 @@
|
|||
package repository
|
||||
1
internal/tester/usecase.go
Normal file
1
internal/tester/usecase.go
Normal file
|
|
@ -0,0 +1 @@
|
|||
package tester
|
||||
44
internal/tester/usecase/all.rego
Normal file
44
internal/tester/usecase/all.rego
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
package problem.rbac
|
||||
|
||||
import rego.v1
|
||||
|
||||
spectator := 0
|
||||
participant := 1
|
||||
moderator := 2
|
||||
admin := 3
|
||||
|
||||
permissions := {
|
||||
"read": is_spectator,
|
||||
"participate": is_participant,
|
||||
"update": is_moderator,
|
||||
"create": is_moderator,
|
||||
"delete": is_moderator,
|
||||
}
|
||||
|
||||
default allow := false
|
||||
|
||||
allow if is_admin
|
||||
|
||||
allow if {
|
||||
permissions[input.action]
|
||||
}
|
||||
|
||||
default is_admin := false
|
||||
is_admin if {
|
||||
input.user.role == admin
|
||||
}
|
||||
|
||||
default is_moderator := false
|
||||
is_moderator if {
|
||||
input.user.role >= moderator
|
||||
}
|
||||
|
||||
default is_participant := false
|
||||
is_participant if {
|
||||
input.user.role >= participant
|
||||
}
|
||||
|
||||
default is_spectator := true
|
||||
is_spectator if {
|
||||
input.user.role >= spectator
|
||||
}
|
||||
39
internal/tester/usecase/permission.go
Normal file
39
internal/tester/usecase/permission.go
Normal file
|
|
@ -0,0 +1,39 @@
|
|||
package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"git.sch9.ru/new_gate/models"
|
||||
"github.com/open-policy-agent/opa/rego"
|
||||
)
|
||||
|
||||
type PermissionService struct {
|
||||
query *rego.PreparedEvalQuery
|
||||
}
|
||||
|
||||
func NewPermissionService() *PermissionService {
|
||||
query, err := rego.New(
|
||||
rego.Query("allow = data.problem.rbac.allow"),
|
||||
rego.Load([]string{"./opa/all.rego"}, nil),
|
||||
).PrepareForEval(context.TODO())
|
||||
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return &PermissionService{
|
||||
query: &query,
|
||||
}
|
||||
}
|
||||
|
||||
func (s *PermissionService) Allowed(ctx context.Context, user *models.User, action string) bool {
|
||||
input := map[string]interface{}{
|
||||
"user": user,
|
||||
"action": action,
|
||||
}
|
||||
|
||||
result, err := s.query.Eval(ctx, rego.EvalInput(input))
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
return result[0].Bindings["allow"].(bool)
|
||||
}
|
||||
1
internal/tester/usecase/usecase.go
Normal file
1
internal/tester/usecase/usecase.go
Normal file
|
|
@ -0,0 +1 @@
|
|||
package usecase
|
||||
Loading…
Add table
Add a link
Reference in a new issue