the user and group system is basically finished, the fs needs progress on creating entries

2025-05-24 21:18:48 -04:00
parent 4f6dc35569
commit 3904449f45
6 changed files with 324 additions and 202 deletions
--- a/src/rt/crypto/generate.ts
+++ b/src/rt/crypto/generate.ts
@ -1,4 +1,6 @@
-type SHA256_String = string
+interface SHA256 {
 	readonly secret: string
 }
 class Crypto {
 	protected inner: string
@ -7,15 +9,16 @@ class Crypto {
 		this.inner = inner
 	}
-	public async sha256_string(): Promise<SHA256_String> {
+	public async sha256_hash(): Promise<SHA256> {
 		const encoder = new TextEncoder()
 		const hash = await crypto.subtle.digest("SHA-256", encoder.encode(this.inner))
 		const hash_as_uint8 = new Uint8Array(hash)
-	    return Array.from(hash_as_uint8).map(byte => byte.toString(16).padStart(2, "0")).join("")
+
 		return { secret: Array.from(hash_as_uint8).map(byte => byte.toString(16).padStart(2, "0")).join("") }
 	}
 }
 export default Crypto
 export {
-	type SHA256_String
+	type SHA256
 }
--- a/src/rt/fs.ts
+++ b/src/rt/fs.ts
@ -1,16 +1,15 @@
-import rfwfs, { DirectoryInRoot, Permissions } from "./rfwfs/main"
+import rfwfs, { PERMISSION_FLAGS } from "./rfwfs/main"
 const time_now = (Date.now()/1000) | 0
 const fs = new rfwfs()
-const bin = rfwfs.directory_in_root({
+const root = fs.push_bulk_unsafe([
-	name: "bin",
+	rfwfs.directory_in_root({
-	timestamp: time_now,
+		permissions: {wheel: PERMISSION_FLAGS.RWX, users: PERMISSION_FLAGS.NONE},
-	permissions: Permissions.r | Permissions.w
+		timestamp: time_now,
-})
+		metadata: {},
-
+		name: "bin"
-fs.push_bulk_unsafe([
+	})
 	bin.dir as DirectoryInRoot
 ])
 export default fs
--- a/src/rt/rfwfs/groups.ts
+++ b/src/rt/rfwfs/groups.ts
@ -6,6 +6,8 @@ import User from "./users";
 type User_Index = [User, number]
 type WrapUserSearch = WrapResult<User_Index | undefined, GroupSearch>
 type SysGroupsNames = "wheel" | "users"
 const enum SysGroups {
 	Wheel,
 	Users,
@ -36,28 +38,35 @@ interface Groups {
 class Group {
 	protected inner: User[];
-	private type: SysGroups;
+	private group_type: SysGroups;
 	constructor(type: SysGroups) {
-		this.type = type
+		this.group_type = type
 		this.inner = []
 	}
-	public get_type(): SysGroups {
+	public users(): User[] {
 		return this.type
 	}
 	public get_users(): User[] {
 		return [...this.inner]
 	}
 	public type(): SysGroups {
 		return this.group_type
 	}
 	public type_as_name(): SysGroupsNames {
 		return this.type() === SysGroups.Wheel ? "wheel" : "users"
 	}
-	public add_user(user: User): void {
+	public add_user(user: User): boolean {
-		this.inner.push(user)
+		const duplicate = this.inner.find(user_in_group => user_in_group.uname() === user.uname())
 		if (!duplicate) {
 			this.inner.push(user)
 			return true
 		}
 		return false
 	}
 	public remove_user(user: User): User | undefined {
 		for (let i = 0; i<this.inner.length; i++) {
-			if (this.inner[i].get_uname() === user.get_uname()) {
+			if (this.inner[i].uname() === user.uname()) {
 				this.inner.splice(i, 1)
 				return this.inner[i]
 			}
@ -70,7 +79,7 @@ const groups: Groups = {
 	wheel: new Group(SysGroups.Wheel),
 	users: new Group(SysGroups.Users),
 	together: function() {
-		return [...this.wheel.get_users(), ...this.users.get_users()]
+		return [...this.wheel.users(), ...this.users.users()]
 	}
 }
@ -79,9 +88,9 @@ function wrap_user_search(status: GroupSearch, result?: User_Index): WrapUserSea
 }
 function group_iter_for_user(uname: string, group_t: Group): User_Index | undefined {
-	const group_t_users = group_t.get_users()
+	const group_t_users = group_t.users()
 	for (let i = 0; i<group_t_users.length; i++) {
-		if (group_t_users[i].get_uname() === uname) {
+		if (group_t_users[i].uname() === uname) {
 			return [group_t_users[i], i]
 		}
 	}
@ -101,7 +110,7 @@ function groups_find_user(uname: string): WrapUserSearch {
 }
 function group_add(new_user: User, group_t: Group): GroupSearch {
-	const dups = groups_find_user(new_user.get_uname())
+	const dups = groups_find_user(new_user.uname())
 	if (dups.status === GroupSearch.NotFound) {
 		group_t.add_user(new_user)
 	}
@ -110,7 +119,7 @@ function group_add(new_user: User, group_t: Group): GroupSearch {
 function group_remove(uname: string, group_t: Group): GroupRemoveStatus {
 	if (uname !== ROOT_ID.NAME) {
-		const found_user = group_t.get_users().find(user => user.get_uname() === uname)
+		const found_user = group_t.users().find(user => user.uname() === uname)
 		if (found_user) {
 			group_t.remove_user(found_user)
 			return GroupRemoveStatus.Ok
@ -162,6 +171,7 @@ export {
 	group_wheel_add,
 	group_users_add,
 	group_user_move,
 	type SysGroupsNames,
 	GroupRemoveStatus,
 	GroupSearch,
 	SysGroups,
--- a/src/rt/rfwfs/index.ts
+++ b/src/rt/rfwfs/index.ts
@ -10,7 +10,7 @@ export default function directory_search<T extends Entry>(dir_files: T[], file_n
 	let end = dir_files.length-1
 	while (start<=end) {
 		const median = (start+end)>>1
-		const median_name = dir_files[median].name.inner
+		const median_name = dir_files[median].name.__inner()
 		if (median_name === file_name) {
 			return wrap_bsearch(median, dir_files[median])
--- a/src/rt/rfwfs/main.ts
+++ b/src/rt/rfwfs/main.ts
@ -1,14 +1,15 @@
 import wrap, { type WrapResult, ConstEnum, Option } from "./wrap"
-import { Group, SysGroups } from "./groups"
+import { SysGroups } from "./groups"
 import directory_search from "./index"
-import User from "./users"
+import User, { LibUser } from "./users"
 const enum EntryType {
 	Root,
 	File,
 	Directory,
 	Binary,
 	SymLink,
 }
 const enum PushStatus {
 	Ok,
@ -18,58 +19,77 @@ const enum PushStatus {
 const enum ReadStatus {
 	Ok,
 	NotFound,
 	NotInGroup,
 	Denied,
 }
 const enum ModifyStatus {
 	Ok,
 	NotInGroup,
 	Denied,
 }
 const enum ModifyAccessType {
 	Read,
 	Write,
 }
 const enum ROOT_ID {
 	TRUNK = "/",
-	NAME  = "root"
+	NAME  = "root",
 	UID   = 0,
 }
-const enum Permissions {
+const enum PERMISSION_FLAGS {
-	r   = 1<<0,
+	NONE = -1,
-	w   = 1<<1,
+	R    = 1 << 0,
-	x   = 1<<2,
+	W    = 1 << 1,
-	rwx = Permissions.r | Permissions.w | Permissions.x
+	X    = 1 << 2,
 	RWX  = PERMISSION_FLAGS.R | PERMISSION_FLAGS.W | PERMISSION_FLAGS.X
 }
-interface EntryPermissions {
+interface Permissions<W = Gate<PERMISSION_FLAGS>, U = Gate<PERMISSION_FLAGS>> {
-	group: Group,
+	wheel: W,
-	owner: User,
+	users: U,
 }
 type GroupPermissionsRoot = Permissions<Gate<PERMISSION_FLAGS>, Gate<PERMISSION_FLAGS.NONE>>
 interface Metadata {
 	[index: string]: string
 }
-interface Entry<T extends EntryType = EntryType, N = EntryValue<string>> {
+interface Entry<
 	T extends EntryType = EntryType,
 	P extends Permissions = Permissions,
 	N = Gate<string>
 > {
 	readonly type: T,
-	permissions: EntryPermissions,
+	permissions: P,
-	timestamp: number,
+	timestamp: Gate<number>,
-	name: N
+	metadata: Gate<Metadata>,
-}
+	group: Gate<SysGroups>,
-
+	owner: Gate<User>,
-interface DirectoryContainer<T> extends Entry {
+	name: N,
 	files: EntryValue<Entry[]>,
 	parent: T | null
 }
 type Directory<T extends Entry> = DirectoryContainer<RfwfsDirectory<T>>
 type DirectoryInRoot = DirectoryContainer<Root>
-interface Root extends Entry<EntryType.Root, ROOT_ID.TRUNK> {
+interface DirectoryContainer<T> extends Entry {
-	timestamp: number,
+	files: Gate<Entry[]>,
 	parent: Gate<T> | null,
 }
 interface Root extends Entry<EntryType.Root, GroupPermissionsRoot, ROOT_ID.TRUNK> {
 	parent: null,
-	files: EntryValue<Entry[]>,
+	files: Gate<Entry[]>,
 }
 interface DirectoryInRoot extends Entry<EntryType.Root, Permissions {
 }
 interface DirectoryInRootProperties {
-	permissions: Permissions,
+	permissions: Permissions<PERMISSION_FLAGS, PERMISSION_FLAGS.NONE>,
 	name: string,
 	timestamp: number,
-}
+	metadata: Metadata,
-
+	name: string,
 interface DirectoryProperties<T extends Entry> extends DirectoryInRootProperties {
 	parent: RfwfsDirectory<T>,
 }
 interface FileProperties extends Entry {
 }
 /** Other directory types that can be treated as a single arbitrary directory.
@ -85,6 +105,7 @@ type EntryAssociates = Entry | Root
 type WrapResultEntry<T extends Entry, U> = WrapResult<T | undefined, U>
 type WrapResultNone<T>                   = WrapResult<Option.None, T>
 type WrapEntryRead<V>                    = WrapResult<V | undefined, ModifyStatus>
 function wrap_entry<T extends ConstEnum, U extends Entry>(status: T, result?: U): WrapResultEntry<U, T> {
 	return wrap(result, status)
@ -94,12 +115,16 @@ function wrap_none<T extends ConstEnum>(status: T): WrapResultNone<T> {
 	return wrap(Option.None, status)
 }
 function wrap_entry_read<V>(status: ModifyStatus, result?: V): WrapEntryRead<V> {
 	return wrap(result, status)
 }
 function fs_dir_sort<T extends Entry>(dir: DirectoryAssociates<T>) {
-	dir.files.inner.sort((a,z) => a.name.inner.localeCompare(z.name.inner))
+	dir.files.__inner().sort((a,z) => a.name.__inner().localeCompare(z.name.__inner()))
 }
 function fs_dir_clone<T extends Entry>(dir: DirectoryAssociates<T>, file_name: string): WrapResultEntry<T, ReadStatus> {
-	const clone_find = directory_search(dir.files.inner, file_name)
+	const clone_find = directory_search(dir.files.__inner(), file_name)
 	if (clone_find) {
 		return wrap_entry(ReadStatus.Ok, { ...clone_find.result as T })
 	}
@ -107,7 +132,7 @@ function fs_dir_clone<T extends Entry>(dir: DirectoryAssociates<T>, file_name: s
 }
 function fs_dir_find<T extends Entry>(dir: DirectoryAssociates<T>, file_name: string): WrapResultEntry<T, ReadStatus> {
-	const file_search = directory_search(dir.files.inner, file_name)
+	const file_search = directory_search(dir.files.__inner(), file_name)
 	if (file_search) {
 		return wrap_entry(ReadStatus.Ok, file_search.result as T)
 	}
@ -115,9 +140,9 @@ function fs_dir_find<T extends Entry>(dir: DirectoryAssociates<T>, file_name: st
 }
 function fs_dir_push<T extends Entry>(dir: DirectoryAssociates<T>, entry: Entry) {
-	const no_duplicates = directory_search(dir.files.inner, entry.name.inner)
+	const no_duplicates = directory_search(dir.files.__inner(), entry.name.__inner())
 	if (!no_duplicates) {
-		dir.files.inner.push(entry)
+		dir.files.__inner().push(entry)
 		fs_dir_sort(dir)
 		return wrap_none(PushStatus.Ok)
 	}
@ -125,44 +150,82 @@ function fs_dir_push<T extends Entry>(dir: DirectoryAssociates<T>, entry: Entry)
 }
 function fs_dir_pop<T extends Entry>(dir: DirectoryAssociates<T>, file_name: string): WrapResultEntry<T, ReadStatus> {
-	const pop_find = directory_search(dir.files.inner, file_name)
+	const pop_find = directory_search(dir.files.__inner(), file_name)
 	if (pop_find) {
-		dir.files.inner.splice(pop_find.status, 1)
+		dir.files.__inner().splice(pop_find.status, 1)
 		return wrap_entry(ReadStatus.Ok, pop_find.result as T)
 	}
 	return wrap_entry(ReadStatus.NotFound)
 }
-class EntryValue<V> {
+function user_group_perms(entry: EntryAssociates): PERMISSION_FLAGS | undefined {
-	public inner: V;
+	const user               = LibUser.current_sys_user
-	protected user_perms: EntryPermissions;
+	const current_user_group = user.group()
-	constructor(user: EntryPermissions, value: V) {
+	if (user.is_root() || current_user_group.type() === entry.group.__inner()) {
 		return entry.permissions[current_user_group.type_as_name()].__inner()
 	}
 	return undefined
 }
 function user_group_read_write<T extends Entry>(entry: DirectoryAssociates<T>): ModifyStatus {
 	if (LibUser.current_sys_user.is_root()) {
 		return ModifyStatus.Ok
 	}
 	const group_perms = user_group_perms(entry)
 	if (group_perms) {
 		return LibRfwfs.read_write_access(group_perms) ? ModifyStatus.Ok : ModifyStatus.Denied
 	}
 	return ModifyStatus.NotInGroup
 }
 class Gate<V> {
 	private inner: V;
 	protected entry: EntryAssociates;
 	constructor(entry: EntryAssociates, value: V) {
 		this.inner = value
-		this.user_perms = user
+		this.entry = entry
 	}
-	private is_wheel_user(user: User): boolean {
+	private access_read_write(accessType: ModifyAccessType): ModifyStatus {
-		return user.get_group() === SysGroups.Wheel
+		const group_perms = user_group_perms(this.entry)
 		if (group_perms) {
 			switch (accessType) {
 				case ModifyAccessType.Read:
 					return LibRfwfs.read_access(group_perms)  ? ModifyStatus.Ok : ModifyStatus.Denied
 				case ModifyAccessType.Write:
 					return LibRfwfs.write_access(group_perms) ? ModifyStatus.Ok : ModifyStatus.Denied
 			}
 		}
 		return ModifyStatus.NotInGroup
 	}
-	public read(): V | undefined {
+	public __inner(): V {
-		if (this.is_wheel_user(this.user_perms.owner)) {
+		return this.inner
 			return this.inner
 		}
 		if (rfwfs_lib.read_access(permissions)) {
 		}
 		return undefined
 		// return rfwfs_lib.read_access(this.user_perms.permissions) ? this.inner : undefined
 	}
-	public write<T extends V>(new_value: T): boolean {
+	public read(): WrapEntryRead<V> {
-		if (rfwfs_lib.write_access(this.user_perms.permissions)) {
+		switch (this.access_read_write(ModifyAccessType.Read)) {
-			this.inner = new_value
+			case ModifyStatus.Ok:
-			return true
+				return wrap_entry_read(ModifyStatus.Ok, this.inner)
 			case ModifyStatus.NotInGroup:
 				return wrap_entry_read(ModifyStatus.NotInGroup)
 			case ModifyStatus.Denied:
 				return wrap_entry_read(ModifyStatus.Denied)
 		}
 	}
 	public write<T extends V>(new_value: T): ModifyStatus {
 		switch (this.access_read_write(ModifyAccessType.Read)) {
 			case ModifyStatus.Ok:
 				this.inner = new_value
 				return ModifyStatus.Ok
 			case ModifyStatus.NotInGroup:
 				return ModifyStatus.NotInGroup
 			case ModifyStatus.Denied:
 				return ModifyStatus.Denied
 		}
 		return false
 	}
 }
@ -178,45 +241,45 @@ class RfwfsDirectory<T extends Entry> {
 	}
 	public clone(file_name: string): WrapResultEntry<Entry, ReadStatus> {
-		if (rfwfs.read_write_access(this.dir.permissions)) {
+		if (user_group_read_write(this.dir)) {
 			return fs_dir_clone(this.dir, file_name)
 		}
 		return wrap_entry(ReadStatus.Denied)
 	}
 	public find(file_name: string): WrapResultEntry<Entry, ReadStatus> {
-		if (rfwfs.read_write_access(this.dir.permissions)) {
+		if (user_group_read_write(this.dir)) {
 			return fs_dir_find(this.dir, file_name)
 		}
 		return wrap_entry(ReadStatus.Denied)
 	}
 	public push<E extends Entry>(entry: E): WrapResultNone<PushStatus> {
-		if (rfwfs.read_write_access(this.dir.permissions)) {
+		if (user_group_read_write(this.dir)) {
 			return fs_dir_push(this.dir, entry)
 		}
 		return wrap_none(PushStatus.Denied)
 	}
 	public pop(file_name: string): WrapResultEntry<Entry, ReadStatus> {
-		if (rfwfs.read_write_access(this.dir.permissions)) {
+		if (user_group_read_write(this.dir)) {
 			fs_dir_pop(this.dir, file_name)
 		}
 		return wrap_entry(ReadStatus.Denied)
 	}
 	public push_bulk_unsafe(dirs: T[]) {
-		dirs.forEach(dir => this.dir.files.inner.push(dir))
+		dirs.forEach(dir => this.dir.files.__inner().push(dir))
 		this.sort()
 	}
 	public push_unsafe(dir: T) {
-		this.dir.files.inner.push(dir)
+		this.dir.files.__inner().push(dir)
 		this.sort()
 	}
 }
-class rfwfs_lib {
+class LibRfwfs {
 	public static is_root<T extends Entry>(entry: T): boolean {
 		return entry.type === EntryType.Root
 	}
@ -229,67 +292,51 @@ class rfwfs_lib {
 	public static is_binary<T extends Entry>(entry: T): boolean {
 		return entry.type === EntryType.Binary
 	}
 	public static is_symlink<T extends Entry>(entry: T): boolean {
 		return entry.type === EntryType.SymLink
 	}
-	public static read_access(permissions: Permissions): boolean {
+	public static read_access(permissions: PERMISSION_FLAGS): boolean {
-		return (permissions & Permissions.r) !== 0
+		return (permissions & PERMISSION_FLAGS.R) !== 0
 	}
-	public static write_access(permissions: Permissions): boolean {
+	public static write_access(permissions: PERMISSION_FLAGS): boolean {
-		return (permissions & Permissions.w) !== 0
+		return (permissions & PERMISSION_FLAGS.W) !== 0
 	}
-	public static execute_access(permissions: Permissions): boolean {
+	public static execute_access(permissions: PERMISSION_FLAGS): boolean {
-		return (permissions & Permissions.x) !== 0
+		return (permissions & PERMISSION_FLAGS.X) !== 0
 	}
-	public static read_write_access(permissions: Permissions): boolean {
+	public static read_write_access(permissions: PERMISSION_FLAGS): boolean {
-		return rfwfs.read_access(permissions) && rfwfs.write_access(permissions)
+		return LibRfwfs.read_access(permissions) && LibRfwfs.write_access(permissions)
 	}
 	public static directory_in_root(properties: DirectoryInRootProperties): RfwfsDirectory<DirectoryInRoot> {
-		class dir<P, F extends Entry> {
+		const dir_o = { type: EntryType.Directory } as DirectoryInRoot
-			public parent: P;
+		dir_o.permissions = {
-			public permissions: Permissions;
+			wheel: new Gate(dir_o, properties.permissions.wheel),
-			public timestamp: number;
+			users: new Gate(dir_o, properties.permissions.users),
 			public files: EntryValue<F[]>;
 			public name: EntryValue<string>;
 			constructor(permissions: Permissions, timestamp: number, name: string, parent: P, files: F[]) {
 				this.parent = parent
 				this.permissions = permissions
 				this.timestamp = timestamp
 				this.files = new EntryValue(this.permissions, files)
 			}
 		}
-		// const dir_o = { type: EntryType.Directory } as DirectoryInRoot
+		dir_o.metadata    = new Gate(dir_o, properties.metadata)
-		// dir_o.parent      = null
+		dir_o.timestamp   = new Gate(dir_o, properties.timestamp)
-		// dir_o.permissions = properties.permissions
+		dir_o.files       = new Gate(dir_o, [])
-		// dir_o.timestamp   = properties.timestamp
+		dir_o.name        = new Gate(dir_o, properties.name)
-		// dir_o.files       = new EntryValue(dir_o, [])
+		dir_o.parent      = null
 		// dir_o.name        = new EntryValue(dir_o, properties.name)
 		// return new RfwfsDirectory(dir_o)
 	}
 	public static directory<T extends Entry>(properties: DirectoryProperties<T>): RfwfsDirectory<T> {
 		const dir_o = { type: EntryType.Directory } as Directory<T>
 		dir_o.parent      = properties.parent
 		dir_o.permissions = properties.permissions
 		dir_o.timestamp   = properties.timestamp
 		dir_o.files       = new EntryValue(dir_o, [])
 		dir_o.name        = new EntryValue(dir_o, properties.name)
 		return new RfwfsDirectory(dir_o)
 	}
 	public static file(properties: FileProperties) {
 	}
 }
-class rfwfs extends rfwfs_lib {
+class Rfwfs extends LibRfwfs {
 	public root: Root;
 	constructor() {
 		super()
 		this.root = { type: EntryType.Root } as Root
-		this.root.permissions = Permissions.r | Permissions.w
+		this.root.permissions = {
-		this.root.timestamp = (Date.now()/1000) | 0
+			wheel: new Gate(this.root, PERMISSION_FLAGS.RWX),
 			users: new Gate(this.root, PERMISSION_FLAGS.NONE)
 		}
 		this.root.timestamp = new Gate(this.root, (Date.now()/1000) | 0)
 		this.root.parent = null
-		this.root.files = new EntryValue(this.root, [])
+		this.root.files = new Gate(this.root, [])
 		this.root.name = ROOT_ID.TRUNK
 	}
@ -298,51 +345,51 @@ class rfwfs extends rfwfs_lib {
 	}
 	public clone(file_name: string): WrapResultEntry<Entry, ReadStatus> {
-		if (rfwfs.read_write_access(this.root.permissions)) {
+		if (user_group_read_write(this.root)) {
 			return fs_dir_clone(this.root, file_name)
 		}
 		return wrap_entry(ReadStatus.Denied)
 	}
 	public find(file_name: string): WrapResultEntry<Entry, ReadStatus> {
-		if (rfwfs.read_write_access(this.root.permissions)) {
+		if (user_group_read_write(this.root)) {
 			return fs_dir_find(this.root, file_name)
 		}
 		return wrap_entry(ReadStatus.Denied)
 	}
 	public push<T extends Entry>(entry: T): WrapResultNone<PushStatus> {
-		if (rfwfs.read_write_access(this.root.permissions)) {
+		if (user_group_read_write(this.root)) {
 			return fs_dir_push(this.root, entry)
 		}
 		return wrap_none(PushStatus.Denied)
 	}
 	public pop(file_name: string): WrapResultEntry<Entry, ReadStatus> {
-		if (rfwfs.read_write_access(this.root.permissions)) {
+		if (user_group_read_write(this.root)) {
 			fs_dir_pop(this.root, file_name)
 		}
 		return wrap_entry(ReadStatus.Denied)
 	}
 	public push_bulk_unsafe(dirs: DirectoryInRoot[]) {
-		dirs.forEach(dir => this.root.files.inner.push(dir))
+		dirs.forEach(dir => this.root.files.__inner().push(dir))
 		this.sort()
 	}
 	public push_unsafe(dir: DirectoryInRoot) {
-		this.root.files.inner.push(dir)
+		this.root.files.__inner().push(dir)
 		this.sort()
 	}
 }
-export default rfwfs
+export default Rfwfs
 export {
 	type DirectoryInRoot,
 	type RfwfsDirectory,
 	type Directory,
 	type Entry,
-	Permissions,
+	PERMISSION_FLAGS,
 	EntryType,
 	ROOT_ID,
 }
--- a/src/rt/rfwfs/users.ts
+++ b/src/rt/rfwfs/users.ts
@ -1,19 +1,41 @@
 import { ROOT_ID } from "./main";
 import { Permissions } from "./main";
 import Crypto, { type SHA256_String } from "../crypto/generate";
 import groups, { groups_find_user, GroupSearch, SysGroups } from "./groups";
 import Crypto, { type SHA256 } from "../crypto/generate";
 import groups, { groups_find_user, GroupSearch, SysGroups, Group } from "./groups";
 const enum UserSet {
 	Ok,
 	AlreadyLoggedIn,
-	UserDoesNotExist
+	UserDoesNotExist,
 }
 const enum PasswordCheckStatus {
 	Ok,
 	MinBound,
 	MaxBound,
 }
 const enum PasswordSetStatus {
 	Ok,
 	RootRequiresPassword,
 	MinBound,
 	MaxBound,
 	Incorrect,
 }
 const enum SetUnameStatus {
 	Ok,
 	CantChangeRootName,
 	NotFound,
 	WheelResult,
 	UsersResult,
 }
-let uid_count = 0
+const enum PASS_BOUNDS {
 	MIN = 4,
 	MAX = 1 << 12, //64 ^ 2
 }
-class user_lib {
+let uid_count: number = 0
 class LibUser {
 	public static current_sys_user: User;
 	public static get_sys_user(): User {
@ -26,94 +48,135 @@ class user_lib {
 		if (!result_user_i)                  { return UserSet.UserDoesNotExist }
 		if (result_user_i[0].is_logged_in()) { return UserSet.AlreadyLoggedIn }
-		user_lib.current_sys_user = result_user_i[0]
+		LibUser.current_sys_user = result_user_i[0]
 		return UserSet.Ok
 	}
 	public static in_password_bounds(password: string): PasswordCheckStatus {
 		//Math.min(Math.max(PASS_BOUNDS.MIN, password.length), PASS_BOUNDS.MAX) < PASS_BOUNDS.MAX
 		if (password.length > PASS_BOUNDS.MIN) {
 			if (password.length < PASS_BOUNDS.MAX) {
 				return PasswordCheckStatus.Ok
 			}
 			return PasswordCheckStatus.MaxBound
 		}
 		return PasswordCheckStatus.MinBound
 	}
 }
-class User extends user_lib {
+class User {
-	private password?: SHA256_String;
+	private inner_password?: SHA256;
 	private inner_group: Group;
 	private inner_name: string;
 	private inner_uid: number;
 	private current: boolean;
 	private group: SysGroups;
 	private name: string;
 	private uid: number;
 	public permissions: Permissions;
 	constructor(name: string, group: SysGroups, global_perms?: Permissions, password?: SHA256_String) {
 		super()
 	constructor(name: string, group: Group, password?: SHA256) {
 		const root_creation = name === ROOT_ID.NAME
 		if (root_creation) {
-			this.uid = 0
+			this.inner_uid = 0
-			this.group = SysGroups.Wheel
+			this.inner_group = group
 		} else {
 			uid_count += 1
-			this.uid = uid_count
+			this.inner_uid = uid_count
-			this.group = group
+			this.inner_group = group
 		}
-		this.name = name
+
 		this.inner_name = name
 		this.current = root_creation
-		this.password = password
+		this.inner_password = password
 		//Wheel users will have all permissions
 		this.permissions = group === SysGroups.Users ? (global_perms ? global_perms : Permissions.rwx) : Permissions.rwx
 	}
 	private set_as_current(): boolean {
-		User.get_sys_user().current = false
+		LibUser.get_sys_user().current = false
-		User.current_sys_user = this
+		LibUser.current_sys_user = this
 		this.current = true
 		return this.current
 	}
 	public get_uid() {
 		return this.uid
 	}
 	public is_logged_in(): boolean {
 		return this.current
 	}
-	public get_group(): SysGroups {
+	public in_wheel(): boolean {
-		return this.group
+		return this.inner_group.type() === SysGroups.Wheel
 	}
-	public get_uname() {
+	public password(): SHA256 | undefined {
-		return this.name
+		return this.inner_password
 	}
-	public get_password(): SHA256_String | undefined {
+	public is_root(): boolean {
-		return this.password
+		return this.inner_name === ROOT_ID.NAME && this.inner_uid === ROOT_ID.UID
 	}
 	public group(): Group {
 		return this.inner_group
 	}
 	public uname(): string {
 		return this.inner_name
 	}
 	public uid(): number {
 		return this.inner_uid
 	}
 	public async check_password(password?: string): Promise<boolean> {
 		if (!(password && this.inner_password) || (await new Crypto(password).sha256_hash()).secret === this.inner_password.secret) {
 			return true
 		}
 		return false
 	}
 	public async login(password?: string): Promise<boolean> {
-		if (!this.password) {
+		if (!this.inner_password || (password && await this.check_password(password))) {
 			return this.set_as_current()
 		}
 		if (password && await new Crypto(password).sha256_string() === this.password) {
 			return this.set_as_current()
 		}
 		return false
 	}
-	public set_uname(new_uname: string): GroupSearch {
+	public set_uname(new_uname: string): SetUnameStatus {
 		if (this.is_root()) { return SetUnameStatus.CantChangeRootName }
 		const search = groups_find_user(new_uname)
-		if (search.status === GroupSearch.NotFound) {
+		switch (search.status) {
-			this.name = new_uname
+			case GroupSearch.NotFound:
 				this.inner_name = new_uname
 				break
 			case GroupSearch.UsersResult:
 				return SetUnameStatus.UsersResult
 			case GroupSearch.WheelResult:
 				return SetUnameStatus.WheelResult
 		}
-		return search.status
+		return SetUnameStatus.Ok
 	}
-	public async set_password(new_password?: string): Promise<void> {
+	public async set_password(current_password: string, new_password?: string): Promise<PasswordSetStatus> {
-		if (new_password) {
+		if (await this.check_password(current_password)) {
-			this.password = await new Crypto(new_password).sha256_string()
+			if (new_password) {
-		} else {
+				switch (LibUser.in_password_bounds(new_password)) {
-			this.password = undefined
+					case PasswordCheckStatus.Ok:
 						this.inner_password = await new Crypto(new_password).sha256_hash()
 						break
 					case PasswordCheckStatus.MinBound:
 						return PasswordSetStatus.MinBound
 					case PasswordCheckStatus.MaxBound:
 						return PasswordSetStatus.MaxBound
 				}
 			} else {
 				if (this.is_root()) { return PasswordSetStatus.RootRequiresPassword }
 				//This user has no password
 				this.inner_password = undefined
 			}
 			return PasswordSetStatus.Ok
 		}
 		return PasswordSetStatus.Incorrect
 	}
 }
 groups.wheel.add_user(
-	new User(ROOT_ID.NAME, SysGroups.Wheel, "90a956efae97cca5ec584977d96a236aa76b0a07def9fcafab87fd221a1d2cfe")
+	new User(ROOT_ID.NAME, groups.wheel, { secret: "90a956efae97cca5ec584977d96a236aa76b0a07def9fcafab87fd221a1d2cfe" })
 )
 groups.users.add_user(
-	new User("user")
+	new User("user", groups.users)
 )
 export default User
 export {
 	LibUser
 }