💾 Archived View for gemini.rmf-dev.com › repo › Vaati › Gemigit › files › 976a51876a943fab097395763b… captured on 2023-04-19 at 23:33:46. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
0 package db
1
2 import (
3 "errors"
4 "time"
5 "gemigit/config"
6 )
7
8 var users = make(map[string]User)
9
10 func (user *User) VerifySignature(signature string) error {
11 if user.Signature != signature {
12 return errors.New("wrong signature")
13 }
14 if users[signature].ID != user.ID {
15 return errors.New("signature doesn't match the user")
16 }
17 return nil
18 }
19
20 func userAlreadyExist(username string) error {
21 rows, err := db.Query(
22 "SELECT * FROM user WHERE UPPER(name) LIKE UPPER(?)",
23 username)
24 if err != nil {
25 return err
26 }
27 defer rows.Close()
28 if rows.Next() {
29 return errors.New("This username is already taken")
30 }
31 return nil
32 }
33
34 func GetPublicUser(name string) (User, error) {
35 rows, err := db.Query("SELECT userID, name, description, creation " +
36 "FROM user WHERE UPPER(name) LIKE UPPER(?)",
37 name)
38 if err != nil {
39 return User{}, err
40 }
41 defer rows.Close()
42 if !rows.Next() {
43 return User{}, errors.New(name + ", user not found")
44 }
45 var u = User{}
46 err = rows.Scan(&u.ID, &u.Name,
47 &u.Description,
48 &u.Registration)
49 if err != nil {
50 return User{}, err
51 }
52 return u, nil
53 }
54
55 func ChangePassword(username string, password string) error {
56 err := isPasswordValid(password)
57 if err != nil {
58 return err
59 }
60 hPassword, err := hashPassword(password)
61 if err != nil {
62 return err
63 }
64 statement, err := db.Exec("UPDATE user SET password=? " +
65 "WHERE UPPER(name) LIKE UPPER(?)",
66 hPassword, username)
67 if err != nil {
68 return err
69 }
70 rows, err := statement.RowsAffected()
71 if err != nil {
72 return err
73 }
74 if rows < 1 {
75 return errors.New("unknown user " + username)
76 }
77 return nil
78 }
79
80 func (user User) ChangePassword(password string, signature string) error {
81 if err := user.VerifySignature(signature); err != nil {
82 return err
83 }
84 return ChangePassword(user.Name, password)
85 }
86
87 func (user User) ChangeDescription(desc string, signature string) error {
88 if err := user.VerifySignature(signature); err != nil {
89 return err
90 }
91 statement, err := db.Exec("UPDATE user SET description=? " +
92 "WHERE UPPER(name) LIKE UPPER(?)",
93 desc, user.Name)
94 if err != nil {
95 return err
96 }
97 rows, err := statement.RowsAffected()
98 if err != nil {
99 return err
100 }
101 if rows < 1 {
102 return errors.New("no description changed")
103 }
104 u, b := users[signature]
105 if !b {
106 return errors.New("invalid signature detected")
107 }
108 u.Description = desc
109 users[signature] = u
110 return nil
111 }
112
113 func (user *User) UpdateDescription() error {
114 rows, err := db.Query("SELECT description FROM user WHERE userID=?",
115 user.ID)
116 if err != nil {
117 return err
118 }
119 defer rows.Close()
120 if rows.Next() {
121 var dDescription string
122 err = rows.Scan(&dDescription)
123 if err != nil {
124 return err
125 }
126 user.Description = dDescription
127 }
128 users[user.Signature] = *user
129 return nil
130 }
131
132 func (user *User) SetUserSecret(secret string) error {
133 _, err := db.Exec("UPDATE user SET secret = ? " +
134 "WHERE userID = ?", secret, user.ID)
135 user.Secret = secret
136 users[user.Signature] = *user
137 return err
138 }
139
140 func DeleteUser(username string) error {
141 statement, err := db.Exec("DELETE FROM repo " +
142 "WHERE userID in " +
143 "(SELECT userID FROM user " +
144 "where UPPER(name) LIKE UPPER(?))",
145 username)
146 if err != nil {
147 return err
148 }
149 rows, err := statement.RowsAffected()
150 if err != nil {
151 return err
152 }
153 statement, err = db.Exec("DELETE FROM user WHERE name=?", username)
154 if err != nil {
155 return err
156 }
157 rows, err = statement.RowsAffected()
158 if err != nil {
159 return err
160 }
161 if rows < 1 {
162 return errors.New("user " + username + " not found")
163 }
164 return nil
165 }
166
167 func GetUserID(name string) (int, error) {
168 query := "SELECT userID FROM user WHERE UPPER(?) = UPPER(name);"
169 rows, err := db.Query(query, name)
170 if err != nil {
171 return -1, err
172 }
173 defer rows.Close()
174 if !rows.Next() {
175 return -1, errors.New("User not found")
176 }
177 var id int
178 err = rows.Scan(&id)
179 if err != nil {
180 return -1, err
181 }
182 return id, nil
183 }
184
185 func GetUser(signature string) (User, bool) {
186 user, b := users[signature]
187 // should update description
188 if b {
189 return user, b
190 }
191 rows, err := db.Query(`SELECT a.userID, name, description, a.creation,
192 a.secret, a.securegit
193 FROM user a INNER JOIN certificate b ON
194 a.userID = b.userID WHERE b.hash = ?`,
195 signature)
196 if err != nil {
197 return User{}, false
198 }
199 defer rows.Close()
200 if !rows.Next() {
201 return User{}, false
202 }
203 err = rows.Scan(&user.ID, &user.Name, &user.Description,
204 &user.Registration, &user.Secret, &user.SecureGit)
205 if err != nil {
206 return User{}, false
207 }
208 user.Signature = signature
209 users[signature] = user
210 return user, true
211 }
212
213 func FetchUser(username string, signature string) (User, error) {
214 query := `SELECT userID, name, description, creation, secret, securegit
215 FROM user WHERE UPPER(name) LIKE UPPER(?)`
216 rows, err := db.Query(query, username)
217 if err != nil {
218 return User{}, err
219 }
220 defer rows.Close()
221 next := rows.Next()
222 if !next {
223 return User{}, errors.New("User not found")
224 }
225 var u = User{}
226 err = rows.Scan(&u.ID,
227 &u.Name,
228 &u.Description,
229 &u.Registration,
230 &u.Secret,
231 &u.SecureGit)
232 if err != nil {
233 return User{}, err
234 }
235 u.Connection = time.Now()
236 u.Signature = signature
237 return u, nil
238 }
239
240 func CheckAuth(username string, password string) (error) {
241 rows, err := db.Query("SELECT name, password FROM user " +
242 "WHERE UPPER(name) LIKE UPPER(?)",
243 username)
244 if err != nil {
245 return err
246 }
247 defer rows.Close()
248 if rows.Next() {
249 var dPassword string
250 var dName string
251 err = rows.Scan(&dName, &dPassword)
252 if err != nil {
253 return err
254 }
255 if checkPassword(password, dPassword) {
256 return nil
257 }
258 }
259 return errors.New("invalid credential")
260 }
261
262 func Register(username string, password string) error {
263
264 if !config.Cfg.Ldap.Enabled {
265 if err := isPasswordValid(password); err != nil {
266 return err
267 }
268 }
269
270 if err := isUsernameValid(username); err != nil {
271 return err
272 }
273
274 if err := userAlreadyExist(username); err != nil {
275 return err
276 }
277
278 if !config.Cfg.Ldap.Enabled {
279 hash, err := hashPassword(password)
280 if err != nil {
281 return err
282 }
283
284 _, err = db.Exec("INSERT INTO user(name,password,creation) " +
285 "VALUES(?, ?, " + unixTime + ");",
286 username, hash)
287 return err
288 }
289 _, err := db.Exec("INSERT INTO user(name,creation) " +
290 "VALUES(?, " + unixTime + ")", username)
291 return err
292 }
293