users will have global permissions and fs entries will have their own
This commit is contained in:
@ -162,7 +162,8 @@ export {
|
||||
group_wheel_add,
|
||||
group_users_add,
|
||||
group_user_move,
|
||||
Group,
|
||||
GroupRemoveStatus,
|
||||
GroupSearch,
|
||||
SysGroups,
|
||||
Group,
|
||||
}
|
||||
@ -1,4 +1,5 @@
|
||||
import wrap, { type WrapResult, ConstEnum, Option } from "./wrap"
|
||||
import { Group, SysGroups } from "./groups"
|
||||
|
||||
import directory_search from "./index"
|
||||
import User from "./users"
|
||||
@ -9,10 +10,6 @@ const enum EntryType {
|
||||
Directory,
|
||||
Binary,
|
||||
}
|
||||
const enum ROOT_ID {
|
||||
TRUNK = "/",
|
||||
NAME = "root"
|
||||
}
|
||||
const enum PushStatus {
|
||||
Ok,
|
||||
Duplicate,
|
||||
@ -23,15 +20,26 @@ const enum ReadStatus {
|
||||
NotFound,
|
||||
Denied,
|
||||
}
|
||||
|
||||
const enum ROOT_ID {
|
||||
TRUNK = "/",
|
||||
NAME = "root"
|
||||
}
|
||||
const enum Permissions {
|
||||
r = 1<<0,
|
||||
w = 1<<1,
|
||||
x = 1<<2,
|
||||
rwx = Permissions.r | Permissions.w | Permissions.x
|
||||
}
|
||||
|
||||
interface EntryPermissions {
|
||||
group: Group,
|
||||
owner: User,
|
||||
}
|
||||
|
||||
interface Entry<T extends EntryType = EntryType, N = EntryValue<string>> {
|
||||
readonly type: T,
|
||||
owner: User,
|
||||
permissions: EntryPermissions,
|
||||
timestamp: number,
|
||||
name: N
|
||||
}
|
||||
@ -52,7 +60,7 @@ interface Root extends Entry<EntryType.Root, ROOT_ID.TRUNK> {
|
||||
|
||||
interface DirectoryInRootProperties {
|
||||
permissions: Permissions,
|
||||
name: string
|
||||
name: string,
|
||||
timestamp: number,
|
||||
}
|
||||
|
||||
@ -127,15 +135,26 @@ function fs_dir_pop<T extends Entry>(dir: DirectoryAssociates<T>, file_name: str
|
||||
|
||||
class EntryValue<V> {
|
||||
public inner: V;
|
||||
protected user_perms: UserPermissions;
|
||||
protected user_perms: EntryPermissions;
|
||||
|
||||
constructor(user: UserPermissions, value: V) {
|
||||
constructor(user: EntryPermissions, value: V) {
|
||||
this.inner = value
|
||||
this.user_perms = user
|
||||
}
|
||||
|
||||
private is_wheel_user(user: User): boolean {
|
||||
return user.get_group() === SysGroups.Wheel
|
||||
}
|
||||
|
||||
public read(): V | undefined {
|
||||
return rfwfs_lib.read_access(this.user_perms.permissions) ? this.inner : undefined
|
||||
if (this.is_wheel_user(this.user_perms.owner)) {
|
||||
return this.inner
|
||||
}
|
||||
if (rfwfs_lib.read_access(permissions)) {
|
||||
|
||||
}
|
||||
return undefined
|
||||
// return rfwfs_lib.read_access(this.user_perms.permissions) ? this.inner : undefined
|
||||
}
|
||||
|
||||
public write<T extends V>(new_value: T): boolean {
|
||||
|
||||
@ -1,7 +1,9 @@
|
||||
import { ROOT_ID } from "./main";
|
||||
import { Permissions } from "./main";
|
||||
|
||||
import Crypto, { type SHA256_String } from "../crypto/generate";
|
||||
import groups, { groups_find_user, GroupSearch } from "./groups";
|
||||
import groups, { groups_find_user, GroupSearch, SysGroups } from "./groups";
|
||||
|
||||
|
||||
const enum UserSet {
|
||||
Ok,
|
||||
@ -30,24 +32,31 @@ class user_lib {
|
||||
}
|
||||
|
||||
class User extends user_lib {
|
||||
private current: boolean;
|
||||
private name: string;
|
||||
private password?: SHA256_String;
|
||||
private current: boolean;
|
||||
private group: SysGroups;
|
||||
private name: string;
|
||||
private uid: number;
|
||||
|
||||
constructor(name: string, password?: SHA256_String) {
|
||||
public permissions: Permissions;
|
||||
|
||||
constructor(name: string, group: SysGroups, global_perms?: Permissions, password?: SHA256_String) {
|
||||
super()
|
||||
|
||||
const root_creation = name === ROOT_ID.NAME
|
||||
if (root_creation) {
|
||||
this.uid = 0
|
||||
this.group = SysGroups.Wheel
|
||||
} else {
|
||||
uid_count += 1
|
||||
this.uid = uid_count
|
||||
this.group = group
|
||||
}
|
||||
this.name = name
|
||||
this.current = root_creation
|
||||
this.password = password
|
||||
//Wheel users will have all permissions
|
||||
this.permissions = group === SysGroups.Users ? (global_perms ? global_perms : Permissions.rwx) : Permissions.rwx
|
||||
}
|
||||
|
||||
private set_as_current(): boolean {
|
||||
@ -60,10 +69,18 @@ class User extends user_lib {
|
||||
public get_uid() {
|
||||
return this.uid
|
||||
}
|
||||
|
||||
public is_logged_in(): boolean {
|
||||
return this.current
|
||||
}
|
||||
public get_group(): SysGroups {
|
||||
return this.group
|
||||
}
|
||||
public get_uname() {
|
||||
return this.name
|
||||
}
|
||||
public get_password(): SHA256_String | undefined {
|
||||
return this.password
|
||||
}
|
||||
|
||||
public async login(password?: string): Promise<boolean> {
|
||||
if (!this.password) {
|
||||
@ -75,10 +92,6 @@ class User extends user_lib {
|
||||
return false
|
||||
}
|
||||
|
||||
public get_uname() {
|
||||
return this.name
|
||||
}
|
||||
|
||||
public set_uname(new_uname: string): GroupSearch {
|
||||
const search = groups_find_user(new_uname)
|
||||
if (search.status === GroupSearch.NotFound) {
|
||||
@ -87,10 +100,6 @@ class User extends user_lib {
|
||||
return search.status
|
||||
}
|
||||
|
||||
public get_password(): SHA256_String | undefined {
|
||||
return this.password
|
||||
}
|
||||
|
||||
public async set_password(new_password?: string): Promise<void> {
|
||||
if (new_password) {
|
||||
this.password = await new Crypto(new_password).sha256_string()
|
||||
@ -101,7 +110,7 @@ class User extends user_lib {
|
||||
}
|
||||
|
||||
groups.wheel.add_user(
|
||||
new User(ROOT_ID.NAME, "90a956efae97cca5ec584977d96a236aa76b0a07def9fcafab87fd221a1d2cfe")
|
||||
new User(ROOT_ID.NAME, SysGroups.Wheel, "90a956efae97cca5ec584977d96a236aa76b0a07def9fcafab87fd221a1d2cfe")
|
||||
)
|
||||
groups.users.add_user(
|
||||
new User("user")
|
||||
|
||||
Reference in New Issue
Block a user