// Copyright (C) 2019 Nicola Murino // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU Affero General Public License as published // by the Free Software Foundation, version 3. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . package dataprovider import ( "bytes" "crypto/x509" "errors" "fmt" "net/netip" "os" "path/filepath" "sort" "sync" "time" "github.com/drakkan/sftpgo/v2/internal/logger" "github.com/drakkan/sftpgo/v2/internal/util" "github.com/drakkan/sftpgo/v2/internal/vfs" ) var ( errMemoryProviderClosed = errors.New("memory provider is closed") ) type memoryProviderHandle struct { // configuration file to use for loading users configFile string sync.Mutex isClosed bool // slice with ordered usernames usernames []string // map for users, username is the key users map[string]User // slice with ordered group names groupnames []string // map for group, group name is the key groups map[string]Group // map for virtual folders, folder name is the key vfolders map[string]vfs.BaseVirtualFolder // slice with ordered folder names vfoldersNames []string // map for admins, username is the key admins map[string]Admin // slice with ordered admins adminsUsernames []string // map for API keys, keyID is the key apiKeys map[string]APIKey // slice with ordered API keys KeyID apiKeysIDs []string // map for shares, shareID is the key shares map[string]Share // slice with ordered shares shareID sharesIDs []string // map for event actions, name is the key actions map[string]BaseEventAction // slice with ordered actions actionsNames []string // map for event actions, name is the key rules map[string]EventRule // slice with ordered rules rulesNames []string // map for roles, name is the key roles map[string]Role // slice with ordered roles roleNames []string // map for IP List entry ipListEntries map[string]IPListEntry // slice with ordered IP list entries ipListEntriesKeys []string // configurations configs Configs } // MemoryProvider defines the auth provider for a memory store type MemoryProvider struct { dbHandle *memoryProviderHandle } func initializeMemoryProvider(basePath string) { configFile := "" if util.IsFileInputValid(config.Name) { configFile = config.Name if !filepath.IsAbs(configFile) { configFile = filepath.Join(basePath, configFile) } } provider = &MemoryProvider{ dbHandle: &memoryProviderHandle{ isClosed: false, usernames: []string{}, users: make(map[string]User), groupnames: []string{}, groups: make(map[string]Group), vfolders: make(map[string]vfs.BaseVirtualFolder), vfoldersNames: []string{}, admins: make(map[string]Admin), adminsUsernames: []string{}, apiKeys: make(map[string]APIKey), apiKeysIDs: []string{}, shares: make(map[string]Share), sharesIDs: []string{}, actions: make(map[string]BaseEventAction), actionsNames: []string{}, rules: make(map[string]EventRule), rulesNames: []string{}, roles: map[string]Role{}, roleNames: []string{}, ipListEntries: map[string]IPListEntry{}, ipListEntriesKeys: []string{}, configs: Configs{}, configFile: configFile, }, } if err := provider.reloadConfig(); err != nil { logger.Error(logSender, "", "unable to load initial data: %v", err) logger.ErrorToConsole("unable to load initial data: %v", err) } } func (p *MemoryProvider) checkAvailability() error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } return nil } func (p *MemoryProvider) close() error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } p.dbHandle.isClosed = true return nil } func (p *MemoryProvider) validateUserAndTLSCert(username, protocol string, tlsCert *x509.Certificate) (User, error) { var user User if tlsCert == nil { return user, errors.New("TLS certificate cannot be null or empty") } user, err := p.userExists(username, "") if err != nil { providerLog(logger.LevelWarn, "error authenticating user %q: %v", username, err) return user, err } return checkUserAndTLSCertificate(&user, protocol, tlsCert) } func (p *MemoryProvider) validateUserAndPass(username, password, ip, protocol string) (User, error) { user, err := p.userExists(username, "") if err != nil { providerLog(logger.LevelWarn, "error authenticating user %q: %v", username, err) return user, err } return checkUserAndPass(&user, password, ip, protocol) } func (p *MemoryProvider) validateUserAndPubKey(username string, pubKey []byte, isSSHCert bool) (User, string, error) { var user User if len(pubKey) == 0 { return user, "", errors.New("credentials cannot be null or empty") } user, err := p.userExists(username, "") if err != nil { providerLog(logger.LevelWarn, "error authenticating user %q: %v", username, err) return user, "", err } return checkUserAndPubKey(&user, pubKey, isSSHCert) } func (p *MemoryProvider) validateAdminAndPass(username, password, ip string) (Admin, error) { admin, err := p.adminExists(username) if err != nil { providerLog(logger.LevelWarn, "error authenticating admin %q: %v", username, err) return admin, err } err = admin.checkUserAndPass(password, ip) return admin, err } func (p *MemoryProvider) updateAPIKeyLastUse(keyID string) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } apiKey, err := p.apiKeyExistsInternal(keyID) if err != nil { return err } apiKey.LastUseAt = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.apiKeys[apiKey.KeyID] = apiKey return nil } func (p *MemoryProvider) setUpdatedAt(username string) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return } user, err := p.userExistsInternal(username) if err != nil { return } user.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.users[user.Username] = user setLastUserUpdate() } func (p *MemoryProvider) updateLastLogin(username string) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } user, err := p.userExistsInternal(username) if err != nil { return err } user.LastLogin = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.users[user.Username] = user return nil } func (p *MemoryProvider) updateAdminLastLogin(username string) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } admin, err := p.adminExistsInternal(username) if err != nil { return err } admin.LastLogin = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.admins[admin.Username] = admin return nil } func (p *MemoryProvider) updateTransferQuota(username string, uploadSize, downloadSize int64, reset bool) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } user, err := p.userExistsInternal(username) if err != nil { providerLog(logger.LevelError, "unable to update transfer quota for user %q error: %v", username, err) return err } if reset { user.UsedUploadDataTransfer = uploadSize user.UsedDownloadDataTransfer = downloadSize } else { user.UsedUploadDataTransfer += uploadSize user.UsedDownloadDataTransfer += downloadSize } user.LastQuotaUpdate = util.GetTimeAsMsSinceEpoch(time.Now()) providerLog(logger.LevelDebug, "transfer quota updated for user %q, ul increment: %v dl increment: %v is reset? %v", username, uploadSize, downloadSize, reset) p.dbHandle.users[user.Username] = user return nil } func (p *MemoryProvider) updateQuota(username string, filesAdd int, sizeAdd int64, reset bool) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } user, err := p.userExistsInternal(username) if err != nil { providerLog(logger.LevelError, "unable to update quota for user %q error: %v", username, err) return err } if reset { user.UsedQuotaSize = sizeAdd user.UsedQuotaFiles = filesAdd } else { user.UsedQuotaSize += sizeAdd user.UsedQuotaFiles += filesAdd } user.LastQuotaUpdate = util.GetTimeAsMsSinceEpoch(time.Now()) providerLog(logger.LevelDebug, "quota updated for user %q, files increment: %v size increment: %v is reset? %v", username, filesAdd, sizeAdd, reset) p.dbHandle.users[user.Username] = user return nil } func (p *MemoryProvider) getUsedQuota(username string) (int, int64, int64, int64, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return 0, 0, 0, 0, errMemoryProviderClosed } user, err := p.userExistsInternal(username) if err != nil { providerLog(logger.LevelError, "unable to get quota for user %q error: %v", username, err) return 0, 0, 0, 0, err } return user.UsedQuotaFiles, user.UsedQuotaSize, user.UsedUploadDataTransfer, user.UsedDownloadDataTransfer, err } func (p *MemoryProvider) addUser(user *User) error { err := ValidateUser(user) if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err = p.userExistsInternal(user.Username) if err == nil { return util.NewI18nError( fmt.Errorf("%w: username %v already exists", ErrDuplicatedKey, user.Username), util.I18nErrorDuplicatedUsername, ) } user.ID = p.getNextID() user.LastQuotaUpdate = 0 user.UsedQuotaSize = 0 user.UsedQuotaFiles = 0 user.UsedUploadDataTransfer = 0 user.UsedDownloadDataTransfer = 0 user.LastLogin = 0 user.FirstUpload = 0 user.FirstDownload = 0 user.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) user.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) if err := p.addUserToRole(user.Username, user.Role); err != nil { return err } sort.Slice(user.Groups, func(i, j int) bool { return user.Groups[i].Name < user.Groups[j].Name }) var mappedGroups []string for idx := range user.Groups { if err = p.addUserToGroupMapping(user.Username, user.Groups[idx].Name); err != nil { // try to remove group mapping for _, g := range mappedGroups { p.removeUserFromGroupMapping(user.Username, g) } return err } mappedGroups = append(mappedGroups, user.Groups[idx].Name) } sort.Slice(user.VirtualFolders, func(i, j int) bool { return user.VirtualFolders[i].Name < user.VirtualFolders[j].Name }) var mappedFolders []string for idx := range user.VirtualFolders { if err = p.addUserToFolderMapping(user.Username, user.VirtualFolders[idx].Name); err != nil { // try to remove folder mapping for _, f := range mappedFolders { p.removeRelationFromFolderMapping(f, user.Username, "") } return err } mappedFolders = append(mappedFolders, user.VirtualFolders[idx].Name) } p.dbHandle.users[user.Username] = user.getACopy() p.dbHandle.usernames = append(p.dbHandle.usernames, user.Username) sort.Strings(p.dbHandle.usernames) return nil } func (p *MemoryProvider) updateUser(user *User) error { //nolint:gocyclo err := ValidateUser(user) if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } u, err := p.userExistsInternal(user.Username) if err != nil { return err } p.removeUserFromRole(u.Username, u.Role) if err := p.addUserToRole(user.Username, user.Role); err != nil { // try ro add old role if errRollback := p.addUserToRole(u.Username, u.Role); errRollback != nil { providerLog(logger.LevelError, "unable to rollback old role %q for user %q, error: %v", u.Role, u.Username, errRollback) } return err } for idx := range u.Groups { p.removeUserFromGroupMapping(u.Username, u.Groups[idx].Name) } sort.Slice(user.Groups, func(i, j int) bool { return user.Groups[i].Name < user.Groups[j].Name }) for idx := range user.Groups { if err = p.addUserToGroupMapping(user.Username, user.Groups[idx].Name); err != nil { // try to add old mapping for _, g := range u.Groups { if errRollback := p.addUserToGroupMapping(user.Username, g.Name); errRollback != nil { providerLog(logger.LevelError, "unable to rollback old group mapping %q for user %q, error: %v", g.Name, user.Username, errRollback) } } return err } } for _, oldFolder := range u.VirtualFolders { p.removeRelationFromFolderMapping(oldFolder.Name, u.Username, "") } sort.Slice(user.VirtualFolders, func(i, j int) bool { return user.VirtualFolders[i].Name < user.VirtualFolders[j].Name }) for idx := range user.VirtualFolders { if err = p.addUserToFolderMapping(user.Username, user.VirtualFolders[idx].Name); err != nil { // try to add old mapping for _, f := range u.VirtualFolders { if errRollback := p.addUserToFolderMapping(user.Username, f.Name); errRollback != nil { providerLog(logger.LevelError, "unable to rollback old folder mapping %q for user %q, error: %v", f.Name, user.Username, errRollback) } } return err } } user.LastQuotaUpdate = u.LastQuotaUpdate user.UsedQuotaSize = u.UsedQuotaSize user.UsedQuotaFiles = u.UsedQuotaFiles user.UsedUploadDataTransfer = u.UsedUploadDataTransfer user.UsedDownloadDataTransfer = u.UsedDownloadDataTransfer user.LastLogin = u.LastLogin user.FirstDownload = u.FirstDownload user.FirstUpload = u.FirstUpload user.CreatedAt = u.CreatedAt user.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) user.ID = u.ID // pre-login and external auth hook will use the passed *user so save a copy p.dbHandle.users[user.Username] = user.getACopy() setLastUserUpdate() return nil } func (p *MemoryProvider) deleteUser(user User, _ bool) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } u, err := p.userExistsInternal(user.Username) if err != nil { return err } p.removeUserFromRole(u.Username, u.Role) for _, oldFolder := range u.VirtualFolders { p.removeRelationFromFolderMapping(oldFolder.Name, u.Username, "") } for idx := range u.Groups { p.removeUserFromGroupMapping(u.Username, u.Groups[idx].Name) } delete(p.dbHandle.users, user.Username) // this could be more efficient p.dbHandle.usernames = make([]string, 0, len(p.dbHandle.users)) for username := range p.dbHandle.users { p.dbHandle.usernames = append(p.dbHandle.usernames, username) } sort.Strings(p.dbHandle.usernames) p.deleteAPIKeysWithUser(user.Username) p.deleteSharesWithUser(user.Username) return nil } func (p *MemoryProvider) updateUserPassword(username, password string) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } user, err := p.userExistsInternal(username) if err != nil { return err } user.Password = password user.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.users[username] = user return nil } func (p *MemoryProvider) dumpUsers() ([]User, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() users := make([]User, 0, len(p.dbHandle.usernames)) var err error if p.dbHandle.isClosed { return users, errMemoryProviderClosed } for _, username := range p.dbHandle.usernames { u := p.dbHandle.users[username] user := u.getACopy() p.addVirtualFoldersToUser(&user) users = append(users, user) } return users, err } func (p *MemoryProvider) dumpFolders() ([]vfs.BaseVirtualFolder, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() folders := make([]vfs.BaseVirtualFolder, 0, len(p.dbHandle.vfoldersNames)) if p.dbHandle.isClosed { return folders, errMemoryProviderClosed } for _, f := range p.dbHandle.vfolders { folders = append(folders, f) } return folders, nil } func (p *MemoryProvider) getRecentlyUpdatedUsers(after int64) ([]User, error) { if getLastUserUpdate() < after { return nil, nil } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } users := make([]User, 0, 10) for _, username := range p.dbHandle.usernames { u := p.dbHandle.users[username] if u.UpdatedAt < after { continue } user := u.getACopy() p.addVirtualFoldersToUser(&user) if len(user.Groups) > 0 { groupMapping := make(map[string]Group) for idx := range user.Groups { group, err := p.groupExistsInternal(user.Groups[idx].Name) if err != nil { continue } groupMapping[group.Name] = group } user.applyGroupSettings(groupMapping) } user.SetEmptySecretsIfNil() users = append(users, user) } return users, nil } func (p *MemoryProvider) getUsersForQuotaCheck(toFetch map[string]bool) ([]User, error) { users := make([]User, 0, 30) p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return users, errMemoryProviderClosed } for _, username := range p.dbHandle.usernames { if needFolders, ok := toFetch[username]; ok { u := p.dbHandle.users[username] user := u.getACopy() if needFolders { p.addVirtualFoldersToUser(&user) } if len(user.Groups) > 0 { groupMapping := make(map[string]Group) for idx := range user.Groups { group, err := p.groupExistsInternal(user.Groups[idx].Name) if err != nil { continue } groupMapping[group.Name] = group } user.applyGroupSettings(groupMapping) } user.SetEmptySecretsIfNil() user.PrepareForRendering() users = append(users, user) } } return users, nil } func (p *MemoryProvider) getUsers(limit int, offset int, order, role string) ([]User, error) { users := make([]User, 0, limit) var err error p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return users, errMemoryProviderClosed } if limit <= 0 { return users, err } itNum := 0 if order == OrderASC { for _, username := range p.dbHandle.usernames { itNum++ if itNum <= offset { continue } u := p.dbHandle.users[username] user := u.getACopy() if !user.hasRole(role) { continue } p.addVirtualFoldersToUser(&user) user.PrepareForRendering() users = append(users, user) if len(users) >= limit { break } } } else { for i := len(p.dbHandle.usernames) - 1; i >= 0; i-- { itNum++ if itNum <= offset { continue } username := p.dbHandle.usernames[i] u := p.dbHandle.users[username] user := u.getACopy() if !user.hasRole(role) { continue } p.addVirtualFoldersToUser(&user) user.PrepareForRendering() users = append(users, user) if len(users) >= limit { break } } } return users, err } func (p *MemoryProvider) userExists(username, role string) (User, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return User{}, errMemoryProviderClosed } user, err := p.userExistsInternal(username) if err != nil { return user, err } if !user.hasRole(role) { return User{}, util.NewRecordNotFoundError(fmt.Sprintf("username %q does not exist", username)) } p.addVirtualFoldersToUser(&user) return user, nil } func (p *MemoryProvider) userExistsInternal(username string) (User, error) { if val, ok := p.dbHandle.users[username]; ok { return val.getACopy(), nil } return User{}, util.NewRecordNotFoundError(fmt.Sprintf("username %q does not exist", username)) } func (p *MemoryProvider) groupExistsInternal(name string) (Group, error) { if val, ok := p.dbHandle.groups[name]; ok { return val.getACopy(), nil } return Group{}, util.NewRecordNotFoundError(fmt.Sprintf("group %q does not exist", name)) } func (p *MemoryProvider) actionExistsInternal(name string) (BaseEventAction, error) { if val, ok := p.dbHandle.actions[name]; ok { return val.getACopy(), nil } return BaseEventAction{}, util.NewRecordNotFoundError(fmt.Sprintf("event action %q does not exist", name)) } func (p *MemoryProvider) ruleExistsInternal(name string) (EventRule, error) { if val, ok := p.dbHandle.rules[name]; ok { return val.getACopy(), nil } return EventRule{}, util.NewRecordNotFoundError(fmt.Sprintf("event rule %q does not exist", name)) } func (p *MemoryProvider) roleExistsInternal(name string) (Role, error) { if val, ok := p.dbHandle.roles[name]; ok { return val.getACopy(), nil } return Role{}, util.NewRecordNotFoundError(fmt.Sprintf("role %q does not exist", name)) } func (p *MemoryProvider) ipListEntryExistsInternal(entry *IPListEntry) (IPListEntry, error) { if val, ok := p.dbHandle.ipListEntries[entry.getKey()]; ok { return val.getACopy(), nil } return IPListEntry{}, util.NewRecordNotFoundError(fmt.Sprintf("IP list entry %q does not exist", entry.getName())) } func (p *MemoryProvider) addAdmin(admin *Admin) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } err := admin.validate() if err != nil { return err } _, err = p.adminExistsInternal(admin.Username) if err == nil { return util.NewI18nError( fmt.Errorf("%w: admin %q already exists", ErrDuplicatedKey, admin.Username), util.I18nErrorDuplicatedUsername, ) } admin.ID = p.getNextAdminID() admin.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) admin.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) admin.LastLogin = 0 if err := p.addAdminToRole(admin.Username, admin.Role); err != nil { return err } var mappedAdmins []string sort.Slice(admin.Groups, func(i, j int) bool { return admin.Groups[i].Name < admin.Groups[j].Name }) for idx := range admin.Groups { if err = p.addAdminToGroupMapping(admin.Username, admin.Groups[idx].Name); err != nil { // try to remove group mapping for _, g := range mappedAdmins { p.removeAdminFromGroupMapping(admin.Username, g) } return err } mappedAdmins = append(mappedAdmins, admin.Groups[idx].Name) } p.dbHandle.admins[admin.Username] = admin.getACopy() p.dbHandle.adminsUsernames = append(p.dbHandle.adminsUsernames, admin.Username) sort.Strings(p.dbHandle.adminsUsernames) return nil } func (p *MemoryProvider) updateAdmin(admin *Admin) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } err := admin.validate() if err != nil { return err } a, err := p.adminExistsInternal(admin.Username) if err != nil { return err } p.removeAdminFromRole(a.Username, a.Role) if err := p.addAdminToRole(admin.Username, admin.Role); err != nil { // try ro add old role if errRollback := p.addAdminToRole(a.Username, a.Role); errRollback != nil { providerLog(logger.LevelError, "unable to rollback old role %q for admin %q, error: %v", a.Role, a.Username, errRollback) } return err } for idx := range a.Groups { p.removeAdminFromGroupMapping(a.Username, a.Groups[idx].Name) } sort.Slice(admin.Groups, func(i, j int) bool { return admin.Groups[i].Name < admin.Groups[j].Name }) for idx := range admin.Groups { if err = p.addAdminToGroupMapping(admin.Username, admin.Groups[idx].Name); err != nil { // try to add old mapping for _, oldGroup := range a.Groups { if errRollback := p.addAdminToGroupMapping(a.Username, oldGroup.Name); errRollback != nil { providerLog(logger.LevelError, "unable to rollback old group mapping %q for admin %q, error: %v", oldGroup.Name, a.Username, errRollback) } } return err } } admin.ID = a.ID admin.CreatedAt = a.CreatedAt admin.LastLogin = a.LastLogin admin.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.admins[admin.Username] = admin.getACopy() return nil } func (p *MemoryProvider) deleteAdmin(admin Admin) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } a, err := p.adminExistsInternal(admin.Username) if err != nil { return err } p.removeAdminFromRole(a.Username, a.Role) for idx := range a.Groups { p.removeAdminFromGroupMapping(a.Username, a.Groups[idx].Name) } delete(p.dbHandle.admins, admin.Username) // this could be more efficient p.dbHandle.adminsUsernames = make([]string, 0, len(p.dbHandle.admins)) for username := range p.dbHandle.admins { p.dbHandle.adminsUsernames = append(p.dbHandle.adminsUsernames, username) } sort.Strings(p.dbHandle.adminsUsernames) p.deleteAPIKeysWithAdmin(admin.Username) return nil } func (p *MemoryProvider) adminExists(username string) (Admin, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return Admin{}, errMemoryProviderClosed } return p.adminExistsInternal(username) } func (p *MemoryProvider) adminExistsInternal(username string) (Admin, error) { if val, ok := p.dbHandle.admins[username]; ok { return val.getACopy(), nil } return Admin{}, util.NewRecordNotFoundError(fmt.Sprintf("admin %q does not exist", username)) } func (p *MemoryProvider) dumpAdmins() ([]Admin, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() admins := make([]Admin, 0, len(p.dbHandle.admins)) if p.dbHandle.isClosed { return admins, errMemoryProviderClosed } for _, admin := range p.dbHandle.admins { admins = append(admins, admin) } return admins, nil } func (p *MemoryProvider) getAdmins(limit int, offset int, order string) ([]Admin, error) { admins := make([]Admin, 0, limit) p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return admins, errMemoryProviderClosed } if limit <= 0 { return admins, nil } itNum := 0 if order == OrderASC { for _, username := range p.dbHandle.adminsUsernames { itNum++ if itNum <= offset { continue } a := p.dbHandle.admins[username] admin := a.getACopy() admin.HideConfidentialData() admins = append(admins, admin) if len(admins) >= limit { break } } } else { for i := len(p.dbHandle.adminsUsernames) - 1; i >= 0; i-- { itNum++ if itNum <= offset { continue } username := p.dbHandle.adminsUsernames[i] a := p.dbHandle.admins[username] admin := a.getACopy() admin.HideConfidentialData() admins = append(admins, admin) if len(admins) >= limit { break } } } return admins, nil } func (p *MemoryProvider) updateFolderQuota(name string, filesAdd int, sizeAdd int64, reset bool) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } folder, err := p.folderExistsInternal(name) if err != nil { providerLog(logger.LevelError, "unable to update quota for folder %q error: %v", name, err) return err } if reset { folder.UsedQuotaSize = sizeAdd folder.UsedQuotaFiles = filesAdd } else { folder.UsedQuotaSize += sizeAdd folder.UsedQuotaFiles += filesAdd } folder.LastQuotaUpdate = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.vfolders[name] = folder return nil } func (p *MemoryProvider) getGroups(limit, offset int, order string, _ bool) ([]Group, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } if limit <= 0 { return nil, nil } groups := make([]Group, 0, limit) itNum := 0 if order == OrderASC { for _, name := range p.dbHandle.groupnames { itNum++ if itNum <= offset { continue } g := p.dbHandle.groups[name] group := g.getACopy() p.addVirtualFoldersToGroup(&group) group.PrepareForRendering() groups = append(groups, group) if len(groups) >= limit { break } } } else { for i := len(p.dbHandle.groupnames) - 1; i >= 0; i-- { itNum++ if itNum <= offset { continue } name := p.dbHandle.groupnames[i] g := p.dbHandle.groups[name] group := g.getACopy() p.addVirtualFoldersToGroup(&group) group.PrepareForRendering() groups = append(groups, group) if len(groups) >= limit { break } } } return groups, nil } func (p *MemoryProvider) getGroupsWithNames(names []string) ([]Group, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } groups := make([]Group, 0, len(names)) for _, name := range names { if val, ok := p.dbHandle.groups[name]; ok { group := val.getACopy() p.addVirtualFoldersToGroup(&group) groups = append(groups, group) } } return groups, nil } func (p *MemoryProvider) getUsersInGroups(names []string) ([]string, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } var users []string for _, name := range names { if val, ok := p.dbHandle.groups[name]; ok { group := val.getACopy() users = append(users, group.Users...) } } return users, nil } func (p *MemoryProvider) groupExists(name string) (Group, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return Group{}, errMemoryProviderClosed } group, err := p.groupExistsInternal(name) if err != nil { return group, err } p.addVirtualFoldersToGroup(&group) return group, nil } func (p *MemoryProvider) addGroup(group *Group) error { if err := group.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err := p.groupExistsInternal(group.Name) if err == nil { return util.NewI18nError( fmt.Errorf("%w: group %q already exists", ErrDuplicatedKey, group.Name), util.I18nErrorDuplicatedUsername, ) } group.ID = p.getNextGroupID() group.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) group.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) group.Users = nil group.Admins = nil sort.Slice(group.VirtualFolders, func(i, j int) bool { return group.VirtualFolders[i].Name < group.VirtualFolders[j].Name }) var mappedFolders []string for idx := range group.VirtualFolders { if err = p.addGroupToFolderMapping(group.Name, group.VirtualFolders[idx].Name); err != nil { // try to remove folder mapping for _, f := range mappedFolders { p.removeRelationFromFolderMapping(f, "", group.Name) } return err } mappedFolders = append(mappedFolders, group.VirtualFolders[idx].Name) } p.dbHandle.groups[group.Name] = group.getACopy() p.dbHandle.groupnames = append(p.dbHandle.groupnames, group.Name) sort.Strings(p.dbHandle.groupnames) return nil } func (p *MemoryProvider) updateGroup(group *Group) error { if err := group.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } g, err := p.groupExistsInternal(group.Name) if err != nil { return err } for _, oldFolder := range g.VirtualFolders { p.removeRelationFromFolderMapping(oldFolder.Name, "", g.Name) } sort.Slice(group.VirtualFolders, func(i, j int) bool { return group.VirtualFolders[i].Name < group.VirtualFolders[j].Name }) for idx := range group.VirtualFolders { if err = p.addGroupToFolderMapping(group.Name, group.VirtualFolders[idx].Name); err != nil { // try to add old mapping for _, f := range g.VirtualFolders { if errRollback := p.addGroupToFolderMapping(group.Name, f.Name); errRollback != nil { providerLog(logger.LevelError, "unable to rollback old folder mapping %q for group %q, error: %v", f.Name, group.Name, errRollback) } } return err } } group.CreatedAt = g.CreatedAt group.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) group.ID = g.ID group.Users = g.Users group.Admins = g.Admins p.dbHandle.groups[group.Name] = group.getACopy() return nil } func (p *MemoryProvider) deleteGroup(group Group) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } g, err := p.groupExistsInternal(group.Name) if err != nil { return err } if len(g.Users) > 0 { return util.NewValidationError(fmt.Sprintf("the group %q is referenced, it cannot be removed", group.Name)) } for _, oldFolder := range g.VirtualFolders { p.removeRelationFromFolderMapping(oldFolder.Name, "", g.Name) } for _, a := range g.Admins { p.removeGroupFromAdminMapping(g.Name, a) } delete(p.dbHandle.groups, group.Name) // this could be more efficient p.dbHandle.groupnames = make([]string, 0, len(p.dbHandle.groups)) for name := range p.dbHandle.groups { p.dbHandle.groupnames = append(p.dbHandle.groupnames, name) } sort.Strings(p.dbHandle.groupnames) return nil } func (p *MemoryProvider) dumpGroups() ([]Group, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() groups := make([]Group, 0, len(p.dbHandle.groups)) var err error if p.dbHandle.isClosed { return groups, errMemoryProviderClosed } for _, name := range p.dbHandle.groupnames { g := p.dbHandle.groups[name] group := g.getACopy() p.addVirtualFoldersToGroup(&group) groups = append(groups, group) } return groups, err } func (p *MemoryProvider) getUsedFolderQuota(name string) (int, int64, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return 0, 0, errMemoryProviderClosed } folder, err := p.folderExistsInternal(name) if err != nil { providerLog(logger.LevelError, "unable to get quota for folder %q error: %v", name, err) return 0, 0, err } return folder.UsedQuotaFiles, folder.UsedQuotaSize, err } func (p *MemoryProvider) addVirtualFoldersToGroup(group *Group) { if len(group.VirtualFolders) > 0 { var folders []vfs.VirtualFolder for idx := range group.VirtualFolders { folder := &group.VirtualFolders[idx] baseFolder, err := p.folderExistsInternal(folder.Name) if err != nil { continue } folder.BaseVirtualFolder = baseFolder.GetACopy() folders = append(folders, *folder) } group.VirtualFolders = folders } } func (p *MemoryProvider) addActionsToRule(rule *EventRule) { var actions []EventAction for idx := range rule.Actions { action := &rule.Actions[idx] baseAction, err := p.actionExistsInternal(action.Name) if err != nil { continue } baseAction.Options.SetEmptySecretsIfNil() action.BaseEventAction = baseAction actions = append(actions, *action) } rule.Actions = actions } func (p *MemoryProvider) addRuleToActionMapping(ruleName, actionName string) error { a, err := p.actionExistsInternal(actionName) if err != nil { return util.NewGenericError(fmt.Sprintf("action %q does not exist", actionName)) } if !util.Contains(a.Rules, ruleName) { a.Rules = append(a.Rules, ruleName) p.dbHandle.actions[actionName] = a } return nil } func (p *MemoryProvider) removeRuleFromActionMapping(ruleName, actionName string) { a, err := p.actionExistsInternal(actionName) if err != nil { providerLog(logger.LevelWarn, "action %q does not exist, cannot remove from mapping", actionName) return } if util.Contains(a.Rules, ruleName) { var rules []string for _, r := range a.Rules { if r != ruleName { rules = append(rules, r) } } a.Rules = rules p.dbHandle.actions[actionName] = a } } func (p *MemoryProvider) addAdminToGroupMapping(username, groupname string) error { g, err := p.groupExistsInternal(groupname) if err != nil { return err } if !util.Contains(g.Admins, username) { g.Admins = append(g.Admins, username) p.dbHandle.groups[groupname] = g } return nil } func (p *MemoryProvider) removeAdminFromGroupMapping(username, groupname string) { g, err := p.groupExistsInternal(groupname) if err != nil { return } var admins []string for _, a := range g.Admins { if a != username { admins = append(admins, a) } } g.Admins = admins p.dbHandle.groups[groupname] = g } func (p *MemoryProvider) removeGroupFromAdminMapping(groupname, username string) { admin, err := p.adminExistsInternal(username) if err != nil { // the admin does not exist so there is no associated group return } var newGroups []AdminGroupMapping for _, g := range admin.Groups { if g.Name != groupname { newGroups = append(newGroups, g) } } admin.Groups = newGroups p.dbHandle.admins[admin.Username] = admin } func (p *MemoryProvider) addUserToGroupMapping(username, groupname string) error { g, err := p.groupExistsInternal(groupname) if err != nil { return err } if !util.Contains(g.Users, username) { g.Users = append(g.Users, username) p.dbHandle.groups[groupname] = g } return nil } func (p *MemoryProvider) removeUserFromGroupMapping(username, groupname string) { g, err := p.groupExistsInternal(groupname) if err != nil { return } var users []string for _, u := range g.Users { if u != username { users = append(users, u) } } g.Users = users p.dbHandle.groups[groupname] = g } func (p *MemoryProvider) addAdminToRole(username, role string) error { if role == "" { return nil } r, err := p.roleExistsInternal(role) if err != nil { return fmt.Errorf("%w: role %q does not exist", ErrForeignKeyViolated, role) } if !util.Contains(r.Admins, username) { r.Admins = append(r.Admins, username) p.dbHandle.roles[role] = r } return nil } func (p *MemoryProvider) removeAdminFromRole(username, role string) { if role == "" { return } r, err := p.roleExistsInternal(role) if err != nil { providerLog(logger.LevelWarn, "role %q does not exist, cannot remove admin %q", role, username) return } var admins []string for _, a := range r.Admins { if a != username { admins = append(admins, a) } } r.Admins = admins p.dbHandle.roles[role] = r } func (p *MemoryProvider) addUserToRole(username, role string) error { if role == "" { return nil } r, err := p.roleExistsInternal(role) if err != nil { return fmt.Errorf("%w: role %q does not exist", ErrForeignKeyViolated, role) } if !util.Contains(r.Users, username) { r.Users = append(r.Users, username) p.dbHandle.roles[role] = r } return nil } func (p *MemoryProvider) removeUserFromRole(username, role string) { if role == "" { return } r, err := p.roleExistsInternal(role) if err != nil { providerLog(logger.LevelWarn, "role %q does not exist, cannot remove user %q", role, username) return } var users []string for _, u := range r.Users { if u != username { users = append(users, u) } } r.Users = users p.dbHandle.roles[role] = r } func (p *MemoryProvider) addUserToFolderMapping(username, foldername string) error { f, err := p.folderExistsInternal(foldername) if err != nil { return util.NewGenericError(fmt.Sprintf("unable to get folder %q: %v", foldername, err)) } if !util.Contains(f.Users, username) { f.Users = append(f.Users, username) p.dbHandle.vfolders[foldername] = f } return nil } func (p *MemoryProvider) addGroupToFolderMapping(name, foldername string) error { f, err := p.folderExistsInternal(foldername) if err != nil { return util.NewGenericError(fmt.Sprintf("unable to get folder %q: %v", foldername, err)) } if !util.Contains(f.Groups, name) { f.Groups = append(f.Groups, name) p.dbHandle.vfolders[foldername] = f } return nil } func (p *MemoryProvider) addVirtualFoldersToUser(user *User) { if len(user.VirtualFolders) > 0 { var folders []vfs.VirtualFolder for idx := range user.VirtualFolders { folder := &user.VirtualFolders[idx] baseFolder, err := p.folderExistsInternal(folder.Name) if err != nil { continue } folder.BaseVirtualFolder = baseFolder.GetACopy() folders = append(folders, *folder) } user.VirtualFolders = folders } } func (p *MemoryProvider) removeRelationFromFolderMapping(folderName, username, groupname string) { folder, err := p.folderExistsInternal(folderName) if err != nil { return } if username != "" { var usernames []string for _, user := range folder.Users { if user != username { usernames = append(usernames, user) } } folder.Users = usernames } if groupname != "" { var groups []string for _, group := range folder.Groups { if group != groupname { groups = append(groups, group) } } folder.Groups = groups } p.dbHandle.vfolders[folder.Name] = folder } func (p *MemoryProvider) folderExistsInternal(name string) (vfs.BaseVirtualFolder, error) { if val, ok := p.dbHandle.vfolders[name]; ok { return val, nil } return vfs.BaseVirtualFolder{}, util.NewRecordNotFoundError(fmt.Sprintf("folder %q does not exist", name)) } func (p *MemoryProvider) getFolders(limit, offset int, order string, _ bool) ([]vfs.BaseVirtualFolder, error) { folders := make([]vfs.BaseVirtualFolder, 0, limit) var err error p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return folders, errMemoryProviderClosed } if limit <= 0 { return folders, err } itNum := 0 if order == OrderASC { for _, name := range p.dbHandle.vfoldersNames { itNum++ if itNum <= offset { continue } f := p.dbHandle.vfolders[name] folder := f.GetACopy() folder.PrepareForRendering() folders = append(folders, folder) if len(folders) >= limit { break } } } else { for i := len(p.dbHandle.vfoldersNames) - 1; i >= 0; i-- { itNum++ if itNum <= offset { continue } name := p.dbHandle.vfoldersNames[i] f := p.dbHandle.vfolders[name] folder := f.GetACopy() folder.PrepareForRendering() folders = append(folders, folder) if len(folders) >= limit { break } } } return folders, err } func (p *MemoryProvider) getFolderByName(name string) (vfs.BaseVirtualFolder, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return vfs.BaseVirtualFolder{}, errMemoryProviderClosed } folder, err := p.folderExistsInternal(name) if err != nil { return vfs.BaseVirtualFolder{}, err } return folder.GetACopy(), nil } func (p *MemoryProvider) addFolder(folder *vfs.BaseVirtualFolder) error { err := ValidateFolder(folder) if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err = p.folderExistsInternal(folder.Name) if err == nil { return util.NewI18nError( fmt.Errorf("%w: folder %q already exists", ErrDuplicatedKey, folder.Name), util.I18nErrorDuplicatedUsername, ) } folder.ID = p.getNextFolderID() folder.Users = nil folder.Groups = nil p.dbHandle.vfolders[folder.Name] = folder.GetACopy() p.dbHandle.vfoldersNames = append(p.dbHandle.vfoldersNames, folder.Name) sort.Strings(p.dbHandle.vfoldersNames) return nil } func (p *MemoryProvider) updateFolder(folder *vfs.BaseVirtualFolder) error { err := ValidateFolder(folder) if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } f, err := p.folderExistsInternal(folder.Name) if err != nil { return err } folder.ID = f.ID folder.LastQuotaUpdate = f.LastQuotaUpdate folder.UsedQuotaFiles = f.UsedQuotaFiles folder.UsedQuotaSize = f.UsedQuotaSize folder.Users = f.Users folder.Groups = f.Groups p.dbHandle.vfolders[folder.Name] = folder.GetACopy() // now update the related users for _, username := range folder.Users { user, err := p.userExistsInternal(username) if err == nil { var folders []vfs.VirtualFolder for idx := range user.VirtualFolders { userFolder := &user.VirtualFolders[idx] if folder.Name == userFolder.Name { userFolder.BaseVirtualFolder = folder.GetACopy() } folders = append(folders, *userFolder) } user.VirtualFolders = folders p.dbHandle.users[user.Username] = user } } return nil } func (p *MemoryProvider) deleteFolder(f vfs.BaseVirtualFolder) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } folder, err := p.folderExistsInternal(f.Name) if err != nil { return err } for _, username := range folder.Users { user, err := p.userExistsInternal(username) if err == nil { var folders []vfs.VirtualFolder for idx := range user.VirtualFolders { userFolder := &user.VirtualFolders[idx] if folder.Name != userFolder.Name { folders = append(folders, *userFolder) } } user.VirtualFolders = folders p.dbHandle.users[user.Username] = user } } for _, groupname := range folder.Groups { group, err := p.groupExistsInternal(groupname) if err == nil { var folders []vfs.VirtualFolder for idx := range group.VirtualFolders { groupFolder := &group.VirtualFolders[idx] if folder.Name != groupFolder.Name { folders = append(folders, *groupFolder) } } group.VirtualFolders = folders p.dbHandle.groups[group.Name] = group } } delete(p.dbHandle.vfolders, folder.Name) p.dbHandle.vfoldersNames = []string{} for name := range p.dbHandle.vfolders { p.dbHandle.vfoldersNames = append(p.dbHandle.vfoldersNames, name) } sort.Strings(p.dbHandle.vfoldersNames) return nil } func (p *MemoryProvider) apiKeyExistsInternal(keyID string) (APIKey, error) { if val, ok := p.dbHandle.apiKeys[keyID]; ok { return val.getACopy(), nil } return APIKey{}, util.NewRecordNotFoundError(fmt.Sprintf("API key %q does not exist", keyID)) } func (p *MemoryProvider) apiKeyExists(keyID string) (APIKey, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return APIKey{}, errMemoryProviderClosed } return p.apiKeyExistsInternal(keyID) } func (p *MemoryProvider) addAPIKey(apiKey *APIKey) error { err := apiKey.validate() if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err = p.apiKeyExistsInternal(apiKey.KeyID) if err == nil { return fmt.Errorf("API key %q already exists", apiKey.KeyID) } if apiKey.User != "" { if _, err := p.userExistsInternal(apiKey.User); err != nil { return fmt.Errorf("%w: related user %q does not exists", ErrForeignKeyViolated, apiKey.User) } } if apiKey.Admin != "" { if _, err := p.adminExistsInternal(apiKey.Admin); err != nil { return fmt.Errorf("%w: related admin %q does not exists", ErrForeignKeyViolated, apiKey.Admin) } } apiKey.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) apiKey.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) apiKey.LastUseAt = 0 p.dbHandle.apiKeys[apiKey.KeyID] = apiKey.getACopy() p.dbHandle.apiKeysIDs = append(p.dbHandle.apiKeysIDs, apiKey.KeyID) sort.Strings(p.dbHandle.apiKeysIDs) return nil } func (p *MemoryProvider) updateAPIKey(apiKey *APIKey) error { err := apiKey.validate() if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } k, err := p.apiKeyExistsInternal(apiKey.KeyID) if err != nil { return err } if apiKey.User != "" { if _, err := p.userExistsInternal(apiKey.User); err != nil { return fmt.Errorf("%w: related user %q does not exists", ErrForeignKeyViolated, apiKey.User) } } if apiKey.Admin != "" { if _, err := p.adminExistsInternal(apiKey.Admin); err != nil { return fmt.Errorf("%w: related admin %q does not exists", ErrForeignKeyViolated, apiKey.Admin) } } apiKey.ID = k.ID apiKey.KeyID = k.KeyID apiKey.Key = k.Key apiKey.CreatedAt = k.CreatedAt apiKey.LastUseAt = k.LastUseAt apiKey.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.apiKeys[apiKey.KeyID] = apiKey.getACopy() return nil } func (p *MemoryProvider) deleteAPIKey(apiKey APIKey) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err := p.apiKeyExistsInternal(apiKey.KeyID) if err != nil { return err } delete(p.dbHandle.apiKeys, apiKey.KeyID) p.updateAPIKeysOrdering() return nil } func (p *MemoryProvider) getAPIKeys(limit int, offset int, order string) ([]APIKey, error) { apiKeys := make([]APIKey, 0, limit) p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return apiKeys, errMemoryProviderClosed } if limit <= 0 { return apiKeys, nil } itNum := 0 if order == OrderDESC { for i := len(p.dbHandle.apiKeysIDs) - 1; i >= 0; i-- { itNum++ if itNum <= offset { continue } keyID := p.dbHandle.apiKeysIDs[i] k := p.dbHandle.apiKeys[keyID] apiKey := k.getACopy() apiKey.HideConfidentialData() apiKeys = append(apiKeys, apiKey) if len(apiKeys) >= limit { break } } } else { for _, keyID := range p.dbHandle.apiKeysIDs { itNum++ if itNum <= offset { continue } k := p.dbHandle.apiKeys[keyID] apiKey := k.getACopy() apiKey.HideConfidentialData() apiKeys = append(apiKeys, apiKey) if len(apiKeys) >= limit { break } } } return apiKeys, nil } func (p *MemoryProvider) dumpAPIKeys() ([]APIKey, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() apiKeys := make([]APIKey, 0, len(p.dbHandle.apiKeys)) if p.dbHandle.isClosed { return apiKeys, errMemoryProviderClosed } for _, k := range p.dbHandle.apiKeys { apiKeys = append(apiKeys, k) } return apiKeys, nil } func (p *MemoryProvider) deleteAPIKeysWithUser(username string) { found := false for k, v := range p.dbHandle.apiKeys { if v.User == username { delete(p.dbHandle.apiKeys, k) found = true } } if found { p.updateAPIKeysOrdering() } } func (p *MemoryProvider) deleteAPIKeysWithAdmin(username string) { found := false for k, v := range p.dbHandle.apiKeys { if v.Admin == username { delete(p.dbHandle.apiKeys, k) found = true } } if found { p.updateAPIKeysOrdering() } } func (p *MemoryProvider) deleteSharesWithUser(username string) { found := false for k, v := range p.dbHandle.shares { if v.Username == username { delete(p.dbHandle.shares, k) found = true } } if found { p.updateSharesOrdering() } } func (p *MemoryProvider) updateAPIKeysOrdering() { // this could be more efficient p.dbHandle.apiKeysIDs = make([]string, 0, len(p.dbHandle.apiKeys)) for keyID := range p.dbHandle.apiKeys { p.dbHandle.apiKeysIDs = append(p.dbHandle.apiKeysIDs, keyID) } sort.Strings(p.dbHandle.apiKeysIDs) } func (p *MemoryProvider) updateSharesOrdering() { // this could be more efficient p.dbHandle.sharesIDs = make([]string, 0, len(p.dbHandle.shares)) for shareID := range p.dbHandle.shares { p.dbHandle.sharesIDs = append(p.dbHandle.sharesIDs, shareID) } sort.Strings(p.dbHandle.sharesIDs) } func (p *MemoryProvider) shareExistsInternal(shareID, username string) (Share, error) { if val, ok := p.dbHandle.shares[shareID]; ok { if username != "" && val.Username != username { return Share{}, util.NewRecordNotFoundError(fmt.Sprintf("Share %q does not exist", shareID)) } return val.getACopy(), nil } return Share{}, util.NewRecordNotFoundError(fmt.Sprintf("Share %q does not exist", shareID)) } func (p *MemoryProvider) shareExists(shareID, username string) (Share, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return Share{}, errMemoryProviderClosed } return p.shareExistsInternal(shareID, username) } func (p *MemoryProvider) addShare(share *Share) error { err := share.validate() if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err = p.shareExistsInternal(share.ShareID, share.Username) if err == nil { return fmt.Errorf("share %q already exists", share.ShareID) } if _, err := p.userExistsInternal(share.Username); err != nil { return util.NewValidationError(fmt.Sprintf("related user %q does not exists", share.Username)) } if !share.IsRestore { share.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) share.UpdatedAt = share.CreatedAt share.LastUseAt = 0 share.UsedTokens = 0 } if share.CreatedAt == 0 { share.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) } if share.UpdatedAt == 0 { share.UpdatedAt = share.CreatedAt } p.dbHandle.shares[share.ShareID] = share.getACopy() p.dbHandle.sharesIDs = append(p.dbHandle.sharesIDs, share.ShareID) sort.Strings(p.dbHandle.sharesIDs) return nil } func (p *MemoryProvider) updateShare(share *Share) error { err := share.validate() if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } s, err := p.shareExistsInternal(share.ShareID, share.Username) if err != nil { return err } if _, err := p.userExistsInternal(share.Username); err != nil { return util.NewValidationError(fmt.Sprintf("related user %q does not exists", share.Username)) } share.ID = s.ID share.ShareID = s.ShareID if !share.IsRestore { share.UsedTokens = s.UsedTokens share.CreatedAt = s.CreatedAt share.LastUseAt = s.LastUseAt share.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) } if share.CreatedAt == 0 { share.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) } if share.UpdatedAt == 0 { share.UpdatedAt = share.CreatedAt } p.dbHandle.shares[share.ShareID] = share.getACopy() return nil } func (p *MemoryProvider) deleteShare(share Share) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err := p.shareExistsInternal(share.ShareID, share.Username) if err != nil { return err } delete(p.dbHandle.shares, share.ShareID) p.updateSharesOrdering() return nil } func (p *MemoryProvider) getShares(limit int, offset int, order, username string) ([]Share, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return []Share{}, errMemoryProviderClosed } if limit <= 0 { return []Share{}, nil } shares := make([]Share, 0, limit) itNum := 0 if order == OrderDESC { for i := len(p.dbHandle.sharesIDs) - 1; i >= 0; i-- { shareID := p.dbHandle.sharesIDs[i] s := p.dbHandle.shares[shareID] if s.Username != username { continue } itNum++ if itNum <= offset { continue } share := s.getACopy() share.HideConfidentialData() shares = append(shares, share) if len(shares) >= limit { break } } } else { for _, shareID := range p.dbHandle.sharesIDs { s := p.dbHandle.shares[shareID] if s.Username != username { continue } itNum++ if itNum <= offset { continue } share := s.getACopy() share.HideConfidentialData() shares = append(shares, share) if len(shares) >= limit { break } } } return shares, nil } func (p *MemoryProvider) dumpShares() ([]Share, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() shares := make([]Share, 0, len(p.dbHandle.shares)) if p.dbHandle.isClosed { return shares, errMemoryProviderClosed } for _, s := range p.dbHandle.shares { shares = append(shares, s) } return shares, nil } func (p *MemoryProvider) updateShareLastUse(shareID string, numTokens int) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } share, err := p.shareExistsInternal(shareID, "") if err != nil { return err } share.LastUseAt = util.GetTimeAsMsSinceEpoch(time.Now()) share.UsedTokens += numTokens p.dbHandle.shares[share.ShareID] = share return nil } func (p *MemoryProvider) getDefenderHosts(_ int64, _ int) ([]DefenderEntry, error) { return nil, ErrNotImplemented } func (p *MemoryProvider) getDefenderHostByIP(_ string, _ int64) (DefenderEntry, error) { return DefenderEntry{}, ErrNotImplemented } func (p *MemoryProvider) isDefenderHostBanned(_ string) (DefenderEntry, error) { return DefenderEntry{}, ErrNotImplemented } func (p *MemoryProvider) updateDefenderBanTime(_ string, _ int) error { return ErrNotImplemented } func (p *MemoryProvider) deleteDefenderHost(_ string) error { return ErrNotImplemented } func (p *MemoryProvider) addDefenderEvent(_ string, _ int) error { return ErrNotImplemented } func (p *MemoryProvider) setDefenderBanTime(_ string, _ int64) error { return ErrNotImplemented } func (p *MemoryProvider) cleanupDefender(_ int64) error { return ErrNotImplemented } func (p *MemoryProvider) addActiveTransfer(_ ActiveTransfer) error { return ErrNotImplemented } func (p *MemoryProvider) updateActiveTransferSizes(_, _, _ int64, _ string) error { return ErrNotImplemented } func (p *MemoryProvider) removeActiveTransfer(_ int64, _ string) error { return ErrNotImplemented } func (p *MemoryProvider) cleanupActiveTransfers(_ time.Time) error { return ErrNotImplemented } func (p *MemoryProvider) getActiveTransfers(_ time.Time) ([]ActiveTransfer, error) { return nil, ErrNotImplemented } func (p *MemoryProvider) addSharedSession(_ Session) error { return ErrNotImplemented } func (p *MemoryProvider) deleteSharedSession(_ string) error { return ErrNotImplemented } func (p *MemoryProvider) getSharedSession(_ string) (Session, error) { return Session{}, ErrNotImplemented } func (p *MemoryProvider) cleanupSharedSessions(_ SessionType, _ int64) error { return ErrNotImplemented } func (p *MemoryProvider) getEventActions(limit, offset int, order string, _ bool) ([]BaseEventAction, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } if limit <= 0 { return nil, nil } actions := make([]BaseEventAction, 0, limit) itNum := 0 if order == OrderASC { for _, name := range p.dbHandle.actionsNames { itNum++ if itNum <= offset { continue } a := p.dbHandle.actions[name] action := a.getACopy() action.PrepareForRendering() actions = append(actions, action) if len(actions) >= limit { break } } } else { for i := len(p.dbHandle.actionsNames) - 1; i >= 0; i-- { itNum++ if itNum <= offset { continue } name := p.dbHandle.actionsNames[i] a := p.dbHandle.actions[name] action := a.getACopy() action.PrepareForRendering() actions = append(actions, action) if len(actions) >= limit { break } } } return actions, nil } func (p *MemoryProvider) dumpEventActions() ([]BaseEventAction, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } actions := make([]BaseEventAction, 0, len(p.dbHandle.actions)) for _, name := range p.dbHandle.actionsNames { a := p.dbHandle.actions[name] action := a.getACopy() actions = append(actions, action) } return actions, nil } func (p *MemoryProvider) eventActionExists(name string) (BaseEventAction, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return BaseEventAction{}, errMemoryProviderClosed } return p.actionExistsInternal(name) } func (p *MemoryProvider) addEventAction(action *BaseEventAction) error { err := action.validate() if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err = p.actionExistsInternal(action.Name) if err == nil { return util.NewI18nError( fmt.Errorf("%w: event action %q already exists", ErrDuplicatedKey, action.Name), util.I18nErrorDuplicatedName, ) } action.ID = p.getNextActionID() action.Rules = nil p.dbHandle.actions[action.Name] = action.getACopy() p.dbHandle.actionsNames = append(p.dbHandle.actionsNames, action.Name) sort.Strings(p.dbHandle.actionsNames) return nil } func (p *MemoryProvider) updateEventAction(action *BaseEventAction) error { err := action.validate() if err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } oldAction, err := p.actionExistsInternal(action.Name) if err != nil { return fmt.Errorf("event action %s does not exist", action.Name) } action.ID = oldAction.ID action.Name = oldAction.Name action.Rules = nil if len(oldAction.Rules) > 0 { var relatedRules []string for _, ruleName := range oldAction.Rules { rule, err := p.ruleExistsInternal(ruleName) if err == nil { relatedRules = append(relatedRules, ruleName) rule.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.rules[ruleName] = rule setLastRuleUpdate() } } action.Rules = relatedRules } p.dbHandle.actions[action.Name] = action.getACopy() return nil } func (p *MemoryProvider) deleteEventAction(action BaseEventAction) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } oldAction, err := p.actionExistsInternal(action.Name) if err != nil { return fmt.Errorf("event action %s does not exist", action.Name) } if len(oldAction.Rules) > 0 { return util.NewValidationError(fmt.Sprintf("action %s is referenced, it cannot be removed", oldAction.Name)) } delete(p.dbHandle.actions, action.Name) // this could be more efficient p.dbHandle.actionsNames = make([]string, 0, len(p.dbHandle.actions)) for name := range p.dbHandle.actions { p.dbHandle.actionsNames = append(p.dbHandle.actionsNames, name) } sort.Strings(p.dbHandle.actionsNames) return nil } func (p *MemoryProvider) getEventRules(limit, offset int, order string) ([]EventRule, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } if limit <= 0 { return nil, nil } itNum := 0 rules := make([]EventRule, 0, limit) if order == OrderASC { for _, name := range p.dbHandle.rulesNames { itNum++ if itNum <= offset { continue } r := p.dbHandle.rules[name] rule := r.getACopy() p.addActionsToRule(&rule) rule.PrepareForRendering() rules = append(rules, rule) if len(rules) >= limit { break } } } else { for i := len(p.dbHandle.rulesNames) - 1; i >= 0; i-- { itNum++ if itNum <= offset { continue } name := p.dbHandle.rulesNames[i] r := p.dbHandle.rules[name] rule := r.getACopy() p.addActionsToRule(&rule) rule.PrepareForRendering() rules = append(rules, rule) if len(rules) >= limit { break } } } return rules, nil } func (p *MemoryProvider) dumpEventRules() ([]EventRule, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } rules := make([]EventRule, 0, len(p.dbHandle.rules)) for _, name := range p.dbHandle.rulesNames { r := p.dbHandle.rules[name] rule := r.getACopy() p.addActionsToRule(&rule) rules = append(rules, rule) } return rules, nil } func (p *MemoryProvider) getRecentlyUpdatedRules(after int64) ([]EventRule, error) { if getLastRuleUpdate() < after { return nil, nil } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } rules := make([]EventRule, 0, 10) for _, name := range p.dbHandle.rulesNames { r := p.dbHandle.rules[name] if r.UpdatedAt < after { continue } rule := r.getACopy() p.addActionsToRule(&rule) rules = append(rules, rule) } return rules, nil } func (p *MemoryProvider) eventRuleExists(name string) (EventRule, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return EventRule{}, errMemoryProviderClosed } rule, err := p.ruleExistsInternal(name) if err != nil { return rule, err } p.addActionsToRule(&rule) return rule, nil } func (p *MemoryProvider) addEventRule(rule *EventRule) error { if err := rule.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err := p.ruleExistsInternal(rule.Name) if err == nil { return util.NewI18nError( fmt.Errorf("%w: event rule %q already exists", ErrDuplicatedKey, rule.Name), util.I18nErrorDuplicatedName, ) } rule.ID = p.getNextRuleID() rule.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) rule.UpdatedAt = rule.CreatedAt var mappedActions []string for idx := range rule.Actions { if err := p.addRuleToActionMapping(rule.Name, rule.Actions[idx].Name); err != nil { // try to remove action mapping for _, a := range mappedActions { p.removeRuleFromActionMapping(rule.Name, a) } return err } mappedActions = append(mappedActions, rule.Actions[idx].Name) } sort.Slice(rule.Actions, func(i, j int) bool { return rule.Actions[i].Order < rule.Actions[j].Order }) p.dbHandle.rules[rule.Name] = rule.getACopy() p.dbHandle.rulesNames = append(p.dbHandle.rulesNames, rule.Name) sort.Strings(p.dbHandle.rulesNames) setLastRuleUpdate() return nil } func (p *MemoryProvider) updateEventRule(rule *EventRule) error { if err := rule.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } oldRule, err := p.ruleExistsInternal(rule.Name) if err != nil { return err } for idx := range oldRule.Actions { p.removeRuleFromActionMapping(rule.Name, oldRule.Actions[idx].Name) } for idx := range rule.Actions { if err = p.addRuleToActionMapping(rule.Name, rule.Actions[idx].Name); err != nil { // try to add old mapping for _, oldAction := range oldRule.Actions { if errRollback := p.addRuleToActionMapping(oldRule.Name, oldAction.Name); errRollback != nil { providerLog(logger.LevelError, "unable to rollback old action mapping %q for rule %q, error: %v", oldAction.Name, oldRule.Name, errRollback) } } return err } } rule.ID = oldRule.ID rule.CreatedAt = oldRule.CreatedAt rule.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) sort.Slice(rule.Actions, func(i, j int) bool { return rule.Actions[i].Order < rule.Actions[j].Order }) p.dbHandle.rules[rule.Name] = rule.getACopy() setLastRuleUpdate() return nil } func (p *MemoryProvider) deleteEventRule(rule EventRule, _ bool) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } oldRule, err := p.ruleExistsInternal(rule.Name) if err != nil { return err } if len(oldRule.Actions) > 0 { for idx := range oldRule.Actions { p.removeRuleFromActionMapping(rule.Name, oldRule.Actions[idx].Name) } } delete(p.dbHandle.rules, rule.Name) p.dbHandle.rulesNames = make([]string, 0, len(p.dbHandle.rules)) for name := range p.dbHandle.rules { p.dbHandle.rulesNames = append(p.dbHandle.rulesNames, name) } sort.Strings(p.dbHandle.rulesNames) setLastRuleUpdate() return nil } func (*MemoryProvider) getTaskByName(_ string) (Task, error) { return Task{}, ErrNotImplemented } func (*MemoryProvider) addTask(_ string) error { return ErrNotImplemented } func (*MemoryProvider) updateTask(_ string, _ int64) error { return ErrNotImplemented } func (*MemoryProvider) updateTaskTimestamp(_ string) error { return ErrNotImplemented } func (*MemoryProvider) addNode() error { return ErrNotImplemented } func (*MemoryProvider) getNodeByName(_ string) (Node, error) { return Node{}, ErrNotImplemented } func (*MemoryProvider) getNodes() ([]Node, error) { return nil, ErrNotImplemented } func (*MemoryProvider) updateNodeTimestamp() error { return ErrNotImplemented } func (*MemoryProvider) cleanupNodes() error { return ErrNotImplemented } func (p *MemoryProvider) roleExists(name string) (Role, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return Role{}, errMemoryProviderClosed } role, err := p.roleExistsInternal(name) if err != nil { return role, err } return role, nil } func (p *MemoryProvider) addRole(role *Role) error { if err := role.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err := p.roleExistsInternal(role.Name) if err == nil { return util.NewI18nError( fmt.Errorf("%w: role %q already exists", ErrDuplicatedKey, role.Name), util.I18nErrorDuplicatedName, ) } role.ID = p.getNextRoleID() role.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) role.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) role.Users = nil role.Admins = nil p.dbHandle.roles[role.Name] = role.getACopy() p.dbHandle.roleNames = append(p.dbHandle.roleNames, role.Name) sort.Strings(p.dbHandle.roleNames) return nil } func (p *MemoryProvider) updateRole(role *Role) error { if err := role.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } oldRole, err := p.roleExistsInternal(role.Name) if err != nil { return err } role.ID = oldRole.ID role.CreatedAt = oldRole.CreatedAt role.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) role.Users = oldRole.Users role.Admins = oldRole.Admins p.dbHandle.roles[role.Name] = role.getACopy() return nil } func (p *MemoryProvider) deleteRole(role Role) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } oldRole, err := p.roleExistsInternal(role.Name) if err != nil { return err } if len(oldRole.Admins) > 0 { return util.NewValidationError(fmt.Sprintf("the role %q is referenced, it cannot be removed", oldRole.Name)) } for _, username := range oldRole.Users { user, err := p.userExistsInternal(username) if err != nil { continue } if user.Role == role.Name { user.Role = "" p.dbHandle.users[username] = user } else { providerLog(logger.LevelError, "user %q does not have the expected role %q, actual %q", username, role.Name, user.Role) } } delete(p.dbHandle.roles, role.Name) p.dbHandle.roleNames = make([]string, 0, len(p.dbHandle.roles)) for name := range p.dbHandle.roles { p.dbHandle.roleNames = append(p.dbHandle.roleNames, name) } sort.Strings(p.dbHandle.roleNames) return nil } func (p *MemoryProvider) getRoles(limit int, offset int, order string, _ bool) ([]Role, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } if limit <= 0 { return nil, nil } roles := make([]Role, 0, 10) itNum := 0 if order == OrderASC { for _, name := range p.dbHandle.roleNames { itNum++ if itNum <= offset { continue } r := p.dbHandle.roles[name] role := r.getACopy() roles = append(roles, role) if len(roles) >= limit { break } } } else { for i := len(p.dbHandle.roleNames) - 1; i >= 0; i-- { itNum++ if itNum <= offset { continue } name := p.dbHandle.roleNames[i] r := p.dbHandle.roles[name] role := r.getACopy() roles = append(roles, role) if len(roles) >= limit { break } } } return roles, nil } func (p *MemoryProvider) dumpRoles() ([]Role, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } roles := make([]Role, 0, len(p.dbHandle.roles)) for _, name := range p.dbHandle.roleNames { r := p.dbHandle.roles[name] roles = append(roles, r.getACopy()) } return roles, nil } func (p *MemoryProvider) ipListEntryExists(ipOrNet string, listType IPListType) (IPListEntry, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return IPListEntry{}, errMemoryProviderClosed } entry, err := p.ipListEntryExistsInternal(&IPListEntry{IPOrNet: ipOrNet, Type: listType}) if err != nil { return entry, err } entry.PrepareForRendering() return entry, nil } func (p *MemoryProvider) addIPListEntry(entry *IPListEntry) error { if err := entry.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err := p.ipListEntryExistsInternal(entry) if err == nil { return util.NewI18nError( fmt.Errorf("%w: entry %q already exists", ErrDuplicatedKey, entry.IPOrNet), util.I18nErrorDuplicatedIPNet, ) } entry.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) entry.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.ipListEntries[entry.getKey()] = entry.getACopy() p.dbHandle.ipListEntriesKeys = append(p.dbHandle.ipListEntriesKeys, entry.getKey()) sort.Strings(p.dbHandle.ipListEntriesKeys) return nil } func (p *MemoryProvider) updateIPListEntry(entry *IPListEntry) error { if err := entry.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } oldEntry, err := p.ipListEntryExistsInternal(entry) if err != nil { return err } entry.CreatedAt = oldEntry.CreatedAt entry.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.ipListEntries[entry.getKey()] = entry.getACopy() return nil } func (p *MemoryProvider) deleteIPListEntry(entry IPListEntry, _ bool) error { if err := entry.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } _, err := p.ipListEntryExistsInternal(&entry) if err != nil { return err } delete(p.dbHandle.ipListEntries, entry.getKey()) p.dbHandle.ipListEntriesKeys = make([]string, 0, len(p.dbHandle.ipListEntries)) for k := range p.dbHandle.ipListEntries { p.dbHandle.ipListEntriesKeys = append(p.dbHandle.ipListEntriesKeys, k) } sort.Strings(p.dbHandle.ipListEntriesKeys) return nil } func (p *MemoryProvider) getIPListEntries(listType IPListType, filter, from, order string, limit int) ([]IPListEntry, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } entries := make([]IPListEntry, 0, 15) if order == OrderASC { for _, k := range p.dbHandle.ipListEntriesKeys { e := p.dbHandle.ipListEntries[k] if e.Type == listType && e.satisfySearchConstraints(filter, from, order) { entry := e.getACopy() entry.PrepareForRendering() entries = append(entries, entry) if limit > 0 && len(entries) >= limit { break } } } } else { for i := len(p.dbHandle.ipListEntriesKeys) - 1; i >= 0; i-- { e := p.dbHandle.ipListEntries[p.dbHandle.ipListEntriesKeys[i]] if e.Type == listType && e.satisfySearchConstraints(filter, from, order) { entry := e.getACopy() entry.PrepareForRendering() entries = append(entries, entry) if limit > 0 && len(entries) >= limit { break } } } } return entries, nil } func (p *MemoryProvider) getRecentlyUpdatedIPListEntries(_ int64) ([]IPListEntry, error) { return nil, ErrNotImplemented } func (p *MemoryProvider) dumpIPListEntries() ([]IPListEntry, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } if count := len(p.dbHandle.ipListEntriesKeys); count > ipListMemoryLimit { providerLog(logger.LevelInfo, "IP lists excluded from dump, too many entries: %d", count) return nil, nil } entries := make([]IPListEntry, 0, len(p.dbHandle.ipListEntries)) for _, k := range p.dbHandle.ipListEntriesKeys { e := p.dbHandle.ipListEntries[k] entry := e.getACopy() entry.PrepareForRendering() entries = append(entries, entry) } return entries, nil } func (p *MemoryProvider) countIPListEntries(listType IPListType) (int64, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return 0, errMemoryProviderClosed } if listType == 0 { return int64(len(p.dbHandle.ipListEntriesKeys)), nil } var count int64 for _, k := range p.dbHandle.ipListEntriesKeys { e := p.dbHandle.ipListEntries[k] if e.Type == listType { count++ } } return count, nil } func (p *MemoryProvider) getListEntriesForIP(ip string, listType IPListType) ([]IPListEntry, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return nil, errMemoryProviderClosed } entries := make([]IPListEntry, 0, 3) ipAddr, err := netip.ParseAddr(ip) if err != nil { return entries, fmt.Errorf("invalid ip address %s", ip) } var netType int var ipBytes []byte if ipAddr.Is4() || ipAddr.Is4In6() { netType = ipTypeV4 as4 := ipAddr.As4() ipBytes = as4[:] } else { netType = ipTypeV6 as16 := ipAddr.As16() ipBytes = as16[:] } for _, k := range p.dbHandle.ipListEntriesKeys { e := p.dbHandle.ipListEntries[k] if e.Type == listType && e.IPType == netType && bytes.Compare(ipBytes, e.First) >= 0 && bytes.Compare(ipBytes, e.Last) <= 0 { entry := e.getACopy() entry.PrepareForRendering() entries = append(entries, entry) } } return entries, nil } func (p *MemoryProvider) getConfigs() (Configs, error) { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return Configs{}, errMemoryProviderClosed } return p.dbHandle.configs.getACopy(), nil } func (p *MemoryProvider) setConfigs(configs *Configs) error { if err := configs.validate(); err != nil { return err } p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } p.dbHandle.configs = configs.getACopy() return nil } func (p *MemoryProvider) setFirstDownloadTimestamp(username string) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } user, err := p.userExistsInternal(username) if err != nil { return err } if user.FirstDownload > 0 { return util.NewGenericError(fmt.Sprintf("first download already set to %s", util.GetTimeFromMsecSinceEpoch(user.FirstDownload))) } user.FirstDownload = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.users[user.Username] = user return nil } func (p *MemoryProvider) setFirstUploadTimestamp(username string) error { p.dbHandle.Lock() defer p.dbHandle.Unlock() if p.dbHandle.isClosed { return errMemoryProviderClosed } user, err := p.userExistsInternal(username) if err != nil { return err } if user.FirstUpload > 0 { return util.NewGenericError(fmt.Sprintf("first upload already set to %s", util.GetTimeFromMsecSinceEpoch(user.FirstUpload))) } user.FirstUpload = util.GetTimeAsMsSinceEpoch(time.Now()) p.dbHandle.users[user.Username] = user return nil } func (p *MemoryProvider) getNextID() int64 { nextID := int64(1) for _, v := range p.dbHandle.users { if v.ID >= nextID { nextID = v.ID + 1 } } return nextID } func (p *MemoryProvider) getNextFolderID() int64 { nextID := int64(1) for _, v := range p.dbHandle.vfolders { if v.ID >= nextID { nextID = v.ID + 1 } } return nextID } func (p *MemoryProvider) getNextAdminID() int64 { nextID := int64(1) for _, a := range p.dbHandle.admins { if a.ID >= nextID { nextID = a.ID + 1 } } return nextID } func (p *MemoryProvider) getNextGroupID() int64 { nextID := int64(1) for _, g := range p.dbHandle.groups { if g.ID >= nextID { nextID = g.ID + 1 } } return nextID } func (p *MemoryProvider) getNextActionID() int64 { nextID := int64(1) for _, a := range p.dbHandle.actions { if a.ID >= nextID { nextID = a.ID + 1 } } return nextID } func (p *MemoryProvider) getNextRuleID() int64 { nextID := int64(1) for _, r := range p.dbHandle.rules { if r.ID >= nextID { nextID = r.ID + 1 } } return nextID } func (p *MemoryProvider) getNextRoleID() int64 { nextID := int64(1) for _, r := range p.dbHandle.roles { if r.ID >= nextID { nextID = r.ID + 1 } } return nextID } func (p *MemoryProvider) clear() { p.dbHandle.Lock() defer p.dbHandle.Unlock() p.dbHandle.usernames = []string{} p.dbHandle.users = make(map[string]User) p.dbHandle.groupnames = []string{} p.dbHandle.groups = map[string]Group{} p.dbHandle.vfoldersNames = []string{} p.dbHandle.vfolders = make(map[string]vfs.BaseVirtualFolder) p.dbHandle.admins = make(map[string]Admin) p.dbHandle.adminsUsernames = []string{} p.dbHandle.apiKeys = make(map[string]APIKey) p.dbHandle.apiKeysIDs = []string{} p.dbHandle.shares = make(map[string]Share) p.dbHandle.sharesIDs = []string{} p.dbHandle.actions = map[string]BaseEventAction{} p.dbHandle.actionsNames = []string{} p.dbHandle.rules = map[string]EventRule{} p.dbHandle.rulesNames = []string{} p.dbHandle.roles = map[string]Role{} p.dbHandle.roleNames = []string{} p.dbHandle.ipListEntries = map[string]IPListEntry{} p.dbHandle.ipListEntriesKeys = []string{} p.dbHandle.configs = Configs{} } func (p *MemoryProvider) reloadConfig() error { if p.dbHandle.configFile == "" { providerLog(logger.LevelDebug, "no dump configuration file defined") return nil } providerLog(logger.LevelDebug, "loading dump from file: %q", p.dbHandle.configFile) fi, err := os.Stat(p.dbHandle.configFile) if err != nil { providerLog(logger.LevelError, "error loading dump: %v", err) return err } if fi.Size() == 0 { err = errors.New("dump configuration file is invalid, its size must be > 0") providerLog(logger.LevelError, "error loading dump: %v", err) return err } if fi.Size() > 20971520 { err = errors.New("dump configuration file is invalid, its size must be <= 20971520 bytes") providerLog(logger.LevelError, "error loading dump: %v", err) return err } content, err := os.ReadFile(p.dbHandle.configFile) if err != nil { providerLog(logger.LevelError, "error loading dump: %v", err) return err } dump, err := ParseDumpData(content) if err != nil { providerLog(logger.LevelError, "error loading dump: %v", err) return err } return p.restoreDump(&dump) } func (p *MemoryProvider) restoreDump(dump *BackupData) error { p.clear() if err := p.restoreConfigs(dump); err != nil { return err } if err := p.restoreIPListEntries(dump); err != nil { return err } if err := p.restoreRoles(dump); err != nil { return err } if err := p.restoreFolders(dump); err != nil { return err } if err := p.restoreGroups(dump); err != nil { return err } if err := p.restoreUsers(dump); err != nil { return err } if err := p.restoreAdmins(dump); err != nil { return err } if err := p.restoreAPIKeys(dump); err != nil { return err } if err := p.restoreShares(dump); err != nil { return err } if err := p.restoreEventActions(dump); err != nil { return err } if err := p.restoreEventRules(dump); err != nil { return err } providerLog(logger.LevelDebug, "config loaded from file: %q", p.dbHandle.configFile) return nil } func (p *MemoryProvider) restoreEventActions(dump *BackupData) error { for idx := range dump.EventActions { action := dump.EventActions[idx] a, err := p.eventActionExists(action.Name) if err == nil { action.ID = a.ID err = UpdateEventAction(&action, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating event action %q: %v", action.Name, err) return err } } else { err = AddEventAction(&action, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding event action %q: %v", action.Name, err) return err } } } return nil } func (p *MemoryProvider) restoreEventRules(dump *BackupData) error { for idx := range dump.EventRules { rule := dump.EventRules[idx] r, err := p.eventRuleExists(rule.Name) if dump.Version < 15 { rule.Status = 1 } if err == nil { rule.ID = r.ID err = UpdateEventRule(&rule, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating event rule %q: %v", rule.Name, err) return err } } else { err = AddEventRule(&rule, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding event rule %q: %v", rule.Name, err) return err } } } return nil } func (p *MemoryProvider) restoreShares(dump *BackupData) error { for idx := range dump.Shares { share := dump.Shares[idx] s, err := p.shareExists(share.ShareID, "") share.IsRestore = true if err == nil { share.ID = s.ID err = UpdateShare(&share, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating share %q: %v", share.ShareID, err) return err } } else { err = AddShare(&share, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding share %q: %v", share.ShareID, err) return err } } } return nil } func (p *MemoryProvider) restoreAPIKeys(dump *BackupData) error { for idx := range dump.APIKeys { apiKey := dump.APIKeys[idx] if apiKey.Key == "" { return fmt.Errorf("cannot restore an empty API key: %+v", apiKey) } k, err := p.apiKeyExists(apiKey.KeyID) if err == nil { apiKey.ID = k.ID err = UpdateAPIKey(&apiKey, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating API key %q: %v", apiKey.KeyID, err) return err } } else { err = AddAPIKey(&apiKey, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding API key %q: %v", apiKey.KeyID, err) return err } } } return nil } func (p *MemoryProvider) restoreAdmins(dump *BackupData) error { for idx := range dump.Admins { admin := dump.Admins[idx] admin.Username = config.convertName(admin.Username) a, err := p.adminExists(admin.Username) if err == nil { admin.ID = a.ID err = UpdateAdmin(&admin, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating admin %q: %v", admin.Username, err) return err } } else { err = AddAdmin(&admin, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding admin %q: %v", admin.Username, err) return err } } } return nil } func (p *MemoryProvider) restoreConfigs(dump *BackupData) error { if dump.Configs != nil && dump.Configs.UpdatedAt > 0 { return UpdateConfigs(dump.Configs, ActionExecutorSystem, "", "") } return nil } func (p *MemoryProvider) restoreIPListEntries(dump *BackupData) error { for idx := range dump.IPLists { entry := dump.IPLists[idx] _, err := p.ipListEntryExists(entry.IPOrNet, entry.Type) if err == nil { err = UpdateIPListEntry(&entry, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating IP list entry %q: %v", entry.getName(), err) return err } } else { err = AddIPListEntry(&entry, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding IP list entry %q: %v", entry.getName(), err) return err } } } return nil } func (p *MemoryProvider) restoreRoles(dump *BackupData) error { for idx := range dump.Roles { role := dump.Roles[idx] role.Name = config.convertName(role.Name) r, err := p.roleExists(role.Name) if err == nil { role.ID = r.ID err = UpdateRole(&role, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating role %q: %v", role.Name, err) return err } } else { role.Admins = nil role.Users = nil err = AddRole(&role, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding role %q: %v", role.Name, err) return err } } } return nil } func (p *MemoryProvider) restoreGroups(dump *BackupData) error { for idx := range dump.Groups { group := dump.Groups[idx] group.Name = config.convertName(group.Name) g, err := p.groupExists(group.Name) if err == nil { group.ID = g.ID err = UpdateGroup(&group, g.Users, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating group %q: %v", group.Name, err) return err } } else { group.Users = nil err = AddGroup(&group, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding group %q: %v", group.Name, err) return err } } } return nil } func (p *MemoryProvider) restoreFolders(dump *BackupData) error { for idx := range dump.Folders { folder := dump.Folders[idx] folder.Name = config.convertName(folder.Name) f, err := p.getFolderByName(folder.Name) if err == nil { folder.ID = f.ID err = UpdateFolder(&folder, f.Users, f.Groups, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating folder %q: %v", folder.Name, err) return err } } else { folder.Users = nil err = AddFolder(&folder, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding folder %q: %v", folder.Name, err) return err } } } return nil } func (p *MemoryProvider) restoreUsers(dump *BackupData) error { for idx := range dump.Users { user := dump.Users[idx] user.Username = config.convertName(user.Username) u, err := p.userExists(user.Username, "") if err == nil { user.ID = u.ID err = UpdateUser(&user, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error updating user %q: %v", user.Username, err) return err } } else { err = AddUser(&user, ActionExecutorSystem, "", "") if err != nil { providerLog(logger.LevelError, "error adding user %q: %v", user.Username, err) return err } } } return nil } // initializeDatabase does nothing, no initilization is needed for memory provider func (p *MemoryProvider) initializeDatabase() error { return ErrNoInitRequired } func (p *MemoryProvider) migrateDatabase() error { return ErrNoInitRequired } func (p *MemoryProvider) revertDatabase(_ int) error { return errors.New("memory provider does not store data, revert not possible") } func (p *MemoryProvider) resetDatabase() error { return errors.New("memory provider does not store data, reset not possible") }