Skip to content

Commit

Permalink
feat: refactor orgName to org relationship
Browse files Browse the repository at this point in the history
  • Loading branch information
@chrisdlangton
chrisdlangton committed Sep 29, 2024
1 parent 1e06ac8 commit 4129985
Show file tree
Hide file tree
Showing 19 changed files with 286 additions and 84 deletions.
30 changes: 29 additions & 1 deletion functions/github/[installation_id]/install/[code].js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,15 +76,43 @@ export async function onRequestGet(context) {
} else {
let firstName = ''
let lastName = ''
let orgId = crypto.randomUUID()
if (!!content?.name) {
const words = content.name.split(' ')
firstName = words.shift() || ''
lastName = words.join(' ') || ''
}
if (content?.company) {
const originalOrg = await prisma.orgs.findFirst({
where: {
name: content.company
}
})
if (originalOrg?.uuid) {
orgId = originalOrg.uuid
} else {
const orgInfo = await prisma.orgs.create({
data: {
uuid: orgId,
name: content.company,
}
})
console.log(`/github/install register orgId=${orgId}`, orgInfo)
}
} else {
const orgInfo = await prisma.orgs.create({
data: {
uuid: orgId,
name: memberEmail.toLowerCase(),
}
})
console.log(`/github/install register orgId=${orgId}`, orgInfo)
}

response.member = {
email: memberEmail.toLowerCase(),
avatarUrl: content?.avatar_url || '',
orgName: content?.company || '',
orgId,
passwordHash: await pbkdf2(oauthData.access_token),
firstName,
lastName
Expand Down
5 changes: 3 additions & 2 deletions functions/github/pat.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { GitHub, Server } from "@/utils";
import { GitHub, Server, ensureStrReqBody } from "@/utils";
import { PrismaD1 } from '@prisma/adapter-d1';
import { PrismaClient } from '@prisma/client';

Expand All @@ -23,7 +23,8 @@ export async function onRequestPost(context) {
if (!verificationResult.isValid) {
return Response.json({ ok: false, result: verificationResult.message })
}
const body = await request.json()
const bodyStr = await ensureStrReqBody(request)
const body = JSON.parse(bodyStr)
if (!body.token.startsWith('github_pat_')) {
return Response.json({ error: { message: `Invalid PAT provided, expected "github_pat_" prefix.` } })
}
Expand Down
8 changes: 4 additions & 4 deletions functions/github/repos/[org]/[repo]/sarif.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,9 +59,9 @@ export async function onRequestGet(context) {
}
for (const data of content) {
const objectPrefix = `github/${app.installationId}/repos/${repoName}/code-scanning/`
const reportInfo = await env.r2icache.put(`${objectPrefix}${data.report.id}.json`, JSON.stringify(data.report), putOptions)
const reportInfo = await env.r2artefact.put(`${objectPrefix}${data.report.id}.json`, JSON.stringify(data.report), putOptions)
console.log(`${repoName}/code-scanning/${data.report.id}.json`, reportInfo)
const sarifInfo = await env.r2icache.put(`${objectPrefix}${data.report.id}_${data.report.sarif_id}.json`, JSON.stringify(data.sarif), putOptions)
const sarifInfo = await env.r2artefact.put(`${objectPrefix}${data.report.id}_${data.report.sarif_id}.json`, JSON.stringify(data.sarif), putOptions)
console.log(`${repoName}/code-scanning/${data.report.id}_${data.report.sarif_id}.json`, sarifInfo)
files.push(await process(prisma, verificationResult.session, data, repoName))
}
Expand All @@ -82,9 +82,9 @@ export async function onRequestGet(context) {
}
for (const data of content) {
const objectPrefix = `github/pat_${memberKey.id}/repos/${repoName}/code-scanning/`
const reportInfo = await env.r2icache.put(`${objectPrefix}${data.report.id}.json`, JSON.stringify(data.report), putOptions)
const reportInfo = await env.r2artefact.put(`${objectPrefix}${data.report.id}.json`, JSON.stringify(data.report), putOptions)
console.log(`${repoName}/code-scanning/${data.report.id}.json`, reportInfo)
const sarifInfo = await env.r2icache.put(`${objectPrefix}${data.report.id}_${data.report.sarif_id}.json`, JSON.stringify(data.sarif), putOptions)
const sarifInfo = await env.r2artefact.put(`${objectPrefix}${data.report.id}_${data.report.sarif_id}.json`, JSON.stringify(data.sarif), putOptions)
console.log(`${repoName}/code-scanning/${data.report.id}_${data.report.sarif_id}.json`, sarifInfo)
files.push(await process(prisma, verificationResult.session, data, repoName))
}
Expand Down
4 changes: 2 additions & 2 deletions functions/github/repos/[org]/[repo]/spdx.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ export async function onRequestGet(context) {
const { spdxId, spdxStr, findingIds } = await process(prisma, verificationResult.session, repoName, content)
findings = [...findings, ...findingIds]
const objectPrefix = `github/${app.installationId}/repos/${repoName}/sbom/`
console.log(`${repoName}/sbom/${spdxId}.json`, await env.r2icache.put(`${objectPrefix}${spdxId}.json`, spdxStr, putOptions))
console.log(`${repoName}/sbom/${spdxId}.json`, await env.r2artefact.put(`${objectPrefix}${spdxId}.json`, spdxStr, putOptions))
files.push(content)
}
const memberKeys = await prisma.member_keys.findMany({
Expand All @@ -94,7 +94,7 @@ export async function onRequestGet(context) {
const { spdxId, spdxStr, findingIds } = await process(prisma, verificationResult.session, repoName, content)
findings = [...findings, ...findingIds]
const objectPrefix = `github/pat_${memberKey.id}/repos/${repoName}/sbom/`
console.log(`${repoName}/sbom/${spdxId}.json`, await env.r2icache.put(`${objectPrefix}${spdxId}.json`, spdxStr, putOptions))
console.log(`${repoName}/sbom/${spdxId}.json`, await env.r2artefact.put(`${objectPrefix}${spdxId}.json`, spdxStr, putOptions))
files.push({ spdx: content, errors })
}

Expand Down
30 changes: 29 additions & 1 deletion functions/login/github/[code].js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,15 +76,43 @@ export async function onRequestGet(context) {
} else {
let firstName = ''
let lastName = ''
let orgId = crypto.randomUUID()
if (!!content?.name) {
const words = content.name.split(' ')
firstName = words.shift() || ''
lastName = words.join(' ') || ''
}
if (content?.company) {
const originalOrg = await prisma.orgs.findFirst({
where: {
name: content.company
}
})
if (originalOrg?.uuid) {
orgId = originalOrg.uuid
} else {
const orgInfo = await prisma.orgs.create({
data: {
uuid: orgId,
name: content.company,
}
})
console.log(`/github/install register orgId=${orgId}`, orgInfo)
}
} else {
const orgInfo = await prisma.orgs.create({
data: {
uuid: orgId,
name: memberEmail.toLowerCase(),
}
})
console.log(`/github/install register orgId=${orgId}`, orgInfo)
}

response.member = {
email: memberEmail.toLowerCase(),
avatarUrl: content?.avatar_url || '',
orgName: content?.company || '',
orgId,
passwordHash: await pbkdf2(oauthData.access_token),
firstName,
lastName
Expand Down
67 changes: 48 additions & 19 deletions functions/me.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { AuthResult, Server } from "@/utils";
import { AuthResult, Server, ensureStrReqBody } from "@/utils";
import { PrismaD1 } from '@prisma/adapter-d1';
import { PrismaClient } from '@prisma/client';

Expand Down Expand Up @@ -28,6 +28,16 @@ export async function onRequestGet(context) {
where: {
email: verificationResult.session.memberEmail,
},
omit: {
orgId: true
},
include: {
org: {
omit: {
members: true
}
}
},
})
delete member.passwordHash
return Response.json({ ok: true, member })
Expand Down Expand Up @@ -58,54 +68,73 @@ export async function onRequestPost(context) {
if (!verificationResult.isValid) {
return Response.json({ ok: false, result: verificationResult.message })
}
const original = await prisma.members.findFirst({
const originalMember = await prisma.members.findFirst({
where: {
email: verificationResult.session.memberEmail,
},
})
const member = {}
const data = await request.json()
if (data?.email && original.email !== data.email) {
const body = await ensureStrReqBody(request)
const data = JSON.parse(body)
if (data?.email && originalMember.email !== data.email) {
member.email = data.email.toLowerCase()
}
if (data?.passwordHash && original.passwordHash !== data.passwordHash) {
if (data?.passwordHash && originalMember.passwordHash !== data.passwordHash) {
member.passwordHash = data.passwordHash
}
if (data?.firstName && original.firstName !== data.firstName) {
if (data?.firstName && originalMember.firstName !== data.firstName) {
member.firstName = data.firstName
}
if (data?.lastName && original.lastName !== data.lastName) {
if (data?.lastName && originalMember.lastName !== data.lastName) {
member.lastName = data.lastName
}
if (data?.avatarUrl && original.avatarUrl !== data.avatarUrl) {
if (data?.avatarUrl && originalMember.avatarUrl !== data.avatarUrl) {
member.avatarUrl = data.avatarUrl
}
if (data?.orgName && original.orgName !== data.orgName) {
member.orgName = data.orgName
}
if (typeof data?.alertNews !== 'undefined' && original.alertNews !== data.alertNews) {
if (typeof data?.alertNews !== 'undefined' && originalMember.alertNews !== data.alertNews) {
member.alertNews = parseInt(data.alertNews, 10)
}
if (typeof data?.alertOverdue !== 'undefined' && original.alertOverdue !== data.alertOverdue) {
if (typeof data?.alertOverdue !== 'undefined' && originalMember.alertOverdue !== data.alertOverdue) {
member.alertOverdue = parseInt(data.alertOverdue, 10)
}
if (typeof data?.alertFindings !== 'undefined' && original.alertFindings !== data.alertFindings) {
if (typeof data?.alertFindings !== 'undefined' && originalMember.alertFindings !== data.alertFindings) {
member.alertFindings = parseInt(data.alertFindings, 10)
}
if (typeof data?.alertType !== 'undefined' && original.alertType !== data.alertType) {
if (typeof data?.alertType !== 'undefined' && originalMember.alertType !== data.alertType) {
member.alertType = parseInt(data.alertType, 10)
}
let updatedOrg = false
const originalOrg = await prisma.orgs.findFirst({
where: {
uuid: originalMember.orgId,
},
})
if (data?.orgName && originalOrg.name !== data.orgName) {
//TODO: temp until organisations feature is finished
const orgInfo = await prisma.orgs.update({
where: {
uuid: originalMember.orgId,
},
data: {
name: data.orgName
}
})
updatedOrg = true
console.log(`/me update org ${originalMember.orgId} ${data.orgName}`, orgInfo)
}

if (Object.keys(member).length > 0) {
await prisma.members.update({
const memberInfo = await prisma.members.update({
where: {
email: verificationResult.session.memberEmail.toLowerCase(),
uuid: originalMember.uuid,
},
data: member
})
console.log(`/me update member ${verificationResult.session.memberEmail}`, memberInfo)

return Response.json({ ok: true })
return Response.json({ ok: true, result: 'Updated' })
}
return Response.json({ ok: false, result: 'No Change' })
return Response.json({ ok: updatedOrg, result: updatedOrg ? 'Updated organisation' : 'No Change' })
} catch (err) {
console.error(err)

Expand Down
45 changes: 36 additions & 9 deletions functions/register/[org]/[email]/[hash].js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,18 +24,45 @@ export async function onRequestGet(context) {
params?.email &&
params?.hash
) {
console.log('org', params.org)

const info = await prisma.members.create({
data: {
orgName: params.org,
email: params.email.toLowerCase(),
passwordHash: await pbkdf2(params.hash)
let orgId = crypto.randomUUID()
if (params?.org) {
const originalOrg = await prisma.orgs.findFirst({
where: {
name: params.org
}
})
if (originalOrg?.uuid) {
orgId = originalOrg.uuid
} else {
const orgInfo = await prisma.orgs.create({
data: {
uuid: orgId,
name: params.org,
}
})
console.log(`/register orgId=${orgId}`, orgInfo)
}
} else {
const orgInfo = await prisma.orgs.create({
data: {
uuid: orgId,
name: params.email.toLowerCase(),
}
})
console.log(`/register orgId=${orgId}`, orgInfo)
}
const member = {
uuid: crypto.randomUUID(),
email: params.email.toLowerCase(),
orgId,
passwordHash: await pbkdf2(params.hash)
}
const info = await prisma.members.create({
data: member
})
console.log(`/register email=${params.email}`, info)
console.log(`/register email=${member.email}`, info)

return Response.json(info)
return Response.json({ ok: true, member })
}

return Response.json({ error: { message: 'missing properties /register/[org]/[email]/[sha1]' } })
Expand Down
4 changes: 2 additions & 2 deletions functions/sarif/upload.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { Server, UUID, hex, isSARIF, ensureStrReqBody } from "@/utils";
import { Server, hex, isSARIF, ensureStrReqBody } from "@/utils";
import { PrismaD1 } from '@prisma/adapter-d1';
import { PrismaClient } from '@prisma/client';

Expand Down Expand Up @@ -32,7 +32,7 @@ export async function onRequestPost(context) {
if (!isSARIF(sarif)) {
return Response.json({ ok: false, error: { message: 'SARIF is missing necessary fields.' } })
}
const sarifId = UUID()
const sarifId = crypto.randomUUID()
const createdAt = (new Date()).getTime()
for (const run of sarif.runs) {
const reportId = await hex(run.tool.driver.name + run.tool.driver.semanticVersion + JSON.stringify(run.results))
Expand Down
5 changes: 3 additions & 2 deletions functions/vulncheck/integrate.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { AuthResult, Server } from "@/utils";
import { AuthResult, Server, ensureStrReqBody } from "@/utils";
import { PrismaD1 } from '@prisma/adapter-d1';
import { PrismaClient } from '@prisma/client';

Expand All @@ -24,7 +24,8 @@ export async function onRequestPost(context) {
if (!verificationResult.isValid) {
return Response.json({ ok: false, result: verificationResult.message })
}
const data = await request.json()
const bodyStr = await ensureStrReqBody(request)
const data = JSON.parse(bodyStr)
if (!data.apiKey.startsWith('vulncheck_')) {
return Response.json({ error: { message: `Invalid API Key provided, expected "vulncheck_" prefix.` } })
}
Expand Down
Loading

0 comments on commit 4129985

Please sign in to comment.