users

package
v0.0.0-...-7578c0e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 29, 2023 License: MIT Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PermissionTunnels    = "tunnels"
	PermissionScripts    = "scripts"
	PermissionCommands   = "commands"
	PermissionVault      = "vault"
	PermissionScheduler  = "scheduler"
	PermissionMonitoring = "monitoring"
	PermissionUploads    = "uploads"
	PermissionsAuditLog  = "auditlog"
)
View Source 
const (
	Administrators = "Administrators"
)
View Source 
const HtpasswdBcryptAltPrefix = "$2a$"
View Source 
const HtpasswdBcryptPrefix = "$2y$"

Variables

View Source 
var AdministratorsGroup = Group{
	Name:        Administrators,
	Permissions: NewPermissions(AllPermissions...),
}
View Source 
var AllPermissions = []string{
	PermissionTunnels,
	PermissionScripts,
	PermissionCommands,
	PermissionVault,
	PermissionScheduler,
	PermissionMonitoring,
	PermissionUploads,
	PermissionsAuditLog,
}

Functions

func GenerateTokenHash 

func GenerateTokenHash(newTokenClear string) (string, error)

func PasswordExpired 

func PasswordExpired(f bool) *bool

Types

type APIService 

type APIService struct {
	DeliverySrv            message.Service
	Provider               Provider
	TwoFAOn                bool
	TotPOn                 bool
	PasswordMinLength      int
	PasswordZxcvbnMinscore int
}

func NewAPIService 

func NewAPIService(provider Provider, twoFAOn bool, passwordMinLength int, PasswordZxcvbnMinscore int) *APIService

func NewAPIServiceFromConfig 

func NewAPIServiceFromConfig(authDB *sqlx.DB, config *chconfig.Config) (*APIService, error)

func (*APIService) Change 

func (as *APIService) Change(usr *User, username string) error

func (*APIService) CheckPermission 

func (as *APIService) CheckPermission(user *User, permission string) error

func (*APIService) Delete 

func (as *APIService) Delete(usernameToDelete string) error

func (*APIService) DeleteGroup 

func (as *APIService) DeleteGroup(name string) error

func (*APIService) ExistGroups 

func (as *APIService) ExistGroups(groups []string) error

func (*APIService) ExtendedPermissionsParsingValidation 

func (as *APIService) ExtendedPermissionsParsingValidation(g Group) error

func (*APIService) GetAll 

func (as *APIService) GetAll() ([]*User, error)

func (*APIService) GetByUsername 

func (as *APIService) GetByUsername(username string) (*User, error)

func (*APIService) GetEffectiveUserExtendedPermissions 

func (as *APIService) GetEffectiveUserExtendedPermissions(user *User) ([]extperm.PermissionParams, []extperm.PermissionParams)

func (*APIService) GetEffectiveUserPermissions 

func (as *APIService) GetEffectiveUserPermissions(user *User) (map[string]bool, error)

func (*APIService) GetGroup 

func (as *APIService) GetGroup(name string) (Group, error)

func (APIService) GetProviderType 

func (as APIService) GetProviderType() enums.ProviderSource

func (*APIService) ListGroups 

func (as *APIService) ListGroups() ([]Group, error)

func (APIService) SupportsGroupPermissions 

func (as APIService) SupportsGroupPermissions() bool

func (*APIService) UpdateGroup 

func (as *APIService) UpdateGroup(name string, g Group) (Group, error)

type FileAdapter 

type FileAdapter struct {
	*UserCache
	*logger.Logger

	FileProvider FileProvider
	// contains filtered or unexported fields
}

func NewFileAdapter 

func NewFileAdapter(logger *logger.Logger, fileProvider FileProvider) (*FileAdapter, error)

func (*FileAdapter) Add 

func (fa *FileAdapter) Add(dataToChange *User) error

func (*FileAdapter) Delete 

func (fa *FileAdapter) Delete(usernameToDelete string) error

func (*FileAdapter) DeleteGroup 

func (fa *FileAdapter) DeleteGroup(string) error

func (*FileAdapter) GetGroup 

func (fa *FileAdapter) GetGroup(string) (Group, error)

func (*FileAdapter) ListGroups 

func (fa *FileAdapter) ListGroups() ([]Group, error)

func (*FileAdapter) SupportsGroupPermissions 

func (fa *FileAdapter) SupportsGroupPermissions() bool

func (*FileAdapter) Type 

func (fa *FileAdapter) Type() enums.ProviderSource

func (*FileAdapter) Update 

func (fa *FileAdapter) Update(dataToChange *User, usernameToFind string) error

func (*FileAdapter) UpdateGroup 

func (fa *FileAdapter) UpdateGroup(string, Group) error

type FileManager 

type FileManager struct {
	*logger.Logger

	FileName       string
	FileAccessLock sync.Mutex
}

func NewFileManager 

func NewFileManager(logger *logger.Logger, fileName string) *FileManager

func (*FileManager) ReadUsersFromFile 

func (fm *FileManager) ReadUsersFromFile() ([]*User, error)

ReadUsersFromFile returns users from a given file.

func (*FileManager) SaveUsersToFile 

func (fm *FileManager) SaveUsersToFile(usrs []*User) error

SaveUsersToFile writes users to a file in json format

type FileProvider 

type FileProvider interface {
	ReadUsersFromFile() ([]*User, error)
	SaveUsersToFile(users []*User) error
}

type Group 

type Group struct {
	Name               string                    `json:"name" db:"name"`
	Permissions        Permissions               `json:"permissions" db:"permissions"`
	TunnelsRestricted  *extperm.PermissionParams `json:"tunnels_restricted" db:"tunnels_restricted"`
	CommandsRestricted *extperm.PermissionParams `json:"commands_restricted" db:"commands_restricted"`
}

func NewGroup 

func NewGroup(name string, tr *extperm.PermissionParams, cr *extperm.PermissionParams, perms ...string) Group

type Permissions 

type Permissions struct {
	// contains filtered or unexported fields
}

func NewPermissions 

func NewPermissions(perms ...string) Permissions

func (Permissions) All 

func (permissions Permissions) All() map[string]bool

func (Permissions) Has 

func (permissions Permissions) Has(p string) bool

func (Permissions) MarshalJSON 

func (permissions Permissions) MarshalJSON() ([]byte, error)

func (*Permissions) Scan 

func (permissions *Permissions) Scan(value interface{}) error

func (*Permissions) UnmarshalJSON 

func (permissions *Permissions) UnmarshalJSON(data []byte) error

func (Permissions) Value 

func (permissions Permissions) Value() (driver.Value, error)

type Provider 

type Provider interface {
	Type() enums.ProviderSource
	SupportsGroupPermissions() bool
	GetAll() ([]*User, error)
	ListGroups() ([]Group, error)
	GetGroup(string) (Group, error)
	UpdateGroup(string, Group) error
	DeleteGroup(string) error
	GetByUsername(username string) (*User, error)
	Add(usr *User) error
	Update(usr *User, usernameToUpdate string) error
	Delete(usernameToDelete string) error
}

type StaticProvider 

type StaticProvider struct {
	*UserCache
}

func NewStaticProvider 

func NewStaticProvider(users []*User) *StaticProvider

func (*StaticProvider) Add 

func (p *StaticProvider) Add(usr *User) error

func (*StaticProvider) Delete 

func (p *StaticProvider) Delete(username string) error

func (*StaticProvider) DeleteGroup 

func (p *StaticProvider) DeleteGroup(string) error

func (*StaticProvider) GetGroup 

func (p *StaticProvider) GetGroup(string) (Group, error)

func (*StaticProvider) ListGroups 

func (p *StaticProvider) ListGroups() ([]Group, error)

func (StaticProvider) SupportsGroupPermissions 

func (p StaticProvider) SupportsGroupPermissions() bool

func (StaticProvider) Type 

func (p StaticProvider) Type() enums.ProviderSource

func (*StaticProvider) Update 

func (p *StaticProvider) Update(usr *User, username string) error

func (*StaticProvider) UpdateGroup 

func (p *StaticProvider) UpdateGroup(string, Group) error

type User 

type User struct {
	Username        string   `json:"username" db:"username"`
	Password        string   `json:"password" db:"password"`
	PasswordExpired *bool    `json:"password_expired" db:"password_expired"`
	Groups          []string `json:"groups" db:"-"`
	TwoFASendTo     string   `json:"two_fa_send_to" db:"two_fa_send_to"`
	TotP            string   `json:"totp_secret,omitempty" db:"totp_secret"`
}

User represents API user.

func (User) GetGroups 

func (u User) GetGroups() []string

func (User) GetUsername 

func (u User) GetUsername() string

func (User) IsAdmin 

func (u User) IsAdmin() bool

type UserCache 

type UserCache struct {
	// contains filtered or unexported fields
}

UserCache is in memory user cache with thread-safe loading

func NewUserCache 

func NewUserCache(initUsers []*User) *UserCache

func (*UserCache) GetAll 

func (r *UserCache) GetAll() ([]*User, error)

func (*UserCache) GetByUsername 

func (r *UserCache) GetByUsername(username string) (*User, error)

GetByUsername returns user with the given username or nil

func (*UserCache) Load 

func (r *UserCache) Load(users []*User)

Load replaces users in cache with given users

type UserDatabase 

type UserDatabase struct {
	// contains filtered or unexported fields
}

func NewUserDatabase 

func NewUserDatabase(
	DB *sqlx.DB,
	usersTableName, groupsTableName, groupDetailsTableName string,
	twoFAOn, totPOn bool,
	plusEnabled bool, logger *logger.Logger,
) (*UserDatabase, error)

func (*UserDatabase) Add 

func (d *UserDatabase) Add(usr *User) error

Add todo use context for all db operations

func (*UserDatabase) Delete 

func (d *UserDatabase) Delete(usernameToDelete string) error

Delete @todo use context for all db operations

func (*UserDatabase) DeleteGroup 

func (d *UserDatabase) DeleteGroup(name string) error

func (*UserDatabase) GetAll 

func (d *UserDatabase) GetAll() ([]*User, error)

GetAll @todo use context for all db operations

func (*UserDatabase) GetByUsername 

func (d *UserDatabase) GetByUsername(username string) (*User, error)

GetByUsername @todo use context for all db operations

func (*UserDatabase) GetGroup 

func (d *UserDatabase) GetGroup(name string) (Group, error)

func (*UserDatabase) ListGroups 

func (d *UserDatabase) ListGroups() ([]Group, error)

func (UserDatabase) SupportsGroupPermissions 

func (d UserDatabase) SupportsGroupPermissions() bool

func (UserDatabase) Type 

func (d UserDatabase) Type() enums.ProviderSource

func (*UserDatabase) Update 

func (d *UserDatabase) Update(usr *User, usernameToUpdate string) error

Update @todo use context for all db operations

func (*UserDatabase) UpdateGroup 

func (d *UserDatabase) UpdateGroup(name string, group Group) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.