ayo/maingate
8
1
Fork 3
Code Issues Pull Requests Projects Releases Wiki Activity

화이트리스트 멤버에 tag 추가

Browse Source
This commit is contained in:
mountain
2023-06-19 14:31:34 +09:00
parent 40a5b4e878
commit 91790330d2
2 changed files with 28 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
core/api.go
View File

@ -326,7 +326,13 @@ func (caller apiCaller) whitelistAPI(w http.ResponseWriter, r *http.Request) err
} }
if len(all) > 0 { if len(all) > 0 {
allraw, _ := json.Marshal(all) var notexp []primitive.M
for _, v := range all {
if _, exp := v["_ts"]; !exp {
notexp = append(notexp, v)
}
}
allraw, _ := json.Marshal(notexp)
w.Write(allraw) w.Write(allraw)
} }
} else { } else {
@ -345,6 +351,8 @@ func (caller apiCaller) whitelistAPI(w http.ResponseWriter, r *http.Request) err
} }
member.Expired = 0 member.Expired = 0
// 테스트
member.Tag = whitelistMemberTag_QA
_, _, err := mg.mongoClient.Update(CollectionWhitelist, bson.M{ _, _, err := mg.mongoClient.Update(CollectionWhitelist, bson.M{
"_id": primitive.NewObjectID(), "_id": primitive.NewObjectID(),

63
core/service.go
View File

@ -28,25 +28,24 @@ type blockinfo struct {
Reason string `bson:"reason" json:"reason"` Reason string `bson:"reason" json:"reason"`
} }
type whitelistAuthType = string type whitelistMemberTag = string
const ( const (
whitelistAuthType_Default = whitelistAuthType("") whitelistMemberTag_Default = whitelistMemberTag("")
whitelistAuthType_QA = whitelistAuthType("qa") whitelistMemberTag_QA = whitelistMemberTag("#qa")
) )
type whitelistmember struct { type whitelistmember struct {
Service string `bson:"service" json:"service"` Service string `bson:"service" json:"service"`
Email string `bson:"email" json:"email"` Email string `bson:"email" json:"email"`
Platform string `bson:"platform" json:"platform"` Platform string `bson:"platform" json:"platform"`
Desc string `bson:"desc" json:"desc"` Desc string `bson:"desc" json:"desc"`
Auth []whitelistAuthType `bson:"auth" json:"auth"` Tag string `bson:"tag" json:"tag"`
Expired primitive.DateTime `bson:"_ts,omitempty" json:"_ts,omitempty"` Expired primitive.DateTime `bson:"_ts,omitempty" json:"_ts,omitempty"`
} }
type whitelist struct { type whitelist struct {
emailptr unsafe.Pointer emailptr unsafe.Pointer
qaptr unsafe.Pointer
working int32 working int32
} }
@ -61,29 +60,11 @@ type usertokeninfo struct {
} }
func (wl *whitelist) init(total []whitelistmember) { func (wl *whitelist) init(total []whitelistmember) {
auths := make(map[string]map[string]*whitelistmember) all := make(map[string]*whitelistmember)
for _, member := range total { for _, member := range total {
all := auths[""]
if all == nil {
all = make(map[string]*whitelistmember)
auths[""] = all
}
all[whitelistKey(member.Email)] = &member all[whitelistKey(member.Email)] = &member
for _, auth := range member.Auth {
spec := auths[auth]
if spec == nil {
spec = make(map[string]*whitelistmember)
auths[auth] = spec
}
spec[whitelistKey(member.Email)] = &member
}
} }
all := auths[whitelistAuthType_Default]
atomic.StorePointer(&wl.emailptr, unsafe.Pointer(&all)) atomic.StorePointer(&wl.emailptr, unsafe.Pointer(&all))
qa := auths[whitelistAuthType_QA]
atomic.StorePointer(&wl.qaptr, unsafe.Pointer(&qa))
} }
func addToUnsafePointer(to *unsafe.Pointer, m *whitelistmember) { func addToUnsafePointer(to *unsafe.Pointer, m *whitelistmember) {
@ -111,17 +92,13 @@ func removeFromUnsafePointer(from *unsafe.Pointer, email string) {
} }
func (wl *whitelist) add(m *whitelistmember) { func (wl *whitelist) add(m *whitelistmember) {
// 테스트
m.Tag = whitelistMemberTag_QA
addToUnsafePointer(&wl.emailptr, m) addToUnsafePointer(&wl.emailptr, m)
for _, auth := range m.Auth {
if auth == whitelistAuthType_QA {
addToUnsafePointer(&wl.qaptr, m)
}
}
} }
func (wl *whitelist) remove(email string) { func (wl *whitelist) remove(email string) {
removeFromUnsafePointer(&wl.emailptr, email) removeFromUnsafePointer(&wl.emailptr, email)
removeFromUnsafePointer(&wl.qaptr, email)
} }
func (wl *whitelist) isMember(email string, platform string) bool { func (wl *whitelist) isMember(email string, platform string) bool {
@ -138,14 +115,12 @@ func (wl *whitelist) isMember(email string, platform string) bool {
return false return false
} }
func (wl *whitelist) hasAuth(email string, platform string, auth whitelistAuthType) bool { func (wl *whitelist) hasTag(email string, platform string, tag whitelistMemberTag) bool {
if auth == whitelistAuthType_QA { ptr := atomic.LoadPointer(&wl.emailptr)
ptr := atomic.LoadPointer(&wl.qaptr) src := *(*map[string]*whitelistmember)(ptr)
src := *(*map[string]*whitelistmember)(ptr)
if member, exists := src[whitelistKey(email)]; exists { if member, exists := src[whitelistKey(email)]; exists {
return member.Platform == platform return strings.Contains(member.Tag, tag)
}
} }
return false return false
@ -732,7 +707,7 @@ func (sh *serviceDescription) ServeHTTP(w http.ResponseWriter, r *http.Request)
// 세션키가 있는지 확인 // 세션키가 있는지 확인
if _, ok := sh.auths.IsValid(sk, ""); !ok { if _, ok := sh.auths.IsValid(sk, ""); !ok {
logger.Println("sessionkey is not valid :", sk) logger.Println("sessionkey is not valid :", sk)
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusUnauthorized)
return return
} }
@ -754,7 +729,7 @@ func (sh *serviceDescription) ServeHTTP(w http.ResponseWriter, r *http.Request)
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
return return
} }
if sh.wl.hasAuth(cell.ToAuthinfo().Email, cell.ToAuthinfo().Platform, whitelistAuthType_QA) { if sh.wl.hasTag(cell.ToAuthinfo().Email, cell.ToAuthinfo().Platform, whitelistMemberTag_QA) {
// qa 권한이면 입장 가능 // qa 권한이면 입장 가능
w.Write([]byte(fmt.Sprintf(`{"service":"%s"}`, div.Url))) w.Write([]byte(fmt.Sprintf(`{"service":"%s"}`, div.Url)))
} else if div.Maintenance != nil { } else if div.Maintenance != nil {