Handle student groups
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
nemunaire 2021-09-16 00:26:09 +02:00
parent 6fb7986a7a
commit 4c46386fff
5 changed files with 41 additions and 20 deletions

11
auth.go
View File

@ -32,16 +32,21 @@ func logout(w http.ResponseWriter, ps httprouter.Params, body []byte) HTTPRespon
return APIResponse{true}
}
func completeAuth(w http.ResponseWriter, username string, email string, firstname string, lastname string, session *Session) (err error) {
func completeAuth(w http.ResponseWriter, username string, email string, firstname string, lastname string, groups string, session *Session) (err error) {
var usr User
if !userExists(username) {
if usr, err = NewUser(username, email, firstname, lastname); err != nil {
if usr, err = NewUser(username, email, firstname, lastname, groups); err != nil {
return err
}
} else if usr, err = getUserByLogin(username); err != nil {
return err
}
if usr.Groups != groups {
usr.Groups = groups
usr.Update()
}
if session == nil {
var s Session
s, err = usr.NewSession()
@ -73,5 +78,5 @@ func dummyAuth(w http.ResponseWriter, _ httprouter.Params, body []byte) (interfa
return nil, err
}
return map[string]string{"status": "OK"}, completeAuth(w, lf["login"], lf["email"], lf["firstname"], lf["lastname"], nil)
return map[string]string{"status": "OK"}, completeAuth(w, lf["login"], lf["email"], lf["firstname"], lf["lastname"], "", nil)
}

View File

@ -97,22 +97,26 @@ func OIDC_CRI_complete(w http.ResponseWriter, r *http.Request, ps httprouter.Par
}
var claims struct {
Firstname string `json:"given_name"`
Lastname string `json:"family_name"`
Nickname string `json:"nickname"`
Username string `json:"preferred_username"`
Email string `json:"email"`
Groups []interface{} `json:"groups"`
Firstname string `json:"given_name"`
Lastname string `json:"family_name"`
Nickname string `json:"nickname"`
Username string `json:"preferred_username"`
Email string `json:"email"`
Groups []map[string]interface{} `json:"groups"`
}
if err := idToken.Claims(&claims); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
// Try to debug Groups
log.Println(claims.Groups)
groups := ","
for _, g := range claims.Groups {
if slug, ok := g["slug"]; ok {
groups += slug.(string) + ","
}
}
if err := completeAuth(w, claims.Username, claims.Email, claims.Firstname, claims.Lastname, &session); err != nil {
if err := completeAuth(w, claims.Username, claims.Email, claims.Firstname, claims.Lastname, groups, &session); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}

1
db.go
View File

@ -61,6 +61,7 @@ CREATE TABLE IF NOT EXISTS users(
lastname VARCHAR(255) NOT NULL,
time TIMESTAMP NOT NULL,
promo MEDIUMINT NOT NULL,
groups VARCHAR(255) NOT NULL,
is_admin BOOLEAN NOT NULL DEFAULT FALSE
) DEFAULT CHARACTER SET = utf8 COLLATE = utf8_bin;
`); err != nil {

View File

@ -27,6 +27,15 @@
<dt class="col-2">Date d'inscription</dt>
<dd class="col-10">{{ user.time }}</dd>
<dt class="col-2">Groupes</dt>
<dd class="col-10">
<ul ng-if="user.groups">
<li ng-repeat="(gid,g) in user.groups.split(',').slice(1)">
<a href="https://cri.epita.fr/group/{{ g }}/">{{ g }}</a>
</li>
</ul>
</dd>
<dt class="col-2">Admin</dt>
<dd class="col-10">{{ user.id_admin?"Oui":"Non" }}</dd>
</dl>

View File

@ -50,18 +50,19 @@ type User struct {
Lastname string `json:"lastname"`
Time time.Time `json:"time"`
Promo uint `json:"promo"`
Groups string `json:"groups"`
IsAdmin bool `json:"is_admin"`
}
func getUsers() (users []User, err error) {
if rows, errr := DBQuery("SELECT id_user, login, email, firstname, lastname, time, promo, is_admin FROM users"); errr != nil {
if rows, errr := DBQuery("SELECT id_user, login, email, firstname, lastname, time, promo, groups, is_admin FROM users"); errr != nil {
return nil, errr
} else {
defer rows.Close()
for rows.Next() {
var u User
if err = rows.Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.IsAdmin); err != nil {
if err = rows.Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.Groups, &u.IsAdmin); err != nil {
return
}
users = append(users, u)
@ -75,12 +76,12 @@ func getUsers() (users []User, err error) {
}
func getUser(id int) (u User, err error) {
err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, is_admin FROM users WHERE id_user=?", id).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.IsAdmin)
err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, groups, is_admin FROM users WHERE id_user=?", id).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.Groups, &u.IsAdmin)
return
}
func getUserByLogin(login string) (u User, err error) {
err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, is_admin FROM users WHERE login=?", login).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.IsAdmin)
err = DBQueryRow("SELECT id_user, login, email, firstname, lastname, time, promo, groups, is_admin FROM users WHERE login=?", login).Scan(&u.Id, &u.Login, &u.Email, &u.Firstname, &u.Lastname, &u.Time, &u.Promo, &u.Groups, &u.IsAdmin)
return
}
@ -90,19 +91,19 @@ func userExists(login string) bool {
return err == nil && z == 1
}
func NewUser(login string, email string, firstname string, lastname string) (User, error) {
func NewUser(login string, email string, firstname string, lastname string, groups string) (User, error) {
t := time.Now()
if res, err := DBExec("INSERT INTO users (login, email, firstname, lastname, time, promo) VALUES (?, ?, ?, ?, ?, ?)", login, email, firstname, lastname, t, currentPromo); err != nil {
if res, err := DBExec("INSERT INTO users (login, email, firstname, lastname, time, promo, groups) VALUES (?, ?, ?, ?, ?, ?, ?)", login, email, firstname, lastname, t, currentPromo, groups); err != nil {
return User{}, err
} else if sid, err := res.LastInsertId(); err != nil {
return User{}, err
} else {
return User{sid, login, email, firstname, lastname, t, currentPromo, false}, nil
return User{sid, login, email, firstname, lastname, t, currentPromo, groups, false}, nil
}
}
func (u User) Update() (int64, error) {
if res, err := DBExec("UPDATE users SET login = ?, email = ?, firstname = ?, lastname = ?, time = ?, promo = ? WHERE id_user = ?", u.Login, u.Email, u.Firstname, u.Lastname, u.Time, u.Promo, u.Id); err != nil {
if res, err := DBExec("UPDATE users SET login = ?, email = ?, firstname = ?, lastname = ?, time = ?, promo = ?, groups = ? WHERE id_user = ?", u.Login, u.Email, u.Firstname, u.Lastname, u.Time, u.Promo, u.Groups, u.Id); err != nil {
return 0, err
} else if nb, err := res.RowsAffected(); err != nil {
return 0, err
@ -152,5 +153,6 @@ func updateUser(current User, body []byte) HTTPResponse {
current.Lastname = new.Lastname
current.Time = new.Time
current.Promo = new.Promo
current.Groups = new.Groups
return formatApiResponse(current.Update())
}