class AuthD::Request IPC::JSON.message ReplaceProfile, 14 do property new_profile : Hash(String, JSON::Any) def initialize(@new_profile) end def handle(authd : AuthD::Service, fd : Int32) logged_user = authd.get_logged_user_full? fd return Response::Error.new "you must be logged" if logged_user.nil? profile = logged_user.profile || Hash(String, JSON::Any).new # Skip this verification for authd administrators. unless logged_user.admin authd.configuration.read_only_profile_keys.each do |key| if @new_profile[key]? != profile[key]? return Response::Error.new "tried to edit read only key" end end end logged_user.profile = @new_profile authd.users_per_uid.update logged_user.uid.to_s, logged_user Response::User.new logged_user.to_public end end AuthD.requests << ReplaceProfile # Same as above, but doesn’t reset the whole profile, only resets elements # for which keys are present in `new_profile`. IPC::JSON.message EditProfileEntries, 15 do property user : UserID | Nil = nil property new_profile : Hash(String, JSON::Any) def initialize(@new_profile, @user = nil) end def handle(authd : AuthD::Service, fd : Int32) logged_user = authd.get_logged_user_full? fd return Response::Error.new "you must be logged" if logged_user.nil? user = if u = @user logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit) authd.user? u else logged_user end return Response::Error.new "user not found" if user.nil? new_profile = user.profile || Hash(String, JSON::Any).new unless logged_user.admin authd.configuration.read_only_profile_keys.each do |key| if @new_profile.has_key? key return Response::Error.new "tried to edit read only key" end end end @new_profile.each do |key, value| new_profile[key] = value end user.profile = new_profile authd.users_per_uid.update user.uid.to_s, user Response::User.new user.to_public end end AuthD.requests << EditProfileEntries end