add return values to backend docstring,
fix return values of all backends
This commit is contained in:
parent
b12f38e608
commit
01f55aa0cb
@ -30,12 +30,13 @@ class BACKEND {
|
||||
* Opens a session with the backend and creates session tokens if needed
|
||||
* @param {{id: string, realm: string}} user object containing username and password fields
|
||||
* @param {string} password
|
||||
* @returns {{ok: boolean, status: number, cookies: {name: string, value: string}[]}} response like object with list of session token objects with token name and value
|
||||
* @returns {{ok: boolean, status: number, message: string, cookies: {name: string, value: string}[]}} response like object with list of session token objects with token name and value
|
||||
*/
|
||||
openSession (user, password) {
|
||||
return {
|
||||
ok: true,
|
||||
status: 200,
|
||||
message: "",
|
||||
cookies: []
|
||||
};
|
||||
}
|
||||
@ -63,6 +64,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {Object} attributes user attributes
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {{ok: boolean, status: number, message: string}} error object or null
|
||||
*/
|
||||
addUser (user, attributes, params = null) {}
|
||||
|
||||
@ -70,6 +72,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* Get user from backend
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {Object} containing user data from this backend, null if user does not exist
|
||||
*/
|
||||
getUser (user, params = null) {}
|
||||
|
||||
@ -78,6 +81,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {Object} attributes new user attributes to modify
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {{ok: boolean, status: number, message: string}} error object or null
|
||||
*/
|
||||
setUser (user, attributes, params = null) {}
|
||||
|
||||
@ -85,6 +89,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* Delete user from backend
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {{ok: boolean, status: number, message: string}} error object or null
|
||||
*/
|
||||
deluser (user, params = null) {}
|
||||
|
||||
@ -93,6 +98,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} attributes group attributes
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {{ok: boolean, status: number, message: string}} error object or null
|
||||
*/
|
||||
addGroup (group, attributes, params = null) {}
|
||||
|
||||
@ -100,6 +106,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* Get group from backend
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {Object} containing group data from this backend, null if user does not exist
|
||||
*/
|
||||
getGroup (group, params = null) {}
|
||||
|
||||
@ -108,6 +115,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} attributes new group attributes to modify
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {{ok: boolean, status: number, message: string}} error object or null
|
||||
*/
|
||||
setGroup (group, attributes, params = null) {}
|
||||
|
||||
@ -115,6 +123,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* Delete group from backend
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {{ok: boolean, status: number, message: string}} error object or null
|
||||
*/
|
||||
delGroup (group, params = null) {}
|
||||
|
||||
@ -123,6 +132,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {{ok: boolean, status: number, message: string}} error object or null
|
||||
*/
|
||||
addUserToGroup (user, group, params = null) {}
|
||||
|
||||
@ -131,6 +141,7 @@ class USER_BACKEND extends BACKEND {
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
* @returns {{ok: boolean, status: number, message: string}} error object or null
|
||||
*/
|
||||
delUserFromGroup (user, group, params = null) {}
|
||||
}
|
||||
@ -153,7 +164,6 @@ export class AUTH_BACKEND extends USER_BACKEND {}
|
||||
/**
|
||||
* Interface combining all user backends into a single interface
|
||||
* Calling methods will also call sub handler methods
|
||||
* Also handles refreshing proxmox handler
|
||||
*/
|
||||
class USER_BACKEND_MANAGER extends USER_BACKEND {
|
||||
#config = null;
|
||||
@ -167,23 +177,12 @@ class USER_BACKEND_MANAGER extends USER_BACKEND {
|
||||
return this.#config[user.realm];
|
||||
}
|
||||
|
||||
/**
|
||||
* Add user to backend
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {Object} attributes user attributes
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
addUser (user, attributes, params = null) {}
|
||||
|
||||
/**
|
||||
* Get user from backend
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
async getUser (user, params = null) {
|
||||
let userData = {};
|
||||
for (const backend of this.#config[user.realm]) {
|
||||
let backendData = await global.backends[backend].getUser(user, params)
|
||||
const backendData = await global.backends[backend].getUser(user, params);
|
||||
if (backendData) {
|
||||
userData = { ...backendData, ...userData };
|
||||
}
|
||||
@ -191,21 +190,14 @@ class USER_BACKEND_MANAGER extends USER_BACKEND {
|
||||
return userData;
|
||||
}
|
||||
|
||||
/**
|
||||
* Modify user in backend
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {Object} attributes new user attributes to modify
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
async setUser (user, attributes, params = null) {
|
||||
const results = {
|
||||
ok: true,
|
||||
status: 200,
|
||||
log: []
|
||||
message: ""
|
||||
};
|
||||
for (const backend of this.#config[user.realm]) {
|
||||
const r = await global.backends[backend].setUser(user, attributes, params);
|
||||
results.log.push(backend)
|
||||
if (!r) {
|
||||
results.ok = false;
|
||||
results.status = 500;
|
||||
@ -215,56 +207,17 @@ class USER_BACKEND_MANAGER extends USER_BACKEND {
|
||||
return results;
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete user from backend
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
deluser (user, params = null) {}
|
||||
|
||||
/**
|
||||
* Add group to backend
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} attributes group attributes
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
addGroup (group, attributes, params = null) {}
|
||||
|
||||
/**
|
||||
* Get group from backend
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
getGroup (group, params = null) {}
|
||||
|
||||
/**
|
||||
* Modify group in backend
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} attributes new group attributes to modify
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
setGroup (group, attributes, params = null) {}
|
||||
|
||||
/**
|
||||
* Delete group from backend
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
delGroup (group, params = null) {}
|
||||
|
||||
/**
|
||||
* Add user to group
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
addUserToGroup (user, group, params = null) {}
|
||||
|
||||
/**
|
||||
* Remove user from group
|
||||
* @param {{id: string, realm: string}} user
|
||||
* @param {{id: string}} group
|
||||
* @param {Object} params authentication params, usually req.cookies
|
||||
*/
|
||||
delUserFromGroup (user, group, params = null) {}
|
||||
}
|
||||
|
@ -37,9 +37,19 @@ export default class LocalDB extends DB_BACKEND {
|
||||
|
||||
addUser (user, attributes, params = null) {
|
||||
const username = `${user.id}@${user.realm}`;
|
||||
if (this.#data.users[username]) { // user already exists
|
||||
return {
|
||||
ok: false,
|
||||
status: 1,
|
||||
message: "User already exists"
|
||||
};
|
||||
}
|
||||
else {
|
||||
attributes = attributes || this.#defaultuser;
|
||||
this.#data.users[username] = attributes;
|
||||
this.#save();
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
getUser (user, params = null) {
|
||||
|
@ -15,7 +15,7 @@ export default class PAASLDAP extends AUTH_BACKEND {
|
||||
* @param {*} path HTTP path, prepended with the paas-LDAP API base url
|
||||
* @param {*} method HTTP method
|
||||
* @param {*} body body parameters and data to be sent. Optional.
|
||||
* @returns {Object} HTTP response object or HTTP error object.
|
||||
* @returns {Object} HTTP response object
|
||||
*/
|
||||
async #request (path, method, auth = null, body = null) {
|
||||
const url = `${this.#url}${path}`;
|
||||
@ -39,12 +39,9 @@ export default class PAASLDAP extends AUTH_BACKEND {
|
||||
return result;
|
||||
}
|
||||
catch (error) {
|
||||
error.ok = false;
|
||||
error.status = 500;
|
||||
error.data = {
|
||||
error: error.code
|
||||
};
|
||||
return error;
|
||||
const result = error.response;
|
||||
result.ok = result.status === 200;
|
||||
return result;
|
||||
}
|
||||
}
|
||||
|
||||
@ -60,25 +57,44 @@ export default class PAASLDAP extends AUTH_BACKEND {
|
||||
return {
|
||||
ok: true,
|
||||
status: result.status,
|
||||
message: "",
|
||||
cookies
|
||||
};
|
||||
}
|
||||
else {
|
||||
return result;
|
||||
return {
|
||||
ok: false,
|
||||
status: result.status,
|
||||
message: result.data.error.message,
|
||||
cookies: []
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
async addUser (user, attributes, params = null) {
|
||||
return await this.#request(`/users/${user.id}`, "POST", params, attributes);
|
||||
const res = await this.#request(`/users/${user.id}`, "POST", params, attributes);
|
||||
if (res.ok) { // if ok, return null
|
||||
return null;
|
||||
}
|
||||
else { // if not ok, return error obj
|
||||
return {
|
||||
ok: res.ok,
|
||||
status: res.status,
|
||||
message: res.ok ? "" : res.data.error.message
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
async getUser (user, params = null) {
|
||||
const res = await this.#request(`/users/${user.id}`, "GET", params);
|
||||
if (res.ok) {
|
||||
return res.data;
|
||||
if (!params) { // params required, do nothing if params are missing
|
||||
return null;
|
||||
}
|
||||
else {
|
||||
return false;
|
||||
const res = await this.#request(`/users/${user.id}`, "GET", params);
|
||||
if (res.ok) { // if ok, return user data
|
||||
return res.data.user;
|
||||
}
|
||||
else { // else return null
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -17,7 +17,12 @@ export default class PVE extends PVE_BACKEND {
|
||||
const credentials = { username: `${user.id}@${user.realm}`, password };
|
||||
const response = await global.pve.requestPVE("/access/ticket", "POST", null, credentials);
|
||||
if (!(response.status === 200)) {
|
||||
return response;
|
||||
return {
|
||||
ok: false,
|
||||
status: response.status,
|
||||
message: "Authorization failed",
|
||||
cookies: []
|
||||
};
|
||||
}
|
||||
const ticket = response.data.data.ticket;
|
||||
const csrftoken = response.data.data.CSRFPreventionToken;
|
||||
|
@ -64,10 +64,6 @@ router.post("/ticket", async (req, res) => {
|
||||
const userObj = global.utils.getUserObjFromUsername(params.username);
|
||||
let backends = global.userManager.getBackendsByUser(userObj);
|
||||
backends = backends.concat(["pve"]);
|
||||
// const backends = [global.pve, global.db];
|
||||
// if (userRealm in global.auth) {
|
||||
// backends.push(global.auth[userRealm]);
|
||||
// }
|
||||
const cm = new CookieFetcher();
|
||||
const success = await cm.fetchBackends(backends, userObj, params.password);
|
||||
if (!success) {
|
||||
|
@ -37,6 +37,7 @@ export async function checkAuth (cookies, res, vmpath = null) {
|
||||
res.status(401).send({ auth, path: vmpath ? `${vmpath}/config` : "/version", error: "User token did not pass authentication check." });
|
||||
res.end();
|
||||
}
|
||||
|
||||
return auth;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user