0a4641c24e
* feat(api-key): add IP whitelist/blacklist restriction and usage log IP tracking - Add IP restriction feature for API keys (whitelist/blacklist with CIDR support) - Add IP address logging to usage logs (admin-only visibility) - Remove billing_type column from usage logs UI (redundant) - Use generic "Access denied" error message for security Backend: - New ip package with IP/CIDR validation and matching utilities - Database migrations for ip_whitelist, ip_blacklist (api_keys) and ip_address (usage_logs) - Middleware IP restriction check after API key validation - Input validation for IP/CIDR patterns on create/update Frontend: - API key form with enable toggle for IP restriction - Shield icon indicator in table for keys with IP restriction - Removed billing_type filter and column from usage views * fix: update API contract tests for ip_whitelist/ip_blacklist fields Add ip_whitelist and ip_blacklist fields to expected JSON responses in API contract tests to match the new API key schema.
283 lines
9.5 KiB
Go
283 lines
9.5 KiB
Go
// Code generated by ent, DO NOT EDIT.
|
|
|
|
package ent
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"strings"
|
|
"time"
|
|
|
|
"entgo.io/ent"
|
|
"entgo.io/ent/dialect/sql"
|
|
"github.com/Wei-Shaw/sub2api/ent/apikey"
|
|
"github.com/Wei-Shaw/sub2api/ent/group"
|
|
"github.com/Wei-Shaw/sub2api/ent/user"
|
|
)
|
|
|
|
// APIKey is the model entity for the APIKey schema.
|
|
type APIKey struct {
|
|
config `json:"-"`
|
|
// ID of the ent.
|
|
ID int64 `json:"id,omitempty"`
|
|
// CreatedAt holds the value of the "created_at" field.
|
|
CreatedAt time.Time `json:"created_at,omitempty"`
|
|
// UpdatedAt holds the value of the "updated_at" field.
|
|
UpdatedAt time.Time `json:"updated_at,omitempty"`
|
|
// DeletedAt holds the value of the "deleted_at" field.
|
|
DeletedAt *time.Time `json:"deleted_at,omitempty"`
|
|
// UserID holds the value of the "user_id" field.
|
|
UserID int64 `json:"user_id,omitempty"`
|
|
// Key holds the value of the "key" field.
|
|
Key string `json:"key,omitempty"`
|
|
// Name holds the value of the "name" field.
|
|
Name string `json:"name,omitempty"`
|
|
// GroupID holds the value of the "group_id" field.
|
|
GroupID *int64 `json:"group_id,omitempty"`
|
|
// Status holds the value of the "status" field.
|
|
Status string `json:"status,omitempty"`
|
|
// Allowed IPs/CIDRs, e.g. ["192.168.1.100", "10.0.0.0/8"]
|
|
IPWhitelist []string `json:"ip_whitelist,omitempty"`
|
|
// Blocked IPs/CIDRs
|
|
IPBlacklist []string `json:"ip_blacklist,omitempty"`
|
|
// Edges holds the relations/edges for other nodes in the graph.
|
|
// The values are being populated by the APIKeyQuery when eager-loading is set.
|
|
Edges APIKeyEdges `json:"edges"`
|
|
selectValues sql.SelectValues
|
|
}
|
|
|
|
// APIKeyEdges holds the relations/edges for other nodes in the graph.
|
|
type APIKeyEdges struct {
|
|
// User holds the value of the user edge.
|
|
User *User `json:"user,omitempty"`
|
|
// Group holds the value of the group edge.
|
|
Group *Group `json:"group,omitempty"`
|
|
// UsageLogs holds the value of the usage_logs edge.
|
|
UsageLogs []*UsageLog `json:"usage_logs,omitempty"`
|
|
// loadedTypes holds the information for reporting if a
|
|
// type was loaded (or requested) in eager-loading or not.
|
|
loadedTypes [3]bool
|
|
}
|
|
|
|
// UserOrErr returns the User value or an error if the edge
|
|
// was not loaded in eager-loading, or loaded but was not found.
|
|
func (e APIKeyEdges) UserOrErr() (*User, error) {
|
|
if e.User != nil {
|
|
return e.User, nil
|
|
} else if e.loadedTypes[0] {
|
|
return nil, &NotFoundError{label: user.Label}
|
|
}
|
|
return nil, &NotLoadedError{edge: "user"}
|
|
}
|
|
|
|
// GroupOrErr returns the Group value or an error if the edge
|
|
// was not loaded in eager-loading, or loaded but was not found.
|
|
func (e APIKeyEdges) GroupOrErr() (*Group, error) {
|
|
if e.Group != nil {
|
|
return e.Group, nil
|
|
} else if e.loadedTypes[1] {
|
|
return nil, &NotFoundError{label: group.Label}
|
|
}
|
|
return nil, &NotLoadedError{edge: "group"}
|
|
}
|
|
|
|
// UsageLogsOrErr returns the UsageLogs value or an error if the edge
|
|
// was not loaded in eager-loading.
|
|
func (e APIKeyEdges) UsageLogsOrErr() ([]*UsageLog, error) {
|
|
if e.loadedTypes[2] {
|
|
return e.UsageLogs, nil
|
|
}
|
|
return nil, &NotLoadedError{edge: "usage_logs"}
|
|
}
|
|
|
|
// scanValues returns the types for scanning values from sql.Rows.
|
|
func (*APIKey) scanValues(columns []string) ([]any, error) {
|
|
values := make([]any, len(columns))
|
|
for i := range columns {
|
|
switch columns[i] {
|
|
case apikey.FieldIPWhitelist, apikey.FieldIPBlacklist:
|
|
values[i] = new([]byte)
|
|
case apikey.FieldID, apikey.FieldUserID, apikey.FieldGroupID:
|
|
values[i] = new(sql.NullInt64)
|
|
case apikey.FieldKey, apikey.FieldName, apikey.FieldStatus:
|
|
values[i] = new(sql.NullString)
|
|
case apikey.FieldCreatedAt, apikey.FieldUpdatedAt, apikey.FieldDeletedAt:
|
|
values[i] = new(sql.NullTime)
|
|
default:
|
|
values[i] = new(sql.UnknownType)
|
|
}
|
|
}
|
|
return values, nil
|
|
}
|
|
|
|
// assignValues assigns the values that were returned from sql.Rows (after scanning)
|
|
// to the APIKey fields.
|
|
func (_m *APIKey) assignValues(columns []string, values []any) error {
|
|
if m, n := len(values), len(columns); m < n {
|
|
return fmt.Errorf("mismatch number of scan values: %d != %d", m, n)
|
|
}
|
|
for i := range columns {
|
|
switch columns[i] {
|
|
case apikey.FieldID:
|
|
value, ok := values[i].(*sql.NullInt64)
|
|
if !ok {
|
|
return fmt.Errorf("unexpected type %T for field id", value)
|
|
}
|
|
_m.ID = int64(value.Int64)
|
|
case apikey.FieldCreatedAt:
|
|
if value, ok := values[i].(*sql.NullTime); !ok {
|
|
return fmt.Errorf("unexpected type %T for field created_at", values[i])
|
|
} else if value.Valid {
|
|
_m.CreatedAt = value.Time
|
|
}
|
|
case apikey.FieldUpdatedAt:
|
|
if value, ok := values[i].(*sql.NullTime); !ok {
|
|
return fmt.Errorf("unexpected type %T for field updated_at", values[i])
|
|
} else if value.Valid {
|
|
_m.UpdatedAt = value.Time
|
|
}
|
|
case apikey.FieldDeletedAt:
|
|
if value, ok := values[i].(*sql.NullTime); !ok {
|
|
return fmt.Errorf("unexpected type %T for field deleted_at", values[i])
|
|
} else if value.Valid {
|
|
_m.DeletedAt = new(time.Time)
|
|
*_m.DeletedAt = value.Time
|
|
}
|
|
case apikey.FieldUserID:
|
|
if value, ok := values[i].(*sql.NullInt64); !ok {
|
|
return fmt.Errorf("unexpected type %T for field user_id", values[i])
|
|
} else if value.Valid {
|
|
_m.UserID = value.Int64
|
|
}
|
|
case apikey.FieldKey:
|
|
if value, ok := values[i].(*sql.NullString); !ok {
|
|
return fmt.Errorf("unexpected type %T for field key", values[i])
|
|
} else if value.Valid {
|
|
_m.Key = value.String
|
|
}
|
|
case apikey.FieldName:
|
|
if value, ok := values[i].(*sql.NullString); !ok {
|
|
return fmt.Errorf("unexpected type %T for field name", values[i])
|
|
} else if value.Valid {
|
|
_m.Name = value.String
|
|
}
|
|
case apikey.FieldGroupID:
|
|
if value, ok := values[i].(*sql.NullInt64); !ok {
|
|
return fmt.Errorf("unexpected type %T for field group_id", values[i])
|
|
} else if value.Valid {
|
|
_m.GroupID = new(int64)
|
|
*_m.GroupID = value.Int64
|
|
}
|
|
case apikey.FieldStatus:
|
|
if value, ok := values[i].(*sql.NullString); !ok {
|
|
return fmt.Errorf("unexpected type %T for field status", values[i])
|
|
} else if value.Valid {
|
|
_m.Status = value.String
|
|
}
|
|
case apikey.FieldIPWhitelist:
|
|
if value, ok := values[i].(*[]byte); !ok {
|
|
return fmt.Errorf("unexpected type %T for field ip_whitelist", values[i])
|
|
} else if value != nil && len(*value) > 0 {
|
|
if err := json.Unmarshal(*value, &_m.IPWhitelist); err != nil {
|
|
return fmt.Errorf("unmarshal field ip_whitelist: %w", err)
|
|
}
|
|
}
|
|
case apikey.FieldIPBlacklist:
|
|
if value, ok := values[i].(*[]byte); !ok {
|
|
return fmt.Errorf("unexpected type %T for field ip_blacklist", values[i])
|
|
} else if value != nil && len(*value) > 0 {
|
|
if err := json.Unmarshal(*value, &_m.IPBlacklist); err != nil {
|
|
return fmt.Errorf("unmarshal field ip_blacklist: %w", err)
|
|
}
|
|
}
|
|
default:
|
|
_m.selectValues.Set(columns[i], values[i])
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// Value returns the ent.Value that was dynamically selected and assigned to the APIKey.
|
|
// This includes values selected through modifiers, order, etc.
|
|
func (_m *APIKey) Value(name string) (ent.Value, error) {
|
|
return _m.selectValues.Get(name)
|
|
}
|
|
|
|
// QueryUser queries the "user" edge of the APIKey entity.
|
|
func (_m *APIKey) QueryUser() *UserQuery {
|
|
return NewAPIKeyClient(_m.config).QueryUser(_m)
|
|
}
|
|
|
|
// QueryGroup queries the "group" edge of the APIKey entity.
|
|
func (_m *APIKey) QueryGroup() *GroupQuery {
|
|
return NewAPIKeyClient(_m.config).QueryGroup(_m)
|
|
}
|
|
|
|
// QueryUsageLogs queries the "usage_logs" edge of the APIKey entity.
|
|
func (_m *APIKey) QueryUsageLogs() *UsageLogQuery {
|
|
return NewAPIKeyClient(_m.config).QueryUsageLogs(_m)
|
|
}
|
|
|
|
// Update returns a builder for updating this APIKey.
|
|
// Note that you need to call APIKey.Unwrap() before calling this method if this APIKey
|
|
// was returned from a transaction, and the transaction was committed or rolled back.
|
|
func (_m *APIKey) Update() *APIKeyUpdateOne {
|
|
return NewAPIKeyClient(_m.config).UpdateOne(_m)
|
|
}
|
|
|
|
// Unwrap unwraps the APIKey entity that was returned from a transaction after it was closed,
|
|
// so that all future queries will be executed through the driver which created the transaction.
|
|
func (_m *APIKey) Unwrap() *APIKey {
|
|
_tx, ok := _m.config.driver.(*txDriver)
|
|
if !ok {
|
|
panic("ent: APIKey is not a transactional entity")
|
|
}
|
|
_m.config.driver = _tx.drv
|
|
return _m
|
|
}
|
|
|
|
// String implements the fmt.Stringer.
|
|
func (_m *APIKey) String() string {
|
|
var builder strings.Builder
|
|
builder.WriteString("APIKey(")
|
|
builder.WriteString(fmt.Sprintf("id=%v, ", _m.ID))
|
|
builder.WriteString("created_at=")
|
|
builder.WriteString(_m.CreatedAt.Format(time.ANSIC))
|
|
builder.WriteString(", ")
|
|
builder.WriteString("updated_at=")
|
|
builder.WriteString(_m.UpdatedAt.Format(time.ANSIC))
|
|
builder.WriteString(", ")
|
|
if v := _m.DeletedAt; v != nil {
|
|
builder.WriteString("deleted_at=")
|
|
builder.WriteString(v.Format(time.ANSIC))
|
|
}
|
|
builder.WriteString(", ")
|
|
builder.WriteString("user_id=")
|
|
builder.WriteString(fmt.Sprintf("%v", _m.UserID))
|
|
builder.WriteString(", ")
|
|
builder.WriteString("key=")
|
|
builder.WriteString(_m.Key)
|
|
builder.WriteString(", ")
|
|
builder.WriteString("name=")
|
|
builder.WriteString(_m.Name)
|
|
builder.WriteString(", ")
|
|
if v := _m.GroupID; v != nil {
|
|
builder.WriteString("group_id=")
|
|
builder.WriteString(fmt.Sprintf("%v", *v))
|
|
}
|
|
builder.WriteString(", ")
|
|
builder.WriteString("status=")
|
|
builder.WriteString(_m.Status)
|
|
builder.WriteString(", ")
|
|
builder.WriteString("ip_whitelist=")
|
|
builder.WriteString(fmt.Sprintf("%v", _m.IPWhitelist))
|
|
builder.WriteString(", ")
|
|
builder.WriteString("ip_blacklist=")
|
|
builder.WriteString(fmt.Sprintf("%v", _m.IPBlacklist))
|
|
builder.WriteByte(')')
|
|
return builder.String()
|
|
}
|
|
|
|
// APIKeys is a parsable slice of APIKey.
|
|
type APIKeys []*APIKey
|