From 63625d1e74a979b0016d419219c44a931b7b4998 Mon Sep 17 00:00:00 2001 From: Paul Meyer Date: Thu, 30 May 2024 10:12:15 +0200 Subject: [PATCH 1/2] Fixed middleware --- go.mod | 2 +- go.sum | 3 +++ internals/router/middleware.go | 9 ++++++++- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 0da5280..3b3b098 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/jmoiron/sqlx v1.4.0 github.com/json-iterator/go v1.1.12 github.com/lib/pq v1.10.9 - github.com/myrteametrics/myrtea-sdk/v4 v4.6.3-0.20240529152032-fce93d8e62e5 // temporary (to test remove-elasticv6) + github.com/myrteametrics/myrtea-sdk/v4 v4.6.3-0.20240529165047-fbf806706c76 // temporary (to test remove-elasticv6) github.com/prataprc/goparsec v0.0.0-20211219142520-daac0e635e7e github.com/prometheus/client_golang v1.19.1 github.com/robfig/cron/v3 v3.0.1 diff --git a/go.sum b/go.sum index 554fe3d..014c2ab 100644 --- a/go.sum +++ b/go.sum @@ -208,6 +208,9 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/myrteametrics/myrtea-sdk/v4 v4.6.3-0.20240529152032-fce93d8e62e5 h1:H+/5/uqPRW2g2OH78p/TIIPSvcp6xT/x0p6B6GVsKwE= github.com/myrteametrics/myrtea-sdk/v4 v4.6.3-0.20240529152032-fce93d8e62e5/go.mod h1:+qRPTdDrQbBax7LnQLqhRZgfzhE4gGF8vVdn4Av3KqE= +github.com/myrteametrics/myrtea-sdk/v4 v4.6.3-0.20240529164109-1d37ab82fa96/go.mod h1:szx+f06AkPmUUojzqcrs8UecgXP7Aia0kLkG/aemyVQ= +github.com/myrteametrics/myrtea-sdk/v4 v4.6.3-0.20240529165047-fbf806706c76 h1:WxCrVrX1+ZEWvCGEaiibZS6AsdyWlWmxW8s4bl5lhpo= +github.com/myrteametrics/myrtea-sdk/v4 v4.6.3-0.20240529165047-fbf806706c76/go.mod h1:szx+f06AkPmUUojzqcrs8UecgXP7Aia0kLkG/aemyVQ= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= diff --git a/internals/router/middleware.go b/internals/router/middleware.go index b819006..dbaa8ce 100644 --- a/internals/router/middleware.go +++ b/internals/router/middleware.go @@ -34,7 +34,14 @@ func ContextMiddleware(next http.Handler) http.Handler { return } - userID, _ := uuid.Parse(rawUserID.(string)) + rawUserIDStr, ok := rawUserID.(string) + if !ok { + zap.L().Warn("Cannot parse user ID", zap.Any("claims", claims)) + render.Error(w, r, render.ErrAPISecurityMissingContext, errors.New("invalid JWT")) + return + } + + userID, _ := uuid.Parse(rawUserIDStr) user, found, err := users.R().Get(userID) if err != nil { From a8fe8d7b3e3842f1ca5288ea2b2341b936b4a8f4 Mon Sep 17 00:00:00 2001 From: Paul Meyer Date: Thu, 30 May 2024 10:21:20 +0200 Subject: [PATCH 2/2] Added context to facts in es query gen --- internals/handlers/facts_handlers.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/internals/handlers/facts_handlers.go b/internals/handlers/facts_handlers.go index 1710732..1bd9435 100644 --- a/internals/handlers/facts_handlers.go +++ b/internals/handlers/facts_handlers.go @@ -752,6 +752,14 @@ func FactToESQuery(w http.ResponseWriter, r *http.Request) { zap.L().Debug("Debugging fact", zap.Any("f", f)) } + // Add context to fact, replace params and evaluate queries + f.ContextualizeDimensions(t, parameters) + err = f.ContextualizeCondition(t, parameters) + if err != nil { + render.Error(w, r, apiError, err) + return + } + source, err := elasticsearch.ConvertFactToSearchRequestV8(f, t, parameters) if err != nil { zap.L().Error("Cannot convert fact to search request", zap.Error(err), zap.Any("fact", f))