Skip to content

Commit

Permalink
merge develop into main (#61)
Browse files Browse the repository at this point in the history
  • Loading branch information
stefanvit authored Mar 29, 2024
2 parents 252ba1e + e249336 commit 992c320
Show file tree
Hide file tree
Showing 19 changed files with 507 additions and 9 deletions.
4 changes: 2 additions & 2 deletions .secrets.baseline
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@
"filename": "driver/web/adapter.go",
"hashed_secret": "a7d09aaaf55864f7ce39a7715aabed433c3fe661",
"is_verified": false,
"line_number": 228
"line_number": 232
}
],
"driver/web/auth.go": [
Expand All @@ -172,5 +172,5 @@
}
]
},
"generated_at": "2024-03-15T11:09:08Z"
"generated_at": "2024-03-28T07:54:12Z"
}
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]
[2.4.0] - 2024-03-29
### Added
- Ability to block/blacklist specific Webtools events [#57](https://github.com/rokwire/gateway-building-block/issues/57)

[2.3.2] - 2024-03-27
- Increase webtools transaction timeout

Expand Down
4 changes: 2 additions & 2 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@
Patches for **Gateway Building Block** in this repository will only be applied to the following versions:
| Version | Supported |
| ------- | ------------------ |
| 2.3.2 | :white_check_mark: |
| < 2.3.2 | :x: |
| 2.4.0 | :white_check_mark: |
| < 2.4.0 | :x: |

## Reporting a Bug or Vulnerability

Expand Down
27 changes: 27 additions & 0 deletions core/apis_admin.go
Original file line number Diff line number Diff line change
Expand Up @@ -193,6 +193,33 @@ func (a appAdmin) DeleteConfig(id string, claims *tokenauth.Claims) error {
return nil
}

func (a appAdmin) AddWebtoolsBlackList(dataSourceIDs []string, dataCalendarIDs []string) error {
err := a.app.storage.AddWebtoolsBlacklistData(dataSourceIDs, dataCalendarIDs)
if err != nil {
return nil
}

return nil
}

func (a appAdmin) GetWebtoolsBlackList() ([]model.WebToolsItem, error) {

blacklist, err := a.app.storage.FindWebtoolsBlacklistData()
if err != nil {
return nil, errors.WrapErrorAction(logutils.ActionInsert, model.TypeConfig, nil, err)
}
return blacklist, nil
}

func (a appAdmin) RemoveWebtoolsBlackList(sourceIds []string, calendarids []string) error {
err := a.app.storage.RemoveWebtoolsBlacklistData(sourceIds, calendarids)
if err != nil {
return nil
}

return nil
}

// newAppAdmin creates new appAdmin
func newAppAdmin(app *Application) appAdmin {
return appAdmin{app: app}
Expand Down
37 changes: 36 additions & 1 deletion core/apis_bbs.go
Original file line number Diff line number Diff line change
Expand Up @@ -90,15 +90,50 @@ func (a appBBs) DeleteAppointment(uin string, providerid int, sourceid string, a
}
return ret, nil
}

func (a appBBs) GetLegacyEvents() ([]model.LegacyEvent, error) {

leEvents, err := a.app.storage.FindAllLegacyEvents()
if err != nil {
return nil, err
}

return leEvents, nil
blacklist, err := a.app.storage.FindWebtoolsBlacklistData()
if err != nil {
return nil, err
}

var newLegacyEvents []model.LegacyEvent
for _, le := range leEvents {

isBlacklisted := a.isBlacklisted(blacklist, le)
if !isBlacklisted {
newLegacyEvents = append(newLegacyEvents, le)
}
}

return newLegacyEvents, nil

}

func (a appBBs) isBlacklisted(blacklists []model.WebToolsItem, event model.LegacyEvent) bool {
for _, blacklist := range blacklists {
switch blacklist.Name {
case "webtools_events_ids":
for _, id := range blacklist.Data {
if event.DataSourceEventID == id {
return true
}
}
case "webtools_calendar_ids":
for _, id := range blacklist.Data {
if event.CalendarID == id {
return true
}
}
}
}
return false
}

// newAppBBs creates new appBBs
Expand Down
7 changes: 7 additions & 0 deletions core/interfaces.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,9 @@ type Admin interface {
CreateConfig(config model.Config, claims *tokenauth.Claims) (*model.Config, error)
UpdateConfig(config model.Config, claims *tokenauth.Claims) error
DeleteConfig(id string, claims *tokenauth.Claims) error
AddWebtoolsBlackList(dataSourceIDs []string, dataCalendarIDs []string) error
GetWebtoolsBlackList() ([]model.WebToolsItem, error)
RemoveWebtoolsBlackList(sourceids []string, calendarids []string) error
}

// BBs exposes Building Block APIs for the driver adapters
Expand Down Expand Up @@ -127,6 +130,10 @@ type Storage interface {
DeleteLegacyEventsByIDs(context storage.TransactionContext, Ids map[string]string) error
DeleteLegacyEventsByIDsAndCreator(context storage.TransactionContext, ids []string, accountID string) error
FindAllLegacyEvents() ([]model.LegacyEvent, error)

FindWebtoolsBlacklistData() ([]model.WebToolsItem, error)
AddWebtoolsBlacklistData(dataSourceIDs []string, dataCalendarIDs []string) error
RemoveWebtoolsBlacklistData(dataSourceIDs []string, dataCalendarIDs []string) error
}

// StorageListener represents storage listener
Expand Down
6 changes: 6 additions & 0 deletions core/model/legacyEvents.go
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,12 @@ type WebToolsEvent struct {
} `xml:"topic"`
}

// WebToolsItem represents web tools blacklist ids
type WebToolsItem struct {
Name string `json:"name" bson:"name"`
Data []string `json:"data" bson:"data"`
}

// LegacyEvent wrapper
type LegacyEvent struct {
AllDay bool `json:"allDay" bson:"allDay"`
Expand Down
72 changes: 72 additions & 0 deletions driven/storage/adapter.go
Original file line number Diff line number Diff line change
Expand Up @@ -369,6 +369,78 @@ func (a *Adapter) FindAllLegacyEvents() ([]model.LegacyEvent, error) {
return legacyEvents, err
}

// AddWebtoolsBlacklistData update data from the database
func (a *Adapter) AddWebtoolsBlacklistData(dataSourceIDs []string, dataCalendarIDs []string) error {
filterSource := bson.M{"name": "webtools_events_ids"}
updateSource := bson.M{
"$addToSet": bson.M{
"data": bson.M{"$each": dataSourceIDs},
},
}

_, err := a.db.webtoolsBlacklistItems.UpdateOne(a.context, filterSource, updateSource, nil)
if err != nil {
return errors.WrapErrorAction(logutils.ActionUpdate, model.TypeExample, filterArgs(filterSource), err)
}

filterCalendar := bson.M{"name": "webtools_calendar_ids"}
updateCalendar := bson.M{
"$addToSet": bson.M{
"data": bson.M{"$each": dataCalendarIDs},
},
}

_, err = a.db.webtoolsBlacklistItems.UpdateOne(a.context, filterCalendar, updateCalendar, nil)
if err != nil {
return errors.WrapErrorAction(logutils.ActionUpdate, model.TypeExample, filterArgs(filterCalendar), err)
}

return nil

}

// RemoveWebtoolsBlacklistData update data from the database
func (a *Adapter) RemoveWebtoolsBlacklistData(dataSourceIDs []string, dataCalendarIDs []string) error {
filterSource := bson.M{"name": "webtools_events_ids"}
updateSource := bson.M{
"$pull": bson.M{
"data": bson.M{"$in": dataSourceIDs},
},
}

_, err := a.db.webtoolsBlacklistItems.UpdateOne(a.context, filterSource, updateSource, nil)
if err != nil {
return errors.WrapErrorAction(logutils.ActionUpdate, model.TypeExample, filterArgs(filterSource), err)
}

filterCalendar := bson.M{"name": "webtools_calendar_ids"}
updateCalendar := bson.M{
"$pull": bson.M{
"data": bson.M{"$in": dataCalendarIDs},
},
}

_, err = a.db.webtoolsBlacklistItems.UpdateOne(a.context, filterCalendar, updateCalendar, nil)
if err != nil {
return errors.WrapErrorAction(logutils.ActionUpdate, model.TypeExample, filterArgs(filterCalendar), err)
}

return nil

}

// FindWebtoolsBlacklistData finds all webtools blacklist from the database
func (a *Adapter) FindWebtoolsBlacklistData() ([]model.WebToolsItem, error) {
filterSource := bson.M{}
var dataSource []model.WebToolsItem
err := a.db.webtoolsBlacklistItems.Find(a.context, filterSource, &dataSource, nil)
if err != nil {
return nil, err
}

return dataSource, nil
}

// PerformTransaction performs a transaction
func (a *Adapter) PerformTransaction(transaction func(context TransactionContext) error, timeoutMilliSeconds int64) error {
// transaction
Expand Down
19 changes: 17 additions & 2 deletions driven/storage/database.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,9 @@ type database struct {
examples *collectionWrapper
unitcalendars *collectionWrapper

legacyEvents *collectionWrapper
legacyLocations *collectionWrapper
legacyEvents *collectionWrapper
legacyLocations *collectionWrapper
webtoolsBlacklistItems *collectionWrapper

listeners []Listener
}
Expand Down Expand Up @@ -105,6 +106,12 @@ func (d *database) start() error {
return err
}

webtoolsBlacklistItems := &collectionWrapper{database: d, coll: db.Collection("webtools_blacklist_items")}
err = d.applyWebtoolsBlacklistItemsChecks(webtoolsBlacklistItems)
if err != nil {
return err
}

//assign the db, db client and the collections
d.db = db
d.dbClient = client
Expand All @@ -115,6 +122,7 @@ func (d *database) start() error {
d.legacyEvents = legacyEvents
d.unitcalendars = unitcalendars
d.legacyLocations = legacyLocations
d.webtoolsBlacklistItems = webtoolsBlacklistItems

go d.configs.Watch(nil, d.logger)

Expand Down Expand Up @@ -185,6 +193,13 @@ func (d *database) applyLegacyLocationsChecks(locations *collectionWrapper) erro
return nil
}

func (d *database) applyWebtoolsBlacklistItemsChecks(webtoolsBlacklistItems *collectionWrapper) error {
d.logger.Info("apply webtools_blacklist_items checks.....")

d.logger.Info("legacy webtools_blacklist_items passed")
return nil
}

func (d *database) onDataChanged(changeDoc map[string]interface{}) {
if changeDoc == nil {
return
Expand Down
4 changes: 4 additions & 0 deletions driver/web/adapter.go
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,10 @@ func (a Adapter) Start() {
adminRouter.HandleFunc("/configs/{id}", a.wrapFunc(a.adminAPIsHandler.updateConfig, a.auth.admin.Permissions)).Methods("PUT")
adminRouter.HandleFunc("/configs/{id}", a.wrapFunc(a.adminAPIsHandler.deleteConfig, a.auth.admin.Permissions)).Methods("DELETE")

adminRouter.HandleFunc("/webtools-blacklist", a.wrapFunc(a.adminAPIsHandler.addwebtoolsblacklist, a.auth.admin.Permissions)).Methods("PUT")
adminRouter.HandleFunc("/webtools-blacklist", a.wrapFunc(a.adminAPIsHandler.getwebtoolsblacklist, a.auth.admin.Permissions)).Methods("GET")
adminRouter.HandleFunc("/webtools-blacklist", a.wrapFunc(a.adminAPIsHandler.removewebtoolsblacklist, a.auth.admin.Permissions)).Methods("DELETE")

// BB APIs
bbsRouter := mainRouter.PathPrefix("/bbs").Subrouter()
bbsRouter.HandleFunc("/examples/{id}", a.wrapFunc(a.bbsAPIsHandler.getExample, a.auth.bbs.Permissions)).Methods("GET")
Expand Down
2 changes: 2 additions & 0 deletions driver/web/admin_permission_policy.csv
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,5 @@ p, update_configs_gateway, /gateway/api/admin/configs/*, (GET)|(PUT), Update gat
p, update_configs_gateway, /gateway/api/admin/configs, (GET)|(POST),
p, delete_configs_gateway, /gateway/api/admin/configs/*, (GET)|(DELETE), Delete gateway configs
p, delete_configs_gateway, /gateway/api/admin/configs, (GET),

p, webtools_blacklist, /gateway/api/admin/webtools-blacklist, (GET)|(POST)|(PUT)|(DELETE), Webtools blacklist actions
77 changes: 77 additions & 0 deletions driver/web/apis_admin.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,10 @@ package web
import (
"application/core"
"application/core/model"
Def "application/driver/web/docs/gen"
"encoding/json"
"net/http"
"strings"

"github.com/gorilla/mux"
"github.com/rokwire/core-auth-library-go/v3/authutils"
Expand Down Expand Up @@ -235,6 +237,81 @@ func (h AdminAPIsHandler) deleteConfig(l *logs.Log, r *http.Request, claims *tok
return l.HTTPResponseSuccess()
}

func (h AdminAPIsHandler) addwebtoolsblacklist(l *logs.Log, r *http.Request, claims *tokenauth.Claims) logs.HTTPResponse {
var requestData Def.PutApiAdminWebtoolsBlacklistJSONBody
err := json.NewDecoder(r.Body).Decode(&requestData)
if err != nil {
return l.HTTPResponseErrorAction(logutils.ActionUnmarshal, logutils.TypeRequestBody, nil, err, http.StatusBadRequest, true)
}

var dataSourceIDs []string
for _, w := range *requestData.DataSourceIds {
if w != "" {
dataSourceIDs = append(dataSourceIDs, w)
} else {
dataSourceIDs = nil
}
}

var dataCalendarIDs []string
for _, w := range *requestData.DataCalendarIds {
if w != "" {
dataCalendarIDs = append(dataCalendarIDs, w)
} else {
dataCalendarIDs = nil
}
}

err = h.app.Admin.AddWebtoolsBlackList(dataSourceIDs, dataCalendarIDs)
if err != nil {
return l.HTTPResponseErrorAction(logutils.ActionCreate, model.TypeConfig, nil, err, http.StatusInternalServerError, true)
}

return l.HTTPResponseSuccess()
}

func (h AdminAPIsHandler) getwebtoolsblacklist(l *logs.Log, r *http.Request, claims *tokenauth.Claims) logs.HTTPResponse {

blacklist, err := h.app.Admin.GetWebtoolsBlackList()
if err != nil {
return l.HTTPResponseErrorAction(logutils.ActionCreate, model.TypeConfig, nil, err, http.StatusInternalServerError, true)
}

data, err := json.Marshal(blacklist)
if err != nil {
return l.HTTPResponseErrorAction(logutils.ActionMarshal, model.TypeConfig, nil, err, http.StatusInternalServerError, false)
}

return l.HTTPResponseSuccessJSON(data)
}

func (h AdminAPIsHandler) removewebtoolsblacklist(l *logs.Log, r *http.Request, claims *tokenauth.Claims) logs.HTTPResponse {
var sourceIdsList []string
sourceIdsArg := r.URL.Query().Get("source_ids")

if sourceIdsArg != "" {
sourceIdsList = strings.Split(sourceIdsArg, ",")
} else {
sourceIdsList = nil
}

var calendarIdsList []string
calendarIdsArg := r.URL.Query().Get("calendar_ids")

if calendarIdsArg != "" {
calendarIdsList = strings.Split(calendarIdsArg, ",")
} else {
calendarIdsList = nil
}

err := h.app.Admin.RemoveWebtoolsBlackList(sourceIdsList, calendarIdsList)
if err != nil {
return l.HTTPResponseErrorAction(logutils.ActionCreate, model.TypeConfig, nil, err, http.StatusInternalServerError, true)
}

return l.HTTPResponseSuccess()
}

// NewAdminAPIsHandler creates new rest Handler instance
func NewAdminAPIsHandler(app *core.Application) AdminAPIsHandler {
return AdminAPIsHandler{app: app}
Expand Down
Loading

0 comments on commit 992c320

Please sign in to comment.