Remove messages: GetContacts ListUsers UpdatePassword ReplaceProfile.

master
Philippe Pittoli 2023-06-13 02:32:15 +02:00
parent 3d8d74e8b7
commit fb65c32848
7 changed files with 76 additions and 154 deletions

View File

@ -46,46 +46,4 @@ class AuthD::Request
end end
end end
AuthD.requests << AddUser AuthD.requests << AddUser
IPC::JSON.message ModUser, 5 do
property user : UserID | Nil = nil
property admin : Bool? = nil
property password : String? = nil
property email : String? = nil
def initialize(@user, @admin, @password, @email)
end
def handle(authd : AuthD::Service, fd : Int32)
logged_user = authd.get_logged_user_full? fd
return Response::Error.new "you must be logged" if logged_user.nil?
user = if u = @user
logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit)
authd.user? u
else
logged_user
end
return Response::Error.new "user not found" if user.nil?
# Only an admin can uprank or downrank someone.
if admin = @admin
logged_user.assert_permission("authd", "*", User::PermissionLevel::Admin)
user.admin = admin
end
@password.try do |s|
user.password_hash = authd.hash_password s
end
@email.try do |email|
user.contact.email = email
end
authd.users_per_uid.update user.uid.to_s, user
Response::UserEdited.new user.uid
end
end
AuthD.requests << ModUser
end end

View File

@ -1,15 +0,0 @@
class AuthD::Request
IPC::JSON.message GetContacts, 18 do
def initialize()
end
def handle(authd : AuthD::Service, fd : Int32)
logged_user = authd.get_logged_user_full? fd
return Response::Error.new "you must be logged" if logged_user.nil?
_c = logged_user.contact
Response::Contacts.new logged_user.uid, _c.email
end
end
AuthD.requests << GetContacts
end

View File

@ -1,23 +0,0 @@
class AuthD::Request
IPC::JSON.message ListUsers, 8 do
# Since the list could be long, here is a way to get it at a reasonable pace.
property offset : Int32 = 0
# By default, authd will send 10 users at a time.
def initialize()
end
def handle(authd : AuthD::Service, fd : Int32)
logged_user = authd.get_logged_user_full? fd
return Response::Error.new "you must be logged" if logged_user.nil?
# Test if the user is a moderator.
logged_user.assert_permission("authd", "*", User::PermissionLevel::Read)
list = authd.users.to_h.map &.[1].to_public
Response::UsersList.new list[offset..offset+10]
end
end
AuthD.requests << ListUsers
end

43
src/requests/moduser.cr Normal file
View File

@ -0,0 +1,43 @@
class AuthD::Request
IPC::JSON.message ModUser, 5 do
property user : UserID | Nil = nil
property admin : Bool? = nil
property password : String? = nil
property email : String? = nil
def initialize(@user, @admin, @password, @email)
end
def handle(authd : AuthD::Service, fd : Int32)
logged_user = authd.get_logged_user_full? fd
return Response::Error.new "you must be logged" if logged_user.nil?
user = if u = @user
logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit)
authd.user? u
else
logged_user
end
return Response::Error.new "user not found" if user.nil?
# Only an admin can uprank or downrank someone.
if admin = @admin
logged_user.assert_permission("authd", "*", User::PermissionLevel::Admin)
user.admin = admin
end
@password.try do |s|
user.password_hash = authd.hash_password s
end
@email.try do |email|
user.contact.email = email
end
authd.users_per_uid.update user.uid.to_s, user
Response::UserEdited.new user.uid
end
end
AuthD.requests << ModUser
end

View File

@ -1,22 +1,4 @@
class AuthD::Request class AuthD::Request
IPC::JSON.message UpdatePassword, 7 do
property new_password : String
def initialize(@new_password)
end
def handle(authd : AuthD::Service, fd : Int32)
logged_user = authd.get_logged_user_full? fd
return Response::Error.new "you must be logged" if logged_user.nil?
logged_user.password_hash = authd.hash_password @new_password
authd.users_per_uid.update logged_user.uid.to_s, logged_user
Response::UserEdited.new logged_user.uid
end
end
AuthD.requests << UpdatePassword
IPC::JSON.message PasswordRecovery, 11 do IPC::JSON.message PasswordRecovery, 11 do
property user : UserID property user : UserID
property password_renew_key : String property password_renew_key : String

View File

@ -1,42 +1,11 @@
class AuthD::Request class AuthD::Request
IPC::JSON.message ReplaceProfile, 14 do # Reset elements for which keys are present in `new_profile_entries`.
property new_profile : Hash(String, JSON::Any)
def initialize(@new_profile)
end
def handle(authd : AuthD::Service, fd : Int32)
logged_user = authd.get_logged_user_full? fd
return Response::Error.new "you must be logged" if logged_user.nil?
profile = logged_user.profile || Hash(String, JSON::Any).new
# Skip this verification for authd administrators.
unless logged_user.admin
authd.configuration.read_only_profile_keys.each do |key|
if @new_profile[key]? != profile[key]?
return Response::Error.new "tried to edit read only key"
end
end
end
logged_user.profile = @new_profile
authd.users_per_uid.update logged_user.uid.to_s, logged_user
Response::User.new logged_user.to_public
end
end
AuthD.requests << ReplaceProfile
# Same as above, but doesnt reset the whole profile, only resets elements
# for which keys are present in `new_profile`.
IPC::JSON.message EditProfileEntries, 15 do IPC::JSON.message EditProfileEntries, 15 do
property user : UserID | Nil = nil property user : UserID | Nil = nil
property new_profile : Hash(String, JSON::Any) property new_profile_entries : Hash(String, JSON::Any)
def initialize(@new_profile, @user = nil) def initialize(@new_profile_entries, @user = nil)
end end
def handle(authd : AuthD::Service, fd : Int32) def handle(authd : AuthD::Service, fd : Int32)
@ -51,21 +20,21 @@ class AuthD::Request
end end
return Response::Error.new "user not found" if user.nil? return Response::Error.new "user not found" if user.nil?
new_profile = user.profile || Hash(String, JSON::Any).new new_profile_entries = user.profile || Hash(String, JSON::Any).new
unless logged_user.admin unless logged_user.admin
authd.configuration.read_only_profile_keys.each do |key| authd.configuration.read_only_profile_keys.each do |key|
if @new_profile.has_key? key if @new_profile_entries.has_key? key
return Response::Error.new "tried to edit read only key" return Response::Error.new "tried to edit read only key"
end end
end end
end end
@new_profile.each do |key, value| @new_profile_entries.each do |key, value|
new_profile[key] = value new_profile_entries[key] = value
end end
user.profile = new_profile user.profile = new_profile_entries
authd.users_per_uid.update user.uid.to_s, user authd.users_per_uid.update user.uid.to_s, user

View File

@ -1,12 +1,12 @@
class AuthD::Request class AuthD::Request
IPC::JSON.message SearchUser, 13 do IPC::JSON.message SearchUser, 13 do
property user : String property regex : String? = nil
# Since the list could be long, here is a way to get it at a reasonable pace. # Since the list could be long, here is a way to get it at a reasonable pace.
property offset : Int32 = 0 property offset : Int32 = 0
# By default, authd will send 10 users at a time. # By default, authd will send 10 users at a time.
def initialize(@user, @offset = 0) def initialize(@regex = nil, @offset = 0)
end end
def handle(authd : AuthD::Service, fd : Int32) def handle(authd : AuthD::Service, fd : Int32)
@ -14,28 +14,36 @@ class AuthD::Request
return Response::Error.new "you must be logged" if logged_user.nil? return Response::Error.new "you must be logged" if logged_user.nil?
logged_user.assert_permission("authd", "*", User::PermissionLevel::Read) logged_user.assert_permission("authd", "*", User::PermissionLevel::Read)
pattern = Regex.new @user, Regex::Options::IGNORE_CASE users = authd.users.to_a
matching_users = Array(AuthD::User::Public).new matching_users = Array(AuthD::User::Public).new
users = authd.users.to_a # FIXME: could be optimized.
users.each do |u| result = if regex = @regex
if pattern =~ u.login || u.profile.try do |profile| pattern = Regex.new regex, Regex::Options::IGNORE_CASE
full_name = profile["full_name"]? users.each do |u|
if full_name.nil? if pattern =~ u.login || u.profile.try do |profile|
false full_name = profile["full_name"]?
else if full_name.nil?
pattern =~ full_name.as_s false
else
pattern =~ full_name.as_s
end
end end
Baguette::Log.debug "#{u.login} matches #{pattern}"
matching_users << u.to_public
else
Baguette::Log.debug "#{u.login} doesn't match #{pattern}"
end end
Baguette::Log.debug "#{u.login} matches #{pattern}"
matching_users << u.to_public
else
Baguette::Log.debug "#{u.login} doesn't match #{pattern}"
end end
matching_users[offset..offset+10]
else
users[offset..offset+10].each do |u|
matching_users << u.to_public
end
matching_users
end end
Response::MatchingUsers.new matching_users[offset..offset+10] Response::MatchingUsers.new result
end end
end end
AuthD.requests << SearchUser AuthD.requests << SearchUser