yongxu
/
sparrow


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169
							package main

import (
	"errors"
	"github.com/go-martini/martini"
	"github.com/martini-contrib/render"
	"net/http"
	"sparrow/pkg/models"
	"sparrow/pkg/productconfig"
	"sparrow/pkg/rpcs"
	"sparrow/pkg/server"
)

func checkAppDomain(domain string, identifier string) error {
	//domainPieces := strings.Split(domain, "/")
	//identifierPieces := strings.Split(identifier, "-")
	//if len(domainPieces) == 0 {
	//	return errors.New("wrong app domain format.")
	//}
	//if len(identifierPieces) != 3 {
	//	return errors.New("wrong identifier format.")
	//}
	//devvendorid, err := strconv.ParseUint(identifierPieces[0], 16, 64)
	//if err != nil {
	//	return errors.New("wrong vendor format.")
	//}
	//devproductid, err := strconv.ParseUint(identifierPieces[1], 16, 64)
	//if err != nil {
	//	return errors.New("wrong product format.")
	//}
	//
	//if len(domainPieces) == 1 {
	//	if domainPieces[0] != "*" {
	//		return errors.New("wrong app domain " + domainPieces[0])
	//	}
	//	return nil
	//}
	//
	//if len(domainPieces) == 2 {
	//	id, err := strconv.ParseUint(domainPieces[1], 10, 64)
	//	if err != nil {
	//		return errors.New("wrong app domain format..")
	//	}
	//	if domainPieces[0] == "vendor" {
	//		if id != devvendorid {
	//			return errors.New("app has no access right on device.")
	//		}
	//	} else if domainPieces[0] == "product" {
	//		if id != devproductid {
	//			return errors.New("app has no access right on device.")
	//		}
	//	} else {
	//		return errors.New("wrong app domain" + domain)
	//	}
	//}
	//
	//if len(domainPieces) > 2 {
	//	return errors.New("wrong app domain" + domainPieces[0])
	//}

	return nil
}

// check if app has access right on device of given identifier( in url params )
func ApplicationAuthOnDeviceIdentifer(context martini.Context, params martini.Params, req *http.Request, r render.Render) {
	identifier := params["identifier"]
	key := req.Header.Get("App-Key")

	if identifier == "" || key == "" {
		r.JSON(http.StatusOK, renderError(ErrDeviceNotFound, errors.New("missing device identifier or app key.")))
		return
	}

	app := &models.Application{}
	err := server.RPCCallByName(nil, rpcs.RegistryServerName, "Registry.ValidateApplication", key, app)
	if err != nil {
		r.JSON(http.StatusOK, renderError(ErrAccessDenied, err))
		return
	}

	err = checkAppDomain(app.AppDomain, identifier)
	if err != nil {
		r.JSON(http.StatusOK, renderError(ErrAccessDenied, err))
		return
	}

}

func ApplicationAuth(context martini.Context, params martini.Params, req *http.Request, r render.Render) {
	identifier := params["identifier"]
	key := req.Header.Get("App-Key")

	if identifier == "" || key == "" {
		r.JSON(http.StatusOK, renderError(ErrDeviceNotFound, errors.New("missing device identifier or app key.")))
		return
	}

	app := &models.Application{}
	err := server.RPCCallByName(nil, rpcs.RegistryServerName, "Registry.ValidateApplication", key, app)
	if err != nil {
		r.JSON(http.StatusOK, renderError(ErrAccessDenied, err))
		return
	}

	err = checkAppDomain(app.AppDomain, identifier)
	if err != nil {
		r.JSON(http.StatusOK, renderError(ErrAccessDenied, err))
		return
	}

}

// check if device is online.
func CheckDeviceOnline(context martini.Context, params martini.Params, req *http.Request, r render.Render) {
	identifier := params["identifier"]

	device := &models.Device{}
	err := server.RPCCallByName(nil, rpcs.RegistryServerName, "Registry.FindDeviceByIdentifier", identifier, device)
	if err != nil {
		r.JSON(http.StatusOK, renderError(ErrDeviceNotFound, err))
		return
	}

	onlineargs := rpcs.ArgsGetDeviceOnlineStatus{
		Id: device.DeviceIdentifier,
	}
	onlinereply := rpcs.ReplyGetDeviceOnlineStatus{}
	err = server.RPCCallByName(nil, rpcs.DeviceManagerName, "DeviceManager.GetDeviceOnlineStatus", onlineargs, &onlinereply)
	if err != nil || onlinereply.ClientIP == "" {
		server.Log.Errorf("get device online status error: %v", err)
		r.JSON(http.StatusOK, renderError(ErrDeviceNotOnline, errors.New("设备不在线")))
		return
	}

	context.Map(device)
}

// get device identifier
func CheckDeviceIdentifier(context martini.Context, params martini.Params, req *http.Request, r render.Render) {
	identifier := params["identifier"]

	device := &models.Device{}
	err := server.RPCCallByName(nil, rpcs.RegistryServerName, "Registry.FindDeviceByIdentifier", identifier, device)
	if err != nil {
		r.JSON(http.StatusOK, renderError(ErrDeviceNotFound, err))
		return
	}

	context.Map(device)
}

// check if proudct is ok and map a product config to context, must by called after CheckDevice
func CheckProductConfig(context martini.Context, device *models.Device,
	params martini.Params, req *http.Request, r render.Render) {
	product := &models.Product{}
	err := server.RPCCallByName(nil, rpcs.RegistryServerName, "Registry.FindProduct", device.ProductID, product)
	if err != nil {
		r.JSON(http.StatusOK, renderError(ErrProductNotFound, err))
		return
	}

	c, err := productconfig.New(product.ProductConfig)
	if err != nil {
		r.JSON(http.StatusOK, renderError(ErrWrongProductConfig, err))
		return
	}

	context.Map(c)
}