Skip to content
Snippets Groups Projects
Commit 25509cd6 authored by Theo's avatar Theo :troll:
Browse files

Reorganize validation and fix some bugs

parent 456edc8f
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
cmd/user/create.go
+ 1
128
View file @ 25509cd6
...@@ -5,10 +5,8 @@ import ( ...@@ -5,10 +5,8 @@ import (
"os" "os"
"os/exec" "os/exec"
"path/filepath" "path/filepath"
"regexp"
"strconv" "strconv"
"strings" "strings"
"time"
"github.com/go-ldap/ldap/v3" "github.com/go-ldap/ldap/v3"
"github.com/spf13/cobra" "github.com/spf13/cobra"
...@@ -216,8 +214,8 @@ func genGecos(u model.User) model.User { ...@@ -216,8 +214,8 @@ func genGecos(u model.User) model.User {
gecos += u.GRR + "," gecos += u.GRR + ","
gecos += u.Resp + "," gecos += u.Resp + ","
gecos += u.Course + "," gecos += u.Course + ","
gecos += u.Status + ","
gecos += u.Expiry + "," gecos += u.Expiry + ","
gecos += u.Status + ","
gecos += u.Ltype + "," gecos += u.Ltype + ","
gecos += u.Webdir + "," gecos += u.Webdir + ","
gecos += u.Nobackup gecos += u.Nobackup
...@@ -517,99 +515,6 @@ func createWeb(u model.User) error { ...@@ -517,99 +515,6 @@ func createWeb(u model.User) error {
return nil return nil
} }
func validatePath(path string) error {
_, err := os.Stat(path)
if os.IsNotExist(err) {
return nil
}
return fmt.Errorf("Path \"%v\" already exists, please provide a new path", path)
}
func validateExpiry(expiry string) error {
if expiry == "_" {
return nil
}
parts := strings.Split(expiry, ".")
if !isValidDate(parts) {
err := fmt.Errorf("Malformed expiry date string, use \"dd.mm.yy\"")
return err
}
return nil
}
func validateStatus(status string) error {
if status != "Blocked" && status != "Active" {
err := fmt.Errorf("User status can only be \"Active\" or \"Blocked\"")
return err
}
return nil
}
func validateLtype(ltype string) error {
if ltype != "ini" && ltype != "first" && ltype != "last" {
err := fmt.Errorf("Login type can only be \"ini\", \"first\" or \"last\"")
return err
}
return nil
}
func validateGRR(grr string) error {
// OK if empty, only "ini" login type requires it and we check :)
if grr == "_" {
return nil
}
users, err := getUsers()
if err != nil {
return err
}
isValid, _ := regexp.MatchString(`^\d{8}$`, grr) // is 8 digit number
if !isValid {
err := fmt.Errorf("Malformed GRR string, must be 8 digit number")
return err
}
if grrExists(users, grr) {
err := fmt.Errorf(`The informed GRR already exists in LDAP database
Note: To search for the account use "useradm user show -r %s"`, grr)
return err
}
return nil
}
func validateGID(group string) error {
var err error
groups, err := getGroups()
if err != nil {
return err
}
for _, value := range groups {
if value == group {
return nil
}
}
err = fmt.Errorf("Could't find group \"%v\" in LDAP database", group)
return err
}
func validateUID(login string) error {
users, err := getUsers()
if err != nil {
return err
}
res := searchUser(users, false, login, "", "", "", "", "")
if len(res) != 0 {
return fmt.Errorf(`The informed Login already exists in LDAP database
Note: To search for the account use "useradm user show -l %s"`, login)
}
return nil
}
func validateInputs(opts model.Opts) error { func validateInputs(opts model.Opts) error {
var err error var err error
...@@ -648,35 +553,3 @@ func validateInputs(opts model.Opts) error { ...@@ -648,35 +553,3 @@ func validateInputs(opts model.Opts) error {
return nil return nil
} }
func isValidDate(arr []string) bool {
if len(arr) != 3 {
return false
}
// convert to int
day, err1 := strconv.Atoi(arr[0])
mth, err2 := strconv.Atoi(arr[1])
year, err3 := strconv.Atoi(arr[2])
if err1 != nil || err2 != nil || err3 != nil {
return false
}
// ensure year is two digits
if year < 0 || year > 99 {
return false
}
// validate the date
fullYear := 2000 + year
t := time.Date(fullYear, time.Month(mth), day, 0, 0, 0, 0, time.UTC)
return t.Day() == day && t.Month() == time.Month(mth)
}
func ifThenElse(condition bool, a string, b string) string {
if condition {
return a
}
return b
}
cmd/user/mod.go
+ 28
4
View file @ 25509cd6
package user package user
// TODO: fix group assignments
import ( import (
"bufio" "bufio"
"fmt" "fmt"
...@@ -60,10 +61,12 @@ func modifyUserFunc(cmd *cobra.Command, args []string) error { ...@@ -60,10 +61,12 @@ func modifyUserFunc(cmd *cobra.Command, args []string) error {
changes, err := promptUserYaml(state) changes, err := promptUserYaml(state)
if changes.GRR != curr.GRR {
err = validateGRR(changes.GRR) err = validateGRR(changes.GRR)
if err != nil { if err != nil {
return err return err
} }
}
err = validateGID(changes.Group) err = validateGID(changes.Group)
if err != nil { if err != nil {
...@@ -95,7 +98,14 @@ func modifyUserFunc(cmd *cobra.Command, args []string) error { ...@@ -95,7 +98,14 @@ func modifyUserFunc(cmd *cobra.Command, args []string) error {
return fmt.Errorf("Failed to update user attributes: %v", err) return fmt.Errorf("Failed to update user attributes: %v", err)
} }
if err := clearCache(); err != nil {
fmt.Printf(`Failed to reload cache
all is ok but may take a while to apply
Output: %v`, err)
} else {
fmt.Printf("Changes applied!\n") fmt.Printf("Changes applied!\n")
}
return nil return nil
} }
...@@ -223,3 +233,17 @@ func confirmationPrompt(confirm bool, operation string) { ...@@ -223,3 +233,17 @@ func confirmationPrompt(confirm bool, operation string) {
} }
} }
} }
func clearCache() error {
cmd := exec.Command("nscd", "-i", "passwd")
cmd.Stdout = nil
cmd.Stderr = nil
err := cmd.Run()
if err != nil {
return err
}
cmd = exec.Command("nscd", "-i", "group")
return cmd.Run()
}
cmd/user/reset.go
+ 7
5
View file @ 25509cd6
...@@ -40,6 +40,7 @@ func resetPass(cmd *cobra.Command, args []string) error { ...@@ -40,6 +40,7 @@ func resetPass(cmd *cobra.Command, args []string) error {
pass = genPassword() pass = genPassword()
} }
confirmationPrompt(false, "password reset")
err = modKerberosPassword(login, pass) err = modKerberosPassword(login, pass)
if err != nil { if err != nil {
return err return err
...@@ -64,15 +65,16 @@ func genPassword() string { ...@@ -64,15 +65,16 @@ func genPassword() string {
} }
// command that changes the password >:D // command that changes the password >:D
// the command kadmin.local returns 0 if the password change
// fails, bruh. so we have to check differently.
// FIXME: maybe do the validation with regex?
func modKerberosPassword(login, password string) error { func modKerberosPassword(login, password string) error {
cmd := exec.Command("kadmin.local", "-q", cmd := exec.Command("kadmin.local", "-q",
fmt.Sprintf("cpw -pw %s %s", password, login)) fmt.Sprintf("cpw -pw %s %s", password, login))
cmd.Stdout = nil output, _ := cmd.CombinedOutput()
cmd.Stderr = nil if len(output) > 105 {
output, err := cmd.CombinedOutput() return fmt.Errorf("Error found changing password, output: \n%v", string(output[:]))
if err != nil {
return fmt.Errorf("Failed to change password for %s: %v\nOutput: %s", login, err, output)
} }
return nil return nil
......
cmd/user/validation.go 0 → 100644
+ 135
0
View file @ 25509cd6
package user
import (
"fmt"
"os"
"regexp"
"strconv"
"strings"
"time"
)
func validatePath(path string) error {
_, err := os.Stat(path)
if os.IsNotExist(err) {
return nil
}
return fmt.Errorf("Path \"%v\" already exists, please provide a new path", path)
}
func validateExpiry(expiry string) error {
if expiry == "_" {
return nil
}
parts := strings.Split(expiry, ".")
if !isValidDate(parts) {
err := fmt.Errorf("Malformed expiry date string, use \"dd.mm.yy\"")
return err
}
return nil
}
func validateStatus(status string) error {
if status != "Blocked" && status != "Active" {
err := fmt.Errorf("User status can only be \"Active\" or \"Blocked\"")
return err
}
return nil
}
func validateLtype(ltype string) error {
if ltype != "ini" && ltype != "first" && ltype != "last" {
err := fmt.Errorf("Login type can only be \"ini\", \"first\" or \"last\"")
return err
}
return nil
}
func validateGRR(grr string) error {
// OK if empty, only "ini" login type requires it and we check :)
if grr == "_" {
return nil
}
users, err := getUsers()
if err != nil {
return err
}
isValid, _ := regexp.MatchString(`^\d{8}$`, grr) // is 8 digit number
if !isValid {
err := fmt.Errorf("Malformed GRR string, must be 8 digit number")
return err
}
if grrExists(users, grr) {
err := fmt.Errorf(`The informed GRR already exists in LDAP database
Note: To search for the account use "useradm user show -r %s"`, grr)
return err
}
return nil
}
func validateGID(group string) error {
var err error
groups, err := getGroups()
if err != nil {
return err
}
for _, value := range groups {
if value == group {
return nil
}
}
err = fmt.Errorf("Could't find group \"%v\" in LDAP database", group)
return err
}
func validateUID(login string) error {
users, err := getUsers()
if err != nil {
return err
}
res := searchUser(users, false, login, "", "", "", "", "")
if len(res) != 0 {
return fmt.Errorf(`The informed Login already exists in LDAP database
Note: To search for the account use "useradm user show -l %s"`, login)
}
return nil
}
func isValidDate(arr []string) bool {
if len(arr) != 3 {
return false
}
// convert to int
day, err1 := strconv.Atoi(arr[0])
mth, err2 := strconv.Atoi(arr[1])
year, err3 := strconv.Atoi(arr[2])
if err1 != nil || err2 != nil || err3 != nil {
return false
}
// ensure year is two digits
if year < 0 || year > 99 {
return false
}
// validate the date
fullYear := 2000 + year
t := time.Date(fullYear, time.Month(mth), day, 0, 0, 0, 0, time.UTC)
return t.Day() == day && t.Month() == time.Month(mth)
}
func ifThenElse(condition bool, a string, b string) string {
if condition {
return a
}
return b
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment