go/golang-saas-starter-kit
1
0
Fork 0
mirror of https://github.com/raseels-repos/golang-saas-starter-kit.git synced 2025-12-19 23:52:43 +02:00
Code Issues Releases Activity

checkpoint

Browse Source
This commit is contained in:
Lee Brown
2019-06-26 20:21:00 -08:00
parent b68bcf2c2c
commit 48ae19bd6a
23 changed files with 1952 additions and 859 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
example-project/cmd/web-api/handlers/account.go
View File

@@ -30,7 +30,6 @@ type Account struct {
// @Param id path string true "Account ID"
// @Success 200 {object} account.AccountResponse
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /accounts/{id} [get]
@@ -40,24 +39,23 @@ func (a *Account) Read(ctx context.Context, w http.ResponseWriter, r *http.Reque
return errors.New("claims missing from context")
}
// Handle included-archived query value if set.
var includeArchived bool
if qv := r.URL.Query().Get("include-archived"); qv != "" {
var err error
includeArchived, err = strconv.ParseBool(qv)
if v := r.URL.Query().Get("included-archived"); v != "" {
b, err := strconv.ParseBool(v)
if err != nil {
return errors.Wrapf(err, "Invalid value for include-archived : %s", qv)
err = errors.WithMessagef(err, "unable to parse %s as boolean for included-archived param", v)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
includeArchived = b
}
res, err := account.Read(ctx, claims, a.MasterDB, params["id"], includeArchived)
if err != nil {
switch err {
case account.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
cause := errors.Cause(err)
switch cause {
case account.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
case account.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
default:
return errors.Wrapf(err, "ID: %s", params["id"])
}
@@ -74,10 +72,9 @@ func (a *Account) Read(ctx context.Context, w http.ResponseWriter, r *http.Reque
// @Produce json
// @Security OAuth2Password
// @Param data body account.AccountUpdateRequest true "Update fields"
// @Success 201
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /accounts [patch]
func (a *Account) Update(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
@@ -93,31 +90,25 @@ func (a *Account) Update(ctx context.Context, w http.ResponseWriter, r *http.Req
var req account.AccountUpdateRequest
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return err
return web.RespondJsonError(ctx, w, err)
}
err := account.Update(ctx, claims, a.MasterDB, req, v.Now)
if err != nil {
switch err {
case account.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
case account.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
cause := errors.Cause(err)
switch cause {
case account.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := err.(validator.ValidationErrors)
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "Id: %s Account: %+v", params["id"], &req)
return errors.Wrapf(err, "Id: %s Account: %+v", req.ID, &req)
}
}

118
example-project/cmd/web-api/handlers/project.go
View File

@@ -50,7 +50,7 @@ func (p *Project) Find(ctx context.Context, w http.ResponseWriter, r *http.Reque
if v := r.URL.Query().Get("where"); v != "" {
where, args, err := web.ExtractWhereArgs(v)
if err != nil {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
req.Where = &where
req.Args = args
@@ -71,7 +71,7 @@ func (p *Project) Find(ctx context.Context, w http.ResponseWriter, r *http.Reque
l, err := strconv.Atoi(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as int for limit param", v)
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
ul := uint(l)
req.Limit = &ul
@@ -82,22 +82,29 @@ func (p *Project) Find(ctx context.Context, w http.ResponseWriter, r *http.Reque
l, err := strconv.Atoi(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as int for offset param", v)
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
ul := uint(l)
req.Limit = &ul
}
// Handle order query value if set.
// Handle include-archive query value if set.
if v := r.URL.Query().Get("included-archived"); v != "" {
b, err := strconv.ParseBool(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as boolean for included-archived param", v)
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
req.IncludedArchived = b
}
//if err := web.Decode(r, &req); err != nil {
// if _, ok := errors.Cause(err).(*web.Error); !ok {
// err = web.NewRequestError(err, http.StatusBadRequest)
// }
// return web.RespondJsonError(ctx, w, err)
//}
res, err := project.Find(ctx, claims, p.MasterDB, req)
if err != nil {
return err
@@ -121,7 +128,6 @@ func (p *Project) Find(ctx context.Context, w http.ResponseWriter, r *http.Reque
// @Param id path string true "Project ID"
// @Success 200 {object} project.ProjectResponse
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /projects/{id} [get]
@@ -131,24 +137,23 @@ func (p *Project) Read(ctx context.Context, w http.ResponseWriter, r *http.Reque
return errors.New("claims missing from context")
}
// Handle included-archived query value if set.
var includeArchived bool
if qv := r.URL.Query().Get("include-archived"); qv != "" {
var err error
includeArchived, err = strconv.ParseBool(qv)
if v := r.URL.Query().Get("included-archived"); v != "" {
b, err := strconv.ParseBool(v)
if err != nil {
return errors.Wrapf(err, "Invalid value for include-archived : %s", qv)
err = errors.WithMessagef(err, "unable to parse %s as boolean for included-archived param", v)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
includeArchived = b
}
res, err := project.Read(ctx, claims, p.MasterDB, params["id"], includeArchived)
if err != nil {
switch err {
case project.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
cause := errors.Cause(err)
switch cause {
case project.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
case project.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
default:
return errors.Wrapf(err, "ID: %s", params["id"])
}
@@ -165,7 +170,7 @@ func (p *Project) Read(ctx context.Context, w http.ResponseWriter, r *http.Reque
// @Produce json
// @Security OAuth2Password
// @Param data body project.ProjectCreateRequest true "Project details"
// @Success 200 {object} project.ProjectResponse
// @Success 201 {object} project.ProjectResponse
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
@@ -184,24 +189,22 @@ func (p *Project) Create(ctx context.Context, w http.ResponseWriter, r *http.Req
var req project.ProjectCreateRequest
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return err
return web.RespondJsonError(ctx, w, err)
}
res, err := project.Create(ctx, claims, p.MasterDB, req, v.Now)
if err != nil {
switch err {
cause := errors.Cause(err)
switch cause {
case project.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := err.(validator.ValidationErrors)
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "Project: %+v", &req)
}
@@ -218,10 +221,9 @@ func (p *Project) Create(ctx context.Context, w http.ResponseWriter, r *http.Req
// @Produce json
// @Security OAuth2Password
// @Param data body project.ProjectUpdateRequest true "Update fields"
// @Success 201
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /projects [patch]
func (p *Project) Update(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
@@ -237,29 +239,24 @@ func (p *Project) Update(ctx context.Context, w http.ResponseWriter, r *http.Req
var req project.ProjectUpdateRequest
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return err
return web.RespondJsonError(ctx, w, err)
}
err := project.Update(ctx, claims, p.MasterDB, req, v.Now)
if err != nil {
switch err {
case project.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
case project.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
cause := errors.Cause(err)
switch cause {
case project.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := err.(validator.ValidationErrors)
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "ID: %s Update: %+v", req.ID, req)
}
}
@@ -275,7 +272,7 @@ func (p *Project) Update(ctx context.Context, w http.ResponseWriter, r *http.Req
// @Produce json
// @Security OAuth2Password
// @Param data body project.ProjectArchiveRequest true "Update fields"
// @Success 201
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
@@ -294,28 +291,24 @@ func (p *Project) Archive(ctx context.Context, w http.ResponseWriter, r *http.Re
var req project.ProjectArchiveRequest
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return err
return web.RespondJsonError(ctx, w, err)
}
err := project.Archive(ctx, claims, p.MasterDB, req, v.Now)
if err != nil {
switch err {
case project.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
cause := errors.Cause(err)
switch cause {
case project.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
case project.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := err.(validator.ValidationErrors)
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "Id: %s", req.ID)
@@ -333,7 +326,7 @@ func (p *Project) Archive(ctx context.Context, w http.ResponseWriter, r *http.Re
// @Produce json
// @Security OAuth2Password
// @Param id path string true "Project ID"
// @Success 201
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
@@ -347,13 +340,12 @@ func (p *Project) Delete(ctx context.Context, w http.ResponseWriter, r *http.Req
err := project.Delete(ctx, claims, p.MasterDB, params["id"])
if err != nil {
switch err {
case project.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
cause := errors.Cause(err)
switch cause {
case project.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
case project.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
return errors.Wrapf(err, "Id: %s", params["id"])
}

15
example-project/cmd/web-api/handlers/routes.go
View File

@@ -30,12 +30,11 @@ func API(shutdown chan os.Signal, log *log.Logger, masterDB *sqlx.DB, redis *red
MasterDB: masterDB,
TokenGenerator: authenticator,
}
app.Handle("GET", "/v1/users", u.Find, mid.Authenticate(authenticator))
app.Handle("POST", "/v1/users", u.Create, mid.Authenticate(authenticator), mid.HasRole(auth.RoleAdmin))
app.Handle("GET", "/v1/users/:id", u.Read, mid.Authenticate(authenticator))
app.Handle("PATCH", "/v1/users", u.Update, mid.Authenticate(authenticator))
app.Handle("PATCH", "/v1/users/password", u.UpdatePassword, mid.Authenticate(authenticator), mid.HasRole(auth.RoleAdmin))
app.Handle("PATCH", "/v1/users/password", u.UpdatePassword, mid.Authenticate(authenticator))
app.Handle("PATCH", "/v1/users/archive", u.Archive, mid.Authenticate(authenticator), mid.HasRole(auth.RoleAdmin))
app.Handle("DELETE", "/v1/users/:id", u.Delete, mid.Authenticate(authenticator), mid.HasRole(auth.RoleAdmin))
app.Handle("PATCH", "/v1/users/switch-account/:account_id", u.SwitchAccount, mid.Authenticate(authenticator))
@@ -43,6 +42,18 @@ func API(shutdown chan os.Signal, log *log.Logger, masterDB *sqlx.DB, redis *red
// This route is not authenticated
app.Handle("POST", "/v1/oauth/token", u.Token)
// Register user account management endpoints.
ua := UserAccount{
MasterDB: masterDB,
}
app.Handle("GET", "/v1/user_accounts", ua.Find, mid.Authenticate(authenticator))
app.Handle("POST", "/v1/user_accounts", ua.Create, mid.Authenticate(authenticator), mid.HasRole(auth.RoleAdmin))
app.Handle("GET", "/v1/user_accounts/:id", ua.Read, mid.Authenticate(authenticator))
app.Handle("PATCH", "/v1/user_accounts", ua.Update, mid.Authenticate(authenticator))
app.Handle("PATCH", "/v1/user_accounts/archive", ua.Archive, mid.Authenticate(authenticator), mid.HasRole(auth.RoleAdmin))
app.Handle("DELETE", "/v1/user_accounts", ua.Delete, mid.Authenticate(authenticator), mid.HasRole(auth.RoleAdmin))
// Register account endpoints.
a := Account{
MasterDB: masterDB,

20
example-project/cmd/web-api/handlers/signup.go
View File

@@ -27,9 +27,8 @@ type Signup struct {
// @Accept json
// @Produce json
// @Param data body signup.SignupRequest true "Signup details"
// @Success 200 {object} signup.SignupResponse
// @Success 201 {object} signup.SignupResponse
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /signup [post]
func (c *Signup) Signup(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
@@ -43,29 +42,26 @@ func (c *Signup) Signup(ctx context.Context, w http.ResponseWriter, r *http.Requ
var req signup.SignupRequest
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return err
return web.RespondJsonError(ctx, w, err)
}
res, err := signup.Signup(ctx, claims, c.MasterDB, req, v.Now)
if err != nil {
switch err {
switch errors.Cause(err) {
case account.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "Signup: %+v", &req)
}
}
return web.RespondJson(ctx, w, res, http.StatusCreated)
return web.RespondJson(ctx, w, res.Response(ctx), http.StatusCreated)
}

201
example-project/cmd/web-api/handlers/user.go
View File

@@ -2,7 +2,6 @@ package handlers
import (
"context"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/user_account"
"net/http"
"strconv"
"strings"
@@ -56,7 +55,7 @@ func (u *User) Find(ctx context.Context, w http.ResponseWriter, r *http.Request,
if v := r.URL.Query().Get("where"); v != "" {
where, args, err := web.ExtractWhereArgs(v)
if err != nil {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
req.Where = &where
req.Args = args
@@ -77,7 +76,7 @@ func (u *User) Find(ctx context.Context, w http.ResponseWriter, r *http.Request,
l, err := strconv.Atoi(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as int for limit param", v)
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
ul := uint(l)
req.Limit = &ul
@@ -88,31 +87,28 @@ func (u *User) Find(ctx context.Context, w http.ResponseWriter, r *http.Request,
l, err := strconv.Atoi(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as int for offset param", v)
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
ul := uint(l)
req.Limit = &ul
}
// Handle order query value if set.
// Handle included-archived query value if set.
if v := r.URL.Query().Get("included-archived"); v != "" {
b, err := strconv.ParseBool(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as boolean for included-archived param", v)
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
req.IncludedArchived = b
}
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
}
return err
}
//if err := web.Decode(r, &req); err != nil {
// if _, ok := errors.Cause(err).(*web.Error); !ok {
// err = web.NewRequestError(err, http.StatusBadRequest)
// }
// return web.RespondJsonError(ctx, w, err)
//}
res, err := user.Find(ctx, claims, u.MasterDB, req)
if err != nil {
@@ -137,7 +133,6 @@ func (u *User) Find(ctx context.Context, w http.ResponseWriter, r *http.Request,
// @Param id path string true "User ID"
// @Success 200 {object} user.UserResponse
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /users/{id} [get]
@@ -147,30 +142,24 @@ func (u *User) Read(ctx context.Context, w http.ResponseWriter, r *http.Request,
return errors.New("claims missing from context")
}
// Handle included-archived query value if set.
var includeArchived bool
if qv := r.URL.Query().Get("include-archived"); qv != "" {
var err error
includeArchived, err = strconv.ParseBool(qv)
if v := r.URL.Query().Get("included-archived"); v != "" {
b, err := strconv.ParseBool(v)
if err != nil {
return errors.Wrapf(err, "Invalid value for include-archived : %s", qv)
err = errors.WithMessagef(err, "unable to parse %s as boolean for included-archived param", v)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
includeArchived = b
}
res, err := user.Read(ctx, claims, u.MasterDB, params["id"], includeArchived)
if err != nil {
switch err {
case user.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
cause := errors.Cause(err)
switch cause {
case user.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
case user.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
default:
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
}
return errors.Wrapf(err, "ID: %s", params["id"])
}
}
@@ -186,10 +175,9 @@ func (u *User) Read(ctx context.Context, w http.ResponseWriter, r *http.Request,
// @Produce json
// @Security OAuth2Password
// @Param data body user.UserCreateRequest true "User details"
// @Success 200 {object} user.UserResponse
// @Success 201 {object} user.UserResponse
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /users [post]
func (u *User) Create(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
@@ -205,53 +193,28 @@ func (u *User) Create(ctx context.Context, w http.ResponseWriter, r *http.Reques
var req user.UserCreateRequest
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return err
return web.RespondJsonError(ctx, w, err)
}
res, err := user.Create(ctx, claims, u.MasterDB, req, v.Now)
if err != nil {
switch err {
cause := errors.Cause(err)
switch cause {
case user.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := err.(validator.ValidationErrors)
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "User: %+v", &req)
}
}
if claims.Audience != "" {
uaReq := user_account.UserAccountCreateRequest{
UserID: resp.User.ID,
AccountID: resp.Account.ID,
Roles: []user_account.UserAccountRole{user_account.UserAccountRole_Admin},
//Status: Use default value
}
_, err = user_account.Create(ctx, claims, u.MasterDB, uaReq, v.Now)
if err != nil {
switch err {
case user.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
default:
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
}
return errors.Wrapf(err, "User account: %+v", &req)
}
}
}
return web.RespondJson(ctx, w, res.Response(ctx), http.StatusCreated)
}
@@ -263,10 +226,9 @@ func (u *User) Create(ctx context.Context, w http.ResponseWriter, r *http.Reques
// @Produce json
// @Security OAuth2Password
// @Param data body user.UserUpdateRequest true "Update fields"
// @Success 201
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /users [patch]
func (u *User) Update(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
@@ -282,31 +244,25 @@ func (u *User) Update(ctx context.Context, w http.ResponseWriter, r *http.Reques
var req user.UserUpdateRequest
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return err
return web.RespondJsonError(ctx, w, err)
}
err := user.Update(ctx, claims, u.MasterDB, req, v.Now)
if err != nil {
switch err {
case user.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
case user.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
cause := errors.Cause(err)
switch cause {
case user.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := err.(validator.ValidationErrors)
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "Id: %s User: %+v", req.ID, &req)
return errors.Wrapf(err, "Id: %s User: %+v", req.ID, &req)
}
}
@@ -321,10 +277,9 @@ func (u *User) Update(ctx context.Context, w http.ResponseWriter, r *http.Reques
// @Produce json
// @Security OAuth2Password
// @Param data body user.UserUpdatePasswordRequest true "Update fields"
// @Success 201
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /users/password [patch]
func (u *User) UpdatePassword(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
@@ -340,28 +295,24 @@ func (u *User) UpdatePassword(ctx context.Context, w http.ResponseWriter, r *htt
var req user.UserUpdatePasswordRequest
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return err
return web.RespondJsonError(ctx, w, err)
}
err := user.UpdatePassword(ctx, claims, u.MasterDB, req, v.Now)
if err != nil {
switch err {
case user.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
cause := errors.Cause(err)
switch cause {
case user.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
case user.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := err.(validator.ValidationErrors)
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "Id: %s User: %+v", req.ID, &req)
@@ -379,7 +330,7 @@ func (u *User) UpdatePassword(ctx context.Context, w http.ResponseWriter, r *htt
// @Produce json
// @Security OAuth2Password
// @Param data body user.UserArchiveRequest true "Update fields"
// @Success 201
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
@@ -398,28 +349,24 @@ func (u *User) Archive(ctx context.Context, w http.ResponseWriter, r *http.Reque
var req user.UserArchiveRequest
if err := web.Decode(r, &req); err != nil {
err = errors.WithStack(err)
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return err
return web.RespondJsonError(ctx, w, err)
}
err := user.Archive(ctx, claims, u.MasterDB, req, v.Now)
if err != nil {
switch err {
case user.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
cause := errors.Cause(err)
switch cause {
case user.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
case user.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := err.(validator.ValidationErrors)
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "Id: %s", req.ID)
@@ -437,7 +384,7 @@ func (u *User) Archive(ctx context.Context, w http.ResponseWriter, r *http.Reque
// @Produce json
// @Security OAuth2Password
// @Param id path string true "User ID"
// @Success 201
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
@@ -451,15 +398,14 @@ func (u *User) Delete(ctx context.Context, w http.ResponseWriter, r *http.Reques
err := user.Delete(ctx, claims, u.MasterDB, params["id"])
if err != nil {
switch err {
case user.ErrInvalidID:
return web.NewRequestError(err, http.StatusBadRequest)
cause := errors.Cause(err)
switch cause {
case user.ErrNotFound:
return web.NewRequestError(err, http.StatusNotFound)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
case user.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
return errors.Wrapf(err, "Id: %s", params["id"])
return errors.Wrapf(cause, "Id: %s", params["id"])
}
}
@@ -493,13 +439,14 @@ func (u *User) SwitchAccount(ctx context.Context, w http.ResponseWriter, r *http
tkn, err := user.SwitchAccount(ctx, u.MasterDB, u.TokenGenerator, claims, params["account_id"], sessionTtl, v.Now)
if err != nil {
switch err {
cause := errors.Cause(err)
switch cause {
case user.ErrAuthenticationFailure:
return web.NewRequestError(err, http.StatusUnauthorized)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusUnauthorized))
default:
_, ok := err.(validator.ValidationErrors)
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrap(err, "switch account")
@@ -521,7 +468,6 @@ func (u *User) SwitchAccount(ctx context.Context, w http.ResponseWriter, r *http
// @Header 200 {string} Token "qwerty"
// @Failure 400 {object} web.Error
// @Failure 403 {object} web.Error
// @Failure 404 {object} web.Error
// @Router /oauth/token [post]
func (u *User) Token(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
v, ok := ctx.Value(web.KeyValues).(*web.Values)
@@ -532,7 +478,7 @@ func (u *User) Token(ctx context.Context, w http.ResponseWriter, r *http.Request
email, pass, ok := r.BasicAuth()
if !ok {
err := errors.New("must provide email and password in Basic auth")
return web.NewRequestError(err, http.StatusUnauthorized)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusUnauthorized))
}
// Optional to include scope.
@@ -540,9 +486,10 @@ func (u *User) Token(ctx context.Context, w http.ResponseWriter, r *http.Request
tkn, err := user.Authenticate(ctx, u.MasterDB, u.TokenGenerator, email, pass, sessionTtl, v.Now, scope)
if err != nil {
switch err {
cause := errors.Cause(err)
switch cause {
case user.ErrAuthenticationFailure:
return web.NewRequestError(err, http.StatusUnauthorized)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusUnauthorized))
default:
return errors.Wrap(err, "authenticating")
}

368
example-project/cmd/web-api/handlers/user_account.go Normal file
View File

@@ -0,0 +1,368 @@
package handlers
import (
"context"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/auth"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/web"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/user_account"
"github.com/jmoiron/sqlx"
"github.com/pkg/errors"
"gopkg.in/go-playground/validator.v9"
"net/http"
"strconv"
"strings"
)
// UserAccount represents the UserAccount API method handler set.
type UserAccount struct {
MasterDB *sqlx.DB
// ADD OTHER STATE LIKE THE LOGGER AND CONFIG HERE.
}
// Find godoc
// @Summary List user accounts
// @Description Find returns the existing user accounts in the system.
// @Tags user_account
// @Accept json
// @Produce json
// @Security OAuth2Password
// @Param where query string false "Filter string, example: account_id = 'c4653bf9-5978-48b7-89c5-95704aebb7e2'"
// @Param order query string false "Order columns separated by comma, example: created_at desc"
// @Param limit query integer false "Limit, example: 10"
// @Param offset query integer false "Offset, example: 20"
// @Param included-archived query boolean false "Included Archived, example: false"
// @Success 200 {array} user_account.UserAccountResponse
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /user_accounts [get]
func (u *UserAccount) Find(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
claims, ok := ctx.Value(auth.Key).(auth.Claims)
if !ok {
return errors.New("claims missing from context")
}
var req user_account.UserAccountFindRequest
// Handle where query value if set.
if v := r.URL.Query().Get("where"); v != "" {
where, args, err := web.ExtractWhereArgs(v)
if err != nil {
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
req.Where = &where
req.Args = args
}
// Handle order query value if set.
if v := r.URL.Query().Get("order"); v != "" {
for _, o := range strings.Split(v, ",") {
o = strings.TrimSpace(o)
if o != "" {
req.Order = append(req.Order, o)
}
}
}
// Handle limit query value if set.
if v := r.URL.Query().Get("limit"); v != "" {
l, err := strconv.Atoi(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as int for limit param", v)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
ul := uint(l)
req.Limit = &ul
}
// Handle offset query value if set.
if v := r.URL.Query().Get("offset"); v != "" {
l, err := strconv.Atoi(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as int for offset param", v)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
ul := uint(l)
req.Limit = &ul
}
// Handle order query value if set.
if v := r.URL.Query().Get("included-archived"); v != "" {
b, err := strconv.ParseBool(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as boolean for included-archived param", v)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
req.IncludedArchived = b
}
//if err := web.Decode(r, &req); err != nil {
// if _, ok := errors.Cause(err).(*web.Error); !ok {
// err = web.NewRequestError(err, http.StatusBadRequest)
// }
// return web.RespondJsonError(ctx, w, err)
//}
res, err := user_account.Find(ctx, claims, u.MasterDB, req)
if err != nil {
return err
}
var resp []*user_account.UserAccountResponse
for _, m := range res {
resp = append(resp, m.Response(ctx))
}
return web.RespondJson(ctx, w, resp, http.StatusOK)
}
// Read godoc
// @Summary Get user account by ID
// @Description Read returns the specified user account from the system.
// @Tags user_account
// @Accept json
// @Produce json
// @Security OAuth2Password
// @Param id path string true "UserAccount ID"
// @Success 200 {object} user_account.UserAccountResponse
// @Failure 400 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /user_accounts/{id} [get]
func (u *UserAccount) Read(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
claims, ok := ctx.Value(auth.Key).(auth.Claims)
if !ok {
return errors.New("claims missing from context")
}
// Handle included-archived query value if set.
var includeArchived bool
if v := r.URL.Query().Get("included-archived"); v != "" {
b, err := strconv.ParseBool(v)
if err != nil {
err = errors.WithMessagef(err, "unable to parse %s as boolean for included-archived param", v)
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
includeArchived = b
}
res, err := user_account.Read(ctx, claims, u.MasterDB, params["id"], includeArchived)
if err != nil {
cause := errors.Cause(err)
switch cause {
case user_account.ErrNotFound:
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
default:
return errors.Wrapf(err, "ID: %s", params["id"])
}
}
return web.RespondJson(ctx, w, res.Response(ctx), http.StatusOK)
}
// Create godoc
// @Summary Create new user account.
// @Description Create inserts a new user account into the system.
// @Tags user_account
// @Accept json
// @Produce json
// @Security OAuth2Password
// @Param data body user_account.UserAccountCreateRequest true "User Account details"
// @Success 201 {object} user_account.UserAccountResponse
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /user_accounts [post]
func (u *UserAccount) Create(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
v, ok := ctx.Value(web.KeyValues).(*web.Values)
if !ok {
return web.NewShutdownError("web value missing from context")
}
claims, ok := ctx.Value(auth.Key).(auth.Claims)
if !ok {
return errors.New("claims missing from context")
}
var req user_account.UserAccountCreateRequest
if err := web.Decode(r, &req); err != nil {
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return web.RespondJsonError(ctx, w, err)
}
res, err := user_account.Create(ctx, claims, u.MasterDB, req, v.Now)
if err != nil {
cause := errors.Cause(err)
switch cause {
case user_account.ErrForbidden:
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "User Account: %+v", &req)
}
}
return web.RespondJson(ctx, w, res.Response(ctx), http.StatusCreated)
}
// Read godoc
// @Summary Update user account by user ID and account ID
// @Description Update updates the specified user account in the system.
// @Tags user
// @Accept json
// @Produce json
// @Security OAuth2Password
// @Param data body user_account.UserAccountUpdateRequest true "Update fields"
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /user_accounts [patch]
func (u *UserAccount) Update(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
v, ok := ctx.Value(web.KeyValues).(*web.Values)
if !ok {
return web.NewShutdownError("web value missing from context")
}
claims, ok := ctx.Value(auth.Key).(auth.Claims)
if !ok {
return errors.New("claims missing from context")
}
var req user_account.UserAccountUpdateRequest
if err := web.Decode(r, &req); err != nil {
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return web.RespondJsonError(ctx, w, err)
}
err := user_account.Update(ctx, claims, u.MasterDB, req, v.Now)
if err != nil {
cause := errors.Cause(err)
switch cause {
case user_account.ErrForbidden:
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "UserID: %s AccountID: %s User Account: %+v", req.UserID, req.AccountID, &req)
}
}
return web.RespondJson(ctx, w, nil, http.StatusNoContent)
}
// Read godoc
// @Summary Archive user account by user ID and account ID
// @Description Archive soft-deletes the specified user account from the system.
// @Tags user
// @Accept json
// @Produce json
// @Security OAuth2Password
// @Param data body user_account.UserAccountArchiveRequest true "Update fields"
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /user_accounts/archive [patch]
func (u *UserAccount) Archive(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
v, ok := ctx.Value(web.KeyValues).(*web.Values)
if !ok {
return web.NewShutdownError("web value missing from context")
}
claims, ok := ctx.Value(auth.Key).(auth.Claims)
if !ok {
return errors.New("claims missing from context")
}
var req user_account.UserAccountArchiveRequest
if err := web.Decode(r, &req); err != nil {
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return web.RespondJsonError(ctx, w, err)
}
err := user_account.Archive(ctx, claims, u.MasterDB, req, v.Now)
if err != nil {
cause := errors.Cause(err)
switch cause {
case user_account.ErrNotFound:
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
case user_account.ErrForbidden:
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "UserID: %s AccountID: %s User Account: %+v", req.UserID, req.AccountID, &req)
}
}
return web.RespondJson(ctx, w, nil, http.StatusNoContent)
}
// Delete godoc
// @Summary Delete user account by user ID and account ID
// @Description Delete removes the specified user account from the system.
// @Tags user
// @Accept json
// @Produce json
// @Security OAuth2Password
// @Param id path string true "UserAccount ID"
// @Success 204
// @Failure 400 {object} web.ErrorResponse
// @Failure 403 {object} web.ErrorResponse
// @Failure 404 {object} web.ErrorResponse
// @Failure 500 {object} web.ErrorResponse
// @Router /user_accounts [delete]
func (u *UserAccount) Delete(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
claims, ok := ctx.Value(auth.Key).(auth.Claims)
if !ok {
return errors.New("claims missing from context")
}
var req user_account.UserAccountDeleteRequest
if err := web.Decode(r, &req); err != nil {
if _, ok := errors.Cause(err).(*web.Error); !ok {
err = web.NewRequestError(err, http.StatusBadRequest)
}
return web.RespondJsonError(ctx, w, err)
}
err := user_account.Delete(ctx, claims, u.MasterDB, req)
if err != nil {
cause := errors.Cause(err)
switch cause {
case user_account.ErrNotFound:
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusNotFound))
case user_account.ErrForbidden:
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusForbidden))
default:
_, ok := cause.(validator.ValidationErrors)
if ok {
return web.RespondJsonError(ctx, w, web.NewRequestError(err, http.StatusBadRequest))
}
return errors.Wrapf(err, "UserID: %s AccountID: %s User Account: %+v", req.UserID, req.AccountID, &req)
}
}
return web.RespondJson(ctx, w, nil, http.StatusNoContent)
}

339
example-project/cmd/web-api/tests/account_test.go Normal file
View File

@@ -0,0 +1,339 @@
package tests
import (
"context"
"encoding/json"
"fmt"
"net/http"
"strconv"
"testing"
"time"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/mid"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/account"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/auth"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/tests"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/web"
"github.com/google/go-cmp/cmp"
"github.com/pborman/uuid"
)
func mockAccount() *account.Account {
req := account.AccountCreateRequest{
Name: uuid.NewRandom().String(),
Address1: "103 East Main St",
Address2: "Unit 546",
City: "Valdez",
Region: "AK",
Country: "USA",
Zipcode: "99686",
}
a, err := account.Create(tests.Context(), auth.Claims{}, test.MasterDB, req, time.Now().UTC().AddDate(-1, -1, -1))
if err != nil {
panic(err)
}
return a
}
// TestAccount is the entry point for the account endpoints.
func TestAccount(t *testing.T) {
defer tests.Recover(t)
t.Run("getAccount", getAccount)
t.Run("patchAccount", patchAccount)
}
// getAccount validates get account by ID endpoint.
func getAccount(t *testing.T) {
var rtests []requestTest
forbiddenAccount := mockAccount()
// Both roles should be able to read the account.
for rn, tr := range roleTests {
acc := tr.SignupResult.Account
// Test 200.
rtests = append(rtests, requestTest{
fmt.Sprintf("Role %s 200", rn),
http.MethodGet,
fmt.Sprintf("/v1/accounts/%s", acc.ID),
nil,
tr.Token,
tr.Claims,
http.StatusOK,
nil,
func(treq requestTest, body []byte) bool {
var actual account.AccountResponse
if err := json.Unmarshal(body, &actual); err != nil {
t.Logf("\t\tGot error : %+v", err)
return false
}
// Add claims to the context so they can be retrieved later.
ctx := context.WithValue(tests.Context(), auth.Key, tr.Claims)
expectedMap := map[string]interface{}{
"updated_at": web.NewTimeResponse(ctx, acc.UpdatedAt),
"id": acc.ID,
"address2": acc.Address2,
"region": acc.Region,
"zipcode": acc.Zipcode,
"timezone": acc.Timezone,
"created_at": web.NewTimeResponse(ctx, acc.CreatedAt),
"country": acc.Country,
"billing_user_id": &acc.BillingUserID,
"name": acc.Name,
"address1": acc.Address1,
"city": acc.City,
"status": map[string]interface{}{
"value": "active",
"title": "Active",
"options": []map[string]interface{}{{"selected": false, "title": "[Active Pending Disabled]", "value": "[active pending disabled]"}},
},
"signup_user_id": &acc.SignupUserID,
}
expectedJson, err := json.Marshal(expectedMap)
if err != nil {
t.Logf("\t\tGot error : %+v", err)
return false
}
var expected account.AccountResponse
if err := json.Unmarshal([]byte(expectedJson), &expected); err != nil {
t.Logf("\t\tGot error : %+v", err)
printResultMap(ctx, body)
return false
}
if diff := cmp.Diff(actual, expected); diff != "" {
actualJSON, err := json.MarshalIndent(actual, "", " ")
if err != nil {
t.Logf("\t\tGot error : %+v", err)
return false
}
t.Logf("\t\tGot : %s\n", actualJSON)
expectedJSON, err := json.MarshalIndent(expected, "", " ")
if err != nil {
t.Logf("\t\tGot error : %+v", err)
return false
}
t.Logf("\t\tExpected : %s\n", expectedJSON)
t.Logf("\t\tDiff : %s\n", diff)
if len(expectedMap) == 0 {
printResultMap(ctx, body)
}
return false
}
return true
},
})
// Test 404.
invalidID := uuid.NewRandom().String()
rtests = append(rtests, requestTest{
fmt.Sprintf("Role %s 404 w/invalid ID", rn),
http.MethodGet,
fmt.Sprintf("/v1/accounts/%s", invalidID),
nil,
tr.Token,
tr.Claims,
http.StatusNotFound,
web.ErrorResponse{
Error: fmt.Sprintf("account %s not found: Entity not found", invalidID),
},
func(treq requestTest, body []byte) bool {
return true
},
})
// Test 404 - Account exists but not allowed.
rtests = append(rtests, requestTest{
fmt.Sprintf("Role %s 404 w/random account ID", rn),
http.MethodGet,
fmt.Sprintf("/v1/accounts/%s", forbiddenAccount.ID),
nil,
tr.Token,
tr.Claims,
http.StatusNotFound,
web.ErrorResponse{
Error: fmt.Sprintf("account %s not found: Entity not found", forbiddenAccount.ID),
},
func(treq requestTest, body []byte) bool {
return true
},
})
}
runRequestTests(t, rtests)
}
// patchAccount validates update account by ID endpoint.
func patchAccount(t *testing.T) {
var rtests []requestTest
// Test update an account
// Admin role: 204
// User role 403
for rn, tr := range roleTests {
var expectedStatus int
var expectedErr interface{}
// Test 204.
if rn == auth.RoleAdmin {
expectedStatus = http.StatusNoContent
} else {
expectedStatus = http.StatusForbidden
expectedErr = web.ErrorResponse{
Error: mid.ErrForbidden.Error(),
}
}
newName := rn + uuid.NewRandom().String() + strconv.Itoa(len(rtests))
rtests = append(rtests, requestTest{
fmt.Sprintf("Role %s %d", rn, expectedStatus),
http.MethodPatch,
"/v1/accounts",
account.AccountUpdateRequest{
ID: tr.SignupResult.Account.ID,
Name: &newName,
},
tr.Token,
tr.Claims,
expectedStatus,
expectedErr,
func(treq requestTest, body []byte) bool {
return true
},
})
}
// Test update an account with invalid data.
// Admin role: 400
// User role 400
for rn, tr := range roleTests {
var expectedStatus int
var expectedErr interface{}
if rn == auth.RoleAdmin {
expectedStatus = http.StatusBadRequest
expectedErr = web.ErrorResponse{
Error: "field validation error",
Fields: []web.FieldError{
{Field: "status", Error: "Key: 'AccountUpdateRequest.status' Error:Field validation for 'status' failed on the 'oneof' tag"},
},
}
} else {
expectedStatus = http.StatusForbidden
expectedErr = web.ErrorResponse{
Error: mid.ErrForbidden.Error(),
}
}
invalidStatus := account.AccountStatus("invalid status")
rtests = append(rtests, requestTest{
fmt.Sprintf("Role %s %d w/invalid data", rn, expectedStatus),
http.MethodPatch,
"/v1/accounts",
account.AccountUpdateRequest{
ID: tr.SignupResult.User.ID,
Status: &invalidStatus,
},
tr.Token,
tr.Claims,
expectedStatus,
expectedErr,
func(treq requestTest, body []byte) bool {
return true
},
})
}
// Test update an account for with an invalid ID.
// Admin role: 403
// User role 403
for rn, tr := range roleTests {
var expectedStatus int
var expectedErr interface{}
// Test 403.
if rn == auth.RoleAdmin {
expectedStatus = http.StatusForbidden
expectedErr = web.ErrorResponse{
Error: account.ErrForbidden.Error(),
}
} else {
expectedStatus = http.StatusForbidden
expectedErr = web.ErrorResponse{
Error: mid.ErrForbidden.Error(),
}
}
newName := rn + uuid.NewRandom().String() + strconv.Itoa(len(rtests))
invalidID := uuid.NewRandom().String()
rtests = append(rtests, requestTest{
fmt.Sprintf("Role %s %d w/invalid ID", rn, expectedStatus),
http.MethodPatch,
"/v1/accounts",
account.AccountUpdateRequest{
ID: invalidID,
Name: &newName,
},
tr.Token,
tr.Claims,
expectedStatus,
expectedErr,
func(treq requestTest, body []byte) bool {
return true
},
})
}
// Test update an account for with random account ID.
// Admin role: 403
// User role 403
forbiddenAccount := mockAccount()
for rn, tr := range roleTests {
var expectedStatus int
var expectedErr interface{}
// Test 403.
if rn == auth.RoleAdmin {
expectedStatus = http.StatusForbidden
expectedErr = web.ErrorResponse{
Error: account.ErrForbidden.Error(),
}
} else {
expectedStatus = http.StatusForbidden
expectedErr = web.ErrorResponse{
Error: mid.ErrForbidden.Error(),
}
}
newName := rn+uuid.NewRandom().String()+strconv.Itoa(len(rtests))
rtests = append(rtests, requestTest{
fmt.Sprintf("Role %s %d w/random account ID", rn, expectedStatus),
http.MethodPatch,
"/v1/accounts",
account.AccountUpdateRequest{
ID: forbiddenAccount.ID,
Name: &newName,
},
tr.Token,
tr.Claims,
expectedStatus,
expectedErr,
func(treq requestTest, body []byte) bool {
return true
},
})
}
runRequestTests(t, rtests)
}

185
example-project/cmd/web-api/tests/signup_test.go Normal file
View File

@@ -0,0 +1,185 @@
package tests
import (
"encoding/json"
"net/http"
"testing"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/auth"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/tests"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/web"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/signup"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/user"
"github.com/google/go-cmp/cmp"
"github.com/pborman/uuid"
)
func mockSignupRequest() signup.SignupRequest {
return signup.SignupRequest{
Account: signup.SignupAccount{
Name: uuid.NewRandom().String(),
Address1: "103 East Main St",
Address2: "Unit 546",
City: "Valdez",
Region: "AK",
Country: "USA",
Zipcode: "99686",
},
User: signup.SignupUser{
Name: "Lee Brown",
Email: uuid.NewRandom().String() + "@geeksinthewoods.com",
Password: "akTechFr0n!ier",
PasswordConfirm: "akTechFr0n!ier",
},
}
}
// TestSignup is the entry point for the signup
func TestSignup(t *testing.T) {
defer tests.Recover(t)
t.Run("postSigup", postSigup)
}
// postSigup validates the signup endpoint.
func postSigup(t *testing.T) {
var rtests []requestTest
// Test 201.
// Signup does not require auth, so empty token and claims should result in success.
req1 := mockSignupRequest()
rtests = append(rtests, requestTest{
"No Authorization Valid",
http.MethodPost,
"/v1/signup",
req1,
user.Token{},
auth.Claims{},
http.StatusCreated,
nil,
func(treq requestTest, body []byte) bool {
var actual signup.SignupResponse
if err := json.Unmarshal(body, &actual); err != nil {
t.Logf("\t\tGot error : %+v", err)
return false
}
ctx := tests.Context()
req := treq.request.(signup.SignupRequest )
expectedMap := map[string]interface{}{
"user": map[string]interface{}{
"id": actual.User.ID,
"name": req.User.Name,
"email": req.User.Email,
"timezone": actual.User.Timezone,
"created_at": web.NewTimeResponse(ctx, actual.User.CreatedAt.Value),
"updated_at": web.NewTimeResponse(ctx, actual.User.UpdatedAt.Value),
},
"account": map[string]interface{}{
"updated_at": web.NewTimeResponse(ctx, actual.Account.UpdatedAt.Value),
"id": actual.Account.ID,
"address2": req.Account.Address2,
"region": req.Account.Region,
"zipcode": req.Account.Zipcode,
"timezone": actual.Account.Timezone,
"created_at": web.NewTimeResponse(ctx, actual.Account.CreatedAt.Value),
"country": req.Account.Country,
"billing_user_id": &actual.Account.BillingUserID,
"name": req.Account.Name,
"address1": req.Account.Address1,
"city": req.Account.City,
"status": map[string]interface{}{
"value": "active",
"title": "Active",
"options": []map[string]interface{}{{"selected":false,"title":"[Active Pending Disabled]","value":"[active pending disabled]"}},
},
"signup_user_id": &actual.Account.SignupUserID,
},
}
expectedJson, err := json.Marshal(expectedMap)
if err != nil {
t.Logf("\t\tGot error : %+v", err)
return false
}
var expected signup.SignupResponse
if err := json.Unmarshal([]byte(expectedJson), &expected); err != nil {
t.Logf("\t\tGot error : %+v", err)
printResultMap(ctx, body)
return false
}
if diff := cmp.Diff(actual, expected); diff != "" {
actualJSON, err := json.MarshalIndent(actual, "", " ")
if err != nil {
t.Logf("\t\tGot error : %+v", err)
return false
}
t.Logf("\t\tGot : %s\n", actualJSON)
expectedJSON, err := json.MarshalIndent(expected, "", " ")
if err != nil {
t.Logf("\t\tGot error : %+v", err)
return false
}
t.Logf("\t\tExpected : %s\n", expectedJSON)
t.Logf("\t\tDiff : %s\n", diff)
if len(expectedMap) == 0 {
printResultMap(ctx, body)
}
return false
}
return true
},
})
// Test 404 w/empty request.
rtests = append(rtests, requestTest{
"Empty request",
http.MethodPost,
"/v1/signup",
nil,
user.Token{},
auth.Claims{},
http.StatusBadRequest,
web.ErrorResponse{
Error: "decode request body failed: EOF",
},
func(req requestTest, body []byte) bool {
return true
},
})
// Test 404 w/validation errors.
invalidReq := mockSignupRequest()
invalidReq.User.Email = ""
invalidReq.Account.Name = ""
rtests = append(rtests, requestTest{
"Invalid request",
http.MethodPost,
"/v1/signup",
invalidReq,
user.Token{},
auth.Claims{},
http.StatusBadRequest,
web.ErrorResponse{
Error: "field validation error",
Fields: []web.FieldError{
{Field: "name", Error: "Key: 'SignupRequest.account.name' Error:Field validation for 'name' failed on the 'required' tag"},
{Field: "email", Error: "Key: 'SignupRequest.user.email' Error:Field validation for 'email' failed on the 'required' tag"},
},
},
func(req requestTest, body []byte) bool {
return true
},
})
runRequestTests(t, rtests)
}

165
example-project/cmd/web-api/tests/tests_test.go
View File

@@ -1,14 +1,25 @@
package tests
import (
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/account"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/signup"
"github.com/pborman/uuid"
"bytes"
"context"
"encoding/json"
"fmt"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/web"
"github.com/google/go-cmp/cmp"
"io"
"net/http"
"net/http/httptest"
"os"
"strings"
"testing"
"time"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/account"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/signup"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/user_account"
"github.com/iancoleman/strcase"
"github.com/pborman/uuid"
"geeks-accelerator/oss/saas-starter-kit/example-project/cmd/web-api/handlers"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/auth"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/tests"
@@ -23,11 +34,23 @@ type roleTest struct {
Token user.Token
Claims auth.Claims
SignupRequest *signup.SignupRequest
SignupResponse *signup.SignupResponse
SignupResult *signup.SignupResult
User *user.User
Account *account.Account
}
type requestTest struct {
name string
method string
url string
request interface{}
token user.Token
claims auth.Claims
statusCode int
error interface{}
expected func(req requestTest, result []byte) bool
}
var roleTests map[string]roleTest
func init() {
@@ -92,7 +115,7 @@ func testMain(m *testing.M) int {
Token: adminTkn,
Claims: adminClaims,
SignupRequest: &signupReq,
SignupResponse: signup,
SignupResult: signup,
User: signup.User,
Account: signup.Account,
}
@@ -109,6 +132,16 @@ func testMain(m *testing.M) int {
panic(err)
}
_, err = user_account.Create(tests.Context(), adminClaims, test.MasterDB, user_account.UserAccountCreateRequest{
UserID: usr.ID,
AccountID: signup.Account.ID,
Roles: []user_account.UserAccountRole{user_account.UserAccountRole_User},
// Status: use default value
}, now)
if err != nil {
panic(err)
}
userTkn, err := user.Authenticate(tests.Context(), test.MasterDB, authenticator, usr.Email, userReq.Password, expires, now)
if err != nil {
panic(err)
@@ -123,10 +156,130 @@ func testMain(m *testing.M) int {
Token: userTkn,
Claims: userClaims,
SignupRequest: &signupReq,
SignupResponse: signup,
SignupResult: signup,
Account: signup.Account,
User: usr,
}
return m.Run()
}
// runRequestTests helper function for testing endpoints.
func runRequestTests(t *testing.T, rtests []requestTest ) {
for i, tt := range rtests {
t.Logf("\tTest: %d\tWhen running test: %s", i, tt.name)
{
var req []byte
var rr io.Reader
if tt.request != nil {
var ok bool
req, ok = tt.request.([]byte)
if !ok {
var err error
req, err = json.Marshal(tt.request)
if err != nil {
t.Logf("\t\tGot err : %+v", err)
t.Fatalf("\t%s\tEncode request failed.", tests.Failed)
}
}
rr = bytes.NewReader(req)
}
r := httptest.NewRequest(tt.method, tt.url , rr)
w := httptest.NewRecorder()
r.Header.Set("Content-Type", web.MIMEApplicationJSONCharsetUTF8)
if tt.token.AccessToken != "" {
r.Header.Set("Authorization", tt.token.AuthorizationHeader())
}
a.ServeHTTP(w, r)
if w.Code != tt.statusCode {
t.Logf("\t\tRequest : %s\n", string(req))
t.Logf("\t\tBody : %s\n", w.Body.String())
t.Fatalf("\t%s\tShould receive a status code of %d for the response : %v", tests.Failed, tt.statusCode, w.Code)
}
t.Logf("\t%s\tReceived valid status code of %d.", tests.Success, w.Code)
if tt.error != nil {
var actual web.ErrorResponse
if err := json.Unmarshal(w.Body.Bytes(), &actual); err != nil {
t.Logf("\t\tBody : %s\n", w.Body.String())
t.Logf("\t\tGot error : %+v", err)
t.Fatalf("\t%s\tShould get the expected error.", tests.Failed)
}
if diff := cmp.Diff(actual, tt.error); diff != "" {
t.Logf("\t\tDiff : %s\n", diff)
t.Fatalf("\t%s\tShould get the expected error.", tests.Failed)
}
}
if ok := tt.expected(tt, w.Body.Bytes()); !ok {
t.Fatalf("\t%s\tShould get the expected result.", tests.Failed)
}
t.Logf("\t%s\tReceived expected result.", tests.Success)
}
}
}
func printResultMap(ctx context.Context, result []byte) {
var m map[string]interface{}
if err := json.Unmarshal(result, &m); err != nil {
panic(err)
}
fmt.Println(`map[string]interface{}{`)
printResultMapKeys(ctx, m, 1)
fmt.Println(`}`)
}
func printResultMapKeys(ctx context.Context, m map[string]interface{}, depth int) {
var isEnum bool
if m["value"] != nil && m["title"] != nil && m["options"] != nil {
isEnum = true
}
for k, kv := range m {
fn := strcase.ToCamel(k)
switch k {
case "created_at", "updated_at", "archived_at":
pv := fmt.Sprintf("web.NewTimeResponse(ctx, actual.%s)", fn)
fmt.Printf("%s\"%s\": %s,\n", strings.Repeat("\t", depth), k, pv)
continue
}
if sm, ok := kv.([]map[string]interface{}); ok {
fmt.Printf("%s\"%s\": []map[string]interface{}{\n", strings.Repeat("\t", depth), k)
for _, smv := range sm {
printResultMapKeys(ctx, smv, depth +1)
}
fmt.Printf("%s},\n", strings.Repeat("\t", depth))
} else if sm, ok := kv.(map[string]interface{}); ok {
fmt.Printf("%s\"%s\": map[string]interface{}{\n", strings.Repeat("\t", depth), k)
printResultMapKeys(ctx, sm, depth +1)
fmt.Printf("%s},\n", strings.Repeat("\t", depth))
} else {
var pv string
if isEnum {
jv, _ := json.Marshal(kv)
pv = string(jv)
} else {
pv = fmt.Sprintf("req.%s", fn)
}
fmt.Printf("%s\"%s\": %s,\n", strings.Repeat("\t", depth), k, pv)
}
}
}

1000
example-project/cmd/web-api/tests/user_test.go
View File

File diff suppressed because it is too large Load Diff