fix(store,api): идемпотентный import (UNIQUE+ON CONFLICT) + PATCH привязки шаблона к домену

This commit is contained in:
2026-07-03 15:24:08 +07:00
parent 2aca92d070
commit ddab6e2162
9 changed files with 364 additions and 1 deletions
+2
View File
@@ -40,6 +40,7 @@ type TenantStore interface {
ListDomains(ctx context.Context, projectID uuid.UUID) ([]store.Domain, error)
DeleteDomain(ctx context.Context, id, projectID uuid.UUID) error
ImportDomains(ctx context.Context, projectID, accountID uuid.UUID, zones []provider.Zone) ([]store.Domain, error)
SetDomainTemplate(ctx context.Context, domainID, projectID uuid.UUID, templateID *uuid.UUID) (store.Domain, error)
}
// Cipher encrypts/decrypts provider account secrets. *crypto.Cipher satisfies it.
@@ -73,6 +74,7 @@ func NewRouter(a *API) http.Handler {
r.Route("/{did}", func(r chi.Router) {
r.Get("/check", a.handleCheck)
r.Post("/apply", a.handleApply)
r.Patch("/", a.handleSetDomainTemplate)
r.Delete("/", a.handleDeleteDomain)
})
})
+6
View File
@@ -47,6 +47,12 @@ type domainRequest struct {
TemplateID *string `json:"templateId,omitempty"`
}
// updateDomainTemplateRequest is the PATCH .../domains/{did} body used to
// bind (or clear, when templateId is null/omitted) a domain's DNS template.
type updateDomainTemplateRequest struct {
TemplateID *string `json:"templateId"`
}
type domainResponse struct {
ID string `json:"id"`
ProviderAccountID string `json:"providerAccountId"`
+34
View File
@@ -304,6 +304,40 @@ func (a *API) handleListDomains(w http.ResponseWriter, r *http.Request) {
writeJSON(w, http.StatusOK, resp)
}
// handleSetDomainTemplate binds (or clears) the DNS template used to
// check/apply a domain — this is what makes an imported domain (which
// starts with template_id=NULL) checkable, closing the import→check loop.
func (a *API) handleSetDomainTemplate(w http.ResponseWriter, r *http.Request) {
pid, err := uuid.Parse(chi.URLParam(r, "pid"))
if err != nil {
writeErr(w, http.StatusBadRequest, "invalid project id")
return
}
did, err := uuid.Parse(chi.URLParam(r, "did"))
if err != nil {
writeErr(w, http.StatusBadRequest, "invalid domain id")
return
}
var req updateDomainTemplateRequest
if !decodeBody(w, r, &req) {
return
}
templateID, ok := parseOptionalUUID(req.TemplateID)
if !ok {
writeErr(w, http.StatusBadRequest, "invalid templateId")
return
}
dom, err := a.Store.SetDomainTemplate(r.Context(), did, pid, templateID)
if err != nil {
// Either the domain itself or the (scoped) template wasn't found in
// this project — treat both as 404 rather than leak which one.
writeErr(w, http.StatusNotFound, "domain or template not found")
return
}
writeJSON(w, http.StatusOK, toDomainResponse(dom))
}
func (a *API) handleDeleteDomain(w http.ResponseWriter, r *http.Request) {
pid, err := uuid.Parse(chi.URLParam(r, "pid"))
if err != nil {
+76
View File
@@ -35,6 +35,8 @@ type mockTenantStore struct {
importDomains []store.Domain
importDomainsErr error
importCalled bool
setDomainTemplateErr error
}
func (m *mockTenantStore) CreateAccount(_ context.Context, projectID uuid.UUID, prov, secretEnc, comment string) (store.Account, error) {
@@ -98,6 +100,21 @@ func (m *mockTenantStore) ListDomains(context.Context, uuid.UUID) ([]store.Domai
func (m *mockTenantStore) DeleteDomain(context.Context, uuid.UUID, uuid.UUID) error { return nil }
func (m *mockTenantStore) SetDomainTemplate(_ context.Context, domainID, projectID uuid.UUID, templateID *uuid.UUID) (store.Domain, error) {
if m.setDomainTemplateErr != nil {
return store.Domain{}, m.setDomainTemplateErr
}
for i, d := range m.domains {
if d.ID == domainID {
m.domains[i].TemplateID = templateID
return m.domains[i], nil
}
}
d := store.Domain{ID: domainID, ProjectID: projectID, TemplateID: templateID}
m.domains = append(m.domains, d)
return d, nil
}
func (m *mockTenantStore) ImportDomains(_ context.Context, projectID, accountID uuid.UUID, zones []provider.Zone) ([]store.Domain, error) {
m.importCalled = true
if m.importDomainsErr != nil {
@@ -463,6 +480,65 @@ func TestCreateDomain_ValidTemplateInProject(t *testing.T) {
}
}
// --- domain template binding (import -> check loop) ---
func TestSetDomainTemplate_ValidTemplateId(t *testing.T) {
a, ts := newTenantTestAPI()
domID := uuid.New()
tplID := uuid.New()
ts.domains = []store.Domain{{ID: domID, ZoneName: "example.com", ZoneID: "z1"}}
router := NewRouter(a)
body := `{"templateId":"` + tplID.String() + `"}`
req := httptest.NewRequest(http.MethodPatch, "/api/v1/projects/"+testPID+"/domains/"+domID.String(), strings.NewReader(body))
w := httptest.NewRecorder()
router.ServeHTTP(w, req)
if w.Code != http.StatusOK {
t.Fatalf("expected 200, got %d body %s", w.Code, w.Body.String())
}
var resp domainResponse
if err := json.Unmarshal(w.Body.Bytes(), &resp); err != nil {
t.Fatal(err)
}
if resp.TemplateID == nil || *resp.TemplateID != tplID.String() {
t.Fatalf("unexpected response: %+v", resp)
}
}
func TestSetDomainTemplate_BadTemplateUUID(t *testing.T) {
a, ts := newTenantTestAPI()
domID := uuid.New()
ts.domains = []store.Domain{{ID: domID}}
router := NewRouter(a)
body := `{"templateId":"not-a-uuid"}`
req := httptest.NewRequest(http.MethodPatch, "/api/v1/projects/"+testPID+"/domains/"+domID.String(), strings.NewReader(body))
w := httptest.NewRecorder()
router.ServeHTTP(w, req)
if w.Code != http.StatusBadRequest {
t.Fatalf("expected 400, got %d body %s", w.Code, w.Body.String())
}
}
func TestSetDomainTemplate_TemplateNotFound(t *testing.T) {
a, ts := newTenantTestAPI()
domID := uuid.New()
ts.domains = []store.Domain{{ID: domID}}
ts.setDomainTemplateErr = errors.New("template not found in project")
router := NewRouter(a)
body := `{"templateId":"` + uuid.New().String() + `"}`
req := httptest.NewRequest(http.MethodPatch, "/api/v1/projects/"+testPID+"/domains/"+domID.String(), strings.NewReader(body))
w := httptest.NewRecorder()
router.ServeHTTP(w, req)
if w.Code != http.StatusNotFound {
t.Fatalf("expected 404, got %d body %s", w.Code, w.Body.String())
}
}
func TestDeleteDomain_BadUUID(t *testing.T) {
a, _ := newTenantTestAPI()
router := NewRouter(a)
+64
View File
@@ -87,6 +87,44 @@ func (q *Queries) GetDomain(ctx context.Context, arg GetDomainParams) (Domain, e
return i, err
}
const importDomain = `-- name: ImportDomain :one
INSERT INTO domains (id, project_id, provider_account_id, zone_name, zone_id, template_id)
VALUES ($1, $2, $3, $4, $5, $6)
ON CONFLICT (project_id, zone_id) DO NOTHING
RETURNING id, project_id, provider_account_id, zone_name, zone_id, template_id, created_at
`
type ImportDomainParams struct {
ID uuid.UUID `json:"id"`
ProjectID uuid.UUID `json:"project_id"`
ProviderAccountID uuid.UUID `json:"provider_account_id"`
ZoneName string `json:"zone_name"`
ZoneID string `json:"zone_id"`
TemplateID *uuid.UUID `json:"template_id"`
}
func (q *Queries) ImportDomain(ctx context.Context, arg ImportDomainParams) (Domain, error) {
row := q.db.QueryRow(ctx, importDomain,
arg.ID,
arg.ProjectID,
arg.ProviderAccountID,
arg.ZoneName,
arg.ZoneID,
arg.TemplateID,
)
var i Domain
err := row.Scan(
&i.ID,
&i.ProjectID,
&i.ProviderAccountID,
&i.ZoneName,
&i.ZoneID,
&i.TemplateID,
&i.CreatedAt,
)
return i, err
}
const listDomains = `-- name: ListDomains :many
SELECT id, project_id, provider_account_id, zone_name, zone_id, template_id, created_at FROM domains WHERE project_id = $1 ORDER BY created_at
`
@@ -145,3 +183,29 @@ func (q *Queries) LoadDomainFull(ctx context.Context, id uuid.UUID) (LoadDomainF
)
return i, err
}
const updateDomainTemplate = `-- name: UpdateDomainTemplate :one
UPDATE domains SET template_id = $3 WHERE id = $1 AND project_id = $2
RETURNING id, project_id, provider_account_id, zone_name, zone_id, template_id, created_at
`
type UpdateDomainTemplateParams struct {
ID uuid.UUID `json:"id"`
ProjectID uuid.UUID `json:"project_id"`
TemplateID *uuid.UUID `json:"template_id"`
}
func (q *Queries) UpdateDomainTemplate(ctx context.Context, arg UpdateDomainTemplateParams) (Domain, error) {
row := q.db.QueryRow(ctx, updateDomainTemplate, arg.ID, arg.ProjectID, arg.TemplateID)
var i Domain
err := row.Scan(
&i.ID,
&i.ProjectID,
&i.ProviderAccountID,
&i.ZoneName,
&i.ZoneID,
&i.TemplateID,
&i.CreatedAt,
)
return i, err
}
@@ -0,0 +1,5 @@
-- +goose Up
ALTER TABLE domains ADD CONSTRAINT domains_project_zone_uniq UNIQUE (project_id, zone_id);
-- +goose Down
ALTER TABLE domains DROP CONSTRAINT domains_project_zone_uniq;
+10
View File
@@ -3,6 +3,16 @@ INSERT INTO domains (id, project_id, provider_account_id, zone_name, zone_id, te
VALUES ($1, $2, $3, $4, $5, $6)
RETURNING *;
-- name: ImportDomain :one
INSERT INTO domains (id, project_id, provider_account_id, zone_name, zone_id, template_id)
VALUES ($1, $2, $3, $4, $5, $6)
ON CONFLICT (project_id, zone_id) DO NOTHING
RETURNING *;
-- name: UpdateDomainTemplate :one
UPDATE domains SET template_id = $3 WHERE id = $1 AND project_id = $2
RETURNING *;
-- name: GetDomain :one
SELECT * FROM domains WHERE id = $1 AND project_id = $2;
+134
View File
@@ -143,3 +143,137 @@ func TestImportDomains_RollsBackAllOnError(t *testing.T) {
t.Fatalf("expected 0 domains after rollback, got %d", len(list))
}
}
// TestImportDomains_IdempotentOnRepeat verifies the fix for the import
// idempotency gap: re-importing the same zones must not create duplicate
// domains (enforced by the domains_project_zone_uniq constraint + ON
// CONFLICT DO NOTHING in the ImportDomain query) and must not error.
func TestImportDomains_IdempotentOnRepeat(t *testing.T) {
s, ctx := newStore(t)
acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{
ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob",
})
if err != nil {
t.Fatal(err)
}
zones := []provider.Zone{
{ID: "z1", Name: "a.example.com"},
{ID: "z2", Name: "b.example.com"},
}
first, err := s.ImportDomains(ctx, defaultProject, acc.ID, zones)
if err != nil {
t.Fatal(err)
}
if len(first) != 2 {
t.Fatalf("expected 2 domains on first import, got %d", len(first))
}
second, err := s.ImportDomains(ctx, defaultProject, acc.ID, zones)
if err != nil {
t.Fatalf("expected repeat import to succeed idempotently, got error: %v", err)
}
if len(second) != 0 {
t.Fatalf("expected 0 newly-created domains on repeat import, got %d", len(second))
}
list, err := s.ListDomains(ctx, defaultProject)
if err != nil {
t.Fatal(err)
}
if len(list) != 2 {
t.Fatalf("expected still exactly 2 domains (no duplicates), got %d", len(list))
}
var count int
row := s.pool.QueryRow(ctx, `SELECT COUNT(*) FROM domains WHERE project_id = $1 AND zone_id = $2`, defaultProject, "z1")
if err := row.Scan(&count); err != nil {
t.Fatal(err)
}
if count != 1 {
t.Fatalf("expected COUNT=1 for zone z1 (UNIQUE constraint), got %d", count)
}
}
// TestSetDomainTemplate_ClosesImportCheckLoop verifies the fix for the
// second review gap: an imported domain (template_id=NULL) can be bound to
// a template via SetDomainTemplate, after which LoadDomain succeeds and
// returns that template — closing the import -> bind -> check cycle.
func TestSetDomainTemplate_ClosesImportCheckLoop(t *testing.T) {
s, ctx := newStore(t)
acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{
ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob",
})
if err != nil {
t.Fatal(err)
}
doms, err := s.ImportDomains(ctx, defaultProject, acc.ID, []provider.Zone{{ID: "z1", Name: "a.example.com"}})
if err != nil {
t.Fatal(err)
}
dom := doms[0]
// Before binding, the domain is not checkable.
if _, err := s.LoadDomain(ctx, dom.ID); err == nil {
t.Fatal("expected LoadDomain to fail before a template is bound")
}
doc := dto.TemplateDoc{Records: []dto.RecordDTO{
{Type: "A", Name: "www.a.example.com.", TTL: 300, Values: []string{"1.2.3.4"}},
}}
tpl, err := s.CreateTemplate(ctx, defaultProject, "base", doc)
if err != nil {
t.Fatal(err)
}
updated, err := s.SetDomainTemplate(ctx, dom.ID, defaultProject, &tpl.ID)
if err != nil {
t.Fatal(err)
}
if updated.TemplateID == nil || *updated.TemplateID != tpl.ID {
t.Fatalf("expected domain.TemplateID=%s, got %+v", tpl.ID, updated.TemplateID)
}
ref, err := s.LoadDomain(ctx, dom.ID)
if err != nil {
t.Fatalf("expected LoadDomain to succeed after binding template, got error: %v", err)
}
if len(ref.Template.Records) != 1 || ref.Template.Records[0].Type != "A" {
t.Fatalf("unexpected template loaded: %+v", ref.Template)
}
}
// TestSetDomainTemplate_RejectsForeignProjectTemplate verifies that binding
// a template belonging to a different project is rejected rather than
// silently succeeding (which would let one tenant's domain use another
// tenant's DNS template).
func TestSetDomainTemplate_RejectsForeignProjectTemplate(t *testing.T) {
s, ctx := newStore(t)
acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{
ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob",
})
if err != nil {
t.Fatal(err)
}
doms, err := s.ImportDomains(ctx, defaultProject, acc.ID, []provider.Zone{{ID: "z1", Name: "a.example.com"}})
if err != nil {
t.Fatal(err)
}
dom := doms[0]
// A template that belongs to a different (foreign) project. The default
// user is the seed tenant from migrations/0001_init.sql.
defaultUser := uuid.MustParse("00000000-0000-0000-0000-000000000001")
foreignProject := uuid.New()
if _, err := s.pool.Exec(ctx, `INSERT INTO projects (id, user_id, name) VALUES ($1, $2, 'foreign')`, foreignProject, defaultUser); err != nil {
t.Fatal(err)
}
foreignTpl, err := s.CreateTemplate(ctx, foreignProject, "foreign", dto.TemplateDoc{})
if err != nil {
t.Fatal(err)
}
if _, err := s.SetDomainTemplate(ctx, dom.ID, defaultProject, &foreignTpl.ID); err == nil {
t.Fatal("expected error binding a template from a different project, got nil")
}
}
+33 -1
View File
@@ -2,8 +2,10 @@ package store
import (
"context"
"errors"
"github.com/google/uuid"
"github.com/jackc/pgx/v5"
"github.com/vasyakrg/dns-autoresolver/internal/provider"
"github.com/vasyakrg/dns-autoresolver/internal/store/db"
@@ -166,6 +168,12 @@ func (s *Store) DeleteDomain(ctx context.Context, id, projectID uuid.UUID) error
// ImportDomains creates one domain per zone inside a single transaction: if
// any zone fails to be created, the whole batch is rolled back so callers
// never observe a partially-imported set of domains.
//
// Import is idempotent: zones that already have a domain for this project
// (enforced by the domains_project_zone_uniq constraint) are silently
// skipped via ON CONFLICT DO NOTHING rather than erroring or duplicating —
// so a repeated POST .../import never creates duplicate domains. Only the
// zones that were actually newly created are returned.
func (s *Store) ImportDomains(ctx context.Context, projectID, accountID uuid.UUID, zones []provider.Zone) ([]Domain, error) {
tx, err := s.pool.Begin(ctx)
if err != nil {
@@ -176,11 +184,16 @@ func (s *Store) ImportDomains(ctx context.Context, projectID, accountID uuid.UUI
q := s.q.WithTx(tx)
out := make([]Domain, 0, len(zones))
for _, z := range zones {
d, err := q.CreateDomain(ctx, db.CreateDomainParams{
d, err := q.ImportDomain(ctx, db.ImportDomainParams{
ID: uuid.New(), ProjectID: projectID, ProviderAccountID: accountID,
ZoneName: z.Name, ZoneID: z.ID, TemplateID: nil,
})
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
// ON CONFLICT DO NOTHING: this zone was already imported
// for this project — skip it rather than fail the batch.
continue
}
return nil, err
}
out = append(out, domainFromDB(d))
@@ -190,3 +203,22 @@ func (s *Store) ImportDomains(ctx context.Context, projectID, accountID uuid.UUI
}
return out, nil
}
// SetDomainTemplate attaches (or clears, when templateID is nil) the DNS
// template used to check/apply a domain. When templateID is non-nil it must
// belong to the same project — verified via scoped GetTemplate — otherwise
// a caller could bind a domain to another tenant's template.
func (s *Store) SetDomainTemplate(ctx context.Context, domainID, projectID uuid.UUID, templateID *uuid.UUID) (Domain, error) {
if templateID != nil {
if _, err := s.GetTemplate(ctx, *templateID, projectID); err != nil {
return Domain{}, err
}
}
d, err := s.q.UpdateDomainTemplate(ctx, db.UpdateDomainTemplateParams{
ID: domainID, ProjectID: projectID, TemplateID: templateID,
})
if err != nil {
return Domain{}, err
}
return domainFromDB(d), nil
}