diff --git a/apps/db-adapter/internal/api/auth/admin_operations.go b/apps/db-adapter/internal/api/auth/admin_operations.go index 420e3cf..6a8b8f9 100644 --- a/apps/db-adapter/internal/api/auth/admin_operations.go +++ b/apps/db-adapter/internal/api/auth/admin_operations.go @@ -7,7 +7,20 @@ import ( "github.com/vcscsvcscs/GenerationsHeritage/apps/db-adapter/internal/memgraph" ) -// This function checks if the user has permission to manage another user's profile, it returns an error if the user does not have permission. +// CouldManagePerson determines if an admin has the authority to manage a person. +// It checks if the provided adminId matches the XUserID, and if not, delegates +// the check to CouldManagePersonUnknownAdmin. +// +// Parameters: +// - ctx: The context for managing request-scoped values, deadlines, and cancellations. +// - session: The Neo4j session used for database operations. +// - userId: The ID of the user being managed. +// - adminId: The ID of the admin attempting to manage the user. +// - XUserID: The ID of the currently authenticated user. +// +// Returns: +// - An error if the admin does not have the authority to manage the person, +// or nil if the operation is allowed. func CouldManagePerson(ctx context.Context, session neo4j.SessionWithContext, userId, adminId, XUserID int) error { if adminId == XUserID { return nil @@ -16,7 +29,20 @@ func CouldManagePerson(ctx context.Context, session neo4j.SessionWithContext, us return CouldManagePersonUnknownAdmin(ctx, session, userId, XUserID) } -// This function checks if the user has permission to manage another user's profile, it returns an error if the user does not have permission. +// CouldManagePersonUnknownAdmin checks if a user can manage another person +// when the user is not an admin. It verifies if the provided userId matches +// the XUserID, and if not, it attempts to read the admin relationship between +// the two users from the database. +// +// Parameters: +// - ctx: The context for managing request-scoped values, deadlines, and cancellations. +// - session: The Neo4j session used to execute the database query. +// - userId: The ID of the user attempting to manage another person. +// - XUserID: The ID of the person being managed. +// +// Returns: +// - An error if the user is not allowed to manage the person or if there is +// an issue querying the database. Returns nil if the user is allowed. func CouldManagePersonUnknownAdmin(ctx context.Context, session neo4j.SessionWithContext, userId, XUserID int) error { if userId == XUserID { return nil diff --git a/apps/db-adapter/internal/api/auth/read_operations.go b/apps/db-adapter/internal/api/auth/read_operations.go index 1a17b79..a48b08d 100644 --- a/apps/db-adapter/internal/api/auth/read_operations.go +++ b/apps/db-adapter/internal/api/auth/read_operations.go @@ -36,5 +36,4 @@ func CouldSeePersonsProfile(ctx context.Context, session neo4j.SessionWithContex } return fmt.Errorf("user %d does not have permission to see user %d", XUserID, userId) - } diff --git a/apps/db-adapter/internal/api/closeSession.go b/apps/db-adapter/internal/api/closeSession.go index 17ec098..3b9a1d1 100644 --- a/apps/db-adapter/internal/api/closeSession.go +++ b/apps/db-adapter/internal/api/closeSession.go @@ -8,6 +8,15 @@ import ( "go.uber.org/zap" ) +// closeSession closes a Neo4j session with a specified timeout. +// It ensures that the session is properly closed within the given timeout duration. +// If an error occurs during the session closure, it logs the error using the provided logger. +// +// Parameters: +// - ctx: The parent context for managing the session closure. +// - logger: The logger instance used to log any errors during session closure. +// - session: The Neo4j session to be closed. +// - timeOut: The maximum duration allowed for closing the session. func closeSession(ctx context.Context, logger *zap.Logger, session neo4j.SessionWithContext, timeOut time.Duration) { sctx, cancel := context.WithTimeout(ctx, timeOut) if err := session.Close(sctx); err != nil { diff --git a/apps/db-adapter/internal/api/server_test.go b/apps/db-adapter/internal/api/server_test.go index b82bd6b..1ddb282 100644 --- a/apps/db-adapter/internal/api/server_test.go +++ b/apps/db-adapter/internal/api/server_test.go @@ -7,6 +7,7 @@ import ( "github.com/neo4j/neo4j-go-driver/v5/neo4j" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" + "github.com/stretchr/testify/require" "go.uber.org/zap" ) @@ -31,7 +32,7 @@ func (m *mockHealthCheck) GetStatus() string { func TestNewServer(t *testing.T) { logger := zap.NewNop() mockDriver, err := neo4j.NewDriverWithContext("bolt+ssc://memgraph:7687", nil) - assert.NoError(t, err) + require.NoError(t, err) mockHealth := &mockHealthCheck{} t.Run("should create a new server instance", func(t *testing.T) { diff --git a/apps/db-adapter/internal/memgraph/cypher_verify_string.go b/apps/db-adapter/internal/memgraph/cypher_verify_string.go index af0420c..0a75037 100644 --- a/apps/db-adapter/internal/memgraph/cypher_verify_string.go +++ b/apps/db-adapter/internal/memgraph/cypher_verify_string.go @@ -79,7 +79,20 @@ var cypherOperators = []string{ "IS DURATION", } -// cypherDelimiters contains the delimiters that need to be escaped in a string to prevent cypher injection keys are the delimiters that need to be escaped and values are the escaped delimiters +// cypherDelimiters is a map that defines escape sequences for various +// delimiter characters used in Cypher queries. The keys represent +// the original delimiter characters, and the values represent their +// corresponding escaped versions. This ensures that special characters +// are properly escaped to prevent syntax errors or injection issues +// when constructing Cypher queries. +// +// Key-value pairs: +// - "'" -> `\'` +// - `"` -> `\"` +// - `\u0027` -> `\\u0027` +// - `\u0022` -> `\\\\u0022` +// - "`" -> ` “ ` +// - `\u0060` -> `\\u0060\\u0060` var cypherDelimiters = map[string]string{ "'": `\'`, `"`: `\"`, diff --git a/apps/db-adapter/internal/memgraph/person_test.go b/apps/db-adapter/internal/memgraph/person_test.go index 49888d0..9749c6b 100644 --- a/apps/db-adapter/internal/memgraph/person_test.go +++ b/apps/db-adapter/internal/memgraph/person_test.go @@ -7,6 +7,7 @@ import ( "github.com/neo4j/neo4j-go-driver/v5/neo4j" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" "github.com/vcscsvcscs/GenerationsHeritage/apps/db-adapter/internal/memgraph/mock" "github.com/vcscsvcscs/GenerationsHeritage/apps/db-adapter/pkg/api" ) @@ -137,10 +138,10 @@ func TestHardDeletePerson(t *testing.T) { result, err := work(mockTx) if tc.expectedError != nil { - assert.Error(t, err) + require.Error(t, err) assert.Nil(t, result) } else { - assert.NoError(t, err) + require.NoError(t, err) assert.Equal(t, tc.expectedResult, result) } }) diff --git a/apps/db-adapter/main.go b/apps/db-adapter/main.go index 8c5f0bc..6b7d376 100644 --- a/apps/db-adapter/main.go +++ b/apps/db-adapter/main.go @@ -21,6 +21,16 @@ import ( "go.uber.org/zap" ) +const ( + defaultHTTPPort = ":80" + defaultMemgraphURI = "bolt://memgraph:7687" + defaultMemgraphUser = "" + defaultMemgraphPass = "" + defaultProduction = false + defaultRequestTimeout = 20 + defaultDBOpTimeout = 5 +) + var ( httpPort string memgraphURI string @@ -34,13 +44,13 @@ var ( func init() { viper.AutomaticEnv() - viper.SetDefault("HTTP_PORT", ":80") - viper.SetDefault("MEMGRAPH_URI", "bolt://memgraph:7687") - viper.SetDefault("MEMGRAPH_USER", "") - viper.SetDefault("MEMGRAPH_PASS", "") - viper.SetDefault("PRODUCTION", false) - viper.SetDefault("REQUEST_TIMEOUT", 20) - viper.SetDefault("DB_OP_TIMEOUT", 5) + viper.SetDefault("HTTP_PORT", defaultHTTPPort) + viper.SetDefault("MEMGRAPH_URI", defaultMemgraphURI) + viper.SetDefault("MEMGRAPH_USER", defaultMemgraphUser) + viper.SetDefault("MEMGRAPH_PASS", defaultMemgraphPass) + viper.SetDefault("PRODUCTION", defaultProduction) + viper.SetDefault("REQUEST_TIMEOUT", defaultRequestTimeout) + viper.SetDefault("DB_OP_TIMEOUT", defaultDBOpTimeout) httpPort = viper.GetString("HTTP_PORT") memgraphURI = viper.GetString("MEMGRAPH_URI")