2016-11-09 17:19:07 +00:00
|
|
|
package service
|
|
|
|
|
|
|
|
import (
|
2017-03-15 15:55:30 +00:00
|
|
|
"context"
|
2016-11-09 17:19:07 +00:00
|
|
|
|
2021-11-22 14:13:26 +00:00
|
|
|
"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
|
2021-06-26 04:46:51 +00:00
|
|
|
"github.com/fleetdm/fleet/v4/server/fleet"
|
|
|
|
"github.com/fleetdm/fleet/v4/server/ptr"
|
2021-04-07 01:27:10 +00:00
|
|
|
"github.com/go-kit/kit/endpoint"
|
Add read replica testing helpers and fix non-sso login bug (#4908)
not set on the INSERT.
- OUT: Only sets the ID on the passed session and returns it. (`CreatedAt`, `AccessedAt`, are not set.)
New version:
```go
func (ds *Datastore) NewSession(ctx context.Context, userID uint, sessionKey string) (*fleet.Session, error) {
sqlStatement := `
INSERT INTO sessions (
user_id,
` + "`key`" + `
)
VALUES(?,?)
`
result, err := ds.writer.ExecContext(ctx, sqlStatement, userID, sessionKey)
if err != nil {
return nil, ctxerr.Wrap(ctx, err, "inserting session")
}
id, _ := result.LastInsertId() // cannot fail with the mysql driver
return ds.sessionByID(ctx, ds.writer, uint(id))
}
```
- IN: Define arguments that are truly used when creating a session.
- OUT: Load and return the fleet.Session struct with all values set (using the `ds.writer` to support read replicas correctly).
PS: The new `NewSession` version mimics what we already do with other entities, like policies (`Datastore.NewGlobalPolicy`).
2022-04-04 23:52:05 +00:00
|
|
|
kitlog "github.com/go-kit/kit/log"
|
|
|
|
"github.com/go-kit/kit/log/level"
|
2016-11-09 17:19:07 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type setupRequest struct {
|
2021-06-15 18:25:52 +00:00
|
|
|
Admin *fleet.UserPayload `json:"admin"`
|
|
|
|
OrgInfo *fleet.OrgInfo `json:"org_info"`
|
|
|
|
ServerURL *string `json:"server_url,omitempty"`
|
|
|
|
EnrollSecret *string `json:"osquery_enroll_secret,omitempty"`
|
2016-11-09 17:19:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type setupResponse struct {
|
2021-06-15 18:25:52 +00:00
|
|
|
Admin *fleet.User `json:"admin,omitempty"`
|
|
|
|
OrgInfo *fleet.OrgInfo `json:"org_info,omitempty"`
|
|
|
|
ServerURL *string `json:"server_url"`
|
|
|
|
EnrollSecret *string `json:"osquery_enroll_secret"`
|
|
|
|
Token *string `json:"token,omitempty"`
|
|
|
|
Err error `json:"error,omitempty"`
|
2016-11-09 17:19:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (r setupResponse) error() error { return r.Err }
|
|
|
|
|
Add read replica testing helpers and fix non-sso login bug (#4908)
not set on the INSERT.
- OUT: Only sets the ID on the passed session and returns it. (`CreatedAt`, `AccessedAt`, are not set.)
New version:
```go
func (ds *Datastore) NewSession(ctx context.Context, userID uint, sessionKey string) (*fleet.Session, error) {
sqlStatement := `
INSERT INTO sessions (
user_id,
` + "`key`" + `
)
VALUES(?,?)
`
result, err := ds.writer.ExecContext(ctx, sqlStatement, userID, sessionKey)
if err != nil {
return nil, ctxerr.Wrap(ctx, err, "inserting session")
}
id, _ := result.LastInsertId() // cannot fail with the mysql driver
return ds.sessionByID(ctx, ds.writer, uint(id))
}
```
- IN: Define arguments that are truly used when creating a session.
- OUT: Load and return the fleet.Session struct with all values set (using the `ds.writer` to support read replicas correctly).
PS: The new `NewSession` version mimics what we already do with other entities, like policies (`Datastore.NewGlobalPolicy`).
2022-04-04 23:52:05 +00:00
|
|
|
func makeSetupEndpoint(svc fleet.Service, logger kitlog.Logger) endpoint.Endpoint {
|
2016-11-09 17:19:07 +00:00
|
|
|
return func(ctx context.Context, request interface{}) (interface{}, error) {
|
|
|
|
req := request.(setupRequest)
|
2021-08-20 15:27:41 +00:00
|
|
|
config := &fleet.AppConfig{}
|
2016-11-09 17:19:07 +00:00
|
|
|
if req.OrgInfo != nil {
|
2021-08-20 15:27:41 +00:00
|
|
|
config.OrgInfo = *req.OrgInfo
|
2016-11-09 17:19:07 +00:00
|
|
|
}
|
2021-06-06 23:58:23 +00:00
|
|
|
if req.ServerURL != nil {
|
2021-08-20 15:27:41 +00:00
|
|
|
config.ServerSettings.ServerURL = *req.ServerURL
|
2017-01-20 19:48:54 +00:00
|
|
|
}
|
2021-08-20 15:27:41 +00:00
|
|
|
config, err := svc.NewAppConfig(ctx, *config)
|
2016-11-09 17:19:07 +00:00
|
|
|
if err != nil {
|
|
|
|
return setupResponse{Err: err}, nil
|
|
|
|
}
|
2021-05-03 16:31:51 +00:00
|
|
|
|
|
|
|
if req.Admin == nil {
|
2021-11-22 14:13:26 +00:00
|
|
|
return setupResponse{Err: ctxerr.New(ctx, "setup request must provide admin")}, nil
|
2021-05-03 16:31:51 +00:00
|
|
|
}
|
|
|
|
|
2017-01-20 19:48:54 +00:00
|
|
|
// creating the user should be the last action. If there's a user
|
|
|
|
// present and other errors occur, the setup endpoint closes.
|
2021-05-03 16:31:51 +00:00
|
|
|
adminPayload := *req.Admin
|
|
|
|
if adminPayload.Email == nil || *adminPayload.Email == "" {
|
2021-11-22 14:13:26 +00:00
|
|
|
err := ctxerr.New(ctx, "admin email cannot be empty")
|
2021-05-03 16:31:51 +00:00
|
|
|
return setupResponse{Err: err}, nil
|
|
|
|
}
|
|
|
|
if adminPayload.Password == nil || *adminPayload.Password == "" {
|
2021-11-22 14:13:26 +00:00
|
|
|
err := ctxerr.New(ctx, "admin password cannot be empty")
|
2021-05-03 16:31:51 +00:00
|
|
|
return setupResponse{Err: err}, nil
|
|
|
|
}
|
|
|
|
// Make the user an admin
|
2021-06-06 22:07:29 +00:00
|
|
|
adminPayload.GlobalRole = ptr.String(fleet.RoleAdmin)
|
2021-08-20 15:27:41 +00:00
|
|
|
admin, err := svc.CreateInitialUser(ctx, adminPayload)
|
2021-05-03 16:31:51 +00:00
|
|
|
if err != nil {
|
|
|
|
return setupResponse{Err: err}, nil
|
2017-01-20 19:48:54 +00:00
|
|
|
}
|
|
|
|
|
Add read replica testing helpers and fix non-sso login bug (#4908)
not set on the INSERT.
- OUT: Only sets the ID on the passed session and returns it. (`CreatedAt`, `AccessedAt`, are not set.)
New version:
```go
func (ds *Datastore) NewSession(ctx context.Context, userID uint, sessionKey string) (*fleet.Session, error) {
sqlStatement := `
INSERT INTO sessions (
user_id,
` + "`key`" + `
)
VALUES(?,?)
`
result, err := ds.writer.ExecContext(ctx, sqlStatement, userID, sessionKey)
if err != nil {
return nil, ctxerr.Wrap(ctx, err, "inserting session")
}
id, _ := result.LastInsertId() // cannot fail with the mysql driver
return ds.sessionByID(ctx, ds.writer, uint(id))
}
```
- IN: Define arguments that are truly used when creating a session.
- OUT: Load and return the fleet.Session struct with all values set (using the `ds.writer` to support read replicas correctly).
PS: The new `NewSession` version mimics what we already do with other entities, like policies (`Datastore.NewGlobalPolicy`).
2022-04-04 23:52:05 +00:00
|
|
|
// If everything works to this point, log the user in and return token.
|
|
|
|
// If the login fails for some reason, ignore the error and don't return
|
|
|
|
// a token, forcing the user to log in manually.
|
|
|
|
var token *string
|
|
|
|
_, session, err := svc.Login(ctx, *req.Admin.Email, *req.Admin.Password)
|
2017-01-17 20:24:13 +00:00
|
|
|
if err != nil {
|
Add read replica testing helpers and fix non-sso login bug (#4908)
not set on the INSERT.
- OUT: Only sets the ID on the passed session and returns it. (`CreatedAt`, `AccessedAt`, are not set.)
New version:
```go
func (ds *Datastore) NewSession(ctx context.Context, userID uint, sessionKey string) (*fleet.Session, error) {
sqlStatement := `
INSERT INTO sessions (
user_id,
` + "`key`" + `
)
VALUES(?,?)
`
result, err := ds.writer.ExecContext(ctx, sqlStatement, userID, sessionKey)
if err != nil {
return nil, ctxerr.Wrap(ctx, err, "inserting session")
}
id, _ := result.LastInsertId() // cannot fail with the mysql driver
return ds.sessionByID(ctx, ds.writer, uint(id))
}
```
- IN: Define arguments that are truly used when creating a session.
- OUT: Load and return the fleet.Session struct with all values set (using the `ds.writer` to support read replicas correctly).
PS: The new `NewSession` version mimics what we already do with other entities, like policies (`Datastore.NewGlobalPolicy`).
2022-04-04 23:52:05 +00:00
|
|
|
level.Debug(logger).Log("endpoint", "setup", "op", "login", "err", err)
|
|
|
|
} else {
|
|
|
|
token = &session.Key
|
2017-01-17 20:24:13 +00:00
|
|
|
}
|
Add read replica testing helpers and fix non-sso login bug (#4908)
not set on the INSERT.
- OUT: Only sets the ID on the passed session and returns it. (`CreatedAt`, `AccessedAt`, are not set.)
New version:
```go
func (ds *Datastore) NewSession(ctx context.Context, userID uint, sessionKey string) (*fleet.Session, error) {
sqlStatement := `
INSERT INTO sessions (
user_id,
` + "`key`" + `
)
VALUES(?,?)
`
result, err := ds.writer.ExecContext(ctx, sqlStatement, userID, sessionKey)
if err != nil {
return nil, ctxerr.Wrap(ctx, err, "inserting session")
}
id, _ := result.LastInsertId() // cannot fail with the mysql driver
return ds.sessionByID(ctx, ds.writer, uint(id))
}
```
- IN: Define arguments that are truly used when creating a session.
- OUT: Load and return the fleet.Session struct with all values set (using the `ds.writer` to support read replicas correctly).
PS: The new `NewSession` version mimics what we already do with other entities, like policies (`Datastore.NewGlobalPolicy`).
2022-04-04 23:52:05 +00:00
|
|
|
|
2016-11-09 17:19:07 +00:00
|
|
|
return setupResponse{
|
2021-08-20 15:27:41 +00:00
|
|
|
Admin: admin,
|
|
|
|
OrgInfo: &config.OrgInfo,
|
|
|
|
ServerURL: req.ServerURL,
|
2021-06-15 18:25:52 +00:00
|
|
|
Token: token,
|
2016-11-09 17:19:07 +00:00
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
}
|