Nuestro burocrata preferido: Sam Lowry https://lowry.sindominio.net
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
lowry/server/add_user.go

104 lines
2.3 KiB

package server
import (
"crypto/rand"
"encoding/base64"
"fmt"
"log"
"net/http"
"0xacab.org/sindominio/lowry/ldap"
"github.com/gorilla/mux"
)
func (s *server) createInviteHandler(w http.ResponseWriter, r *http.Request) {
response := s.newResponse("invite", w, r)
if response.Role != ldap.Sindominante {
log.Printf("Non sindominante attemp to create an invite, user: %s", response.User)
s.forbiddenHandler(w, r)
return
}
buff := make([]byte, 9)
_, err := rand.Read(buff)
if err != nil {
log.Printf("An error has ocurred generating a random invite: %v", err)
s.addUserGroupHandler(w, r)
return
}
invite := base64.URLEncoding.EncodeToString(buff)
err = s.db.AddInvite(invite, response.User)
if err != nil {
log.Printf("An error has ocurred storing the invite (%s - %s): %v", invite, response.User, err)
s.addUserGroupHandler(w, r)
return
}
inviteURL := fmt.Sprintf("https://%v/adduser/%v", r.Host, invite)
response.execute(struct {
InviteURL string
}{inviteURL})
}
func (s *server) addUserHandler(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
invite := vars["invite"]
if !s.db.IsInviteValid(invite) {
log.Printf("Invalid invite code: %s", invite)
s.forbiddenHandler(w, r)
return
}
response := s.newResponse("adduser", w, r)
if r.Method != "POST" {
response.execute("")
return
}
name := r.FormValue("name")
pass := r.FormValue("password")
pass2 := r.FormValue("password2")
if pass != pass2 {
response.execute("WrongPass")
return
}
if name == "" || pass == "" {
response.execute("empty")
return
}
_, err := s.ldap.GetUser(name)
if err == nil {
log.Println("Can't create user ", name, ": already exist")
response.execute("exsist")
return
}
err = s.ldap.AddGroup(name)
if err != nil {
log.Println("Error adding group: ", err)
s.errorHandler(w, r)
return
}
group, err := s.ldap.GetGroup(name)
if err != nil {
log.Println("Error getting group: ", err)
s.errorHandler(w, r)
return
}
err = s.ldap.AddUser(name, pass, group.GID)
if err != nil {
log.Println("Error adding user: ", err)
s.errorHandler(w, r)
return
}
err = s.db.DelInvite(invite)
if err != nil {
log.Println("Error deleting invite: ", err)
}
response = s.newResponse("adduser_success", w, r)
response.execute("name")
}