mirror of
https://github.com/mainflux/mainflux.git
synced 2025-04-27 13:48:49 +08:00
55e09c1921
* Move Things and Users to Clients Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Update Add and Delete Policies (#1792) * Remove Policy Action Ranks Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Rebase Issues Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix CI Test Errors Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Adding Check on Subject For Clients Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Remove Check Client Exists Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Check When Sharing Clients Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Only Add User to Group When Sharing Things Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Remove clientType Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Minor Fix on ShareClient and Fix Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Policies Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Clean Up Things Authorization Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Tests on RetrieveAll Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Test ShareThing Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Merge Conflicts Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Remove Adding Policies. Only Use Ownership Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Check If Subject is same as Object Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Move Back To Union As Sometimes Policy is Empty and Fails to Evaluate on Ownership Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Entity Type For Failing Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix BUG in policy evaluation Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Comments Regarding checkAdmin Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Tests On Rebase Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Combine Authorize For Things and Users Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Tests On Rebase Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Error on Things SVC `unsupported protocol scheme` Signed-off-by: rodneyosodo <blackd0t@protonmail.com> --------- Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * Fix Bug on Things Authorization Cache (#1810) Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * Use Password instead of username in MQTT handler Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * Simplify MQTT authorization Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * Fix MQTT tests Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add More Functions to SDK (#1811) * Add More Functions to SDK Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Examples to GoDoc Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Update Unassign Interface Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Pass Subject as ID and Not Token on List Channels By Thing Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Bootstrap Errors For Element Check Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add empty line Before Return Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Reorder URLS in things mux Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Listing Things Policies Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Share Thing Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Examples to CLI Docs Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Update Identity To Update Another User Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Identify an Update Policies on Things Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Update Things Policies Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix GoDocs on Disconnect Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Change Authorize To Use AccessRequest Signed-off-by: rodneyosodo <blackd0t@protonmail.com> --------- Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * For Evaluate Policy Use AccessRequest (#1814) Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add SDK Tests (#1812) * Add Things Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Channel Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Certs Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Consumer Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Enrich Group Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Tests For Health Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Tests For Tokens Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Rename SDK for Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Policies Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Linter Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Fix Tests Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Make Variable Defination Inline Signed-off-by: rodneyosodo <blackd0t@protonmail.com> --------- Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Make Cache Key Duration Configurable (#1815) * Make Cache Key Duration Configurable Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Rename ENV Var Signed-off-by: rodneyosodo <blackd0t@protonmail.com> --------- Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Update GoDocs (#1816) * Add GoDocs Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add Missing GoDoc Files Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Enable godot Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Add License Information Signed-off-by: rodneyosodo <blackd0t@protonmail.com> --------- Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add Call Home Client to Mainflux services (#1751) * Move Things and Users to Clients Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: SammyOina <sammyoina@gmail.com> * collect and send data package Signed-off-by: SammyOina <sammyoina@gmail.com> * create telemetry migrations Signed-off-by: SammyOina <sammyoina@gmail.com> * add telemetry endpoints Signed-off-by: SammyOina <sammyoina@gmail.com> * add transport Signed-off-by: SammyOina <sammyoina@gmail.com> * create service Signed-off-by: SammyOina <sammyoina@gmail.com> * remove homing server Signed-off-by: SammyOina <sammyoina@gmail.com> * add call home to adapters Signed-off-by: SammyOina <sammyoina@gmail.com> * add last seen Signed-off-by: SammyOina <sammyoina@gmail.com> * rename logger Signed-off-by: SammyOina <sammyoina@gmail.com> * remove homing client Signed-off-by: SammyOina <sammyoina@gmail.com> * use unmerged repo Signed-off-by: SammyOina <sammyoina@gmail.com> * use renamed module Signed-off-by: SammyOina <sammyoina@gmail.com> * update call home version Signed-off-by: SammyOina <sammyoina@gmail.com> * edit documentation Signed-off-by: SammyOina <sammyoina@gmail.com> * align table Signed-off-by: SammyOina <sammyoina@gmail.com> * use alias for call home client Signed-off-by: SammyOina <sammyoina@gmail.com> * update callhome Signed-off-by: SammyOina <sammyoina@gmail.com> * update call home pkg Signed-off-by: SammyOina <sammyoina@gmail.com> * update call home Signed-off-by: SammyOina <sammyoina@gmail.com> * fix modules Signed-off-by: SammyOina <sammyoina@gmail.com> * use mf build version Signed-off-by: SammyOina <sammyoina@gmail.com> * use mf build version Signed-off-by: SammyOina <sammyoina@gmail.com> * restore default Signed-off-by: SammyOina <sammyoina@gmail.com> * add call home for users and things Signed-off-by: SammyOina <sammyoina@gmail.com> * enable opting on call home Signed-off-by: SammyOina <sammyoina@gmail.com> * remove full stops Signed-off-by: SammyOina <sammyoina@gmail.com> * update callhome client Signed-off-by: SammyOina <sammyoina@gmail.com> * add call home to all services Signed-off-by: SammyOina <sammyoina@gmail.com> * fix build Signed-off-by: SammyOina <sammyoina@gmail.com> * restore sdk tests Signed-off-by: SammyOina <sammyoina@gmail.com> * remove unnecessary changes Signed-off-by: SammyOina <sammyoina@gmail.com> * restore health_test.go Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: SammyOina <sammyoina@gmail.com> Co-authored-by: b1ackd0t <blackd0t@protonmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> --------- Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> Signed-off-by: rodneyosodo <blackd0t@protonmail.com> Signed-off-by: SammyOina <sammyoina@gmail.com> Co-authored-by: b1ackd0t <blackd0t@protonmail.com> Co-authored-by: Sammy Kerata Oina <44265300+SammyOina@users.noreply.github.com>
231 lines
6.5 KiB
Go
231 lines
6.5 KiB
Go
package sdk
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/mainflux/mainflux/pkg/errors"
|
|
)
|
|
|
|
const (
|
|
policiesEndpoint = "policies"
|
|
authorizeEndpoint = "authorize"
|
|
accessEndpoint = "access"
|
|
)
|
|
|
|
// Policy represents an argument struct for making a policy related function calls.
|
|
type Policy struct {
|
|
OwnerID string `json:"owner_id"`
|
|
Subject string `json:"subject"`
|
|
Object string `json:"object"`
|
|
Actions []string `json:"actions"`
|
|
CreatedAt time.Time `json:"created_at"`
|
|
UpdatedAt time.Time `json:"updated_at"`
|
|
}
|
|
|
|
type AccessRequest struct {
|
|
Subject string `json:"subject"`
|
|
Object string `json:"object"`
|
|
Action string `json:"action"`
|
|
EntityType string `json:"entity_type"`
|
|
}
|
|
|
|
func (sdk mfSDK) Authorize(accessReq AccessRequest, token string) (bool, errors.SDKError) {
|
|
data, err := json.Marshal(accessReq)
|
|
if err != nil {
|
|
return false, errors.NewSDKError(err)
|
|
}
|
|
|
|
url := fmt.Sprintf("%s/%s", sdk.usersURL, authorizeEndpoint)
|
|
_, body, sdkerr := sdk.processRequest(http.MethodPost, url, token, string(CTJSON), data, http.StatusOK)
|
|
if sdkerr != nil {
|
|
return false, sdkerr
|
|
}
|
|
resp := authorizeRes{}
|
|
if err := json.Unmarshal(body, &resp); err != nil {
|
|
return false, errors.NewSDKError(err)
|
|
}
|
|
|
|
return resp.Authorized, nil
|
|
}
|
|
|
|
func (sdk mfSDK) CreatePolicy(p Policy, token string) errors.SDKError {
|
|
data, err := json.Marshal(p)
|
|
if err != nil {
|
|
return errors.NewSDKError(err)
|
|
}
|
|
|
|
url := fmt.Sprintf("%s/%s", sdk.usersURL, policiesEndpoint)
|
|
_, _, sdkerr := sdk.processRequest(http.MethodPost, url, token, string(CTJSON), data, http.StatusCreated)
|
|
if sdkerr != nil {
|
|
return sdkerr
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (sdk mfSDK) UpdatePolicy(p Policy, token string) errors.SDKError {
|
|
data, err := json.Marshal(p)
|
|
if err != nil {
|
|
return errors.NewSDKError(err)
|
|
}
|
|
|
|
url := fmt.Sprintf("%s/%s", sdk.usersURL, policiesEndpoint)
|
|
|
|
_, _, sdkerr := sdk.processRequest(http.MethodPut, url, token, string(CTJSON), data, http.StatusNoContent)
|
|
if sdkerr != nil {
|
|
return sdkerr
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (sdk mfSDK) ListPolicies(pm PageMetadata, token string) (PolicyPage, errors.SDKError) {
|
|
url, err := sdk.withQueryParams(sdk.usersURL, policiesEndpoint, pm)
|
|
if err != nil {
|
|
return PolicyPage{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
_, body, sdkerr := sdk.processRequest(http.MethodGet, url, token, string(CTJSON), nil, http.StatusOK)
|
|
if sdkerr != nil {
|
|
return PolicyPage{}, sdkerr
|
|
}
|
|
|
|
var pp PolicyPage
|
|
if err := json.Unmarshal(body, &pp); err != nil {
|
|
return PolicyPage{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
return pp, nil
|
|
}
|
|
|
|
func (sdk mfSDK) DeletePolicy(p Policy, token string) errors.SDKError {
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.usersURL, policiesEndpoint, p.Subject, p.Object)
|
|
|
|
_, _, sdkerr := sdk.processRequest(http.MethodDelete, url, token, string(CTJSON), nil, http.StatusNoContent)
|
|
|
|
return sdkerr
|
|
}
|
|
|
|
func (sdk mfSDK) Assign(memberType []string, memberID, groupID, token string) errors.SDKError {
|
|
var policy = Policy{
|
|
Subject: memberID,
|
|
Object: groupID,
|
|
Actions: memberType,
|
|
}
|
|
data, err := json.Marshal(policy)
|
|
if err != nil {
|
|
return errors.NewSDKError(err)
|
|
}
|
|
url := fmt.Sprintf("%s/%s", sdk.usersURL, policiesEndpoint)
|
|
_, _, sdkerr := sdk.processRequest(http.MethodPost, url, token, string(CTJSON), data, http.StatusCreated)
|
|
|
|
return sdkerr
|
|
}
|
|
|
|
func (sdk mfSDK) Unassign(memberID, groupID, token string) errors.SDKError {
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.usersURL, policiesEndpoint, memberID, groupID)
|
|
|
|
_, _, sdkerr := sdk.processRequest(http.MethodDelete, url, token, string(CTJSON), nil, http.StatusNoContent)
|
|
|
|
return sdkerr
|
|
}
|
|
|
|
func (sdk mfSDK) Connect(connIDs ConnectionIDs, token string) errors.SDKError {
|
|
data, err := json.Marshal(connIDs)
|
|
if err != nil {
|
|
return errors.NewSDKError(err)
|
|
}
|
|
|
|
url := fmt.Sprintf("%s/%s", sdk.thingsURL, connectEndpoint)
|
|
|
|
_, _, sdkerr := sdk.processRequest(http.MethodPost, url, token, string(CTJSON), data, http.StatusCreated)
|
|
|
|
return sdkerr
|
|
}
|
|
|
|
func (sdk mfSDK) Disconnect(connIDs ConnectionIDs, token string) errors.SDKError {
|
|
data, err := json.Marshal(connIDs)
|
|
if err != nil {
|
|
return errors.NewSDKError(err)
|
|
}
|
|
|
|
url := fmt.Sprintf("%s/%s", sdk.thingsURL, disconnectEndpoint)
|
|
_, _, sdkerr := sdk.processRequest(http.MethodPost, url, token, string(CTJSON), data, http.StatusNoContent)
|
|
|
|
return sdkerr
|
|
}
|
|
|
|
func (sdk mfSDK) ConnectThing(thingID, chanID, token string) errors.SDKError {
|
|
url := fmt.Sprintf("%s/%s/%s/%s/%s", sdk.thingsURL, channelsEndpoint, chanID, thingsEndpoint, thingID)
|
|
|
|
_, _, err := sdk.processRequest(http.MethodPost, url, token, string(CTJSON), nil, http.StatusCreated)
|
|
|
|
return err
|
|
}
|
|
|
|
func (sdk mfSDK) DisconnectThing(thingID, chanID, token string) errors.SDKError {
|
|
url := fmt.Sprintf("%s/%s/%s/%s/%s", sdk.thingsURL, channelsEndpoint, chanID, thingsEndpoint, thingID)
|
|
|
|
_, _, err := sdk.processRequest(http.MethodDelete, url, token, string(CTJSON), nil, http.StatusNoContent)
|
|
|
|
return err
|
|
}
|
|
|
|
func (sdk mfSDK) UpdateThingsPolicy(p Policy, token string) errors.SDKError {
|
|
data, err := json.Marshal(p)
|
|
if err != nil {
|
|
return errors.NewSDKError(err)
|
|
}
|
|
|
|
url := fmt.Sprintf("%s/%s/%s", sdk.thingsURL, thingsEndpoint, policiesEndpoint)
|
|
|
|
_, _, sdkerr := sdk.processRequest(http.MethodPut, url, token, string(CTJSON), data, http.StatusOK)
|
|
if sdkerr != nil {
|
|
return sdkerr
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (sdk mfSDK) ListThingsPolicies(pm PageMetadata, token string) (PolicyPage, errors.SDKError) {
|
|
url, err := sdk.withQueryParams(fmt.Sprintf("%s/%s", sdk.thingsURL, thingsEndpoint), policiesEndpoint, pm)
|
|
if err != nil {
|
|
return PolicyPage{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
_, body, sdkerr := sdk.processRequest(http.MethodGet, url, token, string(CTJSON), nil, http.StatusOK)
|
|
if sdkerr != nil {
|
|
return PolicyPage{}, sdkerr
|
|
}
|
|
|
|
var pp PolicyPage
|
|
if err := json.Unmarshal(body, &pp); err != nil {
|
|
return PolicyPage{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
return pp, nil
|
|
}
|
|
|
|
func (sdk mfSDK) ThingCanAccess(accessReq AccessRequest, token string) (bool, string, errors.SDKError) {
|
|
creq := canAccessReq{ClientSecret: accessReq.Subject, GroupID: accessReq.Object, Action: accessReq.Action, EntityType: accessReq.EntityType}
|
|
data, err := json.Marshal(creq)
|
|
if err != nil {
|
|
return false, "", errors.NewSDKError(err)
|
|
}
|
|
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.thingsURL, channelsEndpoint, accessReq.Object, accessEndpoint)
|
|
_, body, sdkerr := sdk.processRequest(http.MethodPost, url, token, string(CTJSON), data, http.StatusOK)
|
|
if sdkerr != nil {
|
|
return false, "", sdkerr
|
|
}
|
|
resp := canAccessRes{}
|
|
if err := json.Unmarshal(body, &resp); err != nil {
|
|
return false, "", errors.NewSDKError(err)
|
|
}
|
|
|
|
return resp.Authorized, resp.ThingID, nil
|
|
}
|