fix: docker build version arg

* fix: role validation for given token

* chore: update app dependencies

.github/workflows/release.yaml

@@ -41,12 +41,12 @@ jobs:
           make clean && \
           CGO_ENABLED=1 GOOS=windows CC=/usr/bin/x86_64-w64-mingw32-gcc make && \
           mv build/server build/server.exe && \
-          zip -vr authorizer-${VERSION}-windows-amd64.zip .env app build templates
+          zip -vr authorizer-${VERSION}-windows-amd64.zip .env app/build build templates
       - name: Package files for linux
         run: |
           make clean && \
           CGO_ENABLED=1 make && \
-          tar cvfz authorizer-${VERSION}-linux-amd64.tar.gz .env app build templates
+          tar cvfz authorizer-${VERSION}-linux-amd64.tar.gz .env app/build build templates
       - name: Upload assets
         run: |
           github-assets-uploader -f authorizer-${VERSION}-windows-amd64.zip -mediatype application/zip -repo authorizerdev/authorizer -token ${{secrets.RELEASE_TOKEN}} -tag ${VERSION} && \
@@ -70,3 +70,5 @@ jobs:
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+          build-args: |
+            VERSION=${VERSION}

Dockerfile

@@ -3,9 +3,10 @@ WORKDIR /app
 COPY server server
 COPY Makefile .
 
-ARG VERSION=0.1.0-beta.0
-ENV VERSION="${VERSION}"
+ARG VERSION="latest"
+ENV VERSION="$VERSION"
 
+RUN echo "$VERSION"
 RUN apk add build-base &&\
     make clean && make && \
     chmod 777 build/server

app/package-lock.json

@@ -8,7 +8,7 @@
 			"version": "1.0.0",
 			"license": "ISC",
 			"dependencies": {
-				"@authorizerdev/authorizer-react": "^0.1.0-beta.16",
+				"@authorizerdev/authorizer-react": "^0.1.0-beta.18",
 				"@types/react": "^17.0.15",
 				"@types/react-dom": "^17.0.9",
 				"esbuild": "^0.12.17",
@@ -22,9 +22,9 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-js": {
-			"version": "0.1.0-beta.16",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.1.0-beta.16.tgz",
-			"integrity": "sha512-RyjWhVbLYvmkcAT+2ddpRhrt7P5DBVKtGKjHWRugSqenTW7XFQMlhQqx5Z09DeqLw3Lsq0VVZ5h8tWcExHvwEw==",
+			"version": "0.1.0-beta.19",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.1.0-beta.19.tgz",
+			"integrity": "sha512-//uYjklwQfQKqLJHMAyjdrzh2nz6DycB3lEgl6bTXxmSbrz+l1kQyxB3y8wP/W30IrBQz8bZb+1sau+LD/FU7g==",
 			"dependencies": {
 				"node-fetch": "^2.6.1"
 			},
@@ -33,11 +33,11 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-react": {
-			"version": "0.1.0-beta.16",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.1.0-beta.16.tgz",
-			"integrity": "sha512-b00LH0gtfMh/opFaGDF+EkxDOpNkCj/TNVjyW2wbiOFdC4HgLhc+UbPgL5/rDDol4XQsToL3SmwxmSxB2lWWuQ==",
+			"version": "0.1.0-beta.18",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.1.0-beta.18.tgz",
+			"integrity": "sha512-lRWWlS9akZwwINRW1NatsbMob06NXht3HXNTUTlu1s8m1YjxmFRE/AL6UIplzAYTpR6eDWMxEEaS0qAVxovUcg==",
 			"dependencies": {
-				"@authorizerdev/authorizer-js": "^0.1.0-beta.16",
+				"@authorizerdev/authorizer-js": "^0.1.0-beta.19",
 				"final-form": "^4.20.2",
 				"react-final-form": "^6.5.3",
 				"styled-components": "^5.3.0"
@@ -797,19 +797,19 @@
 	},
 	"dependencies": {
 		"@authorizerdev/authorizer-js": {
-			"version": "0.1.0-beta.16",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.1.0-beta.16.tgz",
-			"integrity": "sha512-RyjWhVbLYvmkcAT+2ddpRhrt7P5DBVKtGKjHWRugSqenTW7XFQMlhQqx5Z09DeqLw3Lsq0VVZ5h8tWcExHvwEw==",
+			"version": "0.1.0-beta.19",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.1.0-beta.19.tgz",
+			"integrity": "sha512-//uYjklwQfQKqLJHMAyjdrzh2nz6DycB3lEgl6bTXxmSbrz+l1kQyxB3y8wP/W30IrBQz8bZb+1sau+LD/FU7g==",
 			"requires": {
 				"node-fetch": "^2.6.1"
 			}
 		},
 		"@authorizerdev/authorizer-react": {
-			"version": "0.1.0-beta.16",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.1.0-beta.16.tgz",
-			"integrity": "sha512-b00LH0gtfMh/opFaGDF+EkxDOpNkCj/TNVjyW2wbiOFdC4HgLhc+UbPgL5/rDDol4XQsToL3SmwxmSxB2lWWuQ==",
+			"version": "0.1.0-beta.18",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.1.0-beta.18.tgz",
+			"integrity": "sha512-lRWWlS9akZwwINRW1NatsbMob06NXht3HXNTUTlu1s8m1YjxmFRE/AL6UIplzAYTpR6eDWMxEEaS0qAVxovUcg==",
 			"requires": {
-				"@authorizerdev/authorizer-js": "^0.1.0-beta.16",
+				"@authorizerdev/authorizer-js": "^0.1.0-beta.19",
 				"final-form": "^4.20.2",
 				"react-final-form": "^6.5.3",
 				"styled-components": "^5.3.0"

app/package.json

@@ -10,7 +10,7 @@
 	"author": "Lakhan Samani",
 	"license": "ISC",
 	"dependencies": {
-		"@authorizerdev/authorizer-react": "^0.1.0-beta.16",
+		"@authorizerdev/authorizer-react": "^0.1.0-beta.18",
 		"@types/react": "^17.0.15",
 		"@types/react-dom": "^17.0.9",
 		"esbuild": "^0.12.17",

scripts/build-mac.sh

@@ -1,7 +1,7 @@
 VERSION="$1"
 make clean && CGO_ENABLED=1 VERSION=${VERSION} make
 FILE_NAME=authorizer-${VERSION}-darwin-amd64.tar.gz
-tar cvfz ${FILE_NAME} .env app build templates
+tar cvfz ${FILE_NAME} .env app/build build templates
 AUTH="Authorization: token $GITHUB_TOKEN"
 RELASE_INFO=$(curl -sH "$AUTH" https://api.github.com/repos/authorizerdev/authorizer/releases/tags/${VERSION})
 echo $RELASE_INFO

server/constants/constants.go

@@ -13,7 +13,6 @@ var (
 	JWT_TYPE                     = ""
 	JWT_SECRET                   = ""
 	ALLOWED_ORIGINS              = []string{}
-	ALLOWED_CALLBACK_URLS        = []string{}
 	AUTHORIZER_URL               = ""
 	PORT                         = "8080"
 	REDIS_URL                    = ""

server/db/roles.go

@@ -23,8 +23,7 @@ func (r *Role) BeforeCreate(tx *gorm.DB) (err error) {
 func (mgr *manager) SaveRoles(roles []Role) error {
 	res := mgr.db.Clauses(
 		clause.OnConflict{
-			OnConstraint: "authorizer_roles_role_key",
-			DoNothing:    true,
+			DoNothing: true,
 		}).Create(&roles)
 	if res.Error != nil {
 		log.Println(`Error saving roles`)

server/env.go

@@ -11,43 +11,33 @@ import (
 )
 
 // build variables
-var Version string
-
-// ParseArgs -> to parse the cli flag and get db url. This is useful with heroku button
-func ParseArgs() {
-	dbURL := flag.String("database_url", "", "Database connection string")
-	dbType := flag.String("databse_type", "", "Database type, possible values are postgres,mysql,sqlite")
-	authorizerURL := flag.String("authorizer_url", "", "URL for authorizer instance, eg: https://xyz.herokuapp.com")
-
-	flag.Parse()
-	if *dbURL != "" {
-		constants.DATABASE_URL = *dbURL
-	}
-
-	if *dbType != "" {
-		constants.DATABASE_TYPE = *dbType
-	}
-
-	if *authorizerURL != "" {
-		constants.AUTHORIZER_URL = *authorizerURL
-	}
-}
+var (
+	Version            string
+	ARG_DB_URL         *string
+	ARG_DB_TYPE        *string
+	ARG_AUTHORIZER_URL *string
+	ARG_ENV_FILE       *string
+)
 
 // InitEnv -> to initialize env and through error if required env are not present
 func InitEnv() {
 	envPath := `.env`
-	envFile := flag.String("env_file", "", "Env file path")
+	ARG_DB_URL = flag.String("database_url", "", "Database connection string")
+	ARG_DB_TYPE = flag.String("database_type", "", "Database type, possible values are postgres,mysql,sqlite")
+	ARG_AUTHORIZER_URL = flag.String("authorizer_url", "", "URL for authorizer instance, eg: https://xyz.herokuapp.com")
+	ARG_ENV_FILE = flag.String("env_file", "", "Env file path")
+
 	flag.Parse()
-	if *envFile != "" {
-		envPath = *envFile
+	if *ARG_ENV_FILE != "" {
+		envPath = *ARG_ENV_FILE
 	}
+
 	err := godotenv.Load(envPath)
 	if err != nil {
 		log.Println("Error loading .env file")
 	}
 
 	constants.VERSION = Version
-
 	constants.ADMIN_SECRET = os.Getenv("ADMIN_SECRET")
 	constants.ENV = os.Getenv("ENV")
 	constants.DATABASE_TYPE = os.Getenv("DATABASE_TYPE")
@@ -104,20 +94,18 @@ func InitEnv() {
 	}
 	constants.ALLOWED_ORIGINS = allowedOrigins
 
-	allowedCallbackSplit := strings.Split(os.Getenv("ALLOWED_CALLBACK_URLS"), ",")
-	allowedCallbacks := []string{}
-	for _, val := range allowedCallbackSplit {
-		trimVal := strings.TrimSpace(val)
-		if trimVal != "" {
-			allowedCallbacks = append(allowedCallbacks, trimVal)
-		}
+	if *ARG_AUTHORIZER_URL != "" {
+		constants.AUTHORIZER_URL = *ARG_AUTHORIZER_URL
+	}
+
+	if *ARG_DB_URL != "" {
+		constants.DATABASE_URL = *ARG_DB_URL
+	}
+
+	if *ARG_DB_TYPE != "" {
+		constants.DATABASE_TYPE = *ARG_DB_TYPE
 	}
-	if len(allowedCallbackSplit) == 0 {
-		allowedCallbackSplit = []string{"*"}
-	}
-	constants.ALLOWED_CALLBACK_URLS = allowedCallbackSplit
 
-	ParseArgs()
 	if constants.DATABASE_URL == "" {
 		panic("Database url is required")
 	}

server/resolvers/adminUpdateUser.go

@@ -30,7 +30,6 @@ func AdminUpdateUser(ctx context.Context, params model.AdminUpdateUserInput) (*m
 	}
 
 	user, err := db.Mgr.GetUserByID(params.ID)
-
 	if err != nil {
 		return res, fmt.Errorf(`User not found`)
 	}
@@ -114,9 +113,8 @@ func AdminUpdateUser(ctx context.Context, params model.AdminUpdateUserInput) (*m
 		return res, err
 	}
 
-	userIdStr := fmt.Sprintf("%v", user.ID)
 	res = &model.User{
-		ID:        userIdStr,
+		ID:        params.ID,
 		Email:     user.Email,
 		Image:     &user.Image,
 		FirstName: &user.FirstName,

server/resolvers/token.go

@@ -36,8 +36,8 @@ func Token(ctx context.Context, role *string) (*model.AuthResponse, error) {
 		return res, err
 	}
 
-	if role != nil && role != &claimRole {
-		return res, fmt.Errorf(`unauthorized. invalid role for a given token`)
+	if role != nil && *role != claimRole {
+		return res, fmt.Errorf(`unauthorized`)
 	}
 
 	userIdStr := fmt.Sprintf("%v", user.ID)