satellite/admin: create an endpoint for isAccountFrozen

Endpoint checks if an account is frozen or unfrozen.

relates to https://github.com/storj/storj/issues/5398

Change-Id: I8ff44063870327e05cf729eaaaed1da6c5fa9217
This commit is contained in:
Lizzy Thomson 2022-12-14 08:00:14 -07:00 committed by Storj Robot
parent 471f9e4e10
commit 678bb12d4b
6 changed files with 54 additions and 5 deletions

View File

@ -599,6 +599,8 @@ func NewAPI(log *zap.Logger, full *identity.FullIdentity, db DB,
return nil, errs.Combine(err, peer.Close()) return nil, errs.Combine(err, peer.Close())
} }
accountFreezeService := console.NewAccountFreezeService(db.Console().AccountFreezeEvents(), db.Console().Users(), db.Console().Projects())
peer.Console.Endpoint = consoleweb.NewServer( peer.Console.Endpoint = consoleweb.NewServer(
peer.Log.Named("console:endpoint"), peer.Log.Named("console:endpoint"),
consoleConfig, consoleConfig,
@ -608,6 +610,7 @@ func NewAPI(log *zap.Logger, full *identity.FullIdentity, db DB,
peer.Marketing.PartnersService, peer.Marketing.PartnersService,
peer.Analytics.Service, peer.Analytics.Service,
peer.ABTesting.Service, peer.ABTesting.Service,
accountFreezeService,
peer.Console.Listener, peer.Console.Listener,
config.Payments.StripeCoinPayments.StripePublicKey, config.Payments.StripeCoinPayments.StripePublicKey,
config.Payments.UsagePrice, config.Payments.UsagePrice,

View File

@ -54,6 +54,7 @@ type Auth struct {
ActivateAccountURL string ActivateAccountURL string
SatelliteName string SatelliteName string
service *console.Service service *console.Service
accountFreezeService *console.AccountFreezeService
analytics *analytics.Service analytics *analytics.Service
mailService *mailservice.Service mailService *mailservice.Service
cookieAuth *consolewebauth.CookieAuth cookieAuth *consolewebauth.CookieAuth
@ -61,7 +62,7 @@ type Auth struct {
} }
// NewAuth is a constructor for api auth controller. // NewAuth is a constructor for api auth controller.
func NewAuth(log *zap.Logger, service *console.Service, mailService *mailservice.Service, cookieAuth *consolewebauth.CookieAuth, partners *rewards.PartnersService, analytics *analytics.Service, satelliteName string, externalAddress string, letUsKnowURL string, termsAndConditionsURL string, contactInfoURL string, generalRequestURL string) *Auth { func NewAuth(log *zap.Logger, service *console.Service, accountFreezeService *console.AccountFreezeService, mailService *mailservice.Service, cookieAuth *consolewebauth.CookieAuth, partners *rewards.PartnersService, analytics *analytics.Service, satelliteName string, externalAddress string, letUsKnowURL string, termsAndConditionsURL string, contactInfoURL string, generalRequestURL string) *Auth {
return &Auth{ return &Auth{
log: log, log: log,
ExternalAddress: externalAddress, ExternalAddress: externalAddress,
@ -74,6 +75,7 @@ func NewAuth(log *zap.Logger, service *console.Service, mailService *mailservice
CancelPasswordRecoveryURL: externalAddress + "cancel-password-recovery/", CancelPasswordRecoveryURL: externalAddress + "cancel-password-recovery/",
ActivateAccountURL: externalAddress + "activation/", ActivateAccountURL: externalAddress + "activation/",
service: service, service: service,
accountFreezeService: accountFreezeService,
mailService: mailService, mailService: mailService,
cookieAuth: cookieAuth, cookieAuth: cookieAuth,
partners: partners, partners: partners,
@ -377,6 +379,38 @@ func loadSession(req *http.Request) string {
return sessionCookie.Value return sessionCookie.Value
} }
// IsAccountFrozen checks to see if an account is frozen.
func (a *Auth) IsAccountFrozen(w http.ResponseWriter, r *http.Request) {
type FrozenResult struct {
Frozen bool `json:"frozen"`
}
ctx := r.Context()
var err error
defer mon.Task()(&ctx)(&err)
userID, err := a.service.GetUserID(ctx)
if err != nil {
a.serveJSONError(w, err)
return
}
frozenBool, err := a.accountFreezeService.IsUserFrozen(ctx, userID)
if err != nil {
a.serveJSONError(w, err)
return
}
w.Header().Set("Content-Type", "application/json")
err = json.NewEncoder(w).Encode(FrozenResult{
Frozen: frozenBool,
})
if err != nil {
a.log.Error("could not encode account status", zap.Error(ErrAuthAPI.Wrap(err)))
return
}
}
// UpdateAccount updates user's full name and short name. // UpdateAccount updates user's full name and short name.
func (a *Auth) UpdateAccount(w http.ResponseWriter, r *http.Request) { func (a *Auth) UpdateAccount(w http.ResponseWriter, r *http.Request) {
ctx := r.Context() ctx := r.Context()

View File

@ -293,7 +293,7 @@ func TestDeleteAccount(t *testing.T) {
actualHandler := func(r *http.Request) (status int, body []byte) { actualHandler := func(r *http.Request) (status int, body []byte) {
rr := httptest.NewRecorder() rr := httptest.NewRecorder()
authController := consoleapi.NewAuth(log, nil, nil, nil, nil, nil, "", "", "", "", "", "") authController := consoleapi.NewAuth(log, nil, nil, nil, nil, nil, nil, "", "", "", "", "", "")
authController.DeleteAccount(rr, r) authController.DeleteAccount(rr, r)
//nolint:bodyclose //nolint:bodyclose

View File

@ -86,6 +86,17 @@ func TestAuth(t *testing.T) {
require.NotEmpty(test.t, userIdentifier.ID) require.NotEmpty(test.t, userIdentifier.ID)
} }
{ // Get_FreezeStatus
resp, body := test.request(http.MethodGet, "/auth/account/freezestatus", nil)
require.Equal(test.t, http.StatusOK, resp.StatusCode)
require.Contains(test.t, body, "frozen")
var freezestatus struct{ Frozen bool }
require.NoError(test.t, json.Unmarshal([]byte(body), &freezestatus))
require.Equal(test.t, http.StatusOK, resp.StatusCode)
require.False(test.t, freezestatus.Frozen)
}
{ // Logout { // Logout
resp, _ := test.request(http.MethodPost, "/auth/logout", nil) resp, _ := test.request(http.MethodPost, "/auth/logout", nil)
cookie := findCookie(resp, "_tokenKey") cookie := findCookie(resp, "_tokenKey")

View File

@ -206,7 +206,7 @@ func (a *apiAuth) RemoveAuthCookie(w http.ResponseWriter) {
} }
// NewServer creates new instance of console server. // NewServer creates new instance of console server.
func NewServer(logger *zap.Logger, config Config, service *console.Service, oidcService *oidc.Service, mailService *mailservice.Service, partners *rewards.PartnersService, analytics *analytics.Service, abTesting *abtesting.Service, listener net.Listener, stripePublicKey string, usagePrice paymentsconfig.ProjectUsagePrice, nodeURL storj.NodeURL) *Server { func NewServer(logger *zap.Logger, config Config, service *console.Service, oidcService *oidc.Service, mailService *mailservice.Service, partners *rewards.PartnersService, analytics *analytics.Service, abTesting *abtesting.Service, accountFreezeService *console.AccountFreezeService, listener net.Listener, stripePublicKey string, usagePrice paymentsconfig.ProjectUsagePrice, nodeURL storj.NodeURL) *Server {
server := Server{ server := Server{
log: logger, log: logger,
config: config, config: config,
@ -278,12 +278,13 @@ func NewServer(logger *zap.Logger, config Config, service *console.Service, oidc
server.withAuth(http.HandlerFunc(usageLimitsController.DailyUsage)), server.withAuth(http.HandlerFunc(usageLimitsController.DailyUsage)),
).Methods(http.MethodGet) ).Methods(http.MethodGet)
authController := consoleapi.NewAuth(logger, service, mailService, server.cookieAuth, partners, server.analytics, config.SatelliteName, server.config.ExternalAddress, config.LetUsKnowURL, config.TermsAndConditionsURL, config.ContactInfoURL, config.GeneralRequestURL) authController := consoleapi.NewAuth(logger, service, accountFreezeService, mailService, server.cookieAuth, partners, server.analytics, config.SatelliteName, server.config.ExternalAddress, config.LetUsKnowURL, config.TermsAndConditionsURL, config.ContactInfoURL, config.GeneralRequestURL)
authRouter := router.PathPrefix("/api/v0/auth").Subrouter() authRouter := router.PathPrefix("/api/v0/auth").Subrouter()
authRouter.Handle("/account", server.withAuth(http.HandlerFunc(authController.GetAccount))).Methods(http.MethodGet) authRouter.Handle("/account", server.withAuth(http.HandlerFunc(authController.GetAccount))).Methods(http.MethodGet)
authRouter.Handle("/account", server.withAuth(http.HandlerFunc(authController.UpdateAccount))).Methods(http.MethodPatch) authRouter.Handle("/account", server.withAuth(http.HandlerFunc(authController.UpdateAccount))).Methods(http.MethodPatch)
authRouter.Handle("/account/change-email", server.withAuth(http.HandlerFunc(authController.ChangeEmail))).Methods(http.MethodPost) authRouter.Handle("/account/change-email", server.withAuth(http.HandlerFunc(authController.ChangeEmail))).Methods(http.MethodPost)
authRouter.Handle("/account/change-password", server.withAuth(http.HandlerFunc(authController.ChangePassword))).Methods(http.MethodPost) authRouter.Handle("/account/change-password", server.withAuth(http.HandlerFunc(authController.ChangePassword))).Methods(http.MethodPost)
authRouter.Handle("/account/freezestatus", server.withAuth(http.HandlerFunc(authController.IsAccountFrozen))).Methods(http.MethodGet)
authRouter.Handle("/account/delete", server.withAuth(http.HandlerFunc(authController.DeleteAccount))).Methods(http.MethodPost) authRouter.Handle("/account/delete", server.withAuth(http.HandlerFunc(authController.DeleteAccount))).Methods(http.MethodPost)
authRouter.Handle("/mfa/enable", server.withAuth(http.HandlerFunc(authController.EnableUserMFA))).Methods(http.MethodPost) authRouter.Handle("/mfa/enable", server.withAuth(http.HandlerFunc(authController.EnableUserMFA))).Methods(http.MethodPost)
authRouter.Handle("/mfa/disable", server.withAuth(http.HandlerFunc(authController.DisableUserMFA))).Methods(http.MethodPost) authRouter.Handle("/mfa/disable", server.withAuth(http.HandlerFunc(authController.DisableUserMFA))).Methods(http.MethodPost)

View File

@ -87,7 +87,7 @@ func (chore *Chore) Run(ctx context.Context) (err error) {
chore.log.Error("error generating activation token", zap.Error(err)) chore.log.Error("error generating activation token", zap.Error(err))
return nil return nil
} }
authController := consoleapi.NewAuth(chore.log, nil, nil, nil, nil, nil, "", chore.address, "", "", "", "") authController := consoleapi.NewAuth(chore.log, nil, nil, nil, nil, nil, nil, "", chore.address, "", "", "", "")
link := authController.ActivateAccountURL + "?token=" + token link := authController.ActivateAccountURL + "?token=" + token
userName := u.ShortName userName := u.ShortName