merged with add/search-function-to-projectslist

Author: timbastin

cmd/devguard/api/api.go

@@ -550,7 +550,7 @@ func BuildRouter(db core.DB) *echo.Echo {
 
 	//Api functions for interacting with an organization  ->  .../organizations/<organization-name>/...
 	organizationRouter := orgRouter.Group("/:organization", multiOrganizationMiddleware(casbinRBACProvider, orgService, gitlabOauth2Integrations), externalEntityProviderRefreshMiddleware(externalEntityProviderService))
-	organizationRouter.GET("/trigger-sync", externalEntityProviderService.TriggerSync, neededScope([]string{"manage"}), accessControlMiddleware(core.ObjectOrganization, core.ActionRead))
+	organizationRouter.GET("/trigger-sync/", externalEntityProviderService.TriggerSync, neededScope([]string{"manage"}), accessControlMiddleware(core.ObjectOrganization, core.ActionRead))
 	organizationRouter.DELETE("/", orgController.Delete, neededScope([]string{"manage"}), accessControlMiddleware(core.ObjectOrganization, core.ActionDelete))
 	organizationRouter.GET("/", orgController.Read, accessControlMiddleware(core.ObjectOrganization, core.ActionRead))
 

internal/core/common_interfaces.go

@@ -47,6 +47,7 @@ type ProjectRepository interface {
 	GetByOrgID(organizationID uuid.UUID) ([]models.Project, error)
 	GetProjectByAssetID(assetID uuid.UUID) (models.Project, error)
 	List(idSlice []uuid.UUID, parentID *uuid.UUID, organizationID uuid.UUID) ([]models.Project, error)
+	ListPaged(projectIDs []uuid.UUID, parentID *uuid.UUID, orgID uuid.UUID, pageInfo PageInfo, search string) (Paged[models.Project], error)
 	EnablePolicyForProject(tx DB, projectID uuid.UUID, policyID uuid.UUID) error
 	DisablePolicyForProject(tx DB, projectID uuid.UUID, policyID uuid.UUID) error
 	Upsert(projects *[]*models.Project, conflictingColumns []clause.Column, toUpdate []string) error
@@ -224,6 +225,7 @@ type ExternalEntityProviderService interface {
 type ProjectService interface {
 	ReadBySlug(ctx Context, organizationID uuid.UUID, slug string) (models.Project, error)
 	ListAllowedProjects(ctx Context) ([]models.Project, error)
+	ListAllowedProjectsPaged(c Context) (Paged[models.Project], error)
 	ListProjectsByOrganizationID(organizationID uuid.UUID) ([]models.Project, error)
 	RecursivelyGetChildProjects(projectID uuid.UUID) ([]models.Project, error)
 	GetDirectChildProjects(projectID uuid.UUID) ([]models.Project, error)

internal/core/org/org_controller.go

@@ -129,7 +129,8 @@ func (controller *httpController) ContentTree(ctx core.Context) error {
 	// get the organization from the context
 	organization := core.GetOrg(ctx)
 
-	ps, err := controller.projectService.ListAllowedProjects(ctx)
+	ps, err := controller.projectService.ListAllowedProjects(
+		ctx)
 	if err != nil {
 		return echo.NewHTTPError(500, "could not get projects").WithInternal(err)
 	}

internal/core/project/project_controller.go

@@ -253,7 +253,7 @@ func (projectController *controller) Read(c core.Context) error {
 
 func (projectController *controller) List(c core.Context) error {
 	// get all projects the user has at least read access to - might be public projects as well
-	projects, err := projectController.projectService.ListAllowedProjects(c)
+	projects, err := projectController.projectService.ListAllowedProjectsPaged(c)
 
 	if err != nil {
 		return err

internal/core/project/project_service.go

@@ -150,13 +150,7 @@ func (s *service) ListProjectsByOrganizationID(organizationID uuid.UUID) ([]mode
 	return s.projectRepository.GetByOrgID(organizationID)
 }
 
-func (s *service) ListAllowedProjects(c core.Context) ([]models.Project, error) {
-	// get all projects the user has at least read access to
-	rbac := core.GetRBAC(c)
-	projectsIdsStr, err := rbac.GetAllProjectsForUser(core.GetSession(c).GetUserID())
-	if err != nil {
-		return nil, echo.NewHTTPError(500, "could not get projects for user").WithInternal(err)
-	}
+func (s *service) projectsForUser(c core.Context, projectsIdsStr []string) ([]uuid.UUID, *uuid.UUID, error) {
 
 	// extract the project ids from the roles
 	projectIDs := make(map[uuid.UUID]struct{})
@@ -172,7 +166,7 @@ func (s *service) ListAllowedProjects(c core.Context) ([]models.Project, error)
 	if queryParentID != "" {
 		tmp, err := uuid.Parse(queryParentID)
 		if err != nil {
-			return nil, err
+			return nil, nil, err
 		}
 
 		parentID = &tmp
@@ -183,6 +177,50 @@ func (s *service) ListAllowedProjects(c core.Context) ([]models.Project, error)
 		projectIDsSlice = append(projectIDsSlice, projectID)
 	}
 
+	return projectIDsSlice, parentID, nil
+}
+
+func (s *service) ListAllowedProjectsPaged(c core.Context) (core.Paged[models.Project], error) {
+
+	pageInfo := core.GetPageInfo(c)
+	search := c.QueryParam("search")
+
+	// get all projects the user has at least read access to
+	rbac := core.GetRBAC(c)
+	projectIDs, err := rbac.GetAllProjectsForUser(core.GetSession(c).GetUserID())
+	if err != nil {
+		return core.Paged[models.Project]{}, echo.NewHTTPError(500, "could not get projects for user").WithInternal(err)
+	}
+
+	projectsIdsStr := projectIDs
+
+	projectIDsSlice, parentID, err := s.projectsForUser(c, projectsIdsStr)
+	if err != nil {
+		return core.Paged[models.Project]{}, err
+	}
+
+	projects, err := s.projectRepository.ListPaged(projectIDsSlice, parentID, core.GetOrg(c).GetID(), pageInfo, search)
+
+	if err != nil {
+		return core.Paged[models.Project]{}, err
+	}
+
+	return projects, nil
+}
+
+func (s *service) ListAllowedProjects(c core.Context) ([]models.Project, error) {
+	// get all projects the user has at least read access to
+	rbac := core.GetRBAC(c)
+	projectIDs, err := rbac.GetAllProjectsForUser(core.GetSession(c).GetUserID())
+	if err != nil {
+		return nil, echo.NewHTTPError(500, "could not get projects for user").WithInternal(err)
+	}
+
+	projectIDsSlice, parentID, err := s.projectsForUser(c, projectIDs)
+	if err != nil {
+		return nil, err
+	}
+
 	projects, err := s.projectRepository.List(projectIDsSlice, parentID, core.GetOrg(c).GetID())
 
 	if err != nil {

internal/database/repositories/project_repository.go

@@ -115,6 +115,39 @@ func (g *projectRepository) Update(tx core.DB, project *models.Project) error {
 	return g.db.Save(project).Error
 }
 
+func (g *projectRepository) ListPaged(projectIDs []uuid.UUID, parentID *uuid.UUID, orgID uuid.UUID, pageInfo core.PageInfo, search string) (core.Paged[models.Project], error) {
+	var projects []models.Project
+
+	var q *gorm.DB
+	if parentID != nil {
+		q = g.db.Model(&models.Project{}).Where(
+			g.db.Where("id IN ? AND parent_id = ?", projectIDs, parentID).
+				Or("organization_id = ? AND is_public = true AND parent_id = ?", orgID, parentID),
+		)
+	} else {
+		q = g.db.Model(&models.Project{}).Where(
+			g.db.Where("id IN ? AND parent_id IS NULL", projectIDs).
+				Or("organization_id = ? AND is_public = true AND parent_id IS NULL", orgID),
+		)
+	}
+
+	// apply search
+	if search != "" {
+		q = q.Where("name ILIKE ?", "%"+search+"%")
+	}
+
+	var count int64
+	err := q.Count(&count).Error
+	if err != nil {
+		return core.Paged[models.Project]{}, err
+	}
+	err = q.Limit(pageInfo.PageSize).Offset((pageInfo.Page - 1) * pageInfo.PageSize).Find(&projects).Error
+	if err != nil {
+		return core.Paged[models.Project]{}, err
+	}
+	return core.NewPaged(pageInfo, count, projects), nil
+}
+
 func (g *projectRepository) List(projectIDs []uuid.UUID, parentID *uuid.UUID, orgID uuid.UUID) ([]models.Project, error) {
 	var projects []models.Project
 	if parentID != nil {