diff --git a/project.zsh b/project.zsh index d201c43..a8b87ac 100644 --- a/project.zsh +++ b/project.zsh @@ -16,3 +16,10 @@ targets+=(client/style.css) type[client/style.css]=sass sources[client/style.css]=client/style.sass +for file in utils/*.cr; do + util="$(basename ${file%.cr})" + targets+=($util) + type[$util]=crystal + sources[$util]=utils/$util.cr +done + diff --git a/utils/authd-user-add.cr b/utils/authd-user-add.cr new file mode 100644 index 0000000..1bf0bd5 --- /dev/null +++ b/utils/authd-user-add.cr @@ -0,0 +1,83 @@ +require "option_parser" + +require "../src/authd.cr" + +key_file : String? = nil +cli_login : String? = nil +profile_file : String? = nil +register = false + +OptionParser.parse do |parser| + parser.unknown_args do |args| + if args.size != 1 + puts "usage: #{PROGRAM_NAME} [options]" + puts parser + exit 1 + end + + cli_login = args[0] + end + + parser.on "-p file", "--profile file", "Read the user profile from a file." do |file| + profile_file = file + end + + parser.on "-K file", "--key-file file", "Read the authd shared key from a file." do |file| + key_file = file + end + + parser.on "-R", "--register", "Use a registration request instead of a add-user one." do + register = true + end + + parser.on "-h", "--help", "Prints this help message." do + puts "usage: #{PROGRAM_NAME} [options]" + puts parser + exit 0 + end +end + +if cli_login.nil? + STDERR.puts "no login provided" + exit 1 +end + +login = cli_login.not_nil! # not_nil!? O RLY? + +profile = profile_file.try do |file| + begin + JSON.parse File.read file + rescue e + STDERR.puts e.message + exit 1 + end +end + +STDOUT << "password: " +STDOUT << `stty -echo` +STDOUT.flush +password = STDIN.gets.try &.chomp + +STDOUT << '\n' +STDOUT << `stty echo` + +exit 1 unless password + +authd = AuthD::Client.new + +begin + if register + authd.register login, password, profile: profile + else + key_file.try do |file| # FIXME: fail if missing? + authd.key = File.read(file).chomp + end + + authd.add_user login, password, profile: profile + end +rescue e : AuthD::Exception + puts "error: #{e.message}" +end + +authd.close + diff --git a/utils/authd-user-allow.cr b/utils/authd-user-allow.cr new file mode 100644 index 0000000..9f083bb --- /dev/null +++ b/utils/authd-user-allow.cr @@ -0,0 +1,70 @@ +require "option_parser" + +require "../src/authd.cr" + +key_file : String? = nil +login : String? = nil +service : String? = nil +resource : String? = nil +register = false +level = AuthD::User::PermissionLevel::Read + +OptionParser.parse do |parser| + parser.unknown_args do |args| + if args.size != 3 + puts "usage: #{PROGRAM_NAME} [options]" + puts parser + exit 1 + end + + login, service, resource = args + end + + parser.on "-K file", "--key-file file", "Read the authd shared key from a file." do |file| + key_file = file + end + + parser.on "-L level", "--level level", "Sets the permission level to give the user." do |l| + begin + level = AuthD::User::PermissionLevel.parse l + rescue + STDERR.puts "Could not parse permission level '#{l}'" + exit 1 + end + end + + parser.on "-R", "--register", "Use a registration request instead of a add-user one." do + register = true + end + + parser.on "-h", "--help", "Prints this help message." do + puts "usage: #{PROGRAM_NAME} [options]" + puts parser + exit 0 + end +end + +if key_file.nil? + STDERR.puts "you need to provide the shared key" + exit 1 +end + +authd = AuthD::Client.new + +authd.key = File.read(key_file.not_nil!).chomp + +begin + user = authd.get_user? login.not_nil! + + if user.nil? + raise AuthD::Exception.new "#{login}: no such user" + end + + # FIXME: make a “disallow” variant. + authd.set_permission user.uid, service.not_nil!, resource.not_nil!, level +rescue e : AuthD::Exception + puts "error: #{e.message}" +end + +authd.close +