ShareDAV/store.go

263 lines
6.4 KiB
Go
Raw Normal View History

// Copyright (c) 2020, Andreas Schneider
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are met:
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above copyright
// notice, this list of conditions and the following disclaimer in the
// documentation and/or other materials provided with the distribution.
// * Neither the name of the <organization> nor the
// names of its contributors may be used to endorse or promote products
// derived from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
package main
import (
2020-10-10 19:06:49 +02:00
"encoding/json"
"errors"
"fmt"
"strings"
uuid "github.com/satori/go.uuid"
"github.com/tidwall/buntdb"
"golang.org/x/crypto/bcrypt"
)
type UserStore interface {
AddUser(user User) (err error)
GetUser(username string) (user User, err error)
GetUsers() ([]User, error)
Update(user User) error
RemoveUser(username string) (err error)
}
type ShareStore interface {
}
var _ UserStore = &DBStore{}
type GlobalRole string
const (
GlobalRoleUser GlobalRole = "user"
GlobalRoleAdmin GlobalRole = "admin"
)
type ShareRole string
const (
ShareRoleReader ShareRole = "reader"
ShareRoleWriter ShareRole = "writer"
ShareRoleAdmin ShareRole = "admin"
)
type User struct {
2020-10-10 19:06:49 +02:00
Username string
Password string `json:"-"`
PasswordHash string `json:"Password"`
Role GlobalRole
}
type Share struct {
UUID uuid.UUID
Directory string
Users []ShareUser
}
type ShareUser struct {
Username string
Role ShareRole
Logins []Login
}
type Login struct {
Loginname string
Password string
}
const usersPrefix = "users:"
type DBStore struct {
db *buntdb.DB
}
func (u User) key() string {
return usersPrefix + u.Username
}
func NewDBStore(filename string) (*DBStore, error) {
db, err := buntdb.Open(filename)
if err != nil {
return nil, err
}
return &DBStore{db}, nil
}
func (store *DBStore) Close() error {
2020-10-10 16:29:26 +02:00
if err := store.db.Shrink(); err != nil {
return err
}
return store.db.Close()
}
2020-10-10 16:30:35 +02:00
var ErrUserExists = errors.New("user already exists")
var ErrUserNotFound = errors.New("user not found")
var ErrInvalidUsername = errors.New("invalid username")
2020-10-10 19:06:49 +02:00
func (u User) merge(updates User) (User, error) {
merged := u
2020-10-10 19:06:49 +02:00
if updates.Password != "" {
pwHash, err := hashPassword(updates.Password)
if err != nil {
return u, fmt.Errorf("cannot hash password: %w", err)
}
merged.PasswordHash = pwHash
}
2020-10-10 19:06:49 +02:00
if updates.Role != "" {
merged.Role = updates.Role
}
2020-10-10 19:06:49 +02:00
return merged, nil
}
func (store *DBStore) AddUser(user User) (err error) {
if strings.Contains(user.Username, ":") {
return ErrInvalidUsername
}
if err = store.db.Update(func(tx *buntdb.Tx) error {
2020-10-10 19:06:49 +02:00
userBytes, err := json.Marshal(user)
if err != nil {
return fmt.Errorf("cannot marshal user: %w", err)
}
2020-10-10 19:06:49 +02:00
if _, exists, err := tx.Set(user.key(), string(userBytes), nil); err != nil {
return err
} else if exists {
2020-10-10 16:30:35 +02:00
return ErrUserExists
}
2020-10-10 19:06:49 +02:00
return nil
}); err != nil {
return err
}
return nil
}
func (store *DBStore) GetUser(username string) (user User, err error) {
if strings.Contains(username, ":") {
return user, ErrInvalidUsername
}
if err := store.db.View(func(tx *buntdb.Tx) error {
2020-10-10 19:06:49 +02:00
user.Username = username
if val, err := tx.Get(user.key()); err != nil && err != buntdb.ErrNotFound {
return err
} else if err == buntdb.ErrNotFound {
return ErrUserNotFound
2020-10-10 19:06:49 +02:00
} else if err := json.Unmarshal([]byte(val), &user); err != nil {
return fmt.Errorf("cannot unmarshal user: %w", err)
}
2020-10-10 19:06:49 +02:00
return nil
}); err != nil {
return user, err
}
return user, nil
}
func (store *DBStore) GetUsers() (users []User, err error) {
err = store.db.View(func(tx *buntdb.Tx) error {
2020-10-10 19:06:49 +02:00
var processingError error
if err := tx.AscendKeys(userPrefix+"*", func(key, value string) bool {
var user User
2020-10-10 19:06:49 +02:00
if err := json.Unmarshal([]byte(value), &user); err != nil {
processingError = err
return false
}
// Just in case ...
user.Username = strings.TrimPrefix(key, userPrefix)
users = append(users, user)
return true
}); err != nil {
return err
}
2020-10-10 19:06:49 +02:00
return processingError
})
return users, err
}
func (store *DBStore) Update(user User) error {
if strings.Contains(user.Username, ":") {
return ErrInvalidUsername
}
return store.db.Update(func(tx *buntdb.Tx) error {
2020-10-10 19:06:49 +02:00
var existingUser User
if val, err := tx.Get(user.key()); err != nil && err != buntdb.ErrNotFound {
return err
} else if err == buntdb.ErrNotFound {
return ErrUserNotFound
} else if err := json.Unmarshal([]byte(val), &existingUser); err != nil {
return fmt.Errorf("cannot unmarshal user: %w", err)
}
mergedUser, err := existingUser.merge(user)
if err != nil {
return fmt.Errorf("cannot merge user: %w", err)
}
mergedUser.Username = user.Username
userBytes, err := json.Marshal(mergedUser)
if err != nil {
return fmt.Errorf("cannot marshal user: %w", err)
}
_, _, err = tx.Set(mergedUser.key(), string(userBytes), nil)
return err
})
}
func (store *DBStore) RemoveUser(username string) (err error) {
if strings.Contains(username, ":") {
return ErrInvalidUsername
}
return store.db.Update(func(tx *buntdb.Tx) error {
user := User{Username: username}
if _, err := tx.Delete(user.key()); err == buntdb.ErrNotFound {
return ErrUserNotFound
} else if err != nil {
return err
}
return nil
})
}
2020-10-10 19:06:49 +02:00
func hashPassword(password string) (string, error) {
hash, err := bcrypt.GenerateFromPassword([]byte(password), 0)
if err != nil {
return "", err
}
2020-10-10 19:06:49 +02:00
return string(hash), nil
}