From b797067f5beba294402a9d6bc01b18158473b129 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Mon, 29 Jul 2024 17:07:00 +0530 Subject: [PATCH] fix get user v1 api --- controllers/middleware.go | 7 +++++++ controllers/user.go | 14 ++++++++------ logic/security.go | 4 ++++ models/user_mgmt.go | 2 +- 4 files changed, 20 insertions(+), 7 deletions(-) diff --git a/controllers/middleware.go b/controllers/middleware.go index 8576d9cc..a7e6902c 100644 --- a/controllers/middleware.go +++ b/controllers/middleware.go @@ -2,6 +2,7 @@ package controller import ( "net/http" + "net/url" "strings" "github.com/gorilla/mux" @@ -76,7 +77,13 @@ func userMiddleWare(handler http.Handler) http.Handler { if userID, ok := params["username"]; ok { r.Header.Set("TARGET_RSRC_ID", userID) + } else { + username, _ := url.QueryUnescape(r.URL.Query().Get("username")) + if username != "" { + r.Header.Set("TARGET_RSRC_ID", username) + } } + if r.Header.Get("NET_ID") == "" && (r.Header.Get("TARGET_RSRC_ID") == "" || r.Header.Get("TARGET_RSRC") == models.EnrollmentKeysRsrc.String() || r.Header.Get("TARGET_RSRC") == models.UserRsrc.String()) { diff --git a/controllers/user.go b/controllers/user.go index 266608ef..7552fdf9 100644 --- a/controllers/user.go +++ b/controllers/user.go @@ -34,7 +34,7 @@ func userHandlers(r *mux.Router) { r.HandleFunc("/api/users/{username}", logic.SecurityCheck(true, checkFreeTierLimits(limitChoiceUsers, http.HandlerFunc(createUser)))).Methods(http.MethodPost) r.HandleFunc("/api/users/{username}", logic.SecurityCheck(true, http.HandlerFunc(deleteUser))).Methods(http.MethodDelete) r.HandleFunc("/api/users/{username}", logic.SecurityCheck(false, logic.ContinueIfUserMatch(http.HandlerFunc(getUser)))).Methods(http.MethodGet) - //r.HandleFunc("/api/v1/users/{username}", logic.SecurityCheck(false, logic.ContinueIfUserMatch(http.HandlerFunc(getUserV1)))).Methods(http.MethodGet) + r.HandleFunc("/api/v1/users", logic.SecurityCheck(false, logic.ContinueIfUserMatch(http.HandlerFunc(getUserV1)))).Methods(http.MethodGet) r.HandleFunc("/api/users", logic.SecurityCheck(true, http.HandlerFunc(getUsers))).Methods(http.MethodGet) r.HandleFunc("/api/users_pending", logic.SecurityCheck(true, http.HandlerFunc(getPendingUsers))).Methods(http.MethodGet) r.HandleFunc("/api/users_pending", logic.SecurityCheck(true, http.HandlerFunc(deleteAllPendingUsers))).Methods(http.MethodDelete) @@ -537,7 +537,7 @@ func getUser(w http.ResponseWriter, r *http.Request) { json.NewEncoder(w).Encode(user) } -// swagger:route GET /api/v1/users/{username} user getUser +// swagger:route GET /api/v1/users user getUserV1 // // Get an individual user with role info. // @@ -547,13 +547,15 @@ func getUser(w http.ResponseWriter, r *http.Request) { // oauth // // Responses: -// 200: userBodyResponse +// 200: ReturnUserWithRolesAndGroups func getUserV1(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") - - var params = mux.Vars(r) - usernameFetched := params["username"] + usernameFetched, _ := url.QueryUnescape(r.URL.Query().Get("username")) + if usernameFetched == "" { + logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("username is required"), "badrequest")) + return + } user, err := logic.GetReturnUser(usernameFetched) if err != nil { logger.Log(0, usernameFetched, "failed to fetch user: ", err.Error()) diff --git a/logic/security.go b/logic/security.go index 9600f298..b10dcc86 100644 --- a/logic/security.go +++ b/logic/security.go @@ -4,6 +4,7 @@ import ( "errors" "fmt" "net/http" + "net/url" "strings" "github.com/gorilla/mux" @@ -281,6 +282,9 @@ func ContinueIfUserMatch(next http.Handler) http.HandlerFunc { } var params = mux.Vars(r) var requestedUser = params["username"] + if requestedUser == "" { + requestedUser, _ = url.QueryUnescape(r.URL.Query().Get("username")) + } if requestedUser != r.Header.Get("user") { logger.Log(0, "next 2", r.URL.String(), errorResponse.Message) ReturnErrorResponse(w, r, errorResponse) diff --git a/models/user_mgmt.go b/models/user_mgmt.go index 0c3f391e..4c106532 100644 --- a/models/user_mgmt.go +++ b/models/user_mgmt.go @@ -136,7 +136,7 @@ type User struct { type ReturnUserWithRolesAndGroups struct { ReturnUser - PlatformRole UserRolePermissionTemplate + PlatformRole UserRolePermissionTemplate `json:"platform_role"` } // ReturnUser - return user struct