diff --git a/shard.yml b/shard.yml index 7bc0ed4..0d14f3b 100644 --- a/shard.yml +++ b/shard.yml @@ -11,6 +11,8 @@ description: | targets: authd: main: src/main.cr + auth-user-perms: + main: utils/authd-user-perms.cr auth-user-add: main: utils/authd-user-add.cr auth-user-allow: diff --git a/src/authd.cr b/src/authd.cr index 31111fc..1954dc6 100644 --- a/src/authd.cr +++ b/src/authd.cr @@ -277,8 +277,7 @@ class AuthD::Request class CheckPermission < Request property shared_key : String - # FIXME: Make it Int32 | String - property user : Int32 + property user : Int32 | String property service : String property resource : String @@ -288,8 +287,7 @@ class AuthD::Request class SetPermission < Request property shared_key : String - # FIXME: Make it Int32 | String - property user : Int32 + property user : Int32 | String property service : String property resource : String property permission : ::AuthD::User::PermissionLevel @@ -549,8 +547,8 @@ module AuthD end end - def check_permission(user : ::AuthD::User::Public, service_name : String, resource_name : String) : User::PermissionLevel - request = Request::CheckPermission.new @key, user.uid, service_name, resource_name + def check_permission(user : Int32, service_name : String, resource_name : String) : User::PermissionLevel + request = Request::CheckPermission.new @key, user, service_name, resource_name send request diff --git a/utils/authd-user-perms.cr b/utils/authd-user-perms.cr new file mode 100644 index 0000000..1788baa --- /dev/null +++ b/utils/authd-user-perms.cr @@ -0,0 +1,66 @@ +require "option_parser" + +require "../src/authd.cr" + +key_file : String? = nil +cli_login : String? = nil +cli_service : String? = nil +cli_resource : String? = nil +cli_permlvl : String? = nil + +OptionParser.parse do |parser| + parser.unknown_args do |args| + if 3 < args.size > 4 + puts "usage: #{PROGRAM_NAME} [options]" + puts parser + exit 1 + end + + cli_login = args[0] + cli_service = args[1] + cli_resource = args[2] if args.size > 2 + cli_permlvl = args[3] if args.size > 3 + end + + parser.on "-K file", "--key-file file", "Read the authd shared key from a file." do |file| + key_file = file + end + + parser.on "-h", "--help", "Prints this help message." do + puts "usage: #{PROGRAM_NAME} [permission] [options]" + puts "example: #{PROGRAM_NAME} 1002 my-application chat Read" + puts "permission list: None Read Edit Admin" + puts parser + exit 0 + end +end + +if cli_login.nil? + STDERR.puts "no login provided" + exit 1 +end + +login = cli_login.not_nil!.to_i # not_nil!? O RLY? +service = cli_service.not_nil! # not_nil! +resource = cli_resource.not_nil! # not_nil! + +authd = AuthD::Client.new + +begin + key_file.try do |file| # FIXME: fail if missing? + authd.key = File.read(file).chomp + end + + if cli_permlvl.nil? + pp! authd.check_permission login, service, resource + else + permlvl = cli_permlvl.not_nil! + perm = AuthD::User::PermissionLevel.parse(permlvl) + pp! authd.set_permission login, service, resource, perm + end +rescue e : AuthD::Exception + puts "error: #{e.message}" +end + +authd.close +