Feat/kavach

action/organization/create.go

@@ -1,12 +1,15 @@
 package organization
 
 import (
+	"bytes"
 	"encoding/json"
+	"fmt"
 	"net/http"
+	"os"
 	"strconv"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 )
 
 // create create organization
@@ -30,9 +33,56 @@ func create(w http.ResponseWriter, r *http.Request) {
 
 	err = model.DB.Model(&model.OrganizationUser{}).Create(&permission).Error
 
+	if err != nil {
+		return
+	}
+
 	result := orgWithRole{}
 	result.Organization = *organization
 	result.Permission = permission
 
+	/* creating role of admins */
+	reqRole := &model.Role{}
+	reqRole.ID = "roles:org:" + fmt.Sprint(organization.ID) + ":admin"
+	reqRole.Members = []string{fmt.Sprint(userID)}
+
+	buf := new(bytes.Buffer)
+	json.NewEncoder(buf).Encode(&reqRole)
+	req, err := http.NewRequest("PUT", os.Getenv("KETO_API")+"/engines/acp/ory/regex/roles", buf)
+
+	if err != nil {
+		return
+	}
+
+	client := &http.Client{}
+	_, err = client.Do(req)
+
+	if err != nil {
+		return
+	}
+
+	/* creating policy for admins */
+	reqPolicy := &model.Policy{}
+	reqPolicy.ID = "org:" + fmt.Sprint(organization.ID) + ":admins"
+	reqPolicy.Subjects = []string{reqRole.ID}
+	reqPolicy.Resources = []string{"resources:org:" + fmt.Sprint(organization.ID) + ":<.*>"}
+	reqPolicy.Actions = []string{"actions:org:" + fmt.Sprint(organization.ID) + ":<.*>"}
+	reqPolicy.Effect = "allow"
+
+	buf = new(bytes.Buffer)
+	json.NewEncoder(buf).Encode(&reqPolicy)
+	req, err = http.NewRequest("PUT", os.Getenv("KETO_API")+"/engines/acp/ory/regex/policies", buf)
+
+	if err != nil {
+		return
+	}
+
+	client = &http.Client{}
+	_, err = client.Do(req)
+
+	if err != nil {
+		return
+	}
+
 	render.JSON(w, http.StatusCreated, result)
 }

action/organization/delete.go

@@ -4,8 +4,8 @@ import (
 	"net/http"
 	"strconv"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 	"github.com/go-chi/chi"
 )
 

action/organization/details.go

@@ -1,12 +1,11 @@
 package organization
 
 import (
-	"fmt"
 	"net/http"
 	"strconv"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 	"github.com/go-chi/chi"
 )
 
@@ -21,7 +20,7 @@ func details(w http.ResponseWriter, r *http.Request) {
 	var permission model.OrganizationUser
 
 	userID, _ := strconv.Atoi(r.Header.Get("X-User"))
-	fmt.Println(userID)
+
 	model.DB.Model(&model.OrganizationUser{}).Where(&model.OrganizationUser{
 		UserID:         uint(userID),
 		OrganizationID: uint(id),

action/organization/list.go

@@ -4,8 +4,8 @@ import (
 	"net/http"
 	"strconv"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 )
 
 // list return all organizations

action/organization/route.go

@@ -1,8 +1,8 @@
 package organization
 
 import (
-	"github.com/factly/identity/action/organization/user"
-	"github.com/factly/identity/model"
+	"github.com/factly/kavach-server/action/organization/user"
+	"github.com/factly/kavach-server/model"
 	"github.com/go-chi/chi"
 )
 

action/organization/update.go

@@ -5,8 +5,8 @@ import (
 	"net/http"
 	"strconv"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 	"github.com/go-chi/chi"
 )
 

action/organization/user/create.go

@@ -1,12 +1,15 @@
 package user
 
 import (
+	"bytes"
 	"encoding/json"
+	"fmt"
 	"net/http"
+	"os"
 	"strconv"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 	"github.com/go-chi/chi"
 )
 
@@ -15,6 +18,10 @@ type invite struct {
 	Role  string `json:"role"`
 }
 
+type role struct {
+	Members []string `json:"members"`
+}
+
 // create return all user in organization
 func create(w http.ResponseWriter, r *http.Request) {
 	organizationID := chi.URLParam(r, "organization_id")
@@ -24,22 +31,7 @@ func create(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// check the permission of host
-	host := &model.OrganizationUser{}
-	hostID, _ := strconv.Atoi(r.Header.Get("X-User"))
-
-	err = model.DB.Model(&model.OrganizationUser{}).Where(&model.OrganizationUser{
-		OrganizationID: uint(orgID),
-		UserID:         uint(hostID),
-		Role:           "owner",
-	}).First(host).Error
-
-	if err != nil {
-		return
-	}
-
 	// FindOrCreate invitee
-
 	req := invite{}
 	json.NewDecoder(r.Body).Decode(&req)
 
@@ -49,6 +41,27 @@ func create(w http.ResponseWriter, r *http.Request) {
 		Email: req.Email,
 	})
 
+	if req.Role == "owner" {
+		/* creating policy for admins */
+		reqRole := &model.Role{}
+		reqRole.Members = []string{fmt.Sprint(invitee.ID)}
+
+		buf := new(bytes.Buffer)
+		json.NewEncoder(buf).Encode(&reqRole)
+		req, err := http.NewRequest("PUT", os.Getenv("KETO_API")+"/engines/acp/ory/regex/roles/roles:org:"+fmt.Sprint(orgID)+":admin/members", buf)
+
+		if err != nil {
+			return
+		}
+
+		client := &http.Client{}
+		_, err = client.Do(req)
+
+		if err != nil {
+			return
+		}
+	}
+
 	// Add user into organization
 	result := &model.OrganizationUser{}
 

action/organization/user/delete.go

@@ -1,49 +1,59 @@
 package user
 
 import (
+	"fmt"
 	"net/http"
+	"os"
 	"strconv"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 	"github.com/go-chi/chi"
 )
 
 // create return all user in organization
 func delete(w http.ResponseWriter, r *http.Request) {
+	/* Check if record exist */
 	organizationID := chi.URLParam(r, "organization_id")
 	orgID, err := strconv.Atoi(organizationID)
 
 	if err != nil {
 		return
 	}
 
-	// check the permission of host
-	host := &model.OrganizationUser{}
-	hostID, _ := strconv.Atoi(r.Header.Get("X-User"))
-
-	err = model.DB.Model(&model.OrganizationUser{}).Where(&model.OrganizationUser{
-		OrganizationID: uint(orgID),
-		UserID:         uint(hostID),
-		Role:           "owner",
-	}).First(host).Error
+	permissionID := chi.URLParam(r, "permission_id")
+	pID, err := strconv.Atoi(permissionID)
 
 	if err != nil {
 		return
 	}
 
-	permissionID := chi.URLParam(r, "permission_id")
-	pID, errPermission := strconv.Atoi(permissionID)
+	result := &model.OrganizationUser{}
+	result.ID = uint(pID)
 
-	if errPermission != nil {
+	err = model.DB.First(&result).Error
+	if err != nil {
 		return
 	}
 
-	result := &model.OrganizationUser{}
-	result.ID = uint(pID)
-	result.OrganizationID = uint(orgID)
+	/* delete policy for admins */
+	if result.Role == "owner" {
+		req, err := http.NewRequest("DELETE", os.Getenv("KETO_API")+"/engines/acp/ory/regex/roles/roles:org:"+fmt.Sprint(orgID)+":admin/members/"+fmt.Sprint(result.UserID), nil)
+
+		if err != nil {
+			return
+		}
+
+		client := &http.Client{}
+		_, err = client.Do(req)
+
+		if err != nil {
+			return
+		}
+	}
 
-	model.DB.Model(&model.OrganizationUser{}).Delete(result)
+	/* DELETE */
+	model.DB.Delete(&result)
 
 	render.JSON(w, http.StatusOK, nil)
 }

action/organization/user/list.go

@@ -4,8 +4,8 @@ import (
 	"net/http"
 	"strconv"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 	"github.com/go-chi/chi"
 )
 

action/routes.go

@@ -3,8 +3,8 @@ package action
 import (
 	"net/http"
 
-	"github.com/factly/identity/action/organization"
-	"github.com/factly/identity/action/user"
+	"github.com/factly/kavach-server/action/organization"
+	"github.com/factly/kavach-server/action/user"
 	"github.com/go-chi/chi"
 	"github.com/go-chi/chi/middleware"
 	"github.com/go-chi/cors"

action/user/checker.go

@@ -6,8 +6,8 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 )
 
 type authenticationSession struct {

action/user/list.go

@@ -3,8 +3,8 @@ package user
 import (
 	"net/http"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 )
 
 // list return all organizations

action/user/me.go

@@ -4,8 +4,8 @@ import (
 	"net/http"
 	"strconv"
 
-	"github.com/factly/identity/model"
-	"github.com/factly/identity/util/render"
+	"github.com/factly/kavach-server/model"
+	"github.com/factly/kavach-server/util/render"
 )
 
 // create create organization

go.mod

@@ -1,4 +1,4 @@
-module github.com/factly/identity
+module github.com/factly/kavach-server
 
 go 1.13
 

main.go

@@ -1,22 +1,17 @@
 package main
 
 import (
-	"log"
 	"net/http"
 	"os"
 
-	"github.com/factly/identity/model"
+	"github.com/factly/kavach-server/model"
 	"github.com/joho/godotenv"
 
-	"github.com/factly/identity/action"
+	"github.com/factly/kavach-server/action"
 )
 
 func main() {
-	err := godotenv.Load()
-
-	if err != nil {
-		log.Fatal("error loding .env file")
-	}
+	godotenv.Load()
 
 	port, ok := os.LookupEnv("PORT")
 	if !ok {