sum7/warehost
sum7
/
warehost
Archived
1
0
Fork 0
Code Releases Activity

[TASK] host add profil to logs

This commit is contained in:
Martin Geno 2017-06-02 10:15:09 +02:00
parent cd2f10b54d
commit b69c90d6c6
No known key found for this signature in database
GPG Key ID: F0D39A37E925E941
6 changed files with 96 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
modul/host/apidatabase.go
View File

@ -22,17 +22,19 @@ func getDatabase(w http.ResponseWriter, r *http.Request) (database Database, ret
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
return return
} }
database = Database{} database = Database{ID: id}
db := dbconnection.First(&database)
if login.Superadmin { if db.Error != nil || db.RecordNotFound() {
dbconnection.Where("ID = ?", id).Find(&database) returnerr = &libapi.ErrorResult{Fields: []string{"database"}, Message: "database not found"}
} else { w.WriteHeader(http.StatusNotFound)
dbconnection.Where(map[string]int64{"ID": id, "profil": profil.ID}).Find(&database)
} }
if database.ID <= 0 { if !login.Superadmin {
returnerr = &libapi.ErrorResult{Fields: []string{"database"}, Message: "not found"} if profil.ID != database.ProfilID {
w.WriteHeader(http.StatusNotFound) returnerr = &libapi.ErrorResult{Fields: []string{"profil"}, Message: "not allowed to get database"}
w.WriteHeader(http.StatusForbidden)
}
} }
return return
} }
@ -42,6 +44,7 @@ func databaseList(w http.ResponseWriter, r *http.Request) {
login := ctx.Value("login").(*system.Login) login := ctx.Value("login").(*system.Login)
profil := ctx.Value("profil").(*Profil) profil := ctx.Value("profil").(*Profil)
logger := log.GetLog(r, "databaselist") logger := log.GetLog(r, "databaselist")
logger = setProfilLog(r, logger)
var database []*Database var database []*Database
if login.Superadmin && r.URL.Query().Get("filter") == "all" { if login.Superadmin && r.URL.Query().Get("filter") == "all" {
dbconnection.Preload("Profil").Preload("Profil.Login").Find(&database) dbconnection.Preload("Profil").Preload("Profil.Login").Find(&database)
@ -56,6 +59,7 @@ func databaseAdd(w http.ResponseWriter, r *http.Request) {
ctx := r.Context() ctx := r.Context()
profil := ctx.Value("profil").(*Profil) profil := ctx.Value("profil").(*Profil)
logger := log.GetLog(r, "databaseadd") logger := log.GetLog(r, "databaseadd")
logger = logger.WithField("pID", profil.ID)
var databaseRequest Database var databaseRequest Database
returnerr := libapi.JSONDecoder(w, r, logger, &databaseRequest) returnerr := libapi.JSONDecoder(w, r, logger, &databaseRequest)
@ -82,10 +86,11 @@ func databaseAdd(w http.ResponseWriter, r *http.Request) {
func databaseEdit(w http.ResponseWriter, r *http.Request) { func databaseEdit(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "databaseedit") logger := log.GetLog(r, "databaseedit")
logger = setProfilLog(r, logger)
database, returnerr := getDatabase(w, r) database, returnerr := getDatabase(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
@ -112,10 +117,11 @@ func databaseEdit(w http.ResponseWriter, r *http.Request) {
func databaseDelete(w http.ResponseWriter, r *http.Request) { func databaseDelete(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "databasedelete") logger := log.GetLog(r, "databasedelete")
logger = setProfilLog(r, logger)
database, returnerr := getDatabase(w, r) database, returnerr := getDatabase(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }

36
modul/host/apidomain.go
View File

@ -23,17 +23,20 @@ func getDomain(w http.ResponseWriter, r *http.Request) (domain Domain, returnerr
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
return return
} }
domain = Domain{}
if login.Superadmin { domain = Domain{ID: id}
dbconnection.Where("ID = ?", id).Find(&domain) db := dbconnection.First(&domain)
} else {
dbconnection.Where(map[string]int64{"ID": id, "profil": profil.ID}).Find(&domain) if db.Error != nil || db.RecordNotFound() {
returnerr = &libapi.ErrorResult{Fields: []string{"domain"}, Message: "domain not found"}
w.WriteHeader(http.StatusNotFound)
} }
if domain.ID <= 0 { if !login.Superadmin {
returnerr = &libapi.ErrorResult{Fields: []string{"domain"}, Message: "not found"} if profil.ID != domain.ProfilID {
w.WriteHeader(http.StatusNotFound) returnerr = &libapi.ErrorResult{Fields: []string{"profil"}, Message: "not allowed to get domain"}
w.WriteHeader(http.StatusForbidden)
}
} }
return return
} }
@ -43,6 +46,7 @@ func domainList(w http.ResponseWriter, r *http.Request) {
login := ctx.Value("login").(*system.Login) login := ctx.Value("login").(*system.Login)
profil := ctx.Value("profil").(*Profil) profil := ctx.Value("profil").(*Profil)
logger := log.GetLog(r, "domainlist") logger := log.GetLog(r, "domainlist")
logger = logger.WithField("pID", profil.ID)
var domain []*Domain var domain []*Domain
if login.Superadmin && r.URL.Query().Get("filter") == "all" { if login.Superadmin && r.URL.Query().Get("filter") == "all" {
dbconnection.Preload("Profil").Preload("Profil.Login").Find(&domain) dbconnection.Preload("Profil").Preload("Profil.Login").Find(&domain)
@ -55,13 +59,14 @@ func domainList(w http.ResponseWriter, r *http.Request) {
func domainShow(w http.ResponseWriter, r *http.Request) { func domainShow(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "domainshow") logger := log.GetLog(r, "domainshow")
logger = setProfilLog(r, logger)
domain, returnerr := getDomain(w, r) domain, returnerr := getDomain(w, r)
logger = logger.WithField("dID", domain.ID)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
logger = logger.WithField("dID", domain.ID)
logger.Info("done") logger.Info("done")
libapi.JSONWrite(w, r, domain, nil) libapi.JSONWrite(w, r, domain, nil)
} }
@ -70,6 +75,7 @@ func domainAdd(w http.ResponseWriter, r *http.Request) {
ctx := r.Context() ctx := r.Context()
profil := ctx.Value("profil").(*Profil) profil := ctx.Value("profil").(*Profil)
logger := log.GetLog(r, "domainadd") logger := log.GetLog(r, "domainadd")
logger = setProfilLog(r, logger)
var domainRequest Domain var domainRequest Domain
returnerr := libapi.JSONDecoder(w, r, logger, &domainRequest) returnerr := libapi.JSONDecoder(w, r, logger, &domainRequest)
@ -104,14 +110,15 @@ func domainEdit(w http.ResponseWriter, r *http.Request) {
ctx := r.Context() ctx := r.Context()
login := ctx.Value("login").(*system.Login) login := ctx.Value("login").(*system.Login)
logger := log.GetLog(r, "domainedit") logger := log.GetLog(r, "domainedit")
logger = setProfilLog(r, logger)
domain, returnerr := getDomain(w, r) domain, returnerr := getDomain(w, r)
logger = logger.WithField("dID", domain.ID)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
logger = logger.WithField("dID", domain.ID)
var domainRequest Domain var domainRequest Domain
returnerr = libapi.JSONDecoder(w, r, logger, &domainRequest) returnerr = libapi.JSONDecoder(w, r, logger, &domainRequest)
@ -140,14 +147,15 @@ func domainEdit(w http.ResponseWriter, r *http.Request) {
func domainDelete(w http.ResponseWriter, r *http.Request) { func domainDelete(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "domaindelete") logger := log.GetLog(r, "domaindelete")
logger = setProfilLog(r, logger)
domain, returnerr := getDomain(w, r) domain, returnerr := getDomain(w, r)
logger = logger.WithField("dID", domain.ID)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
logger = logger.WithField("dID", domain.ID)
if err := dbconnection.Unscoped().Delete(domain).Error; err != nil { if err := dbconnection.Unscoped().Delete(domain).Error; err != nil {
logger.Error("database: during create host domain: ", err) logger.Error("database: during create host domain: ", err)

31
modul/host/apimail.go
View File

@ -25,24 +25,30 @@ func getMail(w http.ResponseWriter, r *http.Request) (mail Mail, returnerr *liba
} }
mail = Mail{} mail = Mail{}
if login.Superadmin { db := dbconnection.Where("ID = ?", id).Preload("Domain").Preload("Forwards").First(&mail)
dbconnection.Where("ID = ?", id).Preload("Forwards").Find(&mail)
} else { if db.Error != nil || db.RecordNotFound() {
dbconnection.Where(map[string]int64{"ID": id, "domain.profil": profil.ID}).Preload("Forwards").Find(&mail) returnerr = &libapi.ErrorResult{Fields: []string{"mail"}, Message: "mail not found"}
}
if mail.ID <= 0 {
returnerr = &libapi.ErrorResult{Fields: []string{"mail"}, Message: "not found"}
w.WriteHeader(http.StatusNotFound) w.WriteHeader(http.StatusNotFound)
} }
if !login.Superadmin {
if mail.Domain.ProfilID != profil.ID {
returnerr = &libapi.ErrorResult{Fields: []string{"profil"}, Message: "not allowed to get mail"}
w.WriteHeader(http.StatusForbidden)
}
}
return return
} }
func mailList(w http.ResponseWriter, r *http.Request) { func mailList(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "maillist") logger := log.GetLog(r, "maillist")
var mail []*Mail var mail []*Mail
logger = setProfilLog(r, logger)
domain, returnerr := getDomain(w, r) domain, returnerr := getDomain(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
@ -55,6 +61,7 @@ func mailList(w http.ResponseWriter, r *http.Request) {
func mailAdd(w http.ResponseWriter, r *http.Request) { func mailAdd(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "mailadd") logger := log.GetLog(r, "mailadd")
logger = setProfilLog(r, logger)
var mailRequest Mail var mailRequest Mail
returnerr := libapi.JSONDecoder(w, r, logger, &mailRequest) returnerr := libapi.JSONDecoder(w, r, logger, &mailRequest)
@ -65,7 +72,7 @@ func mailAdd(w http.ResponseWriter, r *http.Request) {
domain, returnerr := getDomain(w, r) domain, returnerr := getDomain(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
@ -95,10 +102,11 @@ func mailAdd(w http.ResponseWriter, r *http.Request) {
func mailEdit(w http.ResponseWriter, r *http.Request) { func mailEdit(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "mailedit") logger := log.GetLog(r, "mailedit")
logger = setProfilLog(r, logger)
mail, returnerr := getMail(w, r) mail, returnerr := getMail(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
@ -150,10 +158,11 @@ func mailEdit(w http.ResponseWriter, r *http.Request) {
func mailDelete(w http.ResponseWriter, r *http.Request) { func mailDelete(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "maildelete") logger := log.GetLog(r, "maildelete")
logger = setProfilLog(r, logger)
mail, returnerr := getMail(w, r) mail, returnerr := getMail(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }

1
modul/host/apiprofil.go
View File

@ -14,6 +14,7 @@ func profilList(w http.ResponseWriter, r *http.Request) {
ctx := r.Context() ctx := r.Context()
login := ctx.Value("login").(*system.Login) login := ctx.Value("login").(*system.Login)
logger := log.GetLog(r, "toggleReseller") logger := log.GetLog(r, "toggleReseller")
if !login.Superadmin { if !login.Superadmin {
logger.Warn("not a superadmin") logger.Warn("not a superadmin")
w.WriteHeader(http.StatusUnauthorized) w.WriteHeader(http.StatusUnauthorized)

31
modul/host/apiweb.go
View File

@ -36,25 +36,29 @@ func getWeb(w http.ResponseWriter, r *http.Request) (web Web, returnerr *libapi.
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
return return
} }
web = Web{} web = Web{ID: id}
if login.Superadmin { db := dbconnection.Where("ID = ?", id).Preload("Domain").Preload("HTTPAccess.Login").Preload("FTPAccess.Login").First(&web)
dbconnection.Where("ID = ?", id).Preload("HTTPAccess.Login").Preload("FTPAccess.Login").Find(&web) if db.Error != nil || db.RecordNotFound() {
} else { returnerr = &libapi.ErrorResult{Fields: []string{"web"}, Message: "web not found"}
dbconnection.Where(map[string]int64{"ID": id, "domain.profil": profil.ID}).Preload("HTTPAccess.Login").Preload("FTPAccess.Login").Find(&web)
}
if web.ID <= 0 {
returnerr = &libapi.ErrorResult{Fields: []string{"web"}, Message: "not found"}
w.WriteHeader(http.StatusNotFound) w.WriteHeader(http.StatusNotFound)
} }
if !login.Superadmin {
if web.Domain.ProfilID != profil.ID {
returnerr = &libapi.ErrorResult{Fields: []string{"profil"}, Message: "not allowed to get web"}
w.WriteHeader(http.StatusForbidden)
}
}
return return
} }
func webList(w http.ResponseWriter, r *http.Request) { func webList(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "weblist") logger := log.GetLog(r, "weblist")
logger = setProfilLog(r, logger)
var web []*Web var web []*Web
domain, returnerr := getDomain(w, r) domain, returnerr := getDomain(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
@ -67,6 +71,7 @@ func webList(w http.ResponseWriter, r *http.Request) {
func webAdd(w http.ResponseWriter, r *http.Request) { func webAdd(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "webadd") logger := log.GetLog(r, "webadd")
logger = setProfilLog(r, logger)
var webRequest Web var webRequest Web
returnerr := libapi.JSONDecoder(w, r, logger, &webRequest) returnerr := libapi.JSONDecoder(w, r, logger, &webRequest)
@ -77,7 +82,7 @@ func webAdd(w http.ResponseWriter, r *http.Request) {
domain, returnerr := getDomain(w, r) domain, returnerr := getDomain(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
@ -115,10 +120,11 @@ func webAdd(w http.ResponseWriter, r *http.Request) {
func webEdit(w http.ResponseWriter, r *http.Request) { func webEdit(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "webedit") logger := log.GetLog(r, "webedit")
logger = setProfilLog(r, logger)
web, returnerr := getWeb(w, r) web, returnerr := getWeb(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }
@ -208,10 +214,11 @@ func webEdit(w http.ResponseWriter, r *http.Request) {
func webDelete(w http.ResponseWriter, r *http.Request) { func webDelete(w http.ResponseWriter, r *http.Request) {
logger := log.GetLog(r, "webdelete") logger := log.GetLog(r, "webdelete")
logger = setProfilLog(r, logger)
web, returnerr := getWeb(w, r) web, returnerr := getWeb(w, r)
if returnerr != nil { if returnerr != nil {
logger.Info("not found") logger.Info(returnerr.Message)
libapi.JSONWrite(w, r, false, returnerr) libapi.JSONWrite(w, r, false, returnerr)
return return
} }

21
modul/host/lib.go
View File

@ -3,6 +3,8 @@ package host
import ( import (
"net/http" "net/http"
"github.com/Sirupsen/logrus"
"context" "context"
libapi "dev.sum7.eu/sum7/warehost/lib/api" libapi "dev.sum7.eu/sum7/warehost/lib/api"
@ -10,6 +12,13 @@ import (
libsystem "dev.sum7.eu/sum7/warehost/system" libsystem "dev.sum7.eu/sum7/warehost/system"
) )
func setProfilLog(r *http.Request, logger *logrus.Entry) *logrus.Entry {
ctx := r.Context()
profil := ctx.Value("profil").(*Profil)
logger = logger.WithField("pID", profil.ID)
return logger
}
//ProfilHandler for api function to get host.Profil //ProfilHandler for api function to get host.Profil
func ProfilHandler(h libapi.Handle) libapi.Handle { func ProfilHandler(h libapi.Handle) libapi.Handle {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
@ -17,14 +26,16 @@ func ProfilHandler(h libapi.Handle) libapi.Handle {
login := ctx.Value("login").(*libsystem.Login) login := ctx.Value("login").(*libsystem.Login)
profil := &Profil{LoginID: login.ID} profil := &Profil{LoginID: login.ID}
dbconnection.Where("login = ?", login.ID).Find(profil)
if profil.ID > 0 { if dbconnection.Where("login = ?", login.ID).First(profil).RecordNotFound() {
liblog.Log.Warn("no profil found")
libapi.JSONWrite(w, r, false, &libapi.ErrorResult{Fields: []string{"session"}, Message: "no profil found"})
return
}
ctx = context.WithValue(ctx, "profil", profil) ctx = context.WithValue(ctx, "profil", profil)
r = r.WithContext(ctx) r = r.WithContext(ctx)
h(w, r) h(w, r)
return return
}
liblog.Log.Warn("no profil found")
libapi.JSONWrite(w, r, false, &libapi.ErrorResult{Fields: []string{"session"}, Message: "no profil found"})
} }
} }