server: fix build

2017-04-28 20:08:11 -07:00 · 2017-04-28 20:08:11 -07:00 · 4e4da828b5
parent d6da19c063
commit 4e4da828b5
7 changed files with 53 additions and 21 deletions
--- a/cmd/routed/gopreload.go
+++ b/cmd/routed/gopreload.go
--- a/cmd/routed/gops.go
+++ b/cmd/routed/gops.go
--- a/cmd/routed/main.go
+++ b/cmd/routed/main.go
--- a/server/common.go
+++ b/server/common.go
@ -21,7 +21,7 @@ func (s *Server) getAuth(ctx context.Context, scope string) (database.Token, err

 	md, ok := metadata.FromContext(ctx)
 	if !ok {
-		return "", grpc.Errorf(codes.Unauthenticated, "valid token required.")
+		return database.Token{}, grpc.Errorf(codes.Unauthenticated, "valid token required.")
 	}

 	jwtToken, ok := md["authorization"]
--- a/server/route.go
+++ b/server/route.go
@ -3,7 +3,6 @@ package server
 import (
 	proto "git.xeserv.us/xena/route/proto"
 	"github.com/Xe/ln"
-	"github.com/pkg/errors"
 	"golang.org/x/net/context"
 )

@ -17,16 +16,13 @@ var (
 	_ proto.RoutesServer = &Route{}
 )

-// errors
-var ()
-
-// generic error message
-const (
-	errorMsg = "internal service error, verify your parameters and try again later"
-)
-
 // Get fetches a route from the database.
 func (r *Route) Get(ctx context.Context, req *proto.GetRouteRequest) (*proto.Route, error) {
+	clitok, err := r.getAuth(ctx, "route:get")
+	if err != nil {
+		return nil, handleError(ctx, clitok, err, ln.F{"action": "Route.Get_getAuth"})
+	}
+
 	val, err := r.db.GetRoute(ctx, req.Host)
 	if err != nil {
 		ln.Error(err, ln.F{"action": "Route.Get"})
@ -34,12 +30,21 @@ func (r *Route) Get(ctx context.Context, req *proto.GetRouteRequest) (*proto.Rou
 		return nil, err
 	}

+	if val.Creator != clitok.Owner {
+		return nil, handleError(ctx, clitok, ErrNotAuthorized, ln.F{"action": "Route.Get_wrong_ownership"})
+	}
+
 	return val.AsProto(), nil
 }

 // GetAll fetches all of the routes that you own.
 func (r *Route) GetAll(ctx context.Context, req *proto.Nil) (*proto.GetAllRoutesResponse, error) {
-	routes, err := r.db.GetAllRoutes()
+	clitok, err := r.getAuth(ctx, "route:getall")
+	if err != nil {
+		return nil, handleError(ctx, clitok, err, ln.F{"action": "Route.GetAll_getAuth"})
+	}
+
+	routes, err := r.db.GetAllRoutes(ctx, clitok.Owner)
 	if err != nil {
 		ln.Error(err, ln.F{"action": "Route.GetAll"})

@ -59,6 +64,11 @@ func (r *Route) GetAll(ctx context.Context, req *proto.Nil) (*proto.GetAllRoutes
 }

 func (r *Route) Put(ctx context.Context, rt *proto.Route) (*proto.IDResponse, error) {
+	clitok, err := r.getAuth(ctx, "route:put")
+	if err != nil {
+		return nil, handleError(ctx, clitok, err, ln.F{"action": "Route.Put_getAuth"})
+	}
+
 	drt, err := r.db.PutRoute(ctx, rt.Host, "http")
 	if err != nil {
 		ln.Error(err, ln.F{"action": "Route.Put"})
@ -68,10 +78,15 @@ func (r *Route) Put(ctx context.Context, rt *proto.Route) (*proto.IDResponse, er

 	return &proto.IDResponse{
 		Id: drt.ID,
-	}
+	}, nil
 }

 func (r *Route) Delete(ctx context.Context, rt *proto.Route) (*proto.IDResponse, error) {
+	clitok, err := r.getAuth(ctx, "route:delete")
+	if err != nil {
+		return nil, handleError(ctx, clitok, err, ln.F{"action": "Route.Delete_getAuth"})
+	}
+
 	drt, err := r.db.GetRoute(ctx, rt.Host)
 	if err != nil {
 		ln.Error(err, ln.F{"action": "Route.Delete_getRoute_verify"})
@ -79,13 +94,18 @@ func (r *Route) Delete(ctx context.Context, rt *proto.Route) (*proto.IDResponse,
 		return nil, err
 	}

-	err := r.db.DeleteRoute(ctx, rt.Id)
+	if drt.Creator != clitok.Owner {
+		return nil, handleError(ctx, clitok, ErrNotAuthorized, ln.F{"action": "Route.Delete_not_authorized"})
+	}
+
+	err = r.db.DeleteRoute(ctx, rt.Id)
 	f := drt.F()
 	f["action"] = "Route.Delete_db.DeleteRoute"
 	if err != nil {
-		ln.Error(err, f)
-		return nil, err
+		handleError(ctx, clitok, ErrNotAuthorized, f)
 	}

+	ln.Log(f, drt.F())
+
 	return &proto.IDResponse{Id: rt.Id}, nil
 }
--- a/server/server.go
+++ b/server/server.go
@ -10,8 +10,10 @@ import (

 	"git.xeserv.us/xena/route/database"
 	"git.xeserv.us/xena/route/lib/tun2"
+	proto "git.xeserv.us/xena/route/proto"
 	"github.com/mtneug/pkg/ulid"
 	"golang.org/x/crypto/acme/autocert"
+	"google.golang.org/grpc"
 )

 // RPC constants
@ -25,7 +27,7 @@ type Server struct {
 	db  database.Storage
 	ts  *tun2.Server

-	autocert.Manager
+	*autocert.Manager
 }

 // Config configures Server
@ -54,7 +56,7 @@ func New(cfg Config) (*Server, error) {
 		return nil, err
 	}

-	m := autocert.Manager{
+	m := &autocert.Manager{
 		Prompt:     autocert.AcceptTOS,
 		Cache:      database.Cache(db),
 		HostPolicy: nil,
@ -87,6 +89,18 @@ func New(cfg Config) (*Server, error) {
 	s.ts = ts
 	go ts.ListenAndServe()

+	var gs *grpc.Server
+
+	proto.RegisterRoutesServer(gs, &Route{Server: s})
+	proto.RegisterTokensServer(gs, &Token{Server: s})
+
+	l, err := net.Listen("tcp", cfg.GRPCAddr)
+	if err != nil {
+		return nil, err
+	}
+
+	go gs.Serve(l)
+
 	return s, nil
 }

--- a/server/token.go
+++ b/server/token.go
@ -1,12 +1,10 @@
 package server

 import (
-	"context"
-
+	proto "git.xeserv.us/xena/route/proto"
 	"github.com/Xe/ln"
 	"github.com/Xe/uuid"
-
-	proto "git.xeserv.us/xena/route/proto"
+	"golang.org/x/net/context"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 )