daanselen/orbits
SHA256
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: add key creation

Browse Source
This commit is contained in:
Daan Selen
2026-04-28 23:04:15 +02:00
parent 0a98ee455f
commit 88812ec865
14 changed files with 289 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/server/database/database.go
+6 -5
View File
@@ -23,11 +23,12 @@ func Kickoff(workDir string) (*gorm.DB, error) {
// try to use GORM automigrate if the schema changes
if err := db.AutoMigrate(
&Command{}, // app state and command status
&File{}, // files database for keeping track
&Tenant{}, // table for tenants and its data
&Group{}, // group table for privileges
&Device{}, // devices table
&AccessKey{}, // api keys for authentication
&Command{}, // app state and command status
&File{}, // files database for keeping track
&Tenant{}, // table for tenants and its data
&Group{}, // group table for privileges
&Device{}, // devices table
); err != nil {
return nil, err
}
internal/server/database/functions.go
+2 -2
View File
@@ -30,7 +30,7 @@ func ListKeys(db *gorm.DB) ([]AccessKey, error) {
return keys, err
}
func CreateKey(db *gorm.DB, k AccessKey) error {
func CreateKey(db *gorm.DB, k *AccessKey) error {
return db.Create(&k).Error
}
@@ -70,7 +70,7 @@ func FindFileByName(db *gorm.DB, name string) (File, error) {
return file, err
}
func CreateFile(db *gorm.DB, f File) error {
func CreateFile(db *gorm.DB, f *File) error {
return db.Create(&f).Error
}
internal/server/database/types.go
+30 -22
View File
@@ -5,12 +5,6 @@ import (
"time"
)
type Timestamps struct {
CreatedAt time.Time `gorm:"not null;"`
UpdatedAt time.Time `gorm:"not null;"`
ExpiresAt time.Time
}
type Command struct {
ID int `gorm:"primaryKey;not null;"`
State string
@@ -24,26 +18,34 @@ type Command struct {
Targets []string `gorm:"type:json;"`
// Must be the location where the file is downloadable on the API
// can be none when there is no media specified (init stage)
Location string
Timestamps
Location string
CreatedAt time.Time `gorm:"not null;"`
UpdatedAt time.Time `gorm:"not null;"`
ExpiresAt time.Time
}
type AccessKey struct {
ID int `gorm:"primaryKey;not null;"`
MetaName string
KeyName string `gorm:"not null;"`
// UUID for safe storage
KeyName string `gorm:"not null;"`
// We don't store the key itself, we hash the key
KeyHash string `gorm:"uniqueIndex;not null;"`
// we're cooking without pepper
Timestamps
// revoked status
Revoked bool
CreatedAt time.Time `gorm:"not null;"`
UpdatedAt time.Time `gorm:"not null;"`
ExpiresAt time.Time
}
type Tenant struct {
ID int `gorm:"primaryKey;not null;"`
TenantName string `gorm:"not null"`
TenantDescription string
Groups []Group `gorm:"foreignKey:TenantID;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
Timestamps
Groups []Group `gorm:"foreignKey:TenantID;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
CreatedAt time.Time `gorm:"not null;"`
UpdatedAt time.Time `gorm:"not null;"`
ExpiresAt time.Time
}
type Group struct {
@@ -51,8 +53,10 @@ type Group struct {
TenantID uint `gorm:"not null;index"`
GroupName string `gorm:"not null;"`
GroupDescription string
Devices []Device `gorm:"foreignKey:GroupID;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
Timestamps
Devices []Device `gorm:"foreignKey:GroupID;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
CreatedAt time.Time `gorm:"not null;"`
UpdatedAt time.Time `gorm:"not null;"`
ExpiresAt time.Time
}
type Device struct {
@@ -61,11 +65,13 @@ type Device struct {
// Device type is meant as a field where can be specified what type of device this is
// eg Raspberry Pi, PC, things like that
DeviceType string
Hostname string `gorm:"not null;"`
RemoteAddress string `gorm:"not null;"`
Alive bool `gorm:"not null;"`
Compliant bool `gorm:"not null;"`
Timestamps
Hostname string `gorm:"not null;"`
RemoteAddress string `gorm:"not null;"`
Alive bool `gorm:"not null;"`
Compliant bool `gorm:"not null;"`
CreatedAt time.Time `gorm:"not null;"`
UpdatedAt time.Time `gorm:"not null;"`
ExpiresAt time.Time
}
type File struct {
@@ -80,6 +86,8 @@ type File struct {
FileName string `gorm:"not null;"`
FilePath string `gorm:"not null;"`
// hex encoded sha512 checksum
Checksum string `gorm:"uniqueIndex;not null;"`
Timestamps
Checksum string `gorm:"uniqueIndex;not null;"`
CreatedAt time.Time `gorm:"not null;"`
UpdatedAt time.Time `gorm:"not null;"`
ExpiresAt time.Time
}
internal/server/database/utility.go
+21 -5
View File
@@ -4,31 +4,33 @@ import (
"fmt"
"io"
"log/slog"
"orbits-server/internal/shared/security"
"orbits-server/internal/shared/utility"
"path/filepath"
"time"
)
// it has been made more general for DRY purposes
// this function should only be called after manually checking the filetype
func BuildFileRecord(r io.Reader, origName string, contentDirectory string) (File, error) {
ext := filepath.Ext(origName)
func BuildFileRecord(r io.Reader, metaName string, contentDirectory string) (File, error) {
ext := filepath.Ext(metaName)
category := utility.CategorizeMediaType(ext)
if category == utility.Unspecified {
return File{}, fmt.Errorf("unsupported filetype")
}
checksum, err := utility.GenerateHashFromReader(r)
checksum, err := security.HashFileReader(r)
if err != nil {
slog.Error("failed to calculate hash of file at given path", "error", err)
return File{}, err
}
safeName := utility.GenerateSafeName(category, ext)
safeName := security.GenerateSafeCategoryName(category, ext)
destPath := filepath.Join(contentDirectory, safeName)
f := File{
MediaType: category,
MetaName: origName,
MetaName: metaName,
FileName: safeName,
FilePath: destPath,
Checksum: checksum,
@@ -36,3 +38,17 @@ func BuildFileRecord(r io.Reader, origName string, contentDirectory string) (Fil
return f, nil
}
func BuildKeyRecord(keyHash string, metaName string, expiresAt time.Time) AccessKey {
safeName := security.GenerateSafeName()
k := AccessKey{
MetaName: metaName,
KeyName: safeName,
KeyHash: keyHash,
Revoked: false,
ExpiresAt: expiresAt,
}
return k
}