Merge pull request #277 from wepala/feature/WS-579

Feature/ws 579
wepala · Mar 19, 2024 · 54d4173 · 54d4173
2 parents cc9f13f + 8bf2669
commit 54d4173
Showing 1 changed file with 29 additions and 8 deletions.
diff --git a/controllers/rest/operation_initializers.go b/controllers/rest/operation_initializers.go
@@ -15,10 +15,11 @@ import (
 	"golang.org/x/net/context"
 	"net/http"
 	"regexp"
+	"runtime/debug"
 	"strings"
 )
 
-//ContextInitializer add context middleware to path
+// ContextInitializer add context middleware to path
 func ContextInitializer(ctxt context.Context, api Container, path string, method string, swagger *openapi3.Swagger, pathItem *openapi3.PathItem, operation *openapi3.Operation) (context.Context, error) {
 	middlewares := GetOperationMiddlewares(ctxt)
 	contextMiddleware, err := api.GetMiddleware("Context")
@@ -30,12 +31,24 @@ func ContextInitializer(ctxt context.Context, api Container, path string, method
 	return ctxt, nil
 }
 
-//AuthorizationInitializer setup authorization
+// AuthorizationInitializer setup authorization
 func AuthorizationInitializer(ctxt context.Context, tapi Container, path string, method string, swagger *openapi3.Swagger, pathItem *openapi3.PathItem, operation *openapi3.Operation) (context.Context, error) {
 	if authRaw, ok := operation.Extensions[AuthorizationConfigExtension]; ok {
 		var enforcer *casbin.Enforcer
 		var err error
 
+		//get default logger
+		log, err := tapi.GetLog("Default")
+		if err != nil {
+			return ctxt, err
+		}
+
+		defer func() {
+			if err1 := recover(); err1 != nil {
+				log.Error("panic occurred ", string(debug.Stack()))
+			}
+		}()
+
 		//update path so that the open api way of specifying url parameters is change to wildcards. This is to support the casbin policy
 		//note ideal we would use the open api way of specifying url parameters but this is not supported by casbin
 		re := regexp.MustCompile(`\{([a-zA-Z0-9\-_]+?)\}`)
@@ -78,6 +91,10 @@ m = r.sub == p.sub && keyMatch(r.obj, p.obj) && regexMatch(r.act, p.act)
 				//setup users
 				if u, ok := allowRules.(map[string]interface{})["users"]; ok {
 					for _, user := range u.([]interface{}) {
+						if user == nil {
+							log.Warnf("user is nil on path '%s' for method '%s'", path, method)
+							continue
+						}
 						var success bool
 						success, err = enforcer.AddPolicy(user.(string), path, method)
 						if !success {
@@ -89,6 +106,10 @@ m = r.sub == p.sub && keyMatch(r.obj, p.obj) && regexMatch(r.act, p.act)
 				if u, ok := allowRules.(map[string]interface{})["roles"]; ok {
 					for _, user := range u.([]interface{}) {
 						var success bool
+						if user == nil {
+							log.Warnf("user is nil on path '%s' for method '%s'", path, method)
+							continue
+						}
 						success, err = enforcer.AddPolicy(user.(string), path, method)
 						if !success {
 							//TODO show warning to developer or something
@@ -102,7 +123,7 @@ m = r.sub == p.sub && keyMatch(r.obj, p.obj) && regexMatch(r.act, p.act)
 	return ctxt, nil
 }
 
-//EntityRepositoryInitializer setups the EntityFactory for a specific route
+// EntityRepositoryInitializer setups the EntityFactory for a specific route
 func EntityRepositoryInitializer(ctxt context.Context, api Container, path string, method string, swagger *openapi3.Swagger, pathItem *openapi3.PathItem, operation *openapi3.Operation) (context.Context, error) {
 	jsonSchema := operation.ExtensionProps.Extensions[SchemaExtension]
 	if jsonSchema != nil {
@@ -218,7 +239,7 @@ func EntityRepositoryInitializer(ctxt context.Context, api Container, path strin
 	return ctxt, nil
 }
 
-//UserDefinedInitializer adds user defined middleware, controller, command dispatchers and event store to the initialize context
+// UserDefinedInitializer adds user defined middleware, controller, command dispatchers and event store to the initialize context
 func UserDefinedInitializer(ctxt context.Context, tapi Container, path string, method string, swagger *openapi3.Swagger, pathItem *openapi3.PathItem, operation *openapi3.Operation) (context.Context, error) {
 	api := tapi.(*RESTAPI)
 	//if the controller extension is set then add controller to the context
@@ -318,7 +339,7 @@ func UserDefinedInitializer(ctxt context.Context, tapi Container, path string, m
 	return ctxt, nil
 }
 
-//StandardInitializer adds standard controller and middleware if not already setup
+// StandardInitializer adds standard controller and middleware if not already setup
 func StandardInitializer(ctxt context.Context, tapi Container, path string, method string, swagger *openapi3.Swagger, pathItem *openapi3.PathItem, operation *openapi3.Operation) (context.Context, error) {
 	api := tapi.(*RESTAPI)
 	if GetOperationController(ctxt) == nil {
@@ -625,7 +646,7 @@ func StandardInitializer(ctxt context.Context, tapi Container, path string, meth
 	return ctxt, nil
 }
 
-//RouteInitializer creates route using information in the initialization context
+// RouteInitializer creates route using information in the initialization context
 func RouteInitializer(ctxt context.Context, tapi Container, path string, method string, swagger *openapi3.Swagger, pathItem *openapi3.PathItem, operation *openapi3.Operation) (context.Context, error) {
 	var err error
 
@@ -761,15 +782,15 @@ func GetOperationProjections(ctx context.Context) []model.Projection {
 	return nil
 }
 
-//GetEntityRepository get the configured event factory from the context
+// GetEntityRepository get the configured event factory from the context
 func GetEntityRepository(ctx context.Context) model.EntityRepository {
 	if value, ok := ctx.Value(weoscontext.ENTITY_REPOSITORY).(model.EntityRepository); ok {
 		return value
 	}
 	return nil
 }
 
-//GetSchemaBuilders get a map of the dynamic struct builders for the schemas from the context
+// GetSchemaBuilders get a map of the dynamic struct builders for the schemas from the context
 func GetSchemaBuilders(ctx context.Context) map[string]ds.Builder {
 	if value, ok := ctx.Value(weoscontext.SCHEMA_BUILDERS).(map[string]ds.Builder); ok {
 		return value