Merge remote-tracking branch 'mr/8'
This commit is contained in:
Las Zenow
commit
25bed10456
5 changed files with 62 additions and 2 deletions
|
|
@ -19,6 +19,7 @@ type DB interface {
|
|||
IsBookActive(id string) bool
|
||||
AddUser(name string, pass string) error
|
||||
AddRawUser(name string, hpass []byte, salt []byte, role string) error
|
||||
SetAdminUser(name string, pass string) error
|
||||
GetRole(name string) (string, error)
|
||||
SetPassword(name string, pass string) error
|
||||
SetRole(name, role string) error
|
||||
|
|
@ -140,6 +141,8 @@ CREATE INDEX IF NOT EXISTS books_lang_idx ON books (lang);
|
|||
CREATE INDEX IF NOT EXISTS books_isbn_idx ON books (isbn);
|
||||
CREATE INDEX IF NOT EXISTS books_active_idx ON books (active);
|
||||
|
||||
|
||||
|
||||
-- Books trigram indexes
|
||||
CREATE INDEX IF NOT EXISTS books_title_idx ON books USING GIN (title gin_trgm_ops);
|
||||
CREATE INDEX IF NOT EXISTS books_contributor_idx ON books USING GIN (contributor gin_trgm_ops);
|
||||
|
|
|
|||
|
|
@ -53,6 +53,11 @@ func (db *roDB) AddRawUser(name string, hpass []byte, salt []byte, role string)
|
|||
return errors.New("RO database")
|
||||
}
|
||||
|
||||
func (db *roDB) SetAdminUser(name string, pass string) error {
|
||||
return errors.New("RO database")
|
||||
}
|
||||
|
||||
|
||||
func (db *roDB) GetRole(name string) (string, error) {
|
||||
return db.db.GetRole(name)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -45,6 +45,37 @@ func (db *pgDB) AddUser(name string, pass string) error {
|
|||
return db.AddRawUser(name, hpass, salt, "")
|
||||
}
|
||||
|
||||
|
||||
func (db *pgDB) SetAdminUser(name string, pass string) error {
|
||||
|
||||
if !validAdminUserName(name) {
|
||||
return errors.New("Invalid admin user name. Username needs to have at least 3 characters and can only be letters, numbers, '-', '_' and '.'.")
|
||||
}
|
||||
|
||||
num, err := db.sql.Model(&User{}).Where("lower(username) = lower(?)", name).Count()
|
||||
if err != nil {
|
||||
log.Error("Error on database checking user ", name, ": ", err)
|
||||
return errors.New("An error happen on the database")
|
||||
}
|
||||
if num != 0 {
|
||||
err := db.SetRole(name, "admin")
|
||||
if err != nil {
|
||||
log.Error("Error updating admin user ", name, ": ", err)
|
||||
return errors.New("Error updating admin user")
|
||||
}
|
||||
return db.SetPassword(name, pass)
|
||||
}
|
||||
|
||||
hpass, salt, err := hashPass(pass)
|
||||
if err != nil {
|
||||
log.Error("Error hashing password: ", err)
|
||||
return errors.New("An error happen storing the password")
|
||||
}
|
||||
return db.AddRawUser(name, hpass, salt, "admin")
|
||||
|
||||
}
|
||||
|
||||
|
||||
func (db *pgDB) AddRawUser(name string, hpass []byte, salt []byte, role string) error {
|
||||
u := User{
|
||||
Username: name,
|
||||
|
|
@ -120,13 +151,20 @@ func (db *pgDB) getUser(name string) (User, error) {
|
|||
return user, err
|
||||
}
|
||||
|
||||
func validUserName(name string) bool {
|
||||
func validAdminUserName(name string) bool {
|
||||
if len(name) < 3 {
|
||||
return false
|
||||
}
|
||||
if !alphaNumeric(name) {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func validUserName(name string) bool {
|
||||
if !validAdminUserName(name) {
|
||||
return false
|
||||
}
|
||||
switch name {
|
||||
case "", "admin", "webmaster", "postmaster", "info", "root", "news", "trantor", "librarian", "library", "imperial":
|
||||
return false
|
||||
|
|
|
|||
Reference in a new issue