@@ -6,10 +6,26 @@ import (
66
77 "github.com/google/uuid"
88
9+ "github.com/artefactual-sdps/enduro/internal/api/auth"
910 goastorage "github.com/artefactual-sdps/enduro/internal/api/gen/storage"
1011)
1112
1213func (s * serviceImpl ) RequestAipDeletion (ctx context.Context , payload * goastorage.RequestAipDeletionPayload ) error {
14+ // Authentication must be enabled for now.
15+ claims := auth .UserClaimsFromContext (ctx )
16+ if claims == nil {
17+ return goastorage .MakeNotValid (errors .New ("authentication is required" ))
18+ }
19+ if claims .Email == "" {
20+ return goastorage .MakeNotValid (errors .New ("email claim is required" ))
21+ }
22+ if claims .Sub == "" {
23+ return goastorage .MakeNotValid (errors .New ("sub claim is required" ))
24+ }
25+ if claims .ISS == "" {
26+ return goastorage .MakeNotValid (errors .New ("iss claim is required" ))
27+ }
28+
1329 aipID , err := uuid .Parse (payload .UUID )
1430 if err != nil {
1531 return goastorage .MakeNotValid (errors .New ("invalid UUID" ))
@@ -18,17 +34,15 @@ func (s *serviceImpl) RequestAipDeletion(ctx context.Context, payload *goastorag
1834 return goastorage .MakeNotValid (errors .New ("invalid reason" ))
1935 }
2036
21- // TODO:
22- // - Check AIP existence and status, same as in workflow.
23- // - Get user details from context claim and include them in the request.
37+ // TODO: Check AIP existence and status, same as in workflow.
2438
2539 _ , err = InitStorageDeleteWorkflow (ctx , s .tc , & StorageDeleteWorkflowRequest {
2640 AIPID : aipID ,
2741 Reason : payload .Reason ,
2842 TaskQueue : s .config .TaskQueue ,
29- UserEmail : "" ,
30- UserSub : "" ,
31- UserISS : "" ,
43+ UserEmail : claims . Email ,
44+ UserSub : claims . Sub ,
45+ UserISS : claims . ISS ,
3246 })
3347 if err != nil {
3448 s .logger .Error (err , "error initializing delete workflow" )
@@ -39,20 +53,33 @@ func (s *serviceImpl) RequestAipDeletion(ctx context.Context, payload *goastorag
3953}
4054
4155func (s * serviceImpl ) ReviewAipDeletion (ctx context.Context , payload * goastorage.ReviewAipDeletionPayload ) error {
56+ // Authentication must be enabled for now.
57+ claims := auth .UserClaimsFromContext (ctx )
58+ if claims == nil {
59+ return goastorage .MakeNotValid (errors .New ("authentication is required" ))
60+ }
61+ if claims .Email == "" {
62+ return goastorage .MakeNotValid (errors .New ("email claim is required" ))
63+ }
64+ if claims .Sub == "" {
65+ return goastorage .MakeNotValid (errors .New ("sub claim is required" ))
66+ }
67+ if claims .ISS == "" {
68+ return goastorage .MakeNotValid (errors .New ("iss claim is required" ))
69+ }
70+
4271 aipID , err := uuid .Parse (payload .UUID )
4372 if err != nil {
4473 return goastorage .MakeNotValid (errors .New ("invalid UUID" ))
4574 }
4675
47- // TODO:
48- // - Check AIP existence and status, and DeletionRequest.
49- // - Get user details from context claim and include them in the signal.
76+ // TODO: Check AIP existence and status, and DeletionRequest.
5077
5178 signal := DeletionReviewedSignal {
5279 Approved : payload .Approved ,
53- UserEmail : "" ,
54- UserSub : "" ,
55- UserISS : "" ,
80+ UserEmail : claims . Email ,
81+ UserSub : claims . Sub ,
82+ UserISS : claims . ISS ,
5683 }
5784 err = s .tc .SignalWorkflow (ctx , StorageDeleteWorkflowID (aipID ), "" , DeletionReviewedSignalName , signal )
5885 if err != nil {
0 commit comments