From 4bb25a1eff4622c472264ba95379320cb546e8e7 Mon Sep 17 00:00:00 2001 From: mountain Date: Mon, 19 Jun 2023 14:56:47 +0900 Subject: [PATCH] =?UTF-8?q?=ED=99=94=EC=9D=B4=ED=8A=B8=EB=A6=AC=EC=8A=A4?= =?UTF-8?q?=ED=8A=B8=20=EB=A9=A4=EB=B2=84=20=ED=83=9C=EA=B7=B8=20=EC=A7=80?= =?UTF-8?q?=EC=9B=80,=20Closed,=20Use=20Whitelist=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/api.go | 2 -- core/maingate.go | 4 --- core/service.go | 68 +++++------------------------------------------- core/watch.go | 15 +---------- 4 files changed, 7 insertions(+), 82 deletions(-) diff --git a/core/api.go b/core/api.go index 587249d..b5283f3 100644 --- a/core/api.go +++ b/core/api.go @@ -351,8 +351,6 @@ func (caller apiCaller) whitelistAPI(w http.ResponseWriter, r *http.Request) err } member.Expired = 0 - // 테스트 - member.Tag = whitelistMemberTag_QA _, _, err := mg.mongoClient.Update(CollectionWhitelist, bson.M{ "_id": primitive.NewObjectID(), diff --git a/core/maingate.go b/core/maingate.go index 2eb9821..0e0e3c8 100644 --- a/core/maingate.go +++ b/core/maingate.go @@ -567,10 +567,6 @@ func (mg *Maingate) RegisterHandlers(ctx context.Context, serveMux *http.ServeMu logger.Println("RegisterHandlers...") mg.services.init(allServices) for _, service := range allServices { - if service.Closed { - continue - } - logger.Println("ServiceCode:", service.ServiceCode) serveMux.Handle(common.MakeHttpHandlerPattern(prefix, service.ServiceCode, "/"), service) } diff --git a/core/service.go b/core/service.go index 0439264..0d66e2e 100644 --- a/core/service.go +++ b/core/service.go @@ -30,23 +30,16 @@ type blockinfo struct { type whitelistMemberTag = string -const ( - whitelistMemberTag_Default = whitelistMemberTag("") - whitelistMemberTag_QA = whitelistMemberTag("#qa") -) - type whitelistmember struct { Service string `bson:"service" json:"service"` Email string `bson:"email" json:"email"` Platform string `bson:"platform" json:"platform"` Desc string `bson:"desc" json:"desc"` - Tag string `bson:"tag" json:"tag"` Expired primitive.DateTime `bson:"_ts,omitempty" json:"_ts,omitempty"` } type whitelist struct { emailptr unsafe.Pointer - working int32 } type usertokeninfo struct { @@ -92,8 +85,6 @@ func removeFromUnsafePointer(from *unsafe.Pointer, email string) { } func (wl *whitelist) add(m *whitelistmember) { - // 테스트 - m.Tag = whitelistMemberTag_QA addToUnsafePointer(&wl.emailptr, m) } @@ -102,10 +93,6 @@ func (wl *whitelist) remove(email string) { } func (wl *whitelist) isMember(email string, platform string) bool { - if atomic.LoadInt32(&wl.working) == 0 { - return true - } - ptr := atomic.LoadPointer(&wl.emailptr) src := *(*map[string]*whitelistmember)(ptr) @@ -115,17 +102,6 @@ func (wl *whitelist) isMember(email string, platform string) bool { return false } -func (wl *whitelist) hasTag(email string, platform string, tag whitelistMemberTag) bool { - ptr := atomic.LoadPointer(&wl.emailptr) - src := *(*map[string]*whitelistmember)(ptr) - - if member, exists := src[whitelistKey(email)]; exists { - return strings.Contains(member.Tag, tag) - } - - return false -} - type DivisionStateName string const ( @@ -153,11 +129,9 @@ type Division struct { } type ServiceDescriptionSummary struct { - Id primitive.ObjectID `bson:"_id" json:"_id"` - ServiceName string `bson:"service" json:"service"` - ServiceCode string `bson:"code" json:"code"` - UseWhitelist bool `bson:"use_whitelist" json:"use_whitelist"` - Closed bool `bson:"closed" json:"closed"` + Id primitive.ObjectID `bson:"_id" json:"_id"` + ServiceName string `bson:"service" json:"service"` + ServiceCode string `bson:"code" json:"code"` } type serviceDescription struct { @@ -170,7 +144,6 @@ type serviceDescription struct { wl whitelist mongoClient common.MongoClient sessionTTL time.Duration - closed int32 serviceCodeBytes []byte getUserBrowserInfo func(r *http.Request) (string, error) getUserTokenWithCheck func(platform string, userid string, brinfo string) (usertokeninfo, error) @@ -273,12 +246,6 @@ func (sh *serviceDescription) prepare(mg *Maingate) error { sh.updateUserinfo = mg.updateUserinfo sh.getProviderInfo = mg.getProviderInfo - if sh.Closed { - sh.closed = 1 - } else { - sh.closed = 0 - } - var whites []whitelistmember if err := mg.mongoClient.FindAllAs(CollectionWhitelist, bson.M{ "$or": []bson.M{{"service": sh.ServiceName}, {"service": sh.ServiceCode}}, @@ -288,12 +255,6 @@ func (sh *serviceDescription) prepare(mg *Maingate) error { sh.wl.init(whites) - if sh.UseWhitelist { - sh.wl.working = 1 - } else { - sh.wl.working = 0 - } - if len(sh.ApiUsers) == 0 { sh.ApiUsers = map[string][]string{ "service": {}, @@ -322,7 +283,7 @@ func (sh *serviceDescription) prepare(mg *Maingate) error { btsum, _ := json.Marshal(sh.ServiceDescriptionSummary) atomic.StorePointer(&sh.serviceSummarySerialized, unsafe.Pointer(&btsum)) - logger.Println("service is ready :", sh.ServiceName, sh.ServiceCode, sh.UseWhitelist, sh.ApiUsers, string(divmarshaled)) + logger.Println("service is ready :", sh.ServiceName, sh.ServiceCode, sh.ApiUsers, string(divmarshaled)) return nil } @@ -402,12 +363,6 @@ func (sh *serviceDescription) link(w http.ResponseWriter, r *http.Request) { // return // } - if !sh.wl.isMember(email, newType) { - logger.Println("link failed. not whitelist member :", r.URL.Query(), email) - w.WriteHeader(http.StatusBadRequest) - return - } - newType, newId, err = sh.getProviderInfo(newType, newId) if err != nil { logger.Error("getProviderInfo failed :", err) @@ -516,12 +471,6 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request) return } - if !sh.wl.isMember(email, authtype) { - logger.Println("auth failed. not whitelist member :", sh.ServiceCode, authtype, uid, email) - w.WriteHeader(http.StatusBadRequest) - return - } - logger.Println("auth success :", authtype, uid, email, session) newType, newId, err := sh.getProviderInfo(authtype, uid) @@ -682,11 +631,6 @@ func (sh *serviceDescription) ServeHTTP(w http.ResponseWriter, r *http.Request) r.Body.Close() }() - if atomic.LoadInt32(&sh.closed) != 0 { - w.WriteHeader(http.StatusNotFound) - return - } - if strings.HasSuffix(r.URL.Path, "/auth") { sh.authorize(w, r) } else if strings.HasSuffix(r.URL.Path, "/link") { @@ -722,14 +666,14 @@ func (sh *serviceDescription) ServeHTTP(w http.ResponseWriter, r *http.Request) w.Write([]byte(fmt.Sprintf(`{"service":"%s"}`, div.Url))) case DivisionState_RestrictedOpen: - // 점검중인데 일부 권한을 갖고 있는 유저만 들어갈 수 있는 상태 + // 점검중이면 whitelist만 입장 가능 cell := sh.auths.QuerySession(sk, "") if cell == nil { logger.Println("sessionkey is not valid :", sk) w.WriteHeader(http.StatusBadRequest) return } - if sh.wl.hasTag(cell.ToAuthinfo().Email, cell.ToAuthinfo().Platform, whitelistMemberTag_QA) { + if sh.wl.isMember(cell.ToAuthinfo().Email, cell.ToAuthinfo().Platform) { // qa 권한이면 입장 가능 w.Write([]byte(fmt.Sprintf(`{"service":"%s"}`, div.Url))) } else if div.Maintenance != nil { diff --git a/core/watch.go b/core/watch.go index bd80953..118ebae 100644 --- a/core/watch.go +++ b/core/watch.go @@ -315,18 +315,6 @@ func (mg *Maingate) watchServiceCollection(parentctx context.Context, serveMux * mg.apiTokenToService.add(token.Hex(), data.Service.ServiceCode) } - if data.Service.UseWhitelist { - atomic.StoreInt32(&old.wl.working, 1) - } else { - atomic.StoreInt32(&old.wl.working, 0) - } - - old.Closed = data.Service.Closed - if old.Closed { - atomic.StoreInt32(&old.closed, 1) - } else { - atomic.StoreInt32(&old.closed, 0) - } atomic.SwapPointer(&old.wl.emailptr, data.Service.wl.emailptr) old.Divisions = data.Service.Divisions @@ -347,7 +335,7 @@ func (mg *Maingate) watchServiceCollection(parentctx context.Context, serveMux * } } } - } else if !data.Service.Closed { + } else { logger.Println("service is on the board! :", data.Service) mg.services.add(data.Service) serveMux.Handle(common.MakeHttpHandlerPattern(prefix, data.Service.ServiceCode, "/"), data.Service) @@ -355,7 +343,6 @@ func (mg *Maingate) watchServiceCollection(parentctx context.Context, serveMux * case "delete": if deleted := mg.services.remove(data.DocumentKey.Id); deleted != nil { logger.Println("service is closed :", data.Service) - atomic.AddInt32(&deleted.closed, 1) } } } else {