1806832573

Committed 08 May 2025 07:30AM UTC coverage: 59.747% (-27.3%) from 87.019%

Build # 1806832573

Build Type

Pull #439

gitlab-ci

Committed by

alfrunes

Commit Message

chore(docker): Clean up build command for acceptance test image

Signed-off-by: Alf-Rune Siqveland <alf.rune@northern.tech>

Pull Request Pull Request #439: :building_construction: Upgrade dependencies

Run Details

2363 of 3955 relevant lines covered (59.75%)

12.76 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

73.97

/model/user.go

// Copyright 2022 Northern.tech AS
//
//    Licensed under the Apache License, Version 2.0 (the "License");
//    you may not use this file except in compliance with the License.
//    You may obtain a copy of the License at
//
//        http://www.apache.org/licenses/LICENSE-2.0
//
//    Unless required by applicable law or agreed to in writing, software
//    distributed under the License is distributed on an "AS IS" BASIS,
//    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//    See the License for the specific language governing permissions and
//    limitations under the License.

package model

import (
        "encoding/binary"
        "encoding/hex"
        "encoding/json"
        "net/url"
        "strconv"
        "strings"
        "time"

        validation "github.com/go-ozzo/ozzo-validation/v4"
        "github.com/go-ozzo/ozzo-validation/v4/is"
        "github.com/pkg/errors"

        "github.com/mendersoftware/useradm/jwt"
)

const (
        MinPasswordLength = 8
)

var (
        ErrPasswordTooShort = errors.Errorf(
                "password: must be minimum %d characters long",
                MinPasswordLength,
        )
        ErrEmptyUpdate = errors.New("no update information provided")
)

type Email string

func (email *Email) UnmarshalJSON(b []byte) error {
        var raw string
        if err := json.Unmarshal(b, &raw); err != nil {
                return err
        }
        *email = Email(strings.ToLower(raw))
        return nil
}

func (email Email) Validate() error {
        return validation.Validate(string(email),
                lessThan4096,
                is.ASCII, is.EmailFormat,
        )
}

type ETag [12]byte

var (
        ETagNil ETag
)

func (t *ETag) Increment() {
        c := binary.BigEndian.Uint32((*t)[8:])
        c += 1
        binary.BigEndian.PutUint32((*t)[8:], c)
        if *t == ETagNil {
                t.Increment()
        }
}

func (t *ETag) UnmarshalText(b []byte) error {
        if t == nil {
                return errors.New("nil ETag")
        }
        if len(b) == 0 {
                // Treat an empty string as a special case
                *t = [12]byte{}
                return nil
        }
        if len(b) != 24 {
                return errors.New("invalid ETag length")
        }
        _, err := hex.Decode((*t)[:], b)
        return err
}

func (t ETag) MarshalText() (b []byte, err error) {
        b = make([]byte, 24)
        hex.Encode(b, t[:])
        return b, err
}

func (t ETag) String() string {
        b, _ := t.MarshalText()
        return string(b)
}

type User struct {
        // system-generated user ID
        ID string `json:"id" bson:"_id"`

        // ETag is the entity tag that together with ID uniquely identifies
        // the User document.
        // NOTE: The v1 API does not support ETags, so this is only used
        // internally for checking pre-conditions before performing updates.
        ETag *ETag `json:"-" bson:"etag,omitempty"`

        // user email address
        Email Email `json:"email" bson:"email"`

        // user password
        Password string `json:"password,omitempty" bson:"password"`

        // timestamp of the user creation
        CreatedTs *time.Time `json:"created_ts,omitempty" bson:"created_ts,omitempty"`

        // timestamp of the last user information update
        UpdatedTs *time.Time `json:"updated_ts,omitempty" bson:"updated_ts,omitempty"`

        // LoginTs is the timestamp of the last login for this user.
        LoginTs *time.Time `json:"login_ts,omitempty" bson:"login_ts,omitempty"`
}

func (u User) NextETag() (ret ETag) {
        if u.ETag == nil {
                u.ETag = new(ETag)
        }
        if u.CreatedTs != nil {
                // Weak part of the ETag
                lsb := uint64(u.CreatedTs.Unix())
                binary.BigEndian.PutUint64(ret[:8], lsb)
        }
        c := binary.BigEndian.Uint32(u.ETag[8:])
        c += 1
        binary.BigEndian.PutUint32(ret[8:], c)
        if ret == ETagNil {
                ret.Increment()
        }
        return ret
}

func (u User) Validate() error {
        if err := validation.ValidateStruct(&u,
                validation.Field(&u.Email, validation.Required),
                validation.Field(&u.Password, validation.Required, lessThan4096),
        ); err != nil {
                return err
        }
        if len(u.Password) < MinPasswordLength {
                return ErrPasswordTooShort
        }
        return nil
}

type UserInternal struct {
        User
        PasswordHash string `json:"password_hash,omitempty" bson:"-"`
        Propagate    *bool  `json:"propagate,omitempty" bson:"-"`
}

func (u UserInternal) Validate() error {
        if u.Password == "" && u.PasswordHash == "" ||
                u.Password != "" && u.PasswordHash != "" {
                return errors.New("password *or* password_hash must be provided")
        } else if u.PasswordHash != "" {
                if u.ShouldPropagate() {
                        return errors.New(
                                "password_hash is not supported with 'propagate'; use 'password' instead",
                        )
                }
                u.User.Password = u.PasswordHash
                defer func() { u.User.Password = "" }()
        }

        return validation.ValidateStruct(&u,
                validation.Field(&u.User),
        )
}

func (u UserInternal) ShouldPropagate() bool {
        return u.Propagate == nil || *u.Propagate
}

type UserUpdate struct {
        // ETag selects user ETag for the user to update
        // NOTE: This is the only parameter that goes into the query condition if set.
        // NOTE: If set to ETagNil, it will match users without an ETag.
        ETag *ETag `json:"-" bson:"-"`

        // ETagUpdate sets the updated ETag value. If not set, it is incremented from the
        // ETag field if that field is set.
        ETagUpdate *ETag `json:"-" bson:"etag,omitempty"`

        // user email address
        Email Email `json:"email,omitempty" bson:",omitempty" valid:"email"`

        // user password
        Password string `json:"password,omitempty" bson:"password,omitempty"`

        // user password
        CurrentPassword string `json:"current_password,omitempty" bson:"-"`

        // timestamp of the last user information update
        UpdatedTs *time.Time `json:"-" bson:"updated_ts,omitempty"`

        // token used to update the user, optional
        Token *jwt.Token `json:"-" bson:"-"`

        LoginTs *time.Time `json:"-" bson:"login_ts,omitempty"`
}

func (u UserUpdate) Validate() error {
        if u.Email == "" && u.Password == "" {
                return ErrEmptyUpdate
        }

        if err := validation.ValidateStruct(&u,
                validation.Field(&u.Email),
                validation.Field(&u.Password,
                        validation.When(len(u.Password) > 0, lessThan4096),
                ),
        ); err != nil {
                return err
        }

        if len(u.Password) > 0 && len(u.Password) < MinPasswordLength {
                return ErrPasswordTooShort
        }
        return nil
}

type UserFilter struct {
        ID    []string `json:"id,omitempty"`
        Email []Email  `json:"email,omitempty"`

        CreatedAfter  *time.Time `json:"created_after,omitempty"`
        CreatedBefore *time.Time `json:"created_before,omitempty"`

        UpdatedAfter  *time.Time `json:"updated_after,omitempty"`
        UpdatedBefore *time.Time `json:"updated_before,omitempty"`
}

func (fltr *UserFilter) ParseForm(form url.Values) error {
        if ids, ok := form["id"]; ok {
                fltr.ID = ids
        }
        if emails, ok := form["email"]; ok {
                fltr.Email = make([]Email, len(emails))
                for i := range emails {
                        fltr.Email[i] = Email(strings.ToLower(emails[i]))
                }
        }
        if ca := form.Get("created_after"); ca != "" {
                caInt, err := strconv.ParseInt(ca, 10, 64)
                if err != nil {
                        return errors.Wrap(err,
                                `invalid form parameter "created_after"`)
                }
                caUnix := time.Unix(caInt, 0)
                fltr.CreatedAfter = &caUnix
        }

        if cb := form.Get("created_before"); cb != "" {
                cbInt, err := strconv.ParseInt(cb, 10, 64)
                if err != nil {
                        return errors.Wrap(err,
                                `invalid form parameter "created_before"`)
                }
                cbUnix := time.Unix(cbInt, 0)
                fltr.CreatedBefore = &cbUnix
        }

        if ua := form.Get("updated_after"); ua != "" {
                uaInt, err := strconv.ParseInt(ua, 10, 64)
                if err != nil {
                        return errors.Wrap(err,
                                `invalid form parameter "updated_after"`)
                }
                uaUnix := time.Unix(uaInt, 0)
                fltr.UpdatedAfter = &uaUnix
        }

        if ub := form.Get("updated_before"); ub != "" {
                ubInt, err := strconv.ParseInt(ub, 10, 64)
                if err != nil {
                        return errors.Wrap(err,
                                `invalid form parameter "updated_before"`)
                }
                ubUnix := time.Unix(ubInt, 0)
                fltr.UpdatedBefore = &ubUnix
        }
        return nil
}

1	// Copyright 2022 Northern.tech AS
2	//
3	// Licensed under the Apache License, Version 2.0 (the "License");
4	// you may not use this file except in compliance with the License.
5	// You may obtain a copy of the License at
6	//
7	// http://www.apache.org/licenses/LICENSE-2.0
8	//
9	// Unless required by applicable law or agreed to in writing, software
10	// distributed under the License is distributed on an "AS IS" BASIS,
11	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12	// See the License for the specific language governing permissions and
13	// limitations under the License.
14
15	package model
16
17	import (
18	"encoding/binary"
19	"encoding/hex"
20	"encoding/json"
21	"net/url"
22	"strconv"
23	"strings"
24	"time"
25
26	validation "github.com/go-ozzo/ozzo-validation/v4"
27	"github.com/go-ozzo/ozzo-validation/v4/is"
28	"github.com/pkg/errors"
29
30	"github.com/mendersoftware/useradm/jwt"
31	)
32
33	const (
34	MinPasswordLength = 8
35	)
36
37	var (
38	ErrPasswordTooShort = errors.Errorf(
39	"password: must be minimum %d characters long",
40	MinPasswordLength,
41	)
42	ErrEmptyUpdate = errors.New("no update information provided")
43	)
44
45	type Email string
46
47	func (email *Email) UnmarshalJSON(b []byte) error {	2✔
48	var raw string	2✔
49	if err := json.Unmarshal(b, &raw); err != nil {	3✔
50	return err	1✔
51	}	1✔
52	*email = Email(strings.ToLower(raw))	1✔
53	return nil	1✔
54	}
55
56	func (email Email) Validate() error {	7✔
57	return validation.Validate(string(email),	7✔
58	lessThan4096,	7✔
59	is.ASCII, is.EmailFormat,	7✔
60	)	7✔
61	}	7✔
62
63	type ETag [12]byte
64
65	var (
66	ETagNil ETag
67	)
68
69	func (t *ETag) Increment() {	1✔
70	c := binary.BigEndian.Uint32((*t)[8:])	1✔
71	c += 1	1✔
72	binary.BigEndian.PutUint32((*t)[8:], c)	1✔
73	if *t == ETagNil {	1✔
74	t.Increment()	×
75	}	×
76	}
77
78	func (t *ETag) UnmarshalText(b []byte) error {	4✔
79	if t == nil {	5✔
80	return errors.New("nil ETag")	1✔
81	}	1✔
82	if len(b) == 0 {	4✔
83	// Treat an empty string as a special case	1✔
84	*t = [12]byte{}	1✔
85	return nil	1✔
86	}	1✔
87	if len(b) != 24 {	3✔
88	return errors.New("invalid ETag length")	1✔
89	}	1✔
90	_, err := hex.Decode((*t)[:], b)	1✔
91	return err	1✔
92	}
93
94	func (t ETag) MarshalText() (b []byte, err error) {	3✔
95	b = make([]byte, 24)	3✔
96	hex.Encode(b, t[:])	3✔
97	return b, err	3✔
98	}	3✔
99
100	func (t ETag) String() string {	3✔
101	b, _ := t.MarshalText()	3✔
102	return string(b)	3✔
103	}	3✔
104
105	type User struct {
106	// system-generated user ID
107	ID string `json:"id" bson:"_id"`
108
109	// ETag is the entity tag that together with ID uniquely identifies
110	// the User document.
111	// NOTE: The v1 API does not support ETags, so this is only used
112	// internally for checking pre-conditions before performing updates.
113	ETag *ETag `json:"-" bson:"etag,omitempty"`
114
115	// user email address
116	Email Email `json:"email" bson:"email"`
117
118	// user password
119	Password string `json:"password,omitempty" bson:"password"`
120
121	// timestamp of the user creation
122	CreatedTs *time.Time `json:"created_ts,omitempty" bson:"created_ts,omitempty"`
123
124	// timestamp of the last user information update
125	UpdatedTs *time.Time `json:"updated_ts,omitempty" bson:"updated_ts,omitempty"`
126
127	// LoginTs is the timestamp of the last login for this user.
128	LoginTs *time.Time `json:"login_ts,omitempty" bson:"login_ts,omitempty"`
129	}
130
131	func (u User) NextETag() (ret ETag) {	1✔
132	if u.ETag == nil {	2✔
133	u.ETag = new(ETag)	1✔
134	}	1✔
135	if u.CreatedTs != nil {	2✔
136	// Weak part of the ETag	1✔
137	lsb := uint64(u.CreatedTs.Unix())	1✔
138	binary.BigEndian.PutUint64(ret[:8], lsb)	1✔
139	}	1✔
140	c := binary.BigEndian.Uint32(u.ETag[8:])	1✔
141	c += 1	1✔
142	binary.BigEndian.PutUint32(ret[8:], c)	1✔
143	if ret == ETagNil {	1✔
144	ret.Increment()	×
145	}	×
146	return ret	1✔
147	}
148
149	func (u User) Validate() error {	6✔
150	if err := validation.ValidateStruct(&u,	6✔
151	validation.Field(&u.Email, validation.Required),	6✔
152	validation.Field(&u.Password, validation.Required, lessThan4096),	6✔
153	); err != nil {	9✔
154	return err	3✔
155	}	3✔
156	if len(u.Password) < MinPasswordLength {	4✔
157	return ErrPasswordTooShort	1✔
158	}	1✔
159	return nil	2✔
160	}
161
162	type UserInternal struct {
163	User
164	PasswordHash string `json:"password_hash,omitempty" bson:"-"`
165	Propagate *bool `json:"propagate,omitempty" bson:"-"`
166	}
167
168	func (u UserInternal) Validate() error {	×
169	if u.Password == "" && u.PasswordHash == "" \|\|	×
170	u.Password != "" && u.PasswordHash != "" {	×
171	return errors.New("password or password_hash must be provided")	×
172	} else if u.PasswordHash != "" {	×
173	if u.ShouldPropagate() {	×
174	return errors.New(	×
175	"password_hash is not supported with 'propagate'; use 'password' instead",	×
176	)	×
177	}	×
178	u.User.Password = u.PasswordHash	×
179	defer func() { u.User.Password = "" }()	×
180	}
181
182	return validation.ValidateStruct(&u,	×
183	validation.Field(&u.User),	×
184	)	×
185	}
186
187	func (u UserInternal) ShouldPropagate() bool {	×
188	return u.Propagate == nil \|\| *u.Propagate	×
189	}	×
190
191	type UserUpdate struct {
192	// ETag selects user ETag for the user to update
193	// NOTE: This is the only parameter that goes into the query condition if set.
194	// NOTE: If set to ETagNil, it will match users without an ETag.
195	ETag *ETag `json:"-" bson:"-"`
196
197	// ETagUpdate sets the updated ETag value. If not set, it is incremented from the
198	// ETag field if that field is set.
199	ETagUpdate *ETag `json:"-" bson:"etag,omitempty"`
200
201	// user email address
202	Email Email `json:"email,omitempty" bson:",omitempty" valid:"email"`
203
204	// user password
205	Password string `json:"password,omitempty" bson:"password,omitempty"`
206
207	// user password
208	CurrentPassword string `json:"current_password,omitempty" bson:"-"`
209
210	// timestamp of the last user information update
211	UpdatedTs *time.Time `json:"-" bson:"updated_ts,omitempty"`
212
213	// token used to update the user, optional
214	Token *jwt.Token `json:"-" bson:"-"`
215
216	LoginTs *time.Time `json:"-" bson:"login_ts,omitempty"`
217	}
218
219	func (u UserUpdate) Validate() error {	×
220	if u.Email == "" && u.Password == "" {	×
221	return ErrEmptyUpdate	×
222	}	×
223
224	if err := validation.ValidateStruct(&u,	×
225	validation.Field(&u.Email),	×
226	validation.Field(&u.Password,	×
227	validation.When(len(u.Password) > 0, lessThan4096),	×
228	),	×
229	); err != nil {	×
230	return err	×
231	}	×
232
233	if len(u.Password) > 0 && len(u.Password) < MinPasswordLength {	×
234	return ErrPasswordTooShort	×
235	}	×
236	return nil	×
237	}
238
239	type UserFilter struct {
240	ID []string `json:"id,omitempty"`
241	Email []Email `json:"email,omitempty"`
242
243	CreatedAfter *time.Time `json:"created_after,omitempty"`
244	CreatedBefore *time.Time `json:"created_before,omitempty"`
245
246	UpdatedAfter *time.Time `json:"updated_after,omitempty"`
247	UpdatedBefore *time.Time `json:"updated_before,omitempty"`
248	}
249
250	func (fltr *UserFilter) ParseForm(form url.Values) error {	5✔
251	if ids, ok := form["id"]; ok {	6✔
252	fltr.ID = ids	1✔
253	}	1✔
254	if emails, ok := form["email"]; ok {	6✔
255	fltr.Email = make([]Email, len(emails))	1✔
256	for i := range emails {	4✔
257	fltr.Email[i] = Email(strings.ToLower(emails[i]))	3✔
258	}	3✔
259	}
260	if ca := form.Get("created_after"); ca != "" {	7✔
261	caInt, err := strconv.ParseInt(ca, 10, 64)	2✔
262	if err != nil {	3✔
263	return errors.Wrap(err,	1✔
264	`invalid form parameter "created_after"`)	1✔
265	}	1✔
266	caUnix := time.Unix(caInt, 0)	1✔
267	fltr.CreatedAfter = &caUnix	1✔
268	}
269
270	if cb := form.Get("created_before"); cb != "" {	6✔
271	cbInt, err := strconv.ParseInt(cb, 10, 64)	2✔
272	if err != nil {	3✔
273	return errors.Wrap(err,	1✔
274	`invalid form parameter "created_before"`)	1✔
275	}	1✔
276	cbUnix := time.Unix(cbInt, 0)	1✔
277	fltr.CreatedBefore = &cbUnix	1✔
278	}
279
280	if ua := form.Get("updated_after"); ua != "" {	5✔
281	uaInt, err := strconv.ParseInt(ua, 10, 64)	2✔
282	if err != nil {	3✔
283	return errors.Wrap(err,	1✔
284	`invalid form parameter "updated_after"`)	1✔
285	}	1✔
286	uaUnix := time.Unix(uaInt, 0)	1✔
287	fltr.UpdatedAfter = &uaUnix	1✔
288	}
289
290	if ub := form.Get("updated_before"); ub != "" {	4✔
291	ubInt, err := strconv.ParseInt(ub, 10, 64)	2✔
292	if err != nil {	3✔
293	return errors.Wrap(err,	1✔
294	`invalid form parameter "updated_before"`)	1✔
295	}	1✔
296	ubUnix := time.Unix(ubInt, 0)	1✔
297	fltr.UpdatedBefore = &ubUnix	1✔
298	}
299	return nil	1✔
300	}

mendersoftware / useradm / 1806832573

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous