user

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 11, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrUserDoesNotFulfilRequirement indicates that a User does not
	// meet the provided Requirement.
	ErrUserDoesNotFulfilRequirement = errors.New("user does not fulfill requirement")

	// ErrGroupDoesNotFulfilRequirement indicates that a Group does not
	// meet the provided GroupRequirement.
	ErrGroupDoesNotFulfilRequirement = errors.New("group does not fulfill requirement")
)
View Source
var (
	DefaultFileSystemSyncThreshold = time.Second * 2
	DefaultCreateFilesIfAbsent     = false
	DefaultAllowBadName            = true
	DefaultAllowBadLine            = true
)
View Source
var (
	// ErrNoSuchUser indicates that a User which was requested
	// does not exist.
	ErrNoSuchUser = errors.Newf(errors.Unknown, "no such user")

	// ErrNoSuchGroup indicates that a Group which was requested
	// does not exist.
	ErrNoSuchGroup = errors.Newf(errors.Unknown, "no such group")

	// DefaultRepositoryProvider holds the default instance of RepositoryProvider.
	DefaultRepositoryProvider RepositoryProvider = &failingRepositoryProvider{}
)
View Source
var (
	DefaultEtcGroup = "/etc/group"
)
View Source
var (
	DefaultEtcPasswd = "/etc/passwd"
)
View Source
var (
	DefaultEtcShadow = "/etc/shadow"
)

Functions

func GroupIdEqualsP

func GroupIdEqualsP(a, b *GroupId) bool

func IdEqualsP

func IdEqualsP(a, b *Id) bool

Types

type CloseableRepository

type CloseableRepository interface {
	Repository
	io.Closer
}

CloseableRepository represents a Repository which needs to be closed after final usage (via Close).

type DeleteOpts

type DeleteOpts struct {
	// HomeDir defines if the home directory of the User should be
	// deleted or not (does not affect Group). Default: true
	HomeDir *bool

	// KillProcesses will also kill all running processes of this user
	// if any.
	KillProcesses *bool
}

DeleteOpts adds some more hints what should happen when Repository.DeleteById or its derivates is used.

func (*DeleteOpts) IsHomeDir

func (this *DeleteOpts) IsHomeDir() bool

func (*DeleteOpts) IsKillProcesses

func (this *DeleteOpts) IsKillProcesses() bool

type EnsureOnHomeDirExist

type EnsureOnHomeDirExist uint8
const (
	EnsureOnHomeDirExistUnknown EnsureOnHomeDirExist = iota
	EnsureOnHomeDirExistFail
	EnsureOnHomeDirExistTakeover
	EnsureOnHomeDirExistOverwrite
)

func (EnsureOnHomeDirExist) Clone

func (EnsureOnHomeDirExist) IsEqualTo

func (this EnsureOnHomeDirExist) IsEqualTo(other any) bool

func (EnsureOnHomeDirExist) IsZero

func (this EnsureOnHomeDirExist) IsZero() bool

func (EnsureOnHomeDirExist) MarshalText

func (this EnsureOnHomeDirExist) MarshalText() (text []byte, err error)

func (*EnsureOnHomeDirExist) Set

func (this *EnsureOnHomeDirExist) Set(text string) error

func (EnsureOnHomeDirExist) String

func (this EnsureOnHomeDirExist) String() string

func (*EnsureOnHomeDirExist) UnmarshalText

func (this *EnsureOnHomeDirExist) UnmarshalText(text []byte) error

func (EnsureOnHomeDirExist) Validate

func (this EnsureOnHomeDirExist) Validate() error

type EnsureOpts

type EnsureOpts struct {
	// CreateAllowed defines that a User or Group can be created if not
	// already present. Default: true
	CreateAllowed *bool

	// ModifyAllowed defines that a User or Group can be modified if it
	// does not meet the provided requirement. Default: true
	ModifyAllowed *bool

	// HomeDir defines if the home directory of the User should be
	// touched or not (does not affect Group). This will create
	// the home directory upon the user is created and move it once
	// the home directory of an existing user is changing.
	// Default: true
	HomeDir *bool

	// OnHomeDirExist defines what should happen if the destination of the
	// home directory (on creation and move) already exist.
	// Default: EnsureOnHomeDirExistOverwrite
	OnHomeDirExist EnsureOnHomeDirExist
}

EnsureOpts adds some more hints what should happen when Ensurer.Ensure or Ensurer.EnsureGroup is used.

func (*EnsureOpts) GetOnHomeDirExist

func (this *EnsureOpts) GetOnHomeDirExist() EnsureOnHomeDirExist

func (*EnsureOpts) IsCreateAllowed

func (this *EnsureOpts) IsCreateAllowed() bool

func (*EnsureOpts) IsHomeDir

func (this *EnsureOpts) IsHomeDir() bool

func (*EnsureOpts) IsModifyAllowed

func (this *EnsureOpts) IsModifyAllowed() bool

type EnsureResult

type EnsureResult uint8
const (
	EnsureResultUnknown EnsureResult = iota
	EnsureResultError
	EnsureResultUnchanged
	EnsureResultModified
	EnsureResultCreated
)

type Ensurer

type Ensurer interface {
	// Ensure ensures that User exists for the given Requirement.
	//
	// If the User does not exist and EnsureOpts.CreateAllowed is false,
	// ErrNoSuchUser will be returned as error.
	//
	// If the User does exist but does not match the Requirement and
	// EnsureOpts.ModifyAllowed is false,  ErrUserDoesNotFulfilRequirement
	// will be returned as error.
	Ensure(context.Context, *Requirement, *EnsureOpts) (*User, EnsureResult, error)

	// EnsureGroup ensures that Group exists for the given GroupRequirement.
	//
	// If the Group does not exist and EnsureOpts.CreateAllowed is false,
	// ErrNoSuchUser will be returned as error.
	//
	// If the Group does exist but does not match the GroupRequirement and
	// EnsureOpts.ModifyAllowed is false, ErrGroupDoesNotFulfilRequirement
	// will be returned as error.
	EnsureGroup(context.Context, *GroupRequirement, *EnsureOpts) (*Group, EnsureResult, error)
}

Ensurer ensures that a User or Group meets the provided requirements.

type EtcColonRepository

type EtcColonRepository struct {
	// PasswdFilename defines which file to use for reading the base user
	// information from. If empty DefaultEtcPasswd will be used.
	PasswdFilename string

	// GroupFilename defines which file to use for reading the group
	// information from. If empty DefaultEtcGroup will be used.
	GroupFilename string

	// ShadowFilename defines which file to use for reading the hashed
	// password information of a user from.
	// If empty DefaultEtcShadow will be used.
	ShadowFilename string

	// CreateFilesIfAbsent tells the repository to create the related files if
	// they do not exist. This only makes in very few amount of cases really
	// sense; so: You should now what you're doing.
	//
	// If empty DefaultCreateFilesIfAbsent will be used.
	CreateFilesIfAbsent *bool

	// AllowBadName defines that if bad names of users and groups are allowed
	// within the files.
	//
	// It leads to that also other characters than the default ones are
	// allowed. Usually are only ^[a-z][-a-z0-9]*$ allowed. As nowadays
	// often also . (dots) or @ (ats) are used in usernames, it makes
	// sense to enable them. The majority of the current unix systems are
	// supporting those username, too.
	//
	// If empty DefaultAllowBadName will be used.
	AllowBadName *bool

	// AllowBadLine defines that if malformed lines within the files are
	// allowed and will be preserved.
	//
	// If the repository will neither read nor write those files successfully
	// in those cases. If mainly used to work on existing ones, true is
	// recommended.
	//
	// If empty DefaultAllowBadLine will be used.
	AllowBadLine *bool

	// OnUnhandledAsyncError will be called when in async contexts are errors
	// appearing. By default, those errors are leading to a log message and
	// that the whole application will exit with code 17.
	OnUnhandledAsyncError func(logger log.Logger, err error, detail string)

	// FileSystemSyncThreshold ensures that only external changes are accepted
	// if there are no more new ones within this duration. This prevents that
	// everything is loaded too often. This defaults to
	// DefaultFileSystemSyncThreshold.
	FileSystemSyncThreshold time.Duration

	// Logger will be used to log events to. If empty the
	// log.GetLogger("user-repository") will be used.
	Logger log.Logger
	// contains filtered or unexported fields
}

EtcColonRepository implements Repository based on the /etc/passwd file standard commonly used in Unix operating systems (see Wikipedia article for more information).

This repository does listen to external changes to the underlying files. As a consequence this repository always contain the latest data which are created by itself or externally. There is a lack defined by FileSystemSyncThreshold to ensure that changes are not applied too often.

It is required to call Init before first usage and Close for disposing.

func (*EtcColonRepository) Close

func (this *EtcColonRepository) Close() error

Close disposes this repository after usage.

func (*EtcColonRepository) DeleteById

func (this *EtcColonRepository) DeleteById(ctx context.Context, id Id, opts *DeleteOpts) (rErr error)

DeleteById implements Repository.DeleteById.

func (*EtcColonRepository) DeleteByName

func (this *EtcColonRepository) DeleteByName(ctx context.Context, name string, opts *DeleteOpts) (rErr error)

DeleteByName implements Repository.DeleteByName.

func (*EtcColonRepository) DeleteGroupById

func (this *EtcColonRepository) DeleteGroupById(ctx context.Context, id GroupId, opts *DeleteOpts) (rErr error)

DeleteGroupById implements Repository.DeleteGroupById.

func (*EtcColonRepository) DeleteGroupByName

func (this *EtcColonRepository) DeleteGroupByName(ctx context.Context, name string, opts *DeleteOpts) (rErr error)

DeleteGroupByName implements Repository.DeleteGroupByName.

func (*EtcColonRepository) Ensure

func (this *EtcColonRepository) Ensure(ctx context.Context, req *Requirement, opts *EnsureOpts) (_ *User, _ EnsureResult, rErr error)

Ensure implements Ensurer.Ensure.

func (*EtcColonRepository) EnsureGroup

func (this *EtcColonRepository) EnsureGroup(ctx context.Context, req *GroupRequirement, opts *EnsureOpts) (_ *Group, _ EnsureResult, rErr error)

EnsureGroup implements Ensurer.EnsureGroup.

func (*EtcColonRepository) Init

func (this *EtcColonRepository) Init(ctx context.Context) error

Init will initialize this repository.

func (*EtcColonRepository) LookupById

func (this *EtcColonRepository) LookupById(ctx context.Context, id Id) (*User, error)

LookupById implements Repository.LookupById.

func (*EtcColonRepository) LookupByName

func (this *EtcColonRepository) LookupByName(ctx context.Context, name string) (*User, error)

LookupByName implements Repository.LookupByName.

func (*EtcColonRepository) LookupGroupById

func (this *EtcColonRepository) LookupGroupById(ctx context.Context, id GroupId) (*Group, error)

LookupGroupById implements Repository.LookupGroupById.

func (*EtcColonRepository) LookupGroupByName

func (this *EtcColonRepository) LookupGroupByName(_ context.Context, name string) (*Group, error)

LookupGroupByName implements Repository.LookupGroupByName.

func (*EtcColonRepository) ValidatePasswordById

func (this *EtcColonRepository) ValidatePasswordById(ctx context.Context, id Id, pass string) (bool, error)

ValidatePasswordById implements Repository.ValidatePasswordById.

func (*EtcColonRepository) ValidatePasswordByName

func (this *EtcColonRepository) ValidatePasswordByName(ctx context.Context, name string, pass string) (bool, error)

ValidatePasswordByName implements Repository.ValidatePasswordByName.

type Group

type Group struct {
	Gid  GroupId
	Name string
}

func (Group) Clone

func (this Group) Clone() (*Group, error)

func (Group) GetField

func (this Group) GetField(name string) (any, bool, error)

func (Group) IsEqualTo

func (this Group) IsEqualTo(other any) bool

func (Group) String

func (this Group) String() string

type GroupId

type GroupId uint32

func (GroupId) MarshalText

func (this GroupId) MarshalText() (text []byte, err error)

func (GroupId) String

func (this GroupId) String() string

func (*GroupId) UnmarshalText

func (this *GroupId) UnmarshalText(text []byte) error

type GroupRequirement

type GroupRequirement struct {
	Gid  *GroupId `yaml:"gid,omitempty"`
	Name string   `yaml:"name,omitempty"`
}

func (GroupRequirement) Clone

func (this GroupRequirement) Clone() GroupRequirement

func (GroupRequirement) IsEqualTo

func (this GroupRequirement) IsEqualTo(other any) bool

func (GroupRequirement) IsZero

func (this GroupRequirement) IsZero() bool

func (GroupRequirement) OrDefaults

func (this GroupRequirement) OrDefaults() GroupRequirement

func (GroupRequirement) OrDefaultsForUser

func (this GroupRequirement) OrDefaultsForUser(user *Requirement) GroupRequirement

func (GroupRequirement) String

func (this GroupRequirement) String() string

type GroupRequirements

type GroupRequirements []GroupRequirement

func (GroupRequirements) Clone

func (this GroupRequirements) Clone() GroupRequirements

func (GroupRequirements) Contains

func (this GroupRequirements) Contains(other *GroupRequirement) bool

func (GroupRequirements) IsEqualTo

func (this GroupRequirements) IsEqualTo(other any) bool

func (GroupRequirements) IsZero

func (this GroupRequirements) IsZero() bool

type Groups

type Groups []Group

func (Groups) Clone

func (this Groups) Clone() (*Groups, error)

func (Groups) Contains

func (this Groups) Contains(other *Group) bool

func (Groups) IsEqualTo

func (this Groups) IsEqualTo(other any) bool

func (Groups) IsZero

func (this Groups) IsZero() bool

type Id

type Id uint32

func (Id) MarshalText

func (this Id) MarshalText() (text []byte, err error)

func (Id) String

func (this Id) String() string

func (*Id) UnmarshalText

func (this *Id) UnmarshalText(text []byte) error

type Repository

type Repository interface {
	Ensurer

	// LookupByName is used to look up a user by its name. If the
	// user does not exist ErrNoSuchUser is returned.
	LookupByName(context.Context, string) (*User, error)

	// LookupById is used to look up a user by its Id. If the
	// user does not exist ErrNoSuchUser is returned.
	LookupById(context.Context, Id) (*User, error)

	// LookupGroupByName is used to look up a group by its name. If
	// the group does not exist ErrNoSuchGroup is returned.
	LookupGroupByName(context.Context, string) (*Group, error)

	// LookupGroupById is used to look up a group by its GroupId.
	// If the group does not exist ErrNoSuchGroup is returned.
	LookupGroupById(context.Context, GroupId) (*Group, error)

	// DeleteById will delete the user by the given Id. If the
	// user does not exist ErrNoSuchUser is returned.
	DeleteById(context.Context, Id, *DeleteOpts) error

	// DeleteByName will delete the user by the given name. If the
	// user does not exist ErrNoSuchUser is returned.
	DeleteByName(context.Context, string, *DeleteOpts) error

	// ValidatePasswordById will validate the given password
	// the given user by its Id. It returns true if the given
	// password is valid. It will return ErrNoSuchUser if the
	// given user does not exist.
	ValidatePasswordById(ctx context.Context, id Id, pass string) (bool, error)

	// ValidatePasswordByName will validate the given password
	// the given user by its name. It returns true if the given
	// password is valid. It will return ErrNoSuchUser if the
	// given user does not exist.
	ValidatePasswordByName(ctx context.Context, name string, pass string) (bool, error)

	// DeleteGroupById will delete the group by the given GroupId.
	// If the group does not exist ErrNoSuchGroup is returned.
	DeleteGroupById(context.Context, GroupId, *DeleteOpts) error

	// DeleteGroupByName will delete the group by the given name.
	// If the group does not exist ErrNoSuchGroup is returned.
	DeleteGroupByName(context.Context, string, *DeleteOpts) error
}

Repository gives access to User and Group objects.

type RepositoryProvider

type RepositoryProvider interface {
	// Create provides a working instance of Repository.
	//
	// It is important to call CloseableRepository.Close after usage.
	Create(context.Context) (CloseableRepository, error)
}

RepositoryProvider provides a working instance of Repository.

type Requirement

type Requirement struct {
	Name        string            `yaml:"name,omitempty"`
	DisplayName string            `yaml:"displayName,omitempty"`
	Uid         *Id               `yaml:"uid,omitempty"`
	Group       GroupRequirement  `yaml:"group,omitempty"`
	Groups      GroupRequirements `yaml:"groups,omitempty"`
	Shell       string            `yaml:"shell,omitempty"`
	HomeDir     string            `yaml:"homeDir,omitempty"`
	Skel        string            `yaml:"skel,omitempty"`
}

func (Requirement) Clone

func (this Requirement) Clone() Requirement

func (Requirement) IsEqualTo

func (this Requirement) IsEqualTo(other any) bool

func (Requirement) IsZero

func (this Requirement) IsZero() bool

func (Requirement) OrDefaults

func (this Requirement) OrDefaults() Requirement

func (Requirement) String

func (this Requirement) String() string

type SharedRepositoryProvider

type SharedRepositoryProvider[T interface {
	CloseableRepository
	Init(context.Context) error
}] struct {
	V T
	// contains filtered or unexported fields
}

func (*SharedRepositoryProvider[T]) Create

type StringError

type StringError string

func (StringError) Error

func (this StringError) Error() string

type User

type User struct {
	Name        string
	DisplayName string
	Uid         Id
	Group       Group
	Groups      Groups
	Shell       string
	HomeDir     string
}

func (User) Clone

func (this User) Clone() (*User, error)

func (User) GetField

func (this User) GetField(name string) (any, bool, error)

func (User) IsEqualTo

func (this User) IsEqualTo(other any) bool

func (User) String

func (this User) String() string

func (User) ToCredentials

func (this User) ToCredentials() syscall.Credential

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL