datastore

package

v0.0.0-...-cafed51 Latest Latest Go to latest Published: May 17, 2019 License: AGPL-3.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/fluidkeys/api

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func CanSendWithRateLimit(emailTemplateID string, userProfileUUID uuid.UUID, rateLimit *time.Duration, ...) (bool, error)
func CreateRequestToJoinTeam(txn *sql.Tx, teamUUID uuid.UUID, email string, fingerprint fpr.Fingerprint, ...) (*uuid.UUID, error)
func CreateSecret(recipientFingerprint fpr.Fingerprint, armoredEncryptedSecret string, ...) (*uuid.UUID, error)
func CreateVerification(txn *sql.Tx, email string, fp fpr.Fingerprint, userAgent string, ...) (*uuid.UUID, error)
func DeletePublicKey(fingerprint fpr.Fingerprint) (found bool, err error)
func DeleteRequestToJoinTeam(txn *sql.Tx, requestUUID uuid.UUID) (found bool, err error)
func DeleteSecret(secretUUID uuid.UUID, recipientFingerprint fpr.Fingerprint) (found bool, err error)
func DeleteTeam(txn *sql.Tx, teamUUID uuid.UUID) (found bool, err error)
func DropAllTheTables() error
func GetArmoredPublicKeyForEmail(txn *sql.Tx, email string) (armoredPublicKey string, found bool, err error)
func GetArmoredPublicKeyForFingerprint(fingerprint fpr.Fingerprint) (armoredPublicKey string, found bool, err error)
func GetSecrets(recipientFingerprint fpr.Fingerprint) ([]*secret, error)
func GetTimeLastSent(txn *sql.Tx, emailTemplateID string, userProfileUUID uuid.UUID) (*time.Time, error)
func HasActiveVerificationForEmail(txn *sql.Tx, email string) (bool, error)
func Initialize(databaseURL string) error
func LinkEmailToFingerprint(txn *sql.Tx, email string, fingerprint fpr.Fingerprint, ...) error
func ListExpiredKeys() (expiredKeys []expiredKey, err error)
func ListKeysExpiring() (keys []keyExpiring, err error)
func MarkVerificationAsVerified(txn *sql.Tx, secretUUID uuid.UUID, userAgent string, ipAddress string) error
func Migrate() error
func MustReadDatabaseURL() string
func Ping() error
func QueryEmailVerifiedForFingerprint(txn *sql.Tx, email string, fingerprint fpr.Fingerprint) (bool, error)
func RecordSentEmail(txn *sql.Tx, emailTemplateID string, userProfileUUID uuid.UUID, now time.Time) error
func RunInTransaction(fn func(txn *sql.Tx) error) error
func StoreSingleUseNumber(txn *sql.Tx, singleUseUUID uuid.UUID, now time.Time) error
func TeamExists(txn *sql.Tx, teamUUID uuid.UUID) (bool, error)
func UpsertPublicKey(txn *sql.Tx, armoredPublicKey string) error
func UpsertTeam(txn *sql.Tx, team Team) error
func VerifySingleUseNumberNotStored(singleUseUUID uuid.UUID) error
type EmailVerification
- func GetVerification(txn *sql.Tx, secretUUID uuid.UUID, now time.Time) (*EmailVerification, error)
type RequestToJoinTeam
- func GetRequestToJoinTeam(txn *sql.Tx, teamUUID uuid.UUID, email string) (*RequestToJoinTeam, error)
- func GetRequestsToJoinTeam(txn *sql.Tx, teamUUID uuid.UUID) ([]RequestToJoinTeam, error)
type Team
- func GetTeam(txn *sql.Tx, teamUUID uuid.UUID) (*Team, error)
type UserProfile

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrNotFound = fmt.Errorf("not found")

ErrNotFound indicates that the requested item wasn't found in the database (but the query was successful)

Functions ¶

func CanSendWithRateLimit ¶

func CanSendWithRateLimit(
	emailTemplateID string,
	userProfileUUID uuid.UUID,
	rateLimit *time.Duration,
	now time.Time,
) (bool, error)

CanSendWithRateLimit looks up the last time we sent a given (user profile + email template) combination in the database, and returns whether we're past the given rateLimit duration.

For example, if we want to ensure we don't send `template_1` to `profile_1` more than once per hour, we could use it like this:

> canSendWithRateLimit(profile_1, template_1, time.Duration(1) * time.Hour)

note that a rateLimit of `nil` means *unlimited* and will always return true. *use with care!*

for emails intended to be sent only once (e.g. onboarding emails), consider using 1 year. this way, we avoid completely stale information, and the person will get an (infrequent) reminder that we still hold their information, giving them an opportunity to ask us to delete it.

func CreateRequestToJoinTeam ¶

func CreateRequestToJoinTeam(
	txn *sql.Tx, teamUUID uuid.UUID,
	email string, fingerprint fpr.Fingerprint, now time.Time) (*uuid.UUID, error)

CreateRequestToJoinTeam creates a new request to add the given email and key fingerprint to the team. It's only allowed to have a single request per {team, email} pair. Attempts to create a second request for the same {team, email} but *different* fingerprint will fail.

func CreateSecret ¶

func CreateSecret(recipientFingerprint fpr.Fingerprint, armoredEncryptedSecret string, now time.Time) (*uuid.UUID, error)

CreateSecret stores the armoredEncryptedSecret (which must be encrypted to the given `recipientFingerprint`) against the recipient public key.

func CreateVerification ¶

func CreateVerification(
	txn *sql.Tx,
	email string,
	fp fpr.Fingerprint,
	userAgent string,
	ipAddress string,
	now time.Time,
) (*uuid.UUID, error)

CreateVerification creates an email_verification for the given email address. `email` is the exact (not canonicalized) email address we're going to send the email to `fingerprint` is the fingerprint of the public key to link this email to `userAgent` is from the upsert request (probably Fluidkeys) `ipAddress` is the IP of the client that made the upsert request

func DeletePublicKey ¶

func DeletePublicKey(fingerprint fpr.Fingerprint) (found bool, err error)

DeletePublicKey deletes a key by its fingerprint, returning found=true if a matching key was found and deleted. Note that any linked emails and stored secrets will also be deleted. If there was no matching key (e.g. it was already deleted), found is false and error is nil. An error is returned only if something failed e.g. a database error.

func DeleteRequestToJoinTeam ¶

func DeleteRequestToJoinTeam(txn *sql.Tx, requestUUID uuid.UUID) (found bool, err error)

DeleteRequestToJoinTeam deletes the given request to join team (by UUID)

func DeleteSecret ¶

func DeleteSecret(secretUUID uuid.UUID, recipientFingerprint fpr.Fingerprint) (found bool, err error)

DeleteSecret deletes the given secret (by UUID) if the recipientFingerprint matches the secret, or returns an error if not.

func DeleteTeam ¶

func DeleteTeam(txn *sql.Tx, teamUUID uuid.UUID) (found bool, err error)

DeleteTeam deletes the team with the given UUID and returns true if it was deleted, or false if the team was not found.

func DropAllTheTables ¶

func DropAllTheTables() error

DropAllTheTables drops all the tables in the database. It's intendeded only for use in development, so before doing anything it checks that the current database is called `fkapi_test` or `travis`

func GetArmoredPublicKeyForEmail ¶

func GetArmoredPublicKeyForEmail(txn *sql.Tx, email string) (
	armoredPublicKey string, found bool, err error)

GetArmoredPublicKeyForEmail returns an ASCII-armored public key for the given email, if the email address has been verified.

func GetArmoredPublicKeyForFingerprint ¶

func GetArmoredPublicKeyForFingerprint(fingerprint fpr.Fingerprint) (armoredPublicKey string, found bool, err error)

GetArmoredPublicKeyForFingerprint returns an ASCII-armored public key for the given fingerprint, regardless of whether the email addresses in the key have been verified.

func GetSecrets ¶

func GetSecrets(recipientFingerprint fpr.Fingerprint) ([]*secret, error)

GetSecrets returns a slice of secrets for the given public key fingerprint

func GetTimeLastSent ¶

func GetTimeLastSent(txn *sql.Tx, emailTemplateID string, userProfileUUID uuid.UUID) (
	*time.Time, error)

GetTimeLastSent returns the most recent the given email type was sent to the given key, or nil if there's no record of it being sent

func HasActiveVerificationForEmail ¶

func HasActiveVerificationForEmail(txn *sql.Tx, email string) (bool, error)

HasActiveVerificationForEmail returns whether we recently sent a verification email to the given email address, and if that verification is still valid, e.g. not expired

func Initialize ¶

func Initialize(databaseURL string) error

Initialize initialises a postgres database from the given databaseURL

func LinkEmailToFingerprint ¶

func LinkEmailToFingerprint(
	txn *sql.Tx, email string, fingerprint fpr.Fingerprint,
	verificationUUID *uuid.UUID) error

LinkEmailToFingerprint records that the given public key should be returned when queried for the given email address. If there is no public key in the database matching the fingerprint, an error will be returned.

func ListExpiredKeys ¶

func ListExpiredKeys() (expiredKeys []expiredKey, err error)

ListExpiredKeys returns all PGP keys that have expired. It populates VerifiedEmail with any email on the key that's verified, preferably the "primary" UID but falling back to any verified email.

func ListKeysExpiring ¶

func ListKeysExpiring() (keys []keyExpiring, err error)

ListKeysExpiring lists keys expiring in the next 15 days

func MarkVerificationAsVerified ¶

func MarkVerificationAsVerified(txn *sql.Tx, secretUUID uuid.UUID,
	userAgent string, ipAddress string) error

MarkVerificationAsVerified sets the user agent and IP address from the verifying HTTP request. Typically this is a browser from someone opening a link in their email.

func Migrate ¶

func Migrate() error

Migrate runs all the database migration queries (create table etc)

func MustReadDatabaseURL ¶

func MustReadDatabaseURL() string

MustReadDatabaseURL returns the value of DATABASE_URL from the environment or panics if it wasn't found

func Ping ¶

func Ping() error

Ping tests the database and returns an error if there's a problem

func QueryEmailVerifiedForFingerprint ¶

func QueryEmailVerifiedForFingerprint(txn *sql.Tx, email string, fingerprint fpr.Fingerprint) (bool, error)

QueryEmailVerifiedForFingerprint returns true if the given email is verified for the given fingerprint.

func RecordSentEmail ¶

func RecordSentEmail(txn *sql.Tx, emailTemplateID string, userProfileUUID uuid.UUID, now time.Time) error

RecordSentEmail records that the given email type was sent to the given key

func RunInTransaction ¶

func RunInTransaction(fn func(txn *sql.Tx) error) error

RunInTransaction begins a new transaction and calls the given `fn` function with the transaction. If fn returns an error, the transaction will be rolled back and the samme error will be returned by RunInTransaction If fn returns error=nil, the transaction will be committed (although that can fail, in which case an err is returned)

func StoreSingleUseNumber ¶

func StoreSingleUseNumber(txn *sql.Tx, singleUseUUID uuid.UUID, now time.Time) error

StoreSingleUseNumber saves the given singleUseUUID to the database with the given now time. txn is a database transaction, or nil to run outside of a transaction

func TeamExists ¶

func TeamExists(txn *sql.Tx, teamUUID uuid.UUID) (bool, error)

TeamExists returns true if the team with the given UUID already exists in the database

func UpsertPublicKey ¶

func UpsertPublicKey(txn *sql.Tx, armoredPublicKey string) error

UpsertPublicKey either inserts or updates a public key based on the fingerprint. For updates, any foreign key relationships are maintained. txn is a database transaction, or nil to run outside of a transaction

func UpsertTeam ¶

func UpsertTeam(txn *sql.Tx, team Team) error

UpsertTeam creates a team in the database. If a team already exists with team.UUID it updates the team.

func VerifySingleUseNumberNotStored ¶

func VerifySingleUseNumberNotStored(singleUseUUID uuid.UUID) error

VerifySingleUseNumberNotStored returns an error if the given singleUseUUID already exists in the database

Types ¶

type EmailVerification ¶

type EmailVerification struct {
	UUID           *uuid.UUID
	EmailSentTo    string
	KeyFingerprint fingerprint.Fingerprint
}

EmailVerification represents the data in the email_verifications database table

func GetVerification ¶

func GetVerification(txn *sql.Tx, secretUUID uuid.UUID, now time.Time) (*EmailVerification, error)

GetVerification returns the email and fingerprint of a currently-active email_verification for the given secret UUID token.

type RequestToJoinTeam ¶

type RequestToJoinTeam struct {
	UUID        uuid.UUID
	CreatedAt   time.Time
	Email       string
	Fingerprint fpr.Fingerprint
}

RequestToJoinTeam represents a request to join a team in the database.

func GetRequestToJoinTeam ¶

func GetRequestToJoinTeam(txn *sql.Tx, teamUUID uuid.UUID, email string) (
	*RequestToJoinTeam, error)

GetRequestToJoinTeam searches for an existing request for the given team UUID and email address combination.

func GetRequestsToJoinTeam ¶

func GetRequestsToJoinTeam(txn *sql.Tx, teamUUID uuid.UUID) ([]RequestToJoinTeam, error)

GetRequestsToJoinTeam returns a slice of RequestToJoinTeams.

type Team ¶

type Team struct {
	UUID   uuid.UUID
	Roster string

	// RosterSignature is the ASCII-armored, detached signature of the Roster
	RosterSignature string
	CreatedAt       time.Time
}

Team represents a team in the database

func GetTeam ¶

func GetTeam(txn *sql.Tx, teamUUID uuid.UUID) (*Team, error)

GetTeam returns a Team from the database

type UserProfile ¶

type UserProfile struct {
	UUID                       uuid.UUID
	OptoutEmailsExpiryWarnings bool
	KeyID                      int

	Key *pgpkey.PgpKey
}

UserProfile represents data in the user_profiles table

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL