tech/sendico
2
0
Fork 0
Code Issues 21 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

service backend
All checks were successful
ci/woodpecker/push/db Pipeline was successful
Details
ci/woodpecker/push/nats Pipeline was successful
Details

Browse Source
This commit is contained in:
Stephan D
2025-11-07 18:35:26 +01:00
parent 20e8f9acc4
commit 62a6631b9a
537 changed files with 48453 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
api/pkg/mutil/db/auth/protected.go Normal file
View File

@@ -0,0 +1,58 @@
package mutil
import (
"context"
"errors"
"github.com/tech/sendico/pkg/auth"
"github.com/tech/sendico/pkg/db/repository"
"github.com/tech/sendico/pkg/db/repository/builder"
"github.com/tech/sendico/pkg/merrors"
"github.com/tech/sendico/pkg/mlogger"
"github.com/tech/sendico/pkg/model"
mutil "github.com/tech/sendico/pkg/mutil/db"
"github.com/tech/sendico/pkg/mutil/mzap"
"go.mongodb.org/mongo-driver/bson/primitive"
"go.uber.org/zap"
)
func GetProtectedObjects[T any](
ctx context.Context,
logger mlogger.Logger,
accountRef, organizationRef primitive.ObjectID,
action model.Action,
filter builder.Query,
cursor *model.ViewCursor,
enforcer auth.Enforcer,
repo repository.Repository,
) ([]T, error) {
refs, err := repo.ListPermissionBound(ctx, repository.ApplyCursor(filter, cursor))
if err != nil {
if !errors.Is(err, merrors.ErrNoData) {
logger.Warn("Failed to fetch object IDs", zap.Error(err), mzap.ObjRef("account_ref", accountRef),
mzap.ObjRef("organization_ref", organizationRef), zap.String("action", string(action)))
} else {
logger.Debug("No matching IDs found", zap.Error(err), mzap.ObjRef("account_ref", accountRef),
mzap.ObjRef("organization_ref", organizationRef), zap.String("action", string(action)))
}
return nil, err
}
res, err := enforcer.EnforceBatch(ctx, refs, accountRef, action)
if err != nil {
logger.Warn("Failed to enforce object IDs", zap.Error(err), mzap.ObjRef("account_ref", accountRef),
mzap.ObjRef("organization_ref", organizationRef), zap.String("action", string(action)))
return nil, err
}
allowed := make([]primitive.ObjectID, 0, len(res))
for _, ref := range refs {
if ok := res[*ref.GetID()]; ok {
allowed = append(allowed, *ref.GetID())
}
}
if len(allowed) == 0 {
return nil, merrors.NoData("no_data_found_or_allowed")
}
return mutil.GetObjects[T](ctx, logger, repository.Query().In(repository.IDField(), allowed), cursor, repo)
}