Junie: TOTP flow update and db migrations.
This commit is contained in:
@@ -2,6 +2,7 @@ package main
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
@@ -51,6 +52,7 @@ var revokePermissionCmd = &cobra.Command{
|
||||
},
|
||||
}
|
||||
|
||||
// nolint:gochecknoinits // This is a standard pattern in Cobra applications
|
||||
func init() {
|
||||
rootCmd.AddCommand(permissionCmd)
|
||||
permissionCmd.AddCommand(listPermissionsCmd)
|
||||
@@ -104,14 +106,14 @@ func listPermissions() {
|
||||
fmt.Println(strings.Repeat("-", 90))
|
||||
for rows.Next() {
|
||||
var id, resource, action, description string
|
||||
if err := rows.Scan(&id, &resource, &action, &description); err != nil {
|
||||
logger.Fatalf("Failed to scan permission row: %v", err)
|
||||
if scanErr := rows.Scan(&id, &resource, &action, &description); scanErr != nil {
|
||||
logger.Fatalf("Failed to scan permission row: %v", scanErr)
|
||||
}
|
||||
fmt.Printf("%-24s %-20s %-15s %-30s\n", id, resource, action, description)
|
||||
}
|
||||
|
||||
if err := rows.Err(); err != nil {
|
||||
logger.Fatalf("Error iterating permission rows: %v", err)
|
||||
if rowErr := rows.Err(); rowErr != nil {
|
||||
logger.Fatalf("Error iterating permission rows: %v", rowErr)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -129,7 +131,7 @@ func grantPermission() {
|
||||
var roleID string
|
||||
err = db.QueryRow("SELECT id FROM roles WHERE role = ?", permissionRole).Scan(&roleID)
|
||||
if err != nil {
|
||||
if err == sql.ErrNoRows {
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
logger.Fatalf("Role %s not found", permissionRole)
|
||||
}
|
||||
logger.Fatalf("Failed to get role ID: %v", err)
|
||||
@@ -137,11 +139,11 @@ func grantPermission() {
|
||||
|
||||
// Get permission ID
|
||||
var permissionID string
|
||||
err = db.QueryRow("SELECT id FROM permissions WHERE resource = ? AND action = ?",
|
||||
err = db.QueryRow("SELECT id FROM permissions WHERE resource = ? AND action = ?",
|
||||
permissionResource, permissionAction).Scan(&permissionID)
|
||||
if err != nil {
|
||||
if err == sql.ErrNoRows {
|
||||
logger.Fatalf("Permission with resource '%s' and action '%s' not found",
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
logger.Fatalf("Permission with resource '%s' and action '%s' not found",
|
||||
permissionResource, permissionAction)
|
||||
}
|
||||
logger.Fatalf("Failed to get permission ID: %v", err)
|
||||
@@ -149,13 +151,13 @@ func grantPermission() {
|
||||
|
||||
// Check if role already has this permission
|
||||
var count int
|
||||
err = db.QueryRow("SELECT COUNT(*) FROM role_permissions WHERE rid = ? AND pid = ?",
|
||||
err = db.QueryRow("SELECT COUNT(*) FROM role_permissions WHERE rid = ? AND pid = ?",
|
||||
roleID, permissionID).Scan(&count)
|
||||
if err != nil {
|
||||
logger.Fatalf("Failed to check if role has permission: %v", err)
|
||||
}
|
||||
if count > 0 {
|
||||
logger.Fatalf("Role %s already has permission %s:%s",
|
||||
logger.Fatalf("Role %s already has permission %s:%s",
|
||||
permissionRole, permissionResource, permissionAction)
|
||||
}
|
||||
|
||||
@@ -163,13 +165,13 @@ func grantPermission() {
|
||||
id := ulid.Make().String()
|
||||
|
||||
// Grant permission to role
|
||||
_, err = db.Exec("INSERT INTO role_permissions (id, rid, pid) VALUES (?, ?, ?)",
|
||||
_, err = db.Exec("INSERT INTO role_permissions (id, rid, pid) VALUES (?, ?, ?)",
|
||||
id, roleID, permissionID)
|
||||
if err != nil {
|
||||
logger.Fatalf("Failed to grant permission: %v", err)
|
||||
}
|
||||
|
||||
fmt.Printf("Permission %s:%s granted to role %s successfully\n",
|
||||
fmt.Printf("Permission %s:%s granted to role %s successfully\n",
|
||||
permissionResource, permissionAction, permissionRole)
|
||||
}
|
||||
|
||||
@@ -187,7 +189,7 @@ func revokePermission() {
|
||||
var roleID string
|
||||
err = db.QueryRow("SELECT id FROM roles WHERE role = ?", permissionRole).Scan(&roleID)
|
||||
if err != nil {
|
||||
if err == sql.ErrNoRows {
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
logger.Fatalf("Role %s not found", permissionRole)
|
||||
}
|
||||
logger.Fatalf("Failed to get role ID: %v", err)
|
||||
@@ -195,11 +197,11 @@ func revokePermission() {
|
||||
|
||||
// Get permission ID
|
||||
var permissionID string
|
||||
err = db.QueryRow("SELECT id FROM permissions WHERE resource = ? AND action = ?",
|
||||
err = db.QueryRow("SELECT id FROM permissions WHERE resource = ? AND action = ?",
|
||||
permissionResource, permissionAction).Scan(&permissionID)
|
||||
if err != nil {
|
||||
if err == sql.ErrNoRows {
|
||||
logger.Fatalf("Permission with resource '%s' and action '%s' not found",
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
logger.Fatalf("Permission with resource '%s' and action '%s' not found",
|
||||
permissionResource, permissionAction)
|
||||
}
|
||||
logger.Fatalf("Failed to get permission ID: %v", err)
|
||||
@@ -207,13 +209,13 @@ func revokePermission() {
|
||||
|
||||
// Check if role has this permission
|
||||
var count int
|
||||
err = db.QueryRow("SELECT COUNT(*) FROM role_permissions WHERE rid = ? AND pid = ?",
|
||||
err = db.QueryRow("SELECT COUNT(*) FROM role_permissions WHERE rid = ? AND pid = ?",
|
||||
roleID, permissionID).Scan(&count)
|
||||
if err != nil {
|
||||
logger.Fatalf("Failed to check if role has permission: %v", err)
|
||||
}
|
||||
if count == 0 {
|
||||
logger.Fatalf("Role %s does not have permission %s:%s",
|
||||
logger.Fatalf("Role %s does not have permission %s:%s",
|
||||
permissionRole, permissionResource, permissionAction)
|
||||
}
|
||||
|
||||
@@ -223,6 +225,6 @@ func revokePermission() {
|
||||
logger.Fatalf("Failed to revoke permission: %v", err)
|
||||
}
|
||||
|
||||
fmt.Printf("Permission %s:%s revoked from role %s successfully\n",
|
||||
fmt.Printf("Permission %s:%s revoked from role %s successfully\n",
|
||||
permissionResource, permissionAction, permissionRole)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user