Brijesh's Git Server — argus-core @ ad14ae9ef6df214964267107a8b29d85545baddb

Logging service

internal/applications/twirp_server.go (view raw)

 1
 2
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114
 115
 116
 117
 118
 119
 120
 121
 122
 123
 124
 125
 126
 127
 128
 129
 130
 131
 132
 133
 134
 135
 136
 137
 138
 139
 140
 141
 142
 143
 144
 145
 146
 147
 148
 149
 150
 151
 152
 153
 154
 155
 156
 157
 158
 159
 160
 161
 162
 163
 164
 165
 166
 167
 168
 169
 170
 171
 172
 173
 174
 175
 176
 177
 178
 179
 180
 181
 182
 183
 184
 185
 186
 187
 188
 189
 190
 191
 192
 193
 194
 195
 196
 197
 198
 199
 200
 201
 202
 203
 204
 205
 206
 207
 208
 209
 210
 211
 212
 213
 214
 
package applications

import (
	"context"
	"time"

	"argus-core/internal/auth"
	"argus-core/internal/database"
	pb "argus-core/rpc/applications"

	"github.com/gocql/gocql"
	"github.com/twitchtv/twirp"
)

type TwirpServer struct {
	authService auth.Service
	db          database.Service
}

func NewTwirpServer(authService auth.Service, db database.Service) pb.ApplicationsService {
	return &TwirpServer{
		authService: authService,
		db:          db,
	}
}

func formatApplicationResponse(app *database.Application) *pb.Application {
	return &pb.Application{
		Id:          app.ID.String(),
		UserId:      app.UserID.String(),
		Name:        app.Name,
		Description: app.Description,
		CreatedAt:   app.CreatedAt.Format(time.RFC3339),
		UpdatedAt:   app.UpdatedAt.Format(time.RFC3339),
	}
}

func (s *TwirpServer) CreateApplication(ctx context.Context, req *pb.CreateApplicationRequest) (*pb.CreateApplicationResponse, error) {
	if err := validateCreateApplicationRequest(req); err != nil {
		return nil, twirp.InvalidArgumentError("validation_error", err.Error())
	}

	user, err := s.authService.ValidateToken(req.Token)
	if err != nil {
		return nil, twirp.NewError(twirp.Unauthenticated, "invalid token")
	}

	// Generate API key for the application
	apiKey, err := auth.GenerateAPIKey()
	if err != nil {
		return nil, twirp.InternalErrorWith(err)
	}
	keyHash := auth.HashAPIKey(apiKey)

	// Create the application
	app, err := s.db.CreateApplication(user.ID, req.Name, req.Description, keyHash)
	if err != nil {
		return nil, twirp.InternalErrorWith(err)
	}

	return &pb.CreateApplicationResponse{
		Application: formatApplicationResponse(app),
		Key:         apiKey,
	}, nil
}

func (s *TwirpServer) ListApplications(ctx context.Context, req *pb.ListApplicationsRequest) (*pb.ListApplicationsResponse, error) {
	user, err := s.authService.ValidateToken(req.Token)
	if err != nil {
		return nil, twirp.NewError(twirp.Unauthenticated, "invalid token")
	}

	apps, err := s.db.ListApplications(user.ID)
	if err != nil {
		return nil, twirp.InternalErrorWith(err)
	}

	var pbApps []*pb.Application
	for _, app := range apps {
		pbApps = append(pbApps, formatApplicationResponse(&app))
	}

	return &pb.ListApplicationsResponse{
		Applications: pbApps,
	}, nil
}

func (s *TwirpServer) GetApplication(ctx context.Context, req *pb.GetApplicationRequest) (*pb.GetApplicationResponse, error) {
	user, err := s.authService.ValidateToken(req.Token)
	if err != nil {
		return nil, twirp.NewError(twirp.Unauthenticated, "invalid token")
	}

	appID, err := gocql.ParseUUID(req.ApplicationId)
	if err != nil {
		return nil, twirp.InvalidArgumentError("application_id", "invalid UUID format")
	}

	app, err := s.db.GetApplication(appID)
	if err != nil {
		return nil, twirp.NotFoundError("application not found")
	}

	if app.UserID != user.ID {
		return nil, twirp.NewError(twirp.PermissionDenied, "not authorized to access this application")
	}

	return &pb.GetApplicationResponse{
		Application: formatApplicationResponse(app),
	}, nil
}

func (s *TwirpServer) UpdateApplication(ctx context.Context, req *pb.UpdateApplicationRequest) (*pb.UpdateApplicationResponse, error) {
	if err := validateUpdateApplicationRequest(req); err != nil {
		return nil, twirp.InvalidArgumentError("validation_error", err.Error())
	}

	user, err := s.authService.ValidateToken(req.Token)
	if err != nil {
		return nil, twirp.NewError(twirp.Unauthenticated, "invalid token")
	}

	appID, err := gocql.ParseUUID(req.ApplicationId)
	if err != nil {
		return nil, twirp.InvalidArgumentError("application_id", "invalid UUID format")
	}

	// Verify ownership
	currentApp, err := s.db.GetApplication(appID)
	if err != nil {
		return nil, twirp.NotFoundError("application not found")
	}

	if currentApp.UserID != user.ID {
		return nil, twirp.NewError(twirp.PermissionDenied, "not authorized to modify this application")
	}

	// Update the application
	updatedApp, err := s.db.UpdateApplication(appID, req.Name, req.Description)
	if err != nil {
		return nil, twirp.InternalErrorWith(err)
	}

	return &pb.UpdateApplicationResponse{
		Application: formatApplicationResponse(updatedApp),
	}, nil
}

func (s *TwirpServer) DeleteApplication(ctx context.Context, req *pb.DeleteApplicationRequest) (*pb.DeleteApplicationResponse, error) {
	user, err := s.authService.ValidateToken(req.Token)
	if err != nil {
		return nil, twirp.NewError(twirp.Unauthenticated, "invalid token")
	}

	appID, err := gocql.ParseUUID(req.ApplicationId)
	if err != nil {
		return nil, twirp.InvalidArgumentError("application_id", "invalid UUID format")
	}

	// Verify ownership
	app, err := s.db.GetApplication(appID)
	if err != nil {
		return nil, twirp.NotFoundError("application not found")
	}

	if app.UserID != user.ID {
		return nil, twirp.NewError(twirp.PermissionDenied, "not authorized to delete this application")
	}

	// Delete the application
	if err := s.db.DeleteApplication(appID); err != nil {
		return nil, twirp.InternalErrorWith(err)
	}

	return &pb.DeleteApplicationResponse{}, nil
}

func (s *TwirpServer) RegenerateKey(ctx context.Context, req *pb.RegenerateKeyRequest) (*pb.RegenerateKeyResponse, error) {
	user, err := s.authService.ValidateToken(req.Token)
	if err != nil {
		return nil, twirp.NewError(twirp.Unauthenticated, "invalid token")
	}

	appID, err := gocql.ParseUUID(req.ApplicationId)
	if err != nil {
		return nil, twirp.InvalidArgumentError("application_id", "invalid UUID format")
	}

	// Verify ownership
	app, err := s.db.GetApplication(appID)
	if err != nil {
		return nil, twirp.NotFoundError("application not found")
	}

	if app.UserID != user.ID {
		return nil, twirp.NewError(twirp.PermissionDenied, "not authorized to modify this application")
	}

	// Generate new API key
	newKey, err := auth.GenerateAPIKey()
	if err != nil {
		return nil, twirp.InternalErrorWith(err)
	}
	keyHash := auth.HashAPIKey(newKey)

	// Update the application with new key hash
	if err := s.db.RegenerateApplicationKey(appID, keyHash); err != nil {
		return nil, twirp.InternalErrorWith(err)
	}

	return &pb.RegenerateKeyResponse{
		Key: newKey,
	}, nil
}