Mainflux.mainflux/auth/api/grpc/requests.go

// Copyright (c) Mainflux
// SPDX-License-Identifier: Apache-2.0

package grpc

import (
	"github.com/mainflux/mainflux/auth"
)

type identityReq struct {
	token string
	kind  uint32
}

func (req identityReq) validate() error {
	if req.token == "" {
		return auth.ErrMalformedEntity
	}
	if req.kind != auth.UserKey &&
		req.kind != auth.APIKey &&
		req.kind != auth.RecoveryKey {
		return auth.ErrMalformedEntity
	}

	return nil
}

type issueReq struct {
	id      string
	email   string
	keyType uint32
}

func (req issueReq) validate() error {
	if req.email == "" {
		return auth.ErrUnauthorizedAccess
	}
	if req.keyType != auth.UserKey &&
		req.keyType != auth.APIKey &&
		req.keyType != auth.RecoveryKey {
		return auth.ErrMalformedEntity
	}

	return nil
}

type assignReq struct {
	token    string
	groupID  string
	memberID string
}

func (req assignReq) validate() error {
	if req.token == "" {
		return auth.ErrUnauthorizedAccess
	}
	if req.groupID == "" || req.memberID == "" {
		return auth.ErrMalformedEntity
	}
	return nil
}

type membersReq struct {
	token   string
	groupID string
	offset  uint64
	limit   uint64
	typ     string
}

func (req membersReq) validate() error {
	if req.token == "" {
		return auth.ErrUnauthorizedAccess
	}
	if req.groupID == "" {
		return auth.ErrMalformedEntity
	}
	if req.typ == "" {
		return auth.ErrMalformedEntity
	}
	return nil
}

// authReq represents authorization request. It contains:
// 1. subject - an action invoker
// 2. object - an entity over which action will be executed
// 3. action - type of action that will be executed (read/write)
type authReq struct {
	token string
	Sub   string
	Obj   string
	Act   string
}

func (req authReq) validate() error {
	if req.token == "" {
		return auth.ErrMalformedEntity
	}

	if req.Sub == "" {
		return auth.ErrMalformedEntity
	}

	if req.Obj == "" {
		return auth.ErrMalformedEntity
	}

	if req.Act == "" {
		return auth.ErrMalformedEntity
	}

	return nil
}
NOISSUE - Merge authz and authn into new service auth (#1313) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move authz into authn and merge into new service Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add groups endpoints Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add group type Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding mocks, some renaming, refactor Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * update proto Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding mocks, some renaming, refactor Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix linter err,and comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * undo renaming, add interface for authn and authz Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * renam some variables Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * renaming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove extra slashes from comment Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolving small remarks Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> 2020-12-29 23:02:35 +01:00			`// Copyright (c) Mainflux`
			`// SPDX-License-Identifier: Apache-2.0`

			`package grpc`

			`import (`
			`"github.com/mainflux/mainflux/auth"`
			`)`

			`type identityReq struct {`
			`token string`
			`kind uint32`
			`}`

			`func (req identityReq) validate() error {`
			`if req.token == "" {`
			`return auth.ErrMalformedEntity`
			`}`
			`if req.kind != auth.UserKey &&`
			`req.kind != auth.APIKey &&`
			`req.kind != auth.RecoveryKey {`
			`return auth.ErrMalformedEntity`
			`}`

			`return nil`
			`}`

			`type issueReq struct {`
			`id string`
			`email string`
			`keyType uint32`
			`}`

			`func (req issueReq) validate() error {`
			`if req.email == "" {`
			`return auth.ErrUnauthorizedAccess`
			`}`
			`if req.keyType != auth.UserKey &&`
			`req.keyType != auth.APIKey &&`
			`req.keyType != auth.RecoveryKey {`
			`return auth.ErrMalformedEntity`
			`}`

			`return nil`
			`}`

			`type assignReq struct {`
			`token string`
			`groupID string`
			`memberID string`
			`}`

			`func (req assignReq) validate() error {`
			`if req.token == "" {`
			`return auth.ErrUnauthorizedAccess`
			`}`
			`if req.groupID == "" \|\| req.memberID == "" {`
			`return auth.ErrMalformedEntity`
			`}`
			`return nil`
			`}`

			`type membersReq struct {`
			`token string`
			`groupID string`
			`offset uint64`
			`limit uint64`
			`typ string`
			`}`

			`func (req membersReq) validate() error {`
			`if req.token == "" {`
			`return auth.ErrUnauthorizedAccess`
			`}`
			`if req.groupID == "" {`
			`return auth.ErrMalformedEntity`
			`}`
			`if req.typ == "" {`
			`return auth.ErrMalformedEntity`
			`}`
			`return nil`
			`}`

			`// authReq represents authorization request. It contains:`
			`// 1. subject - an action invoker`
			`// 2. object - an entity over which action will be executed`
			`// 3. action - type of action that will be executed (read/write)`
			`type authReq struct {`
			`token string`
			`Sub string`
			`Obj string`
			`Act string`
			`}`

			`func (req authReq) validate() error {`
			`if req.token == "" {`
			`return auth.ErrMalformedEntity`
			`}`

			`if req.Sub == "" {`
			`return auth.ErrMalformedEntity`
			`}`

			`if req.Obj == "" {`
			`return auth.ErrMalformedEntity`
			`}`

			`if req.Act == "" {`
			`return auth.ErrMalformedEntity`
			`}`

			`return nil`
			`}`