From a3bda429d0ab5fb373b87b798d77ed5b2ac14df9 Mon Sep 17 00:00:00 2001
From: Lakhan Samani <lakhan.m.samani@gmail.com>
Date: Sat, 14 Oct 2023 18:06:29 +0530
Subject: [PATCH] fix: upgrade packages

- fix app_data for cassandra & scylladb
---
 Dockerfile                                  |  6 +++---
 server/db/providers/cassandradb/provider.go |  7 +++++++
 server/db/providers/cassandradb/user.go     | 16 ++++++++--------
 server/email/email.go                       |  2 +-
 server/test/signup_test.go                  |  4 ++++
 server/test/update_user_test.go             | 11 +++++++++++
 6 files changed, 34 insertions(+), 12 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 27ba980..2c3aacb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.21.1-alpine as go-builder
+FROM golang:1.21.3-alpine3.18 as go-builder
 WORKDIR /authorizer
 COPY server server
 COPY Makefile .
@@ -11,7 +11,7 @@ RUN apk add build-base &&\
     make clean && make && \
     chmod 777 build/server
 
-FROM node:17-alpine3.12 as node-builder
+FROM node:20-alpine3.18 as node-builder
 WORKDIR /authorizer
 COPY app app
 COPY dashboard dashboard
@@ -20,7 +20,7 @@ RUN apk add build-base &&\
     make build-app && \
     make build-dashboard
 
-FROM alpine:latest
+FROM alpine:3.18
 RUN adduser -D -h /authorizer -u 1000 -k /dev/null authorizer
 WORKDIR /authorizer
 RUN mkdir app dashboard
diff --git a/server/db/providers/cassandradb/provider.go b/server/db/providers/cassandradb/provider.go
index 6f1fe6b..6620ee0 100644
--- a/server/db/providers/cassandradb/provider.go
+++ b/server/db/providers/cassandradb/provider.go
@@ -261,6 +261,13 @@ func NewProvider() (*provider, error) {
 		log.Debug("Failed to alter table as column exists: ", err)
 		// continue
 	}
+	// Add app_data column to users table
+	appDataAlterQuery := fmt.Sprintf(`ALTER TABLE %s.%s ADD (app_data text);`, KeySpace, models.Collections.User)
+	err = session.Query(appDataAlterQuery).Exec()
+	if err != nil {
+		log.Debug("Failed to alter user table as app_data column exists: ", err)
+		// continue
+	}
 	// Add phone number index
 	otpIndexQueryPhoneNumber := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_otp_phone_number ON %s.%s (phone_number)", KeySpace, models.Collections.OTP)
 	err = session.Query(otpIndexQueryPhoneNumber).Exec()
diff --git a/server/db/providers/cassandradb/user.go b/server/db/providers/cassandradb/user.go
index 376a6db..5b782e0 100644
--- a/server/db/providers/cassandradb/user.go
+++ b/server/db/providers/cassandradb/user.go
@@ -177,13 +177,13 @@ func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination)
 	// there is no offset in cassandra
 	// so we fetch till limit + offset
 	// and return the results from offset to limit
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.User, pagination.Limit+pagination.Offset)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, app_data, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.User, pagination.Limit+pagination.Offset)
 	scanner := p.db.Query(query).Iter().Scanner()
 	counter := int64(0)
 	for scanner.Next() {
 		if counter >= pagination.Offset {
 			var user models.User
-			err := scanner.Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
+			err := scanner.Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.AppData, &user.CreatedAt, &user.UpdatedAt)
 			if err != nil {
 				return nil, err
 			}
@@ -200,8 +200,8 @@ func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination)
 // GetUserByEmail to get user information from database using email address
 func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
 	var user models.User
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, email)
-	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, app_data, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, email)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.AppData, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
 		return nil, err
 	}
@@ -211,8 +211,8 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us
 // GetUserByID to get user information from database using user ID
 func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, error) {
 	var user models.User
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, id)
-	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, app_data, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, id)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.AppData, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
 		return nil, err
 	}
@@ -306,8 +306,8 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 // GetUserByPhoneNumber to get user information from database using phone number
 func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string) (*models.User, error) {
 	var user models.User
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s WHERE phone_number = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, phoneNumber)
-	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, app_data, created_at, updated_at FROM %s WHERE phone_number = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, phoneNumber)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.AppData, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
 		return nil, err
 	}
diff --git a/server/email/email.go b/server/email/email.go
index e7222ac..8376931 100644
--- a/server/email/email.go
+++ b/server/email/email.go
@@ -91,7 +91,7 @@ func SendEmail(to []string, event string, data map[string]interface{}) error {
 
 	tmp, err := getEmailTemplate(event, data)
 	if err != nil {
-		log.Errorf("Failed to get event template: ", err)
+		log.Error("Failed to get event template: ", err)
 		return err
 	}
 
diff --git a/server/test/signup_test.go b/server/test/signup_test.go
index 85d179d..491a2ee 100644
--- a/server/test/signup_test.go
+++ b/server/test/signup_test.go
@@ -43,10 +43,14 @@ func signupTests(t *testing.T, s TestSetup) {
 			Email:           email,
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
+			AppData: map[string]interface{}{
+				"test": "test",
+			},
 		})
 		assert.Nil(t, err, "signup should be successful")
 		user := *res.User
 		assert.Equal(t, email, user.Email)
+		assert.Equal(t, "test", user.AppData["test"])
 		assert.Nil(t, res.AccessToken, "access token should be nil")
 		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
 			Email:           email,
diff --git a/server/test/update_user_test.go b/server/test/update_user_test.go
index ca197f7..68b1647 100644
--- a/server/test/update_user_test.go
+++ b/server/test/update_user_test.go
@@ -50,8 +50,19 @@ func updateUserTest(t *testing.T, s TestSetup) {
 		_, err = resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
 			ID:    user.ID,
 			Roles: newRoles,
+			AppData: map[string]interface{}{
+				"test": "test",
+			},
 		})
 		assert.Nil(t, err)
+		// Get user and check if roles are updated
+		users, err := resolvers.UsersResolver(ctx, nil)
+		assert.Nil(t, err)
+		for _, u := range users.Users {
+			if u.ID == user.ID {
+				assert.Equal(t, u.AppData["test"], "test")
+			}
+		}
 		cleanData(email)
 	})
 }