💾 Archived View for gemini.rmf-dev.com › repo › Vaati › Gemigit › files › 976a51876a943fab097395763b… captured on 2023-04-19 at 23:33:46. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

0 package db

1

2 import (

3 "errors"

4 "time"

5 "gemigit/config"

6 )

7

8 var users = make(map[string]User)

9

10 func (user *User) VerifySignature(signature string) error {

11 if user.Signature != signature {

12 return errors.New("wrong signature")

13 }

14 if users[signature].ID != user.ID {

15 return errors.New("signature doesn't match the user")

16 }

17 return nil

18 }

19

20 func userAlreadyExist(username string) error {

21 rows, err := db.Query(

22 "SELECT * FROM user WHERE UPPER(name) LIKE UPPER(?)",

23 username)

24 if err != nil {

25 return err

26 }

27 defer rows.Close()

28 if rows.Next() {

29 return errors.New("This username is already taken")

30 }

31 return nil

32 }

33

34 func GetPublicUser(name string) (User, error) {

35 rows, err := db.Query("SELECT userID, name, description, creation " +

36 "FROM user WHERE UPPER(name) LIKE UPPER(?)",

37 name)

38 if err != nil {

39 return User{}, err

40 }

41 defer rows.Close()

42 if !rows.Next() {

43 return User{}, errors.New(name + ", user not found")

44 }

45 var u = User{}

46 err = rows.Scan(&u.ID, &u.Name,

47 &u.Description,

48 &u.Registration)

49 if err != nil {

50 return User{}, err

51 }

52 return u, nil

53 }

54

55 func ChangePassword(username string, password string) error {

56 err := isPasswordValid(password)

57 if err != nil {

58 return err

59 }

60 hPassword, err := hashPassword(password)

61 if err != nil {

62 return err

63 }

64 statement, err := db.Exec("UPDATE user SET password=? " +

65 "WHERE UPPER(name) LIKE UPPER(?)",

66 hPassword, username)

67 if err != nil {

68 return err

69 }

70 rows, err := statement.RowsAffected()

71 if err != nil {

72 return err

73 }

74 if rows < 1 {

75 return errors.New("unknown user " + username)

76 }

77 return nil

78 }

79

80 func (user User) ChangePassword(password string, signature string) error {

81 if err := user.VerifySignature(signature); err != nil {

82 return err

83 }

84 return ChangePassword(user.Name, password)

85 }

86

87 func (user User) ChangeDescription(desc string, signature string) error {

88 if err := user.VerifySignature(signature); err != nil {

89 return err

90 }

91 statement, err := db.Exec("UPDATE user SET description=? " +

92 "WHERE UPPER(name) LIKE UPPER(?)",

93 desc, user.Name)

94 if err != nil {

95 return err

96 }

97 rows, err := statement.RowsAffected()

98 if err != nil {

99 return err

100 }

101 if rows < 1 {

102 return errors.New("no description changed")

103 }

104 u, b := users[signature]

105 if !b {

106 return errors.New("invalid signature detected")

107 }

108 u.Description = desc

109 users[signature] = u

110 return nil

111 }

112

113 func (user *User) UpdateDescription() error {

114 rows, err := db.Query("SELECT description FROM user WHERE userID=?",

115 user.ID)

116 if err != nil {

117 return err

118 }

119 defer rows.Close()

120 if rows.Next() {

121 var dDescription string

122 err = rows.Scan(&dDescription)

123 if err != nil {

124 return err

125 }

126 user.Description = dDescription

127 }

128 users[user.Signature] = *user

129 return nil

130 }

131

132 func (user *User) SetUserSecret(secret string) error {

133 _, err := db.Exec("UPDATE user SET secret = ? " +

134 "WHERE userID = ?", secret, user.ID)

135 user.Secret = secret

136 users[user.Signature] = *user

137 return err

138 }

139

140 func DeleteUser(username string) error {

141 statement, err := db.Exec("DELETE FROM repo " +

142 "WHERE userID in " +

143 "(SELECT userID FROM user " +

144 "where UPPER(name) LIKE UPPER(?))",

145 username)

146 if err != nil {

147 return err

148 }

149 rows, err := statement.RowsAffected()

150 if err != nil {

151 return err

152 }

153 statement, err = db.Exec("DELETE FROM user WHERE name=?", username)

154 if err != nil {

155 return err

156 }

157 rows, err = statement.RowsAffected()

158 if err != nil {

159 return err

160 }

161 if rows < 1 {

162 return errors.New("user " + username + " not found")

163 }

164 return nil

165 }

166

167 func GetUserID(name string) (int, error) {

168 query := "SELECT userID FROM user WHERE UPPER(?) = UPPER(name);"

169 rows, err := db.Query(query, name)

170 if err != nil {

171 return -1, err

172 }

173 defer rows.Close()

174 if !rows.Next() {

175 return -1, errors.New("User not found")

176 }

177 var id int

178 err = rows.Scan(&id)

179 if err != nil {

180 return -1, err

181 }

182 return id, nil

183 }

184

185 func GetUser(signature string) (User, bool) {

186 user, b := users[signature]

187 // should update description

188 if b {

189 return user, b

190 }

191 rows, err := db.Query(`SELECT a.userID, name, description, a.creation,

192 a.secret, a.securegit

193 FROM user a INNER JOIN certificate b ON

194 a.userID = b.userID WHERE b.hash = ?`,

195 signature)

196 if err != nil {

197 return User{}, false

198 }

199 defer rows.Close()

200 if !rows.Next() {

201 return User{}, false

202 }

203 err = rows.Scan(&user.ID, &user.Name, &user.Description,

204 &user.Registration, &user.Secret, &user.SecureGit)

205 if err != nil {

206 return User{}, false

207 }

208 user.Signature = signature

209 users[signature] = user

210 return user, true

211 }

212

213 func FetchUser(username string, signature string) (User, error) {

214 query := `SELECT userID, name, description, creation, secret, securegit

215 FROM user WHERE UPPER(name) LIKE UPPER(?)`

216 rows, err := db.Query(query, username)

217 if err != nil {

218 return User{}, err

219 }

220 defer rows.Close()

221 next := rows.Next()

222 if !next {

223 return User{}, errors.New("User not found")

224 }

225 var u = User{}

226 err = rows.Scan(&u.ID,

227 &u.Name,

228 &u.Description,

229 &u.Registration,

230 &u.Secret,

231 &u.SecureGit)

232 if err != nil {

233 return User{}, err

234 }

235 u.Connection = time.Now()

236 u.Signature = signature

237 return u, nil

238 }

239

240 func CheckAuth(username string, password string) (error) {

241 rows, err := db.Query("SELECT name, password FROM user " +

242 "WHERE UPPER(name) LIKE UPPER(?)",

243 username)

244 if err != nil {

245 return err

246 }

247 defer rows.Close()

248 if rows.Next() {

249 var dPassword string

250 var dName string

251 err = rows.Scan(&dName, &dPassword)

252 if err != nil {

253 return err

254 }

255 if checkPassword(password, dPassword) {

256 return nil

257 }

258 }

259 return errors.New("invalid credential")

260 }

261

262 func Register(username string, password string) error {

263

264 if !config.Cfg.Ldap.Enabled {

265 if err := isPasswordValid(password); err != nil {

266 return err

267 }

268 }

269

270 if err := isUsernameValid(username); err != nil {

271 return err

272 }

273

274 if err := userAlreadyExist(username); err != nil {

275 return err

276 }

277

278 if !config.Cfg.Ldap.Enabled {

279 hash, err := hashPassword(password)

280 if err != nil {

281 return err

282 }

283

284 _, err = db.Exec("INSERT INTO user(name,password,creation) " +

285 "VALUES(?, ?, " + unixTime + ");",

286 username, hash)

287 return err

288 }

289 _, err := db.Exec("INSERT INTO user(name,creation) " +

290 "VALUES(?, " + unixTime + ")", username)

291 return err

292 }

293