mirror of
https://github.com/sysadminsmedia/homebox.git
synced 2025-12-26 23:21:39 +01:00
f36756d98e
* ent re-generation
* add oidc integration
* document oidc integration
* go fmt
* address backend linter findings
* run prettier on index.vue
* State cookie domain can mismatch when Hostname override is used (breaks CSRF check). Add SameSite.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Delete state cookie with matching domain and MaxAge; add SameSite.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Fix endpoint path in comments and error to include /api/v1.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Also use request context when verifying the ID token.
* Do not return raw auth errors to clients (user-enumeration risk).
* consistently set cookie the same way across function
* remove baseURL after declaration
* only enable OIDC routes if OIDC is enabled
* swagger doc for failure
* Only block when provider=local; move the check after parsing provider
* fix extended session comment
* reduce pii logging
* futher reduce pii logging
* remove unused DiscoveryDocument
* remove unused offline_access from default oidc scopes
* remove offline access from AuthCodeURL
* support host from X-Forwarded-Host
* set sane default claim names if unset
* error strings should not be capitalized
* Revert "run prettier on index.vue"
This reverts commit aa22330a23.
* Add timeout to provider discovery
* Split scopes robustly
* refactor hostname calculation
* address frontend prettier findings
* add property oidc on type APISummary
* LoginOIDC: Normalize inputs, only create if not found
* add oidc email verification
* oidc handleCallback: clear state cookie before each return
* add support for oidc nonce parameter
* Harden first-login race: handle concurrent creates gracefully and fix log key.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* support email verified claim as bool or string
* fail fast on empty email
* PKCE verifier
* fix: add timing delay to attachment test to resolve CI race condition
The attachment test was failing intermittently in CI due to a race condition
between attachment creation and retrieval. Adding a small 100ms delay after
attachment creation ensures the file system and database operations complete
before the test attempts to verify the attachment exists.
* Revert "fix: add timing delay to attachment test to resolve CI race condition"
This reverts commit 4aa8b2a0d829753e8d2dd1ba76f4b1e04e28c45e.
* oidc error state, use ref
* rename oidc.force to oidc.authRedirect
* remove hardcoded oidc error timeout
* feat: sub/iss based identity matching and userinfo endpoint collection
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Matthew Kilgore <matthew@kilgore.dev>
346 lines
10 KiB
Go
Generated
346 lines
10 KiB
Go
Generated
// Code generated by ent, DO NOT EDIT.
|
|
|
|
package ent
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
|
|
"entgo.io/ent/dialect/sql"
|
|
"entgo.io/ent/dialect/sql/sqlgraph"
|
|
"entgo.io/ent/schema/field"
|
|
"github.com/google/uuid"
|
|
"github.com/sysadminsmedia/homebox/backend/internal/data/ent/authroles"
|
|
"github.com/sysadminsmedia/homebox/backend/internal/data/ent/authtokens"
|
|
"github.com/sysadminsmedia/homebox/backend/internal/data/ent/predicate"
|
|
)
|
|
|
|
// AuthRolesUpdate is the builder for updating AuthRoles entities.
|
|
type AuthRolesUpdate struct {
|
|
config
|
|
hooks []Hook
|
|
mutation *AuthRolesMutation
|
|
}
|
|
|
|
// Where appends a list predicates to the AuthRolesUpdate builder.
|
|
func (_u *AuthRolesUpdate) Where(ps ...predicate.AuthRoles) *AuthRolesUpdate {
|
|
_u.mutation.Where(ps...)
|
|
return _u
|
|
}
|
|
|
|
// SetRole sets the "role" field.
|
|
func (_u *AuthRolesUpdate) SetRole(v authroles.Role) *AuthRolesUpdate {
|
|
_u.mutation.SetRole(v)
|
|
return _u
|
|
}
|
|
|
|
// SetNillableRole sets the "role" field if the given value is not nil.
|
|
func (_u *AuthRolesUpdate) SetNillableRole(v *authroles.Role) *AuthRolesUpdate {
|
|
if v != nil {
|
|
_u.SetRole(*v)
|
|
}
|
|
return _u
|
|
}
|
|
|
|
// SetTokenID sets the "token" edge to the AuthTokens entity by ID.
|
|
func (_u *AuthRolesUpdate) SetTokenID(id uuid.UUID) *AuthRolesUpdate {
|
|
_u.mutation.SetTokenID(id)
|
|
return _u
|
|
}
|
|
|
|
// SetNillableTokenID sets the "token" edge to the AuthTokens entity by ID if the given value is not nil.
|
|
func (_u *AuthRolesUpdate) SetNillableTokenID(id *uuid.UUID) *AuthRolesUpdate {
|
|
if id != nil {
|
|
_u = _u.SetTokenID(*id)
|
|
}
|
|
return _u
|
|
}
|
|
|
|
// SetToken sets the "token" edge to the AuthTokens entity.
|
|
func (_u *AuthRolesUpdate) SetToken(v *AuthTokens) *AuthRolesUpdate {
|
|
return _u.SetTokenID(v.ID)
|
|
}
|
|
|
|
// Mutation returns the AuthRolesMutation object of the builder.
|
|
func (_u *AuthRolesUpdate) Mutation() *AuthRolesMutation {
|
|
return _u.mutation
|
|
}
|
|
|
|
// ClearToken clears the "token" edge to the AuthTokens entity.
|
|
func (_u *AuthRolesUpdate) ClearToken() *AuthRolesUpdate {
|
|
_u.mutation.ClearToken()
|
|
return _u
|
|
}
|
|
|
|
// Save executes the query and returns the number of nodes affected by the update operation.
|
|
func (_u *AuthRolesUpdate) Save(ctx context.Context) (int, error) {
|
|
return withHooks(ctx, _u.sqlSave, _u.mutation, _u.hooks)
|
|
}
|
|
|
|
// SaveX is like Save, but panics if an error occurs.
|
|
func (_u *AuthRolesUpdate) SaveX(ctx context.Context) int {
|
|
affected, err := _u.Save(ctx)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
return affected
|
|
}
|
|
|
|
// Exec executes the query.
|
|
func (_u *AuthRolesUpdate) Exec(ctx context.Context) error {
|
|
_, err := _u.Save(ctx)
|
|
return err
|
|
}
|
|
|
|
// ExecX is like Exec, but panics if an error occurs.
|
|
func (_u *AuthRolesUpdate) ExecX(ctx context.Context) {
|
|
if err := _u.Exec(ctx); err != nil {
|
|
panic(err)
|
|
}
|
|
}
|
|
|
|
// check runs all checks and user-defined validators on the builder.
|
|
func (_u *AuthRolesUpdate) check() error {
|
|
if v, ok := _u.mutation.Role(); ok {
|
|
if err := authroles.RoleValidator(v); err != nil {
|
|
return &ValidationError{Name: "role", err: fmt.Errorf(`ent: validator failed for field "AuthRoles.role": %w`, err)}
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (_u *AuthRolesUpdate) sqlSave(ctx context.Context) (_node int, err error) {
|
|
if err := _u.check(); err != nil {
|
|
return _node, err
|
|
}
|
|
_spec := sqlgraph.NewUpdateSpec(authroles.Table, authroles.Columns, sqlgraph.NewFieldSpec(authroles.FieldID, field.TypeInt))
|
|
if ps := _u.mutation.predicates; len(ps) > 0 {
|
|
_spec.Predicate = func(selector *sql.Selector) {
|
|
for i := range ps {
|
|
ps[i](selector)
|
|
}
|
|
}
|
|
}
|
|
if value, ok := _u.mutation.Role(); ok {
|
|
_spec.SetField(authroles.FieldRole, field.TypeEnum, value)
|
|
}
|
|
if _u.mutation.TokenCleared() {
|
|
edge := &sqlgraph.EdgeSpec{
|
|
Rel: sqlgraph.O2O,
|
|
Inverse: true,
|
|
Table: authroles.TokenTable,
|
|
Columns: []string{authroles.TokenColumn},
|
|
Bidi: false,
|
|
Target: &sqlgraph.EdgeTarget{
|
|
IDSpec: sqlgraph.NewFieldSpec(authtokens.FieldID, field.TypeUUID),
|
|
},
|
|
}
|
|
_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
|
|
}
|
|
if nodes := _u.mutation.TokenIDs(); len(nodes) > 0 {
|
|
edge := &sqlgraph.EdgeSpec{
|
|
Rel: sqlgraph.O2O,
|
|
Inverse: true,
|
|
Table: authroles.TokenTable,
|
|
Columns: []string{authroles.TokenColumn},
|
|
Bidi: false,
|
|
Target: &sqlgraph.EdgeTarget{
|
|
IDSpec: sqlgraph.NewFieldSpec(authtokens.FieldID, field.TypeUUID),
|
|
},
|
|
}
|
|
for _, k := range nodes {
|
|
edge.Target.Nodes = append(edge.Target.Nodes, k)
|
|
}
|
|
_spec.Edges.Add = append(_spec.Edges.Add, edge)
|
|
}
|
|
if _node, err = sqlgraph.UpdateNodes(ctx, _u.driver, _spec); err != nil {
|
|
if _, ok := err.(*sqlgraph.NotFoundError); ok {
|
|
err = &NotFoundError{authroles.Label}
|
|
} else if sqlgraph.IsConstraintError(err) {
|
|
err = &ConstraintError{msg: err.Error(), wrap: err}
|
|
}
|
|
return 0, err
|
|
}
|
|
_u.mutation.done = true
|
|
return _node, nil
|
|
}
|
|
|
|
// AuthRolesUpdateOne is the builder for updating a single AuthRoles entity.
|
|
type AuthRolesUpdateOne struct {
|
|
config
|
|
fields []string
|
|
hooks []Hook
|
|
mutation *AuthRolesMutation
|
|
}
|
|
|
|
// SetRole sets the "role" field.
|
|
func (_u *AuthRolesUpdateOne) SetRole(v authroles.Role) *AuthRolesUpdateOne {
|
|
_u.mutation.SetRole(v)
|
|
return _u
|
|
}
|
|
|
|
// SetNillableRole sets the "role" field if the given value is not nil.
|
|
func (_u *AuthRolesUpdateOne) SetNillableRole(v *authroles.Role) *AuthRolesUpdateOne {
|
|
if v != nil {
|
|
_u.SetRole(*v)
|
|
}
|
|
return _u
|
|
}
|
|
|
|
// SetTokenID sets the "token" edge to the AuthTokens entity by ID.
|
|
func (_u *AuthRolesUpdateOne) SetTokenID(id uuid.UUID) *AuthRolesUpdateOne {
|
|
_u.mutation.SetTokenID(id)
|
|
return _u
|
|
}
|
|
|
|
// SetNillableTokenID sets the "token" edge to the AuthTokens entity by ID if the given value is not nil.
|
|
func (_u *AuthRolesUpdateOne) SetNillableTokenID(id *uuid.UUID) *AuthRolesUpdateOne {
|
|
if id != nil {
|
|
_u = _u.SetTokenID(*id)
|
|
}
|
|
return _u
|
|
}
|
|
|
|
// SetToken sets the "token" edge to the AuthTokens entity.
|
|
func (_u *AuthRolesUpdateOne) SetToken(v *AuthTokens) *AuthRolesUpdateOne {
|
|
return _u.SetTokenID(v.ID)
|
|
}
|
|
|
|
// Mutation returns the AuthRolesMutation object of the builder.
|
|
func (_u *AuthRolesUpdateOne) Mutation() *AuthRolesMutation {
|
|
return _u.mutation
|
|
}
|
|
|
|
// ClearToken clears the "token" edge to the AuthTokens entity.
|
|
func (_u *AuthRolesUpdateOne) ClearToken() *AuthRolesUpdateOne {
|
|
_u.mutation.ClearToken()
|
|
return _u
|
|
}
|
|
|
|
// Where appends a list predicates to the AuthRolesUpdate builder.
|
|
func (_u *AuthRolesUpdateOne) Where(ps ...predicate.AuthRoles) *AuthRolesUpdateOne {
|
|
_u.mutation.Where(ps...)
|
|
return _u
|
|
}
|
|
|
|
// Select allows selecting one or more fields (columns) of the returned entity.
|
|
// The default is selecting all fields defined in the entity schema.
|
|
func (_u *AuthRolesUpdateOne) Select(field string, fields ...string) *AuthRolesUpdateOne {
|
|
_u.fields = append([]string{field}, fields...)
|
|
return _u
|
|
}
|
|
|
|
// Save executes the query and returns the updated AuthRoles entity.
|
|
func (_u *AuthRolesUpdateOne) Save(ctx context.Context) (*AuthRoles, error) {
|
|
return withHooks(ctx, _u.sqlSave, _u.mutation, _u.hooks)
|
|
}
|
|
|
|
// SaveX is like Save, but panics if an error occurs.
|
|
func (_u *AuthRolesUpdateOne) SaveX(ctx context.Context) *AuthRoles {
|
|
node, err := _u.Save(ctx)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
return node
|
|
}
|
|
|
|
// Exec executes the query on the entity.
|
|
func (_u *AuthRolesUpdateOne) Exec(ctx context.Context) error {
|
|
_, err := _u.Save(ctx)
|
|
return err
|
|
}
|
|
|
|
// ExecX is like Exec, but panics if an error occurs.
|
|
func (_u *AuthRolesUpdateOne) ExecX(ctx context.Context) {
|
|
if err := _u.Exec(ctx); err != nil {
|
|
panic(err)
|
|
}
|
|
}
|
|
|
|
// check runs all checks and user-defined validators on the builder.
|
|
func (_u *AuthRolesUpdateOne) check() error {
|
|
if v, ok := _u.mutation.Role(); ok {
|
|
if err := authroles.RoleValidator(v); err != nil {
|
|
return &ValidationError{Name: "role", err: fmt.Errorf(`ent: validator failed for field "AuthRoles.role": %w`, err)}
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (_u *AuthRolesUpdateOne) sqlSave(ctx context.Context) (_node *AuthRoles, err error) {
|
|
if err := _u.check(); err != nil {
|
|
return _node, err
|
|
}
|
|
_spec := sqlgraph.NewUpdateSpec(authroles.Table, authroles.Columns, sqlgraph.NewFieldSpec(authroles.FieldID, field.TypeInt))
|
|
id, ok := _u.mutation.ID()
|
|
if !ok {
|
|
return nil, &ValidationError{Name: "id", err: errors.New(`ent: missing "AuthRoles.id" for update`)}
|
|
}
|
|
_spec.Node.ID.Value = id
|
|
if fields := _u.fields; len(fields) > 0 {
|
|
_spec.Node.Columns = make([]string, 0, len(fields))
|
|
_spec.Node.Columns = append(_spec.Node.Columns, authroles.FieldID)
|
|
for _, f := range fields {
|
|
if !authroles.ValidColumn(f) {
|
|
return nil, &ValidationError{Name: f, err: fmt.Errorf("ent: invalid field %q for query", f)}
|
|
}
|
|
if f != authroles.FieldID {
|
|
_spec.Node.Columns = append(_spec.Node.Columns, f)
|
|
}
|
|
}
|
|
}
|
|
if ps := _u.mutation.predicates; len(ps) > 0 {
|
|
_spec.Predicate = func(selector *sql.Selector) {
|
|
for i := range ps {
|
|
ps[i](selector)
|
|
}
|
|
}
|
|
}
|
|
if value, ok := _u.mutation.Role(); ok {
|
|
_spec.SetField(authroles.FieldRole, field.TypeEnum, value)
|
|
}
|
|
if _u.mutation.TokenCleared() {
|
|
edge := &sqlgraph.EdgeSpec{
|
|
Rel: sqlgraph.O2O,
|
|
Inverse: true,
|
|
Table: authroles.TokenTable,
|
|
Columns: []string{authroles.TokenColumn},
|
|
Bidi: false,
|
|
Target: &sqlgraph.EdgeTarget{
|
|
IDSpec: sqlgraph.NewFieldSpec(authtokens.FieldID, field.TypeUUID),
|
|
},
|
|
}
|
|
_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
|
|
}
|
|
if nodes := _u.mutation.TokenIDs(); len(nodes) > 0 {
|
|
edge := &sqlgraph.EdgeSpec{
|
|
Rel: sqlgraph.O2O,
|
|
Inverse: true,
|
|
Table: authroles.TokenTable,
|
|
Columns: []string{authroles.TokenColumn},
|
|
Bidi: false,
|
|
Target: &sqlgraph.EdgeTarget{
|
|
IDSpec: sqlgraph.NewFieldSpec(authtokens.FieldID, field.TypeUUID),
|
|
},
|
|
}
|
|
for _, k := range nodes {
|
|
edge.Target.Nodes = append(edge.Target.Nodes, k)
|
|
}
|
|
_spec.Edges.Add = append(_spec.Edges.Add, edge)
|
|
}
|
|
_node = &AuthRoles{config: _u.config}
|
|
_spec.Assign = _node.assignValues
|
|
_spec.ScanValues = _node.scanValues
|
|
if err = sqlgraph.UpdateNode(ctx, _u.driver, _spec); err != nil {
|
|
if _, ok := err.(*sqlgraph.NotFoundError); ok {
|
|
err = &NotFoundError{authroles.Label}
|
|
} else if sqlgraph.IsConstraintError(err) {
|
|
err = &ConstraintError{msg: err.Error(), wrap: err}
|
|
}
|
|
return nil, err
|
|
}
|
|
_u.mutation.done = true
|
|
return _node, nil
|
|
}
|