signoz/pkg/query-service/auth/utils.go

package auth

import (
	"crypto/rand"
	"encoding/hex"

	"github.com/pkg/errors"
	"go.signoz.io/signoz/pkg/query-service/constants"
	"go.signoz.io/signoz/pkg/query-service/model"
)

var (
	ErrorEmptyRequest = errors.New("Empty request")
	ErrorInvalidEmail = errors.New("Invalid email")
	ErrorInvalidRole  = errors.New("Invalid role")

	ErrorInvalidInviteToken = errors.New("Invalid invite token")
	ErrorAskAdmin           = errors.New("An invitation is needed to create an account. Please ask your admin (the person who has first installed SIgNoz) to send an invite.")
)

func randomHex(sz int) (string, error) {
	bytes := make([]byte, sz)
	if _, err := rand.Read(bytes); err != nil {
		return "", err
	}
	return hex.EncodeToString(bytes), nil
}

func isValidRole(role string) bool {
	switch role {
	case constants.AdminGroup, constants.EditorGroup, constants.ViewerGroup:
		return true
	default:
		return false
	}
	return false
}

func validateInviteRequest(req *model.InviteRequest) error {
	if req == nil {
		return ErrorEmptyRequest
	}
	if !isValidEmail(req.Email) {
		return ErrorInvalidEmail
	}

	if !isValidRole(req.Role) {
		return ErrorInvalidRole
	}
	return nil
}

// TODO(Ahsan): Implement check on email semantic.
func isValidEmail(email string) bool {
	return true
}
feat(auth): Add auth and access-controls support (#874) * auth and rbac support enabled 2022-05-03 15:26:32 +05:30			`package auth`

			`import (`
			`"crypto/rand"`
			`"encoding/hex"`

			`"github.com/pkg/errors"`
feat: enterprise edition (#1575) * feat: added license manager and feature flags * feat: completed org domain api * chore: checking in saml auth handler code * feat: added signup with sso * feat: added login support for admins * feat: added pem support for certificate * ci(build-workflow): 👷 include EE query-service * fix: 🐛 update package name * chore(ee): 🔧 LD_FLAGS related changes Signed-off-by: Prashant Shahi <prashant@signoz.io> Co-authored-by: Prashant Shahi <prashant@signoz.io> Co-authored-by: nityanandagohain <nityanandagohain@gmail.com> 2022-10-06 20:13:30 +05:30			`"go.signoz.io/signoz/pkg/query-service/constants"`
			`"go.signoz.io/signoz/pkg/query-service/model"`
feat(auth): Add auth and access-controls support (#874) * auth and rbac support enabled 2022-05-03 15:26:32 +05:30			`)`

			`var (`
			`ErrorEmptyRequest = errors.New("Empty request")`
			`ErrorInvalidEmail = errors.New("Invalid email")`
			`ErrorInvalidRole = errors.New("Invalid role")`

			`ErrorInvalidInviteToken = errors.New("Invalid invite token")`
fix: changed ask admin message (#2215) 2023-02-24 14:57:07 +05:30			`ErrorAskAdmin = errors.New("An invitation is needed to create an account. Please ask your admin (the person who has first installed SIgNoz) to send an invite.")`
feat(auth): Add auth and access-controls support (#874) * auth and rbac support enabled 2022-05-03 15:26:32 +05:30			`)`

			`func randomHex(sz int) (string, error) {`
			`bytes := make([]byte, sz)`
			`if _, err := rand.Read(bytes); err != nil {`
			`return "", err`
			`}`
			`return hex.EncodeToString(bytes), nil`
			`}`

			`func isValidRole(role string) bool {`
			`switch role {`
			`case constants.AdminGroup, constants.EditorGroup, constants.ViewerGroup:`
			`return true`
			`default:`
			`return false`
			`}`
			`return false`
			`}`

			`func validateInviteRequest(req *model.InviteRequest) error {`
			`if req == nil {`
			`return ErrorEmptyRequest`
			`}`
			`if !isValidEmail(req.Email) {`
			`return ErrorInvalidEmail`
			`}`

			`if !isValidRole(req.Role) {`
			`return ErrorInvalidRole`
			`}`
			`return nil`
			`}`

			`// TODO(Ahsan): Implement check on email semantic.`
			`func isValidEmail(email string) bool {`
			`return true`
			`}`