feat(pro): add subscription mocks

Author: fiftin

api/helpers/helpers.go

@@ -12,6 +12,10 @@ func Store(r *http.Request) db.Store {
 	return GetFromContext(r, "store").(db.Store)
 }
 
+func TerraformStore(r *http.Request) db.TerraformStore {
+	return GetFromContext(r, "store").(db.TerraformStore)
+}
+
 func isXHR(w http.ResponseWriter, r *http.Request) bool {
 	accept := r.Header.Get("Accept")
 	return !strings.Contains(accept, "text/html")

api/login.go

@@ -151,11 +151,26 @@ func tryFindLDAPUser(username, password string) (*db.User, error) {
 // createSession creates session for passed user and stores session details
 // in cookies.
 func createSession(w http.ResponseWriter, r *http.Request, user db.User, oidc bool) {
+	var err error
 	var verificationMethod db.SessionVerificationMethod
 	verified := false
+
 	switch {
 	case user.Totp != nil && util.Config.Auth.Totp.Enabled:
 		verificationMethod = db.SessionVerificationTotp
+	case util.Config.Auth.Email.Enabled && (!util.Config.Auth.Email.DisableForOidc || !oidc):
+		code := random.Number(6)
+		_, err = helpers.Store(r).AddEmailOtpVerification(user.ID, code)
+		if err != nil {
+			log.WithError(err).WithFields(log.Fields{
+				"user_id": user.ID,
+				"context": "session",
+			}).Error("Failed to add email otp verification")
+			helpers.WriteErrorStatus(w, "Failed to create email OTP verification", http.StatusInternalServerError)
+			return
+		}
+
+		verificationMethod = db.SessionVerificationEmail
 	default:
 		verificationMethod = db.SessionVerificationNone
 		verified = true
@@ -171,8 +186,12 @@ func createSession(w http.ResponseWriter, r *http.Request, user db.User, oidc bo
 		VerificationMethod: verificationMethod,
 		Verified:           verified,
 	})
+
 	if err != nil {
-		log.Error(err)
+		log.WithError(err).WithFields(log.Fields{
+			"user_id": user.ID,
+			"context": "session",
+		}).Error("Failed to create session")
 		helpers.WriteErrorStatus(w, "Failed to create session", http.StatusInternalServerError)
 		return
 	}
@@ -714,6 +733,7 @@ func oidcRedirect(w http.ResponseWriter, r *http.Request) {
 			Name:     claims.name,
 			Email:    claims.email,
 			External: true,
+			Pro:      true,
 		}
 		user, err = helpers.Store(r).CreateUserWithoutPassword(user)
 		if err != nil {

api/router.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"embed"
 	"fmt"
+	"github.com/semaphoreui/semaphore/services/interfaces"
 	"net/http"
 	"os"
 	"path"
@@ -91,6 +92,7 @@ func Route(
 	secretStorageService server.SecretStorageService,
 	accessKeyService server.AccessKeyService,
 	environmentService server.EnvironmentService,
+	subscriptionService interfaces.SubscriptionService,
 ) *mux.Router {
 
 	projectController := &projects.ProjectController{ProjectService: projectService}
@@ -102,6 +104,8 @@ func Route(
 	keyController := projects.NewKeyController(accessKeyService)
 	projectsController := projects.NewProjectsController(accessKeyService)
 	terraformController := proApi.NewTerraformController(encryptionService, terraformStore)
+	userController := NewUserController(subscriptionService)
+	usersController := NewUsersController(subscriptionService)
 
 	r := mux.NewRouter()
 	r.NotFoundHandler = http.HandlerFunc(servePublic)
@@ -182,9 +186,9 @@ func Route(
 	authenticatedAPI.Path("/events").HandlerFunc(getAllEvents).Methods("GET", "HEAD")
 	authenticatedAPI.HandleFunc("/events/last", getLastEvents).Methods("GET", "HEAD")
 
-	authenticatedAPI.Path("/users").HandlerFunc(getUsers).Methods("GET", "HEAD")
-	authenticatedAPI.Path("/users").HandlerFunc(addUser).Methods("POST")
-	authenticatedAPI.Path("/user").HandlerFunc(getUser).Methods("GET", "HEAD")
+	authenticatedAPI.Path("/users").HandlerFunc(usersController.GetUsers).Methods("GET", "HEAD")
+	authenticatedAPI.Path("/users").HandlerFunc(usersController.AddUser).Methods("POST")
+	authenticatedAPI.Path("/user").HandlerFunc(userController.GetUser).Methods("GET", "HEAD")
 
 	authenticatedAPI.Path("/apps").HandlerFunc(getApps).Methods("GET", "HEAD")
 
@@ -230,12 +234,12 @@ func Route(
 
 	userUserAPI := authenticatedAPI.Path("/users/{user_id}").Subrouter()
 	userUserAPI.Use(readonlyUserMiddleware)
-	userUserAPI.Methods("GET", "HEAD").HandlerFunc(getUser)
+	userUserAPI.Methods("GET", "HEAD").HandlerFunc(userController.GetUser)
 
 	userAPI := authenticatedAPI.Path("/users/{user_id}").Subrouter()
 	userAPI.Use(getUserMiddleware)
 
-	userAPI.Methods("PUT").HandlerFunc(updateUser)
+	userAPI.Methods("PUT").HandlerFunc(usersController.UpdateUser)
 	userAPI.Methods("DELETE").HandlerFunc(deleteUser)
 
 	userPasswordAPI := authenticatedAPI.PathPrefix("/users/{user_id}").Subrouter()

api/user.go

@@ -6,25 +6,38 @@ import (
 	"github.com/gorilla/mux"
 	"github.com/semaphoreui/semaphore/api/helpers"
 	"github.com/semaphoreui/semaphore/db"
+	"github.com/semaphoreui/semaphore/services/interfaces"
 	"github.com/semaphoreui/semaphore/util"
 	"io"
 	"net/http"
 	"strings"
 )
 
-func getUser(w http.ResponseWriter, r *http.Request) {
+type UserController struct {
+	subscriptionService interfaces.SubscriptionService
+}
+
+func NewUserController(subscriptionService interfaces.SubscriptionService) *UserController {
+	return &UserController{
+		subscriptionService: subscriptionService,
+	}
+}
+
+func (c *UserController) GetUser(w http.ResponseWriter, r *http.Request) {
 	if u, exists := helpers.GetOkFromContext(r, "_user"); exists {
 		helpers.WriteJSON(w, http.StatusOK, u)
 		return
 	}
 
 	var user struct {
 		db.User
-		CanCreateProject bool `json:"can_create_project"`
+		CanCreateProject      bool `json:"can_create_project"`
+		HasActiveSubscription bool `json:"has_active_subscription"`
 	}
 
 	user.User = *helpers.GetFromContext(r, "user").(*db.User)
 	user.CanCreateProject = user.Admin || util.Config.NonAdminCanCreateProject
+	user.HasActiveSubscription = c.subscriptionService.HasActiveSubscription()
 
 	helpers.WriteJSON(w, http.StatusOK, user)
 }

api/users.go

@@ -2,24 +2,36 @@ package api
 
 import (
 	"bytes"
+	"fmt"
 	"github.com/pquerna/otp"
 	"github.com/pquerna/otp/totp"
 	"github.com/semaphoreui/semaphore/api/helpers"
 	"github.com/semaphoreui/semaphore/db"
+	"github.com/semaphoreui/semaphore/services/interfaces"
 	log "github.com/sirupsen/logrus"
 	"image/png"
 	"net/http"
 
 	"github.com/semaphoreui/semaphore/util"
 )
 
+type UsersController struct {
+	subscriptionService interfaces.SubscriptionService
+}
+
+func NewUsersController(subscriptionService interfaces.SubscriptionService) *UsersController {
+	return &UsersController{
+		subscriptionService: subscriptionService,
+	}
+}
+
 type minimalUser struct {
 	ID       int    `json:"id"`
 	Username string `json:"username"`
 	Name     string `json:"name"`
 }
 
-func getUsers(w http.ResponseWriter, r *http.Request) {
+func (c *UsersController) GetUsers(w http.ResponseWriter, r *http.Request) {
 	currentUser := helpers.GetFromContext(r, "user").(*db.User)
 	users, err := helpers.Store(r).GetUsers(db.RetrieveQueryParams{
 		Filter: r.URL.Query().Get("s"),
@@ -46,7 +58,7 @@ func getUsers(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
-func addUser(w http.ResponseWriter, r *http.Request) {
+func (c *UsersController) AddUser(w http.ResponseWriter, r *http.Request) {
 	var user db.UserWithPwd
 	if !helpers.Bind(w, r, &user) {
 		return
@@ -59,6 +71,21 @@ func addUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if user.Pro {
+		ok, err := c.subscriptionService.CanAddProUser(helpers.Store(r))
+
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			return
+		}
+
+		if !ok {
+			helpers.WriteErrorStatus(w,
+				fmt.Sprintf("You have reached the limit of Pro users for your subscription."), http.StatusForbidden)
+			return
+		}
+	}
+
 	var err error
 	var newUser db.User
 
@@ -134,7 +161,7 @@ func getUserMiddleware(next http.Handler) http.Handler {
 	})
 }
 
-func updateUser(w http.ResponseWriter, r *http.Request) {
+func (c *UsersController) UpdateUser(w http.ResponseWriter, r *http.Request) {
 	targetUser := helpers.GetFromContext(r, "_user").(db.User)
 	editor := helpers.GetFromContext(r, "user").(*db.User)
 
@@ -149,6 +176,21 @@ func updateUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if user.Pro {
+		ok, err := c.subscriptionService.CanAddProUser(helpers.Store(r))
+
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			return
+		}
+
+		if !ok {
+			helpers.WriteErrorStatus(w,
+				fmt.Sprintf("You have reached the limit of Pro users for your subscription."), http.StatusForbidden)
+			return
+		}
+	}
+
 	if !editor.Admin && editor.ID != targetUser.ID {
 		log.Warn(editor.Username + " is not permitted to edit users")
 		w.WriteHeader(http.StatusUnauthorized)

cli/cmd/root.go

@@ -15,6 +15,7 @@ import (
 	"github.com/semaphoreui/semaphore/db"
 	"github.com/semaphoreui/semaphore/db/factory"
 	proFactory "github.com/semaphoreui/semaphore/pro/db/factory"
+	proServer "github.com/semaphoreui/semaphore/pro/services/server"
 	"github.com/semaphoreui/semaphore/services/schedules"
 	"github.com/semaphoreui/semaphore/services/tasks"
 	"github.com/semaphoreui/semaphore/util"
@@ -85,6 +86,7 @@ func runService() {
 	accessKeyService := server.NewAccessKeyService(store, encryptionService, store)
 	secretStorageService := server.NewSecretStorageService(store, accessKeyService)
 	environmentService := server.NewEnvironmentService(store, encryptionService)
+	subscriptionService := proServer.NewSubscriptionService()
 
 	taskPool := tasks.CreateTaskPool(
 		store,
@@ -130,6 +132,7 @@ func runService() {
 		secretStorageService,
 		accessKeyService,
 		environmentService,
+		subscriptionService,
 	)
 
 	route.Use(func(next http.Handler) http.Handler {

pkg/random/string.go

@@ -6,18 +6,27 @@ import (
 )
 
 const (
-	chars = "abcdefghijklmnopqrstuvwxyz0123456789"
+	digits = "0123456789"
+	chars  = "abcdefghijklmnopqrstuvwxyz0123456789"
 )
 
-func String(strlen int) string {
+func rnd(strlen int, baseStr string) string {
 	result := make([]byte, strlen)
-	charLen := big.NewInt(int64(len(chars)))
+	charLen := big.NewInt(int64(len(baseStr)))
 	for i := range result {
 		r, err := rand.Int(rand.Reader, charLen)
 		if err != nil {
 			panic(err)
 		}
-		result[i] = chars[r.Int64()]
+		result[i] = baseStr[r.Int64()]
 	}
 	return string(result)
 }
+
+func Number(strlen int) string {
+	return rnd(strlen, digits)
+}
+
+func String(strlen int) string {
+	return rnd(strlen, chars)
+}

pro/services/server/subscription_svc.go

@@ -0,0 +1,9 @@
+package server
+
+import (
+	"github.com/semaphoreui/semaphore/services/interfaces"
+)
+
+func NewSubscriptionService() interfaces.SubscriptionService {
+	return nil
+}

services/interfaces/subscription_svc.go

@@ -0,0 +1,8 @@
+package interfaces
+
+import "github.com/semaphoreui/semaphore/db"
+
+type SubscriptionService interface {
+	HasActiveSubscription() bool
+	CanAddProUser(store db.Store) (ok bool, err error)
+}