Adding a permissions manager utility.

authc
Karchnu 2020-09-05 02:46:03 +02:00
parent 5e46877140
commit a8ae8d1430
3 changed files with 72 additions and 6 deletions

View File

@ -11,6 +11,8 @@ description: |
targets:
authd:
main: src/main.cr
auth-user-perms:
main: utils/authd-user-perms.cr
auth-user-add:
main: utils/authd-user-add.cr
auth-user-allow:

View File

@ -277,8 +277,7 @@ class AuthD::Request
class CheckPermission < Request
property shared_key : String
# FIXME: Make it Int32 | String
property user : Int32
property user : Int32 | String
property service : String
property resource : String
@ -288,8 +287,7 @@ class AuthD::Request
class SetPermission < Request
property shared_key : String
# FIXME: Make it Int32 | String
property user : Int32
property user : Int32 | String
property service : String
property resource : String
property permission : ::AuthD::User::PermissionLevel
@ -549,8 +547,8 @@ module AuthD
end
end
def check_permission(user : ::AuthD::User::Public, service_name : String, resource_name : String) : User::PermissionLevel
request = Request::CheckPermission.new @key, user.uid, service_name, resource_name
def check_permission(user : Int32, service_name : String, resource_name : String) : User::PermissionLevel
request = Request::CheckPermission.new @key, user, service_name, resource_name
send request

66
utils/authd-user-perms.cr Normal file
View File

@ -0,0 +1,66 @@
require "option_parser"
require "../src/authd.cr"
key_file : String? = nil
cli_login : String? = nil
cli_service : String? = nil
cli_resource : String? = nil
cli_permlvl : String? = nil
OptionParser.parse do |parser|
parser.unknown_args do |args|
if 3 < args.size > 4
puts "usage: #{PROGRAM_NAME} <uid> <service> <resource> <permlevel> [options]"
puts parser
exit 1
end
cli_login = args[0]
cli_service = args[1]
cli_resource = args[2] if args.size > 2
cli_permlvl = args[3] if args.size > 3
end
parser.on "-K file", "--key-file file", "Read the authd shared key from a file." do |file|
key_file = file
end
parser.on "-h", "--help", "Prints this help message." do
puts "usage: #{PROGRAM_NAME} <uid> <service> <resource> [permission] [options]"
puts "example: #{PROGRAM_NAME} 1002 my-application chat Read"
puts "permission list: None Read Edit Admin"
puts parser
exit 0
end
end
if cli_login.nil?
STDERR.puts "no login provided"
exit 1
end
login = cli_login.not_nil!.to_i # not_nil!? O RLY?
service = cli_service.not_nil! # not_nil!
resource = cli_resource.not_nil! # not_nil!
authd = AuthD::Client.new
begin
key_file.try do |file| # FIXME: fail if missing?
authd.key = File.read(file).chomp
end
if cli_permlvl.nil?
pp! authd.check_permission login, service, resource
else
permlvl = cli_permlvl.not_nil!
perm = AuthD::User::PermissionLevel.parse(permlvl)
pp! authd.set_permission login, service, resource, perm
end
rescue e : AuthD::Exception
puts "error: #{e.message}"
end
authd.close