-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathrevoke.go
65 lines (59 loc) · 1.36 KB
/
revoke.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package main
import (
"errors"
"net/http"
"strings"
"github.com/gin-gonic/gin"
)
type revokeUserReq struct {
Users []string `json:"users"`
Graph *string `json:"graph"`
Role *string `json:"role"`
}
func (r *revokeUserReq) validate() error {
if len(r.Users) == 0 {
return errors.New(`at least one user is required`)
}
if r.Role == nil {
return errors.New(`role field is required`)
}
if r.Graph == nil && *r.Role != "superuser" {
return errors.New(`graph field can be empty only if role is "superuser"`)
}
return nil
}
func revokeUserHandler(c *gin.Context) {
req := revokeUserReq{}
if err := c.ShouldBind(&req); err != nil {
c.AbortWithStatusJSON(http.StatusBadRequest, response{
Error: true,
Message: err.Error(),
})
return
}
if err := req.validate(); err != nil {
c.AbortWithStatusJSON(http.StatusBadRequest, response{
Error: true,
Message: err.Error(),
})
return
}
cred := getCredential(c)
cliToks := []string{"revoke", "role", *req.Role}
if req.Graph != nil {
cliToks = append(cliToks, "on", "graph", *req.Graph)
}
cliToks = append(cliToks, "from")
cliToks = append(cliToks, strings.Join(req.Users, ","))
result, err := execGSQL(
*cred.Username,
*cred.Password,
nil,
strings.Join(cliToks, " "),
"")
_, err = processOutput(result, err)
c.JSON(200, response{
Error: err != nil,
Message: result,
})
}