added free pass to superadmin on dev

stakwork · Feb 6, 2024 · cf3cdb5 · cf3cdb5
1 parent e702c46
commit cf3cdb5
Show file tree

Hide file tree

Showing 8 changed files with 73 additions and 75 deletions.
diff --git a/auth/auth.go b/auth/auth.go
@@ -98,7 +98,6 @@ func PubKeyContextSuperAdmin(next http.Handler) http.Handler {
 		}
 
 		isJwt := strings.Contains(token, ".") && !strings.HasPrefix(token, ".")
-
 		if isJwt {
 			claims, err := DecodeJwt(token)
 
@@ -115,7 +114,7 @@ func PubKeyContextSuperAdmin(next http.Handler) http.Handler {
 			}
 
 			pubkey := fmt.Sprintf("%v", claims["pubkey"])
-			if !AdminCheck(pubkey) {
+			if !IsFreePass() && !AdminCheck(pubkey) {
 				fmt.Println("Not a super admin")
 				http.Error(w, http.StatusText(401), 401)
 				return
@@ -135,8 +134,8 @@ func PubKeyContextSuperAdmin(next http.Handler) http.Handler {
 				return
 			}
 
-			if !AdminCheck(pubkey) {
-				fmt.Println("Not a super admin")
+			if !IsFreePass() && !AdminCheck(pubkey) {
+				fmt.Println("Not a super admin : auth")
 				http.Error(w, http.StatusText(401), 401)
 				return
 			}
@@ -156,6 +155,13 @@ func AdminCheck(pubkey string) bool {
 	return false
 }
 
+func IsFreePass() bool {
+	if len(config.SuperAdmins) == 1 && config.SuperAdmins[0] == config.AdminDevFreePass {
+		return true
+	}
+	return false
+}
+
 // VerifyTribeUUID takes base64 uuid and returns hex pubkey
 func VerifyTribeUUID(uuid string, checkTimestamp bool) (string, error) {
 

diff --git a/config/config.go b/config/config.go
@@ -31,6 +31,8 @@ var BudgetInvoiceList = "BUDGETINVOICELIST"
 var S3BucketName string
 var S3FolderName string
 var S3Url string
+var AdminCheck string
+var AdminDevFreePass = "FREE_PASS"
 
 var S3Client *s3.S3
 
@@ -47,6 +49,8 @@ func InitConfig() {
 	S3BucketName = os.Getenv("S3_BUCKET_NAME")
 	S3FolderName = os.Getenv("S3_FOLDER_NAME")
 	S3Url = os.Getenv("S3_URL")
+	AdminCheck = os.Getenv("ADMIN_CHECK")
+
 	// Add to super admins
 	SuperAdmins = StripSuperAdmins(AdminStrings)
 

diff --git a/db/db.go b/db/db.go
@@ -712,11 +712,11 @@ func (db database) GetBountyById(id string) ([]Bounty, error) {
 	return ms, err
 }
 
-func (db database) GetNextBountyByCreated(r *http.Request) ([]Bounty, error) {
+func (db database) GetNextBountyByCreated(r *http.Request) (uint, error) {
 	created := chi.URLParam(r, "created")
 	keys := r.URL.Query()
 	_, _, _, _, search := utils.GetPaginationParams(r)
-	ms := []Bounty{}
+	var bountyId uint
 
 	open := keys.Get("Open")
 	assingned := keys.Get("Assigned")
@@ -764,20 +764,20 @@ func (db database) GetNextBountyByCreated(r *http.Request) ([]Bounty, error) {
 		}
 	}
 
-	query := `SELECT * FROM public.bounty WHERE created > '` + created + `' AND show = true`
+	query := `SELECT id FROM public.bounty WHERE created > '` + created + `' AND show = true`
 	orderQuery := "ORDER BY created ASC LIMIT 1"
 
 	allQuery := query + " " + searchQuery + " " + statusQuery + " " + languageQuery + " " + orderQuery
 
-	err := db.db.Raw(allQuery).Find(&ms).Error
-	return ms, err
+	err := db.db.Raw(allQuery).Find(&bountyId).Error
+	return bountyId, err
 }
 
-func (db database) GetPreviousBountyByCreated(r *http.Request) ([]Bounty, error) {
+func (db database) GetPreviousBountyByCreated(r *http.Request) (uint, error) {
 	created := chi.URLParam(r, "created")
 	keys := r.URL.Query()
+	var bountyId uint
 	_, _, _, _, search := utils.GetPaginationParams(r)
-	ms := []Bounty{}
 
 	open := keys.Get("Open")
 	assingned := keys.Get("Assigned")
@@ -825,21 +825,21 @@ func (db database) GetPreviousBountyByCreated(r *http.Request) ([]Bounty, error)
 		}
 	}
 
-	query := `SELECT * FROM public.bounty WHERE created < '` + created + `' AND show = true`
+	query := `SELECT id FROM public.bounty WHERE created < '` + created + `' AND show = true`
 	orderQuery := "ORDER BY created DESC LIMIT 1"
 
 	allQuery := query + " " + searchQuery + " " + statusQuery + " " + languageQuery + " " + orderQuery
 
-	err := db.db.Raw(allQuery).Find(&ms).Error
-	return ms, err
+	err := db.db.Raw(allQuery).Find(&bountyId).Error
+	return bountyId, err
 }
 
-func (db database) GetNextOrganizationBountyByCreated(r *http.Request) ([]Bounty, error) {
+func (db database) GetNextOrganizationBountyByCreated(r *http.Request) (uint, error) {
 	created := chi.URLParam(r, "created")
 	uuid := chi.URLParam(r, "uuid")
 	keys := r.URL.Query()
 	_, _, _, _, search := utils.GetPaginationParams(r)
-	ms := []Bounty{}
+	var bountyId uint
 
 	open := keys.Get("Open")
 	assingned := keys.Get("Assigned")
@@ -887,21 +887,21 @@ func (db database) GetNextOrganizationBountyByCreated(r *http.Request) ([]Bounty
 		}
 	}
 
-	query := `SELECT * FROM public.bounty WHERE org_uuid = '` + uuid + `' AND created > '` + created + `' AND show = true`
+	query := `SELECT id FROM public.bounty WHERE org_uuid = '` + uuid + `' AND created > '` + created + `' AND show = true`
 	orderQuery := "ORDER BY created ASC LIMIT 1"
 
 	allQuery := query + " " + searchQuery + " " + statusQuery + " " + languageQuery + " " + orderQuery
 
-	err := db.db.Raw(allQuery).Find(&ms).Error
-	return ms, err
+	err := db.db.Raw(allQuery).Find(&bountyId).Error
+	return bountyId, err
 }
 
-func (db database) GetPreviousOrganizationBountyByCreated(r *http.Request) ([]Bounty, error) {
+func (db database) GetPreviousOrganizationBountyByCreated(r *http.Request) (uint, error) {
 	created := chi.URLParam(r, "created")
 	uuid := chi.URLParam(r, "uuid")
 	keys := r.URL.Query()
 	_, _, _, _, search := utils.GetPaginationParams(r)
-	ms := []Bounty{}
+	var bountyId uint
 
 	open := keys.Get("Open")
 	assingned := keys.Get("Assigned")
@@ -949,13 +949,13 @@ func (db database) GetPreviousOrganizationBountyByCreated(r *http.Request) ([]Bo
 		}
 	}
 
-	query := `SELECT * FROM public.bounty WHERE org_uuid = '` + uuid + `' AND created < '` + created + `' AND show = true`
+	query := `SELECT id FROM public.bounty WHERE org_uuid = '` + uuid + `' AND created < '` + created + `' AND show = true`
 	orderQuery := "ORDER BY created DESC LIMIT 1"
 
 	allQuery := query + " " + searchQuery + " " + statusQuery + " " + languageQuery + " " + orderQuery
 
-	err := db.db.Raw(allQuery).Find(&ms).Error
-	return ms, err
+	err := db.db.Raw(allQuery).Find(&bountyId).Error
+	return bountyId, err
 }
 
 func (db database) GetBountyIndexById(id string) int64 {

diff --git a/db/interface.go b/db/interface.go
@@ -35,10 +35,10 @@ type Database interface {
 	GetAssignedBounties(r *http.Request) ([]Bounty, error)
 	GetCreatedBounties(r *http.Request) ([]Bounty, error)
 	GetBountyById(id string) ([]Bounty, error)
-	GetNextBountyByCreated(r *http.Request) ([]Bounty, error)
-	GetPreviousBountyByCreated(r *http.Request) ([]Bounty, error)
-	GetNextOrganizationBountyByCreated(r *http.Request) ([]Bounty, error)
-	GetPreviousOrganizationBountyByCreated(r *http.Request) ([]Bounty, error)
+	GetNextBountyByCreated(r *http.Request) (uint, error)
+	GetPreviousBountyByCreated(r *http.Request) (uint, error)
+	GetNextOrganizationBountyByCreated(r *http.Request) (uint, error)
+	GetPreviousOrganizationBountyByCreated(r *http.Request) (uint, error)
 	GetBountyIndexById(id string) int64
 	GetBountyDataByCreated(created string) ([]Bounty, error)
 	AddBounty(b Bounty) (Bounty, error)

diff --git a/handlers/auth.go b/handlers/auth.go
@@ -36,8 +36,8 @@ func GetIsAdmin(w http.ResponseWriter, r *http.Request) {
 	pubKeyFromAuth, _ := ctx.Value(auth.ContextKey).(string)
 	isAdmin := auth.AdminCheck(pubKeyFromAuth)
 
-	if !isAdmin {
-		fmt.Println("Not a super admin")
+	if !auth.IsFreePass() && !isAdmin {
+		fmt.Println("Not a super admin: handler")
 		http.Error(w, http.StatusText(401), 401)
 		return
 	} else {

diff --git a/handlers/bounty.go b/handlers/bounty.go
@@ -60,9 +60,8 @@ func GetNextBountyByCreated(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusBadRequest)
 		fmt.Println("Error", err)
 	} else {
-		var bountyResponse []db.BountyResponse = GenerateBountyResponse(bounties)
 		w.WriteHeader(http.StatusOK)
-		json.NewEncoder(w).Encode(bountyResponse)
+		json.NewEncoder(w).Encode(bounties)
 	}
 }
 
@@ -72,9 +71,8 @@ func GetPreviousBountyByCreated(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusBadRequest)
 		fmt.Println("Error", err)
 	} else {
-		var bountyResponse []db.BountyResponse = GenerateBountyResponse(bounties)
 		w.WriteHeader(http.StatusOK)
-		json.NewEncoder(w).Encode(bountyResponse)
+		json.NewEncoder(w).Encode(bounties)
 	}
 }
 
@@ -84,9 +82,8 @@ func GetOrganizationNextBountyByCreated(w http.ResponseWriter, r *http.Request)
 		w.WriteHeader(http.StatusBadRequest)
 		fmt.Println("Error", err)
 	} else {
-		var bountyResponse []db.BountyResponse = GenerateBountyResponse(bounties)
 		w.WriteHeader(http.StatusOK)
-		json.NewEncoder(w).Encode(bountyResponse)
+		json.NewEncoder(w).Encode(bounties)
 	}
 }
 
@@ -96,9 +93,8 @@ func GetOrganizationPreviousBountyByCreated(w http.ResponseWriter, r *http.Reque
 		w.WriteHeader(http.StatusBadRequest)
 		fmt.Println("Error", err)
 	} else {
-		var bountyResponse []db.BountyResponse = GenerateBountyResponse(bounties)
 		w.WriteHeader(http.StatusOK)
-		json.NewEncoder(w).Encode(bountyResponse)
+		json.NewEncoder(w).Encode(bounties)
 	}
 }