mirror of
https://github.com/osmarks/mycorrhiza.git
synced 2025-01-22 16:16:51 +00:00
Mark user's source: local or telegram
This commit is contained in:
parent
8059674925
commit
5e450612a1
2
flag.go
2
flag.go
@ -88,7 +88,7 @@ func createAdminCommand(name string) {
|
|||||||
password := string(passwordBytes)
|
password := string(passwordBytes)
|
||||||
|
|
||||||
log.SetOutput(io.Discard)
|
log.SetOutput(io.Discard)
|
||||||
err = user.Register(name, password, "admin", true)
|
err = user.Register(name, password, "admin", "local", true)
|
||||||
log.SetOutput(wr)
|
log.SetOutput(wr)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -40,6 +40,9 @@ func usersFromFile() []*User {
|
|||||||
}
|
}
|
||||||
for _, u := range users {
|
for _, u := range users {
|
||||||
u.Name = util.CanonicalName(u.Name)
|
u.Name = util.CanonicalName(u.Name)
|
||||||
|
if u.Source == "" {
|
||||||
|
u.Source = "local"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
log.Println("Found", len(users), "users")
|
log.Println("Found", len(users), "users")
|
||||||
return users
|
return users
|
||||||
|
@ -40,7 +40,7 @@ func LogoutFromRequest(w http.ResponseWriter, rq *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Register registers the given user. If it fails, a non-nil error is returned.
|
// Register registers the given user. If it fails, a non-nil error is returned.
|
||||||
func Register(username, password, group string, force bool) error {
|
func Register(username, password, group, source string, force bool) error {
|
||||||
username = util.CanonicalName(username)
|
username = util.CanonicalName(username)
|
||||||
|
|
||||||
switch {
|
switch {
|
||||||
@ -48,6 +48,8 @@ func Register(username, password, group string, force bool) error {
|
|||||||
return fmt.Errorf("illegal username \"%s\"", username)
|
return fmt.Errorf("illegal username \"%s\"", username)
|
||||||
case !ValidGroup(group):
|
case !ValidGroup(group):
|
||||||
return fmt.Errorf("invalid group \"%s\"", group)
|
return fmt.Errorf("invalid group \"%s\"", group)
|
||||||
|
case !ValidSource(source):
|
||||||
|
return fmt.Errorf("invalid source \"%s\"", source)
|
||||||
case HasUsername(username):
|
case HasUsername(username):
|
||||||
return fmt.Errorf("username \"%s\" is already taken", username)
|
return fmt.Errorf("username \"%s\" is already taken", username)
|
||||||
case !force && cfg.RegistrationLimit > 0 && Count() >= cfg.RegistrationLimit:
|
case !force && cfg.RegistrationLimit > 0 && Count() >= cfg.RegistrationLimit:
|
||||||
@ -62,6 +64,7 @@ func Register(username, password, group string, force bool) error {
|
|||||||
u := User{
|
u := User{
|
||||||
Name: username,
|
Name: username,
|
||||||
Group: group,
|
Group: group,
|
||||||
|
Source: source,
|
||||||
Password: string(hash),
|
Password: string(hash),
|
||||||
RegisteredAt: time.Now(),
|
RegisteredAt: time.Now(),
|
||||||
}
|
}
|
||||||
|
11
user/user.go
11
user/user.go
@ -16,6 +16,8 @@ type User struct {
|
|||||||
Group string `json:"group"`
|
Group string `json:"group"`
|
||||||
Password string `json:"hashed_password"`
|
Password string `json:"hashed_password"`
|
||||||
RegisteredAt time.Time `json:"registered_on"`
|
RegisteredAt time.Time `json:"registered_on"`
|
||||||
|
// Source is where the user from. Valid values: valid, telegram.
|
||||||
|
Source string `json:"source"`
|
||||||
sync.RWMutex
|
sync.RWMutex
|
||||||
|
|
||||||
// A note about why HashedPassword is string and not []byte. The reason is
|
// A note about why HashedPassword is string and not []byte. The reason is
|
||||||
@ -44,17 +46,15 @@ var groups = []string{
|
|||||||
"anon",
|
"anon",
|
||||||
"editor",
|
"editor",
|
||||||
"trusted",
|
"trusted",
|
||||||
"telegram",
|
|
||||||
"moderator",
|
"moderator",
|
||||||
"admin",
|
"admin",
|
||||||
}
|
}
|
||||||
|
|
||||||
// Group — Right
|
// Group — Right level
|
||||||
var groupRight = map[string]int{
|
var groupRight = map[string]int{
|
||||||
"anon": 0,
|
"anon": 0,
|
||||||
"editor": 1,
|
"editor": 1,
|
||||||
"trusted": 2,
|
"trusted": 2,
|
||||||
"telegram": 2,
|
|
||||||
"moderator": 3,
|
"moderator": 3,
|
||||||
"admin": 4,
|
"admin": 4,
|
||||||
}
|
}
|
||||||
@ -68,11 +68,16 @@ func ValidGroup(group string) bool {
|
|||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func ValidSource(source string) bool {
|
||||||
|
return source == "local" || source == "telegram"
|
||||||
|
}
|
||||||
|
|
||||||
func EmptyUser() *User {
|
func EmptyUser() *User {
|
||||||
return &User{
|
return &User{
|
||||||
Name: "anon",
|
Name: "anon",
|
||||||
Group: "anon",
|
Group: "anon",
|
||||||
Password: "",
|
Password: "",
|
||||||
|
Source: "local",
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -142,9 +142,6 @@
|
|||||||
</div>
|
</div>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if f.Get("group") == "telegram" %}
|
|
||||||
<p>This user is authorized using Telegram, they have the same rights as <i>trusted</i> editors. You cannot change their group.</p>
|
|
||||||
{% else %}
|
|
||||||
<form action="" method="post">
|
<form action="" method="post">
|
||||||
<div class="form-field">
|
<div class="form-field">
|
||||||
<select id="group" name="group" aria-label="Group">
|
<select id="group" name="group" aria-label="Group">
|
||||||
@ -160,7 +157,6 @@
|
|||||||
<button class="btn" type="submit">Update</button>
|
<button class="btn" type="submit">Update</button>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
<h2>Delete user</h2>
|
<h2>Delete user</h2>
|
||||||
<p>Remove the user from the database. Changes made by the user will
|
<p>Remove the user from the database. Changes made by the user will
|
||||||
|
@ -382,65 +382,54 @@ func StreamAdminUserEditHTML(qw422016 *qt422016.Writer, u *user.User, f util.For
|
|||||||
//line views/admin.qtpl:143
|
//line views/admin.qtpl:143
|
||||||
qw422016.N().S(`
|
qw422016.N().S(`
|
||||||
|
|
||||||
`)
|
|
||||||
//line views/admin.qtpl:145
|
|
||||||
if f.Get("group") == "telegram" {
|
|
||||||
//line views/admin.qtpl:145
|
|
||||||
qw422016.N().S(`
|
|
||||||
<p>This user is authorized using Telegram, they have the same rights as <i>trusted</i> editors. You cannot change their group.</p>
|
|
||||||
`)
|
|
||||||
//line views/admin.qtpl:147
|
|
||||||
} else {
|
|
||||||
//line views/admin.qtpl:147
|
|
||||||
qw422016.N().S(`
|
|
||||||
<form action="" method="post">
|
<form action="" method="post">
|
||||||
<div class="form-field">
|
<div class="form-field">
|
||||||
<select id="group" name="group" aria-label="Group">
|
<select id="group" name="group" aria-label="Group">
|
||||||
<option`)
|
<option`)
|
||||||
|
//line views/admin.qtpl:148
|
||||||
|
if f.Get("group") == "anon" {
|
||||||
|
//line views/admin.qtpl:148
|
||||||
|
qw422016.N().S(` selected`)
|
||||||
|
//line views/admin.qtpl:148
|
||||||
|
}
|
||||||
|
//line views/admin.qtpl:148
|
||||||
|
qw422016.N().S(`>anon</option>
|
||||||
|
<option`)
|
||||||
|
//line views/admin.qtpl:149
|
||||||
|
if f.Get("group") == "editor" {
|
||||||
|
//line views/admin.qtpl:149
|
||||||
|
qw422016.N().S(` selected`)
|
||||||
|
//line views/admin.qtpl:149
|
||||||
|
}
|
||||||
|
//line views/admin.qtpl:149
|
||||||
|
qw422016.N().S(`>editor</option>
|
||||||
|
<option`)
|
||||||
|
//line views/admin.qtpl:150
|
||||||
|
if f.Get("group") == "trusted" {
|
||||||
|
//line views/admin.qtpl:150
|
||||||
|
qw422016.N().S(` selected`)
|
||||||
|
//line views/admin.qtpl:150
|
||||||
|
}
|
||||||
|
//line views/admin.qtpl:150
|
||||||
|
qw422016.N().S(`>trusted</option>
|
||||||
|
<option`)
|
||||||
//line views/admin.qtpl:151
|
//line views/admin.qtpl:151
|
||||||
if f.Get("group") == "anon" {
|
if f.Get("group") == "moderator" {
|
||||||
//line views/admin.qtpl:151
|
//line views/admin.qtpl:151
|
||||||
qw422016.N().S(` selected`)
|
qw422016.N().S(` selected`)
|
||||||
//line views/admin.qtpl:151
|
//line views/admin.qtpl:151
|
||||||
}
|
}
|
||||||
//line views/admin.qtpl:151
|
//line views/admin.qtpl:151
|
||||||
qw422016.N().S(`>anon</option>
|
qw422016.N().S(`>moderator</option>
|
||||||
<option`)
|
<option`)
|
||||||
//line views/admin.qtpl:152
|
//line views/admin.qtpl:152
|
||||||
if f.Get("group") == "editor" {
|
if f.Get("group") == "admin" {
|
||||||
//line views/admin.qtpl:152
|
//line views/admin.qtpl:152
|
||||||
qw422016.N().S(` selected`)
|
qw422016.N().S(` selected`)
|
||||||
//line views/admin.qtpl:152
|
//line views/admin.qtpl:152
|
||||||
}
|
}
|
||||||
//line views/admin.qtpl:152
|
//line views/admin.qtpl:152
|
||||||
qw422016.N().S(`>editor</option>
|
qw422016.N().S(`>admin</option>
|
||||||
<option`)
|
|
||||||
//line views/admin.qtpl:153
|
|
||||||
if f.Get("group") == "trusted" {
|
|
||||||
//line views/admin.qtpl:153
|
|
||||||
qw422016.N().S(` selected`)
|
|
||||||
//line views/admin.qtpl:153
|
|
||||||
}
|
|
||||||
//line views/admin.qtpl:153
|
|
||||||
qw422016.N().S(`>trusted</option>
|
|
||||||
<option`)
|
|
||||||
//line views/admin.qtpl:154
|
|
||||||
if f.Get("group") == "moderator" {
|
|
||||||
//line views/admin.qtpl:154
|
|
||||||
qw422016.N().S(` selected`)
|
|
||||||
//line views/admin.qtpl:154
|
|
||||||
}
|
|
||||||
//line views/admin.qtpl:154
|
|
||||||
qw422016.N().S(`>moderator</option>
|
|
||||||
<option`)
|
|
||||||
//line views/admin.qtpl:155
|
|
||||||
if f.Get("group") == "admin" {
|
|
||||||
//line views/admin.qtpl:155
|
|
||||||
qw422016.N().S(` selected`)
|
|
||||||
//line views/admin.qtpl:155
|
|
||||||
}
|
|
||||||
//line views/admin.qtpl:155
|
|
||||||
qw422016.N().S(`>admin</option>
|
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
@ -448,122 +437,117 @@ func StreamAdminUserEditHTML(qw422016 *qt422016.Writer, u *user.User, f util.For
|
|||||||
<button class="btn" type="submit">Update</button>
|
<button class="btn" type="submit">Update</button>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
`)
|
|
||||||
//line views/admin.qtpl:163
|
|
||||||
}
|
|
||||||
//line views/admin.qtpl:163
|
|
||||||
qw422016.N().S(`
|
|
||||||
|
|
||||||
<h2>Delete user</h2>
|
<h2>Delete user</h2>
|
||||||
<p>Remove the user from the database. Changes made by the user will
|
<p>Remove the user from the database. Changes made by the user will
|
||||||
be preserved. It will be possible to take this username later.</p>
|
be preserved. It will be possible to take this username later.</p>
|
||||||
<a class="btn btn_destructive" href="/admin/users/`)
|
<a class="btn btn_destructive" href="/admin/users/`)
|
||||||
//line views/admin.qtpl:168
|
//line views/admin.qtpl:164
|
||||||
qw422016.N().U(u.Name)
|
qw422016.N().U(u.Name)
|
||||||
//line views/admin.qtpl:168
|
//line views/admin.qtpl:164
|
||||||
qw422016.N().S(`/delete">Delete</a>
|
qw422016.N().S(`/delete">Delete</a>
|
||||||
</main>
|
</main>
|
||||||
</div>
|
</div>
|
||||||
`)
|
`)
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
}
|
}
|
||||||
|
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
func WriteAdminUserEditHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
|
func WriteAdminUserEditHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
qw422016 := qt422016.AcquireWriter(qq422016)
|
qw422016 := qt422016.AcquireWriter(qq422016)
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
StreamAdminUserEditHTML(qw422016, u, f)
|
StreamAdminUserEditHTML(qw422016, u, f)
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
qt422016.ReleaseWriter(qw422016)
|
qt422016.ReleaseWriter(qw422016)
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
}
|
}
|
||||||
|
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
func AdminUserEditHTML(u *user.User, f util.FormData) string {
|
func AdminUserEditHTML(u *user.User, f util.FormData) string {
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
qb422016 := qt422016.AcquireByteBuffer()
|
qb422016 := qt422016.AcquireByteBuffer()
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
WriteAdminUserEditHTML(qb422016, u, f)
|
WriteAdminUserEditHTML(qb422016, u, f)
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
qs422016 := string(qb422016.B)
|
qs422016 := string(qb422016.B)
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
qt422016.ReleaseByteBuffer(qb422016)
|
qt422016.ReleaseByteBuffer(qb422016)
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
return qs422016
|
return qs422016
|
||||||
//line views/admin.qtpl:171
|
//line views/admin.qtpl:167
|
||||||
}
|
}
|
||||||
|
|
||||||
//line views/admin.qtpl:173
|
//line views/admin.qtpl:169
|
||||||
func StreamAdminUserDeleteHTML(qw422016 *qt422016.Writer, u *user.User, f util.FormData) {
|
func StreamAdminUserDeleteHTML(qw422016 *qt422016.Writer, u *user.User, f util.FormData) {
|
||||||
//line views/admin.qtpl:173
|
//line views/admin.qtpl:169
|
||||||
qw422016.N().S(`
|
qw422016.N().S(`
|
||||||
<div class="layout">
|
<div class="layout">
|
||||||
<main class="main-width form-wrap">
|
<main class="main-width form-wrap">
|
||||||
<h1>Delete user</h1>
|
<h1>Delete user</h1>
|
||||||
|
|
||||||
`)
|
`)
|
||||||
//line views/admin.qtpl:178
|
//line views/admin.qtpl:174
|
||||||
if f.HasError() {
|
if f.HasError() {
|
||||||
//line views/admin.qtpl:178
|
//line views/admin.qtpl:174
|
||||||
qw422016.N().S(`
|
qw422016.N().S(`
|
||||||
<div class="notice notice--error">
|
<div class="notice notice--error">
|
||||||
<strong>Error:</strong>
|
<strong>Error:</strong>
|
||||||
`)
|
`)
|
||||||
//line views/admin.qtpl:181
|
//line views/admin.qtpl:177
|
||||||
qw422016.E().S(f.Error())
|
qw422016.E().S(f.Error())
|
||||||
//line views/admin.qtpl:181
|
//line views/admin.qtpl:177
|
||||||
qw422016.N().S(`
|
qw422016.N().S(`
|
||||||
</div>
|
</div>
|
||||||
`)
|
`)
|
||||||
//line views/admin.qtpl:183
|
//line views/admin.qtpl:179
|
||||||
}
|
}
|
||||||
//line views/admin.qtpl:183
|
//line views/admin.qtpl:179
|
||||||
qw422016.N().S(`
|
qw422016.N().S(`
|
||||||
|
|
||||||
<p>Are you sure you want to delete <strong>`)
|
<p>Are you sure you want to delete <strong>`)
|
||||||
//line views/admin.qtpl:185
|
//line views/admin.qtpl:181
|
||||||
qw422016.E().S(u.Name)
|
qw422016.E().S(u.Name)
|
||||||
//line views/admin.qtpl:185
|
//line views/admin.qtpl:181
|
||||||
qw422016.N().S(`</strong>
|
qw422016.N().S(`</strong>
|
||||||
from the database? This action is irreversible.</p>
|
from the database? This action is irreversible.</p>
|
||||||
|
|
||||||
<form action="" method="post">
|
<form action="" method="post">
|
||||||
<button class="btn btn_destructive" type="submit">Delete</button>
|
<button class="btn btn_destructive" type="submit">Delete</button>
|
||||||
<a class="btn btn_weak" href="/admin/users/`)
|
<a class="btn btn_weak" href="/admin/users/`)
|
||||||
//line views/admin.qtpl:190
|
//line views/admin.qtpl:186
|
||||||
qw422016.N().U(u.Name)
|
qw422016.N().U(u.Name)
|
||||||
//line views/admin.qtpl:190
|
//line views/admin.qtpl:186
|
||||||
qw422016.N().S(`/edit">Cancel</a>
|
qw422016.N().S(`/edit">Cancel</a>
|
||||||
</form>
|
</form>
|
||||||
</main>
|
</main>
|
||||||
</div>
|
</div>
|
||||||
`)
|
`)
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
}
|
}
|
||||||
|
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
func WriteAdminUserDeleteHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
|
func WriteAdminUserDeleteHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
qw422016 := qt422016.AcquireWriter(qq422016)
|
qw422016 := qt422016.AcquireWriter(qq422016)
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
StreamAdminUserDeleteHTML(qw422016, u, f)
|
StreamAdminUserDeleteHTML(qw422016, u, f)
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
qt422016.ReleaseWriter(qw422016)
|
qt422016.ReleaseWriter(qw422016)
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
}
|
}
|
||||||
|
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
func AdminUserDeleteHTML(u *user.User, f util.FormData) string {
|
func AdminUserDeleteHTML(u *user.User, f util.FormData) string {
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
qb422016 := qt422016.AcquireByteBuffer()
|
qb422016 := qt422016.AcquireByteBuffer()
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
WriteAdminUserDeleteHTML(qb422016, u, f)
|
WriteAdminUserDeleteHTML(qb422016, u, f)
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
qs422016 := string(qb422016.B)
|
qs422016 := string(qb422016.B)
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
qt422016.ReleaseByteBuffer(qb422016)
|
qt422016.ReleaseByteBuffer(qb422016)
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
return qs422016
|
return qs422016
|
||||||
//line views/admin.qtpl:194
|
//line views/admin.qtpl:190
|
||||||
}
|
}
|
||||||
|
@ -192,7 +192,7 @@ func handlerAdminUserNew(w http.ResponseWriter, rq *http.Request) {
|
|||||||
// Create a user
|
// Create a user
|
||||||
f := util.FormDataFromRequest(rq, []string{"name", "password", "group"})
|
f := util.FormDataFromRequest(rq, []string{"name", "password", "group"})
|
||||||
|
|
||||||
err := user.Register(f.Get("name"), f.Get("password"), f.Get("group"), true)
|
err := user.Register(f.Get("name"), f.Get("password"), f.Get("group"), "local", true)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
html := views.AdminUserNewHTML(f.WithError(err))
|
html := views.AdminUserNewHTML(f.WithError(err))
|
||||||
|
@ -58,7 +58,7 @@ func handlerRegister(w http.ResponseWriter, rq *http.Request) {
|
|||||||
var (
|
var (
|
||||||
username = rq.PostFormValue("username")
|
username = rq.PostFormValue("username")
|
||||||
password = rq.PostFormValue("password")
|
password = rq.PostFormValue("password")
|
||||||
err = user.Register(username, password, "editor", false)
|
err = user.Register(username, password, "editor", "local", false)
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("Failed to register \"%s\": %s", username, err.Error())
|
log.Printf("Failed to register \"%s\": %s", username, err.Error())
|
||||||
@ -134,11 +134,12 @@ func handlerTelegramLogin(w http.ResponseWriter, rq *http.Request) {
|
|||||||
err = user.Register(
|
err = user.Register(
|
||||||
username,
|
username,
|
||||||
"", // Password matters not
|
"", // Password matters not
|
||||||
|
"editor",
|
||||||
"telegram",
|
"telegram",
|
||||||
false,
|
false,
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
if user.HasUsername(username) && user.UserByName(username).Group == "telegram" {
|
if user.HasUsername(username) && user.UserByName(username).Source == "telegram" {
|
||||||
// Problems is something we put blankets on.
|
// Problems is something we put blankets on.
|
||||||
err = nil
|
err = nil
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user