refactor: remove empty services (#116)

* remove empty services

* remove old factory

* remove old static files

* cleanup more duplicate service code

* file/folder reorg

backend/internal/core/services/all.go

@@ -0,0 +1,24 @@
+package services
+
+import "github.com/hay-kot/homebox/backend/internal/data/repo"
+
+type AllServices struct {
+	User  *UserService
+	Group *GroupService
+	Items *ItemService
+}
+
+func New(repos *repo.AllRepos) *AllServices {
+	if repos == nil {
+		panic("repos cannot be nil")
+	}
+
+	return &AllServices{
+		User:  &UserService{repos},
+		Group: &GroupService{repos},
+		Items: &ItemService{
+			repo: repos,
+			at:   attachmentTokens{},
+		},
+	}
+}

backend/internal/core/services/contexts.go

@@ -0,0 +1,66 @@
+package services
+
+import (
+	"context"
+
+	"github.com/google/uuid"
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+)
+
+type contextKeys struct {
+	name string
+}
+
+var (
+	ContextUser      = &contextKeys{name: "User"}
+	ContextUserToken = &contextKeys{name: "UserToken"}
+)
+
+type Context struct {
+	context.Context
+
+	// UID is a unique identifier for the acting user.
+	UID uuid.UUID
+
+	// GID is a unique identifier for the acting users group.
+	GID uuid.UUID
+
+	// User is the acting user.
+	User *repo.UserOut
+}
+
+// NewContext is a helper function that returns the service context from the context.
+// This extracts the users from the context and embeds it into the ServiceContext struct
+func NewContext(ctx context.Context) Context {
+	user := UseUserCtx(ctx)
+	return Context{
+		Context: ctx,
+		UID:     user.ID,
+		GID:     user.GroupID,
+		User:    user,
+	}
+}
+
+// SetUserCtx is a helper function that sets the ContextUser and ContextUserToken
+// values within the context of a web request (or any context).
+func SetUserCtx(ctx context.Context, user *repo.UserOut, token string) context.Context {
+	ctx = context.WithValue(ctx, ContextUser, user)
+	ctx = context.WithValue(ctx, ContextUserToken, token)
+	return ctx
+}
+
+// UseUserCtx is a helper function that returns the user from the context.
+func UseUserCtx(ctx context.Context) *repo.UserOut {
+	if val := ctx.Value(ContextUser); val != nil {
+		return val.(*repo.UserOut)
+	}
+	return nil
+}
+
+// UseTokenCtx is a helper function that returns the user token from the context.
+func UseTokenCtx(ctx context.Context) string {
+	if val := ctx.Value(ContextUserToken); val != nil {
+		return val.(string)
+	}
+	return ""
+}

backend/internal/core/services/contexts_test.go

@@ -0,0 +1,39 @@
+package services
+
+import (
+	"context"
+	"testing"
+
+	"github.com/google/uuid"
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_SetAuthContext(t *testing.T) {
+	user := &repo.UserOut{
+		ID: uuid.New(),
+	}
+
+	token := uuid.New().String()
+
+	ctx := SetUserCtx(context.Background(), user, token)
+
+	ctxUser := UseUserCtx(ctx)
+
+	assert.NotNil(t, ctxUser)
+	assert.Equal(t, user.ID, ctxUser.ID)
+
+	ctxUserToken := UseTokenCtx(ctx)
+	assert.NotEmpty(t, ctxUserToken)
+}
+
+func Test_SetAuthContext_Nulls(t *testing.T) {
+	ctx := SetUserCtx(context.Background(), nil, "")
+
+	ctxUser := UseUserCtx(ctx)
+
+	assert.Nil(t, ctxUser)
+
+	ctxUserToken := UseTokenCtx(ctx)
+	assert.Empty(t, ctxUserToken)
+}

backend/internal/core/services/main_test.go

@@ -0,0 +1,77 @@
+package services
+
+import (
+	"context"
+	"log"
+	"math/rand"
+	"os"
+	"testing"
+	"time"
+
+	"github.com/hay-kot/homebox/backend/internal/data/ent"
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+	"github.com/hay-kot/homebox/backend/pkgs/faker"
+	_ "github.com/mattn/go-sqlite3"
+)
+
+var (
+	fk = faker.NewFaker()
+
+	tCtx    = Context{}
+	tClient *ent.Client
+	tRepos  *repo.AllRepos
+	tUser   repo.UserOut
+	tGroup  repo.Group
+	tSvc    *AllServices
+)
+
+func bootstrap() {
+	var (
+		err error
+		ctx = context.Background()
+	)
+
+	tGroup, err = tRepos.Groups.GroupCreate(ctx, "test-group")
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	tUser, err = tRepos.Users.Create(ctx, repo.UserCreate{
+		Name:        fk.Str(10),
+		Email:       fk.Email(),
+		Password:    fk.Str(10),
+		IsSuperuser: fk.Bool(),
+		GroupID:     tGroup.ID,
+	})
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+
+func TestMain(m *testing.M) {
+	rand.Seed(int64(time.Now().Unix()))
+
+	client, err := ent.Open("sqlite3", "file:ent?mode=memory&cache=shared&_fk=1")
+	if err != nil {
+		log.Fatalf("failed opening connection to sqlite: %v", err)
+	}
+
+	err = client.Schema.Create(context.Background())
+	if err != nil {
+		log.Fatalf("failed creating schema resources: %v", err)
+	}
+
+	tClient = client
+	tRepos = repo.New(tClient, os.TempDir()+"/homebox")
+	tSvc = New(tRepos)
+	defer client.Close()
+
+	bootstrap()
+	tCtx = Context{
+		Context: context.Background(),
+		GID:     tGroup.ID,
+		UID:     tUser.ID,
+	}
+
+	os.Exit(m.Run())
+}

backend/internal/core/services/service_group.go

@@ -0,0 +1,40 @@
+package services
+
+import (
+	"errors"
+	"time"
+
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+	"github.com/hay-kot/homebox/backend/pkgs/hasher"
+)
+
+type GroupService struct {
+	repos *repo.AllRepos
+}
+
+func (svc *GroupService) UpdateGroup(ctx Context, data repo.GroupUpdate) (repo.Group, error) {
+	if data.Name == "" {
+		data.Name = ctx.User.GroupName
+	}
+
+	if data.Currency == "" {
+		return repo.Group{}, errors.New("currency cannot be empty")
+	}
+
+	return svc.repos.Groups.GroupUpdate(ctx.Context, ctx.GID, data)
+}
+
+func (svc *GroupService) NewInvitation(ctx Context, uses int, expiresAt time.Time) (string, error) {
+	token := hasher.GenerateToken()
+
+	_, err := svc.repos.Groups.InvitationCreate(ctx, ctx.GID, repo.GroupInvitationCreate{
+		Token:     token.Hash,
+		Uses:      uses,
+		ExpiresAt: expiresAt,
+	})
+	if err != nil {
+		return "", err
+	}
+
+	return token.Raw, nil
+}

backend/internal/core/services/service_items.go

@@ -0,0 +1,196 @@
+package services
+
+import (
+	"context"
+	"errors"
+
+	"github.com/google/uuid"
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+	"github.com/rs/zerolog/log"
+)
+
+var (
+	ErrNotFound     = errors.New("not found")
+	ErrFileNotFound = errors.New("file not found")
+)
+
+type ItemService struct {
+	repo *repo.AllRepos
+
+	filepath string
+	// at is a map of tokens to attachment IDs. This is used to store the attachment ID
+	// for issued URLs
+	at attachmentTokens
+}
+
+func (svc *ItemService) CsvImport(ctx context.Context, gid uuid.UUID, data [][]string) (int, error) {
+	loaded := []csvRow{}
+
+	// Skip first row
+	for _, row := range data[1:] {
+		// Skip empty rows
+		if len(row) == 0 {
+			continue
+		}
+
+		if len(row) != NumOfCols {
+			return 0, ErrInvalidCsv
+		}
+
+		r := newCsvRow(row)
+		loaded = append(loaded, r)
+	}
+
+	// validate rows
+	var errMap = map[int][]error{}
+	var hasErr bool
+	for i, r := range loaded {
+
+		errs := r.validate()
+
+		if len(errs) > 0 {
+			hasErr = true
+			lineNum := i + 2
+
+			errMap[lineNum] = errs
+		}
+	}
+
+	if hasErr {
+		for lineNum, errs := range errMap {
+			for _, err := range errs {
+				log.Error().Err(err).Int("line", lineNum).Msg("csv import error")
+			}
+		}
+	}
+
+	// Bootstrap the locations and labels so we can reuse the created IDs for the items
+	locations := map[string]uuid.UUID{}
+	existingLocation, err := svc.repo.Locations.GetAll(ctx, gid)
+	if err != nil {
+		return 0, err
+	}
+	for _, loc := range existingLocation {
+		locations[loc.Name] = loc.ID
+	}
+
+	labels := map[string]uuid.UUID{}
+	existingLabels, err := svc.repo.Labels.GetAll(ctx, gid)
+	if err != nil {
+		return 0, err
+	}
+	for _, label := range existingLabels {
+		labels[label.Name] = label.ID
+	}
+
+	for _, row := range loaded {
+
+		// Locations
+		if _, exists := locations[row.Location]; !exists {
+			result, err := svc.repo.Locations.Create(ctx, gid, repo.LocationCreate{
+				Name:        row.Location,
+				Description: "",
+			})
+			if err != nil {
+				return 0, err
+			}
+			locations[row.Location] = result.ID
+		}
+
+		// Labels
+
+		for _, label := range row.getLabels() {
+			if _, exists := labels[label]; exists {
+				continue
+			}
+			result, err := svc.repo.Labels.Create(ctx, gid, repo.LabelCreate{
+				Name:        label,
+				Description: "",
+			})
+			if err != nil {
+				return 0, err
+			}
+			labels[label] = result.ID
+		}
+	}
+
+	// Create the items
+	var count int
+	for _, row := range loaded {
+		// Check Import Ref
+		if row.Item.ImportRef != "" {
+			exists, err := svc.repo.Items.CheckRef(ctx, gid, row.Item.ImportRef)
+			if exists {
+				continue
+			}
+			if err != nil {
+				log.Err(err).Msg("error checking import ref")
+			}
+		}
+
+		locationID := locations[row.Location]
+		labelIDs := []uuid.UUID{}
+		for _, label := range row.getLabels() {
+			labelIDs = append(labelIDs, labels[label])
+		}
+
+		log.Info().
+			Str("name", row.Item.Name).
+			Str("location", row.Location).
+			Msgf("Creating Item: %s", row.Item.Name)
+
+		result, err := svc.repo.Items.Create(ctx, gid, repo.ItemCreate{
+			ImportRef:   row.Item.ImportRef,
+			Name:        row.Item.Name,
+			Description: row.Item.Description,
+			LabelIDs:    labelIDs,
+			LocationID:  locationID,
+		})
+
+		if err != nil {
+			return count, err
+		}
+
+		// Update the item with the rest of the data
+		_, err = svc.repo.Items.UpdateByGroup(ctx, gid, repo.ItemUpdate{
+			// Edges
+			LocationID: locationID,
+			LabelIDs:   labelIDs,
+
+			// General Fields
+			ID:          result.ID,
+			Name:        result.Name,
+			Description: result.Description,
+			Insured:     row.Item.Insured,
+			Notes:       row.Item.Notes,
+			Quantity:    row.Item.Quantity,
+
+			// Identifies the item as imported
+			SerialNumber: row.Item.SerialNumber,
+			ModelNumber:  row.Item.ModelNumber,
+			Manufacturer: row.Item.Manufacturer,
+
+			// Purchase
+			PurchaseFrom:  row.Item.PurchaseFrom,
+			PurchasePrice: row.Item.PurchasePrice,
+			PurchaseTime:  row.Item.PurchaseTime,
+
+			// Warranty
+			LifetimeWarranty: row.Item.LifetimeWarranty,
+			WarrantyExpires:  row.Item.WarrantyExpires,
+			WarrantyDetails:  row.Item.WarrantyDetails,
+
+			SoldTo:    row.Item.SoldTo,
+			SoldPrice: row.Item.SoldPrice,
+			SoldTime:  row.Item.SoldTime,
+			SoldNotes: row.Item.SoldNotes,
+		})
+
+		if err != nil {
+			return count, err
+		}
+
+		count++
+	}
+	return count, nil
+}

backend/internal/core/services/service_items_attachments.go

@@ -0,0 +1,146 @@
+package services
+
+import (
+	"context"
+	"io"
+	"os"
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/hay-kot/homebox/backend/internal/data/ent"
+	"github.com/hay-kot/homebox/backend/internal/data/ent/attachment"
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+	"github.com/hay-kot/homebox/backend/pkgs/hasher"
+	"github.com/rs/zerolog/log"
+)
+
+// TODO: this isn't a scalable solution, tokens should be stored in the database
+type attachmentTokens map[string]uuid.UUID
+
+func (at attachmentTokens) Add(token string, id uuid.UUID) {
+	at[token] = id
+
+	log.Debug().Str("token", token).Str("uuid", id.String()).Msg("added token")
+
+	go func() {
+		ch := time.After(1 * time.Minute)
+		<-ch
+		at.Delete(token)
+		log.Debug().Str("token", token).Msg("deleted token")
+	}()
+}
+
+func (at attachmentTokens) Get(token string) (uuid.UUID, bool) {
+	id, ok := at[token]
+	return id, ok
+}
+
+func (at attachmentTokens) Delete(token string) {
+	delete(at, token)
+}
+
+func (svc *ItemService) AttachmentToken(ctx Context, itemId, attachmentId uuid.UUID) (string, error) {
+	_, err := svc.repo.Items.GetOneByGroup(ctx, ctx.GID, itemId)
+	if err != nil {
+		return "", err
+	}
+
+	token := hasher.GenerateToken()
+
+	// Ensure that the file exists
+	attachment, err := svc.repo.Attachments.Get(ctx, attachmentId)
+	if err != nil {
+		return "", err
+	}
+
+	if _, err := os.Stat(attachment.Edges.Document.Path); os.IsNotExist(err) {
+		_ = svc.AttachmentDelete(ctx, ctx.GID, itemId, attachmentId)
+		return "", ErrNotFound
+	}
+
+	svc.at.Add(token.Raw, attachmentId)
+
+	return token.Raw, nil
+}
+
+func (svc *ItemService) AttachmentPath(ctx context.Context, token string) (*ent.Document, error) {
+	attachmentId, ok := svc.at.Get(token)
+	if !ok {
+		return nil, ErrNotFound
+	}
+
+	attachment, err := svc.repo.Attachments.Get(ctx, attachmentId)
+	if err != nil {
+		return nil, err
+	}
+
+	return attachment.Edges.Document, nil
+}
+
+func (svc *ItemService) AttachmentUpdate(ctx Context, itemId uuid.UUID, data *repo.ItemAttachmentUpdate) (repo.ItemOut, error) {
+	// Update Attachment
+	attachment, err := svc.repo.Attachments.Update(ctx, data.ID, attachment.Type(data.Type))
+	if err != nil {
+		return repo.ItemOut{}, err
+	}
+
+	// Update Document
+	attDoc := attachment.Edges.Document
+	_, err = svc.repo.Docs.Rename(ctx, attDoc.ID, data.Title)
+	if err != nil {
+		return repo.ItemOut{}, err
+	}
+
+	return svc.repo.Items.GetOneByGroup(ctx, ctx.GID, itemId)
+}
+
+// AttachmentAdd adds an attachment to an item by creating an entry in the Documents table and linking it to the Attachment
+// Table and Items table. The file provided via the reader is stored on the file system based on the provided
+// relative path during construction of the service.
+func (svc *ItemService) AttachmentAdd(ctx Context, itemId uuid.UUID, filename string, attachmentType attachment.Type, file io.Reader) (repo.ItemOut, error) {
+	// Get the Item
+	_, err := svc.repo.Items.GetOneByGroup(ctx, ctx.GID, itemId)
+	if err != nil {
+		return repo.ItemOut{}, err
+	}
+
+	// Create the document
+	doc, err := svc.repo.Docs.Create(ctx, ctx.GID, repo.DocumentCreate{Title: filename, Content: file})
+	if err != nil {
+		log.Err(err).Msg("failed to create document")
+		return repo.ItemOut{}, err
+	}
+
+	// Create the attachment
+	_, err = svc.repo.Attachments.Create(ctx, itemId, doc.ID, attachmentType)
+	if err != nil {
+		log.Err(err).Msg("failed to create attachment")
+		return repo.ItemOut{}, err
+	}
+
+	return svc.repo.Items.GetOneByGroup(ctx, ctx.GID, itemId)
+}
+
+func (svc *ItemService) AttachmentDelete(ctx context.Context, gid, itemId, attachmentId uuid.UUID) error {
+	// Get the Item
+	_, err := svc.repo.Items.GetOneByGroup(ctx, gid, itemId)
+	if err != nil {
+		return err
+	}
+
+	attachment, err := svc.repo.Attachments.Get(ctx, attachmentId)
+	if err != nil {
+		return err
+	}
+
+	// Delete the attachment
+	err = svc.repo.Attachments.Delete(ctx, attachmentId)
+	if err != nil {
+		return err
+	}
+
+	// Remove File
+	err = os.Remove(attachment.Edges.Document.Path)
+
+	return err
+}

backend/internal/core/services/service_items_attachments_test.go

@@ -0,0 +1,62 @@
+package services
+
+import (
+	"context"
+	"os"
+	"path"
+	"strings"
+	"testing"
+
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestItemService_AddAttachment(t *testing.T) {
+	temp := os.TempDir()
+
+	svc := &ItemService{
+		repo:     tRepos,
+		filepath: temp,
+	}
+
+	loc, err := tRepos.Locations.Create(context.Background(), tGroup.ID, repo.LocationCreate{
+		Description: "test",
+		Name:        "test",
+	})
+	assert.NoError(t, err)
+	assert.NotNil(t, loc)
+
+	itmC := repo.ItemCreate{
+		Name:        fk.Str(10),
+		Description: fk.Str(10),
+		LocationID:  loc.ID,
+	}
+
+	itm, err := svc.repo.Items.Create(context.Background(), tGroup.ID, itmC)
+	assert.NoError(t, err)
+	assert.NotNil(t, itm)
+	t.Cleanup(func() {
+		err := svc.repo.Items.Delete(context.Background(), itm.ID)
+		assert.NoError(t, err)
+	})
+
+	contents := fk.Str(1000)
+	reader := strings.NewReader(contents)
+
+	// Setup
+	afterAttachment, err := svc.AttachmentAdd(tCtx, itm.ID, "testfile.txt", "attachment", reader)
+	assert.NoError(t, err)
+	assert.NotNil(t, afterAttachment)
+
+	// Check that the file exists
+	storedPath := afterAttachment.Attachments[0].Document.Path
+
+	// {root}/{group}/{item}/{attachment}
+	assert.Equal(t, path.Join(temp, "homebox", tGroup.ID.String(), "documents"), path.Dir(storedPath))
+
+	// Check that the file contents are correct
+	bts, err := os.ReadFile(storedPath)
+	assert.NoError(t, err)
+	assert.Equal(t, contents, string(bts))
+
+}

backend/internal/core/services/service_items_csv.go

@@ -0,0 +1,118 @@
+package services
+
+import (
+	"errors"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+)
+
+var ErrInvalidCsv = errors.New("invalid csv")
+
+const NumOfCols = 21
+
+func parseFloat(s string) float64 {
+	if s == "" {
+		return 0
+	}
+	f, _ := strconv.ParseFloat(s, 64)
+	return f
+}
+
+func parseDate(s string) time.Time {
+	if s == "" {
+		return time.Time{}
+	}
+
+	p, _ := time.Parse("01/02/2006", s)
+	return p
+}
+
+func parseBool(s string) bool {
+	switch strings.ToLower(s) {
+	case "true", "yes", "1":
+		return true
+	default:
+		return false
+	}
+}
+
+func parseInt(s string) int {
+	i, _ := strconv.Atoi(s)
+	return i
+}
+
+type csvRow struct {
+	Item     repo.ItemOut
+	Location string
+	LabelStr string
+}
+
+func newCsvRow(row []string) csvRow {
+	return csvRow{
+		Location: row[1],
+		LabelStr: row[2],
+		Item: repo.ItemOut{
+			ItemSummary: repo.ItemSummary{
+				ImportRef:   row[0],
+				Quantity:    parseInt(row[3]),
+				Name:        row[4],
+				Description: row[5],
+				Insured:     parseBool(row[6]),
+			},
+			SerialNumber:     row[7],
+			ModelNumber:      row[8],
+			Manufacturer:     row[9],
+			Notes:            row[10],
+			PurchaseFrom:     row[11],
+			PurchasePrice:    parseFloat(row[12]),
+			PurchaseTime:     parseDate(row[13]),
+			LifetimeWarranty: parseBool(row[14]),
+			WarrantyExpires:  parseDate(row[15]),
+			WarrantyDetails:  row[16],
+			SoldTo:           row[17],
+			SoldPrice:        parseFloat(row[18]),
+			SoldTime:         parseDate(row[19]),
+			SoldNotes:        row[20],
+		},
+	}
+}
+
+func (c csvRow) getLabels() []string {
+	split := strings.Split(c.LabelStr, ";")
+
+	// Trim each
+	for i, s := range split {
+		split[i] = strings.TrimSpace(s)
+	}
+
+	// Remove empty
+	for i, s := range split {
+		if s == "" {
+			split = append(split[:i], split[i+1:]...)
+		}
+	}
+
+	return split
+}
+
+func (c csvRow) validate() []error {
+	var errs []error
+
+	add := func(err error) {
+		errs = append(errs, err)
+	}
+
+	required := func(s string, name string) {
+		if s == "" {
+			add(errors.New(name + " is required"))
+		}
+	}
+
+	required(c.Location, "Location")
+	required(c.Item.Name, "Name")
+
+	return errs
+}

backend/internal/core/services/service_items_csv_test.go

@@ -0,0 +1,86 @@
+package services
+
+import (
+	"bytes"
+	"encoding/csv"
+	"reflect"
+	"testing"
+)
+
+const CSV_DATA = `
+Import Ref,Location,Labels,Quantity,Name,Description,Insured,Serial Number,Mode Number,Manufacturer,Notes,Purchase From,Purchased Price,Purchased Time,Lifetime Warranty,Warranty Expires,Warranty Details,Sold To,Sold Price,Sold Time,Sold Notes
+A,Garage,IOT;Home Assistant; Z-Wave,1,Zooz Universal Relay ZEN17,"Zooz 700 Series Z-Wave Universal Relay ZEN17 for Awnings, Garage Doors, Sprinklers, and More | 2 NO-C-NC Relays (20A, 10A) | Signal Repeater | Hub Required (Compatible with SmartThings and Hubitat)",,,ZEN17,Zooz,,Amazon,39.95,10/13/2021,,,,,,,
+B,Living Room,IOT;Home Assistant; Z-Wave,1,Zooz Motion Sensor,"Zooz Z-Wave Plus S2 Motion Sensor ZSE18 with Magnetic Mount, Works with Vera and SmartThings",,,ZSE18,Zooz,,Amazon,29.95,10/15/2021,,,,,,,
+C,Office,IOT;Home Assistant; Z-Wave,1,Zooz 110v Power Switch,"Zooz Z-Wave Plus Power Switch ZEN15 for 110V AC Units, Sump Pumps, Humidifiers, and More",,,ZEN15,Zooz,,Amazon,39.95,10/13/2021,,,,,,,
+D,Downstairs,IOT;Home Assistant; Z-Wave,1,Ecolink Z-Wave PIR Motion Sensor,"Ecolink Z-Wave PIR Motion Detector Pet Immune, White (PIRZWAVE2.5-ECO)",,,PIRZWAVE2.5-ECO,Ecolink,,Amazon,35.58,10/21/2020,,,,,,,
+E,Entry,IOT;Home Assistant; Z-Wave,1,Yale Security Touchscreen Deadbolt,"Yale Security YRD226-ZW2-619 YRD226ZW2619 Touchscreen Deadbolt, Satin Nickel",,,YRD226ZW2619,Yale,,Amazon,120.39,10/14/2020,,,,,,,
+F,Kitchen,IOT;Home Assistant; Z-Wave,1,Smart Rocker Light Dimmer,"UltraPro Z-Wave Smart Rocker Light Dimmer with QuickFit and SimpleWire, 3-Way Ready, Compatible with Alexa, Google Assistant, ZWave Hub Required, Repeater/Range Extender, White Paddle Only, 39351",,,39351,Honeywell,,Amazon,65.98,09/30/0202,,,,,,,`
+
+func loadcsv() [][]string {
+	reader := csv.NewReader(bytes.NewBuffer([]byte(CSV_DATA)))
+
+	records, err := reader.ReadAll()
+	if err != nil {
+		panic(err)
+	}
+
+	return records
+}
+
+func Test_csvRow_getLabels(t *testing.T) {
+	type fields struct {
+		LabelStr string
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   []string
+	}{
+		{
+			name: "basic test",
+			fields: fields{
+				LabelStr: "IOT;Home Assistant;Z-Wave",
+			},
+			want: []string{"IOT", "Home Assistant", "Z-Wave"},
+		},
+		{
+			name: "no labels",
+			fields: fields{
+				LabelStr: "",
+			},
+			want: []string{},
+		},
+		{
+			name: "single label",
+			fields: fields{
+				LabelStr: "IOT",
+			},
+			want: []string{"IOT"},
+		},
+		{
+			name: "trailing semicolon",
+			fields: fields{
+				LabelStr: "IOT;",
+			},
+			want: []string{"IOT"},
+		},
+
+		{
+			name: "whitespace",
+			fields: fields{
+				LabelStr: " IOT;		Home Assistant;   Z-Wave ",
+			},
+			want: []string{"IOT", "Home Assistant", "Z-Wave"},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			c := csvRow{
+				LabelStr: tt.fields.LabelStr,
+			}
+			if got := c.getLabels(); !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("csvRow.getLabels() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

backend/internal/core/services/service_items_test.go

@@ -0,0 +1,77 @@
+package services
+
+import (
+	"context"
+	"testing"
+
+	"github.com/google/uuid"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestItemService_CsvImport(t *testing.T) {
+	data := loadcsv()
+	svc := &ItemService{
+		repo: tRepos,
+	}
+	count, err := svc.CsvImport(context.Background(), tGroup.ID, data)
+	assert.Equal(t, 6, count)
+	assert.NoError(t, err)
+
+	// Check import refs are deduplicated
+	count, err = svc.CsvImport(context.Background(), tGroup.ID, data)
+	assert.Equal(t, 0, count)
+	assert.NoError(t, err)
+
+	items, err := svc.repo.Items.GetAll(context.Background(), tGroup.ID)
+	assert.NoError(t, err)
+	t.Cleanup(func() {
+		for _, item := range items {
+			err := svc.repo.Items.Delete(context.Background(), item.ID)
+			assert.NoError(t, err)
+		}
+	})
+
+	assert.Equal(t, len(items), 6)
+
+	dataCsv := []csvRow{}
+	for _, item := range data {
+		dataCsv = append(dataCsv, newCsvRow(item))
+	}
+
+	allLocation, err := tRepos.Locations.GetAll(context.Background(), tGroup.ID)
+	assert.NoError(t, err)
+	locNames := []string{}
+	for _, loc := range allLocation {
+		locNames = append(locNames, loc.Name)
+	}
+
+	allLabels, err := tRepos.Labels.GetAll(context.Background(), tGroup.ID)
+	assert.NoError(t, err)
+	labelNames := []string{}
+	for _, label := range allLabels {
+		labelNames = append(labelNames, label.Name)
+	}
+
+	ids := []uuid.UUID{}
+	t.Cleanup((func() {
+		for _, id := range ids {
+			err := svc.repo.Items.Delete(context.Background(), id)
+			assert.NoError(t, err)
+		}
+	}))
+
+	for _, item := range items {
+		assert.Contains(t, locNames, item.Location.Name)
+		for _, label := range item.Labels {
+			assert.Contains(t, labelNames, label.Name)
+		}
+
+		for _, csvRow := range dataCsv {
+			if csvRow.Item.Name == item.Name {
+				assert.Equal(t, csvRow.Item.Description, item.Description)
+				assert.Equal(t, csvRow.Item.Quantity, item.Quantity)
+				assert.Equal(t, csvRow.Item.Insured, item.Insured)
+			}
+		}
+	}
+}

backend/internal/core/services/service_user.go

@@ -0,0 +1,213 @@
+package services
+
+import (
+	"context"
+	"errors"
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+	"github.com/hay-kot/homebox/backend/pkgs/hasher"
+	"github.com/rs/zerolog/log"
+)
+
+var (
+	oneWeek              = time.Hour * 24 * 7
+	ErrorInvalidLogin    = errors.New("invalid username or password")
+	ErrorInvalidToken    = errors.New("invalid token")
+	ErrorTokenIdMismatch = errors.New("token id mismatch")
+)
+
+type UserService struct {
+	repos *repo.AllRepos
+}
+
+type (
+	UserRegistration struct {
+		GroupToken string `json:"token"`
+		Name       string `json:"name"`
+		Email      string `json:"email"`
+		Password   string `json:"password"`
+	}
+	UserAuthTokenDetail struct {
+		Raw       string    `json:"raw"`
+		ExpiresAt time.Time `json:"expiresAt"`
+	}
+	LoginForm struct {
+		Username string `json:"username"`
+		Password string `json:"password"`
+	}
+)
+
+// RegisterUser creates a new user and group in the data with the provided data. It also bootstraps the user's group
+// with default Labels and Locations.
+func (svc *UserService) RegisterUser(ctx context.Context, data UserRegistration) (repo.UserOut, error) {
+	log.Debug().
+		Str("name", data.Name).
+		Str("email", data.Email).
+		Str("groupToken", data.GroupToken).
+		Msg("Registering new user")
+
+	var (
+		err     error
+		group   repo.Group
+		token   repo.GroupInvitation
+		isOwner = false
+	)
+
+	switch data.GroupToken {
+	case "":
+		isOwner = true
+		group, err = svc.repos.Groups.GroupCreate(ctx, "Home")
+		if err != nil {
+			log.Err(err).Msg("Failed to create group")
+			return repo.UserOut{}, err
+		}
+	default:
+		token, err = svc.repos.Groups.InvitationGet(ctx, hasher.HashToken(data.GroupToken))
+		if err != nil {
+			log.Err(err).Msg("Failed to get invitation token")
+			return repo.UserOut{}, err
+		}
+		group = token.Group
+	}
+
+	hashed, _ := hasher.HashPassword(data.Password)
+	usrCreate := repo.UserCreate{
+		Name:        data.Name,
+		Email:       data.Email,
+		Password:    hashed,
+		IsSuperuser: false,
+		GroupID:     group.ID,
+		IsOwner:     isOwner,
+	}
+
+	usr, err := svc.repos.Users.Create(ctx, usrCreate)
+	if err != nil {
+		return repo.UserOut{}, err
+	}
+
+	for _, label := range defaultLabels() {
+		_, err := svc.repos.Labels.Create(ctx, group.ID, label)
+		if err != nil {
+			return repo.UserOut{}, err
+		}
+	}
+
+	for _, location := range defaultLocations() {
+		_, err := svc.repos.Locations.Create(ctx, group.ID, location)
+		if err != nil {
+			return repo.UserOut{}, err
+		}
+	}
+
+	// Decrement the invitation token if it was used
+	if token.ID != uuid.Nil {
+		err = svc.repos.Groups.InvitationUpdate(ctx, token.ID, token.Uses-1)
+		if err != nil {
+			log.Err(err).Msg("Failed to update invitation token")
+			return repo.UserOut{}, err
+		}
+	}
+
+	return usr, nil
+}
+
+// GetSelf returns the user that is currently logged in based of the token provided within
+func (svc *UserService) GetSelf(ctx context.Context, requestToken string) (repo.UserOut, error) {
+	hash := hasher.HashToken(requestToken)
+	return svc.repos.AuthTokens.GetUserFromToken(ctx, hash)
+}
+
+func (svc *UserService) UpdateSelf(ctx context.Context, ID uuid.UUID, data repo.UserUpdate) (repo.UserOut, error) {
+	err := svc.repos.Users.Update(ctx, ID, data)
+	if err != nil {
+		return repo.UserOut{}, err
+	}
+
+	return svc.repos.Users.GetOneId(ctx, ID)
+}
+
+// ============================================================================
+// User Authentication
+
+func (svc *UserService) createToken(ctx context.Context, userId uuid.UUID) (UserAuthTokenDetail, error) {
+	newToken := hasher.GenerateToken()
+
+	created, err := svc.repos.AuthTokens.CreateToken(ctx, repo.UserAuthTokenCreate{
+		UserID:    userId,
+		TokenHash: newToken.Hash,
+		ExpiresAt: time.Now().Add(oneWeek),
+	})
+
+	return UserAuthTokenDetail{Raw: newToken.Raw, ExpiresAt: created.ExpiresAt}, err
+}
+
+func (svc *UserService) Login(ctx context.Context, username, password string) (UserAuthTokenDetail, error) {
+	usr, err := svc.repos.Users.GetOneEmail(ctx, username)
+
+	if err != nil {
+		// SECURITY: Perform hash to ensure response times are the same
+		hasher.CheckPasswordHash("not-a-real-password", "not-a-real-password")
+		return UserAuthTokenDetail{}, ErrorInvalidLogin
+	}
+
+	if !hasher.CheckPasswordHash(password, usr.PasswordHash) {
+		return UserAuthTokenDetail{}, ErrorInvalidLogin
+	}
+
+	return svc.createToken(ctx, usr.ID)
+}
+
+func (svc *UserService) Logout(ctx context.Context, token string) error {
+	hash := hasher.HashToken(token)
+	err := svc.repos.AuthTokens.DeleteToken(ctx, hash)
+	return err
+}
+
+func (svc *UserService) RenewToken(ctx context.Context, token string) (UserAuthTokenDetail, error) {
+	hash := hasher.HashToken(token)
+
+	dbToken, err := svc.repos.AuthTokens.GetUserFromToken(ctx, hash)
+
+	if err != nil {
+		return UserAuthTokenDetail{}, ErrorInvalidToken
+	}
+
+	newToken, _ := svc.createToken(ctx, dbToken.ID)
+
+	return newToken, nil
+}
+
+// DeleteSelf deletes the user that is currently logged based of the provided UUID
+// There is _NO_ protection against deleting the wrong user, as such this should only
+// be used when the identify of the user has been confirmed.
+func (svc *UserService) DeleteSelf(ctx context.Context, ID uuid.UUID) error {
+	return svc.repos.Users.Delete(ctx, ID)
+}
+
+func (svc *UserService) ChangePassword(ctx Context, current string, new string) (ok bool) {
+	usr, err := svc.repos.Users.GetOneId(ctx, ctx.UID)
+	if err != nil {
+		return false
+	}
+
+	if !hasher.CheckPasswordHash(current, usr.PasswordHash) {
+		log.Err(errors.New("current password is incorrect")).Msg("Failed to change password")
+		return false
+	}
+
+	hashed, err := hasher.HashPassword(new)
+	if err != nil {
+		log.Err(err).Msg("Failed to hash password")
+		return false
+	}
+
+	err = svc.repos.Users.ChangePassword(ctx.Context, ctx.UID, hashed)
+	if err != nil {
+		log.Err(err).Msg("Failed to change password")
+		return false
+	}
+
+	return true
+}

backend/internal/core/services/service_user_defaults.go

@@ -0,0 +1,57 @@
+package services
+
+import (
+	"github.com/hay-kot/homebox/backend/internal/data/repo"
+)
+
+func defaultLocations() []repo.LocationCreate {
+	return []repo.LocationCreate{
+		{
+			Name: "Living Room",
+		},
+		{
+			Name: "Garage",
+		},
+		{
+			Name: "Kitchen",
+		},
+		{
+			Name: "Bedroom",
+		},
+		{
+			Name: "Bathroom",
+		},
+		{
+			Name: "Office",
+		},
+		{
+			Name: "Attic",
+		},
+		{
+			Name: "Basement",
+		},
+	}
+}
+
+func defaultLabels() []repo.LabelCreate {
+	return []repo.LabelCreate{
+		{
+			Name: "Appliances",
+		},
+		{
+			Name: "IOT",
+		},
+		{
+			Name: "Electronics",
+		},
+		{
+			Name: "Servers",
+		},
+		{
+			Name: "General",
+		},
+		{
+			Name: "Important",
+		},
+	}
+}