Skip to content

Commit

Permalink
better delete and enhanced status
Browse files Browse the repository at this point in the history
  • Loading branch information
kayra1 committed Jul 26, 2024
1 parent c755064 commit ae3ee8c
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 11 deletions.
36 changes: 31 additions & 5 deletions internal/api/handlers.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ func NewGoCertRouter(env *Environment) http.Handler {

router := http.NewServeMux()
router.HandleFunc("POST /login", Login(env))
router.HandleFunc("/status", HealthCheck)
router.HandleFunc("/status", HealthCheck(env))
router.Handle("/metrics", m.Handler)
router.Handle("/api/v1/", http.StripPrefix("/api/v1", apiV1Router))
router.Handle("/", frontendHandler)
Expand Down Expand Up @@ -86,9 +86,25 @@ func newFrontendFileServer() http.Handler {
})
}

// the health check endpoint simply returns a http.StatusOK
func HealthCheck(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK) //nolint:errcheck
// the health check endpoint returns a http.StatusOK alongside info about the server
// initialized means the first user has been created
func HealthCheck(env *Environment) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
users, err := env.DB.RetrieveAllUsers()
if err != nil {
logErrorAndWriteResponse("couldn't generate status", http.StatusInternalServerError, w)
return
}
response, err := json.Marshal(map[string]any{
"initialized": len(users) > 0,
})
if err != nil {
logErrorAndWriteResponse("couldn't generate status", http.StatusInternalServerError, w)
return
}
w.Write(response) //nolint:errcheck
w.WriteHeader(http.StatusOK) //nolint:errcheck
}
}

// GetCertificateRequests returns all of the Certificate Requests
Expand Down Expand Up @@ -379,7 +395,6 @@ func PostUserAccount(env *Environment) http.HandlerFunc {
logErrorAndWriteResponse(err.Error(), http.StatusInternalServerError, w)
return
}

w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusCreated)
response, err := json.Marshal(map[string]any{"id": id})
Expand All @@ -400,6 +415,17 @@ func PostUserAccount(env *Environment) http.HandlerFunc {
func DeleteUserAccount(env *Environment) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
id := r.PathValue("id")
user, err := env.DB.RetrieveUser(id)
if err != nil {
if !errors.Is(err, certdb.ErrIdNotFound) {
logErrorAndWriteResponse(err.Error(), http.StatusInternalServerError, w)
return
}
}
if user.Permissions == 1 {
logErrorAndWriteResponse("deleting an Admin account is not allowed.", http.StatusBadRequest, w)
return
}
insertId, err := env.DB.DeleteUser(id)
if err != nil {
if errors.Is(err, certdb.ErrIdNotFound) {
Expand Down
4 changes: 2 additions & 2 deletions internal/api/handlers_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -761,8 +761,8 @@ func TestAuthorization(t *testing.T) {
path: "/api/v1/accounts/1",
data: "",
auth: adminToken,
response: "error: can't delete admin account",
status: http.StatusConflict,
response: "error: deleting an Admin account is not allowed.",
status: http.StatusBadRequest,
},
{
desc: "admin can delete nonuser",
Expand Down
4 changes: 0 additions & 4 deletions internal/api/middleware.go
Original file line number Diff line number Diff line change
Expand Up @@ -128,10 +128,6 @@ func authMiddleware(ctx *middlewareContext) middleware {
return
}
}
if r.Method == "DELETE" && strings.HasSuffix(r.URL.Path, "accounts/1") {
logErrorAndWriteResponse("can't delete admin account", http.StatusConflict, w)
return
}
next.ServeHTTP(w, r)
})
}
Expand Down

0 comments on commit ae3ee8c

Please sign in to comment.