Merge pull request #13 from MGTheTrain/feature/secure-file-storage

Feature/secure file storage

docs/diagrams/use-case-overview.mmd

@@ -7,57 +7,59 @@ Grantee["Grantee"]
 
 %% Use Cases Grouped by Domain
 subgraph Blob_Management ["Blob Management"]
-    UC1["Manage All Blobs"]
-    UC2["Upload Own Blobs"]
-    UC3["Delete Own Blobs"]
-    UC4["Download Blob with Permission"]
-    UC5["View Blob with Permission"]
+    UC1["UC1: Manage All Blobs"]
+    UC2["UC2: Upload Own Blobs"]
+    UC3["UC3: Delete Own Blobs"]
+    UC4["UC4: Download Blob with Permission"]
+    UC5["UC5: View Blob with Permission"]
+    UC6["UC6: Manage Blob Metadata"]
+    UC7["UC7: Manage Own Blob Metadata"]
+    UC8["UC8: View Public Blob Metadata"]
 end
 
 subgraph Key_Management ["Key Management"]
-    UC6["Manage Cryptographic Keys"]
-    UC7["Manage Own Cryptographic Keys"]
-end
-
-subgraph Metadata_Management ["Metadata Management"]
-    UC8["Manage Metadata"]
-    UC9["Manage Own Metadata"]
-    UC10["View public Metadata"]
+    UC9["UC9: Manage Cryptographic Keys"]
+    UC10["UC10: Manage Own Cryptographic Keys"]
+    UC11["UC11: Manage Key Metadata"]
+    UC12["UC12: Manage Own Key Metadata"]
+    UC13["UC13: View Public Key Metadata"]
 end
 
 subgraph Key_Operations ["Key Operations"]
-    UC11["Encrypt Own Blobs"]
-    UC12["Decrypt Own Blobs"]
-    UC13["Hash Own Blobs"]
-    UC14["Verify Blob Signature"]
+    UC14["UC14: Encrypt Own Blobs"]
+    UC15["UC15: Decrypt Own Blobs"]
+    UC16["UC16: Hash Own Blobs"]
+    UC17["UC17: Verify Blob Signature"]
 end
 
 subgraph Permission_Management ["Permission Management"]
-    UC15["Grant Download Permission"]
-    UC16["Grant View Permission"]
+    UC18["UC18: Grant Download Permission"]
+    UC19["UC19: Grant View Permission"]
 end
 
 %% Actor -> Use Cases
 Admin --> UC1
-Admin --> UC6
-Admin --> UC7
+Admin --> UC9
+Admin --> UC10
+Admin --> UC11
 
 Owner --> UC2
 Owner --> UC3
 Owner --> UC4
+Owner --> UC5
+Owner --> UC6
+Owner --> UC7
 Owner --> UC8
-Owner --> UC9
-Owner --> UC10
-Owner --> UC11
-Owner --> UC12
-Owner --> UC13
 Owner --> UC14
 Owner --> UC15
 Owner --> UC16
+Owner --> UC17
+Owner --> UC18
+Owner --> UC19
 
 Grantee --> UC4
 Grantee --> UC5
-Grantee --> UC12
+Grantee --> UC15
 
 %% Class definitions for actors
 classDef actor fill:#ADD8E6,stroke:#333,stroke-width:2px;

internal/app/services/blob.go

@@ -0,0 +1,8 @@
+package services
+
+type BlobUploadService struct {
+}
+type BlobMetadataService struct {
+}
+type BlobDownloadService struct {
+}

internal/app/services/key.go

@@ -0,0 +1,10 @@
+package services
+
+type CryptKeyUploadService struct {
+}
+type CryptoKeyMetadataService struct {
+}
+type CryptoKeyDownloadService struct {
+}
+type CryptoKeyOperationService struct {
+}

internal/domain/blobs/contract.go

@@ -1,28 +1,30 @@
 package blobs
 
-// BlobManagement defines methods for managing blob operations.
-type BlobManagement interface {
-	// Upload handles the upload of blobs from file paths.
-	// Returns the created Blobs metadata and any error encountered.
-	Upload(filePath []string) ([]*Blob, error)
+// BlobUploadService defines methods for uploading blobs.
+type BlobUploadService interface {
+	// Upload handles the upload of blobs from the specified file paths.
+	// It returns a slice of Blob for the uploaded blobs and any error encountered during the upload process.
+	Upload(filePaths []string) ([]*BlobMeta, error)
+}
 
-	// Download retrieves a blob by its ID and name, returning the metadata and file data.
-	// Returns the Blob metadata, file data as a byte slice, and any error.
-	Download(blobId, blobName string) (*Blob, []byte, error)
+// BlobMetadataService defines methods for retrieving Blob and deleting a blob along with its metadata.
+type BlobMetadataService interface {
+	// List retrieves all blobs' metadata considering a query filter when set.
+	// It returns a slice of Blob and any error encountered during the retrieval.
+	List(query *BlobMetaQuery) ([]*BlobMeta, error)
 
-	// DeleteByID removes a blob by its ID.
-	// Returns any error encountered.
-	DeleteByID(blobId string) error
-}
+	// GetByID retrieves the metadata of a blob by its unique ID.
+	// It returns the Blob and any error encountered during the retrieval process.
+	GetByID(blobID string) (*BlobMeta, error)
 
-// BlobMetadataManagement defines the methods for managing Blob metadata
-type BlobMetadataManagement interface {
-	// Create creates a new blob
-	Create(blob *Blob) (*Blob, error)
-	// GetByID retrieves blob by ID
-	GetByID(blobID string) (*Blob, error)
-	// UpdateByID updates a blob's metadata
-	UpdateByID(blobID string, updates *Blob) (*Blob, error)
-	// DeleteByID deletes a blob by ID
+	// DeleteByID deletes a blob and its associated metadata by ID.
+	// It returns any error encountered during the deletion process.
 	DeleteByID(blobID string) error
 }
+
+// BlobDownloadService defines methods for downloading blobs.
+type BlobDownloadService interface {
+	// Download retrieves a blob by its ID and name.
+	// It returns the Blob, the file data as a byte slice, and any error encountered during the download process.
+	Download(blobID, blobName string) (*BlobMeta, []byte, error)
+}

internal/domain/blobs/model.go

@@ -8,24 +8,24 @@ import (
 	"github.com/go-playground/validator/v10"
 )
 
-// Blob represents metadata on the actual blob being stored
-type Blob struct {
-	ID                  string                `gorm:"primaryKey" validate:"required,uuid4"`  // ID is required and must be a valid UUID
-	UploadTime          time.Time             `validate:"required"`                          // UploadTime is required
-	UserID              string                `validate:"required,uuid4"`                    // UserID is required and must be a valid UUID
-	Name                string                `validate:"required,min=1,max=255"`            // Name is required, and its length must be between 1 and 255 characters
-	Size                int64                 `validate:"required,min=1"`                    // Size must be greater than 0
-	Type                string                `validate:"required,min=1,max=50"`             // Type is required, and its length must be between 1 and 50 characters
-	EncryptionAlgorithm string                `validate:"omitempty,oneof=AES RSA ECDSA"`     // EncryptionAlgorithm is optional and must be one of the listed algorithms
-	HashAlgorithm       string                `validate:"omitempty,oneof=SHA256 SHA512 MD5"` // HashAlgorithm is optional and must be one of the listed algorithms
-	IsEncrypted         bool                  `validate:"-"`                                 // IsEncrypted is required (true/false)
-	IsSigned            bool                  `validate:"-"`                                 // IsSigned is required (true/false)
-	CryptographicKey    keys.CryptographicKey `gorm:"foreignKey:KeyID" validate:"required"`  // CryptographicKey is required
-	KeyID               string                `validate:"omitempty,uuid4"`                   // KeyID is optional and must be a valid UUID
+// BlobMeta represents metadata on the actual blob metadata being stored
+type BlobMeta struct {
+	ID                  string             `gorm:"primaryKey" validate:"required,uuid4"`  // ID is required and must be a valid UUID
+	UploadTime          time.Time          `validate:"required"`                          // UploadTime is required
+	UserID              string             `validate:"required,uuid4"`                    // UserID is required and must be a valid UUID
+	Name                string             `validate:"required,min=1,max=255"`            // Name is required, and its length must be between 1 and 255 characters
+	Size                int64              `validate:"required,min=1"`                    // Size must be greater than 0
+	Type                string             `validate:"required,min=1,max=50"`             // Type is required, and its length must be between 1 and 50 characters
+	EncryptionAlgorithm string             `validate:"omitempty,oneof=AES RSA ECDSA"`     // EncryptionAlgorithm is optional and must be one of the listed algorithms
+	HashAlgorithm       string             `validate:"omitempty,oneof=SHA256 SHA512 MD5"` // HashAlgorithm is optional and must be one of the listed algorithms
+	IsEncrypted         bool               `validate:"-"`                                 // IsEncrypted is required (true/false)
+	IsSigned            bool               `validate:"-"`                                 // IsSigned is required (true/false)
+	CryptoKey           keys.CryptoKeyMeta `gorm:"foreignKey:KeyID" validate:"required"`  // CryptoKey is required
+	KeyID               string             `validate:"omitempty,uuid4"`                   // KeyID is optional and must be a valid UUID
 }
 
-// Validate for validating Blob struct
-func (b *Blob) Validate() error {
+// Validate for validating BlobMeta struct
+func (b *BlobMeta) Validate() error {
 	// Initialize the validator
 	validate := validator.New()
 

internal/domain/blobs/query.go

@@ -0,0 +1,59 @@
+package blobs
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/go-playground/validator/v10"
+)
+
+// BlobMetaQuery represents metadata on the actual blob being stored.
+type BlobMetaQuery struct {
+	UploadTime time.Time `validate:"required"`               // UploadTime is required
+	Name       string    `validate:"required,min=1,max=255"` // Name is required and its length must be between 1 and 255 characters
+	Size       int64     `validate:"required,min=1"`         // Size must be greater than 0
+	Type       string    `validate:"required,min=1,max=50"`  // Type is required, and its length must be between 1 and 50 characters
+
+	// Pagination properties
+	Limit  int `validate:"omitempty,min=1"` // Limit is optional but if provided, should be at least 1
+	Offset int `validate:"omitempty,min=0"` // Offset is optional but should be 0 or greater for pagination
+
+	// Sorting properties
+	SortBy    string `validate:"omitempty,oneof=ID Type CreatedAt ExpiresAt"` // SortBy is optional but can be one of the fields to sort by
+	SortOrder string `validate:"omitempty,oneof=asc desc"`                    // SortOrder is optional, default is ascending ('asc'), can also be 'desc'
+}
+
+// NewBlobMetaQuery creates a BlobMetaQuery with default values.
+func NewBlobMetaQuery() *BlobMetaQuery {
+	return &BlobMetaQuery{
+		Limit:     10,          // Default limit to 10 results per page
+		Offset:    0,           // Default offset to 0 for pagination
+		SortBy:    "CreatedAt", // Default sort by CreatedAt
+		SortOrder: "asc",       // Default sort order ascending
+	}
+}
+
+// Validate validates the BlobMetaQuery struct based on the defined rules.
+func (b *BlobMetaQuery) Validate() error {
+	// Initialize the validator
+	validate := validator.New()
+
+	// Validate the struct fields
+	err := validate.Struct(b)
+	if err != nil {
+		// Collect all validation errors
+		var validationErrors []string
+		for _, err := range err.(validator.ValidationErrors) {
+			validationErrors = append(validationErrors, fmt.Sprintf("Field: %s, Tag: %s", err.Field(), err.Tag()))
+		}
+		return fmt.Errorf("Validation failed: %v", validationErrors)
+	}
+
+	// Custom validation logic: Check that ExpiresAt (if exists) is after CreatedAt
+	if !b.UploadTime.IsZero() && b.UploadTime.After(time.Now()) {
+		return fmt.Errorf("UploadTime cannot be in the future")
+	}
+
+	// Return nil if no validation errors are found
+	return nil
+}