diff --git a/auth/auth.go b/auth/auth.go index 669c8c5..b50a98a 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -21,7 +21,7 @@ var secret []byte var method string type Connection struct { - databaseConnection *mongo.Client + DatabaseConnection *mongo.Client } type TokenInfo struct { @@ -113,7 +113,7 @@ func (con Connection) signUp(c *gin.Context) { var token InviteToken - err = con.databaseConnection.Database("Backend").Collection("Tokens").FindOne( + err = con.DatabaseConnection.Database("Backend").Collection("Tokens").FindOne( context.TODO(), bson.D{{}}, options.FindOne(), @@ -134,7 +134,7 @@ func (con Connection) signUp(c *gin.Context) { return } - _, err = con.databaseConnection.Database("Backend").Collection("Users").InsertOne(context.TODO(), &models.User{ + _, err = con.DatabaseConnection.Database("Backend").Collection("Users").InsertOne(context.TODO(), &models.User{ Username: request.Username, HashedPass: hashedPass, Permissions: token.Permissions, @@ -165,7 +165,7 @@ func (con Connection) signIn(c *gin.Context) { return } var userItem models.User - err = con.databaseConnection.Database("Backend").Collection("Users").FindOne(context.TODO(), bson.D{{Key: "Username", Value: request.Username}}).Decode(&userItem) + err = con.DatabaseConnection.Database("Backend").Collection("Users").FindOne(context.TODO(), bson.D{{Key: "Username", Value: request.Username}}).Decode(&userItem) if err != nil { c.AbortWithError(403, err) return @@ -239,7 +239,7 @@ func (con Connection) ServerAuthorized(permissions models.Permission) func(*gin. var serverData models.ServerData - con.databaseConnection.Database("Backend").Collection("Servers").FindOne(context.TODO(), bson.D{{Key: "Id", Value: server_id}}).Decode(&serverData) + con.DatabaseConnection.Database("Backend").Collection("Servers").FindOne(context.TODO(), bson.D{{Key: "Id", Value: server_id}}).Decode(&serverData) if serverData.OwnerId == claims.(*AuthClaims).Username { return true @@ -256,7 +256,7 @@ func (con Connection) ServerAuthorized(permissions models.Permission) func(*gin. } func LoadGroup(group *gin.RouterGroup, client *mongo.Client, config models.GlobalConfig) { - connection := Connection{databaseConnection: client} + connection := Connection{DatabaseConnection: client} secret = []byte(config.Key) method = config.Algorithm diff --git a/servers/browsers.go b/servers/browsers.go index 4b997b7..9862f63 100644 --- a/servers/browsers.go +++ b/servers/browsers.go @@ -146,6 +146,7 @@ func LoadBrowsersGroup(group *gin.RouterGroup, mongo_client *mongo.Client, confi defer apiClient.Close() connection := Connection{databaseConnection: mongo_client, dockerClient: apiClient} + authConnection := auth.Connection{DatabaseConnection: mongo_client} group.GET("/", auth.AuthorizedTo(0), connection.GetBrowsers) - group.POST("/:server_id/stop", auth.AuthorizedTo(models.Browse, connection.serverAuthorized(models.Browse)), connection.StopBrowser) + group.POST("/:server_id/stop", auth.AuthorizedTo(models.Browse, authConnection.ServerAuthorized(models.Browse)), connection.StopBrowser) } diff --git a/servers/servers.go b/servers/servers.go index 5e88f14..2e08a90 100644 --- a/servers/servers.go +++ b/servers/servers.go @@ -798,16 +798,17 @@ func LoadGroup(group *gin.RouterGroup, mongo_client *mongo.Client, config models defer apiClient.Close() connection := Connection{databaseConnection: mongo_client, dockerClient: apiClient} - authConnection := auth.Connection{databaseConnection: mongo_client, dockerClient: apiClient} - group.POST("/:server_id/start", auth.AuthorizedTo(models.Start, authConnection.serverAuthorized(models.Start)), connection.StartServer) + authConnection := auth.Connection{DatabaseConnection: mongo_client} + + group.POST("/:server_id/start", auth.AuthorizedTo(models.Start, authConnection.ServerAuthorized(models.Start)), connection.StartServer) group.POST("/", auth.AuthorizedTo(models.Create), connection.CreateServer) group.GET("/", auth.AuthorizedTo(0), connection.GetServers) - group.POST("/:server_id/stop", auth.AuthorizedTo(models.Stop, authConnection.serverAuthorized(models.Stop)), connection.StopServer) - group.DELETE("/:server_id", auth.AuthorizedTo(models.Delete, authConnection.serverAuthorized(models.Delete)), connection.DeleteServer) - group.POST("/:server_id/run_command", auth.AuthorizedTo(models.RunCommand, authConnection.serverAuthorized(models.RunCommand)), connection.RunCommand) - group.GET("/:server_id/attach", auth.AuthorizedTo(models.RunCommand, authConnection.serverAuthorized(models.RunCommand)), connection.AttachServer) - group.PATCH("/:server_id", auth.AuthorizedTo(models.Admin, authConnection.serverAuthorized(models.Admin)), connection.UpdateServer) - group.POST("/:server_id/browse", auth.AuthorizedTo(models.Browse, authConnection.serverAuthorized(models.Admin)), connection.BrowseServer) - group.GET("/:server_id/permissions", auth.AuthorizedTo(models.Browse, authConnection.serverAuthorized(models.Admin)), connection.GetServerUserPermissions) - group.POST("/:server_id/permissions", auth.AuthorizedTo(models.Browse, authConnection.serverAuthorized(models.Admin)), connection.SetServerUserPermissions) + group.POST("/:server_id/stop", auth.AuthorizedTo(models.Stop, authConnection.ServerAuthorized(models.Stop)), connection.StopServer) + group.DELETE("/:server_id", auth.AuthorizedTo(models.Delete, authConnection.ServerAuthorized(models.Delete)), connection.DeleteServer) + group.POST("/:server_id/run_command", auth.AuthorizedTo(models.RunCommand, authConnection.ServerAuthorized(models.RunCommand)), connection.RunCommand) + group.GET("/:server_id/attach", auth.AuthorizedTo(models.RunCommand, authConnection.ServerAuthorized(models.RunCommand)), connection.AttachServer) + group.PATCH("/:server_id", auth.AuthorizedTo(models.Admin, authConnection.ServerAuthorized(models.Admin)), connection.UpdateServer) + group.POST("/:server_id/browse", auth.AuthorizedTo(models.Browse, authConnection.ServerAuthorized(models.Admin)), connection.BrowseServer) + group.GET("/:server_id/permissions", auth.AuthorizedTo(models.Browse, authConnection.ServerAuthorized(models.Admin)), connection.GetServerUserPermissions) + group.POST("/:server_id/permissions", auth.AuthorizedTo(models.Browse, authConnection.ServerAuthorized(models.Admin)), connection.SetServerUserPermissions) }