diff --git a/controllers/controlPermissions.go b/controllers/controlPermissions.go index 6c97b1a..1260089 100644 --- a/controllers/controlPermissions.go +++ b/controllers/controlPermissions.go @@ -64,10 +64,10 @@ func AddPermissionHandler(c *gin.Context) { GroupId: input.GroupId, } - //remove leading/trailing spaces in groupname + //remove leading/trailing spaces in permission description p.Description = html.EscapeString(strings.TrimSpace(p.Description)) - // Check if role already exists + // Check if permission definition already exists testPermission, _ := models.PermissionGetByDesc(p.Description) log.Printf("AddPermissionHandler checking if permissions with description '%s' already exists\n", p.Description) @@ -91,3 +91,53 @@ func AddPermissionHandler(c *gin.Context) { c.JSON(http.StatusOK, gin.H{"message": "permission creation success", "data": p}) } + +func DeletePermissionHandler(c *gin.Context) { + var input PermissionInput + + if err := c.ShouldBindJSON(&input); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) + return + } + + // Input validation + if input.PermissionId == 0 && len(input.Description) == 0 { + errString := "no permission description or id specified" + log.Printf("DeletePermissionHandler %s\n", errString) + c.JSON(http.StatusBadRequest, gin.H{"error": errString}) + return + } + + p := models.Permission{ + PermissionId: input.PermissionId, + Description: input.Description, + ReadOnly: input.ReadOnly, + SafeId: input.SafeId, + UserId: input.UserId, + GroupId: input.GroupId, + } + + //remove leading/trailing spaces in permission description + p.Description = html.EscapeString(strings.TrimSpace(p.Description)) + + // Check if permission definition already exists + testPermission, _ := models.PermissionGetByDesc(p.Description) + log.Printf("DeletePermissionHandler confirming permission with description '%s' exists\n", p.Description) + if (models.Permission{} == testPermission) { + errString := fmt.Sprintf("attempt to delete non-existing permission with description '%s'", p.Description) + log.Printf("DeletePermissionHandler %s\n", errString) + c.JSON(http.StatusBadRequest, gin.H{"error": errString}) + return + } else { + err := p.PermissionDelete() + + if err != nil { + errString := fmt.Sprintf("error deleting permission : '%s'", err) + log.Printf("DeletePermissionHandler %s\n", errString) + c.JSON(http.StatusBadRequest, gin.H{"error": errString}) + return + } + + c.JSON(http.StatusOK, gin.H{"message": "permission deletion success"}) + } +} diff --git a/main.go b/main.go index fcfc5ec..e2b2730 100644 --- a/main.go +++ b/main.go @@ -260,6 +260,7 @@ func main() { // Permission functions for admin adminOnly.GET("/permissions", controllers.GetPermissionsHandler) adminOnly.POST("/permission/add", controllers.AddPermissionHandler) + adminOnly.POST("/permission/delete", controllers.DeletePermissionHandler) // Safe functions for admin adminOnly.GET("/safe/listall", controllers.GetAllSafesHandler) diff --git a/models/group.go b/models/group.go index 7954064..07011ed 100644 --- a/models/group.go +++ b/models/group.go @@ -84,7 +84,7 @@ func (g *Group) GroupAdd() (*Group, error) { return g, nil } -// GroupDelete removes a group definition to the database +// GroupDelete removes a group definition from the database func (g *Group) GroupDelete() error { var err error diff --git a/models/permissions.go b/models/permission.go similarity index 70% rename from models/permissions.go rename to models/permission.go index 72dfbee..21d83d8 100644 --- a/models/permissions.go +++ b/models/permission.go @@ -100,3 +100,45 @@ func (p *Permission) PermissionAdd() (*Permission, error) { return p, nil } + +// PermissionDelete removes a permission definition from the database +func (p *Permission) PermissionDelete() error { + var err error + var permission Permission + + // Validate permission exists + if p.PermissionId > 0 { + permission, err = PermissionGetById(p.PermissionId) + } else if len(p.Description) > 0 { + permission, err = PermissionGetByDesc(p.Description) + } else { + errString := "unable to identify permission with supplied parameters" + log.Printf("PermissionDelete %s\n", errString) + return errors.New(errString) + } + + if err != nil && err.Error() == "permission not found" { + log.Printf("PermissionDelete unable to validate group exists : '%s'\n", err) + return err + } + + // Make sure we have a group ID + if p.PermissionId == 0 { + p.PermissionId = permission.PermissionId + } + + // Delete the group + log.Printf("PermissionDelete confirmed group exists, continuing with deletion of permission id %d, '%s'\n", p.PermissionId, p.Description) + result, err := db.NamedExec((`DELETE FROM permissions WHERE PermissionId = :PermissionId`), p) + + if err != nil { + log.Printf("PermissionDelete error executing sql delete : '%s'\n", err) + return err + } else { + affected, _ := result.RowsAffected() + id, _ := result.LastInsertId() + log.Printf("PermissionDelete returned result id '%d' affecting %d row(s).\n", id, affected) + } + + return nil +} diff --git a/models/setup.go b/models/setup.go index ef35bae..16a628c 100644 --- a/models/setup.go +++ b/models/setup.go @@ -37,8 +37,7 @@ const createUsers string = ` UserName VARCHAR, Password VARCHAR, Admin BOOLEAN DEFAULT 0, - LdapUser BOOLEAN DEFAULT 0, - FOREIGN KEY (GroupId) REFERENCES groups(GroupId) + LdapUser BOOLEAN DEFAULT 0 ); ` @@ -279,7 +278,6 @@ func CreateTables() { Password VARCHAR, Admin BOOLEAN DEFAULT 0, LdapUser BOOLEAN DEFAULT 0 - FOREIGN KEY (GroupId) REFERENCES groups(GroupId) ); INSERT INTO users SELECT * FROM _users_old; COMMIT; diff --git a/models/user.go b/models/user.go index 51d6acb..1c68d64 100644 --- a/models/user.go +++ b/models/user.go @@ -116,7 +116,8 @@ func LoginCheck(username string, password string) (string, error) { u := User{} // Query database for matching user object - err = db.QueryRowx("SELECT * FROM Users WHERE Username=?", username).StructScan(&u) + // Use IFNULL to handle situation where a user might not be a member of a group + err = db.QueryRowx("SELECT UserId, IFNULL(GroupId, 0) GroupId, UserName, Password, LdapUser, Admin FROM Users WHERE Username=?", username).StructScan(&u) if err != nil { if err == sql.ErrNoRows {