Fixed race conditions and limit e2e info

Author: Forceu

internal/webserver/api/Api.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"strconv"
 	"strings"
 	"time"
 
@@ -21,6 +22,7 @@ import (
 	"github.com/forceu/gokapi/internal/storage/chunking/chunkreservation"
 	"github.com/forceu/gokapi/internal/storage/filerequest"
 	"github.com/forceu/gokapi/internal/storage/presign"
+	"github.com/forceu/gokapi/internal/webserver/api/apiMutex"
 	"github.com/forceu/gokapi/internal/webserver/api/errorcodes"
 	"github.com/forceu/gokapi/internal/webserver/authentication/users"
 	"github.com/forceu/gokapi/internal/webserver/fileupload"
@@ -86,6 +88,9 @@ func apiEditFile(w http.ResponseWriter, r requestParser, user models.User) {
 	if !ok {
 		panic("invalid parameter passed")
 	}
+	apiMutex.Lock(apiMutex.TypeMetaData, request.Id)
+	defer apiMutex.Unlock(apiMutex.TypeMetaData, request.Id)
+
 	file, ok := database.GetMetaDataById(request.Id)
 	if !ok {
 		sendError(w, http.StatusNotFound, errorcodes.NotFound, "Invalid file ID provided.")
@@ -171,6 +176,9 @@ func apiModifyApiKey(w http.ResponseWriter, r requestParser, user models.User) {
 	if !ok {
 		panic("invalid parameter passed")
 	}
+	apiMutex.Lock(apiMutex.TypeApiKey, request.KeyId)
+	defer apiMutex.Unlock(apiMutex.TypeApiKey, request.KeyId)
+
 	apiKeyOwner, apiKey, ok := isValidKeyForEditing(request.KeyId)
 	if !ok {
 		sendError(w, http.StatusNotFound, errorcodes.NotFound, "Invalid key ID provided.")
@@ -284,6 +292,7 @@ func apiChangeFriendlyName(w http.ResponseWriter, r requestParser, user models.U
 	if !ok {
 		panic("invalid parameter passed")
 	}
+
 	ownerApiKey, apiKey, ok := isValidKeyForEditing(request.KeyId)
 	if !ok {
 		sendError(w, http.StatusNotFound, errorcodes.NotFound, "Invalid key ID provided.")
@@ -304,6 +313,10 @@ func renameApiKeyFriendlyName(id string, newName string) error {
 	if newName == "" {
 		newName = "Unnamed key"
 	}
+
+	apiMutex.Lock(apiMutex.TypeApiKey, id)
+	defer apiMutex.Unlock(apiMutex.TypeApiKey, id)
+
 	key, ok := database.GetApiKey(id)
 	if !ok {
 		return errors.New("could not modify API key")
@@ -727,6 +740,10 @@ func apiChangeFileOwner(w http.ResponseWriter, r requestParser, user models.User
 	if !ok {
 		panic("invalid parameter passed")
 	}
+
+	apiMutex.Lock(apiMutex.TypeMetaData, request.Id)
+	defer apiMutex.Unlock(apiMutex.TypeMetaData, request.Id)
+
 	file, ok := storage.GetFile(request.Id)
 	if !ok {
 		sendError(w, http.StatusNotFound, errorcodes.NotFound, "Invalid id provided.")
@@ -818,6 +835,10 @@ func apiModifyUser(w http.ResponseWriter, r requestParser, user models.User) {
 	if !ok {
 		panic("invalid parameter passed")
 	}
+	idStr := strconv.Itoa(request.Id)
+	apiMutex.Lock(apiMutex.TypeUser, idStr)
+	defer apiMutex.Unlock(apiMutex.TypeUser, idStr)
+
 	userEdit, ok := isValidUserForEditing(w, request.Id)
 	if !ok {
 		return
@@ -854,6 +875,10 @@ func apiChangeUserRank(w http.ResponseWriter, r requestParser, user models.User)
 	if !ok {
 		panic("invalid parameter passed")
 	}
+	idStr := strconv.Itoa(request.Id)
+	apiMutex.Lock(apiMutex.TypeUser, idStr)
+	defer apiMutex.Unlock(apiMutex.TypeUser, idStr)
+
 	userEdit, ok := isValidUserForEditing(w, request.Id)
 	if !ok {
 		return
@@ -965,7 +990,16 @@ func apiDeleteUser(w http.ResponseWriter, r requestParser, user models.User) {
 		return
 	}
 	logging.LogUserDeletion(userToDelete, user)
-	database.DeleteUser(userToDelete.Id)
+
+	database.DeleteAllSessionsByUser(userToDelete.Id)
+
+	for _, apiKey := range database.GetAllApiKeys() {
+		if apiKey.UserId == userToDelete.Id {
+			database.DeleteApiKey(apiKey.Id)
+		}
+	}
+
+	database.DeleteEnd2EndInfo(userToDelete.Id)
 
 	for _, fRequest := range database.GetAllFileRequests() {
 		if fRequest.UserId == userToDelete.Id {
@@ -988,13 +1022,7 @@ func apiDeleteUser(w http.ResponseWriter, r requestParser, user models.User) {
 			}
 		}
 	}
-	for _, apiKey := range database.GetAllApiKeys() {
-		if apiKey.UserId == userToDelete.Id {
-			database.DeleteApiKey(apiKey.Id)
-		}
-	}
-	database.DeleteAllSessionsByUser(userToDelete.Id)
-	database.DeleteEnd2EndInfo(userToDelete.Id)
+	database.DeleteUser(userToDelete.Id)
 }
 
 func apiLogsDelete(_ http.ResponseWriter, r requestParser, user models.User) {

internal/webserver/api/apiMutex/ApiMutex.go

@@ -0,0 +1,38 @@
+package apiMutex
+
+import (
+	"hash/fnv"
+	"sync"
+)
+
+const numStripes = 256
+
+var stripes [numStripes]sync.Mutex
+
+func getStripe(objectType int, key string) *sync.Mutex {
+	switch objectType {
+	case TypeUser, TypeApiKey, TypeMetaData:
+		// valid
+	default:
+		panic("invalid object type")
+	}
+
+	h := fnv.New32a()
+	_, _ = h.Write([]byte{byte(objectType)})
+	_, _ = h.Write([]byte(key))
+	return &stripes[h.Sum32()%numStripes]
+}
+
+const (
+	TypeUser = iota
+	TypeApiKey
+	TypeMetaData
+)
+
+func Lock(objectType int, key string) {
+	getStripe(objectType, key).Lock()
+}
+
+func Unlock(objectType int, key string) {
+	getStripe(objectType, key).Unlock()
+}

internal/webserver/api/apiMutex/ApiMutex_test.go

@@ -0,0 +1,150 @@
+package apiMutex
+
+import (
+	"fmt"
+	"sync"
+	"testing"
+
+	"github.com/forceu/gokapi/internal/test"
+)
+
+// TestInvalidObjectTypePanics verifies that an unknown objectType causes a panic.
+func TestInvalidObjectTypePanics(t *testing.T) {
+	defer func() {
+		if r := recover(); r == nil {
+			t.Error("expected panic for invalid object type, but did not panic")
+		}
+	}()
+
+	getStripe(999, "any")
+}
+
+// TestAllValidTypesDoNotPanic verifies that all defined types are accepted.
+func TestAllValidTypesDoNotPanic(t *testing.T) {
+	types := []int{TypeUser, TypeApiKey, TypeMetaData}
+	for _, objectType := range types {
+		func() {
+			defer func() {
+				if r := recover(); r != nil {
+					t.Errorf("unexpected panic for objectType %d", objectType)
+				}
+			}()
+			getStripe(objectType, "key")
+		}()
+	}
+}
+
+// TestSameKeyReturnsSameStripe verifies that the same arguments always map to the same stripe.
+func TestSameKeyReturnsSameStripe(t *testing.T) {
+	m1 := getStripe(TypeUser, "abc")
+	m2 := getStripe(TypeUser, "abc")
+
+	test.IsEqual(t, m1, m2)
+}
+
+// TestDifferentTypesSameKeyMayDiffer verifies that objectType is factored into the hash.
+func TestDifferentTypesSameKeyMayDiffer(t *testing.T) {
+	collisions := 0
+	keys := []string{"1", "2", "3", "4", "5"}
+	for _, key := range keys {
+		if getStripe(TypeUser, key) == getStripe(TypeApiKey, key) {
+			collisions++
+		}
+	}
+	if collisions == len(keys) {
+		t.Error("objectType does not appear to affect stripe selection — all keys collided across types")
+	}
+}
+
+// TestLockUnlock verifies that Lock and Unlock work without deadlocking.
+func TestLockUnlock(t *testing.T) {
+	done := make(chan struct{})
+	go func() {
+		Lock(TypeUser, "1")
+		Unlock(TypeUser, "1")
+		close(done)
+	}()
+	<-done
+}
+
+// TestLockBlocksUntilUnlocked verifies that a second Lock on the same key blocks
+// until the first caller calls Unlock.
+func TestLockBlocksUntilUnlocked(t *testing.T) {
+	// Find two keys that hash to the same stripe so we can test real blocking.
+	key := "1"
+	stripe := getStripe(TypeUser, key)
+
+	stripe.Lock()
+
+	acquired := make(chan struct{})
+	go func() {
+		Lock(TypeUser, key)
+		close(acquired)
+		Unlock(TypeUser, key)
+	}()
+
+	select {
+	case <-acquired:
+		t.Error("second Lock acquired while first was still held")
+	default:
+		// expected: goroutine is blocked
+	}
+
+	stripe.Unlock()
+	<-acquired
+}
+
+// TestConcurrentWritesSerialized verifies that concurrent writers on the same key
+// do not race and that the counter reaches the expected value.
+func TestConcurrentWritesSerialized(t *testing.T) {
+	const goroutines = 100
+	counter := 0
+	var wg sync.WaitGroup
+	wg.Add(goroutines)
+
+	for i := 0; i < goroutines; i++ {
+		go func() {
+			defer wg.Done()
+			Lock(TypeUser, "counter")
+			counter++
+			Unlock(TypeUser, "counter")
+		}()
+	}
+
+	wg.Wait()
+
+	test.IsEqualInt(t, counter, goroutines)
+}
+
+// TestIndependentTypesDoNotNecessarilyBlock verifies that different object types
+// with different keys are handled independently across the stripe space.
+func TestIndependentTypesDoNotNecessarilyBlock(t *testing.T) {
+	// Only meaningful if they hash to different stripes — find such a pair.
+	var keyA, keyB string
+	found := false
+	for i := 0; i < 1000; i++ {
+		a := fmt.Sprintf("key-%d", i)
+		b := fmt.Sprintf("key-%d", i+1)
+		if getStripe(TypeUser, a) != getStripe(TypeApiKey, b) {
+			keyA, keyB = a, b
+			found = true
+			break
+		}
+	}
+
+	if !found {
+		t.Skip("could not find two keys hashing to different stripes")
+	}
+
+	Lock(TypeUser, keyA)
+	defer Unlock(TypeUser, keyA)
+
+	done := make(chan struct{})
+	go func() {
+		Lock(TypeApiKey, keyB)
+		Unlock(TypeApiKey, keyB)
+		close(done)
+	}()
+
+	<-done
+}

internal/webserver/api/routing.go

@@ -582,15 +582,21 @@ type paramE2eStore struct {
 }
 
 func (p *paramE2eStore) ProcessParameter(r *http.Request) error {
+	const maxBodySize = 5 * 1024 * 1024 // 5MB in bytes
+	bodyReader := http.MaxBytesReader(nil, r.Body, maxBodySize)
+	defer bodyReader.Close()
+
 	type expectedInput struct {
 		Content string `json:"content"`
 	}
 	var input expectedInput
 
-	err := json.NewDecoder(r.Body).Decode(&input)
+	err := json.NewDecoder(bodyReader).Decode(&input)
 	if err != nil {
+		// If body is larger than 5MB, this will be returned here as an error
 		return err
 	}
+
 	content, err := base64.StdEncoding.DecodeString(input.Content)
 	if err != nil {
 		return err

internal/webserver/web/static/js/admin_ui_users.js

@@ -266,8 +266,8 @@ const PermissionDefinitions = [
     }
 ];
 
-function hasPermission(userPermissions, permissionBit) {
-    return (userPermissions & permissionBit) !== 0;
+function hasPermission(userPerm, permissionBit) {
+    return (userPerm & permissionBit) !== 0;
 }
 
 
@@ -321,7 +321,11 @@ function addRowUser(userid, name, permissions) {
     btnPromote.type = "button";
     btnPromote.className = "btn btn-outline-light btn-sm";
     btnPromote.title = "Promote User";
-    btnPromote.onclick = () => changeRank(userid, 'ADMIN', `changeRank_${userid}`);
+    if (isAdmin) {
+        btnPromote.onclick = () => changeRank(userid, 'ADMIN', `changeRank_${userid}`);
+    } else {
+        btnPromote.disabled = true;
+    }
     btnPromote.innerHTML = `<i class="bi bi-chevron-double-up"></i>`;
     btnGroup.appendChild(btnPromote);
 
@@ -341,15 +345,21 @@ function addRowUser(userid, name, permissions) {
 
     // Permissions
      cellPermissions.innerHTML = PermissionDefinitions.map(perm => {
-        const granted = hasPermission(permissions, perm.bit)
-            ? "perm-granted"
-            : "perm-notgranted";
-
+        let granted = "perm-notgranted";
+        if (hasPermission(permissions, perm.bit)) {
+            granted = "perm-granted";
+        }
         const id = perm.htmlId(userid);
+        let nochangeClass = "";
+        if (!hasPermission(userPermissions, perm.bit)) {
+            nochangeClass = "perm-nochange";
+        }
+        
+        
 
         return `
         <i id="${id}"
-           class="${perm.icon} ${granted}"
+           class="${perm.icon} ${granted} ${nochangeClass}"
            title="${perm.title}"
            onclick='changeUserPermission(${userid}, "${perm.apiName}", "${id}")'>
         </i>`;

internal/webserver/web/static/js/min/admin.min.d76f71bf62.js

@@ -210,6 +210,8 @@
 <script src="./js/min/admin.min.{{ template "js_admin_version"}}.js"></script>
 <script>
 	var isInternalAuth = {{.IsInternalAuth}};
+	var isAdmin = {{.ActiveUser.IsAdmin}};
+	var userPermissions = {{.ActiveUser.Permissions}};
 </script>
 {{ template "pagename" "OverviewUsers"}}
 {{ template "customjs" .}}