go/golang-saas-starter-kit
1
0
Fork 0
mirror of https://github.com/raseels-repos/golang-saas-starter-kit.git synced 2025-06-15 00:15:15 +02:00
Code Issues Releases Activity

checkpoint for api handler tests

Browse Source
This commit is contained in:
Lee Brown
2019-06-26 01:16:57 -08:00
parent d6b6b605a4
commit b68bcf2c2c
16 changed files with 424 additions and 283 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
example-project/cmd/web-api/handlers/check.go
View File

@ -28,10 +28,10 @@ func (c *Check) Health(ctx context.Context, w http.ResponseWriter, r *http.Reque
}
// check redis
err = c.Redis.Ping().Err()
if err != nil {
return errors.Wrap(err, "Redis failed")
}
//err = c.Redis.Ping().Err()
//if err != nil {
// return errors.Wrap(err, "Redis failed")
//}
status := struct {
Status string `json:"status"`

2
example-project/cmd/web-api/handlers/routes.go
View File

@ -82,5 +82,7 @@ func API(shutdown chan os.Signal, log *log.Logger, masterDB *sqlx.DB, redis *red
// @Param data body web.TimeResponse false "Time Response"
// @Param data body web.EnumResponse false "Enum Response"
// @Param data body web.EnumOption false "Enum Option"
// @Param data body signup.SignupAccount false "SignupAccount"
// @Param data body signup.SignupUser false "SignupUser"
// To support nested types not parsed by swag.
func Types() {}

24
example-project/cmd/web-api/handlers/user.go
View File

@ -2,6 +2,7 @@ package handlers
import (
"context"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/user_account"
"net/http"
"strconv"
"strings"
@ -228,6 +229,29 @@ func (u *User) Create(ctx context.Context, w http.ResponseWriter, r *http.Reques
}
}
if claims.Audience != "" {
uaReq := user_account.UserAccountCreateRequest{
UserID: resp.User.ID,
AccountID: resp.Account.ID,
Roles: []user_account.UserAccountRole{user_account.UserAccountRole_Admin},
//Status: Use default value
}
_, err = user_account.Create(ctx, claims, u.MasterDB, uaReq, v.Now)
if err != nil {
switch err {
case user.ErrForbidden:
return web.NewRequestError(err, http.StatusForbidden)
default:
_, ok := err.(validator.ValidationErrors)
if ok {
return web.NewRequestError(err, http.StatusBadRequest)
}
return errors.Wrapf(err, "User account: %+v", &req)
}
}
}
return web.RespondJson(ctx, w, res.Response(ctx), http.StatusCreated)
}

3
example-project/cmd/web-api/tests/project_test.go
View File

@ -1,5 +1,6 @@
package tests
/*
import (
"bytes"
"encoding/json"
@ -16,6 +17,7 @@ import (
"gopkg.in/mgo.v2/bson"
)
// TestProjects is the entry point for the projects
func TestProjects(t *testing.T) {
defer tests.Recover(t)
@ -447,3 +449,4 @@ func putProject204(t *testing.T, id string) {
}
}
}
*/

129
example-project/cmd/web-api/tests/tests_test.go
View File

@ -1,8 +1,9 @@
package tests
import (
"crypto/rand"
"crypto/rsa"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/account"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/signup"
"github.com/pborman/uuid"
"net/http"
"os"
"testing"
@ -18,10 +19,20 @@ var a http.Handler
var test *tests.Test
// Information about the users we have created for testing.
var adminAuthorization string
var adminID string
var userAuthorization string
var userID string
type roleTest struct {
Token user.Token
Claims auth.Claims
SignupRequest *signup.SignupRequest
SignupResponse *signup.SignupResponse
User *user.User
Account *account.Account
}
var roleTests map[string]roleTest
func init() {
roleTests = make(map[string]roleTest)
}
// TestMain is the entry point for testing.
func TestMain(m *testing.M) {
@ -32,66 +43,90 @@ func testMain(m *testing.M) int {
test = tests.New()
defer test.TearDown()
// Create RSA keys to enable authentication in our service.
key, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
panic(err)
}
now := time.Date(2018, time.October, 1, 0, 0, 0, 0, time.UTC)
kid := "4754d86b-7a6d-4df5-9c65-224741361492"
kf := auth.NewSingleKeyFunc(kid, key.Public().(*rsa.PublicKey))
authenticator, err := auth.NewAuthenticator(key, kid, "RS256", kf)
authenticator, err := auth.NewAuthenticatorMemory(now)
if err != nil {
panic(err)
}
shutdown := make(chan os.Signal, 1)
a = handlers.API(shutdown, test.Log, test.MasterDB, authenticator)
a = handlers.API(shutdown, test.Log, test.MasterDB, nil, authenticator)
// Create an admin user directly with our business logic. This creates an
// initial user that we will use for admin validated endpoints.
nu := user.NewUser{
Email: "admin@ardanlabs.com",
Name: "Admin User",
Roles: []string{auth.RoleAdmin, auth.RoleUser},
Password: "gophers",
PasswordConfirm: "gophers",
// Create a new account directly business logic. This creates an
// initial account and user that we will use for admin validated endpoints.
signupReq := signup.SignupRequest{
Account: signup.SignupAccount{
Name: uuid.NewRandom().String(),
Address1: "103 East Main St",
Address2: "Unit 546",
City: "Valdez",
Region: "AK",
Country: "USA",
Zipcode: "99686",
},
User: signup.SignupUser{
Name: "Lee Brown",
Email: uuid.NewRandom().String() + "@geeksinthewoods.com",
Password: "akTechFr0n!ier",
PasswordConfirm: "akTechFr0n!ier",
},
}
admin, err := user.Create(tests.Context(), test.MasterDB, &nu, time.Now())
if err != nil {
panic(err)
}
adminID = admin.ID.Hex()
tkn, err := user.Authenticate(tests.Context(), test.MasterDB, authenticator, time.Now(), nu.Email, nu.Password)
signup, err := signup.Signup(tests.Context(), auth.Claims{}, test.MasterDB, signupReq, now)
if err != nil {
panic(err)
}
adminAuthorization = "Bearer " + tkn.Token
expires := time.Now().UTC().Sub(signup.User.CreatedAt) + time.Hour
adminTkn, err := user.Authenticate(tests.Context(), test.MasterDB, authenticator, signupReq.User.Email, signupReq.User.Password, expires, now)
if err != nil {
panic(err)
}
adminClaims, err := authenticator.ParseClaims(adminTkn.AccessToken)
if err != nil {
panic(err)
}
roleTests[auth.RoleAdmin] = roleTest{
Token: adminTkn,
Claims: adminClaims,
SignupRequest: &signupReq,
SignupResponse: signup,
User: signup.User,
Account: signup.Account,
}
// Create a regular user to use when calling regular validated endpoints.
nu = user.NewUser{
Email: "user@ardanlabs.com",
Name: "Regular User",
Roles: []string{auth.RoleUser},
Password: "concurrency",
PasswordConfirm: "concurrency",
userReq := user.UserCreateRequest{
Name: "Lucas Brown",
Email: uuid.NewRandom().String() + "@geeksinthewoods.com",
Password: "akTechFr0n!ier",
PasswordConfirm: "akTechFr0n!ier",
}
usr, err := user.Create(tests.Context(), test.MasterDB, &nu, time.Now())
if err != nil {
panic(err)
}
userID = usr.ID.Hex()
tkn, err = user.Authenticate(tests.Context(), test.MasterDB, authenticator, time.Now(), nu.Email, nu.Password)
usr, err := user.Create(tests.Context(), adminClaims, test.MasterDB, userReq, now)
if err != nil {
panic(err)
}
userAuthorization = "Bearer " + tkn.Token
userTkn, err := user.Authenticate(tests.Context(), test.MasterDB, authenticator, usr.Email, userReq.Password, expires, now)
if err != nil {
panic(err)
}
userClaims, err := authenticator.ParseClaims(userTkn.AccessToken)
if err != nil {
panic(err)
}
roleTests[auth.RoleUser] = roleTest{
Token: userTkn,
Claims: userClaims,
SignupRequest: &signupReq,
SignupResponse: signup,
Account: signup.Account,
User: usr,
}
return m.Run()
}

2
example-project/cmd/web-api/tests/user_test.go
View File

@ -1,5 +1,6 @@
package tests
/*
import (
"bytes"
"encoding/json"
@ -574,3 +575,4 @@ func putUser403(t *testing.T, id string) {
}
}
}
*/

189
example-project/internal/platform/auth/storage.go
View File

@ -1,15 +1,9 @@
package auth
import (
"fmt"
"github.com/dgrijalva/jwt-go"
"github.com/pborman/uuid"
"github.com/pkg/errors"
"io/ioutil"
"os"
"path/filepath"
"strconv"
"strings"
"time"
)
@ -21,191 +15,58 @@ type Storage interface {
Current() *PrivateKey
}
// StorageFile is a storage engine that stores private keys on the local file system.
type StorageFile struct {
// Local directory for storing private keys.
localDir string
// Duration for keys to be valid.
keyExpiration time.Duration
// Map of keys by kid (version id).
keys map[string]*PrivateKey
// The current active key to be used.
curPrivateKey *PrivateKey
// StorageMemory is a storage engine that stores a single private key in memory.
type StorageMemory struct {
privateKey *PrivateKey
}
// Keys returns a map of private keys by kID.
func (s *StorageFile) Keys() map[string]*PrivateKey {
if s == nil || s.keys == nil {
func (s *StorageMemory) Keys() map[string]*PrivateKey {
if s == nil || s.privateKey == nil {
return map[string]*PrivateKey{}
}
return s.keys
return map[string]*PrivateKey{
s.privateKey.keyID: s.privateKey,
}
}
// Current returns the most recently generated private key.
func (s *StorageFile) Current() *PrivateKey {
func (s *StorageMemory) Current() *PrivateKey {
if s == nil {
return nil
}
return s.curPrivateKey
return s.privateKey
}
// NewAuthenticatorFile is a help function that inits a new Authenticator
// using the file storage.
func NewAuthenticatorFile(localDir string, now time.Time, keyExpiration time.Duration) (*Authenticator, error) {
storage, err := NewStorageFile(localDir, now, keyExpiration)
// NewAuthenticatorMemory is a help function that inits a new Authenticator with a single key stored in memory.
func NewAuthenticatorMemory(now time.Time) (*Authenticator, error) {
storage, err := NewStorageMemory()
if err != nil {
return nil, err
}
return NewAuthenticator(storage, time.Now().UTC())
return NewAuthenticator(storage, now)
}
// NewStorageFile implements the interface Storage to support persisting private keys
// to the local file system.
// It will error if:
func NewStorageFile(localDir string, now time.Time, keyExpiration time.Duration) (*StorageFile, error) {
if localDir == "" {
localDir = filepath.Join(os.TempDir(), "auth-private-keys")
}
// NewStorageMemory implements the interface Storage to store a single key in memory.
func NewStorageMemory() (*StorageMemory, error) {
if _, err := os.Stat(localDir); os.IsNotExist(err) {
err = os.MkdirAll(localDir, os.ModePerm)
if err != nil {
return nil, errors.Wrapf(err, "failed to create storage directory %s", localDir)
}
}
storage := &StorageFile{
localDir: localDir,
keyExpiration: keyExpiration,
keys: make(map[string]*PrivateKey),
}
if now.IsZero() {
now = time.Now().UTC()
}
// Time threshold to stop loading keys, any key with a created date
// before this value will not be loaded.
var disabledCreatedDate time.Time
// Time threshold to create a new key. If a current key exists and the
// created date of the key is before this value, a new key will be created.
var activeCreatedDate time.Time
// If an expiration duration is included, convert to past time from now.
if keyExpiration.Seconds() != 0 {
// Ensure the expiration is a time in the past for comparison below.
if keyExpiration.Seconds() > 0 {
keyExpiration = keyExpiration * -1
}
// Stop loading keys when the created date exceeds two times the key expiration
disabledCreatedDate = now.UTC().Add(keyExpiration * 2)
// Time used to determine when a new key should be created.
activeCreatedDate = now.UTC().Add(keyExpiration)
}
// Values used to format filename.
filePrefix := "sassauth_"
fileExt := ".privatekey"
files, err := ioutil.ReadDir(localDir)
privateKey, err := KeyGen()
if err != nil {
return nil, errors.Wrapf(err, "failed to list files in directory %s", localDir)
return nil, errors.Wrap(err, "failed to generate new private key")
}
// Map of keys stored by version id. version id is kid.
keyContents := make(map[string][]byte)
// The current key id if there is an active one.
var curKeyId string
// The max created data to determine the most recent key.
var lastCreatedDate time.Time
for _, f := range files {
if !strings.HasPrefix(f.Name(), filePrefix) || !strings.HasSuffix(f.Name(), fileExt) {
continue
}
// Extract the created timestamp and kID from the filename.
fname := strings.TrimSuffix(f.Name(), fileExt)
pts := strings.Split(fname, "_")
if len(pts) != 3 {
return nil, errors.Errorf("unable to parse filename %s", f.Name())
}
createdAt := pts[1]
kID := pts[2]
// Covert string timestamp to int.
createdAtSecs, err := strconv.Atoi(createdAt)
if err != nil {
return nil, errors.Wrapf(err, "failed parse timestamp from %s", f.Name())
}
ts := time.Unix(int64(createdAtSecs), 0)
// If the created time of the key is less than the disabled threshold, skip.
if !disabledCreatedDate.IsZero() && ts.UTC().Unix() < disabledCreatedDate.UTC().Unix() {
continue
}
filePath := filepath.Join(localDir, f.Name())
dat, err := ioutil.ReadFile(filePath)
if err != nil {
return nil, errors.Wrapf(err, "failed read file %s", f.Name())
}
keyContents[kID] = dat
if lastCreatedDate.IsZero() || ts.UTC().Unix() > lastCreatedDate.UTC().Unix() {
curKeyId = kID
lastCreatedDate = ts.UTC()
}
pk, err := jwt.ParseRSAPrivateKeyFromPEM(privateKey)
if err != nil {
return nil, errors.Wrap(err, "parsing auth private key")
}
//
if !activeCreatedDate.IsZero() && lastCreatedDate.UTC().Unix() < activeCreatedDate.UTC().Unix() {
curKeyId = ""
}
// If there are no keys or the current key needs to be rotated, generate a new key.
if len(keyContents) == 0 || curKeyId == "" {
privateKey, err := KeyGen()
if err != nil {
return nil, errors.Wrap(err, "failed to generate new private key")
}
kID := uuid.NewRandom().String()
fname := fmt.Sprintf("%s%d_%s%s", filePrefix, now.UTC().Unix(), kID, fileExt)
filePath := filepath.Join(localDir, fname)
err = ioutil.WriteFile(filePath, privateKey, 0644)
if err != nil {
return nil, errors.Wrapf(err, "failed write file %s", filePath)
}
keyContents[curKeyId] = privateKey
}
// Loop through all the key bytes and load the private key.
for kid, key := range keyContents {
pk, err := jwt.ParseRSAPrivateKeyFromPEM(key)
if err != nil {
return nil, errors.Wrap(err, "parsing auth private key")
}
storage.keys[kid] = &PrivateKey{
storage := &StorageMemory{
privateKey: &PrivateKey{
PrivateKey: pk,
keyID: kid,
keyID: uuid.NewRandom().String(),
algorithm: algorithm,
}
if kid == curKeyId {
storage.curPrivateKey = storage.keys[kid]
}
},
}
return storage, nil

2
example-project/internal/platform/auth/storage_aws.go
View File

@ -44,7 +44,7 @@ func NewAuthenticatorAws(awsSession *session.Session, awsSecretID string, now ti
return nil, err
}
return NewAuthenticator(storage, time.Now().UTC())
return NewAuthenticator(storage, now)
}
// NewStorageAws implements the interface Storage to support persisting private keys

204
example-project/internal/platform/auth/storage_file.go Normal file
View File

@ -0,0 +1,204 @@
package auth
import (
"fmt"
"io/ioutil"
"os"
"path/filepath"
"strconv"
"strings"
"time"
"github.com/dgrijalva/jwt-go"
"github.com/pborman/uuid"
"github.com/pkg/errors"
)
// StorageFile is a storage engine that stores private keys on the local file system.
type StorageFile struct {
// Local directory for storing private keys.
localDir string
// Duration for keys to be valid.
keyExpiration time.Duration
// Map of keys by kid (version id).
keys map[string]*PrivateKey
// The current active key to be used.
curPrivateKey *PrivateKey
}
// Keys returns a map of private keys by kID.
func (s *StorageFile) Keys() map[string]*PrivateKey {
if s == nil || s.keys == nil {
return map[string]*PrivateKey{}
}
return s.keys
}
// Current returns the most recently generated private key.
func (s *StorageFile) Current() *PrivateKey {
if s == nil {
return nil
}
return s.curPrivateKey
}
// NewAuthenticatorFile is a help function that inits a new Authenticator
// using the file storage.
func NewAuthenticatorFile(localDir string, now time.Time, keyExpiration time.Duration) (*Authenticator, error) {
storage, err := NewStorageFile(localDir, now, keyExpiration)
if err != nil {
return nil, err
}
return NewAuthenticator(storage, now)
}
// NewStorageFile implements the interface Storage to support persisting private keys
// to the local file system.
func NewStorageFile(localDir string, now time.Time, keyExpiration time.Duration) (*StorageFile, error) {
if localDir == "" {
localDir = filepath.Join(os.TempDir(), "auth-private-keys")
}
if _, err := os.Stat(localDir); os.IsNotExist(err) {
err = os.MkdirAll(localDir, os.ModePerm)
if err != nil {
return nil, errors.Wrapf(err, "failed to create storage directory %s", localDir)
}
}
storage := &StorageFile{
localDir: localDir,
keyExpiration: keyExpiration,
keys: make(map[string]*PrivateKey),
}
if now.IsZero() {
now = time.Now().UTC()
}
// Time threshold to stop loading keys, any key with a created date
// before this value will not be loaded.
var disabledCreatedDate time.Time
// Time threshold to create a new key. If a current key exists and the
// created date of the key is before this value, a new key will be created.
var activeCreatedDate time.Time
// If an expiration duration is included, convert to past time from now.
if keyExpiration.Seconds() != 0 {
// Ensure the expiration is a time in the past for comparison below.
if keyExpiration.Seconds() > 0 {
keyExpiration = keyExpiration * -1
}
// Stop loading keys when the created date exceeds two times the key expiration
disabledCreatedDate = now.UTC().Add(keyExpiration * 2)
// Time used to determine when a new key should be created.
activeCreatedDate = now.UTC().Add(keyExpiration)
}
// Values used to format filename.
filePrefix := "sassauth_"
fileExt := ".privatekey"
files, err := ioutil.ReadDir(localDir)
if err != nil {
return nil, errors.Wrapf(err, "failed to list files in directory %s", localDir)
}
// Map of keys stored by version id. version id is kid.
keyContents := make(map[string][]byte)
// The current key id if there is an active one.
var curKeyId string
// The max created data to determine the most recent key.
var lastCreatedDate time.Time
for _, f := range files {
if !strings.HasPrefix(f.Name(), filePrefix) || !strings.HasSuffix(f.Name(), fileExt) {
continue
}
// Extract the created timestamp and kID from the filename.
fname := strings.TrimSuffix(f.Name(), fileExt)
pts := strings.Split(fname, "_")
if len(pts) != 3 {
return nil, errors.Errorf("unable to parse filename %s", f.Name())
}
createdAt := pts[1]
kID := pts[2]
// Covert string timestamp to int.
createdAtSecs, err := strconv.Atoi(createdAt)
if err != nil {
return nil, errors.Wrapf(err, "failed parse timestamp from %s", f.Name())
}
ts := time.Unix(int64(createdAtSecs), 0)
// If the created time of the key is less than the disabled threshold, skip.
if !disabledCreatedDate.IsZero() && ts.UTC().Unix() < disabledCreatedDate.UTC().Unix() {
continue
}
filePath := filepath.Join(localDir, f.Name())
dat, err := ioutil.ReadFile(filePath)
if err != nil {
return nil, errors.Wrapf(err, "failed read file %s", f.Name())
}
keyContents[kID] = dat
if lastCreatedDate.IsZero() || ts.UTC().Unix() > lastCreatedDate.UTC().Unix() {
curKeyId = kID
lastCreatedDate = ts.UTC()
}
}
//
if !activeCreatedDate.IsZero() && lastCreatedDate.UTC().Unix() < activeCreatedDate.UTC().Unix() {
curKeyId = ""
}
// If there are no keys or the current key needs to be rotated, generate a new key.
if len(keyContents) == 0 || curKeyId == "" {
privateKey, err := KeyGen()
if err != nil {
return nil, errors.Wrap(err, "failed to generate new private key")
}
kID := uuid.NewRandom().String()
fname := fmt.Sprintf("%s%d_%s%s", filePrefix, now.UTC().Unix(), kID, fileExt)
filePath := filepath.Join(localDir, fname)
err = ioutil.WriteFile(filePath, privateKey, 0644)
if err != nil {
return nil, errors.Wrapf(err, "failed write file %s", filePath)
}
keyContents[curKeyId] = privateKey
}
// Loop through all the key bytes and load the private key.
for kid, key := range keyContents {
pk, err := jwt.ParseRSAPrivateKeyFromPEM(key)
if err != nil {
return nil, errors.Wrap(err, "parsing auth private key")
}
storage.keys[kid] = &PrivateKey{
PrivateKey: pk,
keyID: kid,
algorithm: algorithm,
}
if kid == curKeyId {
storage.curPrivateKey = storage.keys[kid]
}
}
return storage, nil
}

40
example-project/internal/signup/models.go
View File

@ -7,25 +7,31 @@ import (
// SignupRequest contains information needed perform signup.
type SignupRequest struct {
Account struct {
Name string `json:"name" validate:"required,unique" example:"Company {RANDOM_UUID}"`
Address1 string `json:"address1" validate:"required" example:"221 Tatitlek Ave"`
Address2 string `json:"address2" validate:"omitempty" example:"Box #1832"`
City string `json:"city" validate:"required" example:"Valdez"`
Region string `json:"region" validate:"required" example:"AK"`
Country string `json:"country" validate:"required" example:"USA"`
Zipcode string `json:"zipcode" validate:"required" example:"99686"`
Timezone *string `json:"timezone" validate:"omitempty" example:"America/Anchorage"`
} `json:"account" validate:"required"` // Account details.
User struct {
Name string `json:"name" validate:"required" example:"Gabi May"`
Email string `json:"email" validate:"required,email,unique" example:"{RANDOM_EMAIL}"`
Password string `json:"password" validate:"required" example:"SecretString"`
PasswordConfirm string `json:"password_confirm" validate:"eqfield=Password" example:"SecretString"`
} `json:"user" validate:"required"` // User details.
Account SignupAccount `json:"account" validate:"required"` // Account details.
User SignupUser `json:"user" validate:"required"` // User details.
}
// SignupResponse contains information needed perform signup.
// SignupAccount defined the details needed for account.
type SignupAccount struct {
Name string `json:"name" validate:"required,unique" example:"Company {RANDOM_UUID}"`
Address1 string `json:"address1" validate:"required" example:"221 Tatitlek Ave"`
Address2 string `json:"address2" validate:"omitempty" example:"Box #1832"`
City string `json:"city" validate:"required" example:"Valdez"`
Region string `json:"region" validate:"required" example:"AK"`
Country string `json:"country" validate:"required" example:"USA"`
Zipcode string `json:"zipcode" validate:"required" example:"99686"`
Timezone *string `json:"timezone" validate:"omitempty" example:"America/Anchorage"`
}
// SignupUser defined the details needed for user.
type SignupUser struct {
Name string `json:"name" validate:"required" example:"Gabi May"`
Email string `json:"email" validate:"required,email,unique" example:"{RANDOM_EMAIL}"`
Password string `json:"password" validate:"required" example:"SecretString"`
PasswordConfirm string `json:"password_confirm" validate:"eqfield=Password" example:"SecretString"`
}
// SignupResponse response signup with created account and user.
type SignupResponse struct {
Account *account.Account `json:"account"`
User *user.User `json:"user"`

2
example-project/internal/signup/signup.go
View File

@ -96,7 +96,7 @@ func Signup(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req Signup
// Associate the created user with the new account. The first user for the account will
// always have the role of admin.
ua := user_account.CreateUserAccountRequest{
ua := user_account.UserAccountCreateRequest{
UserID: resp.User.ID,
AccountID: resp.Account.ID,
Roles: []user_account.UserAccountRole{user_account.UserAccountRole_Admin},

5
example-project/internal/signup/signup_test.go
View File

@ -5,7 +5,6 @@ import (
"testing"
"time"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/account"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/auth"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/tests"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/user"
@ -102,7 +101,7 @@ func TestSignupValidation(t *testing.T) {
func TestSignupFull(t *testing.T) {
req := SignupRequest{
Account: account.AccountCreateRequest{
Account: SignupAccount{
Name: uuid.NewRandom().String(),
Address1: "103 East Main St",
Address2: "Unit 546",
@ -111,7 +110,7 @@ func TestSignupFull(t *testing.T) {
Country: "USA",
Zipcode: "99686",
},
User: user.UserCreateRequest{
User: SignupUser{
Name: "Lee Brown",
Email: uuid.NewRandom().String() + "@geeksinthewoods.com",
Password: "akTechFr0n!ier",

5
example-project/internal/user/auth.go
View File

@ -295,6 +295,11 @@ func generateToken(ctx context.Context, dbConn *sqlx.DB, tknGen TokenGenerator,
return tkn, nil
}
// AuthorizationHeader returns the header authorization value.
func (t Token) AuthorizationHeader() string {
return "Bearer " + t.AccessToken
}
// mockTokenGenerator is used for testing that Authenticate calls its provided
// token generator in a specific way.
type MockTokenGenerator struct {

16
example-project/internal/user_account/models.go
View File

@ -66,20 +66,20 @@ func (m *UserAccount) Response(ctx context.Context) *UserAccountResponse {
return r
}
// CreateUserAccountRequest defines the information is needed to associate a user to an
// UserAccountCreateRequest defines the information is needed to associate a user to an
// account. Users are global to the application and each users access can be managed
// on an account level. If a current entry exists in the database but is archived,
// it will be un-archived.
type CreateUserAccountRequest struct {
type UserAccountCreateRequest struct {
UserID string `json:"user_id" validate:"required,uuid" example:"d69bdef7-173f-4d29-b52c-3edc60baf6a2"`
AccountID string `json:"account_id" validate:"required,uuid" example:"c4653bf9-5978-48b7-89c5-95704aebb7e2"`
Roles UserAccountRoles `json:"roles" validate:"required,dive,oneof=admin user" enums:"admin,user" swaggertype:"array,string" example:"admin"`
Status *UserAccountStatus `json:"status,omitempty" validate:"omitempty,oneof=active invited disabled" enums:"active,invited,disabled" swaggertype:"string" example:"active"`
}
// UpdateUserAccountRequest defines the information needed to update the roles or the
// UserAccountUpdateRequest defines the information needed to update the roles or the
// status for an existing user account.
type UpdateUserAccountRequest struct {
type UserAccountUpdateRequest struct {
UserID string `json:"user_id" validate:"required,uuid" example:"d69bdef7-173f-4d29-b52c-3edc60baf6a2"`
AccountID string `json:"account_id" validate:"required,uuid" example:"c4653bf9-5978-48b7-89c5-95704aebb7e2"`
Roles *UserAccountRoles `json:"roles,omitempty" validate:"required,dive,oneof=admin user" enums:"admin,user" swaggertype:"array,string" example:"user"`
@ -87,16 +87,16 @@ type UpdateUserAccountRequest struct {
unArchive bool `json:"-"` // Internal use only.
}
// ArchiveUserAccountRequest defines the information needed to remove an existing account
// UserAccountArchiveRequest defines the information needed to remove an existing account
// for a user. This will archive (soft-delete) the existing database entry.
type ArchiveUserAccountRequest struct {
type UserAccountArchiveRequest struct {
UserID string `json:"user_id" validate:"required,uuid" example:"d69bdef7-173f-4d29-b52c-3edc60baf6a2"`
AccountID string `json:"account_id" validate:"required,uuid" example:"c4653bf9-5978-48b7-89c5-95704aebb7e2"`
}
// DeleteUserAccountRequest defines the information needed to delete an existing account
// UserAccountDeleteRequest defines the information needed to delete an existing account
// for a user. This will hard delete the existing database entry.
type DeleteUserAccountRequest struct {
type UserAccountDeleteRequest struct {
UserID string `json:"user_id" validate:"required,uuid" example:"d69bdef7-173f-4d29-b52c-3edc60baf6a2"`
AccountID string `json:"account_id" validate:"required,uuid" example:"c4653bf9-5978-48b7-89c5-95704aebb7e2"`
}

10
example-project/internal/user_account/user_account.go
View File

@ -201,7 +201,7 @@ func FindByUserID(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, user
}
// Create a user account for a given user with specified roles.
func Create(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req CreateUserAccountRequest, now time.Time) (*UserAccount, error) {
func Create(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req UserAccountCreateRequest, now time.Time) (*UserAccount, error) {
span, ctx := tracer.StartSpanFromContext(ctx, "internal.user_account.Create")
defer span.Finish()
@ -243,7 +243,7 @@ func Create(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req Create
// If there is an existing entry, then update instead of insert.
var ua UserAccount
if len(existing) > 0 {
upReq := UpdateUserAccountRequest{
upReq := UserAccountUpdateRequest{
UserID: req.UserID,
AccountID: req.AccountID,
Roles: &req.Roles,
@ -315,7 +315,7 @@ func Read(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, id string, i
}
// Update replaces a user account in the database.
func Update(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req UpdateUserAccountRequest, now time.Time) error {
func Update(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req UserAccountUpdateRequest, now time.Time) error {
span, ctx := tracer.StartSpanFromContext(ctx, "internal.user_account.Update")
defer span.Finish()
@ -387,7 +387,7 @@ func Update(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req Update
}
// Archive soft deleted the user account from the database.
func Archive(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req ArchiveUserAccountRequest, now time.Time) error {
func Archive(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req UserAccountArchiveRequest, now time.Time) error {
span, ctx := tracer.StartSpanFromContext(ctx, "internal.user_account.Archive")
defer span.Finish()
@ -438,7 +438,7 @@ func Archive(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req Archi
}
// Delete removes a user account from the database.
func Delete(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req DeleteUserAccountRequest) error {
func Delete(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, req UserAccountDeleteRequest) error {
span, ctx := tracer.StartSpanFromContext(ctx, "internal.user_account.Delete")
defer span.Finish()

66
example-project/internal/user_account/user_account_test.go
View File

@ -143,49 +143,49 @@ func TestCreateValidation(t *testing.T) {
var accountTests = []struct {
name string
req CreateUserAccountRequest
expected func(req CreateUserAccountRequest, res *UserAccount) *UserAccount
req UserAccountCreateRequest
expected func(req UserAccountCreateRequest, res *UserAccount) *UserAccount
error error
}{
{"Required Fields",
CreateUserAccountRequest{},
func(req CreateUserAccountRequest, res *UserAccount) *UserAccount {
UserAccountCreateRequest{},
func(req UserAccountCreateRequest, res *UserAccount) *UserAccount {
return nil
},
errors.New("Key: 'CreateUserAccountRequest.UserID' Error:Field validation for 'UserID' failed on the 'required' tag\n" +
"Key: 'CreateUserAccountRequest.AccountID' Error:Field validation for 'AccountID' failed on the 'required' tag\n" +
"Key: 'CreateUserAccountRequest.Roles' Error:Field validation for 'Roles' failed on the 'required' tag"),
errors.New("Key: 'UserAccountCreateRequest.UserID' Error:Field validation for 'UserID' failed on the 'required' tag\n" +
"Key: 'UserAccountCreateRequest.AccountID' Error:Field validation for 'AccountID' failed on the 'required' tag\n" +
"Key: 'UserAccountCreateRequest.Roles' Error:Field validation for 'Roles' failed on the 'required' tag"),
},
{"Valid Role",
CreateUserAccountRequest{
UserAccountCreateRequest{
UserID: uuid.NewRandom().String(),
AccountID: uuid.NewRandom().String(),
Roles: []UserAccountRole{invalidRole},
},
func(req CreateUserAccountRequest, res *UserAccount) *UserAccount {
func(req UserAccountCreateRequest, res *UserAccount) *UserAccount {
return nil
},
errors.New("Key: 'CreateUserAccountRequest.Roles[0]' Error:Field validation for 'Roles[0]' failed on the 'oneof' tag"),
errors.New("Key: 'UserAccountCreateRequest.Roles[0]' Error:Field validation for 'Roles[0]' failed on the 'oneof' tag"),
},
{"Valid Status",
CreateUserAccountRequest{
UserAccountCreateRequest{
UserID: uuid.NewRandom().String(),
AccountID: uuid.NewRandom().String(),
Roles: []UserAccountRole{UserAccountRole_User},
Status: &invalidStatus,
},
func(req CreateUserAccountRequest, res *UserAccount) *UserAccount {
func(req UserAccountCreateRequest, res *UserAccount) *UserAccount {
return nil
},
errors.New("Key: 'CreateUserAccountRequest.Status' Error:Field validation for 'Status' failed on the 'oneof' tag"),
errors.New("Key: 'UserAccountCreateRequest.Status' Error:Field validation for 'Status' failed on the 'oneof' tag"),
},
{"Default Status",
CreateUserAccountRequest{
UserAccountCreateRequest{
UserID: uuid.NewRandom().String(),
AccountID: uuid.NewRandom().String(),
Roles: []UserAccountRole{UserAccountRole_User},
},
func(req CreateUserAccountRequest, res *UserAccount) *UserAccount {
func(req UserAccountCreateRequest, res *UserAccount) *UserAccount {
return &UserAccount{
UserID: req.UserID,
AccountID: req.AccountID,
@ -288,7 +288,7 @@ func TestCreateExistingEntry(t *testing.T) {
t.Fatalf("\t%s\tMock account failed.", tests.Failed)
}
req1 := CreateUserAccountRequest{
req1 := UserAccountCreateRequest{
UserID: userID,
AccountID: accountID,
Roles: []UserAccountRole{UserAccountRole_User},
@ -301,7 +301,7 @@ func TestCreateExistingEntry(t *testing.T) {
t.Fatalf("\t%s\tCreate user account roles should match request. Diff:\n%s", tests.Failed, diff)
}
req2 := CreateUserAccountRequest{
req2 := UserAccountCreateRequest{
UserID: req1.UserID,
AccountID: req1.AccountID,
Roles: []UserAccountRole{UserAccountRole_Admin},
@ -315,7 +315,7 @@ func TestCreateExistingEntry(t *testing.T) {
}
// Now archive the user account to test trying to create a new entry for an archived entry
err = Archive(tests.Context(), auth.Claims{}, test.MasterDB, ArchiveUserAccountRequest{
err = Archive(tests.Context(), auth.Claims{}, test.MasterDB, UserAccountArchiveRequest{
UserID: req1.UserID,
AccountID: req1.AccountID,
}, now)
@ -334,7 +334,7 @@ func TestCreateExistingEntry(t *testing.T) {
}
// Attempt to create the duplicate user account which should set archived_at back to nil
req3 := CreateUserAccountRequest{
req3 := UserAccountCreateRequest{
UserID: req1.UserID,
AccountID: req1.AccountID,
Roles: []UserAccountRole{UserAccountRole_User},
@ -368,32 +368,32 @@ func TestUpdateValidation(t *testing.T) {
var accountTests = []struct {
name string
req UpdateUserAccountRequest
req UserAccountUpdateRequest
error error
}{
{"Required Fields",
UpdateUserAccountRequest{},
errors.New("Key: 'UpdateUserAccountRequest.UserID' Error:Field validation for 'UserID' failed on the 'required' tag\n" +
"Key: 'UpdateUserAccountRequest.AccountID' Error:Field validation for 'AccountID' failed on the 'required' tag\n" +
"Key: 'UpdateUserAccountRequest.Roles' Error:Field validation for 'Roles' failed on the 'required' tag"),
UserAccountUpdateRequest{},
errors.New("Key: 'UserAccountUpdateRequest.UserID' Error:Field validation for 'UserID' failed on the 'required' tag\n" +
"Key: 'UserAccountUpdateRequest.AccountID' Error:Field validation for 'AccountID' failed on the 'required' tag\n" +
"Key: 'UserAccountUpdateRequest.Roles' Error:Field validation for 'Roles' failed on the 'required' tag"),
},
{"Valid Role",
UpdateUserAccountRequest{
UserAccountUpdateRequest{
UserID: uuid.NewRandom().String(),
AccountID: uuid.NewRandom().String(),
Roles: &UserAccountRoles{invalidRole},
},
errors.New("Key: 'UpdateUserAccountRequest.Roles[0]' Error:Field validation for 'Roles[0]' failed on the 'oneof' tag"),
errors.New("Key: 'UserAccountUpdateRequest.Roles[0]' Error:Field validation for 'Roles[0]' failed on the 'oneof' tag"),
},
{"Valid Status",
UpdateUserAccountRequest{
UserAccountUpdateRequest{
UserID: uuid.NewRandom().String(),
AccountID: uuid.NewRandom().String(),
Roles: &UserAccountRoles{UserAccountRole_User},
Status: &invalidStatus,
},
errors.New("Key: 'UpdateUserAccountRequest.Status' Error:Field validation for 'Status' failed on the 'oneof' tag"),
errors.New("Key: 'UserAccountUpdateRequest.Status' Error:Field validation for 'Status' failed on the 'oneof' tag"),
},
}
@ -550,7 +550,7 @@ func TestCrud(t *testing.T) {
}
// Associate that with the user.
createReq := CreateUserAccountRequest{
createReq := UserAccountCreateRequest{
UserID: userID,
AccountID: accountID,
Roles: []UserAccountRole{UserAccountRole_User},
@ -576,7 +576,7 @@ func TestCrud(t *testing.T) {
}
// Update the account.
updateReq := UpdateUserAccountRequest{
updateReq := UserAccountUpdateRequest{
UserID: userID,
AccountID: accountID,
Roles: &UserAccountRoles{UserAccountRole_Admin},
@ -624,7 +624,7 @@ func TestCrud(t *testing.T) {
}
// Archive (soft-delete) the user account.
err = Archive(tests.Context(), tt.claims(userID, accountID), test.MasterDB, ArchiveUserAccountRequest{
err = Archive(tests.Context(), tt.claims(userID, accountID), test.MasterDB, UserAccountArchiveRequest{
UserID: userID,
AccountID: accountID,
}, now)
@ -667,7 +667,7 @@ func TestCrud(t *testing.T) {
t.Logf("\t%s\tArchive user account ok.", tests.Success)
// Delete (hard-delete) the user account.
err = Delete(tests.Context(), tt.claims(userID, accountID), test.MasterDB, DeleteUserAccountRequest{
err = Delete(tests.Context(), tt.claims(userID, accountID), test.MasterDB, UserAccountDeleteRequest{
UserID: userID,
AccountID: accountID,
})
@ -717,7 +717,7 @@ func TestFind(t *testing.T) {
}
// Execute Create that will associate the user with the account.
ua, err := Create(tests.Context(), auth.Claims{}, test.MasterDB, CreateUserAccountRequest{
ua, err := Create(tests.Context(), auth.Claims{}, test.MasterDB, UserAccountCreateRequest{
UserID: userID,
AccountID: accountID,
Roles: []UserAccountRole{UserAccountRole_User},