File service changes: ownership, auth etc (#70)

files/handler/files.go

@@ -2,8 +2,10 @@ package handler
 
 import (
 	"context"
+	"errors"
 	"strings"
 
+	"github.com/micro/micro/v3/service/auth"
 	log "github.com/micro/micro/v3/service/logger"
 	"github.com/micro/micro/v3/service/model"
 	files "github.com/micro/services/files/proto"
@@ -17,21 +19,37 @@ func NewFiles() *Files {
 	i := model.ByEquality("project")
 	i.Order.Type = model.OrderTypeUnordered
 
-	db := model.NewModel(
-		model.WithIndexes(i),
+	db := model.New(
+		files.File{},
+		&model.Options{
+			Key:     "Id",
+			Indexes: []model.Index{i},
+		},
 	)
 
-	db.Register(new(files.File))
-
 	return &Files{
 		db: db,
 	}
 }
 
 func (e *Files) Save(ctx context.Context, req *files.SaveRequest, rsp *files.SaveResponse) error {
-	log.Info("Received Files.Call request")
+	// @todo return proper micro errors
+	acc, ok := auth.AccountFromContext(ctx)
+	if !ok {
+		return errors.New("Files.Save requires authentication")
+	}
+
+	log.Info("Received Files.Save request")
 	for _, file := range req.Files {
-		err := e.db.Create(file)
+		f := files.File{}
+		err := e.db.Read(model.QueryEquals("Id", file.Id), &f)
+		if err != nil && err != model.ErrorNotFound {
+			return err
+		}
+		if f.Owner != acc.ID {
+			return errors.New("Not authorized")
+		}
+		err = e.db.Create(file)
 		if err != nil {
 			return err
 		}
@@ -40,7 +58,7 @@ func (e *Files) Save(ctx context.Context, req *files.SaveRequest, rsp *files.Sav
 }
 
 func (e *Files) List(ctx context.Context, req *files.ListRequest, rsp *files.ListResponse) error {
-	log.Info("Received Files.Call request")
+	log.Info("Received Files.List request")
 	rsp.Files = []*files.File{}
 	err := e.db.Read(model.QueryEquals("project", req.GetProject()), &rsp.Files)
 	if err != nil {