Profile edition overhauls, RO profile properties.

src/authd.cr

@@ -212,7 +212,7 @@ class AuthD::Request
 		property password   : String
 		property email      : String?
 		property phone      : String?
-		property profile    : JSON::Any?
+		property profile    : Hash(String, JSON::Any)?
 
 		initialize :shared_key, :login, :password, :email, :phone, :profile
 	end
@@ -254,7 +254,7 @@ class AuthD::Request
 		property password   : String
 		property email      : String?
 		property phone      : String?
-		property profile    : JSON::Any?
+		property profile    : Hash(String, JSON::Any)?
 
 		initialize :login, :password, :email, :phone, :profile
 	end
@@ -316,11 +316,25 @@ class AuthD::Request
 
 	class EditProfile < Request
 		property token : String
-		property new_profile : JSON::Any
+		property new_profile : Hash(String, JSON::Any)
 
 		initialize :token, :new_profile
 	end
 
+	# Same as above, but doesn’t reset the whole profile, only resets elements
+	# for which keys are present in `new_profile`.
+	class EditProfileContent < Request
+		property token      : String?
+
+		property shared_key : String?
+		property user : Int32 | String | Nil
+
+		property new_profile : Hash(String, JSON::Any)
+
+		initialize :shared_key, :user, :new_profile
+		initialize :token, :new_profile
+	end
+
 	# This creates a Request::Type enumeration. One entry for each request type.
 	{% begin %}
 		enum Type
@@ -571,6 +585,20 @@ module AuthD
 				Exception.new
 			end
 		end
+
+		def edit_profile_content(user : Int32 | String, new_values)
+			send Request::EditProfileContent.new key, user, new_values
+			response = Response.from_ipc read
+
+			case response
+			when Response::User
+				response.user
+			when Response::Error
+				raise Exception.new response.reason
+			else
+				raise Exception.new "unexpected response"
+			end
+		end
 	end
 end
 

src/main.cr

@@ -19,6 +19,7 @@ class AuthD::Service
 	property mailer_activation_url : String? = nil
 	property mailer_field_from     : String? = nil
 	property mailer_field_subject  : String? = nil
+	property read_only_profile_keys = Array(String).new
 
 	@users_per_login : DODB::Index(User)
 	@users_per_uid   : DODB::Index(User)
@@ -427,7 +428,61 @@ class AuthD::Service
 
 			return Response::Error.new "invalid user" unless user
 
-			user.profile = request.new_profile
+			new_profile = request.new_profile
+
+			@read_only_profile_keys.each do |key|
+				if new_profile.has_key? key
+					return Response::Error.new "tried to edit read only key"
+				end
+			end
+
+			user.profile = new_profile
+
+			@users_per_uid.update user.uid.to_s, user
+
+			Response::User.new user.to_public
+		when Request::EditProfileContent
+			user = if token = request.token
+				user = get_user_from_token token
+
+				return Response::Error.new "invalid user" unless user
+
+				user
+			elsif shared_key = request.shared_key
+				return Response::Error.new "invalid shared key" if shared_key != @jwt_key
+
+				user = request.user
+
+				return Response::Error.new "invalid user" unless user
+
+				user = if user.is_a? Int32
+					@users_per_uid.get? user.to_s
+				else
+					@users_per_login.get? user
+				end
+
+				return Response::Error.new "invalid user" unless user
+
+				user
+			else
+				return Response::Error.new "no token or shared_key/user pair"
+			end
+
+			new_profile = user.profile || Hash(String, JSON::Any).new
+
+			unless request.shared_key
+				@read_only_profile_keys.each do |key|
+					if request.new_profile.has_key? key
+						return Response::Error.new "tried to edit read only key"
+					end
+				end
+			end
+
+			request.new_profile.each do |key, value|
+				new_profile[key] = value
+			end
+
+			user.profile = new_profile
 
 			@users_per_uid.update user.uid.to_s, user
 
@@ -499,6 +554,7 @@ authd_require_email = false
 activation_url : String? = nil
 field_subject  : String? = nil
 field_from     : String? = nil
+read_only_profile_keys = Array(String).new
 
 begin
 	OptionParser.parse do |parser|
@@ -532,6 +588,10 @@ begin
 			activation_url = opt
 		end
 
+		parser.on "-x key", "--read-only-profile-key key", "Marks a user profile key as being read-only." do |key|
+			read_only_profile_keys.push key
+		end
+
 		parser.on "-h", "--help", "Show this help" do
 			puts parser
 
@@ -545,6 +605,7 @@ begin
 		authd.mailer_activation_url = activation_url
 		authd.mailer_field_subject  = field_subject
 		authd.mailer_field_from     = field_from
+		authd.read_only_profile_keys = read_only_profile_keys
 	end.run
 rescue e : OptionParser::Exception
 	STDERR.puts e.message

src/user.cr

@@ -34,7 +34,7 @@ class AuthD::User
 	# Public.
 	property login         : String
 	property uid           : Int32
-	property profile       : JSON::Any?
+	property profile       : Hash(String, JSON::Any)?
 
 	# Private.
 	property contact              : Contact
@@ -61,7 +61,7 @@ class AuthD::User
 
 		property login   : String
 		property uid     : Int32
-		property profile : JSON::Any?
+		property profile : Hash(String, JSON::Any)?
 
 		property date_registration : Time?