💾 Archived View for gemini.rmf-dev.com › repo › Vaati › Gemigit › files › b7692cca3f557161ba21c6af20… captured on 2023-01-29 at 15:57:47. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
0 package access
1
2 import (
3 "errors"
4 "fmt"
5 "gemigit/config"
6 "gemigit/db"
7
8 ldap "github.com/go-ldap/ldap/v3"
9 )
10
11 const (
12 None = 0
13 Read = 1
14 Write = 2
15 )
16
17 var conn *ldap.Conn
18
19 func Init() error {
20 if !config.Cfg.Ldap.Enabled {
21 return nil
22 }
23 l, err := ldap.DialURL(config.Cfg.Ldap.Url)
24 if err != nil {
25 return err
26 }
27 conn = l
28 return nil
29 }
30
31 // return nil if credential are valid, an error if not
32 func Login(name string, password string) (error) {
33 if name == "" || password == "" {
34 return errors.New("empty field")
35 }
36 if config.Cfg.Ldap.Enabled {
37 err := conn.Bind(fmt.Sprintf("%s=%s,%s",
38 config.Cfg.Ldap.Attribute,
39 ldap.EscapeFilter(name),
40 config.Cfg.Ldap.Binding),
41 password)
42 return err
43 }
44 err := db.CheckAuth(name, password)
45 if err != nil {
46 return err
47 }
48 return nil
49 }
50
51 func hasAccess(repo string, author string, user string, access int) error {
52 userID, err := db.GetUserID(user)
53 if err != nil {
54 return err
55 }
56 u, err := db.GetPublicUser(author)
57 if err != nil {
58 return err
59 }
60 r, err := u.GetRepo(repo)
61 if err != nil {
62 return err
63 }
64 if r.UserID == userID {
65 return nil
66 }
67 privilege, err := db.GetAccess(r.RepoID, userID)
68 if err != nil {
69 return err
70 }
71 if privilege < access {
72 return errors.New("Permission denied")
73 }
74 return nil
75 }
76
77 func HasWriteAccess(repo string, author string, user string) error {
78 return hasAccess(repo, author, user, Write)
79 }
80
81 func HasReadAccess(repo string, author string, user string) error {
82 return hasAccess(repo, author, user, Read)
83 }
84