Sync topic (begin), rename user fields

2023-01-09 21:53:21 -05:00 · 2023-01-09 21:53:21 -05:00 · 7e528d9c10
commit 7e528d9c10
parent b27c608508
10 changed files with 107 additions and 82 deletions
--- a/user/manager.go
+++ b/user/manager.go
@ -20,7 +20,8 @@ const (
 	userStatsQueueWriterInterval = 33 * time.Second
 	tokenLength                  = 32
 	tokenExpiryDuration          = 72 * time.Hour // Extend tokens by this much
-	tokenMaxCount                = 10             // Only keep this many tokens in the table per user
+	syncTopicLength              = 16
+	tokenMaxCount                = 10 // Only keep this many tokens in the table per user
 )

 var (
@ -50,10 +51,15 @@ const (
 			tier_id INT,
 			user TEXT NOT NULL,
 			pass TEXT NOT NULL,
-			role TEXT NOT NULL,
-			messages INT NOT NULL DEFAULT (0),
-			emails INT NOT NULL DEFAULT (0),			
-			settings JSON,
+			role TEXT CHECK (role IN ('anonymous', 'admin', 'user')) NOT NULL,
+			prefs JSON NOT NULL DEFAULT '{}',
+			sync_topic TEXT NOT NULL,
+			stats_messages INT NOT NULL DEFAULT (0),
+			stats_emails INT NOT NULL DEFAULT (0),
+			created_by TEXT NOT NULL,
+			created_at INT NOT NULL,
+			last_seen INT NOT NULL,
+			last_stats_reset INT NOT NULL DEFAULT (0),
 		    FOREIGN KEY (tier_id) REFERENCES tier (id)
 		);
 		CREATE UNIQUE INDEX idx_user ON user (user);
@ -78,7 +84,9 @@ const (
 			id INT PRIMARY KEY,
 			version INT NOT NULL
 		);
-		INSERT INTO user (id, user, pass, role) VALUES (1, '*', '', 'anonymous') ON CONFLICT (id) DO NOTHING;
+		INSERT INTO user (id, user, pass, role, sync_topic, created_by, created_at, last_seen)
+		VALUES (1, '*', '', 'anonymous', '', 'system', UNIXEPOCH(), 0) 
+		ON CONFLICT (id) DO NOTHING;
 	`
 	createTablesQueries   = `BEGIN; ` + createTablesQueriesNoTx + ` COMMIT;`
 	builtinStartupQueries = `
@ -86,13 +94,13 @@ const (
 	`

 	selectUserByNameQuery = `
-		SELECT u.user, u.pass, u.role, u.messages, u.emails, u.settings, p.code, p.name, p.paid, p.messages_limit, p.messages_expiry_duration, p.emails_limit, p.reservations_limit, p.attachment_file_size_limit, p.attachment_total_size_limit, p.attachment_expiry_duration
+		SELECT u.user, u.pass, u.role, u.prefs, u.sync_topic, u.stats_messages, u.stats_emails, p.code, p.name, p.paid, p.messages_limit, p.messages_expiry_duration, p.emails_limit, p.reservations_limit, p.attachment_file_size_limit, p.attachment_total_size_limit, p.attachment_expiry_duration
 		FROM user u
 		LEFT JOIN tier p on p.id = u.tier_id
 		WHERE user = ?		
 	`
 	selectUserByTokenQuery = `
-		SELECT u.user, u.pass, u.role, u.messages, u.emails, u.settings, p.code, p.name, p.paid, p.messages_limit, p.messages_expiry_duration, p.emails_limit, p.reservations_limit, p.attachment_file_size_limit, p.attachment_total_size_limit, p.attachment_expiry_duration
+		SELECT u.user, u.pass, u.role, u.prefs, u.sync_topic, u.stats_messages, u.stats_emails, p.code, p.name, p.paid, p.messages_limit, p.messages_expiry_duration, p.emails_limit, p.reservations_limit, p.attachment_file_size_limit, p.attachment_total_size_limit, p.attachment_expiry_duration
 		FROM user u
 		JOIN user_token t on u.id = t.user_id
 		LEFT JOIN tier p on p.id = u.tier_id
@ -106,7 +114,10 @@ const (
 		ORDER BY u.user DESC
 	`

-	insertUserQuery      = `INSERT INTO user (user, pass, role) VALUES (?, ?, ?)`
+	insertUserQuery = `
+		INSERT INTO user (user, pass, role, sync_topic, created_by, created_at, last_seen) 
+		VALUES (?, ?, ?, ?, ?, ?, ?)
+	`
 	selectUsernamesQuery = `
 		SELECT user 
 		FROM user 
@ -117,11 +128,11 @@ const (
 				ELSE 2
 			END, user
 	`
-	updateUserPassQuery     = `UPDATE user SET pass = ? WHERE user = ?`
-	updateUserRoleQuery     = `UPDATE user SET role = ? WHERE user = ?`
-	updateUserSettingsQuery = `UPDATE user SET settings = ? WHERE user = ?`
-	updateUserStatsQuery    = `UPDATE user SET messages = ?, emails = ? WHERE user = ?`
-	deleteUserQuery         = `DELETE FROM user WHERE user = ?`
+	updateUserPassQuery  = `UPDATE user SET pass = ? WHERE user = ?`
+	updateUserRoleQuery  = `UPDATE user SET role = ? WHERE user = ?`
+	updateUserPrefsQuery = `UPDATE user SET prefs = ? WHERE user = ?`
+	updateUserStatsQuery = `UPDATE user SET stats_messages = ?, stats_emails = ? WHERE user = ?`
+	deleteUserQuery      = `DELETE FROM user WHERE user = ?`

 	upsertUserAccessQuery = `
 		INSERT INTO user_access (user_id, topic, read, write, owner_user_id) 
@ -210,8 +221,8 @@ const (
 		ALTER TABLE user RENAME TO user_old;
 	`
 	migrate1To2InsertFromOldTablesAndDropNoTx = `
-		INSERT INTO user (user, pass, role) 
-		SELECT user, pass, role FROM user_old;
+		INSERT INTO user (user, pass, role, sync_topic, created_by, created_at, last_seen) 
+		SELECT user, pass, role, '', 'admin', UNIXEPOCH(), UNIXEPOCH() FROM user_old;

 		INSERT INTO user_access (user_id, topic, read, write)
 		SELECT u.id, a.topic, a.read, a.write
@ -371,11 +382,11 @@ func (a *Manager) RemoveExpiredTokens() error {

 // ChangeSettings persists the user settings
 func (a *Manager) ChangeSettings(user *User) error {
-	settings, err := json.Marshal(user.Prefs)
+	prefs, err := json.Marshal(user.Prefs)
 	if err != nil {
 		return err
 	}
-	if _, err := a.db.Exec(updateUserSettingsQuery, string(settings), user.Name); err != nil {
+	if _, err := a.db.Exec(updateUserPrefsQuery, string(prefs), user.Name); err != nil {
 		return err
 	}
 	return nil
@ -462,7 +473,7 @@ func (a *Manager) resolvePerms(base, perm Permission) error {
 }

 // AddUser adds a user with the given username, password and role
-func (a *Manager) AddUser(username, password string, role Role) error {
+func (a *Manager) AddUser(username, password string, role Role, createdBy string) error {
 	if !AllowedUsername(username) || !AllowedRole(role) {
 		return ErrInvalidArgument
 	}
@ -470,7 +481,9 @@ func (a *Manager) AddUser(username, password string, role Role) error {
 	if err != nil {
 		return err
 	}
-	if _, err = a.db.Exec(insertUserQuery, username, hash, role); err != nil {
+	// INSERT INTO user (user, pass, role, sync_topic, created_by, created_at, last_seen)
+	syncTopic, now := util.RandomString(syncTopicLength), time.Now().Unix()
+	if _, err = a.db.Exec(insertUserQuery, username, hash, role, syncTopic, createdBy, now, now); err != nil {
 		return err
 	}
 	return nil
@ -538,33 +551,32 @@ func (a *Manager) userByToken(token string) (*User, error) {

 func (a *Manager) readUser(rows *sql.Rows) (*User, error) {
 	defer rows.Close()
-	var username, hash, role string
-	var settings, tierCode, tierName sql.NullString
+	var username, hash, role, prefs, syncTopic string
+	var tierCode, tierName sql.NullString
 	var paid sql.NullBool
 	var messages, emails int64
 	var messagesLimit, messagesExpiryDuration, emailsLimit, reservationsLimit, attachmentFileSizeLimit, attachmentTotalSizeLimit, attachmentExpiryDuration sql.NullInt64
 	if !rows.Next() {
 		return nil, ErrNotFound
 	}
-	if err := rows.Scan(&username, &hash, &role, &messages, &emails, &settings, &tierCode, &tierName, &paid, &messagesLimit, &messagesExpiryDuration, &emailsLimit, &reservationsLimit, &attachmentFileSizeLimit, &attachmentTotalSizeLimit, &attachmentExpiryDuration); err != nil {
+	if err := rows.Scan(&username, &hash, &role, &prefs, &syncTopic, &messages, &emails, &tierCode, &tierName, &paid, &messagesLimit, &messagesExpiryDuration, &emailsLimit, &reservationsLimit, &attachmentFileSizeLimit, &attachmentTotalSizeLimit, &attachmentExpiryDuration); err != nil {
 		return nil, err
 	} else if err := rows.Err(); err != nil {
 		return nil, err
 	}
 	user := &User{
-		Name: username,
-		Hash: hash,
-		Role: Role(role),
+		Name:      username,
+		Hash:      hash,
+		Role:      Role(role),
+		Prefs:     &Prefs{},
+		SyncTopic: syncTopic,
 		Stats: &Stats{
 			Messages: messages,
 			Emails:   emails,
 		},
 	}
-	if settings.Valid {
-		user.Prefs = &Prefs{}
-		if err := json.Unmarshal([]byte(settings.String), user.Prefs); err != nil {
-			return nil, err
-		}
+	if err := json.Unmarshal([]byte(prefs), user.Prefs); err != nil {
+		return nil, err
 	}
 	if tierCode.Valid {
 		user.Tier = &Tier{
--- a/user/manager_test.go
+++ b/user/manager_test.go
@ -13,8 +13,8 @@ const minBcryptTimingMillis = int64(50) // Ideally should be >100ms, but this sh

 func TestManager_FullScenario_Default_DenyAll(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("phil", "phil", RoleAdmin))
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("phil", "phil", RoleAdmin, "unit-test"))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))
 	require.Nil(t, a.AllowAccess("", "ben", "mytopic", true, true))
 	require.Nil(t, a.AllowAccess("", "ben", "readme", true, false))
 	require.Nil(t, a.AllowAccess("", "ben", "writeme", false, true))
@ -92,20 +92,20 @@ func TestManager_FullScenario_Default_DenyAll(t *testing.T) {

 func TestManager_AddUser_Invalid(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Equal(t, ErrInvalidArgument, a.AddUser("  invalid  ", "pass", RoleAdmin))
-	require.Equal(t, ErrInvalidArgument, a.AddUser("validuser", "pass", "invalid-role"))
+	require.Equal(t, ErrInvalidArgument, a.AddUser("  invalid  ", "pass", RoleAdmin, "unit-test"))
+	require.Equal(t, ErrInvalidArgument, a.AddUser("validuser", "pass", "invalid-role", "unit-test"))
 }

 func TestManager_AddUser_Timing(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
 	start := time.Now().UnixMilli()
-	require.Nil(t, a.AddUser("user", "pass", RoleAdmin))
+	require.Nil(t, a.AddUser("user", "pass", RoleAdmin, "unit-test"))
 	require.GreaterOrEqual(t, time.Now().UnixMilli()-start, minBcryptTimingMillis)
 }

 func TestManager_Authenticate_Timing(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("user", "pass", RoleAdmin))
+	require.Nil(t, a.AddUser("user", "pass", RoleAdmin, "unit-test"))

 	// Timing a correct attempt
 	start := time.Now().UnixMilli()
@ -128,8 +128,8 @@ func TestManager_Authenticate_Timing(t *testing.T) {

 func TestManager_UserManagement(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("phil", "phil", RoleAdmin))
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("phil", "phil", RoleAdmin, "unit-test"))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))
 	require.Nil(t, a.AllowAccess("", "ben", "mytopic", true, true))
 	require.Nil(t, a.AllowAccess("", "ben", "readme", true, false))
 	require.Nil(t, a.AllowAccess("", "ben", "writeme", false, true))
@ -219,7 +219,7 @@ func TestManager_UserManagement(t *testing.T) {

 func TestManager_ChangePassword(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("phil", "phil", RoleAdmin))
+	require.Nil(t, a.AddUser("phil", "phil", RoleAdmin, "unit-test"))

 	_, err := a.Authenticate("phil", "phil")
 	require.Nil(t, err)
@ -233,7 +233,7 @@ func TestManager_ChangePassword(t *testing.T) {

 func TestManager_ChangeRole(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))
 	require.Nil(t, a.AllowAccess("", "ben", "mytopic", true, true))
 	require.Nil(t, a.AllowAccess("", "ben", "readme", true, false))

@ -270,7 +270,7 @@ func TestManager_ChangeRoleFromTierUserToAdmin(t *testing.T) {
 		AttachmentTotalSizeLimit: 524288000,
 		AttachmentExpiryDuration: 24 * time.Hour,
 	}))
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))
 	require.Nil(t, a.ChangeTier("ben", "pro"))
 	require.Nil(t, a.AllowAccess("ben", "ben", "mytopic", true, true))
 	require.Nil(t, a.AllowAccess("ben", Everyone, "mytopic", false, false))
@ -312,7 +312,7 @@ func TestManager_ChangeRoleFromTierUserToAdmin(t *testing.T) {

 func TestManager_Token_Valid(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))

 	u, err := a.User("ben")
 	require.Nil(t, err)
@ -337,7 +337,7 @@ func TestManager_Token_Valid(t *testing.T) {

 func TestManager_Token_Invalid(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))

 	u, err := a.AuthenticateToken(strings.Repeat("x", 32)) // 32 == token length
 	require.Nil(t, u)
@ -350,7 +350,7 @@ func TestManager_Token_Invalid(t *testing.T) {

 func TestManager_Token_Expire(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))

 	u, err := a.User("ben")
 	require.Nil(t, err)
@ -398,7 +398,7 @@ func TestManager_Token_Expire(t *testing.T) {

 func TestManager_Token_Extend(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))

 	// Try to extend token for user without token
 	u, err := a.User("ben")
@ -425,7 +425,7 @@ func TestManager_Token_Extend(t *testing.T) {

 func TestManager_Token_MaxCount_AutoDelete(t *testing.T) {
 	a := newTestManager(t, PermissionDenyAll)
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))

 	// Try to extend token for user without token
 	u, err := a.User("ben")
@ -469,7 +469,7 @@ func TestManager_Token_MaxCount_AutoDelete(t *testing.T) {
 func TestManager_EnqueueStats(t *testing.T) {
 	a, err := newManager(filepath.Join(t.TempDir(), "db"), "", PermissionReadWrite, 1500*time.Millisecond)
 	require.Nil(t, err)
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))

 	// Baseline: No messages or emails
 	u, err := a.User("ben")
@ -499,12 +499,14 @@ func TestManager_EnqueueStats(t *testing.T) {
 func TestManager_ChangeSettings(t *testing.T) {
 	a, err := newManager(filepath.Join(t.TempDir(), "db"), "", PermissionReadWrite, 1500*time.Millisecond)
 	require.Nil(t, err)
-	require.Nil(t, a.AddUser("ben", "ben", RoleUser))
+	require.Nil(t, a.AddUser("ben", "ben", RoleUser, "unit-test"))

 	// No settings
 	u, err := a.User("ben")
 	require.Nil(t, err)
-	require.Nil(t, u.Prefs)
+	require.Nil(t, u.Prefs.Subscriptions)
+	require.Nil(t, u.Prefs.Notification)
+	require.Equal(t, "", u.Prefs.Language)

 	// Save with new settings
 	u.Prefs = &Prefs{
--- a/user/types.go
+++ b/user/types.go
@ -9,13 +9,16 @@ import (

 // User is a struct that represents a user
 type User struct {
-	Name  string
-	Hash  string // password hash (bcrypt)
-	Token string // Only set if token was used to log in
-	Role  Role
-	Prefs *Prefs
-	Tier  *Tier
-	Stats *Stats
+	Name      string
+	Hash      string // password hash (bcrypt)
+	Token     string // Only set if token was used to log in
+	Role      Role
+	Prefs     *Prefs
+	Tier      *Tier
+	Stats     *Stats
+	SyncTopic string
+	Created   time.Time
+	LastSeen  time.Time
 }

 // Auther is an interface for authentication and authorization