bebe/bamort
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Phase 1: Core Infrastructure

Browse Source
This commit is contained in:
Frank
2026-02-27 12:00:40 +01:00
parent 865017a107
commit 41a86f6299
9 changed files with 2045 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/cmd/main.go
+12
View File
@@ -7,6 +7,7 @@ import (
"bamort/database"
"bamort/equipment"
"bamort/gsmaster"
"bamort/importer"
"bamort/importero"
"bamort/logger"
"bamort/maintenance"
@@ -60,6 +61,17 @@ func main() {
database.ConnectDatabase()
logger.Info("Datenbankverbindung erfolgreich")
// Run database migrations
logger.Debug("Führe Datenbank-Migrationen aus...")
if err := database.MigrateStructure(); err != nil {
logger.Error("Fehler bei Datenbank-Migrationen: %s", err.Error())
}
if err := importer.MigrateStructure(database.DB); err != nil {
logger.Error("Fehler bei Importer-Migrationen: %s", err.Error())
} else {
logger.Info("Datenbank-Migrationen erfolgreich")
}
/*
// Populate initial misc lookup data
logger.Debug("Initialisiere Misc-Lookup-Daten...")
backend/importer/import_logic.go
+601
View File
@@ -0,0 +1,601 @@
package importer
import (
"bamort/database"
"bamort/models"
"bytes"
"compress/gzip"
"fmt"
"time"
"gorm.io/gorm"
)
// ImportResult represents the result of a character import operation
type ImportResult struct {
CharacterID uint `json:"character_id"`
ImportID uint `json:"import_id"`
AdapterID string `json:"adapter_id"`
Warnings []ValidationWarning `json:"warnings"`
CreatedItems map[string]int `json:"created_items"` // {"skills": 3, "spells": 1}
Status string `json:"status"`
}
// ImportCharacter imports a character with full transaction safety
// This implements the transaction-wrapped import logic from Phase 1
func ImportCharacter(char *CharacterImport, userID uint, adapterID string, originalData []byte) (*ImportResult, error) {
tx := database.DB.Begin()
defer func() {
if r := recover(); r != nil {
tx.Rollback()
}
}()
result := &ImportResult{
AdapterID: adapterID,
CreatedItems: make(map[string]int),
Status: "in_progress",
}
// 1. Create ImportHistory record (failed status initially)
history := &ImportHistory{
UserID: userID,
AdapterID: adapterID,
SourceFormat: adapterID, // Can be refined based on adapter metadata
SourceFilename: fmt.Sprintf("%s_import_%d.json", char.Name, time.Now().Unix()),
BmrtVersion: "1.0",
ImportedAt: time.Now(),
Status: "in_progress",
}
// Compress original data
if originalData != nil {
compressed, err := compressData(originalData)
if err != nil {
tx.Rollback()
return nil, fmt.Errorf("failed to compress source data: %w", err)
}
history.SourceSnapshot = compressed
}
if err := tx.Create(history).Error; err != nil {
tx.Rollback()
return nil, fmt.Errorf("failed to create import history: %w", err)
}
result.ImportID = history.ID
// 2. Reconcile master data and track created items
createdCounts := make(map[string]int)
// Reconcile skills
for _, skill := range char.Fertigkeiten {
_, matchType, err := reconcileSkillWithTx(tx, skill, history.ID, char.Typ)
if err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to reconcile skill %s: %v", skill.Name, err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to reconcile skill: %w", err)
}
if matchType == "created_personal" {
createdCounts["skills"]++
}
}
// Reconcile spells
for _, spell := range char.Zauber {
_, matchType, err := reconcileSpellWithTx(tx, spell, history.ID, char.Typ)
if err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to reconcile spell %s: %v", spell.Name, err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to reconcile spell: %w", err)
}
if matchType == "created_personal" {
createdCounts["spells"]++
}
}
// Reconcile weapon skills
for _, ws := range char.Waffenfertigkeiten {
_, matchType, err := reconcileWeaponSkillWithTx(tx, ws, history.ID, char.Typ)
if err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to reconcile weapon skill %s: %v", ws.Name, err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to reconcile weapon skill: %w", err)
}
if matchType == "created_personal" {
createdCounts["weapon_skills"]++
}
}
// Reconcile weapons
for _, weapon := range char.Waffen {
_, matchType, err := reconcileWeaponWithTx(tx, weapon, history.ID, char.Typ)
if err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to reconcile weapon %s: %v", weapon.Name, err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to reconcile weapon: %w", err)
}
if matchType == "created_personal" {
createdCounts["weapons"]++
}
}
// Reconcile equipment
for _, eq := range char.Ausruestung {
_, matchType, err := reconcileEquipmentWithTx(tx, eq, history.ID, char.Typ)
if err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to reconcile equipment %s: %v", eq.Name, err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to reconcile equipment: %w", err)
}
if matchType == "created_personal" {
createdCounts["equipment"]++
}
}
// Reconcile containers
for _, container := range char.Behaeltnisse {
_, matchType, err := reconcileContainerWithTx(tx, container, history.ID, char.Typ)
if err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to reconcile container %s: %v", container.Name, err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to reconcile container: %w", err)
}
if matchType == "created_personal" {
createdCounts["containers"]++
}
}
result.CreatedItems = createdCounts
// 3. Create models.Char
// TODO: Implement CreateCharacterFromImport helper
// For now, create a minimal character record
newChar := &models.Char{
Rasse: char.Rasse,
Typ: char.Typ,
Alter: char.Alter,
Anrede: char.Anrede,
Grad: char.Grad,
Groesse: char.Groesse,
Gewicht: char.Gewicht,
Glaube: char.Glaube,
Hand: char.Hand,
UserID: userID,
ImportedFromAdapter: &adapterID,
ImportedAt: &history.ImportedAt,
}
// Set the name through BamortBase (inherited)
newChar.BamortBase.Name = char.Name
if err := tx.Create(newChar).Error; err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to create character: %v", err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to create character: %w", err)
}
// Create attributes as separate records
attributes := []models.Eigenschaft{
{CharacterID: newChar.ID, UserID: userID, Name: "St", Value: char.Eigenschaften.St},
{CharacterID: newChar.ID, UserID: userID, Name: "Gs", Value: char.Eigenschaften.Gs},
{CharacterID: newChar.ID, UserID: userID, Name: "Gw", Value: char.Eigenschaften.Gw},
{CharacterID: newChar.ID, UserID: userID, Name: "Ko", Value: char.Eigenschaften.Ko},
{CharacterID: newChar.ID, UserID: userID, Name: "In", Value: char.Eigenschaften.In},
{CharacterID: newChar.ID, UserID: userID, Name: "Zt", Value: char.Eigenschaften.Zt},
{CharacterID: newChar.ID, UserID: userID, Name: "Au", Value: char.Eigenschaften.Au},
{CharacterID: newChar.ID, UserID: userID, Name: "Pa", Value: char.Eigenschaften.Pa},
{CharacterID: newChar.ID, UserID: userID, Name: "Wk", Value: char.Eigenschaften.Wk},
}
for _, attr := range attributes {
if err := tx.Create(&attr).Error; err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to create attribute %s: %v", attr.Name, err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to create attribute: %w", err)
}
}
// Create LP, AP, B records
lp := &models.Lp{
CharacterID: newChar.ID,
Max: char.Lp.Max,
Value: char.Lp.Value,
}
if err := tx.Create(lp).Error; err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to create LP: %v", err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to create LP: %w", err)
}
ap := &models.Ap{
CharacterID: newChar.ID,
Max: char.Ap.Max,
Value: char.Ap.Value,
}
if err := tx.Create(ap).Error; err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to create AP: %v", err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to create AP: %w", err)
}
b := &models.B{
CharacterID: newChar.ID,
Max: char.B.Max,
Value: char.B.Value,
}
if err := tx.Create(b).Error; err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to create B: %v", err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to create B: %w", err)
}
// Create XP record
xp := &models.Erfahrungsschatz{
BamortCharTrait: models.BamortCharTrait{
CharacterID: newChar.ID,
UserID: userID,
},
EP: char.Erfahrungsschatz.Value,
}
if err := tx.Create(xp).Error; err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to create XP: %v", err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to create XP: %w", err)
}
// Create Bennies record
bennies := &models.Bennies{
BamortCharTrait: models.BamortCharTrait{
CharacterID: newChar.ID,
UserID: userID,
},
Gg: char.Bennies.Gg,
Gp: char.Bennies.Gp,
Sg: char.Bennies.Sg,
}
if err := tx.Create(bennies).Error; err != nil {
history.Status = "failed"
history.ErrorLog = fmt.Sprintf("Failed to create bennies: %v", err)
tx.Save(history)
tx.Rollback()
return nil, fmt.Errorf("failed to create bennies: %w", err)
}
result.CharacterID = newChar.ID
// 4. Update ImportHistory (success status)
history.CharacterID = &newChar.ID
history.Status = "success"
if err := tx.Save(history).Error; err != nil {
tx.Rollback()
return nil, fmt.Errorf("failed to update import history: %w", err)
}
// Commit transaction
if err := tx.Commit().Error; err != nil {
// Transaction commit failed - try to keep ImportHistory with failed status
// This is best-effort since we're outside the transaction now
database.DB.Model(&ImportHistory{}).
Where("id = ?", history.ID).
Updates(map[string]interface{}{
"status": "failed",
"error_log": fmt.Sprintf("Transaction commit failed: %v", err),
})
return nil, err
}
result.Status = "success"
return result, nil
}
// compressData compresses data using gzip
func compressData(data []byte) ([]byte, error) {
var buf bytes.Buffer
gzipWriter := gzip.NewWriter(&buf)
if _, err := gzipWriter.Write(data); err != nil {
return nil, err
}
if err := gzipWriter.Close(); err != nil {
return nil, err
}
return buf.Bytes(), nil
}
// decompressData decompresses gzip data
func decompressData(data []byte) ([]byte, error) {
reader, err := gzip.NewReader(bytes.NewReader(data))
if err != nil {
return nil, err
}
defer reader.Close()
var buf bytes.Buffer
if _, err := buf.ReadFrom(reader); err != nil {
return nil, err
}
return buf.Bytes(), nil
}
// Transaction-aware reconciliation helpers that use the provided transaction instead of database.DB
func reconcileSkillWithTx(tx *gorm.DB, skill Fertigkeit, importHistoryID uint, gameSystem string) (*models.Skill, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Skill
err := tx.Where("name = ? AND game_system = ?", skill.Name, gs.Name).First(&existing).Error
if err == nil {
// Exact match found
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "skill", existing.ID, skill.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query skill: %w", err)
}
// Create new personal item
newSkill := &models.Skill{
Name: skill.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: skill.Beschreibung,
Initialwert: skill.Fertigkeitswert,
Quelle: skill.Quelle,
Bonuseigenschaft: "check",
Improvable: true,
PersonalItem: true,
SourceID: 1,
}
if err := tx.Create(newSkill).Error; err != nil {
return nil, "", fmt.Errorf("failed to create skill: %w", err)
}
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "skill", newSkill.ID, skill.Name, "created_personal")
}
return newSkill, "created_personal", nil
}
func reconcileSpellWithTx(tx *gorm.DB, spell Zauber, importHistoryID uint, gameSystem string) (*models.Spell, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Spell
err := tx.Where("name = ? AND game_system = ?", spell.Name, gs.Name).First(&existing).Error
if err == nil {
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "spell", existing.ID, spell.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query spell: %w", err)
}
newSpell := &models.Spell{
Name: spell.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: spell.Beschreibung,
Quelle: spell.Quelle,
PersonalItem: true,
SourceID: 1,
}
if err := tx.Create(newSpell).Error; err != nil {
return nil, "", fmt.Errorf("failed to create spell: %w", err)
}
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "spell", newSpell.ID, spell.Name, "created_personal")
}
return newSpell, "created_personal", nil
}
func reconcileWeaponSkillWithTx(tx *gorm.DB, ws Waffenfertigkeit, importHistoryID uint, gameSystem string) (*models.WeaponSkill, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.WeaponSkill
err := tx.Where("name = ? AND game_system = ?", ws.Name, gs.Name).First(&existing).Error
if err == nil {
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "weapon_skill", existing.ID, ws.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query weapon skill: %w", err)
}
newWS := &models.WeaponSkill{
Skill: models.Skill{
Name: ws.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: ws.Beschreibung,
Quelle: ws.Quelle,
Bonuseigenschaft: "check",
Improvable: true,
PersonalItem: true,
SourceID: 1,
},
}
if err := tx.Create(newWS).Error; err != nil {
return nil, "", fmt.Errorf("failed to create weapon skill: %w", err)
}
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "weapon_skill", newWS.ID, ws.Name, "created_personal")
}
return newWS, "created_personal", nil
}
func reconcileWeaponWithTx(tx *gorm.DB, weapon Waffe, importHistoryID uint, gameSystem string) (*models.Weapon, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Weapon
err := tx.Where("name = ? AND game_system = ?", weapon.Name, gs.Name).First(&existing).Error
if err == nil {
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "weapon", existing.ID, weapon.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query weapon: %w", err)
}
newWeapon := &models.Weapon{
Equipment: models.Equipment{
Name: weapon.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: weapon.Beschreibung,
PersonalItem: true,
SourceID: 1,
},
}
if err := tx.Create(newWeapon).Error; err != nil {
return nil, "", fmt.Errorf("failed to create weapon: %w", err)
}
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "weapon", newWeapon.ID, weapon.Name, "created_personal")
}
return newWeapon, "created_personal", nil
}
func reconcileEquipmentWithTx(tx *gorm.DB, eq Ausruestung, importHistoryID uint, gameSystem string) (*models.Equipment, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Equipment
err := tx.Where("name = ? AND game_system = ?", eq.Name, gs.Name).First(&existing).Error
if err == nil {
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "equipment", existing.ID, eq.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query equipment: %w", err)
}
newEq := &models.Equipment{
Name: eq.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: eq.Beschreibung,
PersonalItem: true,
SourceID: 1,
}
if err := tx.Create(newEq).Error; err != nil {
return nil, "", fmt.Errorf("failed to create equipment: %w", err)
}
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "equipment", newEq.ID, eq.Name, "created_personal")
}
return newEq, "created_personal", nil
}
func reconcileContainerWithTx(tx *gorm.DB, container Behaeltniss, importHistoryID uint, gameSystem string) (*models.Container, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Container
err := tx.Where("name = ? AND game_system = ?", container.Name, gs.Name).First(&existing).Error
if err == nil {
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "container", existing.ID, container.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query container: %w", err)
}
newContainer := &models.Container{
Equipment: models.Equipment{
Name: container.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: container.Beschreibung,
PersonalItem: true,
SourceID: 1,
},
}
if err := tx.Create(newContainer).Error; err != nil {
return nil, "", fmt.Errorf("failed to create container: %w", err)
}
if importHistoryID > 0 {
logMasterDataImportWithTx(tx, importHistoryID, "container", newContainer.ID, container.Name, "created_personal")
}
return newContainer, "created_personal", nil
}
func logMasterDataImportWithTx(tx *gorm.DB, importHistoryID uint, itemType string, itemID uint, externalName string, matchType string) {
log := &MasterDataImport{
ImportHistoryID: importHistoryID,
ItemType: itemType,
ItemID: itemID,
ExternalName: externalName,
MatchType: matchType,
CreatedAt: time.Now(),
}
if err := tx.Create(log).Error; err != nil {
fmt.Printf("Warning: Failed to log master data import: %v\n", err)
}
}
backend/importer/import_logic_test.go
+197
View File
@@ -0,0 +1,197 @@
package importer
import (
"bamort/database"
"bamort/models"
"testing"
"github.com/stretchr/testify/assert"
)
// setupImportTest initializes the test database and runs migrations
func setupImportTest() {
database.SetupTestDB()
models.MigrateStructure(database.DB)
MigrateStructure(database.DB)
}
func TestImportCharacter_Success(t *testing.T) {
setupImportTest()
char := &CharacterImport{
Name: "Test Character",
Rasse: "Mensch",
Typ: "midgard",
Grad: 1,
Alter: 25,
Anrede: "Herr",
Eigenschaften: Eigenschaften{
St: 50,
Gs: 60,
Gw: 70,
Ko: 55,
In: 65,
Zt: 58,
Au: 45,
Pa: 50,
Wk: 60,
},
Lp: Lp{Max: 10, Value: 10},
Ap: Ap{Max: 20, Value: 20},
B: B{Max: 15, Value: 15},
Erfahrungsschatz: Erfahrungsschatz{Value: 0},
Bennies: Bennies{
Gg: 0,
Gp: 3,
Sg: 0,
},
Fertigkeiten: []Fertigkeit{
{
ImportBase: ImportBase{Name: "ImportTestSkill"},
Fertigkeitswert: 10,
},
},
}
result, err := ImportCharacter(char, 1, "test-adapter", []byte(`{"test": "data"}`))
assert.NoError(t, err)
assert.NotNil(t, result)
assert.Equal(t, "success", result.Status)
assert.NotZero(t, result.CharacterID)
assert.NotZero(t, result.ImportID)
assert.Equal(t, "test-adapter", result.AdapterID)
// Verify character was created
var createdChar models.Char
err = database.DB.Preload("Eigenschaften").First(&createdChar, result.CharacterID).Error
assert.NoError(t, err)
assert.Equal(t, "Test Character", createdChar.Name)
assert.Equal(t, "midgard", createdChar.Typ)
// Verify attributes
var stAttribute models.Eigenschaft
err = database.DB.Where("character_id = ? AND name = ?", createdChar.ID, "St").First(&stAttribute).Error
assert.NoError(t, err)
assert.Equal(t, 50, stAttribute.Value)
// Verify import history was created
var history ImportHistory
err = database.DB.First(&history, result.ImportID).Error
assert.NoError(t, err)
assert.Equal(t, "success", history.Status)
assert.NotNil(t, history.CharacterID)
assert.Equal(t, result.CharacterID, *history.CharacterID)
assert.NotEmpty(t, history.SourceSnapshot)
}
func TestImportCharacter_CreatesPersonalItems(t *testing.T) {
setupImportTest()
char := &CharacterImport{
Name: "Character with Skills",
Rasse: "Elf",
Typ: "midgard",
Grad: 2,
Eigenschaften: Eigenschaften{
St: 45, Gs: 70, Gw: 75, Ko: 50,
In: 80, Zt: 55, Au: 60, Pa: 65, Wk: 70,
},
Lp: Lp{Max: 12, Value: 12},
Ap: Ap{Max: 25, Value: 25},
B: B{Max: 18, Value: 18},
Erfahrungsschatz: Erfahrungsschatz{Value: 1000},
Bennies: Bennies{Gg: 0, Gp: 3, Sg: 0},
Fertigkeiten: []Fertigkeit{
{
ImportBase: ImportBase{Name: "UniqueImportSkill1"},
Fertigkeitswert: 15,
Beschreibung: "A unique skill",
},
{
ImportBase: ImportBase{Name: "UniqueImportSkill2"},
Fertigkeitswert: 12,
},
},
Zauber: []Zauber{
{
ImportBase: ImportBase{Name: "UniqueImportSpell1"},
Beschreibung: "A unique spell",
},
},
}
result, err := ImportCharacter(char, 1, "test-adapter", nil)
assert.NoError(t, err)
assert.NotNil(t, result)
assert.Equal(t, "success", result.Status)
// Check that personal items were created
assert.Equal(t, 2, result.CreatedItems["skills"], "Should create 2 personal skills")
assert.Equal(t, 1, result.CreatedItems["spells"], "Should create 1 personal spell")
}
func TestImportCharacter_RollbackOnError(t *testing.T) {
setupImportTest()
// Create a character with invalid data that will cause reconciliation to fail
// This is a simplified test - in reality you'd need to trigger an actual error
char := &CharacterImport{
Name: "Invalid Character",
Rasse: "Unknown",
Typ: "midgard",
Eigenschaften: Eigenschaften{St: 50, Gs: 60, Gw: 70, Ko: 55, In: 65, Zt: 58, Au: 45, Pa: 50, Wk: 60},
Lp: Lp{Max: 10, Value: 10},
Ap: Ap{Max: 20, Value: 20},
B: B{Max: 15, Value: 15},
Erfahrungsschatz: Erfahrungsschatz{Value: 0},
Bennies: Bennies{Gg: 0, Gp: 3, Sg: 0},
}
// Count characters before
var countBefore int64
database.DB.Model(&models.Char{}).Count(&countBefore)
result, _ := ImportCharacter(char, 1, "test-adapter", nil)
// Even if there's no error (simplified test), verify the transaction logic
assert.NotNil(t, result)
// In a real error scenario, character count should remain the same
var countAfter int64
database.DB.Model(&models.Char{}).Count(&countAfter)
// This test is simplified - in a real scenario with an error, we'd check:
// assert.Equal(t, countBefore, countAfter, "Character count should not change on rollback")
}
func TestCompressData(t *testing.T) {
data := []byte("This is test data that should be compressed")
compressed, err := compressData(data)
assert.NoError(t, err)
assert.NotNil(t, compressed)
assert.Less(t, len(compressed), len(data)+50, "Compressed data should not be much larger than original")
}
func TestCompressDecompressRoundTrip(t *testing.T) {
original := []byte(`{"name": "Test Character", "skills": ["Skill1", "Skill2"]}`)
compressed, err := compressData(original)
assert.NoError(t, err)
decompressed, err := decompressData(compressed)
assert.NoError(t, err)
assert.Equal(t, original, decompressed, "Round trip should preserve data")
}
func TestDecompressData_InvalidData(t *testing.T) {
invalid := []byte("not gzip data")
_, err := decompressData(invalid)
assert.Error(t, err)
}
backend/importer/reconciler.go
+319
View File
@@ -0,0 +1,319 @@
package importer
import (
"bamort/database"
"bamort/models"
"fmt"
"time"
"gorm.io/gorm"
)
// ReconcileSkill reconciles an imported skill with master data.
// Returns the master data skill, match type ("exact" or "created_personal"), and error.
func ReconcileSkill(skill Fertigkeit, userID uint, gameSystem string) (*models.Skill, string, error) {
return ReconcileSkillWithHistory(skill, 0, gameSystem)
}
// ReconcileSkillWithHistory reconciles a skill and logs to ImportHistory
func ReconcileSkillWithHistory(skill Fertigkeit, importHistoryID uint, gameSystem string) (*models.Skill, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Skill
err := database.DB.Where("name = ? AND game_system = ?", skill.Name, gs.Name).First(&existing).Error
if err == nil {
// Exact match found
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "skill", existing.ID, skill.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query skill: %w", err)
}
// Create new personal item
newSkill := &models.Skill{
Name: skill.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: skill.Beschreibung,
Initialwert: skill.Fertigkeitswert,
Quelle: skill.Quelle,
Bonuseigenschaft: "check",
Improvable: true,
PersonalItem: true,
SourceID: 1, // Default source
}
if err := database.DB.Create(newSkill).Error; err != nil {
return nil, "", fmt.Errorf("failed to create skill: %w", err)
}
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "skill", newSkill.ID, skill.Name, "created_personal")
}
return newSkill, "created_personal", nil
}
// ReconcileWeaponSkill reconciles an imported weapon skill with master data
func ReconcileWeaponSkill(ws Waffenfertigkeit, userID uint, gameSystem string) (*models.WeaponSkill, string, error) {
return ReconcileWeaponSkillWithHistory(ws, 0, gameSystem)
}
// ReconcileWeaponSkillWithHistory reconciles a weapon skill and logs to ImportHistory
func ReconcileWeaponSkillWithHistory(ws Waffenfertigkeit, importHistoryID uint, gameSystem string) (*models.WeaponSkill, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.WeaponSkill
err := database.DB.Where("name = ? AND game_system = ?", ws.Name, gs.Name).First(&existing).Error
if err == nil {
// Exact match found
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "weaponskill", existing.ID, ws.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query weapon skill: %w", err)
}
// Create new personal item
newWS := &models.WeaponSkill{
Skill: models.Skill{
Name: ws.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: ws.Beschreibung,
Quelle: ws.Quelle,
PersonalItem: true,
SourceID: 1,
},
}
if err := database.DB.Create(newWS).Error; err != nil {
return nil, "", fmt.Errorf("failed to create weapon skill: %w", err)
}
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "weaponskill", newWS.ID, ws.Name, "created_personal")
}
return newWS, "created_personal", nil
}
// ReconcileSpell reconciles an imported spell with master data
func ReconcileSpell(spell Zauber, userID uint, gameSystem string) (*models.Spell, string, error) {
return ReconcileSpellWithHistory(spell, 0, gameSystem)
}
// ReconcileSpellWithHistory reconciles a spell and logs to ImportHistory
func ReconcileSpellWithHistory(spell Zauber, importHistoryID uint, gameSystem string) (*models.Spell, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Spell
err := database.DB.Where("name = ? AND game_system = ?", spell.Name, gs.Name).First(&existing).Error
if err == nil {
// Exact match found
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "spell", existing.ID, spell.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query spell: %w", err)
}
// Create new personal item
newSpell := &models.Spell{
Name: spell.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: spell.Beschreibung,
Quelle: spell.Quelle,
PersonalItem: true,
SourceID: 2, // Default source for spells
}
if err := database.DB.Create(newSpell).Error; err != nil {
return nil, "", fmt.Errorf("failed to create spell: %w", err)
}
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "spell", newSpell.ID, spell.Name, "created_personal")
}
return newSpell, "created_personal", nil
}
// ReconcileWeapon reconciles an imported weapon with master data
func ReconcileWeapon(weapon Waffe, userID uint, gameSystem string) (*models.Weapon, string, error) {
return ReconcileWeaponWithHistory(weapon, 0, gameSystem)
}
// ReconcileWeaponWithHistory reconciles a weapon and logs to ImportHistory
func ReconcileWeaponWithHistory(weapon Waffe, importHistoryID uint, gameSystem string) (*models.Weapon, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Weapon
err := database.DB.Where("name = ? AND game_system = ?", weapon.Name, gs.Name).First(&existing).Error
if err == nil {
// Exact match found
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "weapon", existing.ID, weapon.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query weapon: %w", err)
}
// Create new personal item
newWeapon := &models.Weapon{
Equipment: models.Equipment{
Name: weapon.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: weapon.Beschreibung,
Gewicht: weapon.Gewicht,
Wert: weapon.Wert,
PersonalItem: true,
SourceID: 1,
},
}
if err := database.DB.Create(newWeapon).Error; err != nil {
return nil, "", fmt.Errorf("failed to create weapon: %w", err)
}
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "weapon", newWeapon.ID, weapon.Name, "created_personal")
}
return newWeapon, "created_personal", nil
}
// ReconcileEquipment reconciles imported equipment with master data
func ReconcileEquipment(equip Ausruestung, userID uint, gameSystem string) (*models.Equipment, string, error) {
return ReconcileEquipmentWithHistory(equip, 0, gameSystem)
}
// ReconcileEquipmentWithHistory reconciles equipment and logs to ImportHistory
func ReconcileEquipmentWithHistory(equip Ausruestung, importHistoryID uint, gameSystem string) (*models.Equipment, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Equipment
err := database.DB.Where("name = ? AND game_system = ?", equip.Name, gs.Name).First(&existing).Error
if err == nil {
// Exact match found
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "equipment", existing.ID, equip.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query equipment: %w", err)
}
// Create new personal item
newEquip := &models.Equipment{
Name: equip.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: equip.Beschreibung,
Gewicht: equip.Gewicht,
Wert: equip.Wert,
PersonalItem: true,
SourceID: 1,
}
if err := database.DB.Create(newEquip).Error; err != nil {
return nil, "", fmt.Errorf("failed to create equipment: %w", err)
}
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "equipment", newEquip.ID, equip.Name, "created_personal")
}
return newEquip, "created_personal", nil
}
// ReconcileContainer reconciles an imported container with master data
func ReconcileContainer(container Behaeltniss, userID uint, gameSystem string) (*models.Container, string, error) {
return ReconcileContainerWithHistory(container, 0, gameSystem)
}
// ReconcileContainerWithHistory reconciles a container and logs to ImportHistory
func ReconcileContainerWithHistory(container Behaeltniss, importHistoryID uint, gameSystem string) (*models.Container, string, error) {
gs := models.GetGameSystem(0, gameSystem)
var existing models.Container
err := database.DB.Where("name = ? AND game_system = ?", container.Name, gs.Name).First(&existing).Error
if err == nil {
// Exact match found
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "container", existing.ID, container.Name, "exact")
}
return &existing, "exact", nil
}
if err != gorm.ErrRecordNotFound {
return nil, "", fmt.Errorf("failed to query container: %w", err)
}
// Create new personal item
newContainer := &models.Container{
Equipment: models.Equipment{
Name: container.Name,
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: container.Beschreibung,
Gewicht: container.Gewicht,
Wert: container.Wert,
PersonalItem: true,
SourceID: 1,
},
Tragkraft: container.Tragkraft,
Volumen: container.Volumen,
}
if err := database.DB.Create(newContainer).Error; err != nil {
return nil, "", fmt.Errorf("failed to create container: %w", err)
}
if importHistoryID > 0 {
logMasterDataImport(importHistoryID, "container", newContainer.ID, container.Name, "created_personal")
}
return newContainer, "created_personal", nil
}
// logMasterDataImport creates a log entry in the MasterDataImport table
func logMasterDataImport(importHistoryID uint, itemType string, itemID uint, externalName, matchType string) {
log := MasterDataImport{
ImportHistoryID: importHistoryID,
ItemType: itemType,
ItemID: itemID,
ExternalName: externalName,
MatchType: matchType,
CreatedAt: time.Now(),
}
// Best effort logging - don't fail import if logging fails
if err := database.DB.Create(&log).Error; err != nil {
// Log error but don't return it
fmt.Printf("Warning: Failed to log master data import: %v\n", err)
}
}
backend/importer/reconciler_test.go
+288
View File
@@ -0,0 +1,288 @@
package importer
import (
"bamort/database"
"bamort/models"
"testing"
"github.com/stretchr/testify/assert"
)
// setupReconcilerTest initializes the test database and runs migrations
func setupReconcilerTest() {
database.SetupTestDB()
// Run migrations to ensure PersonalItem field exists in gsm tables
models.MigrateStructure(database.DB)
// Run importer migrations to create ImportHistory and MasterDataImport tables
MigrateStructure(database.DB)
}
func TestReconcileSkill_ExactMatch(t *testing.T) {
setupReconcilerTest()
// Create a master skill
gs := models.GetGameSystem(0, "midgard")
masterSkill := &models.Skill{
Name: "TestExactMatchSkill",
GameSystem: gs.Name,
GameSystemId: gs.ID,
Beschreibung: "Test skill for exact match",
Initialwert: 12,
SourceID: 1,
}
err := database.DB.Create(masterSkill).Error
assert.NoError(t, err)
// Import a skill with same name
importSkill := Fertigkeit{
ImportBase: ImportBase{Name: "TestExactMatchSkill"},
Fertigkeitswert: 15,
}
// Reconcile
result, matchType, err := ReconcileSkill(importSkill, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "exact", matchType)
assert.NotNil(t, result)
assert.Equal(t, masterSkill.ID, result.ID)
assert.Equal(t, "TestExactMatchSkill", result.Name)
}
func TestReconcileSkill_CreatePersonal(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
// Import a skill that doesn't exist
importSkill := Fertigkeit{
ImportBase: ImportBase{Name: "Unbekannte Fertigkeit"},
Beschreibung: "Eine neue Fertigkeit",
Fertigkeitswert: 10,
}
// Reconcile
result, matchType, err := ReconcileSkill(importSkill, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "created_personal", matchType)
assert.NotNil(t, result)
assert.Equal(t, "Unbekannte Fertigkeit", result.Name)
assert.True(t, result.PersonalItem)
assert.Equal(t, gs.ID, result.GameSystemId)
// Verify it was created in database
var dbSkill models.Skill
err = database.DB.Where("name = ? AND game_system = ?", "Unbekannte Fertigkeit", gs.Name).First(&dbSkill).Error
assert.NoError(t, err)
assert.True(t, dbSkill.PersonalItem)
}
func TestReconcileSkill_LogsToMasterDataImport(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
importHistoryID := uint(123)
// Import a skill
importSkill := Fertigkeit{
ImportBase: ImportBase{Name: "Test Fertigkeit"},
Beschreibung: "Test",
}
// Reconcile
result, matchType, err := ReconcileSkillWithHistory(importSkill, importHistoryID, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "created_personal", matchType)
// Verify log entry was created
var logEntry MasterDataImport
err = database.DB.Where("import_history_id = ? AND item_type = ? AND item_id = ?",
importHistoryID, "skill", result.ID).First(&logEntry).Error
assert.NoError(t, err)
assert.Equal(t, "Test Fertigkeit", logEntry.ExternalName)
assert.Equal(t, "created_personal", logEntry.MatchType)
}
func TestReconcileWeaponSkill_ExactMatch(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
// Create a master weapon skill
masterWS := &models.WeaponSkill{
Skill: models.Skill{
Name: "Langschwert",
GameSystem: gs.Name,
GameSystemId: gs.ID,
SourceID: 1,
},
}
err := database.DB.Create(masterWS).Error
assert.NoError(t, err)
// Import weapon skill
importWS := Waffenfertigkeit{
ImportBase: ImportBase{Name: "Langschwert"},
Fertigkeitswert: 10,
}
// Reconcile
result, matchType, err := ReconcileWeaponSkill(importWS, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "exact", matchType)
assert.Equal(t, masterWS.ID, result.ID)
}
func TestReconcileWeaponSkill_CreatePersonal(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
// Import unknown weapon skill
importWS := Waffenfertigkeit{
ImportBase: ImportBase{Name: "Magisches Schwert"},
Beschreibung: "Eine besondere Waffe",
Fertigkeitswert: 8,
}
// Reconcile
result, matchType, err := ReconcileWeaponSkill(importWS, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "created_personal", matchType)
assert.True(t, result.PersonalItem)
assert.Equal(t, "Magisches Schwert", result.Skill.Name)
}
func TestReconcileSpell_ExactMatch(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
// Create master spell
masterSpell := &models.Spell{
Name: "Feuerball",
GameSystem: gs.Name,
GameSystemId: gs.ID,
SourceID: 1,
}
err := database.DB.Create(masterSpell).Error
assert.NoError(t, err)
// Import spell
importSpell := Zauber{
ImportBase: ImportBase{Name: "Feuerball"},
}
// Reconcile
result, matchType, err := ReconcileSpell(importSpell, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "exact", matchType)
assert.Equal(t, masterSpell.ID, result.ID)
}
func TestReconcileSpell_CreatePersonal(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
// Import unknown spell
importSpell := Zauber{
ImportBase: ImportBase{Name: "Drachenruf"},
Beschreibung: "Ruft einen Drachen",
}
// Reconcile
result, matchType, err := ReconcileSpell(importSpell, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "created_personal", matchType)
assert.True(t, result.PersonalItem)
}
func TestReconcileWeapon_ExactMatch(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
// Create master weapon
masterWeapon := &models.Weapon{
Equipment: models.Equipment{
Name: "TestExactMatchWeapon",
GameSystem: gs.Name,
GameSystemId: gs.ID,
SourceID: 1,
},
}
err := database.DB.Create(masterWeapon).Error
assert.NoError(t, err)
// Import weapon
importWeapon := Waffe{
ImportBase: ImportBase{Name: "TestExactMatchWeapon"},
Schb: 10,
}
// Reconcile
result, matchType, err := ReconcileWeapon(importWeapon, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "exact", matchType)
assert.Equal(t, masterWeapon.ID, result.ID)
}
func TestReconcileWeapon_CreatePersonal(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
// Import unknown weapon
importWeapon := Waffe{
ImportBase: ImportBase{Name: "Excalibur"},
Beschreibung: "Das legendäre Schwert",
Schb: 20,
}
// Reconcile
result, matchType, err := ReconcileWeapon(importWeapon, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "created_personal", matchType)
assert.True(t, result.PersonalItem)
}
func TestReconcileEquipment_CreatePersonal(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
// Import equipment
importEquip := Ausruestung{
ImportBase: ImportBase{Name: "Magischer Umhang"},
Beschreibung: "Ein besonderer Umhang",
Gewicht: 0.5,
}
// Reconcile
result, matchType, err := ReconcileEquipment(importEquip, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "created_personal", matchType)
assert.True(t, result.PersonalItem)
assert.Equal(t, "Magischer Umhang", result.Name)
}
func TestReconcileContainer_CreatePersonal(t *testing.T) {
setupReconcilerTest()
gs := models.GetGameSystem(0, "midgard")
// Import container
importContainer := Behaeltniss{
ImportBase: ImportBase{Name: "Magische Tasche"},
Beschreibung: "Eine verzauberte Tasche",
Tragkraft: 50.0,
}
// Reconcile
result, matchType, err := ReconcileContainer(importContainer, 1, gs.Name)
assert.NoError(t, err)
assert.Equal(t, "created_personal", matchType)
assert.True(t, result.PersonalItem)
}
backend/importer/security.go
+208
View File
@@ -0,0 +1,208 @@
package importer
import (
"bytes"
"encoding/json"
"fmt"
"io"
"net/http"
"net/url"
"strings"
"sync"
"time"
"github.com/gin-gonic/gin"
)
// RateLimiter implements per-user rate limiting with sliding time window
type RateLimiter struct {
requests map[uint][]time.Time // userID -> request timestamps
mu sync.RWMutex
limit int // requests per window
window time.Duration // time window
}
// NewRateLimiter creates a new rate limiter with specified limit and window
func NewRateLimiter(limit int, window time.Duration) *RateLimiter {
return &RateLimiter{
requests: make(map[uint][]time.Time),
limit: limit,
window: window,
}
}
// Middleware returns a Gin middleware function for rate limiting
func (rl *RateLimiter) Middleware() gin.HandlerFunc {
return func(c *gin.Context) {
userID := getUserID(c) // Extract from JWT token
rl.mu.Lock()
defer rl.mu.Unlock()
now := time.Now()
cutoff := now.Add(-rl.window)
// Remove expired timestamps
timestamps := rl.requests[userID]
valid := make([]time.Time, 0)
for _, t := range timestamps {
if t.After(cutoff) {
valid = append(valid, t)
}
}
// Check limit
if len(valid) >= rl.limit {
c.JSON(429, gin.H{
"error": "Rate limit exceeded",
"retry_after": rl.window.Seconds(),
})
c.Abort()
return
}
// Add current request
valid = append(valid, now)
rl.requests[userID] = valid
c.Next()
}
}
// getUserID extracts the user ID from the JWT token in the context
// This is a placeholder - actual implementation depends on your auth system
func getUserID(c *gin.Context) uint {
// TODO: Extract from JWT token or session
// This is a placeholder implementation
userIDInterface, exists := c.Get("userID")
if !exists {
return 0
}
userID, ok := userIDInterface.(uint)
if !ok {
return 0
}
return userID
}
// ValidateFileSizeMiddleware limits upload file size
func ValidateFileSizeMiddleware(maxSize int64) gin.HandlerFunc {
return func(c *gin.Context) {
c.Request.Body = http.MaxBytesReader(c.Writer, c.Request.Body, maxSize)
c.Next()
}
}
// ValidateJSONDepth prevents deeply nested JSON attacks
func ValidateJSONDepth(data []byte, maxDepth int) error {
var depth int
decoder := json.NewDecoder(bytes.NewReader(data))
decoder.UseNumber() // Prevent float precision issues
for {
token, err := decoder.Token()
if err == io.EOF {
break
}
if err != nil {
return err
}
switch token {
case json.Delim('{'), json.Delim('['):
depth++
if depth > maxDepth {
return fmt.Errorf("JSON depth exceeds maximum of %d levels", maxDepth)
}
case json.Delim('}'), json.Delim(']'):
depth--
}
}
return nil
}
// SSRFProtection provides SSRF attack prevention via URL whitelisting
type SSRFProtection struct {
allowedHosts []string // Whitelist of adapter hosts
}
// NewSSRFProtection creates a new SSRF protection instance
func NewSSRFProtection(allowedHosts []string) *SSRFProtection {
return &SSRFProtection{allowedHosts: allowedHosts}
}
// ValidateURL checks if a URL is in the whitelist and not an internal IP
func (s *SSRFProtection) ValidateURL(rawURL string) error {
parsed, err := url.Parse(rawURL)
if err != nil {
return fmt.Errorf("invalid URL: %w", err)
}
// Block redirects to internal networks
if isInternalIP(parsed.Host) {
return fmt.Errorf("internal network access forbidden")
}
// Check whitelist
allowed := false
for _, host := range s.allowedHosts {
if strings.HasPrefix(parsed.Host, host) {
allowed = true
break
}
}
if !allowed {
return fmt.Errorf("host %s not in whitelist", parsed.Host)
}
return nil
}
// isInternalIP checks if a host is an internal/private IP address
func isInternalIP(host string) bool {
// Remove port if present
if idx := strings.LastIndex(host, ":"); idx != -1 {
host = host[:idx]
}
internal := []string{
"localhost",
"127.",
"10.",
"172.16.", "172.17.", "172.18.", "172.19.",
"172.20.", "172.21.", "172.22.", "172.23.",
"172.24.", "172.25.", "172.26.", "172.27.",
"172.28.", "172.29.", "172.30.", "172.31.",
"192.168.",
"169.254.", // Link-local
}
for _, prefix := range internal {
if strings.HasPrefix(host, prefix) {
return true
}
}
return false
}
// NewSecureHTTPClient creates an HTTP client with security settings
func NewSecureHTTPClient(timeout time.Duration) *http.Client {
return &http.Client{
Timeout: timeout,
CheckRedirect: func(req *http.Request, via []*http.Request) error {
return http.ErrUseLastResponse // Disable redirects
},
Transport: &http.Transport{
MaxIdleConns: 10,
MaxIdleConnsPerHost: 2,
IdleConnTimeout: 30 * time.Second,
DisableKeepAlives: false,
DisableCompression: false,
},
}
}
backend/importer/security_test.go
+164
View File
@@ -0,0 +1,164 @@
package importer
import (
"net/http"
"net/http/httptest"
"testing"
"time"
"github.com/gin-gonic/gin"
"github.com/stretchr/testify/assert"
)
func TestRateLimiter_AllowsWithinLimit(t *testing.T) {
limiter := NewRateLimiter(5, time.Minute)
// Simulate 5 requests (should all pass)
for i := 0; i < 5; i++ {
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Set("userID", uint(1))
limiter.Middleware()(c)
assert.False(t, c.IsAborted(), "Request %d should not be aborted", i+1)
}
}
func TestRateLimiter_BlocksOverLimit(t *testing.T) {
limiter := NewRateLimiter(3, time.Minute)
// Simulate 3 allowed requests
for i := 0; i < 3; i++ {
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Set("userID", uint(1))
limiter.Middleware()(c)
assert.False(t, c.IsAborted(), "Request %d should not be aborted", i+1)
}
// 4th request should be blocked
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Set("userID", uint(1))
limiter.Middleware()(c)
assert.True(t, c.IsAborted(), "4th request should be aborted")
assert.Equal(t, http.StatusTooManyRequests, w.Code)
}
func TestRateLimiter_SeparateUsersIndependent(t *testing.T) {
limiter := NewRateLimiter(2, time.Minute)
// User 1: 2 requests
for i := 0; i < 2; i++ {
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Set("userID", uint(1))
limiter.Middleware()(c)
assert.False(t, c.IsAborted())
}
// User 2: should still have 2 requests available
for i := 0; i < 2; i++ {
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Set("userID", uint(2))
limiter.Middleware()(c)
assert.False(t, c.IsAborted(), "User 2 request %d should not be aborted", i+1)
}
}
func TestValidateJSONDepth_Valid(t *testing.T) {
json := []byte(`{"a": {"b": {"c": "value"}}}`)
err := ValidateJSONDepth(json, 10)
assert.NoError(t, err)
}
func TestValidateJSONDepth_ExceedsLimit(t *testing.T) {
json := []byte(`{"a": {"b": {"c": {"d": "value"}}}}`)
err := ValidateJSONDepth(json, 2)
assert.Error(t, err)
assert.Contains(t, err.Error(), "depth exceeds maximum")
}
func TestValidateJSONDepth_Array(t *testing.T) {
json := []byte(`[[[["value"]]]]`)
err := ValidateJSONDepth(json, 3)
assert.Error(t, err)
}
func TestSSRFProtection_ValidURL(t *testing.T) {
protection := NewSSRFProtection([]string{"adapter-foundry:8181", "adapter-vtt:8182"})
err := protection.ValidateURL("http://adapter-foundry:8181/metadata")
assert.NoError(t, err)
}
func TestSSRFProtection_NotInWhitelist(t *testing.T) {
protection := NewSSRFProtection([]string{"adapter-foundry:8181"})
err := protection.ValidateURL("http://evil-site.com/metadata")
assert.Error(t, err)
assert.Contains(t, err.Error(), "not in whitelist")
}
func TestSSRFProtection_InternalIP(t *testing.T) {
protection := NewSSRFProtection([]string{"localhost:8181"})
err := protection.ValidateURL("http://localhost:8181/metadata")
assert.Error(t, err)
assert.Contains(t, err.Error(), "internal network access forbidden")
}
func TestIsInternalIP_Localhost(t *testing.T) {
assert.True(t, isInternalIP("localhost"))
assert.True(t, isInternalIP("127.0.0.1"))
assert.True(t, isInternalIP("127.0.0.1:8080"))
}
func TestIsInternalIP_PrivateRanges(t *testing.T) {
assert.True(t, isInternalIP("10.0.0.1"))
assert.True(t, isInternalIP("172.16.0.1"))
assert.True(t, isInternalIP("192.168.1.1"))
assert.True(t, isInternalIP("169.254.1.1"))
}
func TestIsInternalIP_PublicIP(t *testing.T) {
assert.False(t, isInternalIP("8.8.8.8"))
assert.False(t, isInternalIP("google.com"))
assert.False(t, isInternalIP("example.com:443"))
}
func TestNewSecureHTTPClient_DisablesRedirects(t *testing.T) {
client := NewSecureHTTPClient(5 * time.Second)
// Test that redirects are disabled
assert.NotNil(t, client.CheckRedirect)
err := client.CheckRedirect(nil, nil)
assert.Equal(t, http.ErrUseLastResponse, err)
}
func TestNewSecureHTTPClient_HasTimeout(t *testing.T) {
timeout := 10 * time.Second
client := NewSecureHTTPClient(timeout)
assert.Equal(t, timeout, client.Timeout)
}
backend/models/model_gsmaster.go
+2
View File
@@ -61,6 +61,7 @@ type Skill struct {
InnateSkill bool `json:"innateskill"`
Category string `json:"category"`
Difficulty string `json:"difficulty"`
PersonalItem bool `gorm:"default:false" json:"personal_item"` // House rule / custom item
}
type WeaponSkill struct {
@@ -88,6 +89,7 @@ type Spell struct {
Ursprung string `json:"ursprung"`
Category string `gorm:"default:normal" json:"category"` // spell_school
LearningCategory string `gorm:"type:varchar(25);index" json:"learning_category"`
PersonalItem bool `gorm:"default:false" json:"personal_item"` // House rule / custom item
}
type Equipment struct {
backend/plan-pluggableCharacterImportExport.prompt.md
+254 -28
View File
@@ -3,9 +3,9 @@
This plan creates a new `import` package as a full-featured, extensible import/export system using Docker-based adapter microservices. The canonical `CharacterImport` format (from importero) becomes the system-wide interchange format (BMRT-Format), and new external formats (starting with Foundry VTT) are handled by isolated adapter services. New master data is automatically flagged as personal items (house rules).
**Revision Notes**:
- This plan uses a NEW `import/` package (not extending importero)
- This plan uses a NEW `importer/` package (not extending importero)
- Incorporates comprehensive technical review feedback (security, transactions, health management)
- All references to "importero as orchestration layer" are legacy - `import/` is the orchestration layer
- All references to "importero as orchestration layer" are legacy - `importer/` is the orchestration layer
**Key Decisions**:
- Microservice architecture for adapters (Docker containers)
@@ -14,7 +14,7 @@ This plan creates a new `import` package as a full-featured, extensible import/e
- Backend-only implementation (no Vue components)
- Keep [transfero/](transfero/) untouched (BaMoRT-to-BaMoRT transfers)
- Keep [importero/](importero/) untouched (legacy VTT/CSV imports)
- Create new [import/](import/) package as the adapter orchestration layer
- Create new [importer/](importer/) package as the adapter orchestration layer
**Development Methodology**:
- **Test Driven Development (TDD)**: Write failing tests first, then implement code to pass them
@@ -27,13 +27,13 @@ This plan creates a new `import` package as a full-featured, extensible import/e
**Three Separate Concerns**:
- **`transfero/`** - BaMoRT-to-BaMoRT lossless transfer (existing, untouched)
- **`importero/`** - Legacy format handlers (VTT JSON, CSV) with direct imports (existing, untouched)
- **`import/`** - NEW microservice adapter orchestration layer
- **`importer/`** - NEW microservice adapter orchestration layer
**Why Keep importero Separate**:
- importero has working VTT/CSV imports that users depend on
- importero converts directly to models.Char without adapter layer
- import/ package uses importero.CharacterImport as the canonical format
- No code duplication: import/ references importero types but doesn't modify them
- importer/ package uses importero.CharacterImport as the canonical format
- No code duplication: importer/ references importero types but doesn't modify them
**Data Flow**:
```
@@ -43,7 +43,7 @@ Adapter Microservice
importero.CharacterImport (BMRT-Format)
import/ package handlers (validation, reconciliation)
importer/ package handlers (validation, reconciliation)
models.Char
```
@@ -58,7 +58,7 @@ models.Char
### 1.1 Formalize BMRT-Format
- Use [importero/model.go](importero/model.go) `CharacterImport` as the canonical interchange format (read-only)
- Create [import/bmrt.go](import/bmrt.go) with JSON schema validation using `github.com/xeipuuv/gojsonschema`
- Create [importer/bmrt.go](importer/bmrt.go) with JSON schema validation using `github.com/xeipuuv/gojsonschema`
- Add `BmrtVersion` field to new wrapper struct (start at "1.0")
- Add `SourceMetadata` struct to track original format, adapter ID, import timestamp
- Reference `importero.CharacterImport` internally but don't modify importero package
@@ -113,7 +113,7 @@ import.RegisterRoutes(protected)
```
### 1.3 Adapter Service Registry
Create [import/registry.go](import/registry.go):
Create [importer/registry.go](importer/registry.go):
```go
type AdapterMetadata struct {
@@ -142,7 +142,7 @@ func (r *AdapterRegistry) HealthCheck() error // Background health checker
func (r *AdapterRegistry) GetHealthy() []*AdapterMetadata // Only healthy adapters
```
Load adapters from config on startup ([import/routes.go](import/routes.go)):
Load adapters from config on startup ([importer/routes.go](importer/routes.go)):
- Environment variable `IMPORT_ADAPTERS` (JSON array of adapter configs)
- Whitelist adapter base URLs for security (prevent SSRF)
- Ping each adapter's `/metadata` endpoint to register
@@ -157,7 +157,7 @@ Load adapters from config on startup ([import/routes.go](import/routes.go)):
- 3 retry attempts with exponential backoff
### 1.4 Format Detection
Create [import/detector.go](import/detector.go):
Create [importer/detector.go](importer/detector.go):
```go
func DetectFormat(data []byte, filename string) (adapterID string, confidence float64, err error) {
@@ -180,7 +180,7 @@ type DetectionCache struct {
```
### 1.5 Validation Framework
Create [import/validator.go](import/validator.go):
Create [importer/validator.go](importer/validator.go):
```go
type ValidationResult struct {
@@ -221,7 +221,7 @@ Register system-specific rules by `GameSystem` field
Never block import on warnings (log only)
### 1.6 Master Data Reconciliation
Create [import/reconciler.go](import/reconciler.go) with new reconciliation functions (similar to importero's approach but independent):
Create [importer/reconciler.go](importer/reconciler.go) with new reconciliation functions (similar to importero's approach but independent):
```go
func ReconcileSkill(skill Fertigkeit, importHistoryID uint) (*models.Skill, string, error) {
@@ -258,9 +258,235 @@ func ImportCharacter(char *importero.CharacterImport, userID uint, adapterID str
}
```
### 1.7 Security Middleware
Create [importer/security.go](importer/security.go):
**Rate Limiting Middleware**:
```go
import (
"sync"
"time"
"github.com/gin-gonic/gin"
)
type RateLimiter struct {
requests map[uint][]time.Time // userID -> request timestamps
mu sync.RWMutex
limit int // requests per window
window time.Duration // time window
}
func NewRateLimiter(limit int, window time.Duration) *RateLimiter {
return &RateLimiter{
requests: make(map[uint][]time.Time),
limit: limit,
window: window,
}
}
func (rl *RateLimiter) Middleware() gin.HandlerFunc {
return func(c *gin.Context) {
userID := getUserID(c) // Extract from JWT token
rl.mu.Lock()
defer rl.mu.Unlock()
now := time.Now()
cutoff := now.Add(-rl.window)
// Remove expired timestamps
timestamps := rl.requests[userID]
valid := make([]time.Time, 0)
for _, t := range timestamps {
if t.After(cutoff) {
valid = append(valid, t)
}
}
// Check limit
if len(valid) >= rl.limit {
c.JSON(429, gin.H{
"error": "Rate limit exceeded",
"retry_after": rl.window.Seconds(),
})
c.Abort()
return
}
// Add current request
valid = append(valid, now)
rl.requests[userID] = valid
c.Next()
}
}
```
**Input Validation Middleware**:
```go
import (
"bytes"
"encoding/json"
"io"
)
// ValidateFileSizeMiddleware limits upload file size
func ValidateFileSizeMiddleware(maxSize int64) gin.HandlerFunc {
return func(c *gin.Context) {
c.Request.Body = http.MaxBytesReader(c.Writer, c.Request.Body, maxSize)
c.Next()
}
}
// ValidateJSONDepth prevents deeply nested JSON attacks
func ValidateJSONDepth(data []byte, maxDepth int) error {
var depth int
decoder := json.NewDecoder(bytes.NewReader(data))
decoder.UseNumber() // Prevent float precision issues
for {
token, err := decoder.Token()
if err == io.EOF {
break
}
if err != nil {
return err
}
switch token {
case json.Delim('{'), json.Delim('['):
depth++
if depth > maxDepth {
return fmt.Errorf("JSON depth exceeds maximum of %d levels", maxDepth)
}
case json.Delim('}'), json.Delim(']'):
depth--
}
}
return nil
}
```
**SSRF Protection**:
```go
import (
"net/url"
"strings"
)
type SSRFProtection struct {
allowedHosts []string // Whitelist of adapter hosts
}
func NewSSRFProtection(allowedHosts []string) *SSRFProtection {
return &SSRFProtection{allowedHosts: allowedHosts}
}
func (s *SSRFProtection) ValidateURL(rawURL string) error {
parsed, err := url.Parse(rawURL)
if err != nil {
return fmt.Errorf("invalid URL: %w", err)
}
// Block redirects to internal networks
if isInternalIP(parsed.Host) {
return fmt.Errorf("internal network access forbidden")
}
// Check whitelist
allowed := false
for _, host := range s.allowedHosts {
if strings.HasPrefix(parsed.Host, host) {
allowed = true
break
}
}
if !allowed {
return fmt.Errorf("host %s not in whitelist", parsed.Host)
}
return nil
}
func isInternalIP(host string) bool {
// Remove port if present
if idx := strings.LastIndex(host, ":"); idx != -1 {
host = host[:idx]
}
internal := []string{
"localhost",
"127.",
"10.",
"172.16.", "172.17.", "172.18.", "172.19.",
"172.20.", "172.21.", "172.22.", "172.23.",
"172.24.", "172.25.", "172.26.", "172.27.",
"172.28.", "172.29.", "172.30.", "172.31.",
"192.168.",
"169.254.", // Link-local
}
for _, prefix := range internal {
if strings.HasPrefix(host, prefix) {
return true
}
}
return false
}
```
**HTTP Client with Security Settings**:
```go
import (
"net/http"
"time"
)
func NewSecureHTTPClient(timeout time.Duration) *http.Client {
return &http.Client{
Timeout: timeout,
CheckRedirect: func(req *http.Request, via []*http.Request) error {
return http.ErrUseLastResponse // Disable redirects
},
Transport: &http.Transport{
MaxIdleConns: 10,
MaxIdleConnsPerHost: 2,
IdleConnTimeout: 30 * time.Second,
DisableKeepAlives: false,
DisableCompression: false,
},
}
}
```
**Usage in Routes**:
```go
func RegisterRoutes(r *gin.RouterGroup) {
// Rate limiters
detectLimiter := NewRateLimiter(10, time.Minute) // 10/min
importLimiter := NewRateLimiter(5, time.Minute) // 5/min
exportLimiter := NewRateLimiter(20, time.Minute) // 20/min
// File size limit (10MB)
maxFileSize := int64(10 << 20)
importer := r.Group("/import")
importer.Use(ValidateFileSizeMiddleware(maxFileSize))
importer.POST("/detect", detectLimiter.Middleware(), DetectHandler)
importer.POST("/import", importLimiter.Middleware(), ImportHandler)
importer.POST("/export/:id", exportLimiter.Middleware(), ExportHandler)
importer.GET("/adapters", ListAdaptersHandler)
importer.GET("/history", ImportHistoryHandler)
}
```
## 2. API Endpoints (Backend)
Create [import/routes.go](import/routes.go):
Create [importer/routes.go](importer/routes.go):
```go
func RegisterRoutes(r *gin.RouterGroup) {
@@ -288,7 +514,7 @@ type ImportResult struct {
}
```
**Handler Implementations** in [import/handlers.go](import/handlers.go):
**Handler Implementations** in [importer/handlers.go](importer/handlers.go):
**DetectHandler**:
- Accept multipart file upload
@@ -502,9 +728,9 @@ func exportChar(c *gin.Context) {
- Map Foundry features → BMRT skills
- Preserve unmapped fields in `CharacterImport.Extensions["foundry"]`
**Extensions Field** (add to importero.CharacterImport via wrapper in import/bmrt.go):
**Extensions Field** (add to importero.CharacterImport via wrapper in importer/bmrt.go):
```go
// Wrapper in import/bmrt.go
// Wrapper in importer/bmrt.go
type BMRTCharacter struct {
importero.CharacterImport
BmrtVersion string `json:"bmrt_version"`
@@ -552,17 +778,17 @@ bamort-backend-dev:
## 5. Testing Strategy
### 5.1 Unit Tests
Create [import/registry_test.go](import/registry_test.go):
Create [importer/registry_test.go](importer/registry_test.go):
- Test adapter registration
- Test detection with multiple adapters
- Mock HTTP responses using `httptest`
Create [import/validator_test.go](import/validator_test.go):
Create [importer/validator_test.go](importer/validator_test.go):
- Test each validation rule
- Test warning vs error distinction
### 5.2 Integration Tests
Create [import/integration_test.go](import/integration_test.go):
Create [importer/integration_test.go](importer/integration_test.go):
- Use `testutils.SetupTestDB()`
- Test full import flow with mock adapter
- Verify `ImportHistory` created
@@ -586,9 +812,9 @@ Create [backend/api/import_e2e_test.go](backend/api/import_e2e_test.go):
## 6. Documentation
### 6.0 New Package Structure
The new `import/` package will contain:
The new `importer/` package will contain:
```
backend/import/
backend/importer/
├── routes.go # Route registration
├── handlers.go # HTTP handlers
├── registry.go # Adapter registry
@@ -604,7 +830,7 @@ backend/import/
### 6.1 Update Files
- [backend/PlanNewFeature.md](backend/PlanNewFeature.md) → Mark as "Implemented, see IMPORT_EXPORT_GUIDE.md"
- Create `backend/import/README.md` with package overview and architecture
- Create `backend/importer/README.md` with package overview and architecture
- Create `backend/IMPORT_EXPORT_GUIDE.md` with full system architecture
- Create `backend/adapters/ADAPTER_DEVELOPMENT.md` with adapter creation guide
- Update [docker/SERVICES_REFERENCE.md](docker/SERVICES_REFERENCE.md) with adapter services
@@ -627,7 +853,7 @@ Generate docs with `swag init`
- JSON validation: max depth 100 levels
- HTTP client security:
- Disable redirects
- Short timeouts (2s detect, 30s import/export)
- Short timeouts (2s detect, 30s importer/export)
- Connection pooling with limits
### 7.2 Monitoring
@@ -668,7 +894,7 @@ Generate docs with `swag init`
1. Start dev environment: `cd docker && ./start-dev.sh`
2. Verify adapter container running: `docker ps | grep bamort-adapter-foundry`
3. Check adapter metadata: `curl http://localhost:8181/metadata`
4. Run backend tests: `cd backend && go test ./import/... -v`
4. Run backend tests: `cd backend && go test ./importer/... -v`
5. Run adapter tests: `go test ./adapters/foundry/... -v`
6. Upload test character: `curl -F "file=@testdata/foundry_sample.json" http://localhost:8180/api/import/import -H "Authorization: Bearer <token>"`
7. Verify character created in database via phpMyAdmin
@@ -750,7 +976,7 @@ For each component:
### Phase 1: Core Infrastructure (Week 1-2)
**TDD Workflow**: Write tests for each component before implementation
- Create new `import/` package structure
- Create new `importer/` package structure
- Database migrations (ImportHistory, MasterDataImport tables + Char provenance fields)
- Adapter registry with HTTP client (health checks, version negotiation)
- Smart format detection with short-circuit optimization
@@ -799,7 +1025,7 @@ For each component:
## Success Criteria
### Functional Requirements
- [ ] New `import/` package created with all modules
- [ ] New `importer/` package created with all modules
- [ ] importero and transfero packages remain untouched (backwards compatibility)
- [ ] Foundry VTT characters import successfully via microservice adapter
- [ ] Round-trip export produces valid Foundry JSON
@@ -883,6 +1109,6 @@ This plan has been validated against production requirements and incorporates:
### Implementation Risk: **LOW**
- 70% of infrastructure exists (models, database, test framework)
- New `import/` package is isolated (no regression risk)
- New `importer/` package is isolated (no regression risk)
- Microservice isolation contains adapter failures
- Comprehensive testing strategy defined