authd/src/client.cr

279 lines
6.7 KiB
Crystal
Raw Normal View History

2020-10-09 18:13:58 +02:00
require "option_parser"
require "yaml"
require "./authd.cr"
2020-10-09 18:13:58 +02:00
class Context
class_property simulation = false # do not perform the action
2023-06-14 20:16:42 +02:00
class_property authd_login : String? = nil
class_property authd_pass : String? = nil
2020-10-09 18:13:58 +02:00
# # Properties to select what to display when printing a deal.
# class_property print_title = true
# class_property print_description = true
# class_property print_owner = true
# class_property print_nb_comments = true
class_property command = "not-implemented"
class_property user_profile : Hash(String,JSON::Any)?
class_property email : String?
# Will be parsed later, with a specific parser.
class_property args : Array(String)? = nil
end
require "./better-parser"
class Actions
def self.ask_password
STDOUT << "password: "
STDOUT << `stty -echo`
STDOUT.flush
password = STDIN.gets.try &.chomp
STDOUT << '\n'
STDOUT << `stty echo`
password
end
def self.ask_something(str : String) : String?
STDOUT << "#{str} "
STDOUT.flush
answer = STDIN.gets.try &.chomp
answer
end
property the_call = {} of String => Proc(Nil)
property authd : AuthD::Client
def initialize(@authd)
@the_call["user-registration"] = ->user_registration
2020-10-09 18:13:58 +02:00
@the_call["user-validation"] = ->user_validation # Do not require authentication.
@the_call["user-recovery"] = ->user_recovery # Do not require authentication.
@the_call["user-delete"] = ->user_deletion # Do not require admin priviledges.
@the_call["user-get"] = ->user_get
@the_call["user-search"] = ->user_search
@the_call["bootstrap"] = ->bootstrap
# Require admin privileges.
@the_call["user-add"] = ->user_add
@the_call["user-mod"] = ->user_mod
2020-10-09 18:13:58 +02:00
@the_call["permission-set"] = ->permission_set
@the_call["permission-check"] = ->permission_check
end
#
# For all functions: the number of arguments is already tested.
#
def user_add
args = Context.args.not_nil!
login, email = args[0..1]
2020-10-09 18:13:58 +02:00
profile = Context.user_profile
password = Actions.ask_password
exit 1 unless password
# By default: not admin.
pp! authd.add_user login, password.not_nil!, false, email, profile: profile
2020-10-09 18:13:58 +02:00
rescue e : AuthD::Exception
puts "error: #{e.message}"
end
def user_registration
args = Context.args.not_nil!
login, email = args[0..1]
2020-10-09 18:13:58 +02:00
profile = Context.user_profile
password = Actions.ask_password
2023-06-15 00:41:22 +02:00
unless password
Baguette::Log.error "no password!"
exit 1
end
2020-10-09 18:13:58 +02:00
res = authd.register login, password.not_nil!, email, profile: profile
2023-06-15 00:41:22 +02:00
case res
when Response::UserAdded
Baguette::Log.info "user registered, mail sent"
2023-06-15 00:41:22 +02:00
exit 0
when Response::ErrorRegistrationsClosed
Baguette::Log.error "registrations are closed (only admins can add users)"
2023-06-15 00:41:22 +02:00
exit 1
when Response::ErrorAlreadyUsedLogin
Baguette::Log.error "login already used"
2023-06-15 00:41:22 +02:00
exit 1
when Response::ErrorMailRequired
Baguette::Log.error "an email address is required"
2023-06-15 00:41:22 +02:00
exit 1
when Response::ErrorInvalidEmailFormat
Baguette::Log.error "provided email address has an invalid format"
2023-06-15 00:41:22 +02:00
exit 1
when Response::ErrorCannotContactUser
Baguette::Log.error "an error occured while contacting the user with this email address"
2023-06-15 00:41:22 +02:00
exit 1
when Response::ErrorInvalidLoginFormat
Baguette::Log.error "invalid login"
2023-06-15 00:41:22 +02:00
exit 1
when Response::ErrorPasswordTooShort
Baguette::Log.error "password too short"
2023-06-15 00:41:22 +02:00
exit 1
end
rescue e
2020-10-09 18:13:58 +02:00
puts "error: #{e.message}"
end
def bootstrap
puts "Bootstrap"
args = Context.args.not_nil!
login, email = args[0..1]
profile = Context.user_profile
password = Actions.ask_password
exit 1 unless password
pp! authd.bootstrap login, password.not_nil!, email, profile
rescue e : AuthD::Exception
puts "error: #{e.message}"
end
2020-10-09 18:13:58 +02:00
# TODO
def user_mod
args = Context.args.not_nil!
userid = args[0]
password : String? = nil
should_ask_password = Actions.ask_something "Should we change the password (Yn) ?" || "n"
case should_ask_password
when /y/i
Baguette::Log.debug "Ok let's change the password!"
password = Actions.ask_password
exit 1 unless password
else
Baguette::Log.debug "Ok no change in password."
end
email = Context.email
Baguette::Log.error "This function shouldn't be used for now."
Baguette::Log.error "It is way too cumbersome."
# res = authd.add_user login, password, email, profile: profile
2020-10-09 18:13:58 +02:00
# puts res
end
def user_deletion
args = Context.args.not_nil!
userid = args[0].to_i
res = authd.delete userid
2020-10-09 18:13:58 +02:00
puts res
end
def user_validation
args = Context.args.not_nil!
login, activation_key = args[0..1]
pp! authd.validate_user login, activation_key
end
def user_search
args = Context.args.not_nil!
login = args[0]
pp! authd.search_user login
end
def user_get
args = Context.args.not_nil!
login = args[0]
pp! authd.get_user? login
end
def user_recovery
args = Context.args.not_nil!
login = args[0]
pp! authd.ask_password_recovery login
2020-10-09 18:13:58 +02:00
end
def permission_check
args = Context.args.not_nil!
user, application, resource = args[0..2]
res = @authd.check_permission user.to_i, application, resource
2023-06-15 00:02:53 +02:00
case res
when Response::PermissionCheck
s = res.service
r = res.resource
u = res.user
p = res.permission
Baguette::Log.info "app #{s} resource #{r} user #{u}: #{p}"
end
2020-10-09 18:13:58 +02:00
end
def permission_set
args = Context.args.not_nil!
user, application, resource, permission = args[0..3]
perm = AuthD::User::PermissionLevel.parse(permission)
res = @authd.set_permission user.to_i, application, resource, perm
2023-06-15 00:02:53 +02:00
case res
when Response::PermissionSet
s = res.service
r = res.resource
u = res.user
p = res.permission
Baguette::Log.info "app #{s} resource #{r} user #{u}: #{p}"
end
2020-10-09 18:13:58 +02:00
end
end
def main
# Authd connection.
authd = AuthD::Client.new
2023-06-14 20:16:42 +02:00
if login = Context.authd_login
pass = if p = Context.authd_pass
p
else
password = Actions.ask_password
raise "cannot get a password" unless password
password
end
response = authd.login? login, pass
case response
when Response::Login
uid = response.uid
token = response.token
Baguette::Log.info "Authenticated as #{login} #{uid}, token: #{token}"
else
raise "Cannot authenticate to authd with login #{login}: #{response}."
end
end
2020-10-09 18:13:58 +02:00
actions = Actions.new authd
# Now we did read the intent, we should proceed doing what was asked.
begin
actions.the_call[Context.command].call
rescue e
Baguette::Log.info "The command is not recognized (or implemented)."
2023-06-15 00:02:53 +02:00
Baguette::Log.info "Exception: #{e}."
pp! e
2020-10-09 18:13:58 +02:00
end
# authd disconnection
authd.close
rescue e
Baguette::Log.info "Exception: #{e}"
end
# Command line:
# tool [options] command [options-for-command]
main