From a6603792334d908f7071478b696c55512df77695 Mon Sep 17 00:00:00 2001 From: Arthur Lu Date: Tue, 4 Jun 2024 23:09:55 +0000 Subject: [PATCH] add return values to backend docstring, fix return values of all backends --- src/backends/backends.js | 75 ++++++++-------------------------------- src/backends/localdb.js | 16 +++++++-- src/backends/paasldap.js | 44 +++++++++++++++-------- src/backends/pve.js | 7 +++- src/routes/auth.js | 4 --- src/utils.js | 1 + 6 files changed, 64 insertions(+), 83 deletions(-) diff --git a/src/backends/backends.js b/src/backends/backends.js index 3dd8a4b..8b80a73 100644 --- a/src/backends/backends.js +++ b/src/backends/backends.js @@ -30,12 +30,13 @@ class BACKEND { * Opens a session with the backend and creates session tokens if needed * @param {{id: string, realm: string}} user object containing username and password fields * @param {string} password - * @returns {{ok: boolean, status: number, cookies: {name: string, value: string}[]}} response like object with list of session token objects with token name and value + * @returns {{ok: boolean, status: number, message: string, cookies: {name: string, value: string}[]}} response like object with list of session token objects with token name and value */ openSession (user, password) { return { ok: true, status: 200, + message: "", cookies: [] }; } @@ -63,6 +64,7 @@ class USER_BACKEND extends BACKEND { * @param {{id: string, realm: string}} user * @param {Object} attributes user attributes * @param {Object} params authentication params, usually req.cookies + * @returns {{ok: boolean, status: number, message: string}} error object or null */ addUser (user, attributes, params = null) {} @@ -70,6 +72,7 @@ class USER_BACKEND extends BACKEND { * Get user from backend * @param {{id: string, realm: string}} user * @param {Object} params authentication params, usually req.cookies + * @returns {Object} containing user data from this backend, null if user does not exist */ getUser (user, params = null) {} @@ -78,6 +81,7 @@ class USER_BACKEND extends BACKEND { * @param {{id: string, realm: string}} user * @param {Object} attributes new user attributes to modify * @param {Object} params authentication params, usually req.cookies + * @returns {{ok: boolean, status: number, message: string}} error object or null */ setUser (user, attributes, params = null) {} @@ -85,6 +89,7 @@ class USER_BACKEND extends BACKEND { * Delete user from backend * @param {{id: string, realm: string}} user * @param {Object} params authentication params, usually req.cookies + * @returns {{ok: boolean, status: number, message: string}} error object or null */ deluser (user, params = null) {} @@ -93,6 +98,7 @@ class USER_BACKEND extends BACKEND { * @param {{id: string}} group * @param {Object} attributes group attributes * @param {Object} params authentication params, usually req.cookies + * @returns {{ok: boolean, status: number, message: string}} error object or null */ addGroup (group, attributes, params = null) {} @@ -100,6 +106,7 @@ class USER_BACKEND extends BACKEND { * Get group from backend * @param {{id: string}} group * @param {Object} params authentication params, usually req.cookies + * @returns {Object} containing group data from this backend, null if user does not exist */ getGroup (group, params = null) {} @@ -108,6 +115,7 @@ class USER_BACKEND extends BACKEND { * @param {{id: string}} group * @param {Object} attributes new group attributes to modify * @param {Object} params authentication params, usually req.cookies + * @returns {{ok: boolean, status: number, message: string}} error object or null */ setGroup (group, attributes, params = null) {} @@ -115,6 +123,7 @@ class USER_BACKEND extends BACKEND { * Delete group from backend * @param {{id: string}} group * @param {Object} params authentication params, usually req.cookies + * @returns {{ok: boolean, status: number, message: string}} error object or null */ delGroup (group, params = null) {} @@ -123,6 +132,7 @@ class USER_BACKEND extends BACKEND { * @param {{id: string, realm: string}} user * @param {{id: string}} group * @param {Object} params authentication params, usually req.cookies + * @returns {{ok: boolean, status: number, message: string}} error object or null */ addUserToGroup (user, group, params = null) {} @@ -131,6 +141,7 @@ class USER_BACKEND extends BACKEND { * @param {{id: string, realm: string}} user * @param {{id: string}} group * @param {Object} params authentication params, usually req.cookies + * @returns {{ok: boolean, status: number, message: string}} error object or null */ delUserFromGroup (user, group, params = null) {} } @@ -153,7 +164,6 @@ export class AUTH_BACKEND extends USER_BACKEND {} /** * Interface combining all user backends into a single interface * Calling methods will also call sub handler methods - * Also handles refreshing proxmox handler */ class USER_BACKEND_MANAGER extends USER_BACKEND { #config = null; @@ -167,23 +177,12 @@ class USER_BACKEND_MANAGER extends USER_BACKEND { return this.#config[user.realm]; } - /** - * Add user to backend - * @param {{id: string, realm: string}} user - * @param {Object} attributes user attributes - * @param {Object} params authentication params, usually req.cookies - */ addUser (user, attributes, params = null) {} - /** - * Get user from backend - * @param {{id: string, realm: string}} user - * @param {Object} params authentication params, usually req.cookies - */ async getUser (user, params = null) { let userData = {}; for (const backend of this.#config[user.realm]) { - let backendData = await global.backends[backend].getUser(user, params) + const backendData = await global.backends[backend].getUser(user, params); if (backendData) { userData = { ...backendData, ...userData }; } @@ -191,21 +190,14 @@ class USER_BACKEND_MANAGER extends USER_BACKEND { return userData; } - /** - * Modify user in backend - * @param {{id: string, realm: string}} user - * @param {Object} attributes new user attributes to modify - * @param {Object} params authentication params, usually req.cookies - */ async setUser (user, attributes, params = null) { const results = { ok: true, status: 200, - log: [] + message: "" }; for (const backend of this.#config[user.realm]) { const r = await global.backends[backend].setUser(user, attributes, params); - results.log.push(backend) if (!r) { results.ok = false; results.status = 500; @@ -215,56 +207,17 @@ class USER_BACKEND_MANAGER extends USER_BACKEND { return results; } - /** - * Delete user from backend - * @param {{id: string, realm: string}} user - * @param {Object} params authentication params, usually req.cookies - */ deluser (user, params = null) {} - /** - * Add group to backend - * @param {{id: string}} group - * @param {Object} attributes group attributes - * @param {Object} params authentication params, usually req.cookies - */ addGroup (group, attributes, params = null) {} - /** - * Get group from backend - * @param {{id: string}} group - * @param {Object} params authentication params, usually req.cookies - */ getGroup (group, params = null) {} - /** - * Modify group in backend - * @param {{id: string}} group - * @param {Object} attributes new group attributes to modify - * @param {Object} params authentication params, usually req.cookies - */ setGroup (group, attributes, params = null) {} - /** - * Delete group from backend - * @param {{id: string}} group - * @param {Object} params authentication params, usually req.cookies - */ delGroup (group, params = null) {} - /** - * Add user to group - * @param {{id: string, realm: string}} user - * @param {{id: string}} group - * @param {Object} params authentication params, usually req.cookies - */ addUserToGroup (user, group, params = null) {} - /** - * Remove user from group - * @param {{id: string, realm: string}} user - * @param {{id: string}} group - * @param {Object} params authentication params, usually req.cookies - */ delUserFromGroup (user, group, params = null) {} } diff --git a/src/backends/localdb.js b/src/backends/localdb.js index 007c561..c68f530 100644 --- a/src/backends/localdb.js +++ b/src/backends/localdb.js @@ -37,9 +37,19 @@ export default class LocalDB extends DB_BACKEND { addUser (user, attributes, params = null) { const username = `${user.id}@${user.realm}`; - attributes = attributes || this.#defaultuser; - this.#data.users[username] = attributes; - this.#save(); + if (this.#data.users[username]) { // user already exists + return { + ok: false, + status: 1, + message: "User already exists" + }; + } + else { + attributes = attributes || this.#defaultuser; + this.#data.users[username] = attributes; + this.#save(); + return null; + } } getUser (user, params = null) { diff --git a/src/backends/paasldap.js b/src/backends/paasldap.js index 0124203..4cb58c5 100644 --- a/src/backends/paasldap.js +++ b/src/backends/paasldap.js @@ -15,7 +15,7 @@ export default class PAASLDAP extends AUTH_BACKEND { * @param {*} path HTTP path, prepended with the paas-LDAP API base url * @param {*} method HTTP method * @param {*} body body parameters and data to be sent. Optional. - * @returns {Object} HTTP response object or HTTP error object. + * @returns {Object} HTTP response object */ async #request (path, method, auth = null, body = null) { const url = `${this.#url}${path}`; @@ -39,12 +39,9 @@ export default class PAASLDAP extends AUTH_BACKEND { return result; } catch (error) { - error.ok = false; - error.status = 500; - error.data = { - error: error.code - }; - return error; + const result = error.response; + result.ok = result.status === 200; + return result; } } @@ -60,25 +57,44 @@ export default class PAASLDAP extends AUTH_BACKEND { return { ok: true, status: result.status, + message: "", cookies }; } else { - return result; + return { + ok: false, + status: result.status, + message: result.data.error.message, + cookies: [] + }; } } async addUser (user, attributes, params = null) { - return await this.#request(`/users/${user.id}`, "POST", params, attributes); + const res = await this.#request(`/users/${user.id}`, "POST", params, attributes); + if (res.ok) { // if ok, return null + return null; + } + else { // if not ok, return error obj + return { + ok: res.ok, + status: res.status, + message: res.ok ? "" : res.data.error.message + }; + } } async getUser (user, params = null) { - const res = await this.#request(`/users/${user.id}`, "GET", params); - if (res.ok) { - return res.data; + if (!params) { // params required, do nothing if params are missing + return null; } - else { - return false; + const res = await this.#request(`/users/${user.id}`, "GET", params); + if (res.ok) { // if ok, return user data + return res.data.user; + } + else { // else return null + return null; } } diff --git a/src/backends/pve.js b/src/backends/pve.js index b9cd92f..84f3c84 100644 --- a/src/backends/pve.js +++ b/src/backends/pve.js @@ -17,7 +17,12 @@ export default class PVE extends PVE_BACKEND { const credentials = { username: `${user.id}@${user.realm}`, password }; const response = await global.pve.requestPVE("/access/ticket", "POST", null, credentials); if (!(response.status === 200)) { - return response; + return { + ok: false, + status: response.status, + message: "Authorization failed", + cookies: [] + }; } const ticket = response.data.data.ticket; const csrftoken = response.data.data.CSRFPreventionToken; diff --git a/src/routes/auth.js b/src/routes/auth.js index 3c9a781..5e267bd 100644 --- a/src/routes/auth.js +++ b/src/routes/auth.js @@ -64,10 +64,6 @@ router.post("/ticket", async (req, res) => { const userObj = global.utils.getUserObjFromUsername(params.username); let backends = global.userManager.getBackendsByUser(userObj); backends = backends.concat(["pve"]); - // const backends = [global.pve, global.db]; - // if (userRealm in global.auth) { - // backends.push(global.auth[userRealm]); - // } const cm = new CookieFetcher(); const success = await cm.fetchBackends(backends, userObj, params.password); if (!success) { diff --git a/src/utils.js b/src/utils.js index 7628ec6..7dd85be 100644 --- a/src/utils.js +++ b/src/utils.js @@ -37,6 +37,7 @@ export async function checkAuth (cookies, res, vmpath = null) { res.status(401).send({ auth, path: vmpath ? `${vmpath}/config` : "/version", error: "User token did not pass authentication check." }); res.end(); } + return auth; }