77 lines
2.0 KiB
Crystal
77 lines
2.0 KiB
Crystal
class AuthD::Request
|
||
IPC::JSON.message ReplaceProfile, 14 do
|
||
property new_profile : Hash(String, JSON::Any)
|
||
|
||
def initialize(@new_profile)
|
||
end
|
||
|
||
def handle(authd : AuthD::Service, fd : Int32)
|
||
logged_user = authd.get_logged_user_full? fd
|
||
return Response::Error.new "you must be logged" if logged_user.nil?
|
||
|
||
profile = logged_user.profile || Hash(String, JSON::Any).new
|
||
|
||
# Skip this verification for authd administrators.
|
||
unless logged_user.admin
|
||
authd.configuration.read_only_profile_keys.each do |key|
|
||
if @new_profile[key]? != profile[key]?
|
||
return Response::Error.new "tried to edit read only key"
|
||
end
|
||
end
|
||
end
|
||
|
||
logged_user.profile = @new_profile
|
||
|
||
authd.users_per_uid.update logged_user.uid.to_s, logged_user
|
||
|
||
Response::User.new logged_user.to_public
|
||
end
|
||
end
|
||
AuthD.requests << ReplaceProfile
|
||
|
||
# Same as above, but doesn’t reset the whole profile, only resets elements
|
||
# for which keys are present in `new_profile`.
|
||
IPC::JSON.message EditProfileEntries, 15 do
|
||
property user : UserID | Nil = nil
|
||
|
||
property new_profile : Hash(String, JSON::Any)
|
||
|
||
def initialize(@new_profile, @user = nil)
|
||
end
|
||
|
||
def handle(authd : AuthD::Service, fd : Int32)
|
||
logged_user = authd.get_logged_user_full? fd
|
||
return Response::Error.new "you must be logged" if logged_user.nil?
|
||
|
||
user = if u = @user
|
||
logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit)
|
||
authd.user? u
|
||
else
|
||
logged_user
|
||
end
|
||
return Response::Error.new "user not found" if user.nil?
|
||
|
||
new_profile = user.profile || Hash(String, JSON::Any).new
|
||
|
||
unless logged_user.admin
|
||
authd.configuration.read_only_profile_keys.each do |key|
|
||
if @new_profile.has_key? key
|
||
return Response::Error.new "tried to edit read only key"
|
||
end
|
||
end
|
||
end
|
||
|
||
@new_profile.each do |key, value|
|
||
new_profile[key] = value
|
||
end
|
||
|
||
user.profile = new_profile
|
||
|
||
authd.users_per_uid.update user.uid.to_s, user
|
||
|
||
Response::User.new user.to_public
|
||
end
|
||
end
|
||
AuthD.requests << EditProfileEntries
|
||
end
|