From 5e65e727ad81b3b87f4e98be2efce7990b93c79a Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Tue, 10 Jan 2023 16:28:03 +0100
Subject: [PATCH] admin: Can view a provider without knowing its user

---
 admin/db-provider.go | 67 +++++++++++++++++++++++++++++++++-----------
 1 file changed, 51 insertions(+), 16 deletions(-)

diff --git a/admin/db-provider.go b/admin/db-provider.go
index e03bd8a..e515751 100644
--- a/admin/db-provider.go
+++ b/admin/db-provider.go
@@ -54,6 +54,7 @@ func declareProvidersRoutes(opts *config.Options, router *gin.RouterGroup) {
 	apiProvidersMetaRoutes.DELETE("", deleteUserProvider)
 
 	apiProvidersRoutes := router.Group("/providers/:pid")
+	apiProvidersRoutes.Use(FindUserProviderHandler)
 	apiProvidersRoutes.Use(api.ProviderHandler)
 
 	apiProvidersRoutes.GET("", api.GetProvider)
@@ -61,30 +62,64 @@ func declareProvidersRoutes(opts *config.Options, router *gin.RouterGroup) {
 	declareDomainsRoutes(opts, apiProvidersRoutes)
 }
 
+func FindUserProviderHandler(c *gin.Context) {
+	if _, ok := c.Get("user"); ok {
+		c.Next()
+		return
+	}
+
+	srcmeta, err := listAllProviders()
+	if err != nil {
+		c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"errmsg": "Sorry, we are currently unable to retrieve providers information. Please try again later."})
+		return
+	}
+
+	for _, src := range srcmeta {
+		if src.Id.String() == string(c.Param("pid")) {
+			user, err := storage.MainStore.GetUser(src.OwnerId)
+			if err != nil {
+				c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"errmsg": "Sorry, we are currently unable to retrieve required users information. Please try again later."})
+				return
+			}
+
+			c.Set("user", user)
+
+			c.Next()
+		}
+	}
+}
+
+func listAllProviders() ([]happydns.ProviderMeta, error) {
+	var providers []happydns.ProviderMeta
+
+	users, err := storage.MainStore.GetUsers()
+	if err != nil {
+		return nil, err
+	}
+	for _, user := range users {
+		usersProviders, err := storage.MainStore.GetProviderMetas(user)
+		if err != nil {
+			return nil, err
+		}
+
+		providers = append(providers, usersProviders...)
+	}
+
+	return providers, err
+}
+
 func getProviders(c *gin.Context) {
 	user, exists := c.Get("user")
 	if exists {
 		srcmeta, err := storage.MainStore.GetProviderMetas(user.(*happydns.User))
 		ApiResponse(c, srcmeta, err)
 	} else {
-		var providers []happydns.ProviderMeta
-
-		users, err := storage.MainStore.GetUsers()
+		providers, err := listAllProviders()
 		if err != nil {
-			ApiResponse(c, nil, fmt.Errorf("Unable to retrieve users list: %w", err))
-			return
+			ApiResponse(c, nil, fmt.Errorf("Unable to retrieve providers: %w", err))
+		} else {
+			ApiResponse(c, providers, nil)
 		}
-		for _, user := range users {
-			usersProviders, err := storage.MainStore.GetProviderMetas(user)
-			if err != nil {
-				ApiResponse(c, nil, fmt.Errorf("Unable to retrieve %s's providers: %w", user.Email, err))
-				return
-			}
-
-			providers = append(providers, usersProviders...)
-		}
-
-		ApiResponse(c, providers, nil)
 	}
 }