updates

Former-commit-id: 54b88552d11f2151a165dba9debb4657dfa56cf8 [formerly 0ce53651a8e9660f9d5f977295f553b5b1d1e93a] [formerly 7ebca3a8896222091c95af86a9cf1d12550b8b76 [formerly 174330929ad7231b95b30acb98ad2033d697590f]] Former-commit-id: 993d0cdb239f9969587d13a11ee8469fa8b91287 [formerly c22c911f944dd8d6597ab95589842d3c68d34869] Former-commit-id: 44ed259fe50a085e8bcace3f1f14caafec97ce66
2017-08-18 09:00:32 +01:00
parent e4144ad2b2
commit 4b602be5e3
19 changed files with 9860 additions and 661 deletions
--- a/user.go
+++ b/user.go
@@ -0,0 +1,128 @@
+package filemanager
+
+import (
+	"regexp"
+	"strings"
+
+	"github.com/hacdias/fileutils"
+)
+
+// DefaultUser is used on New, when no 'base' user is provided.
+var DefaultUser = User{
+	AllowCommands: true,
+	AllowEdit:     true,
+	AllowNew:      true,
+	AllowPublish:  true,
+	Commands:      []string{},
+	Rules:         []*Rule{},
+	CSS:           "",
+	Admin:         true,
+	Locale:        "en",
+	FileSystem:    fileutils.Dir("."),
+}
+
+// User contains the configuration for each user.
+type User struct {
+	// ID is the required primary key with auto increment0
+	ID int `storm:"id,increment"`
+
+	// Username is the user username used to login.
+	Username string `json:"username" storm:"index,unique"`
+
+	// The hashed password. This never reaches the front-end because it's temporarily
+	// emptied during JSON marshall.
+	Password string `json:"password"`
+
+	// Tells if this user is an admin.
+	Admin bool `json:"admin"`
+
+	// FileSystem is the virtual file system the user has access.
+	FileSystem fileutils.Dir `json:"filesystem"`
+
+	// Rules is an array of access and deny rules.
+	Rules []*Rule `json:"rules"`
+
+	// Custom styles for this user.
+	CSS string `json:"css"`
+
+	// Locale is the language of the user.
+	Locale string `json:"locale"`
+
+	// These indicate if the user can perform certain actions.
+	AllowNew      bool `json:"allowNew"`      // Create files and folders
+	AllowEdit     bool `json:"allowEdit"`     // Edit/rename files
+	AllowCommands bool `json:"allowCommands"` // Execute commands
+	AllowPublish  bool `json:"allowPublish"`  // Publish content (to use with static gen)
+
+	// Commands is the list of commands the user can execute.
+	Commands []string `json:"commands"`
+}
+
+// Rule is a dissalow/allow rule.
+type Rule struct {
+	// Regex indicates if this rule uses Regular Expressions or not.
+	Regex bool `json:"regex"`
+
+	// Allow indicates if this is an allow rule. Set 'false' to be a disallow rule.
+	Allow bool `json:"allow"`
+
+	// Path is the corresponding URL path for this rule.
+	Path string `json:"path"`
+
+	// Regexp is the regular expression. Only use this when 'Regex' was set to true.
+	Regexp *Regexp `json:"regexp"`
+}
+
+// Regexp is a regular expression wrapper around native regexp.
+type Regexp struct {
+	Raw    string `json:"raw"`
+	regexp *regexp.Regexp
+}
+
+// Allowed checks if the user has permission to access a directory/file.
+func (u User) Allowed(url string) bool {
+	var rule *Rule
+	i := len(u.Rules) - 1
+
+	for i >= 0 {
+		rule = u.Rules[i]
+
+		if rule.Regex {
+			if rule.Regexp.MatchString(url) {
+				return rule.Allow
+			}
+		} else if strings.HasPrefix(url, rule.Path) {
+			return rule.Allow
+		}
+
+		i--
+	}
+
+	return true
+}
+
+// MatchString checks if this string matches the regular expression.
+func (r *Regexp) MatchString(s string) bool {
+	if r.regexp == nil {
+		r.regexp = regexp.MustCompile(r.Raw)
+	}
+
+	return r.regexp.MatchString(s)
+}
+
+type UsersStore interface {
+	Get(id int) (*User, error)
+	Gets() ([]*User, error)
+	Save(u *User, fields ...string) error
+	Delete(id int) error
+}
+
+type ConfigStore interface {
+	Get(name string, to interface{}) error
+	Save(name string, from interface{}) error
+}
+
+type ShareStore interface {
+	Get(hash string)
+	Save()
+}