mirror of
https://github.com/mainflux/mainflux.git
synced 2025-04-29 13:49:28 +08:00
9e0947a355
* MF-1261 - Use StatusUnauthorized for authn and StatusForbidden for authz Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * ErrExternalKey typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename ErrUnauthorizedAcces -> ErrAuthentication Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix bootstrap error Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix status code in openapi Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix test description Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix test description Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix test description Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add errors cases Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix status codes Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add gRPC stutus code Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tests description Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix openapi and encodeError Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix grpc message Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix test descriptions Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert sdk error Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
143 lines
2.4 KiB
Go
143 lines
2.4 KiB
Go
// Copyright (c) Mainflux
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package grpc
|
|
|
|
import (
|
|
"github.com/mainflux/mainflux/auth"
|
|
"github.com/mainflux/mainflux/pkg/errors"
|
|
)
|
|
|
|
type identityReq struct {
|
|
token string
|
|
kind uint32
|
|
}
|
|
|
|
func (req identityReq) validate() error {
|
|
if req.token == "" {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
if req.kind != auth.LoginKey &&
|
|
req.kind != auth.APIKey &&
|
|
req.kind != auth.RecoveryKey {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
type issueReq struct {
|
|
id string
|
|
email string
|
|
keyType uint32
|
|
}
|
|
|
|
func (req issueReq) validate() error {
|
|
if req.email == "" {
|
|
return errors.ErrAuthentication
|
|
}
|
|
if req.keyType != auth.LoginKey &&
|
|
req.keyType != auth.APIKey &&
|
|
req.keyType != auth.RecoveryKey {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
type assignReq struct {
|
|
token string
|
|
groupID string
|
|
memberID string
|
|
groupType string
|
|
}
|
|
|
|
func (req assignReq) validate() error {
|
|
if req.token == "" {
|
|
return errors.ErrAuthentication
|
|
}
|
|
if req.groupID == "" || req.memberID == "" {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
return nil
|
|
}
|
|
|
|
type membersReq struct {
|
|
token string
|
|
groupID string
|
|
offset uint64
|
|
limit uint64
|
|
memberType string
|
|
}
|
|
|
|
func (req membersReq) validate() error {
|
|
if req.token == "" {
|
|
return errors.ErrAuthentication
|
|
}
|
|
if req.groupID == "" {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
if req.memberType == "" {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// authReq represents authorization request. It contains:
|
|
// 1. subject - an action invoker
|
|
// 2. object - an entity over which action will be executed
|
|
// 3. action - type of action that will be executed (read/write)
|
|
type authReq struct {
|
|
Sub string
|
|
Obj string
|
|
Act string
|
|
}
|
|
|
|
func (req authReq) validate() error {
|
|
if req.Sub == "" {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
|
|
if req.Obj == "" {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
|
|
if req.Act == "" {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
type addPolicyReq struct {
|
|
Sub string
|
|
Obj string
|
|
Act string
|
|
}
|
|
|
|
func (req addPolicyReq) validate() error {
|
|
if req.Sub == "" || req.Obj == "" || req.Act == "" {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
return nil
|
|
}
|
|
|
|
type deletePolicyReq struct {
|
|
Sub string
|
|
Obj string
|
|
Act string
|
|
}
|
|
|
|
func (req deletePolicyReq) validate() error {
|
|
if req.Sub == "" || req.Obj == "" || req.Act == "" {
|
|
return errors.ErrMalformedEntity
|
|
}
|
|
return nil
|
|
}
|
|
|
|
type listPoliciesReq struct {
|
|
Sub string
|
|
Obj string
|
|
Act string
|
|
}
|