From 092934e6e7d2347b0c220e5c40b66227ccb34f20 Mon Sep 17 00:00:00 2001 From: zepatrik <11patti1@gmx.de> Date: Wed, 7 Feb 2018 09:59:14 +0100 Subject: [PATCH 1/3] warden/groups: add a PUT method to overwrite members & some refactoring There was no way to overwrite all group members meaning just sending the actual value, instead one had to keep track of changes or remove all members to add the new ones again. Now a http PUT method allows to set the members array. --- warden/group/handler.go | 96 +++++++++++++++------------ warden/group/manager.go | 1 + warden/group/manager_memory.go | 21 ++++++ warden/group/manager_sql.go | 118 +++++++++++++++++++++------------ 4 files changed, 151 insertions(+), 85 deletions(-) diff --git a/warden/group/handler.go b/warden/group/handler.go index d11ff6b329e..294e92a1c37 100644 --- a/warden/group/handler.go +++ b/warden/group/handler.go @@ -68,6 +68,7 @@ func (h *Handler) SetRoutes(r *httprouter.Router) { r.DELETE(GroupsHandlerPath+"/:id", h.DeleteGroup) r.POST(GroupsHandlerPath+"/:id/members", h.AddGroupMembers) r.DELETE(GroupsHandlerPath+"/:id/members", h.RemoveGroupMembers) + r.PUT(GroupsHandlerPath+"/:id/members", h.OverwriteGroupMembers) } // swagger:route GET /warden/groups warden listGroups @@ -101,12 +102,7 @@ func (h *Handler) SetRoutes(r *httprouter.Router) { // 403: genericError // 500: genericError func (h *Handler) ListGroupsHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { - var ctx = r.Context() - - if _, err := h.W.TokenAllowed(ctx, h.W.TokenFromRequest(r), &firewall.TokenAccessRequest{ - Resource: h.PrefixResource(GroupsResource), - Action: "list", - }, Scope); err != nil { + if err := h.checkRequest(r, h.PrefixResource(GroupsResource), "list"); err != nil { h.H.WriteError(w, r, err) return } @@ -172,19 +168,14 @@ func (h *Handler) FindGroupNames(w http.ResponseWriter, r *http.Request, member // 403: genericError // 500: genericError func (h *Handler) CreateGroup(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { - var g Group - var ctx = r.Context() - - if err := json.NewDecoder(r.Body).Decode(&g); err != nil { - h.H.WriteError(w, r, errors.WithStack(err)) + if err := h.checkRequest(r, h.PrefixResource(GroupsResource), "create"); err != nil { + h.H.WriteError(w, r, err) return } - if _, err := h.W.TokenAllowed(ctx, h.W.TokenFromRequest(r), &firewall.TokenAccessRequest{ - Resource: h.PrefixResource(GroupsResource), - Action: "create", - }, Scope); err != nil { - h.H.WriteError(w, r, err) + var g Group + if err := json.NewDecoder(r.Body).Decode(&g); err != nil { + h.H.WriteError(w, r, errors.WithStack(err)) return } @@ -227,19 +218,15 @@ func (h *Handler) CreateGroup(w http.ResponseWriter, r *http.Request, _ httprout // 403: genericError // 500: genericError func (h *Handler) GetGroup(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - var ctx = r.Context() var id = ps.ByName("id") - g, err := h.Manager.GetGroup(id) - if err != nil { + if err := h.checkRequest(r, fmt.Sprintf(h.PrefixResource(GroupResource), id), "get"); err != nil { h.H.WriteError(w, r, err) return } - if _, err := h.W.TokenAllowed(ctx, h.W.TokenFromRequest(r), &firewall.TokenAccessRequest{ - Resource: fmt.Sprintf(h.PrefixResource(GroupResource), id), - Action: "get", - }, Scope); err != nil { + g, err := h.Manager.GetGroup(id) + if err != nil { h.H.WriteError(w, r, err) return } @@ -278,13 +265,9 @@ func (h *Handler) GetGroup(w http.ResponseWriter, r *http.Request, ps httprouter // 403: genericError // 500: genericError func (h *Handler) DeleteGroup(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - var ctx = r.Context() var id = ps.ByName("id") - if _, err := h.W.TokenAllowed(ctx, h.W.TokenFromRequest(r), &firewall.TokenAccessRequest{ - Resource: fmt.Sprintf(h.PrefixResource(GroupResource), id), - Action: "delete", - }, Scope); err != nil { + if err := h.checkRequest(r, fmt.Sprintf(h.PrefixResource(GroupResource), id), "delete"); err != nil { h.H.WriteError(w, r, err) return } @@ -328,20 +311,16 @@ func (h *Handler) DeleteGroup(w http.ResponseWriter, r *http.Request, ps httprou // 403: genericError // 500: genericError func (h *Handler) AddGroupMembers(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - var ctx = r.Context() var id = ps.ByName("id") - var m membersRequest - if err := json.NewDecoder(r.Body).Decode(&m); err != nil { - h.H.WriteError(w, r, errors.WithStack(err)) + if err := h.checkRequest(r, fmt.Sprintf(h.PrefixResource(GroupResource), id), "members.add"); err != nil { + h.H.WriteError(w, r, err) return } - if _, err := h.W.TokenAllowed(ctx, h.W.TokenFromRequest(r), &firewall.TokenAccessRequest{ - Resource: fmt.Sprintf(h.PrefixResource(GroupResource), id), - Action: "members.add", - }, Scope); err != nil { - h.H.WriteError(w, r, err) + var m membersRequest + if err := json.NewDecoder(r.Body).Decode(&m); err != nil { + h.H.WriteError(w, r, errors.WithStack(err)) return } @@ -384,27 +363,58 @@ func (h *Handler) AddGroupMembers(w http.ResponseWriter, r *http.Request, ps htt // 403: genericError // 500: genericError func (h *Handler) RemoveGroupMembers(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - var ctx = r.Context() var id = ps.ByName("id") + if err := h.checkRequest(r, fmt.Sprintf(h.PrefixResource(GroupResource), id), "members.remove"); err != nil { + h.H.WriteError(w, r, err) + return + } + var m membersRequest if err := json.NewDecoder(r.Body).Decode(&m); err != nil { h.H.WriteError(w, r, errors.WithStack(err)) return } - if _, err := h.W.TokenAllowed(ctx, h.W.TokenFromRequest(r), &firewall.TokenAccessRequest{ - Resource: fmt.Sprintf(h.PrefixResource(GroupResource), id), - Action: "members.remove", - }, Scope); err != nil { + if err := h.Manager.RemoveGroupMembers(id, m.Members); err != nil { h.H.WriteError(w, r, err) return } - if err := h.Manager.RemoveGroupMembers(id, m.Members); err != nil { + w.WriteHeader(http.StatusNoContent) +} + +func (h *Handler) OverwriteGroupMembers(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + var id = ps.ByName("id") + + if err := h.checkRequest(r, fmt.Sprintf(h.PrefixResource(GroupResource), id), "members.remove"); err != nil { + h.H.WriteError(w, r, err) + return + } + + var m membersRequest + if err := json.NewDecoder(r.Body).Decode(&m); err != nil { + h.H.WriteError(w, r, errors.WithStack(err)) + return + } + + if err := h.Manager.OverwriteGroupMembers(id, m.Members); err != nil { h.H.WriteError(w, r, err) return } w.WriteHeader(http.StatusNoContent) } + +func (h *Handler) checkRequest(r *http.Request, resource string, action string) error { + var ctx = r.Context() + + if _, err := h.W.TokenAllowed(ctx, h.W.TokenFromRequest(r), &firewall.TokenAccessRequest{ + Resource: resource, + Action: action, + }, Scope); err != nil { + return errors.WithStack(err) + } + + return nil +} diff --git a/warden/group/manager.go b/warden/group/manager.go index 039854c3143..f2cdc885fbc 100644 --- a/warden/group/manager.go +++ b/warden/group/manager.go @@ -32,6 +32,7 @@ type Manager interface { AddGroupMembers(group string, members []string) error RemoveGroupMembers(group string, members []string) error + OverwriteGroupMembers(group string, members []string) error FindGroupsByMember(subject string, limit, offset int) ([]Group, error) ListGroups(limit, offset int) ([]Group, error) diff --git a/warden/group/manager_memory.go b/warden/group/manager_memory.go index 64871928ff8..2700812b4e9 100644 --- a/warden/group/manager_memory.go +++ b/warden/group/manager_memory.go @@ -126,3 +126,24 @@ func (m *MemoryManager) ListGroups(limit, offset int) ([]Group, error) { start, end := pagination.Index(limit, offset, len(res)) return res[start:end], nil } + +func (m *MemoryManager) OverwriteGroupMembers(group string, members []string) error { + id := group + + err := m.DeleteGroup(id) + + if err != nil { + return err + } + + err = m.CreateGroup(&Group{ + ID: id, + Members: members, + }) + + if err != nil { + return err + } + + return nil +} diff --git a/warden/group/manager_sql.go b/warden/group/manager_sql.go index 871218bcdd4..0aa9e3ad8bb 100644 --- a/warden/group/manager_sql.go +++ b/warden/group/manager_sql.go @@ -57,16 +57,22 @@ func (m *SQLManager) CreateSchemas() (int, error) { return n, nil } +func (m *SQLManager) createGroup(group string) func(tx *sqlx.Tx) error { + return func(tx *sqlx.Tx) error { + if _, err := tx.Exec(m.DB.Rebind("INSERT INTO hydra_warden_group (id) VALUES (?)"), group); err != nil { + return err + } + + return nil + } +} + func (m *SQLManager) CreateGroup(g *Group) error { if g.ID == "" { g.ID = uuid.New() } - if _, err := m.DB.Exec(m.DB.Rebind("INSERT INTO hydra_warden_group (id) VALUES (?)"), g.ID); err != nil { - return errors.WithStack(err) - } - - return m.AddGroupMembers(g.ID, g.Members) + return m.applyInTransaction(m.createGroup(g.ID), m.addGroupMembers(g.ID, g.Members)) } func (m *SQLManager) GetGroup(id string) (*Group, error) { @@ -88,58 +94,56 @@ func (m *SQLManager) GetGroup(id string) (*Group, error) { }, nil } -func (m *SQLManager) DeleteGroup(id string) error { - if _, err := m.DB.Exec(m.DB.Rebind("DELETE FROM hydra_warden_group WHERE id=?"), id); err != nil { - return errors.WithStack(err) +func (m *SQLManager) deleteGroup(id string) func(tx *sqlx.Tx) error { + return func(tx *sqlx.Tx) error { + if _, err := tx.Exec(m.DB.Rebind("DELETE FROM hydra_warden_group WHERE id=?"), id); err != nil { + return err + } + + return nil } - return nil } -func (m *SQLManager) AddGroupMembers(group string, subjects []string) error { - tx, err := m.DB.Beginx() - if err != nil { - return errors.Wrap(err, "Could not begin transaction") - } +func (m *SQLManager) DeleteGroup(id string) error { + return m.applyInTransaction(m.deleteGroup(id)) +} - for _, subject := range subjects { - if _, err := tx.Exec(m.DB.Rebind("INSERT INTO hydra_warden_group_member (group_id, member) VALUES (?, ?)"), group, subject); err != nil { - if err := tx.Rollback(); err != nil { - return errors.WithStack(err) +func (m *SQLManager) addGroupMembers(group string, subjects []string) func(tx *sqlx.Tx) error { + return func(tx *sqlx.Tx) error { + for _, subject := range subjects { + if _, err := tx.Exec(m.DB.Rebind("INSERT INTO hydra_warden_group_member (group_id, member) VALUES (?, ?)"), group, subject); err != nil { + if err := tx.Rollback(); err != nil { + return err + } + return err } - return errors.WithStack(err) } - } - if err := tx.Commit(); err != nil { - if err := tx.Rollback(); err != nil { - return errors.WithStack(err) - } - return errors.Wrap(err, "Could not commit transaction") + return nil } - return nil } -func (m *SQLManager) RemoveGroupMembers(group string, subjects []string) error { - tx, err := m.DB.Beginx() - if err != nil { - return errors.Wrap(err, "Could not begin transaction") - } - for _, subject := range subjects { - if _, err := m.DB.Exec(m.DB.Rebind("DELETE FROM hydra_warden_group_member WHERE member=? AND group_id=?"), subject, group); err != nil { - if err := tx.Rollback(); err != nil { +func (m *SQLManager) AddGroupMembers(group string, subjects []string) error { + return m.applyInTransaction(m.addGroupMembers(group, subjects)) +} + +func (m *SQLManager) removeGroupMembers(group string, subjects []string) func(tx *sqlx.Tx) error { + return func(tx *sqlx.Tx) error { + for _, subject := range subjects { + if _, err := tx.Exec(m.DB.Rebind("DELETE FROM hydra_warden_group_member WHERE member=? AND group_id=?"), subject, group); err != nil { + if err := tx.Rollback(); err != nil { + return errors.WithStack(err) + } return errors.WithStack(err) } - return errors.WithStack(err) } - } - if err := tx.Commit(); err != nil { - if err := tx.Rollback(); err != nil { - return errors.WithStack(err) - } - return errors.Wrap(err, "Could not commit transaction") + return nil } - return nil +} + +func (m *SQLManager) RemoveGroupMembers(group string, subjects []string) error { + return m.applyInTransaction(m.removeGroupMembers(group, subjects)) } func (m *SQLManager) FindGroupsByMember(subject string, limit, offset int) ([]Group, error) { @@ -183,3 +187,33 @@ func (m *SQLManager) ListGroups(limit, offset int) ([]Group, error) { return groups, nil } + +func (m *SQLManager) OverwriteGroupMembers(group string, members []string) error { + if err := m.applyInTransaction(m.deleteGroup(group), m.createGroup(group), m.addGroupMembers(group, members)); err != nil { + return err + } + + return nil +} + +func (m *SQLManager) applyInTransaction(requests ...func(tx *sqlx.Tx) error) error { + tx, err := m.DB.Beginx() + if err != nil { + return errors.Wrap(err, "Could not begin transaction") + } + + for _, req := range requests { + if err := req(tx); err != nil { + tx.Rollback() + return errors.WithStack(err) + } + } + + if err := tx.Commit(); err != nil { + if err := tx.Rollback(); err != nil { + return errors.WithStack(err) + } + return errors.Wrap(err, "Could not commit transaction") + } + return nil +} From 988e75f3b12ccacd4c48647d7fa55778aa9347dd Mon Sep 17 00:00:00 2001 From: zepatrik <11patti1@gmx.de> Date: Mon, 12 Feb 2018 18:31:47 +0100 Subject: [PATCH 2/3] unstaged --- warden/group/manager_memory.go | 2 +- warden/group/manager_sql.go | 40 +++++++++++++--------------------- 2 files changed, 16 insertions(+), 26 deletions(-) diff --git a/warden/group/manager_memory.go b/warden/group/manager_memory.go index 2700812b4e9..cd4b5099f0b 100644 --- a/warden/group/manager_memory.go +++ b/warden/group/manager_memory.go @@ -137,7 +137,7 @@ func (m *MemoryManager) OverwriteGroupMembers(group string, members []string) er } err = m.CreateGroup(&Group{ - ID: id, + ID: id, Members: members, }) diff --git a/warden/group/manager_sql.go b/warden/group/manager_sql.go index 0aa9e3ad8bb..fb9096438ea 100644 --- a/warden/group/manager_sql.go +++ b/warden/group/manager_sql.go @@ -59,11 +59,9 @@ func (m *SQLManager) CreateSchemas() (int, error) { func (m *SQLManager) createGroup(group string) func(tx *sqlx.Tx) error { return func(tx *sqlx.Tx) error { - if _, err := tx.Exec(m.DB.Rebind("INSERT INTO hydra_warden_group (id) VALUES (?)"), group); err != nil { - return err - } + _, err := tx.Exec(m.DB.Rebind("INSERT INTO hydra_warden_group (id) VALUES (?)"), group) - return nil + return errors.WithStack(err) } } @@ -72,7 +70,7 @@ func (m *SQLManager) CreateGroup(g *Group) error { g.ID = uuid.New() } - return m.applyInTransaction(m.createGroup(g.ID), m.addGroupMembers(g.ID, g.Members)) + return errors.WithStack(m.applyInTransaction(m.createGroup(g.ID), m.addGroupMembers(g.ID, g.Members))) } func (m *SQLManager) GetGroup(id string) (*Group, error) { @@ -96,26 +94,21 @@ func (m *SQLManager) GetGroup(id string) (*Group, error) { func (m *SQLManager) deleteGroup(id string) func(tx *sqlx.Tx) error { return func(tx *sqlx.Tx) error { - if _, err := tx.Exec(m.DB.Rebind("DELETE FROM hydra_warden_group WHERE id=?"), id); err != nil { - return err - } + _, err := tx.Exec(m.DB.Rebind("DELETE FROM hydra_warden_group WHERE id=?"), id) - return nil + return errors.WithStack(err) } } func (m *SQLManager) DeleteGroup(id string) error { - return m.applyInTransaction(m.deleteGroup(id)) + return errors.WithStack(m.applyInTransaction(m.deleteGroup(id))) } func (m *SQLManager) addGroupMembers(group string, subjects []string) func(tx *sqlx.Tx) error { return func(tx *sqlx.Tx) error { for _, subject := range subjects { if _, err := tx.Exec(m.DB.Rebind("INSERT INTO hydra_warden_group_member (group_id, member) VALUES (?, ?)"), group, subject); err != nil { - if err := tx.Rollback(); err != nil { - return err - } - return err + return errors.WithStack(err) } } @@ -124,16 +117,13 @@ func (m *SQLManager) addGroupMembers(group string, subjects []string) func(tx *s } func (m *SQLManager) AddGroupMembers(group string, subjects []string) error { - return m.applyInTransaction(m.addGroupMembers(group, subjects)) + return errors.WithStack(m.applyInTransaction(m.addGroupMembers(group, subjects))) } func (m *SQLManager) removeGroupMembers(group string, subjects []string) func(tx *sqlx.Tx) error { return func(tx *sqlx.Tx) error { for _, subject := range subjects { if _, err := tx.Exec(m.DB.Rebind("DELETE FROM hydra_warden_group_member WHERE member=? AND group_id=?"), subject, group); err != nil { - if err := tx.Rollback(); err != nil { - return errors.WithStack(err) - } return errors.WithStack(err) } } @@ -143,7 +133,7 @@ func (m *SQLManager) removeGroupMembers(group string, subjects []string) func(tx } func (m *SQLManager) RemoveGroupMembers(group string, subjects []string) error { - return m.applyInTransaction(m.removeGroupMembers(group, subjects)) + return errors.WithStack(m.applyInTransaction(m.removeGroupMembers(group, subjects))) } func (m *SQLManager) FindGroupsByMember(subject string, limit, offset int) ([]Group, error) { @@ -189,11 +179,7 @@ func (m *SQLManager) ListGroups(limit, offset int) ([]Group, error) { } func (m *SQLManager) OverwriteGroupMembers(group string, members []string) error { - if err := m.applyInTransaction(m.deleteGroup(group), m.createGroup(group), m.addGroupMembers(group, members)); err != nil { - return err - } - - return nil + return errors.WithStack(m.applyInTransaction(m.deleteGroup(group), m.createGroup(group), m.addGroupMembers(group, members))) } func (m *SQLManager) applyInTransaction(requests ...func(tx *sqlx.Tx) error) error { @@ -204,7 +190,10 @@ func (m *SQLManager) applyInTransaction(requests ...func(tx *sqlx.Tx) error) err for _, req := range requests { if err := req(tx); err != nil { - tx.Rollback() + if err := tx.Rollback(); err != nil { + return errors.WithStack(err) + } + return errors.WithStack(err) } } @@ -215,5 +204,6 @@ func (m *SQLManager) applyInTransaction(requests ...func(tx *sqlx.Tx) error) err } return errors.Wrap(err, "Could not commit transaction") } + return nil } From b69333da2e2bdc05325bb5789616346075f0d50f Mon Sep 17 00:00:00 2001 From: zepatrik <11patti1@gmx.de> Date: Fri, 16 Feb 2018 00:11:29 +0100 Subject: [PATCH 3/3] Finish up PR, fixing error handling mostly --- warden/group/handler.go | 38 ++++++++++++++++++++++++++++++---- warden/group/manager.go | 2 +- warden/group/manager_memory.go | 12 ++++------- warden/group/manager_sql.go | 24 ++++++++++----------- 4 files changed, 51 insertions(+), 25 deletions(-) diff --git a/warden/group/handler.go b/warden/group/handler.go index 294e92a1c37..107d67011c8 100644 --- a/warden/group/handler.go +++ b/warden/group/handler.go @@ -68,7 +68,7 @@ func (h *Handler) SetRoutes(r *httprouter.Router) { r.DELETE(GroupsHandlerPath+"/:id", h.DeleteGroup) r.POST(GroupsHandlerPath+"/:id/members", h.AddGroupMembers) r.DELETE(GroupsHandlerPath+"/:id/members", h.RemoveGroupMembers) - r.PUT(GroupsHandlerPath+"/:id/members", h.OverwriteGroupMembers) + r.PUT(GroupsHandlerPath+"/:id/members", h.UpdateGroupMembers) } // swagger:route GET /warden/groups warden listGroups @@ -384,10 +384,40 @@ func (h *Handler) RemoveGroupMembers(w http.ResponseWriter, r *http.Request, ps w.WriteHeader(http.StatusNoContent) } -func (h *Handler) OverwriteGroupMembers(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { +// swagger:route PUT /warden/groups/{id}/members warden replaceMembersInGroup +// +// Replace the members of a group +// +// The subject making the request needs to be assigned to a policy containing: +// +// ``` +// { +// "resources": ["rn:hydra:warden:groups:"], +// "actions": ["members.update"], +// "effect": "allow" +// } +// ``` +// +// Consumes: +// - application/json +// +// Produces: +// - application/json +// +// Schemes: http, https +// +// Security: +// oauth2: hydra.warden.groups +// +// Responses: +// 204: emptyResponse +// 401: genericError +// 403: genericError +// 500: genericError +func (h *Handler) UpdateGroupMembers(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var id = ps.ByName("id") - if err := h.checkRequest(r, fmt.Sprintf(h.PrefixResource(GroupResource), id), "members.remove"); err != nil { + if err := h.checkRequest(r, fmt.Sprintf(h.PrefixResource(GroupResource), id), "members.update"); err != nil { h.H.WriteError(w, r, err) return } @@ -398,7 +428,7 @@ func (h *Handler) OverwriteGroupMembers(w http.ResponseWriter, r *http.Request, return } - if err := h.Manager.OverwriteGroupMembers(id, m.Members); err != nil { + if err := h.Manager.UpdateGroupMembers(id, m.Members); err != nil { h.H.WriteError(w, r, err) return } diff --git a/warden/group/manager.go b/warden/group/manager.go index f2cdc885fbc..311850191dd 100644 --- a/warden/group/manager.go +++ b/warden/group/manager.go @@ -32,7 +32,7 @@ type Manager interface { AddGroupMembers(group string, members []string) error RemoveGroupMembers(group string, members []string) error - OverwriteGroupMembers(group string, members []string) error + UpdateGroupMembers(group string, members []string) error FindGroupsByMember(subject string, limit, offset int) ([]Group, error) ListGroups(limit, offset int) ([]Group, error) diff --git a/warden/group/manager_memory.go b/warden/group/manager_memory.go index cd4b5099f0b..45378316093 100644 --- a/warden/group/manager_memory.go +++ b/warden/group/manager_memory.go @@ -127,21 +127,17 @@ func (m *MemoryManager) ListGroups(limit, offset int) ([]Group, error) { return res[start:end], nil } -func (m *MemoryManager) OverwriteGroupMembers(group string, members []string) error { +func (m *MemoryManager) UpdateGroupMembers(group string, members []string) error { id := group - err := m.DeleteGroup(id) - - if err != nil { + if err := m.DeleteGroup(id); err != nil { return err } - err = m.CreateGroup(&Group{ + if err := m.CreateGroup(&Group{ ID: id, Members: members, - }) - - if err != nil { + }); err != nil { return err } diff --git a/warden/group/manager_sql.go b/warden/group/manager_sql.go index fb9096438ea..3a0d77eb35e 100644 --- a/warden/group/manager_sql.go +++ b/warden/group/manager_sql.go @@ -70,7 +70,7 @@ func (m *SQLManager) CreateGroup(g *Group) error { g.ID = uuid.New() } - return errors.WithStack(m.applyInTransaction(m.createGroup(g.ID), m.addGroupMembers(g.ID, g.Members))) + return m.applyInTransaction(m.createGroup(g.ID), m.addGroupMembers(g.ID, g.Members)) } func (m *SQLManager) GetGroup(id string) (*Group, error) { @@ -101,7 +101,7 @@ func (m *SQLManager) deleteGroup(id string) func(tx *sqlx.Tx) error { } func (m *SQLManager) DeleteGroup(id string) error { - return errors.WithStack(m.applyInTransaction(m.deleteGroup(id))) + return m.applyInTransaction(m.deleteGroup(id)) } func (m *SQLManager) addGroupMembers(group string, subjects []string) func(tx *sqlx.Tx) error { @@ -117,7 +117,7 @@ func (m *SQLManager) addGroupMembers(group string, subjects []string) func(tx *s } func (m *SQLManager) AddGroupMembers(group string, subjects []string) error { - return errors.WithStack(m.applyInTransaction(m.addGroupMembers(group, subjects))) + return m.applyInTransaction(m.addGroupMembers(group, subjects)) } func (m *SQLManager) removeGroupMembers(group string, subjects []string) func(tx *sqlx.Tx) error { @@ -133,7 +133,7 @@ func (m *SQLManager) removeGroupMembers(group string, subjects []string) func(tx } func (m *SQLManager) RemoveGroupMembers(group string, subjects []string) error { - return errors.WithStack(m.applyInTransaction(m.removeGroupMembers(group, subjects))) + return m.applyInTransaction(m.removeGroupMembers(group, subjects)) } func (m *SQLManager) FindGroupsByMember(subject string, limit, offset int) ([]Group, error) { @@ -148,7 +148,7 @@ func (m *SQLManager) FindGroupsByMember(subject string, limit, offset int) ([]Gr for k, id := range ids { group, err := m.GetGroup(id) if err != nil { - return nil, errors.WithStack(err) + return nil, err } groups[k] = *group @@ -169,7 +169,7 @@ func (m *SQLManager) ListGroups(limit, offset int) ([]Group, error) { for k, id := range ids { group, err := m.GetGroup(id) if err != nil { - return nil, errors.WithStack(err) + return nil, err } groups[k] = *group @@ -178,23 +178,23 @@ func (m *SQLManager) ListGroups(limit, offset int) ([]Group, error) { return groups, nil } -func (m *SQLManager) OverwriteGroupMembers(group string, members []string) error { - return errors.WithStack(m.applyInTransaction(m.deleteGroup(group), m.createGroup(group), m.addGroupMembers(group, members))) +func (m *SQLManager) UpdateGroupMembers(group string, members []string) error { + return m.applyInTransaction(m.deleteGroup(group), m.createGroup(group), m.addGroupMembers(group, members)) } -func (m *SQLManager) applyInTransaction(requests ...func(tx *sqlx.Tx) error) error { +func (m *SQLManager) applyInTransaction(executors ...func(tx *sqlx.Tx) error) error { tx, err := m.DB.Beginx() if err != nil { return errors.Wrap(err, "Could not begin transaction") } - for _, req := range requests { - if err := req(tx); err != nil { + for _, exec := range executors { + if err := exec(tx); err != nil { if err := tx.Rollback(); err != nil { return errors.WithStack(err) } - return errors.WithStack(err) + return err } }