feat: add all missing security records to write ops #184
Conversation
…yRecordCmdRepo to it
…opagate error validation to routers and throw fatal when controller is not initialized
…tyRecordCmdRepo to it
…tyRecordCmdRepo to it
…tivityRecordCmdRepo to it
…tivityRecordCmdRepo to it
…t activityRecordCmdRepo to it
…t activityRecordCmdRepo to it
…C and inject activityRecordCmdRepo to it
…UC and inject activityRecordCmdRepo to it
…activityRecordCmdRepo to it
…ct activityRecordCmdRepo to it
… activityRecordCmdRepo to it
… activityRecordCmdRepo to it
With the addition of OperatorAccountId and OperatorIpAddress, many repositories, use cases, and other components were impacted. Some required quick restructuring, like creating new DTOs to make this change without compromising code readability, as the visible increase in complexity could have been problematic without these new DTOs. It's worth noting that only some methods received new DTOs, not all. This is due to a lack of context for creating new DTOs, as well as dependency injections that can significantly increase the number of parameters passed to a function.
…ivityRecordCmdRepo to it
…nject activityRecordCmdRepo to it
src/domain/dto/deleteVirtualHost.go
Outdated
| PrimaryVirtualHost valueObject.Fqdn `json:"primaryVirtualHost"` | ||
| Hostname valueObject.Fqdn `json:"hostname"` |
There was a problem hiding this comment.
What's the difference between those two? If Primary is suppose to be the parent of the Hostname than the naming of Hostname should be more clear. Hostname by itself is way too generic.
There was a problem hiding this comment.
Actually, the PrimaryVirtualHost serves as the injection of the primary vhost itself into the UC to compare the hostname to be removed with the primary vhost, precisely to prevent users from removing the primary vhost.
To avoid misunderstandings, I moved this property below the Hostname, and removed its JSON tag, similar to what was done with the operators.
| "github.com/goinfinite/os/src/domain/valueObject" | ||
| ) | ||
|
|
||
| type ReplaceWithValidSsl struct { |
There was a problem hiding this comment.
ReplaceWithValidSsl isn't an UpdateSslPair why?
There was a problem hiding this comment.
Because this DTO is used by the method that replaces the invalid certificate with a self-signed certificate. It's the same method used by the watchdog. Changing it to UpdateSslPair doesn’t make sense, as its purpose is not to update the SslPair data but to inform the repository method which SslPair is being replaced.
| trashPath, _ := valueObject.NewUnixFilePath(TrashDirPath) | ||
| err := uc.filesCmdRepo.Delete(trashPath) | ||
| if err != nil { | ||
| return err | ||
| } | ||
|
|
||
| return uc.CreateTrash() | ||
| return uc.CreateTrash(operatorAccountId, operatorIpAddress) |
There was a problem hiding this comment.
Shouldn't CreateTrash have a DTO and request which accountId do you want to have the trash created? I can't recall if the TrashDir is based on account or if it's a general thing. The name CreateTrash doesn't tell me if it's a GeneralTrash or if it's a AccountTrash.
There was a problem hiding this comment.
I believe it's unnecessary to create separate trash dirs for each account, let alone a DTO, since everything is handled within the method itself. You only need to provide the operator infos.
| "golang.org/x/crypto/sha3" | ||
| ) | ||
|
|
||
| func TransformPlainContentIntoStrongHash( |
There was a problem hiding this comment.
What PlainContent even means? Isn't this a regular hasher?
src/domain/valueObject/sslPairId.go
Outdated
| } | ||
| contentToEncode := sslCertificate.String() + "\n" + sslChainCertificatesMerged + "\n" + sslPrivateKey.String() | ||
|
|
||
| sslPairIdContent, err := voHelper.TransformPlainContentIntoStrongHash(contentToEncode) |
There was a problem hiding this comment.
Ahá, PlainContent means nothing indeed. It's just a string. The helper should be called StrongStringHasher or something like that. No need to create mystery on the code.
| operatorAccountId := service.LocalOperatorAccountId | ||
| if requestBody["operatorAccountId"] != nil { | ||
| operatorAccountId, err = valueObject.NewAccountId( | ||
| requestBody["operatorAccountId"], |
There was a problem hiding this comment.
Wait, what? Are you allowing the user to send the operatorAccountId? Cause that would be a magnificent security flaw.
… controller instead to validate if was provided
No description provided.