1
0
mirror of https://github.com/osmarks/mycorrhiza.git synced 2025-01-22 16:16:51 +00:00

Mark user's source: local or telegram

This commit is contained in:
bouncepaw 2021-07-14 21:00:35 +00:00
parent 8059674925
commit 5e450612a1
8 changed files with 95 additions and 103 deletions

View File

@ -88,7 +88,7 @@ func createAdminCommand(name string) {
password := string(passwordBytes) password := string(passwordBytes)
log.SetOutput(io.Discard) log.SetOutput(io.Discard)
err = user.Register(name, password, "admin", true) err = user.Register(name, password, "admin", "local", true)
log.SetOutput(wr) log.SetOutput(wr)
if err != nil { if err != nil {

View File

@ -40,6 +40,9 @@ func usersFromFile() []*User {
} }
for _, u := range users { for _, u := range users {
u.Name = util.CanonicalName(u.Name) u.Name = util.CanonicalName(u.Name)
if u.Source == "" {
u.Source = "local"
}
} }
log.Println("Found", len(users), "users") log.Println("Found", len(users), "users")
return users return users

View File

@ -40,7 +40,7 @@ func LogoutFromRequest(w http.ResponseWriter, rq *http.Request) {
} }
// Register registers the given user. If it fails, a non-nil error is returned. // Register registers the given user. If it fails, a non-nil error is returned.
func Register(username, password, group string, force bool) error { func Register(username, password, group, source string, force bool) error {
username = util.CanonicalName(username) username = util.CanonicalName(username)
switch { switch {
@ -48,6 +48,8 @@ func Register(username, password, group string, force bool) error {
return fmt.Errorf("illegal username \"%s\"", username) return fmt.Errorf("illegal username \"%s\"", username)
case !ValidGroup(group): case !ValidGroup(group):
return fmt.Errorf("invalid group \"%s\"", group) return fmt.Errorf("invalid group \"%s\"", group)
case !ValidSource(source):
return fmt.Errorf("invalid source \"%s\"", source)
case HasUsername(username): case HasUsername(username):
return fmt.Errorf("username \"%s\" is already taken", username) return fmt.Errorf("username \"%s\" is already taken", username)
case !force && cfg.RegistrationLimit > 0 && Count() >= cfg.RegistrationLimit: case !force && cfg.RegistrationLimit > 0 && Count() >= cfg.RegistrationLimit:
@ -62,6 +64,7 @@ func Register(username, password, group string, force bool) error {
u := User{ u := User{
Name: username, Name: username,
Group: group, Group: group,
Source: source,
Password: string(hash), Password: string(hash),
RegisteredAt: time.Now(), RegisteredAt: time.Now(),
} }

View File

@ -16,6 +16,8 @@ type User struct {
Group string `json:"group"` Group string `json:"group"`
Password string `json:"hashed_password"` Password string `json:"hashed_password"`
RegisteredAt time.Time `json:"registered_on"` RegisteredAt time.Time `json:"registered_on"`
// Source is where the user from. Valid values: valid, telegram.
Source string `json:"source"`
sync.RWMutex sync.RWMutex
// A note about why HashedPassword is string and not []byte. The reason is // A note about why HashedPassword is string and not []byte. The reason is
@ -44,17 +46,15 @@ var groups = []string{
"anon", "anon",
"editor", "editor",
"trusted", "trusted",
"telegram",
"moderator", "moderator",
"admin", "admin",
} }
// Group — Right // Group — Right level
var groupRight = map[string]int{ var groupRight = map[string]int{
"anon": 0, "anon": 0,
"editor": 1, "editor": 1,
"trusted": 2, "trusted": 2,
"telegram": 2,
"moderator": 3, "moderator": 3,
"admin": 4, "admin": 4,
} }
@ -68,11 +68,16 @@ func ValidGroup(group string) bool {
return false return false
} }
func ValidSource(source string) bool {
return source == "local" || source == "telegram"
}
func EmptyUser() *User { func EmptyUser() *User {
return &User{ return &User{
Name: "anon", Name: "anon",
Group: "anon", Group: "anon",
Password: "", Password: "",
Source: "local",
} }
} }

View File

@ -142,9 +142,6 @@
</div> </div>
{% endif %} {% endif %}
{% if f.Get("group") == "telegram" %}
<p>This user is authorized using Telegram, they have the same rights as <i>trusted</i> editors. You cannot change their group.</p>
{% else %}
<form action="" method="post"> <form action="" method="post">
<div class="form-field"> <div class="form-field">
<select id="group" name="group" aria-label="Group"> <select id="group" name="group" aria-label="Group">
@ -160,7 +157,6 @@
<button class="btn" type="submit">Update</button> <button class="btn" type="submit">Update</button>
</div> </div>
</form> </form>
{% endif %}
<h2>Delete user</h2> <h2>Delete user</h2>
<p>Remove the user from the database. Changes made by the user will <p>Remove the user from the database. Changes made by the user will

View File

@ -382,65 +382,54 @@ func StreamAdminUserEditHTML(qw422016 *qt422016.Writer, u *user.User, f util.For
//line views/admin.qtpl:143 //line views/admin.qtpl:143
qw422016.N().S(` qw422016.N().S(`
`)
//line views/admin.qtpl:145
if f.Get("group") == "telegram" {
//line views/admin.qtpl:145
qw422016.N().S(`
<p>This user is authorized using Telegram, they have the same rights as <i>trusted</i> editors. You cannot change their group.</p>
`)
//line views/admin.qtpl:147
} else {
//line views/admin.qtpl:147
qw422016.N().S(`
<form action="" method="post"> <form action="" method="post">
<div class="form-field"> <div class="form-field">
<select id="group" name="group" aria-label="Group"> <select id="group" name="group" aria-label="Group">
<option`) <option`)
//line views/admin.qtpl:148
if f.Get("group") == "anon" {
//line views/admin.qtpl:148
qw422016.N().S(` selected`)
//line views/admin.qtpl:148
}
//line views/admin.qtpl:148
qw422016.N().S(`>anon</option>
<option`)
//line views/admin.qtpl:149
if f.Get("group") == "editor" {
//line views/admin.qtpl:149
qw422016.N().S(` selected`)
//line views/admin.qtpl:149
}
//line views/admin.qtpl:149
qw422016.N().S(`>editor</option>
<option`)
//line views/admin.qtpl:150
if f.Get("group") == "trusted" {
//line views/admin.qtpl:150
qw422016.N().S(` selected`)
//line views/admin.qtpl:150
}
//line views/admin.qtpl:150
qw422016.N().S(`>trusted</option>
<option`)
//line views/admin.qtpl:151 //line views/admin.qtpl:151
if f.Get("group") == "anon" { if f.Get("group") == "moderator" {
//line views/admin.qtpl:151 //line views/admin.qtpl:151
qw422016.N().S(` selected`) qw422016.N().S(` selected`)
//line views/admin.qtpl:151 //line views/admin.qtpl:151
} }
//line views/admin.qtpl:151 //line views/admin.qtpl:151
qw422016.N().S(`>anon</option> qw422016.N().S(`>moderator</option>
<option`) <option`)
//line views/admin.qtpl:152 //line views/admin.qtpl:152
if f.Get("group") == "editor" { if f.Get("group") == "admin" {
//line views/admin.qtpl:152 //line views/admin.qtpl:152
qw422016.N().S(` selected`) qw422016.N().S(` selected`)
//line views/admin.qtpl:152 //line views/admin.qtpl:152
} }
//line views/admin.qtpl:152 //line views/admin.qtpl:152
qw422016.N().S(`>editor</option> qw422016.N().S(`>admin</option>
<option`)
//line views/admin.qtpl:153
if f.Get("group") == "trusted" {
//line views/admin.qtpl:153
qw422016.N().S(` selected`)
//line views/admin.qtpl:153
}
//line views/admin.qtpl:153
qw422016.N().S(`>trusted</option>
<option`)
//line views/admin.qtpl:154
if f.Get("group") == "moderator" {
//line views/admin.qtpl:154
qw422016.N().S(` selected`)
//line views/admin.qtpl:154
}
//line views/admin.qtpl:154
qw422016.N().S(`>moderator</option>
<option`)
//line views/admin.qtpl:155
if f.Get("group") == "admin" {
//line views/admin.qtpl:155
qw422016.N().S(` selected`)
//line views/admin.qtpl:155
}
//line views/admin.qtpl:155
qw422016.N().S(`>admin</option>
</select> </select>
</div> </div>
@ -448,122 +437,117 @@ func StreamAdminUserEditHTML(qw422016 *qt422016.Writer, u *user.User, f util.For
<button class="btn" type="submit">Update</button> <button class="btn" type="submit">Update</button>
</div> </div>
</form> </form>
`)
//line views/admin.qtpl:163
}
//line views/admin.qtpl:163
qw422016.N().S(`
<h2>Delete user</h2> <h2>Delete user</h2>
<p>Remove the user from the database. Changes made by the user will <p>Remove the user from the database. Changes made by the user will
be preserved. It will be possible to take this username later.</p> be preserved. It will be possible to take this username later.</p>
<a class="btn btn_destructive" href="/admin/users/`) <a class="btn btn_destructive" href="/admin/users/`)
//line views/admin.qtpl:168 //line views/admin.qtpl:164
qw422016.N().U(u.Name) qw422016.N().U(u.Name)
//line views/admin.qtpl:168 //line views/admin.qtpl:164
qw422016.N().S(`/delete">Delete</a> qw422016.N().S(`/delete">Delete</a>
</main> </main>
</div> </div>
`) `)
//line views/admin.qtpl:171 //line views/admin.qtpl:167
} }
//line views/admin.qtpl:171 //line views/admin.qtpl:167
func WriteAdminUserEditHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) { func WriteAdminUserEditHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
//line views/admin.qtpl:171 //line views/admin.qtpl:167
qw422016 := qt422016.AcquireWriter(qq422016) qw422016 := qt422016.AcquireWriter(qq422016)
//line views/admin.qtpl:171 //line views/admin.qtpl:167
StreamAdminUserEditHTML(qw422016, u, f) StreamAdminUserEditHTML(qw422016, u, f)
//line views/admin.qtpl:171 //line views/admin.qtpl:167
qt422016.ReleaseWriter(qw422016) qt422016.ReleaseWriter(qw422016)
//line views/admin.qtpl:171 //line views/admin.qtpl:167
} }
//line views/admin.qtpl:171 //line views/admin.qtpl:167
func AdminUserEditHTML(u *user.User, f util.FormData) string { func AdminUserEditHTML(u *user.User, f util.FormData) string {
//line views/admin.qtpl:171 //line views/admin.qtpl:167
qb422016 := qt422016.AcquireByteBuffer() qb422016 := qt422016.AcquireByteBuffer()
//line views/admin.qtpl:171 //line views/admin.qtpl:167
WriteAdminUserEditHTML(qb422016, u, f) WriteAdminUserEditHTML(qb422016, u, f)
//line views/admin.qtpl:171 //line views/admin.qtpl:167
qs422016 := string(qb422016.B) qs422016 := string(qb422016.B)
//line views/admin.qtpl:171 //line views/admin.qtpl:167
qt422016.ReleaseByteBuffer(qb422016) qt422016.ReleaseByteBuffer(qb422016)
//line views/admin.qtpl:171 //line views/admin.qtpl:167
return qs422016 return qs422016
//line views/admin.qtpl:171 //line views/admin.qtpl:167
} }
//line views/admin.qtpl:173 //line views/admin.qtpl:169
func StreamAdminUserDeleteHTML(qw422016 *qt422016.Writer, u *user.User, f util.FormData) { func StreamAdminUserDeleteHTML(qw422016 *qt422016.Writer, u *user.User, f util.FormData) {
//line views/admin.qtpl:173 //line views/admin.qtpl:169
qw422016.N().S(` qw422016.N().S(`
<div class="layout"> <div class="layout">
<main class="main-width form-wrap"> <main class="main-width form-wrap">
<h1>Delete user</h1> <h1>Delete user</h1>
`) `)
//line views/admin.qtpl:178 //line views/admin.qtpl:174
if f.HasError() { if f.HasError() {
//line views/admin.qtpl:178 //line views/admin.qtpl:174
qw422016.N().S(` qw422016.N().S(`
<div class="notice notice--error"> <div class="notice notice--error">
<strong>Error:</strong> <strong>Error:</strong>
`) `)
//line views/admin.qtpl:181 //line views/admin.qtpl:177
qw422016.E().S(f.Error()) qw422016.E().S(f.Error())
//line views/admin.qtpl:181 //line views/admin.qtpl:177
qw422016.N().S(` qw422016.N().S(`
</div> </div>
`) `)
//line views/admin.qtpl:183 //line views/admin.qtpl:179
} }
//line views/admin.qtpl:183 //line views/admin.qtpl:179
qw422016.N().S(` qw422016.N().S(`
<p>Are you sure you want to delete <strong>`) <p>Are you sure you want to delete <strong>`)
//line views/admin.qtpl:185 //line views/admin.qtpl:181
qw422016.E().S(u.Name) qw422016.E().S(u.Name)
//line views/admin.qtpl:185 //line views/admin.qtpl:181
qw422016.N().S(`</strong> qw422016.N().S(`</strong>
from the database? This action is irreversible.</p> from the database? This action is irreversible.</p>
<form action="" method="post"> <form action="" method="post">
<button class="btn btn_destructive" type="submit">Delete</button> <button class="btn btn_destructive" type="submit">Delete</button>
<a class="btn btn_weak" href="/admin/users/`) <a class="btn btn_weak" href="/admin/users/`)
//line views/admin.qtpl:190 //line views/admin.qtpl:186
qw422016.N().U(u.Name) qw422016.N().U(u.Name)
//line views/admin.qtpl:190 //line views/admin.qtpl:186
qw422016.N().S(`/edit">Cancel</a> qw422016.N().S(`/edit">Cancel</a>
</form> </form>
</main> </main>
</div> </div>
`) `)
//line views/admin.qtpl:194 //line views/admin.qtpl:190
} }
//line views/admin.qtpl:194 //line views/admin.qtpl:190
func WriteAdminUserDeleteHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) { func WriteAdminUserDeleteHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
//line views/admin.qtpl:194 //line views/admin.qtpl:190
qw422016 := qt422016.AcquireWriter(qq422016) qw422016 := qt422016.AcquireWriter(qq422016)
//line views/admin.qtpl:194 //line views/admin.qtpl:190
StreamAdminUserDeleteHTML(qw422016, u, f) StreamAdminUserDeleteHTML(qw422016, u, f)
//line views/admin.qtpl:194 //line views/admin.qtpl:190
qt422016.ReleaseWriter(qw422016) qt422016.ReleaseWriter(qw422016)
//line views/admin.qtpl:194 //line views/admin.qtpl:190
} }
//line views/admin.qtpl:194 //line views/admin.qtpl:190
func AdminUserDeleteHTML(u *user.User, f util.FormData) string { func AdminUserDeleteHTML(u *user.User, f util.FormData) string {
//line views/admin.qtpl:194 //line views/admin.qtpl:190
qb422016 := qt422016.AcquireByteBuffer() qb422016 := qt422016.AcquireByteBuffer()
//line views/admin.qtpl:194 //line views/admin.qtpl:190
WriteAdminUserDeleteHTML(qb422016, u, f) WriteAdminUserDeleteHTML(qb422016, u, f)
//line views/admin.qtpl:194 //line views/admin.qtpl:190
qs422016 := string(qb422016.B) qs422016 := string(qb422016.B)
//line views/admin.qtpl:194 //line views/admin.qtpl:190
qt422016.ReleaseByteBuffer(qb422016) qt422016.ReleaseByteBuffer(qb422016)
//line views/admin.qtpl:194 //line views/admin.qtpl:190
return qs422016 return qs422016
//line views/admin.qtpl:194 //line views/admin.qtpl:190
} }

View File

@ -192,7 +192,7 @@ func handlerAdminUserNew(w http.ResponseWriter, rq *http.Request) {
// Create a user // Create a user
f := util.FormDataFromRequest(rq, []string{"name", "password", "group"}) f := util.FormDataFromRequest(rq, []string{"name", "password", "group"})
err := user.Register(f.Get("name"), f.Get("password"), f.Get("group"), true) err := user.Register(f.Get("name"), f.Get("password"), f.Get("group"), "local", true)
if err != nil { if err != nil {
html := views.AdminUserNewHTML(f.WithError(err)) html := views.AdminUserNewHTML(f.WithError(err))

View File

@ -58,7 +58,7 @@ func handlerRegister(w http.ResponseWriter, rq *http.Request) {
var ( var (
username = rq.PostFormValue("username") username = rq.PostFormValue("username")
password = rq.PostFormValue("password") password = rq.PostFormValue("password")
err = user.Register(username, password, "editor", false) err = user.Register(username, password, "editor", "local", false)
) )
if err != nil { if err != nil {
log.Printf("Failed to register \"%s\": %s", username, err.Error()) log.Printf("Failed to register \"%s\": %s", username, err.Error())
@ -134,11 +134,12 @@ func handlerTelegramLogin(w http.ResponseWriter, rq *http.Request) {
err = user.Register( err = user.Register(
username, username,
"", // Password matters not "", // Password matters not
"editor",
"telegram", "telegram",
false, false,
) )
) )
if user.HasUsername(username) && user.UserByName(username).Group == "telegram" { if user.HasUsername(username) && user.UserByName(username).Source == "telegram" {
// Problems is something we put blankets on. // Problems is something we put blankets on.
err = nil err = nil
} }