화이트리스트 멤버 태그 지움, Closed, Use Whitelist 제거

2023-06-19 14:56:47 +09:00
parent 91790330d2
commit 4bb25a1eff
4 changed files with 7 additions and 82 deletions
--- a/core/api.go
+++ b/core/api.go
@ -351,8 +351,6 @@ func (caller apiCaller) whitelistAPI(w http.ResponseWriter, r *http.Request) err
 		}

 		member.Expired = 0
-		// 테스트
-		member.Tag = whitelistMemberTag_QA

 		_, _, err := mg.mongoClient.Update(CollectionWhitelist, bson.M{
 			"_id": primitive.NewObjectID(),
--- a/core/maingate.go
+++ b/core/maingate.go
@ -567,10 +567,6 @@ func (mg *Maingate) RegisterHandlers(ctx context.Context, serveMux *http.ServeMu
 	logger.Println("RegisterHandlers...")
 	mg.services.init(allServices)
 	for _, service := range allServices {
-		if service.Closed {
-			continue
-		}
-
 		logger.Println("ServiceCode:", service.ServiceCode)
 		serveMux.Handle(common.MakeHttpHandlerPattern(prefix, service.ServiceCode, "/"), service)
 	}
--- a/core/service.go
+++ b/core/service.go
@ -30,23 +30,16 @@ type blockinfo struct {

 type whitelistMemberTag = string

-const (
-	whitelistMemberTag_Default = whitelistMemberTag("")
-	whitelistMemberTag_QA      = whitelistMemberTag("#qa")
-)
-
 type whitelistmember struct {
 	Service  string             `bson:"service" json:"service"`
 	Email    string             `bson:"email" json:"email"`
 	Platform string             `bson:"platform" json:"platform"`
 	Desc     string             `bson:"desc" json:"desc"`
-	Tag      string             `bson:"tag" json:"tag"`
 	Expired  primitive.DateTime `bson:"_ts,omitempty" json:"_ts,omitempty"`
 }

 type whitelist struct {
 	emailptr unsafe.Pointer
-	working  int32
 }

 type usertokeninfo struct {
@ -92,8 +85,6 @@ func removeFromUnsafePointer(from *unsafe.Pointer, email string) {
 }

 func (wl *whitelist) add(m *whitelistmember) {
-	// 테스트
-	m.Tag = whitelistMemberTag_QA
 	addToUnsafePointer(&wl.emailptr, m)
 }

@ -102,10 +93,6 @@ func (wl *whitelist) remove(email string) {
 }

 func (wl *whitelist) isMember(email string, platform string) bool {
-	if atomic.LoadInt32(&wl.working) == 0 {
-		return true
-	}
-
 	ptr := atomic.LoadPointer(&wl.emailptr)
 	src := *(*map[string]*whitelistmember)(ptr)

@ -115,17 +102,6 @@ func (wl *whitelist) isMember(email string, platform string) bool {
 	return false
 }

-func (wl *whitelist) hasTag(email string, platform string, tag whitelistMemberTag) bool {
-	ptr := atomic.LoadPointer(&wl.emailptr)
-	src := *(*map[string]*whitelistmember)(ptr)
-
-	if member, exists := src[whitelistKey(email)]; exists {
-		return strings.Contains(member.Tag, tag)
-	}
-
-	return false
-}
-
 type DivisionStateName string

 const (
@ -153,11 +129,9 @@ type Division struct {
 }

 type ServiceDescriptionSummary struct {
-	Id           primitive.ObjectID `bson:"_id" json:"_id"`
-	ServiceName  string             `bson:"service" json:"service"`
-	ServiceCode  string             `bson:"code" json:"code"`
-	UseWhitelist bool               `bson:"use_whitelist" json:"use_whitelist"`
-	Closed       bool               `bson:"closed" json:"closed"`
+	Id          primitive.ObjectID `bson:"_id" json:"_id"`
+	ServiceName string             `bson:"service" json:"service"`
+	ServiceCode string             `bson:"code" json:"code"`
 }

 type serviceDescription struct {
@ -170,7 +144,6 @@ type serviceDescription struct {
 	wl                    whitelist
 	mongoClient           common.MongoClient
 	sessionTTL            time.Duration
-	closed                int32
 	serviceCodeBytes      []byte
 	getUserBrowserInfo    func(r *http.Request) (string, error)
 	getUserTokenWithCheck func(platform string, userid string, brinfo string) (usertokeninfo, error)
@ -273,12 +246,6 @@ func (sh *serviceDescription) prepare(mg *Maingate) error {
 	sh.updateUserinfo = mg.updateUserinfo
 	sh.getProviderInfo = mg.getProviderInfo

-	if sh.Closed {
-		sh.closed = 1
-	} else {
-		sh.closed = 0
-	}
-
 	var whites []whitelistmember
 	if err := mg.mongoClient.FindAllAs(CollectionWhitelist, bson.M{
 		"$or": []bson.M{{"service": sh.ServiceName}, {"service": sh.ServiceCode}},
@ -288,12 +255,6 @@ func (sh *serviceDescription) prepare(mg *Maingate) error {

 	sh.wl.init(whites)

-	if sh.UseWhitelist {
-		sh.wl.working = 1
-	} else {
-		sh.wl.working = 0
-	}
-
 	if len(sh.ApiUsers) == 0 {
 		sh.ApiUsers = map[string][]string{
 			"service":     {},
@ -322,7 +283,7 @@ func (sh *serviceDescription) prepare(mg *Maingate) error {
 	btsum, _ := json.Marshal(sh.ServiceDescriptionSummary)
 	atomic.StorePointer(&sh.serviceSummarySerialized, unsafe.Pointer(&btsum))

-	logger.Println("service is ready :", sh.ServiceName, sh.ServiceCode, sh.UseWhitelist, sh.ApiUsers, string(divmarshaled))
+	logger.Println("service is ready :", sh.ServiceName, sh.ServiceCode, sh.ApiUsers, string(divmarshaled))

 	return nil
 }
@ -402,12 +363,6 @@ func (sh *serviceDescription) link(w http.ResponseWriter, r *http.Request) {
 	// 	return
 	// }

-	if !sh.wl.isMember(email, newType) {
-		logger.Println("link failed. not whitelist member :", r.URL.Query(), email)
-		w.WriteHeader(http.StatusBadRequest)
-		return
-	}
-
 	newType, newId, err = sh.getProviderInfo(newType, newId)
 	if err != nil {
 		logger.Error("getProviderInfo failed :", err)
@ -516,12 +471,6 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
 		return
 	}

-	if !sh.wl.isMember(email, authtype) {
-		logger.Println("auth failed. not whitelist member :", sh.ServiceCode, authtype, uid, email)
-		w.WriteHeader(http.StatusBadRequest)
-		return
-	}
-
 	logger.Println("auth success :", authtype, uid, email, session)

 	newType, newId, err := sh.getProviderInfo(authtype, uid)
@ -682,11 +631,6 @@ func (sh *serviceDescription) ServeHTTP(w http.ResponseWriter, r *http.Request)
 		r.Body.Close()
 	}()

-	if atomic.LoadInt32(&sh.closed) != 0 {
-		w.WriteHeader(http.StatusNotFound)
-		return
-	}
-
 	if strings.HasSuffix(r.URL.Path, "/auth") {
 		sh.authorize(w, r)
 	} else if strings.HasSuffix(r.URL.Path, "/link") {
@ -722,14 +666,14 @@ func (sh *serviceDescription) ServeHTTP(w http.ResponseWriter, r *http.Request)
 					w.Write([]byte(fmt.Sprintf(`{"service":"%s"}`, div.Url)))

 				case DivisionState_RestrictedOpen:
-					// 점검중인데 일부 권한을 갖고 있는 유저만 들어갈 수 있는 상태
+					// 점검중이면 whitelist만 입장 가능
 					cell := sh.auths.QuerySession(sk, "")
 					if cell == nil {
 						logger.Println("sessionkey is not valid :", sk)
 						w.WriteHeader(http.StatusBadRequest)
 						return
 					}
-					if sh.wl.hasTag(cell.ToAuthinfo().Email, cell.ToAuthinfo().Platform, whitelistMemberTag_QA) {
+					if sh.wl.isMember(cell.ToAuthinfo().Email, cell.ToAuthinfo().Platform) {
 						// qa 권한이면 입장 가능
 						w.Write([]byte(fmt.Sprintf(`{"service":"%s"}`, div.Url)))
 					} else if div.Maintenance != nil {
--- a/core/watch.go
+++ b/core/watch.go
@ -315,18 +315,6 @@ func (mg *Maingate) watchServiceCollection(parentctx context.Context, serveMux *
 							mg.apiTokenToService.add(token.Hex(), data.Service.ServiceCode)
 						}

-						if data.Service.UseWhitelist {
-							atomic.StoreInt32(&old.wl.working, 1)
-						} else {
-							atomic.StoreInt32(&old.wl.working, 0)
-						}
-
-						old.Closed = data.Service.Closed
-						if old.Closed {
-							atomic.StoreInt32(&old.closed, 1)
-						} else {
-							atomic.StoreInt32(&old.closed, 0)
-						}
 						atomic.SwapPointer(&old.wl.emailptr, data.Service.wl.emailptr)

 						old.Divisions = data.Service.Divisions
@ -347,7 +335,7 @@ func (mg *Maingate) watchServiceCollection(parentctx context.Context, serveMux *
 								}
 							}
 						}
-					} else if !data.Service.Closed {
+					} else {
 						logger.Println("service is on the board! :", data.Service)
 						mg.services.add(data.Service)
 						serveMux.Handle(common.MakeHttpHandlerPattern(prefix, data.Service.ServiceCode, "/"), data.Service)
@ -355,7 +343,6 @@ func (mg *Maingate) watchServiceCollection(parentctx context.Context, serveMux *
 				case "delete":
 					if deleted := mg.services.remove(data.DocumentKey.Id); deleted != nil {
 						logger.Println("service is closed :", data.Service)
-						atomic.AddInt32(&deleted.closed, 1)
 					}
 				}
 			} else {