diff --git a/auth.go b/auth.go
index cfe43ba..63da524 100644
--- a/auth.go
+++ b/auth.go
@@ -32,16 +32,21 @@ func logout(w http.ResponseWriter, ps httprouter.Params, body []byte) HTTPRespon
return APIResponse{true}
}
-func completeAuth(w http.ResponseWriter, username string, email string, firstname string, lastname string, session *Session) (err error) {
+func completeAuth(w http.ResponseWriter, username string, email string, firstname string, lastname string, groups string, session *Session) (err error) {
var usr User
if !userExists(username) {
- if usr, err = NewUser(username, email, firstname, lastname); err != nil {
+ if usr, err = NewUser(username, email, firstname, lastname, groups); err != nil {
return err
}
} else if usr, err = getUserByLogin(username); err != nil {
return err
}
+ if usr.Groups != groups {
+ usr.Groups = groups
+ usr.Update()
+ }
+
if session == nil {
var s Session
s, err = usr.NewSession()
@@ -73,5 +78,5 @@ func dummyAuth(w http.ResponseWriter, _ httprouter.Params, body []byte) (interfa
return nil, err
}
- return map[string]string{"status": "OK"}, completeAuth(w, lf["login"], lf["email"], lf["firstname"], lf["lastname"], nil)
+ return map[string]string{"status": "OK"}, completeAuth(w, lf["login"], lf["email"], lf["firstname"], lf["lastname"], "", nil)
}
diff --git a/auth_oidc.go b/auth_oidc.go
index 8e84c3d..c9d1d7d 100644
--- a/auth_oidc.go
+++ b/auth_oidc.go
@@ -97,22 +97,26 @@ func OIDC_CRI_complete(w http.ResponseWriter, r *http.Request, ps httprouter.Par
}
var claims struct {
- Firstname string `json:"given_name"`
- Lastname string `json:"family_name"`
- Nickname string `json:"nickname"`
- Username string `json:"preferred_username"`
- Email string `json:"email"`
- Groups []interface{} `json:"groups"`
+ Firstname string `json:"given_name"`
+ Lastname string `json:"family_name"`
+ Nickname string `json:"nickname"`
+ Username string `json:"preferred_username"`
+ Email string `json:"email"`
+ Groups []map[string]interface{} `json:"groups"`
}
if err := idToken.Claims(&claims); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
- // Try to debug Groups
- log.Println(claims.Groups)
+ groups := ","
+ for _, g := range claims.Groups {
+ if slug, ok := g["slug"]; ok {
+ groups += slug.(string) + ","
+ }
+ }
- if err := completeAuth(w, claims.Username, claims.Email, claims.Firstname, claims.Lastname, &session); err != nil {
+ if err := completeAuth(w, claims.Username, claims.Email, claims.Firstname, claims.Lastname, groups, &session); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
diff --git a/db.go b/db.go
index 9890395..1c52d66 100644
--- a/db.go
+++ b/db.go
@@ -61,6 +61,7 @@ CREATE TABLE IF NOT EXISTS users(
lastname VARCHAR(255) NOT NULL,
time TIMESTAMP NOT NULL,
promo MEDIUMINT NOT NULL,
+ groups VARCHAR(255) NOT NULL,
is_admin BOOLEAN NOT NULL DEFAULT FALSE
) DEFAULT CHARACTER SET = utf8 COLLATE = utf8_bin;
`); err != nil {
diff --git a/htdocs/views/user.html b/htdocs/views/user.html
index 5835ca4..cfc39ed 100644
--- a/htdocs/views/user.html
+++ b/htdocs/views/user.html
@@ -27,6 +27,15 @@
Date d'inscription
{{ user.time }}
+ Groupes
+
+
+
+
Admin
{{ user.id_admin?"Oui":"Non" }}
diff --git a/users.go b/users.go
index 1e5d8bc..d84bdca 100644
--- a/users.go
+++ b/users.go
@@ -50,18 +50,19 @@ type User struct {
Lastname string `json:"lastname"`
Time time.Time `json:"time"`
Promo uint `json:"promo"`
+ Groups string `json:"groups"`
IsAdmin bool `json:"is_admin"`
}
func getUsers() (users []User, err error) {
- if rows, errr := DBQuery("SELECT id_user, login, email, firstname, lastname, time, promo, is_admin FROM users"); errr != nil {
+ if rows, errr := DBQuery("SELECT id_user, login, email, firstname, lastname, time, promo, groups, is_admin FROM users"); errr != nil {
return nil, errr
} else {
defer rows.Close()
for rows.Next() {
var u User
- if err = rows.Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.IsAdmin); err != nil {
+ if err = rows.Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.Groups, &u.IsAdmin); err != nil {
return
}
users = append(users, u)
@@ -75,12 +76,12 @@ func getUsers() (users []User, err error) {
}
func getUser(id int) (u User, err error) {
- err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, is_admin FROM users WHERE id_user=?", id).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.IsAdmin)
+ err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, groups, is_admin FROM users WHERE id_user=?", id).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.Groups, &u.IsAdmin)
return
}
func getUserByLogin(login string) (u User, err error) {
- err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, is_admin FROM users WHERE login=?", login).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.IsAdmin)
+ err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, groups, is_admin FROM users WHERE login=?", login).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.Groups, &u.IsAdmin)
return
}
@@ -90,19 +91,19 @@ func userExists(login string) bool {
return err == nil && z == 1
}
-func NewUser(login string, email string, firstname string, lastname string) (User, error) {
+func NewUser(login string, email string, firstname string, lastname string, groups string) (User, error) {
t := time.Now()
- if res, err := DBExec("INSERT INTO users (login, email, firstname, lastname, time, promo) VALUES (?, ?, ?, ?, ?, ?)", login, email, firstname, lastname, t, currentPromo); err != nil {
+ if res, err := DBExec("INSERT INTO users (login, email, firstname, lastname, time, promo, groups) VALUES (?, ?, ?, ?, ?, ?, ?)", login, email, firstname, lastname, t, currentPromo, groups); err != nil {
return User{}, err
} else if sid, err := res.LastInsertId(); err != nil {
return User{}, err
} else {
- return User{sid, login, email, firstname, lastname, t, currentPromo, false}, nil
+ return User{sid, login, email, firstname, lastname, t, currentPromo, groups, false}, nil
}
}
func (u User) Update() (int64, error) {
- if res, err := DBExec("UPDATE users SET login = ?, email = ?, firstname = ?, lastname = ?, time = ?, promo = ? WHERE id_user = ?", u.Login, u.Email, u.Firstname, u.Lastname, u.Time, u.Promo, u.Id); err != nil {
+ if res, err := DBExec("UPDATE users SET login = ?, email = ?, firstname = ?, lastname = ?, time = ?, promo = ?, groups = ? WHERE id_user = ?", u.Login, u.Email, u.Firstname, u.Lastname, u.Time, u.Promo, u.Groups, u.Id); err != nil {
return 0, err
} else if nb, err := res.RowsAffected(); err != nil {
return 0, err
@@ -152,5 +153,6 @@ func updateUser(current User, body []byte) HTTPResponse {
current.Lastname = new.Lastname
current.Time = new.Time
current.Promo = new.Promo
+ current.Groups = new.Groups
return formatApiResponse(current.Update())
}