fix

internal/api/variables.go

@@ -0,0 +1,207 @@
+package api
+
+import (
+	"containr/internal/database"
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+)
+
+type EnvironmentVariable struct {
+	ID        uuid.UUID `json:"id" db:"id"`
+	ServiceID uuid.UUID `json:"service_id" db:"service_id"`
+	Key       string    `json:"key" db:"key"`
+	Value     string    `json:"value" db:"value"`
+	IsSecret  bool      `json:"is_secret" db:"is_secret"`
+	CreatedAt time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt time.Time `json:"updated_at" db:"updated_at"`
+}
+
+type UpdateVariablesRequest struct {
+	Variables []VariableInput `json:"variables" binding:"required"`
+}
+
+type VariableInput struct {
+	Key      string `json:"key" binding:"required"`
+	Value    string `json:"value"`
+	IsSecret bool   `json:"is_secret"`
+}
+
+func handleGetVariables(c *gin.Context) {
+	db, exists := c.Get("db")
+	if !exists {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Database connection not available"})
+		return
+	}
+
+	serviceIDStr := c.Param("id")
+	serviceID, err := uuid.Parse(serviceIDStr)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid service ID"})
+		return
+	}
+
+	userID, exists := c.Get("user_id")
+	if !exists {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
+		return
+	}
+
+	var ownerCheck string
+	err = db.(*database.DB).QueryRow(
+		`SELECT p.owner_id FROM services s 
+		 JOIN projects p ON s.project_id = p.id 
+		 WHERE s.id = $1`,
+		serviceID,
+	).Scan(&ownerCheck)
+
+	if err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": "Service not found"})
+		return
+	}
+
+	if ownerCheck != userID.(string) {
+		c.JSON(http.StatusForbidden, gin.H{"error": "Access denied"})
+		return
+	}
+
+	rows, err := db.(*database.DB).Query(
+		`SELECT id, service_id, key, value, is_secret, created_at, updated_at
+		 FROM environment_variables 
+		 WHERE service_id = $1 
+		 ORDER BY key ASC`,
+		serviceID,
+	)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to retrieve variables"})
+		return
+	}
+	defer rows.Close()
+
+	var variables []EnvironmentVariable
+	for rows.Next() {
+		var v EnvironmentVariable
+		err := rows.Scan(
+			&v.ID, &v.ServiceID, &v.Key, &v.Value, &v.IsSecret, &v.CreatedAt, &v.UpdatedAt,
+		)
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to scan variable"})
+			return
+		}
+		if v.IsSecret {
+			v.Value = "********"
+		}
+		variables = append(variables, v)
+	}
+
+	c.JSON(http.StatusOK, gin.H{"variables": variables})
+}
+
+func handleUpdateVariables(c *gin.Context) {
+	db, exists := c.Get("db")
+	if !exists {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Database connection not available"})
+		return
+	}
+
+	serviceIDStr := c.Param("id")
+	serviceID, err := uuid.Parse(serviceIDStr)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid service ID"})
+		return
+	}
+
+	var req UpdateVariablesRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	userID, exists := c.Get("user_id")
+	if !exists {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
+		return
+	}
+
+	var ownerCheck string
+	err = db.(*database.DB).QueryRow(
+		`SELECT p.owner_id FROM services s 
+		 JOIN projects p ON s.project_id = p.id 
+		 WHERE s.id = $1`,
+		serviceID,
+	).Scan(&ownerCheck)
+
+	if err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": "Service not found"})
+		return
+	}
+
+	if ownerCheck != userID.(string) {
+		c.JSON(http.StatusForbidden, gin.H{"error": "Access denied"})
+		return
+	}
+
+	tx, err := db.(*database.DB).Begin()
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to begin transaction"})
+		return
+	}
+	defer tx.Rollback()
+
+	_, err = tx.Exec("DELETE FROM environment_variables WHERE service_id = $1", serviceID)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to clear existing variables"})
+		return
+	}
+
+	now := time.Now()
+	for _, v := range req.Variables {
+		varID := uuid.New()
+		_, err = tx.Exec(
+			`INSERT INTO environment_variables (id, service_id, key, value, is_secret, created_at, updated_at)
+			 VALUES ($1, $2, $3, $4, $5, $6, $7)`,
+			varID, serviceID, v.Key, v.Value, v.IsSecret, now, now,
+		)
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to insert variable: " + v.Key})
+			return
+		}
+	}
+
+	if err = tx.Commit(); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to commit transaction"})
+		return
+	}
+
+	rows, err := db.(*database.DB).Query(
+		`SELECT id, service_id, key, value, is_secret, created_at, updated_at
+		 FROM environment_variables 
+		 WHERE service_id = $1 
+		 ORDER BY key ASC`,
+		serviceID,
+	)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to retrieve variables"})
+		return
+	}
+	defer rows.Close()
+
+	var variables []EnvironmentVariable
+	for rows.Next() {
+		var v EnvironmentVariable
+		err := rows.Scan(
+			&v.ID, &v.ServiceID, &v.Key, &v.Value, &v.IsSecret, &v.CreatedAt, &v.UpdatedAt,
+		)
+		if err != nil {
+			continue
+		}
+		if v.IsSecret {
+			v.Value = "********"
+		}
+		variables = append(variables, v)
+	}
+
+	c.JSON(http.StatusOK, gin.H{"variables": variables, "message": "Environment variables updated successfully"})
+}