Merge remote-tracking branch 'mr/8'

This commit is contained in:
Las Zenow 2019-12-23 19:09:13 +00:00
commit 25bed10456
5 changed files with 62 additions and 2 deletions

View file

@ -37,6 +37,13 @@ You can run it (using `/var/lib/trantor` for storage):
# $GOPATH/bin/trantor -assets $GOPATH/src/pkg/gitlab.com/trantor/trantor/ -store /var/lib/trantor # $GOPATH/bin/trantor -assets $GOPATH/src/pkg/gitlab.com/trantor/trantor/ -store /var/lib/trantor
``` ```
The first time you run it, the database will be initialized. To initialize an admin user, include the -set-admin-user and -set-admin-pass variables
when you run it. The admin user will be initialized after the first time you run the application with these parameters, so there is no need to
include them on subsequent runs (but no harm in doing so).
```
# $GOPATH/bin/trantor -assets $GOPATH/src/pkg/gitlab.com/trantor/trantor/ -store /var/lib/trantor -set-admin-user 'admin' -set-admin-pass 'MY_ADMIN_PASSWORD'
```
Go to your browser to: http://localhost:8080 Go to your browser to: http://localhost:8080
### For developers ### For developers
@ -49,7 +56,7 @@ $ go build
Now you can run it: Now you can run it:
``` ```
$ ./trantor $ ./trantor -set-admin-user 'admin' -set-admin-pass 'MY_ADMIN_PASSWORD'
``` ```
Go to your browser to: http://localhost:8080 Go to your browser to: http://localhost:8080

View file

@ -19,6 +19,7 @@ type DB interface {
IsBookActive(id string) bool IsBookActive(id string) bool
AddUser(name string, pass string) error AddUser(name string, pass string) error
AddRawUser(name string, hpass []byte, salt []byte, role string) error AddRawUser(name string, hpass []byte, salt []byte, role string) error
SetAdminUser(name string, pass string) error
GetRole(name string) (string, error) GetRole(name string) (string, error)
SetPassword(name string, pass string) error SetPassword(name string, pass string) error
SetRole(name, role string) error SetRole(name, role string) error
@ -140,6 +141,8 @@ CREATE INDEX IF NOT EXISTS books_lang_idx ON books (lang);
CREATE INDEX IF NOT EXISTS books_isbn_idx ON books (isbn); CREATE INDEX IF NOT EXISTS books_isbn_idx ON books (isbn);
CREATE INDEX IF NOT EXISTS books_active_idx ON books (active); CREATE INDEX IF NOT EXISTS books_active_idx ON books (active);
-- Books trigram indexes -- Books trigram indexes
CREATE INDEX IF NOT EXISTS books_title_idx ON books USING GIN (title gin_trgm_ops); CREATE INDEX IF NOT EXISTS books_title_idx ON books USING GIN (title gin_trgm_ops);
CREATE INDEX IF NOT EXISTS books_contributor_idx ON books USING GIN (contributor gin_trgm_ops); CREATE INDEX IF NOT EXISTS books_contributor_idx ON books USING GIN (contributor gin_trgm_ops);

View file

@ -53,6 +53,11 @@ func (db *roDB) AddRawUser(name string, hpass []byte, salt []byte, role string)
return errors.New("RO database") return errors.New("RO database")
} }
func (db *roDB) SetAdminUser(name string, pass string) error {
return errors.New("RO database")
}
func (db *roDB) GetRole(name string) (string, error) { func (db *roDB) GetRole(name string) (string, error) {
return db.db.GetRole(name) return db.db.GetRole(name)
} }

View file

@ -45,6 +45,37 @@ func (db *pgDB) AddUser(name string, pass string) error {
return db.AddRawUser(name, hpass, salt, "") return db.AddRawUser(name, hpass, salt, "")
} }
func (db *pgDB) SetAdminUser(name string, pass string) error {
if !validAdminUserName(name) {
return errors.New("Invalid admin user name. Username needs to have at least 3 characters and can only be letters, numbers, '-', '_' and '.'.")
}
num, err := db.sql.Model(&User{}).Where("lower(username) = lower(?)", name).Count()
if err != nil {
log.Error("Error on database checking user ", name, ": ", err)
return errors.New("An error happen on the database")
}
if num != 0 {
err := db.SetRole(name, "admin")
if err != nil {
log.Error("Error updating admin user ", name, ": ", err)
return errors.New("Error updating admin user")
}
return db.SetPassword(name, pass)
}
hpass, salt, err := hashPass(pass)
if err != nil {
log.Error("Error hashing password: ", err)
return errors.New("An error happen storing the password")
}
return db.AddRawUser(name, hpass, salt, "admin")
}
func (db *pgDB) AddRawUser(name string, hpass []byte, salt []byte, role string) error { func (db *pgDB) AddRawUser(name string, hpass []byte, salt []byte, role string) error {
u := User{ u := User{
Username: name, Username: name,
@ -120,13 +151,20 @@ func (db *pgDB) getUser(name string) (User, error) {
return user, err return user, err
} }
func validUserName(name string) bool { func validAdminUserName(name string) bool {
if len(name) < 3 { if len(name) < 3 {
return false return false
} }
if !alphaNumeric(name) { if !alphaNumeric(name) {
return false return false
} }
return true
}
func validUserName(name string) bool {
if !validAdminUserName(name) {
return false
}
switch name { switch name {
case "", "admin", "webmaster", "postmaster", "info", "root", "news", "trantor", "librarian", "library", "imperial": case "", "admin", "webmaster", "postmaster", "info", "root", "news", "trantor", "librarian", "library", "imperial":
return false return false

View file

@ -23,6 +23,8 @@ func main() {
assetsPath = flag.String("assets", ".", "Path of the assets (templates, css, js, img)") assetsPath = flag.String("assets", ".", "Path of the assets (templates, css, js, img)")
hostname = flag.String("hostname", "xfmro77i3lixucja.onion", "Hostname of the website") hostname = flag.String("hostname", "xfmro77i3lixucja.onion", "Hostname of the website")
loggerConfig = flag.String("logger-conf", "logger.xml", "xml configuration of the logger") loggerConfig = flag.String("logger-conf", "logger.xml", "xml configuration of the logger")
setAdminUser = flag.String("set-admin-user", "", "create/update this user to be admin if set-admin-pass is also specified")
setAdminPass = flag.String("set-admin-pass", "", "create/update admin user password if set-admin-user is also specified")
ro = flag.Bool("ro", false, "read only mode") ro = flag.Bool("ro", false, "read only mode")
) )
flag.Parse() flag.Parse()
@ -40,6 +42,11 @@ func main() {
Password: *dbPassword, Password: *dbPassword,
Name: *dbName, Name: *dbName,
}) })
if err == nil {
if *setAdminUser != "" && *setAdminPass != "" {
db.SetAdminUser(*setAdminUser, *setAdminPass)
}
}
if err != nil { if err != nil {
log.Critical("Problem initializing database: ", err) log.Critical("Problem initializing database: ", err)
os.Exit(1) os.Exit(1)