forked from Deuxfleurs/guichet
Compare commits
54 commits
Author | SHA1 | Date | |
---|---|---|---|
9917429da3 | |||
bc7bc61f74 | |||
898122c19e | |||
64363b29e0 | |||
df79d11028 | |||
e940996f0f | |||
a7edf6d1ba | |||
9cd06c95eb | |||
793cb2d3c2 | |||
37a9f6fa54 | |||
e7e05ed929 | |||
13874b44a6 | |||
8abf382954 | |||
51a5771b0b | |||
4f7cbdd825 | |||
e0fbd16f92 | |||
10bdee10cf | |||
ef67706cb4 | |||
c735183a7a | |||
49d8e81fbe | |||
706ff58a6f | |||
d8633d7fb8 | |||
982bd8a43c | |||
0828737573 | |||
bc368943a4 | |||
be97a1be58 | |||
c06f52837e | |||
d0ed765be7 | |||
5b246ec86b | |||
e876bdd663 | |||
f8f417906a | |||
9c21c2e799 | |||
74113fad49 | |||
02e384f99e | |||
1e75c21b65 | |||
83ed187dbc | |||
27efd5384b | |||
1f34547a4c | |||
ddb1ca205a | |||
bdb9af5a26 | |||
24600c8787 | |||
e77b9ebd9c | |||
37b7694910 | |||
02670ba6a6 | |||
5fb0139a3f | |||
9eaa4c068d | |||
f77697f501 | |||
670123df38 | |||
cd41532572 | |||
ca41c481b1 | |||
085a7cfd26 | |||
5eed8fa506 | |||
3c846b6a59 | |||
216e175eaf |
46 changed files with 3430 additions and 423 deletions
13
.drone.yml
13
.drone.yml
|
@ -1,13 +0,0 @@
|
|||
---
|
||||
pipeline:
|
||||
build:
|
||||
image: golang:stretch
|
||||
commands:
|
||||
- go get -d -v
|
||||
- go build -v
|
||||
|
||||
---
|
||||
kind: signature
|
||||
hmac: 38948cd073f3a0b73ab7bb13ba1b5e18c64c02976abfd6dcd5bf7a4c34197e8c
|
||||
|
||||
...
|
1
.envrc
Normal file
1
.envrc
Normal file
|
@ -0,0 +1 @@
|
|||
use flake
|
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -1,3 +1,6 @@
|
|||
guichet
|
||||
guichet.static
|
||||
config.json
|
||||
result
|
||||
.direnv/
|
||||
password
|
||||
|
|
13
.woodpecker.yml
Normal file
13
.woodpecker.yml
Normal file
|
@ -0,0 +1,13 @@
|
|||
when:
|
||||
event:
|
||||
- push
|
||||
- pull_request
|
||||
- tag
|
||||
- cron
|
||||
- manual
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: nixpkgs/nix:nixos-22.05
|
||||
commands:
|
||||
- nix build --extra-experimental-features nix-command --extra-experimental-features flakes .
|
|
@ -1,6 +1,6 @@
|
|||
# Guichet
|
||||
|
||||
[![Build Status](https://drone.deuxfleurs.fr/api/badges/Deuxfleurs/guichet/status.svg?ref=refs/heads/main)](https://drone.deuxfleurs.fr/Deuxfleurs/guichet)
|
||||
[![status-badge](https://woodpecker.deuxfleurs.fr/api/badges/37/status.svg)](https://woodpecker.deuxfleurs.fr/repos/37)
|
||||
|
||||
Guichet is a simple LDAP web interface for the following tasks:
|
||||
|
||||
|
|
345
admin.go
345
admin.go
|
@ -2,7 +2,6 @@ package main
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"html/template"
|
||||
"net/http"
|
||||
"regexp"
|
||||
"sort"
|
||||
|
@ -12,18 +11,18 @@ import (
|
|||
"github.com/gorilla/mux"
|
||||
)
|
||||
|
||||
func checkAdminLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
|
||||
login := checkLogin(w, r)
|
||||
if login == nil {
|
||||
func checkAdminLogin(w http.ResponseWriter, r *http.Request) *LoggedUser {
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
if !login.CanAdmin {
|
||||
if !user.Capabilities.CanAdmin {
|
||||
http.Error(w, "Not authorized to perform administrative operations.", http.StatusUnauthorized)
|
||||
return nil
|
||||
}
|
||||
|
||||
return login
|
||||
return user
|
||||
}
|
||||
|
||||
type EntryList []*ldap.Entry
|
||||
|
@ -41,17 +40,17 @@ func (d EntryList) Less(i, j int) bool {
|
|||
}
|
||||
|
||||
type AdminUsersTplData struct {
|
||||
Login *LoginStatus
|
||||
User *LoggedUser
|
||||
UserNameAttr string
|
||||
UserBaseDN string
|
||||
Users EntryList
|
||||
}
|
||||
|
||||
func handleAdminUsers(w http.ResponseWriter, r *http.Request) {
|
||||
templateAdminUsers := template.Must(template.ParseFiles("templates/layout.html", "templates/admin_users.html"))
|
||||
templateAdminUsers := getTemplate("admin_users.html")
|
||||
|
||||
login := checkAdminLogin(w, r)
|
||||
if login == nil {
|
||||
user := checkAdminLogin(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -62,14 +61,14 @@ func handleAdminUsers(w http.ResponseWriter, r *http.Request) {
|
|||
[]string{config.UserNameAttr, "dn", "displayname", "givenname", "sn", "mail"},
|
||||
nil)
|
||||
|
||||
sr, err := login.conn.Search(searchRequest)
|
||||
sr, err := user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
data := &AdminUsersTplData{
|
||||
Login: login,
|
||||
User: user,
|
||||
UserNameAttr: config.UserNameAttr,
|
||||
UserBaseDN: config.UserBaseDN,
|
||||
Users: EntryList(sr.Entries),
|
||||
|
@ -80,17 +79,17 @@ func handleAdminUsers(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
type AdminGroupsTplData struct {
|
||||
Login *LoginStatus
|
||||
User *LoggedUser
|
||||
GroupNameAttr string
|
||||
GroupBaseDN string
|
||||
Groups EntryList
|
||||
}
|
||||
|
||||
func handleAdminGroups(w http.ResponseWriter, r *http.Request) {
|
||||
templateAdminGroups := template.Must(template.ParseFiles("templates/layout.html", "templates/admin_groups.html"))
|
||||
templateAdminGroups := getTemplate("admin_groups.html")
|
||||
|
||||
login := checkAdminLogin(w, r)
|
||||
if login == nil {
|
||||
user := checkAdminLogin(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -101,14 +100,14 @@ func handleAdminGroups(w http.ResponseWriter, r *http.Request) {
|
|||
[]string{config.GroupNameAttr, "dn", "description"},
|
||||
nil)
|
||||
|
||||
sr, err := login.conn.Search(searchRequest)
|
||||
sr, err := user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
data := &AdminGroupsTplData{
|
||||
Login: login,
|
||||
User: user,
|
||||
GroupNameAttr: config.GroupNameAttr,
|
||||
GroupBaseDN: config.GroupBaseDN,
|
||||
Groups: EntryList(sr.Entries),
|
||||
|
@ -118,14 +117,242 @@ func handleAdminGroups(w http.ResponseWriter, r *http.Request) {
|
|||
templateAdminGroups.Execute(w, data)
|
||||
}
|
||||
|
||||
type AdminMailingTplData struct {
|
||||
User *LoggedUser
|
||||
MailingNameAttr string
|
||||
MailingBaseDN string
|
||||
MailingLists EntryList
|
||||
}
|
||||
|
||||
func handleAdminMailing(w http.ResponseWriter, r *http.Request) {
|
||||
templateAdminMailing := getTemplate("admin_mailing.html")
|
||||
|
||||
user := checkAdminLogin(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
searchRequest := ldap.NewSearchRequest(
|
||||
config.MailingBaseDN,
|
||||
ldap.ScopeSingleLevel, ldap.NeverDerefAliases, 0, 0, false,
|
||||
fmt.Sprintf("(&(objectClass=groupOfNames))"),
|
||||
[]string{config.MailingNameAttr, "dn", "description"},
|
||||
nil)
|
||||
|
||||
sr, err := user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
data := &AdminMailingTplData{
|
||||
User: user,
|
||||
MailingNameAttr: config.MailingNameAttr,
|
||||
MailingBaseDN: config.MailingBaseDN,
|
||||
MailingLists: EntryList(sr.Entries),
|
||||
}
|
||||
sort.Sort(data.MailingLists)
|
||||
|
||||
templateAdminMailing.Execute(w, data)
|
||||
}
|
||||
|
||||
type AdminMailingListTplData struct {
|
||||
User *LoggedUser
|
||||
MailingNameAttr string
|
||||
MailingBaseDN string
|
||||
|
||||
MailingList *ldap.Entry
|
||||
Members EntryList
|
||||
PossibleNewMembers EntryList
|
||||
AllowGuest bool
|
||||
|
||||
Error string
|
||||
Success bool
|
||||
}
|
||||
|
||||
func handleAdminMailingList(w http.ResponseWriter, r *http.Request) {
|
||||
templateAdminMailingList := getTemplate("admin_mailing_list.html")
|
||||
|
||||
user := checkAdminLogin(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
id := mux.Vars(r)["id"]
|
||||
dn := fmt.Sprintf("%s=%s,%s", config.MailingNameAttr, id, config.MailingBaseDN)
|
||||
|
||||
// handle modifications
|
||||
dError := ""
|
||||
dSuccess := false
|
||||
|
||||
if r.Method == "POST" {
|
||||
r.ParseForm()
|
||||
action := strings.Join(r.Form["action"], "")
|
||||
if action == "add-member" {
|
||||
member := strings.Join(r.Form["member"], "")
|
||||
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||
modify_request.Add("member", []string{member})
|
||||
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
dSuccess = true
|
||||
}
|
||||
} else if action == "add-external" {
|
||||
mail := strings.Join(r.Form["mail"], "")
|
||||
displayname := strings.Join(r.Form["displayname"], "")
|
||||
|
||||
searchRequest := ldap.NewSearchRequest(
|
||||
config.UserBaseDN,
|
||||
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
|
||||
fmt.Sprintf("(&(objectClass=organizationalPerson)(mail=%s))", mail),
|
||||
[]string{"dn", "displayname", "mail"},
|
||||
nil)
|
||||
sr, err := user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
if len(sr.Entries) == 0 {
|
||||
if config.MailingGuestsBaseDN != "" {
|
||||
guestDn := fmt.Sprintf("%s=%s,%s", config.UserNameAttr, mail, config.MailingGuestsBaseDN)
|
||||
req := ldap.NewAddRequest(guestDn, nil)
|
||||
req.Attribute("objectclass", []string{"inetOrgPerson", "organizationalPerson", "person", "top"})
|
||||
req.Attribute("mail", []string{mail})
|
||||
if displayname != "" {
|
||||
req.Attribute("displayname", []string{displayname})
|
||||
}
|
||||
err := user.Login.conn.Add(req)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||
modify_request.Add("member", []string{guestDn})
|
||||
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
dSuccess = true
|
||||
}
|
||||
}
|
||||
} else {
|
||||
dError = "Adding guest users not supported, the user must already have an LDAP account."
|
||||
}
|
||||
} else if len(sr.Entries) == 1 {
|
||||
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||
modify_request.Add("member", []string{sr.Entries[0].DN})
|
||||
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
dSuccess = true
|
||||
}
|
||||
} else {
|
||||
dError = fmt.Sprintf("Multiple users exist with email address %s", mail)
|
||||
}
|
||||
}
|
||||
} else if action == "delete-member" {
|
||||
member := strings.Join(r.Form["member"], "")
|
||||
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||
modify_request.Delete("member", []string{member})
|
||||
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
dSuccess = true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Retrieve mailing list
|
||||
searchRequest := ldap.NewSearchRequest(
|
||||
dn,
|
||||
ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false,
|
||||
fmt.Sprintf("(objectclass=groupOfNames)"),
|
||||
[]string{"dn", config.MailingNameAttr, "member", "description"},
|
||||
nil)
|
||||
|
||||
sr, err := user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
if len(sr.Entries) != 1 {
|
||||
http.Error(w, fmt.Sprintf("Object not found: %s", dn), http.StatusNotFound)
|
||||
return
|
||||
}
|
||||
|
||||
ml := sr.Entries[0]
|
||||
|
||||
memberDns := make(map[string]bool)
|
||||
for _, attr := range ml.Attributes {
|
||||
if attr.Name == "member" {
|
||||
for _, v := range attr.Values {
|
||||
memberDns[v] = true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Retrieve list of current and possible new members
|
||||
members := []*ldap.Entry{}
|
||||
possibleNewMembers := []*ldap.Entry{}
|
||||
|
||||
searchRequest = ldap.NewSearchRequest(
|
||||
config.UserBaseDN,
|
||||
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
|
||||
fmt.Sprintf("(objectClass=organizationalPerson)"),
|
||||
[]string{"dn", "displayname", "mail"},
|
||||
nil)
|
||||
sr, err = user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
for _, ent := range sr.Entries {
|
||||
if _, ok := memberDns[ent.DN]; ok {
|
||||
members = append(members, ent)
|
||||
} else {
|
||||
possibleNewMembers = append(possibleNewMembers, ent)
|
||||
}
|
||||
}
|
||||
|
||||
data := &AdminMailingListTplData{
|
||||
User: user,
|
||||
MailingNameAttr: config.MailingNameAttr,
|
||||
MailingBaseDN: config.MailingBaseDN,
|
||||
|
||||
MailingList: ml,
|
||||
Members: members,
|
||||
PossibleNewMembers: possibleNewMembers,
|
||||
AllowGuest: config.MailingGuestsBaseDN != "",
|
||||
|
||||
Error: dError,
|
||||
Success: dSuccess,
|
||||
}
|
||||
sort.Sort(data.Members)
|
||||
sort.Sort(data.PossibleNewMembers)
|
||||
|
||||
templateAdminMailingList.Execute(w, data)
|
||||
}
|
||||
|
||||
// ===================================================
|
||||
// LDAP EXPLORER
|
||||
// ===================================================
|
||||
|
||||
type AdminLDAPTplData struct {
|
||||
DN string
|
||||
|
||||
Path []PathItem
|
||||
Children []Child
|
||||
CanAddChild bool
|
||||
Props map[string]*PropValues
|
||||
CanDelete bool
|
||||
Path []PathItem
|
||||
ChildrenOU []Child
|
||||
ChildrenOther []Child
|
||||
CanAddChild bool
|
||||
Props map[string]*PropValues
|
||||
CanDelete bool
|
||||
|
||||
HasMembers bool
|
||||
Members []EntryName
|
||||
|
@ -165,10 +392,10 @@ type PropValues struct {
|
|||
}
|
||||
|
||||
func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||
templateAdminLDAP := template.Must(template.ParseFiles("templates/layout.html", "templates/admin_ldap.html"))
|
||||
templateAdminLDAP := getTemplate("admin_ldap.html")
|
||||
|
||||
login := checkAdminLogin(w, r)
|
||||
if login == nil {
|
||||
user := checkAdminLogin(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -218,7 +445,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||
modify_request.Replace(attr, values_filtered)
|
||||
|
||||
err := login.conn.Modify(modify_request)
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
|
@ -239,7 +466,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||
modify_request.Add(attr, values_filtered)
|
||||
|
||||
err := login.conn.Modify(modify_request)
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
|
@ -251,7 +478,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||
modify_request.Replace(attr, []string{})
|
||||
|
||||
err := login.conn.Modify(modify_request)
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
|
@ -262,7 +489,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
modify_request := ldap.NewModifyRequest(group, nil)
|
||||
modify_request.Delete("member", []string{dn})
|
||||
|
||||
err := login.conn.Modify(modify_request)
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
|
@ -273,7 +500,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
modify_request := ldap.NewModifyRequest(group, nil)
|
||||
modify_request.Add("member", []string{dn})
|
||||
|
||||
err := login.conn.Modify(modify_request)
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
|
@ -284,7 +511,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||
modify_request.Delete("member", []string{member})
|
||||
|
||||
err := login.conn.Modify(modify_request)
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
|
@ -292,7 +519,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
} else if action == "delete-object" {
|
||||
del_request := ldap.NewDelRequest(dn, nil)
|
||||
err := login.conn.Del(del_request)
|
||||
err := user.Login.conn.Del(del_request)
|
||||
if err != nil {
|
||||
dError = err.Error()
|
||||
} else {
|
||||
|
@ -310,7 +537,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
[]string{},
|
||||
nil)
|
||||
|
||||
sr, err := login.conn.Search(searchRequest)
|
||||
sr, err := user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
|
@ -394,7 +621,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
fmt.Sprintf("(objectClass=organizationalPerson)"),
|
||||
[]string{"dn", "displayname", "description"},
|
||||
nil)
|
||||
sr, err = login.conn.Search(searchRequest)
|
||||
sr, err = user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
|
@ -448,7 +675,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
fmt.Sprintf("(objectClass=groupOfNames)"),
|
||||
[]string{"dn", "description"},
|
||||
nil)
|
||||
sr, err = login.conn.Search(searchRequest)
|
||||
sr, err = user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
|
@ -492,7 +719,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
[]string{"dn", "displayname", "description"},
|
||||
nil)
|
||||
|
||||
sr, err = login.conn.Search(searchRequest)
|
||||
sr, err = user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
|
@ -500,28 +727,35 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
sort.Sort(EntryList(sr.Entries))
|
||||
|
||||
children := []Child{}
|
||||
childrenOU := []Child{}
|
||||
childrenOther := []Child{}
|
||||
for _, item := range sr.Entries {
|
||||
name := item.GetAttributeValue("displayname")
|
||||
if name == "" {
|
||||
name = item.GetAttributeValue("description")
|
||||
}
|
||||
children = append(children, Child{
|
||||
child := Child{
|
||||
DN: item.DN,
|
||||
Identifier: strings.Split(item.DN, ",")[0],
|
||||
Name: name,
|
||||
})
|
||||
}
|
||||
if strings.HasPrefix(item.DN, "ou=") {
|
||||
childrenOU = append(childrenOU, child)
|
||||
} else {
|
||||
childrenOther = append(childrenOther, child)
|
||||
}
|
||||
}
|
||||
|
||||
// Run template, finally!
|
||||
templateAdminLDAP.Execute(w, &AdminLDAPTplData{
|
||||
DN: dn,
|
||||
|
||||
Path: path,
|
||||
Children: children,
|
||||
Props: props,
|
||||
CanAddChild: dn_last_attr == "ou" || isOrganization,
|
||||
CanDelete: dn != config.BaseDN && len(children) == 0,
|
||||
Path: path,
|
||||
ChildrenOU: childrenOU,
|
||||
ChildrenOther: childrenOther,
|
||||
Props: props,
|
||||
CanAddChild: dn_last_attr == "ou" || isOrganization,
|
||||
CanDelete: dn != config.BaseDN && len(childrenOU) == 0 && len(childrenOther) == 0,
|
||||
|
||||
HasMembers: len(members) > 0 || hasMembers,
|
||||
Members: members,
|
||||
|
@ -551,10 +785,10 @@ type CreateData struct {
|
|||
}
|
||||
|
||||
func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
||||
templateAdminCreate := template.Must(template.ParseFiles("templates/layout.html", "templates/admin_create.html"))
|
||||
templateAdminCreate := getTemplate("admin_create.html")
|
||||
|
||||
login := checkAdminLogin(w, r)
|
||||
if login == nil {
|
||||
user := checkAdminLogin(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -569,7 +803,7 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
|||
[]string{},
|
||||
nil)
|
||||
|
||||
sr, err := login.conn.Search(searchRequest)
|
||||
sr, err := user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
|
@ -607,7 +841,7 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
|||
data.IdType = config.UserNameAttr
|
||||
data.StructuralObjectClass = "inetOrgPerson"
|
||||
data.ObjectClass = "inetOrgPerson\norganizationalPerson\nperson\ntop"
|
||||
} else if template == "group" {
|
||||
} else if template == "group" || template == "ml" {
|
||||
data.IdType = config.UserNameAttr
|
||||
data.StructuralObjectClass = "groupOfNames"
|
||||
data.ObjectClass = "groupOfNames\ntop"
|
||||
|
@ -646,8 +880,6 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
|||
data.Error = "Invalid identifier type"
|
||||
} else if len(data.IdValue) == 0 {
|
||||
data.Error = "No identifier specified"
|
||||
} else if match, err := regexp.MatchString("^[\\d\\w_-]+$", data.IdValue); err != nil || !match {
|
||||
data.Error = "Invalid identifier"
|
||||
} else {
|
||||
dn := data.IdType + "=" + data.IdValue + "," + super_dn
|
||||
req := ldap.NewAddRequest(dn, nil)
|
||||
|
@ -662,13 +894,16 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
|||
req.Attribute("description", []string{data.Description})
|
||||
}
|
||||
|
||||
err := login.conn.Add(req)
|
||||
err := user.Login.conn.Add(req)
|
||||
if err != nil {
|
||||
data.Error = err.Error()
|
||||
} else {
|
||||
http.Redirect(w, r, "/admin/ldap/"+dn, http.StatusFound)
|
||||
if template == "ml" {
|
||||
http.Redirect(w, r, "/admin/mailing/"+data.IdValue, http.StatusFound)
|
||||
} else {
|
||||
http.Redirect(w, r, "/admin/ldap/"+dn, http.StatusFound)
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
|
127
api.go
Normal file
127
api.go
Normal file
|
@ -0,0 +1,127 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/gorilla/mux"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func handleAPIWebsiteList(w http.ResponseWriter, r *http.Request) {
|
||||
user := RequireUserApi(w, r)
|
||||
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
ctrl, err := NewWebsiteController(user)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
if r.Method == http.MethodGet {
|
||||
describe, err := ctrl.Describe()
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(describe)
|
||||
return
|
||||
}
|
||||
|
||||
http.Error(w, "This method is not implemented for this endpoint", http.StatusNotImplemented)
|
||||
return
|
||||
}
|
||||
|
||||
func handleAPIWebsiteInspect(w http.ResponseWriter, r *http.Request) {
|
||||
user := RequireUserApi(w, r)
|
||||
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
bucketName := mux.Vars(r)["bucket"]
|
||||
ctrl, err := NewWebsiteController(user)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
if r.Method == http.MethodGet {
|
||||
view, err := ctrl.Inspect(bucketName)
|
||||
if errors.Is(err, ErrWebsiteNotFound) {
|
||||
http.Error(w, err.Error(), http.StatusNotFound)
|
||||
return
|
||||
} else if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(view)
|
||||
return
|
||||
}
|
||||
|
||||
if r.Method == http.MethodPost {
|
||||
view, err := ctrl.Create(bucketName)
|
||||
if errors.Is(err, ErrEmptyBucketName) {
|
||||
http.Error(w, err.Error(), http.StatusBadRequest)
|
||||
return
|
||||
} else if errors.Is(err, ErrWebsiteQuotaReached) {
|
||||
http.Error(w, err.Error(), http.StatusForbidden)
|
||||
return
|
||||
} else if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusCreated)
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(view)
|
||||
return
|
||||
}
|
||||
|
||||
if r.Method == http.MethodPatch {
|
||||
var patch WebsitePatch
|
||||
err := json.NewDecoder(r.Body).Decode(&patch)
|
||||
if err != nil {
|
||||
http.Error(w, errors.Join(fmt.Errorf("Can't parse the request body as a website patch JSON"), err).Error(), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
view, err := ctrl.Patch(bucketName, &patch)
|
||||
if errors.Is(err, ErrWebsiteNotFound) {
|
||||
http.Error(w, err.Error(), http.StatusNotFound)
|
||||
return
|
||||
} else if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(view)
|
||||
return
|
||||
}
|
||||
|
||||
if r.Method == http.MethodDelete {
|
||||
err := ctrl.Delete(bucketName)
|
||||
if errors.Is(err, ErrEmptyBucketName) || errors.Is(err, ErrBucketDeleteNotEmpty) || errors.Is(err, ErrBucketDeleteUnfinishedUpload) {
|
||||
http.Error(w, err.Error(), http.StatusBadRequest)
|
||||
return
|
||||
} else if errors.Is(err, ErrWebsiteNotFound) {
|
||||
http.Error(w, err.Error(), http.StatusNotFound)
|
||||
return
|
||||
} else if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(http.StatusNoContent)
|
||||
return
|
||||
|
||||
}
|
||||
|
||||
http.Error(w, "This method is not implemented for this endpoint", http.StatusNotImplemented)
|
||||
return
|
||||
}
|
44
cli.go
Normal file
44
cli.go
Normal file
|
@ -0,0 +1,44 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"flag"
|
||||
"fmt"
|
||||
"golang.org/x/term"
|
||||
"os"
|
||||
"syscall"
|
||||
)
|
||||
|
||||
var fsCli = flag.NewFlagSet("cli", flag.ContinueOnError)
|
||||
var passFlag = fsCli.Bool("passwd", false, "Tool to generate a guichet-compatible password hash")
|
||||
|
||||
func cliMain(args []string) {
|
||||
if err := fsCli.Parse(args); err != nil {
|
||||
fmt.Println(err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
if *passFlag {
|
||||
cliPasswd()
|
||||
} else {
|
||||
fsCli.PrintDefaults()
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
||||
func cliPasswd() {
|
||||
fmt.Print("Password: ")
|
||||
bytepw, err := term.ReadPassword(int(syscall.Stdin))
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
os.Exit(1)
|
||||
}
|
||||
pass := string(bytepw)
|
||||
|
||||
hash, err := SSHAEncode(pass)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
fmt.Println(hash)
|
||||
}
|
|
@ -2,30 +2,31 @@
|
|||
"http_bind_addr": ":9991",
|
||||
"ldap_server_addr": "ldap://127.0.0.1:389",
|
||||
|
||||
"base_dn": "dc=example,dc=com",
|
||||
"user_base_dn": "ou=users,dc=example,dc=com",
|
||||
"user_name_attr": "uid",
|
||||
"group_base_dn": "ou=groups,dc=example,dc=com",
|
||||
"group_name_attr": "gid",
|
||||
"base_dn": "dc=bottin,dc=eu",
|
||||
"user_base_dn": "ou=users,dc=bottin,dc=eu",
|
||||
"user_name_attr": "cn",
|
||||
"group_base_dn": "ou=groups,dc=bottin,dc=eu",
|
||||
"group_name_attr": "cn",
|
||||
|
||||
"invitation_base_dn": "ou=invitations,dc=example,dc=com",
|
||||
"invitation_base_dn": "ou=invitations,dc=bottin,dc=eu",
|
||||
"invitation_name_attr": "cn",
|
||||
"invited_mail_format": "{}@example.com",
|
||||
"invited_auto_groups": [
|
||||
"cn=email,ou=groups,dc=example,dc=com"
|
||||
],
|
||||
"invited_mail_format": "{}@bottin.eu",
|
||||
"invited_auto_groups": [ ],
|
||||
|
||||
"web_address": "https://guichet.example.com",
|
||||
"mail_from": "welcome@example.com",
|
||||
"smtp_server": "smtp.example.com",
|
||||
"web_address": "http://localhost:9991",
|
||||
"mail_from": "welcome@bottin.eu",
|
||||
"smtp_server": "smtp.bottin.eu",
|
||||
"smtp_username": "guichet",
|
||||
"smtp_password": "",
|
||||
|
||||
"admin_account": "uid=admin,dc=example,dc=com",
|
||||
"group_can_admin": "gid=admin,ou=groups,dc=example,dc=com",
|
||||
"group_can_invite": "",
|
||||
"admin_account": "cn=admin,dc=bottin,dc=eu",
|
||||
"group_can_admin": "cn=admin,ou=groups,dc=bottin,dc=eu",
|
||||
"group_can_invite": "cn=admin,ou=groups,dc=bottin,dc=eu",
|
||||
|
||||
"s3_endpoint": "garage.example.com",
|
||||
"s3_admin_endpoint": "localhost:3903",
|
||||
"s3_admin_token": "GlXP43PWH3LuvEGSNxKYzZCyUss8VqZmarBU+HUlrxw=",
|
||||
|
||||
"s3_endpoint": "localhost:3900",
|
||||
"s3_access_key": "",
|
||||
"s3_secret_key": "",
|
||||
"s3_region": "garage",
|
||||
|
|
14
directory.go
14
directory.go
|
@ -13,10 +13,10 @@ const FIELD_NAME_PROFILE_PICTURE = "profilePicture"
|
|||
const FIELD_NAME_DIRECTORY_VISIBILITY = "directoryVisibility"
|
||||
|
||||
func handleDirectory(w http.ResponseWriter, r *http.Request) {
|
||||
templateDirectory := template.Must(template.ParseFiles("templates/layout.html", "templates/directory.html"))
|
||||
templateDirectory := getTemplate("directory.html")
|
||||
|
||||
login := checkLogin(w, r)
|
||||
if login == nil {
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -37,7 +37,7 @@ type SearchResults struct {
|
|||
}
|
||||
|
||||
func handleDirectorySearch(w http.ResponseWriter, r *http.Request) {
|
||||
templateDirectoryResults := template.Must(template.ParseFiles("templates/directory_results.html"))
|
||||
templateDirectoryResults := template.Must(template.ParseFiles(templatePath + "/directory_results.html"))
|
||||
|
||||
//Get input value by user
|
||||
r.ParseMultipartForm(1024)
|
||||
|
@ -49,8 +49,8 @@ func handleDirectorySearch(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
//Log to allow the research
|
||||
login := checkLogin(w, r)
|
||||
if login == nil {
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
http.Error(w, "Login required", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
@ -69,7 +69,7 @@ func handleDirectorySearch(w http.ResponseWriter, r *http.Request) {
|
|||
},
|
||||
nil)
|
||||
|
||||
sr, err := login.conn.Search(searchRequest)
|
||||
sr, err := user.Login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
|
|
97
flake.lock
Normal file
97
flake.lock
Normal file
|
@ -0,0 +1,97 @@
|
|||
{
|
||||
"nodes": {
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1694529238,
|
||||
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"gomod2nix": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1694616124,
|
||||
"narHash": "sha256-c49BVhQKw3XDRgt+y+uPAbArtgUlMXCET6VxEBmzHXE=",
|
||||
"owner": "tweag",
|
||||
"repo": "gomod2nix",
|
||||
"rev": "f95720e89af6165c8c0aa77f180461fe786f3c21",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "tweag",
|
||||
"repo": "gomod2nix",
|
||||
"rev": "f95720e89af6165c8c0aa77f180461fe786f3c21",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1695711119,
|
||||
"narHash": "sha256-qrtJ4zliGgH24FMhj5a/5Gq7SkjqKquF5AVS0eEevBk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "044b1b65fd5dd49a535e9a9bd1a2cee884eb22d6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "master",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1695710730,
|
||||
"narHash": "sha256-GigCuk3t8AVXr2NdX6eBgouc20JWWrZatbKH3xZZSC4=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "f758d66c9cc3011f5327f8583908a7803cc019b1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "f758d66c9cc3011f5327f8583908a7803cc019b1",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"gomod2nix": "gomod2nix",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
57
flake.nix
Normal file
57
flake.nix
Normal file
|
@ -0,0 +1,57 @@
|
|||
{
|
||||
description = "A simple LDAP web interface for Bottin";
|
||||
|
||||
inputs.nixpkgs.url =
|
||||
"github:nixos/nixpkgs/f758d66c9cc3011f5327f8583908a7803cc019b1";
|
||||
inputs.gomod2nix.url =
|
||||
"github:tweag/gomod2nix/f95720e89af6165c8c0aa77f180461fe786f3c21";
|
||||
|
||||
outputs = { self, nixpkgs, gomod2nix }:
|
||||
let
|
||||
pkgs = import nixpkgs {
|
||||
system = "x86_64-linux";
|
||||
overlays = [
|
||||
(import "${gomod2nix}/overlay.nix")
|
||||
];
|
||||
};
|
||||
src = ./.;
|
||||
guichet = pkgs.buildGoApplication {
|
||||
pname = "guichet";
|
||||
version = "0.1.0";
|
||||
src = src;
|
||||
modules = ./gomod2nix.toml;
|
||||
|
||||
CGO_ENABLED = 0;
|
||||
|
||||
ldflags = [
|
||||
"-X main.templatePath=${src + "/templates"}"
|
||||
"-X main.staticPath=${src + "/static"}"
|
||||
];
|
||||
|
||||
meta = with pkgs.lib; {
|
||||
description = "A simple LDAP web interface for Bottin";
|
||||
homepage = "https://git.deuxfleurs.fr/Deuxfleurs/guichet";
|
||||
license = licenses.gpl3Plus;
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
container = pkgs.dockerTools.buildImage {
|
||||
name = "dxflrs/guichet";
|
||||
copyToRoot = pkgs.buildEnv {
|
||||
name = "guichet-env";
|
||||
paths = [ guichet pkgs.cacert ];
|
||||
};
|
||||
config = {
|
||||
Entrypoint = "/bin/guichet";
|
||||
};
|
||||
};
|
||||
in {
|
||||
packages.x86_64-linux.guichet = guichet;
|
||||
packages.x86_64-linux.container = container;
|
||||
packages.x86_64-linux.default = guichet;
|
||||
|
||||
devShell.x86_64-linux = pkgs.mkShell { nativeBuildInputs = [ pkgs.go pkgs.gomod2nix ]; };
|
||||
};
|
||||
}
|
188
garage.go
Normal file
188
garage.go
Normal file
|
@ -0,0 +1,188 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
|
||||
"log"
|
||||
)
|
||||
|
||||
func gadmin() (*garage.APIClient, context.Context) {
|
||||
// Set Host and other parameters
|
||||
configuration := garage.NewConfiguration()
|
||||
configuration.Host = config.S3AdminEndpoint
|
||||
|
||||
// We can now generate a client
|
||||
client := garage.NewAPIClient(configuration)
|
||||
|
||||
// Authentication is handled through the context pattern
|
||||
ctx := context.WithValue(context.Background(), garage.ContextAccessToken, config.S3AdminToken)
|
||||
return client, ctx
|
||||
}
|
||||
|
||||
func grgCreateKey(name string) (*garage.KeyInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
kr := garage.NewAddKeyRequest()
|
||||
kr.SetName(name)
|
||||
resp, _, err := client.KeyApi.AddKey(ctx).AddKeyRequest(*kr).Execute()
|
||||
if err != nil {
|
||||
fmt.Printf("%+v\n", err)
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
func grgGetKey(accessKey string) (*garage.KeyInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
resp, _, err := client.KeyApi.GetKey(ctx).Id(accessKey).ShowSecretKey("true").Execute()
|
||||
if err != nil {
|
||||
fmt.Printf("%+v\n", err)
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
func grgSearchKey(name string) (*garage.KeyInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
resp, _, err := client.KeyApi.GetKey(ctx).Search(name).ShowSecretKey("true").Execute()
|
||||
if err != nil {
|
||||
fmt.Printf("%+v\n", err)
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
func grgDelKey(accessKey string) error {
|
||||
client, ctx := gadmin()
|
||||
|
||||
_, err := client.KeyApi.DeleteKey(ctx).Id(accessKey).Execute()
|
||||
if err != nil {
|
||||
fmt.Printf("%+v\n", err)
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func grgCreateBucket(bucket string) (*garage.BucketInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
br := garage.NewCreateBucketRequest()
|
||||
br.SetGlobalAlias(bucket)
|
||||
|
||||
// Create Bucket
|
||||
binfo, _, err := client.BucketApi.CreateBucket(ctx).CreateBucketRequest(*br).Execute()
|
||||
if err != nil {
|
||||
fmt.Printf("%+v\n", err)
|
||||
return nil, err
|
||||
}
|
||||
return binfo, nil
|
||||
}
|
||||
|
||||
func grgAllowKeyOnBucket(bid, gkey string, read, write, owner bool) (*garage.BucketInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
// Allow user's key
|
||||
ar := garage.AllowBucketKeyRequest{
|
||||
BucketId: bid,
|
||||
AccessKeyId: gkey,
|
||||
Permissions: *garage.NewAllowBucketKeyRequestPermissions(read, write, owner),
|
||||
}
|
||||
binfo, _, err := client.BucketApi.AllowBucketKey(ctx).AllowBucketKeyRequest(ar).Execute()
|
||||
if err != nil {
|
||||
fmt.Printf("%+v\n", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return binfo, nil
|
||||
}
|
||||
|
||||
func allowWebsiteDefault() *garage.UpdateBucketRequestWebsiteAccess {
|
||||
wr := garage.NewUpdateBucketRequestWebsiteAccess()
|
||||
wr.SetEnabled(true)
|
||||
wr.SetIndexDocument("index.html")
|
||||
wr.SetErrorDocument("error.html")
|
||||
|
||||
return wr
|
||||
}
|
||||
|
||||
func grgUpdateBucket(bid string, ur *garage.UpdateBucketRequest) (*garage.BucketInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
binfo, _, err := client.BucketApi.UpdateBucket(ctx).Id(bid).UpdateBucketRequest(*ur).Execute()
|
||||
if err != nil {
|
||||
fmt.Printf("%+v\n", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// Return updated binfo
|
||||
return binfo, nil
|
||||
}
|
||||
|
||||
func grgAddGlobalAlias(bid, alias string) (*garage.BucketInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
resp, _, err := client.BucketApi.PutBucketGlobalAlias(ctx).Id(bid).Alias(alias).Execute()
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
func grgAddLocalAlias(bid, key, alias string) (*garage.BucketInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
resp, _, err := client.BucketApi.PutBucketLocalAlias(ctx).Id(bid).AccessKeyId(key).Alias(alias).Execute()
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
func grgDelGlobalAlias(bid, alias string) (*garage.BucketInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
resp, _, err := client.BucketApi.DeleteBucketGlobalAlias(ctx).Id(bid).Alias(alias).Execute()
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
func grgDelLocalAlias(bid, key, alias string) (*garage.BucketInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
resp, _, err := client.BucketApi.DeleteBucketLocalAlias(ctx).Id(bid).AccessKeyId(key).Alias(alias).Execute()
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
func grgGetBucket(bid string) (*garage.BucketInfo, error) {
|
||||
client, ctx := gadmin()
|
||||
|
||||
resp, _, err := client.BucketApi.GetBucketInfo(ctx).Id(bid).Execute()
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
|
||||
}
|
||||
|
||||
func grgDeleteBucket(bid string) error {
|
||||
client, ctx := gadmin()
|
||||
|
||||
_, err := client.BucketApi.DeleteBucket(ctx).Id(bid).Execute()
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
}
|
||||
return err
|
||||
}
|
32
go.mod
32
go.mod
|
@ -1,18 +1,38 @@
|
|||
module deuxfleurs.fr/Deuxfleurs/guichet
|
||||
module git.deuxfleurs.fr/Deuxfleurs/guichet
|
||||
|
||||
go 1.13
|
||||
go 1.18
|
||||
|
||||
require (
|
||||
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20231128153612-8b81fae65e5e
|
||||
github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b
|
||||
github.com/emersion/go-smtp v0.12.1
|
||||
github.com/go-ldap/ldap v3.0.3+incompatible
|
||||
github.com/go-ldap/ldap/v3 v3.1.6
|
||||
github.com/google/uuid v1.1.1
|
||||
github.com/gorilla/mux v1.7.3
|
||||
github.com/gorilla/sessions v1.2.0
|
||||
github.com/jsimonetti/pwscheme v0.0.0-20220125093853-4d9895f5db73
|
||||
github.com/minio/minio-go/v7 v7.0.0
|
||||
github.com/sirupsen/logrus v1.6.0
|
||||
github.com/stretchr/objx v0.1.1 // indirect
|
||||
golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6
|
||||
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646
|
||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
|
||||
golang.org/x/term v0.12.0
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/go-asn1-ber/asn1-ber v1.3.1 // indirect
|
||||
github.com/golang/protobuf v1.4.2 // indirect
|
||||
github.com/gorilla/securecookie v1.1.1 // indirect
|
||||
github.com/json-iterator/go v1.1.10 // indirect
|
||||
github.com/klauspost/cpuid v1.2.3 // indirect
|
||||
github.com/minio/md5-simd v1.1.0 // indirect
|
||||
github.com/minio/sha256-simd v0.1.1 // indirect
|
||||
github.com/mitchellh/go-homedir v1.1.0 // indirect
|
||||
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 // indirect
|
||||
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 // indirect
|
||||
golang.org/x/net v0.0.0-20200822124328-c89045814202 // indirect
|
||||
golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558 // indirect
|
||||
golang.org/x/sys v0.12.0 // indirect
|
||||
golang.org/x/text v0.3.3 // indirect
|
||||
google.golang.org/appengine v1.6.6 // indirect
|
||||
google.golang.org/protobuf v1.25.0 // indirect
|
||||
gopkg.in/ini.v1 v1.57.0 // indirect
|
||||
)
|
||||
|
|
387
go.sum
387
go.sum
|
@ -1,4 +1,50 @@
|
|||
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
||||
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
||||
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
|
||||
cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
|
||||
cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
|
||||
cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
|
||||
cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
|
||||
cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To=
|
||||
cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4=
|
||||
cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M=
|
||||
cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc=
|
||||
cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk=
|
||||
cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
|
||||
cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
|
||||
cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
|
||||
cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
|
||||
cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
|
||||
cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
|
||||
cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
|
||||
cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
|
||||
cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
|
||||
cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
|
||||
cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
|
||||
cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
|
||||
cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
|
||||
cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
|
||||
cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU=
|
||||
cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
|
||||
cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
|
||||
cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
|
||||
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
|
||||
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
|
||||
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
|
||||
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9 h1:ERg8KCpIKym98EOKa8Gq0NSBxsasD3sqb/R0gg1wOzU=
|
||||
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9/go.mod h1:TlSL6QVxozmdRaSgP6Akspi0HCJv4HAkkq3Dldru4GM=
|
||||
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20231128153612-8b81fae65e5e h1:h89CAh0qmUcGJykss/utXIw+yRGa3Gr6VyrZ5ZWN0kY=
|
||||
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20231128153612-8b81fae65e5e/go.mod h1:TlSL6QVxozmdRaSgP6Akspi0HCJv4HAkkq3Dldru4GM=
|
||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
|
||||
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
|
||||
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
||||
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
||||
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
|
||||
github.com/emersion/go-sasl v0.0.0-20190817083125-240c8404624e/go.mod h1:G/dpzLu16WtQpBfQ/z3LYiYJn3ZhKSGWn83fyoyQe/k=
|
||||
|
@ -6,15 +52,68 @@ github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b h1:uhWtEWBHgop1rq
|
|||
github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b/go.mod h1:G/dpzLu16WtQpBfQ/z3LYiYJn3ZhKSGWn83fyoyQe/k=
|
||||
github.com/emersion/go-smtp v0.12.1 h1:1R8BDqrR2HhlGwgFYcOi+BVTvK1bMjAB65QcVpJ5sNA=
|
||||
github.com/emersion/go-smtp v0.12.1/go.mod h1:SD9V/xa4ndMw77lR3Mf7htkp8RBNYuPh9UeuBs9tpUQ=
|
||||
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
||||
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
||||
github.com/go-asn1-ber/asn1-ber v1.3.1 h1:gvPdv/Hr++TRFCl0UbPFHC54P9N9jgsRPnmnr419Uck=
|
||||
github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
|
||||
github.com/go-ldap/ldap v3.0.3+incompatible h1:HTeSZO8hWMS1Rgb2Ziku6b8a7qRIZZMHjsvuZyatzwk=
|
||||
github.com/go-ldap/ldap v3.0.3+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc=
|
||||
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
|
||||
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||
github.com/go-ldap/ldap/v3 v3.1.6 h1:VTihvB7egSAvU6KOagaiA/EvgJMR2jsjRAVIho2ydBo=
|
||||
github.com/go-ldap/ldap/v3 v3.1.6/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q=
|
||||
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
||||
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
|
||||
github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
|
||||
github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
|
||||
github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
|
||||
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
|
||||
github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
|
||||
github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
|
||||
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
|
||||
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
|
||||
github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
|
||||
github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
|
||||
github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
|
||||
github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
|
||||
github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0=
|
||||
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
|
||||
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
|
||||
github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
|
||||
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
|
||||
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.1 h1:JFrFEBb2xKufg6XkJsJr+WbKb4FQlURi5RUcBveYu9k=
|
||||
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
|
||||
github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
|
||||
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
|
||||
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
|
||||
github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||
github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||
github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||
github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||
github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
|
||||
github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
|
||||
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
|
||||
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
|
||||
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
|
||||
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
||||
github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=
|
||||
github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
|
||||
|
@ -22,15 +121,24 @@ github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyC
|
|||
github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
|
||||
github.com/gorilla/sessions v1.2.0 h1:S7P+1Hm5V/AT9cjEcUD5uDaQSX0OE577aCXgoaKpYbQ=
|
||||
github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
|
||||
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
||||
github.com/jsimonetti/pwscheme v0.0.0-20220125093853-4d9895f5db73 h1:ZhC4QngptYaGx53+ph1RjxcH8fkCozBaY+935TNX4i8=
|
||||
github.com/jsimonetti/pwscheme v0.0.0-20220125093853-4d9895f5db73/go.mod h1:t0Q9JvoMTfTYdAWIk2MF69iz+Qpdk9D+PgVu6fVmaDI=
|
||||
github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
|
||||
github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
|
||||
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
|
||||
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
|
||||
github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
|
||||
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
|
||||
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
||||
github.com/klauspost/cpuid v1.2.3 h1:CCtW0xUnWGVINKvE/WWOYKdsPV6mawAtvQuSl8guwQs=
|
||||
github.com/klauspost/cpuid v1.2.3/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
|
||||
github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
|
||||
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||
github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8=
|
||||
github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/minio/md5-simd v1.1.0 h1:QPfiOqlZH+Cj9teu0t9b1nTBfPbyTl16Of5MeuShdK4=
|
||||
github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77ZrKZ0Gw=
|
||||
github.com/minio/minio-go/v7 v7.0.0 h1:99hRCmsmMi+hKK93C26iPnRQebTsdK8GEx8Xb4XLr7I=
|
||||
|
@ -45,33 +153,282 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 h1:Esafd1046DLD
|
|||
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
||||
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ=
|
||||
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=
|
||||
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
||||
github.com/sirupsen/logrus v1.6.0 h1:UBcNElsrwanuuMsnGSlYmtmgbb23qDR5dG+6X6Oo89I=
|
||||
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
|
||||
github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
|
||||
github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM=
|
||||
github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
|
||||
github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a h1:pa8hGb/2YqsZKovtsgrwcDH1RZhVbTKCjLp47XpqCDs=
|
||||
github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
||||
github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
|
||||
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
||||
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
|
||||
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
|
||||
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||
go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||
golang.org/x/crypto v0.0.0-20190513172903-22d7a77e9e5f/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||
golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6 h1:Sy5bstxEqwwbYs6n0/pBuxKENqOeZUgD45Gp3Q3pqLg=
|
||||
golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
|
||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
||||
golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
|
||||
golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
|
||||
golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||
golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
|
||||
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
|
||||
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
||||
golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||
golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||
golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||
golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
|
||||
golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
|
||||
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
|
||||
golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
|
||||
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
|
||||
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||
golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190522155817-f3200d17e092 h1:4QSRKanuywn15aTZvI/mIDEgPQpswuFndXpOj3rKEco=
|
||||
golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
|
||||
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||
golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||
golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||
golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||
golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||
golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
||||
golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
||||
golang.org/x/net v0.0.0-20200822124328-c89045814202 h1:VvcQYSHwXgi7W+TpUR6A9g6Up98WAHf3f/ulnJ62IyA=
|
||||
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558 h1:D7nTwh4J0i+5mW4Zjzn5omvlr6YBcWywE6KOcatyNxY=
|
||||
golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
|
||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190422165155-953cdadca894 h1:Cz4ceDQGXuKRnVBDTS23GTn/pU5OE2C0WrNTOYK1Uuc=
|
||||
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae h1:/WDfKMnPU+m5M4xB+6x4kaepxRw6jWvR5iDRdvjHgy8=
|
||||
golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
|
||||
golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
|
||||
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU=
|
||||
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
|
||||
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||
golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
|
||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
|
||||
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||
golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||
golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||
golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||
golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||
golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||
golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||
golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||
golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
|
||||
golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
|
||||
golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
|
||||
golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||
golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||
golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||
golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||
golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
|
||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
|
||||
google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
|
||||
google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
|
||||
google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
|
||||
google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
|
||||
google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
|
||||
google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
|
||||
google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||
google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||
google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||
google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||
google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||
google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
|
||||
google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
|
||||
google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
|
||||
google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
|
||||
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
|
||||
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||
google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
|
||||
google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
|
||||
google.golang.org/appengine v1.6.6 h1:lMO5rYAqUxkmaj76jAkRUvt5JZgFymx/+Q5Mzfivuhc=
|
||||
google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
|
||||
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
|
||||
google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||
google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||
google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||
google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
||||
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
||||
google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
|
||||
google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||
google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||
google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||
google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||
google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||
google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||
google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA=
|
||||
google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||
google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||
google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||
google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||
google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||
google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||
google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||
google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||
google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U=
|
||||
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
|
||||
google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
|
||||
google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||
google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
||||
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
|
||||
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
|
||||
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
||||
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
|
||||
google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||
google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||
google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
|
||||
google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
|
||||
google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
|
||||
google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
|
||||
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
||||
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
||||
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
||||
google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
|
||||
google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
|
||||
google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||
google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
|
||||
google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c=
|
||||
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
|
||||
gopkg.in/ini.v1 v1.57.0 h1:9unxIsFcTt4I55uWluz+UmL95q4kdJ0buvQ1ZIqVQww=
|
||||
gopkg.in/ini.v1 v1.57.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
||||
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
|
||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
||||
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
|
||||
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
|
||||
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
|
||||
|
|
90
gomod2nix.toml
Normal file
90
gomod2nix.toml
Normal file
|
@ -0,0 +1,90 @@
|
|||
schema = 3
|
||||
|
||||
[mod]
|
||||
[mod."git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"]
|
||||
version = "v0.0.0-20231128153612-8b81fae65e5e"
|
||||
hash = "sha256-o9kbcJ25/cYYwWZz/LBF7ZDyW8bZAjdg5pPu0gvb5JQ="
|
||||
[mod."github.com/emersion/go-sasl"]
|
||||
version = "v0.0.0-20191210011802-430746ea8b9b"
|
||||
hash = "sha256-bADpAn0ZhlTTsEB3MsG8J31cQjTtHTzohX/wkL1aMIc="
|
||||
[mod."github.com/emersion/go-smtp"]
|
||||
version = "v0.12.1"
|
||||
hash = "sha256-fiss5y7chfHv80vIQ9Xwx3J+3qLMA63EOP4OG3DxAtI="
|
||||
[mod."github.com/go-asn1-ber/asn1-ber"]
|
||||
version = "v1.3.1"
|
||||
hash = "sha256-Alh6bUq9HoBDhY+n6W7xNBto/dUMxPGvucA6guarrjc="
|
||||
[mod."github.com/go-ldap/ldap/v3"]
|
||||
version = "v3.1.6"
|
||||
hash = "sha256-UPUdYKOoCQWgl2Onbq1Oql7XU4TeYQA/+j4atwhdKbE="
|
||||
[mod."github.com/golang/protobuf"]
|
||||
version = "v1.4.2"
|
||||
hash = "sha256-zhA1d1Kw1ZV/kDBZ4Iv5miKHjZBhcV8m3BiD1qocJqw="
|
||||
[mod."github.com/google/uuid"]
|
||||
version = "v1.1.1"
|
||||
hash = "sha256-66PXC/RCPUyhS9PhkIPQFR3tbM2zZYDNPGXN7JJj3UE="
|
||||
[mod."github.com/gorilla/mux"]
|
||||
version = "v1.7.3"
|
||||
hash = "sha256-YZSIN7Ua+hPqSIrT+tiRz3aFqJ1EWHvwee+PptpHI28="
|
||||
[mod."github.com/gorilla/securecookie"]
|
||||
version = "v1.1.1"
|
||||
hash = "sha256-IBBYWfdOuXvQsb01DaA8tBizCfAE1J2KLXIn3W+NeJk="
|
||||
[mod."github.com/gorilla/sessions"]
|
||||
version = "v1.2.0"
|
||||
hash = "sha256-4V7yd/vf03CEsb3pz5dbLWwv7t9QgKkEhVXtc1/z5s8="
|
||||
[mod."github.com/jsimonetti/pwscheme"]
|
||||
version = "v0.0.0-20220125093853-4d9895f5db73"
|
||||
hash = "sha256-YF3RKU/4CWvLPgGzUd7Hk/2+41OUFuRWZgzQuqcsKg0="
|
||||
[mod."github.com/json-iterator/go"]
|
||||
version = "v1.1.10"
|
||||
hash = "sha256-jdS2C0WsgsWREBSj+YUzSqdZofMfUMecaOQ/lB9Mu6k="
|
||||
[mod."github.com/klauspost/cpuid"]
|
||||
version = "v1.2.3"
|
||||
hash = "sha256-1IBlONMxKVgudV/mzNrFZB60z8w4xFjVbEU2DoIAoeg="
|
||||
[mod."github.com/minio/md5-simd"]
|
||||
version = "v1.1.0"
|
||||
hash = "sha256-jJbDwg7KlLB991wj1U6y+kJKOUxKVGQrDbM3nY+6qxE="
|
||||
[mod."github.com/minio/minio-go/v7"]
|
||||
version = "v7.0.0"
|
||||
hash = "sha256-xWAELgH6mWVGKFEe2gbzvigJDNk+ELmegJe09KvUqvY="
|
||||
[mod."github.com/minio/sha256-simd"]
|
||||
version = "v0.1.1"
|
||||
hash = "sha256-HpcuLTnpcyKe0ua2MN/ysK5cXdrwquDjrx4Y2dG6W2s="
|
||||
[mod."github.com/mitchellh/go-homedir"]
|
||||
version = "v1.1.0"
|
||||
hash = "sha256-oduBKXHAQG8X6aqLEpqZHs5DOKe84u6WkBwi4W6cv3k="
|
||||
[mod."github.com/modern-go/concurrent"]
|
||||
version = "v0.0.0-20180228061459-e0a39a4cb421"
|
||||
hash = "sha256-+bdeHUArnpkk4eMQIwXm9K249NkpwAjoTrXrGn/4VUE="
|
||||
[mod."github.com/modern-go/reflect2"]
|
||||
version = "v0.0.0-20180701023420-4b7aa43c6742"
|
||||
hash = "sha256-RyIwgrPwtd4lNjLGkBVxRvu5IdXLDqf5F69QWLm0zLw="
|
||||
[mod."github.com/nfnt/resize"]
|
||||
version = "v0.0.0-20180221191011-83c6a9932646"
|
||||
hash = "sha256-yvPV+HlDOyJsiwAcVHQkmtw8DHSXyw+cXHkigXm8rAA="
|
||||
[mod."golang.org/x/crypto"]
|
||||
version = "v0.0.0-20200622213623-75b288015ac9"
|
||||
hash = "sha256-QvFbJEm3gXs2NtaaREbkbAtdHpU4fqX+0C0EvTezdKM="
|
||||
[mod."golang.org/x/net"]
|
||||
version = "v0.0.0-20200822124328-c89045814202"
|
||||
hash = "sha256-wg5IrlVfnsRL86dbi3WJ9XA6Er6JuuyusytIPf18mO0="
|
||||
[mod."golang.org/x/oauth2"]
|
||||
version = "v0.0.0-20210323180902-22b0adad7558"
|
||||
hash = "sha256-mQv+EELtNg99ZYiRFxel405A66PtHK6eCx6XM3vqKG8="
|
||||
[mod."golang.org/x/sys"]
|
||||
version = "v0.12.0"
|
||||
hash = "sha256-Ht/PhBJGWNBg4ksmdUu4+7hJjFypSwoUN/8DJricd+0="
|
||||
[mod."golang.org/x/term"]
|
||||
version = "v0.12.0"
|
||||
hash = "sha256-NFko0uqv/r2VxrbSgS1IwWzaWQK3RZuk0MvUV+qxIsc="
|
||||
[mod."golang.org/x/text"]
|
||||
version = "v0.3.3"
|
||||
hash = "sha256-kiauoT7vd7Mh2AW7TnceQyoCDsARxWkDZu1OSD9dCZw="
|
||||
[mod."google.golang.org/appengine"]
|
||||
version = "v1.6.6"
|
||||
hash = "sha256-nZnEfsXy3mgzRnlyWGHJKqsosvnAQFkhVszw3DSFe6Y="
|
||||
[mod."google.golang.org/protobuf"]
|
||||
version = "v1.25.0"
|
||||
hash = "sha256-3sf57K5A0nmA1UmDe+6FUNJI6UR+SfVyZWNv+2TGHT4="
|
||||
[mod."gopkg.in/ini.v1"]
|
||||
version = "v1.57.0"
|
||||
hash = "sha256-WSjX+qHJ1Rf4FRMTs7udQwEBkIo+z8+EK3uB5CebrZ4="
|
16
integration/README.md
Normal file
16
integration/README.md
Normal file
|
@ -0,0 +1,16 @@
|
|||
# Intégration de Guichet dans un environnement de dev/test
|
||||
|
||||
## Dev process
|
||||
|
||||
On utilise `docker compose` pour mettre en place l'infrastructure dont dépend Guichet, que l'on développe. (On rajoutera Garage dedans plus tard.)
|
||||
|
||||
On ne met pas Guichet dans le `compose` pour pouvoir itérer plus rapidement : un `go build` et on a la nouvelle version, sans avoir restart les dépendances (Bottin, Consul...).
|
||||
|
||||
## Notes
|
||||
|
||||
* Bien récupérer le password `admin` dans les logs de 1er lancement de Bottin : il ne sera pas réaffiché.
|
||||
* Identifiant de l'admin sur Guichet : `cn=admin,dc=bottin,dc=eu` because il n'est pas dans `ou=users,dc=bottin,dc=eu` qui est l'organisation par défaut dans laquelle on va chercher les utilisateurs.
|
||||
|
||||
## TODO
|
||||
|
||||
* Bridger Garage/S3 (pour le moment ne sert que pour les avatars dans l'annuaire)
|
19
integration/config/bottin.json
Normal file
19
integration/config/bottin.json
Normal file
|
@ -0,0 +1,19 @@
|
|||
{
|
||||
"suffix": "dc=bottin,dc=eu",
|
||||
"bind": "bottin:389",
|
||||
"consul_host": "consul:8500",
|
||||
"acl": [
|
||||
"ANONYMOUS::bind:*,ou=users,dc=bottin,dc=eu:",
|
||||
"ANONYMOUS::bind:cn=admin,dc=bottin,dc=eu:",
|
||||
"*,dc=bottin,dc=eu::read:*:* !userpassword",
|
||||
"cn=admin,dc=bottin,dc=eu::read add modify delete:*:*",
|
||||
"*:cn=admin,ou=groups,dc=bottin,dc=eu:read add modify delete:*:*",
|
||||
|
||||
"ANONYMOUS::bind:*,ou=invitations,dc=bottin,dc=eu:",
|
||||
"*,ou=invitations,dc=bottin,dc=eu::delete:SELF:*",
|
||||
"*,ou=invitations,dc=bottin,dc=eu::add:*,ou=users,dc=bottin,dc=eu:*",
|
||||
"*,ou=invitations,dc=bottin,dc=eu::modifyAdd:cn=email,ou=groups,dc=bottin,dc=eu:*",
|
||||
|
||||
"*::read modify:SELF:*"
|
||||
]
|
||||
}
|
26
integration/config/garage.toml
Normal file
26
integration/config/garage.toml
Normal file
|
@ -0,0 +1,26 @@
|
|||
metadata_dir = "/tmp/meta"
|
||||
data_dir = "/tmp/data"
|
||||
db_engine = "lmdb"
|
||||
|
||||
replication_mode = "none"
|
||||
|
||||
rpc_bind_addr = "[::]:3901"
|
||||
rpc_public_addr = "127.0.0.1:3901"
|
||||
rpc_secret = "93086c2378eecea1cc9e83ee0554a8c510359215168774a396dcb5a01f88dd79"
|
||||
|
||||
[s3_api]
|
||||
s3_region = "garage"
|
||||
api_bind_addr = "[::]:3900"
|
||||
root_domain = ".s3.garage.localhost"
|
||||
|
||||
[s3_web]
|
||||
bind_addr = "[::]:3902"
|
||||
root_domain = ".web.garage.localhost"
|
||||
index = "index.html"
|
||||
|
||||
[k2v_api]
|
||||
api_bind_addr = "[::]:3904"
|
||||
|
||||
[admin]
|
||||
api_bind_addr = "0.0.0.0:3903"
|
||||
admin_token = "GlXP43PWH3LuvEGSNxKYzZCyUss8VqZmarBU+HUlrxw="
|
34
integration/config/guichet.json
Normal file
34
integration/config/guichet.json
Normal file
|
@ -0,0 +1,34 @@
|
|||
{
|
||||
"http_bind_addr": ":9991",
|
||||
"ldap_server_addr": "ldap://127.0.0.1:389",
|
||||
|
||||
"base_dn": "dc=bottin,dc=eu",
|
||||
"user_base_dn": "ou=users,dc=bottin,dc=eu",
|
||||
"user_name_attr": "cn",
|
||||
"group_base_dn": "ou=groups,dc=bottin,dc=eu",
|
||||
"group_name_attr": "cn",
|
||||
|
||||
"invitation_base_dn": "ou=invitations,dc=bottin,dc=eu",
|
||||
"invitation_name_attr": "cn",
|
||||
"invited_mail_format": "{}@bottin.eu",
|
||||
"invited_auto_groups": [
|
||||
"cn=email,ou=groups,dc=bottin,dc=eu"
|
||||
],
|
||||
|
||||
"web_address": "https://guichet.bottin.eu",
|
||||
"mail_from": "welcome@bottin.eu",
|
||||
"smtp_server": "smtp.bottin.eu",
|
||||
"smtp_username": "guichet",
|
||||
"smtp_password": "",
|
||||
|
||||
"admin_account": "cn=admin,dc=bottin,dc=eu",
|
||||
"group_can_admin": "gid=admin,ou=groups,dc=bottin,dc=eu",
|
||||
"group_can_invite": "",
|
||||
|
||||
"s3_endpoint": "garage.bottin.eu",
|
||||
"s3_access_key": "",
|
||||
"s3_secret_key": "",
|
||||
"s3_region": "garage",
|
||||
"s3_bucket": "bottin-pictures"
|
||||
}
|
||||
|
31
integration/docker-compose.yml
Normal file
31
integration/docker-compose.yml
Normal file
|
@ -0,0 +1,31 @@
|
|||
version: '3'
|
||||
services:
|
||||
consul:
|
||||
# sync with nixos stable packages assuming our stack is up to date
|
||||
# https://search.nixos.org/packages?channel=24.05&from=0&size=50&sort=relevance&type=packages&query=consul
|
||||
image: hashicorp/consul:1.18
|
||||
restart: "always"
|
||||
expose:
|
||||
- 8500
|
||||
bottin:
|
||||
# sync with deuxfleurs/nixcfg/cluster/prod/app/core/deploy/bottin.hcl
|
||||
# to ensure compatibility with prod
|
||||
image: dxflrs/bottin:7h18i30cckckaahv87d3c86pn4a7q41z
|
||||
#command: "-config /etc/bottin.json"
|
||||
restart: "always"
|
||||
depends_on: ["consul"]
|
||||
ports:
|
||||
- "389:389"
|
||||
volumes:
|
||||
- "./config/bottin.json:/config.json"
|
||||
garage:
|
||||
# sync with deuxfleurs/nixcfg/cluster/prod/app/garage/deploy/garage.hcl
|
||||
# to ensure compatibility with prod
|
||||
image: superboum/garage:v1.0.0-rc1-hotfix-red-ftr-wquorum
|
||||
ports:
|
||||
- "3900:3900"
|
||||
- "3902:3902"
|
||||
- "3903:3903"
|
||||
- "3904:3904"
|
||||
volumes:
|
||||
- "./config/garage.toml:/etc/garage.toml"
|
74
invite.go
74
invite.go
|
@ -21,29 +21,29 @@ import (
|
|||
|
||||
var EMAIL_REGEXP = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
|
||||
|
||||
func checkInviterLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
|
||||
login := checkLogin(w, r)
|
||||
if login == nil {
|
||||
func checkInviterLogin(w http.ResponseWriter, r *http.Request) *LoggedUser {
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
if !login.CanInvite {
|
||||
if !user.Capabilities.CanInvite {
|
||||
http.Error(w, "Not authorized to invite new users.", http.StatusUnauthorized)
|
||||
return nil
|
||||
}
|
||||
|
||||
return login
|
||||
return user
|
||||
}
|
||||
|
||||
// New account creation directly from interface
|
||||
|
||||
func handleInviteNewAccount(w http.ResponseWriter, r *http.Request) {
|
||||
login := checkInviterLogin(w, r)
|
||||
if login == nil {
|
||||
user := checkInviterLogin(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
handleNewAccount(w, r, login.conn, login.Info.DN)
|
||||
handleNewAccount(w, r, user.Login.conn, user.Login.Info.DN())
|
||||
}
|
||||
|
||||
// New account creation using code
|
||||
|
@ -52,15 +52,16 @@ func handleInvitationCode(w http.ResponseWriter, r *http.Request) {
|
|||
code := mux.Vars(r)["code"]
|
||||
code_id, code_pw := readCode(code)
|
||||
|
||||
l := ldapOpen(w)
|
||||
if l == nil {
|
||||
return
|
||||
l, err := NewLdapCon()
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
inviteDn := config.InvitationNameAttr + "=" + code_id + "," + config.InvitationBaseDN
|
||||
err := l.Bind(inviteDn, code_pw)
|
||||
err = l.Bind(inviteDn, code_pw)
|
||||
if err != nil {
|
||||
templateInviteInvalidCode := template.Must(template.ParseFiles("templates/layout.html", "templates/invite_invalid_code.html"))
|
||||
log.Println(err)
|
||||
templateInviteInvalidCode := getTemplate("invite_invalid_code.html")
|
||||
templateInviteInvalidCode.Execute(w, nil)
|
||||
return
|
||||
}
|
||||
|
@ -110,7 +111,7 @@ type NewAccountData struct {
|
|||
}
|
||||
|
||||
func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn, invitedBy string) bool {
|
||||
templateInviteNewAccount := template.Must(template.ParseFiles("templates/layout.html", "templates/invite_new_account.html"))
|
||||
templateInviteNewAccount := getTemplate("invite_new_account.html")
|
||||
|
||||
data := &NewAccountData{}
|
||||
|
||||
|
@ -133,9 +134,12 @@ func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn, invi
|
|||
}
|
||||
|
||||
func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 string, invitedBy string) {
|
||||
checkFailed := false
|
||||
|
||||
// Check if username is correct
|
||||
if match, err := regexp.MatchString("^[a-zA-Z0-9._-]+$", data.Username); !(err == nil && match) {
|
||||
if match, err := regexp.MatchString("^[a-z0-9._-]+$", data.Username); !(err == nil && match) {
|
||||
data.ErrorInvalidUsername = true
|
||||
checkFailed = true
|
||||
}
|
||||
|
||||
// Check if user exists
|
||||
|
@ -150,22 +154,26 @@ func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 st
|
|||
sr, err := l.Search(searchRq)
|
||||
if err != nil {
|
||||
data.ErrorMessage = err.Error()
|
||||
return
|
||||
checkFailed = true
|
||||
}
|
||||
|
||||
if len(sr.Entries) > 0 {
|
||||
data.ErrorUsernameTaken = true
|
||||
return
|
||||
checkFailed = true
|
||||
}
|
||||
|
||||
// Check that password is long enough
|
||||
if len(pass1) < 8 {
|
||||
data.ErrorPasswordTooShort = true
|
||||
return
|
||||
checkFailed = true
|
||||
}
|
||||
|
||||
if pass1 != pass2 {
|
||||
data.ErrorPasswordMismatch = true
|
||||
checkFailed = true
|
||||
}
|
||||
|
||||
if checkFailed {
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -173,7 +181,12 @@ func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 st
|
|||
req := ldap.NewAddRequest(userDn, nil)
|
||||
req.Attribute("objectclass", []string{"inetOrgPerson", "organizationalPerson", "person", "top"})
|
||||
req.Attribute("structuralobjectclass", []string{"inetOrgPerson"})
|
||||
req.Attribute("userpassword", []string{SSHAEncode([]byte(pass1))})
|
||||
pw, err := SSHAEncode(pass1)
|
||||
if err != nil {
|
||||
data.ErrorMessage = err.Error()
|
||||
return
|
||||
}
|
||||
req.Attribute("userpassword", []string{pw})
|
||||
req.Attribute("invitedby", []string{invitedBy})
|
||||
if len(data.DisplayName) > 0 {
|
||||
req.Attribute("displayname", []string{data.DisplayName})
|
||||
|
@ -227,10 +240,10 @@ type CodeMailFields struct {
|
|||
}
|
||||
|
||||
func handleInviteSendCode(w http.ResponseWriter, r *http.Request) {
|
||||
templateInviteSendCode := template.Must(template.ParseFiles("templates/layout.html", "templates/invite_send_code.html"))
|
||||
templateInviteSendCode := getTemplate("invite_send_code.html")
|
||||
|
||||
login := checkInviterLogin(w, r)
|
||||
if login == nil {
|
||||
user := checkInviterLogin(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -245,24 +258,29 @@ func handleInviteSendCode(w http.ResponseWriter, r *http.Request) {
|
|||
sendto := strings.Join(r.Form["sendto"], "")
|
||||
|
||||
if choice == "display" || choice == "send" {
|
||||
trySendCode(login, choice, sendto, data)
|
||||
trySendCode(user, choice, sendto, data)
|
||||
}
|
||||
}
|
||||
|
||||
templateInviteSendCode.Execute(w, data)
|
||||
}
|
||||
|
||||
func trySendCode(login *LoginStatus, choice string, sendto string, data *SendCodeData) {
|
||||
func trySendCode(user *LoggedUser, choice string, sendto string, data *SendCodeData) {
|
||||
// Generate code
|
||||
code, code_id, code_pw := genCode()
|
||||
|
||||
// Create invitation object in database
|
||||
inviteDn := config.InvitationNameAttr + "=" + code_id + "," + config.InvitationBaseDN
|
||||
req := ldap.NewAddRequest(inviteDn, nil)
|
||||
req.Attribute("userpassword", []string{SSHAEncode([]byte(code_pw))})
|
||||
pw, err := SSHAEncode(code_pw)
|
||||
if err != nil {
|
||||
data.ErrorMessage = err.Error()
|
||||
return
|
||||
}
|
||||
req.Attribute("userpassword", []string{pw})
|
||||
req.Attribute("objectclass", []string{"top", "invitationCode"})
|
||||
|
||||
err := login.conn.Add(req)
|
||||
err = user.Login.conn.Add(req)
|
||||
if err != nil {
|
||||
data.ErrorMessage = err.Error()
|
||||
return
|
||||
|
@ -281,12 +299,12 @@ func trySendCode(login *LoginStatus, choice string, sendto string, data *SendCod
|
|||
return
|
||||
}
|
||||
|
||||
templateMail := template.Must(template.ParseFiles("templates/invite_mail.txt"))
|
||||
templateMail := template.Must(template.ParseFiles(templatePath + "/invite_mail.txt"))
|
||||
buf := bytes.NewBuffer([]byte{})
|
||||
templateMail.Execute(buf, &CodeMailFields{
|
||||
To: sendto,
|
||||
From: config.MailFrom,
|
||||
InviteFrom: login.WelcomeName(),
|
||||
InviteFrom: user.WelcomeName(),
|
||||
Code: code,
|
||||
WebBaseAddress: config.WebAddress,
|
||||
})
|
||||
|
|
298
login.go
Normal file
298
login.go
Normal file
|
@ -0,0 +1,298 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
|
||||
"github.com/go-ldap/ldap/v3"
|
||||
)
|
||||
|
||||
var (
|
||||
ErrNotAuthenticatedSession = fmt.Errorf("User has no session")
|
||||
ErrNotAuthenticatedBasic = fmt.Errorf("User has not sent Authentication Basic information")
|
||||
ErrNotAuthenticated = fmt.Errorf("User is not authenticated")
|
||||
ErrWrongLDAPCredentials = fmt.Errorf("LDAP credentials are wrong")
|
||||
ErrLDAPServerUnreachable = fmt.Errorf("Unable to open the LDAP server")
|
||||
ErrLDAPSearchInternalError = fmt.Errorf("LDAP Search of this user failed with an internal error")
|
||||
ErrLDAPSearchNotFound = fmt.Errorf("User is authenticated but its associated data can not be found during search")
|
||||
)
|
||||
|
||||
// --- Login Info ---
|
||||
type LoginInfo struct {
|
||||
Username string
|
||||
Password string
|
||||
}
|
||||
|
||||
func NewLoginInfoFromSession(r *http.Request) (*LoginInfo, error) {
|
||||
session, err := store.Get(r, SESSION_NAME)
|
||||
if err == nil {
|
||||
username, ok_user := session.Values["login_username"]
|
||||
password, ok_pwd := session.Values["login_password"]
|
||||
|
||||
if ok_user && ok_pwd {
|
||||
loginInfo := &LoginInfo{
|
||||
Username: username.(string),
|
||||
Password: password.(string),
|
||||
}
|
||||
return loginInfo, nil
|
||||
}
|
||||
}
|
||||
|
||||
return nil, errors.Join(ErrNotAuthenticatedSession, err)
|
||||
}
|
||||
|
||||
func NewLoginInfoFromBasicAuth(r *http.Request) (*LoginInfo, error) {
|
||||
username, password, ok := r.BasicAuth()
|
||||
if ok {
|
||||
login_info := &LoginInfo{
|
||||
Username: username,
|
||||
Password: password,
|
||||
}
|
||||
|
||||
return login_info, nil
|
||||
}
|
||||
return nil, ErrNotAuthenticatedBasic
|
||||
}
|
||||
|
||||
func (li *LoginInfo) DN() string {
|
||||
user_dn := fmt.Sprintf("%s=%s,%s", config.UserNameAttr, li.Username, config.UserBaseDN)
|
||||
if strings.EqualFold(li.Username, config.AdminAccount) {
|
||||
user_dn = li.Username
|
||||
}
|
||||
|
||||
return user_dn
|
||||
}
|
||||
|
||||
// --- Login Status ---
|
||||
type LoginStatus struct {
|
||||
Info *LoginInfo
|
||||
conn *ldap.Conn
|
||||
}
|
||||
|
||||
func NewLoginStatus(r *http.Request, login_info *LoginInfo) (*LoginStatus, error) {
|
||||
l, err := NewLdapCon()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = l.Bind(login_info.DN(), login_info.Password)
|
||||
if err != nil {
|
||||
return nil, errors.Join(ErrWrongLDAPCredentials, err)
|
||||
}
|
||||
|
||||
loginStatus := &LoginStatus{
|
||||
Info: login_info,
|
||||
conn: l,
|
||||
}
|
||||
return loginStatus, nil
|
||||
}
|
||||
|
||||
func NewLdapCon() (*ldap.Conn, error) {
|
||||
l, err := ldap.DialURL(config.LdapServerAddr)
|
||||
if err != nil {
|
||||
return nil, errors.Join(ErrLDAPServerUnreachable, err)
|
||||
}
|
||||
|
||||
if config.LdapTLS {
|
||||
err = l.StartTLS(&tls.Config{InsecureSkipVerify: true})
|
||||
if err != nil {
|
||||
return nil, errors.Join(ErrLDAPServerUnreachable, err)
|
||||
}
|
||||
}
|
||||
|
||||
return l, nil
|
||||
}
|
||||
|
||||
// --- Capabilities ---
|
||||
type Capabilities struct {
|
||||
CanAdmin bool
|
||||
CanInvite bool
|
||||
}
|
||||
|
||||
func NewCapabilities(login *LoginStatus, entry *ldap.Entry) *Capabilities {
|
||||
// Initialize
|
||||
canAdmin := false
|
||||
canInvite := false
|
||||
|
||||
// Special case for the "admin" account that is de-facto admin
|
||||
canAdmin = strings.EqualFold(login.Info.DN(), config.AdminAccount)
|
||||
|
||||
// Check if this account is part of a group that give capabilities
|
||||
for _, attr := range entry.Attributes {
|
||||
if strings.EqualFold(attr.Name, "memberof") {
|
||||
for _, group := range attr.Values {
|
||||
if config.GroupCanInvite != "" && strings.EqualFold(group, config.GroupCanInvite) {
|
||||
canInvite = true
|
||||
}
|
||||
if config.GroupCanAdmin != "" && strings.EqualFold(group, config.GroupCanAdmin) {
|
||||
canAdmin = true
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return &Capabilities{
|
||||
CanAdmin: canAdmin,
|
||||
CanInvite: canInvite,
|
||||
}
|
||||
}
|
||||
|
||||
// --- Logged User ---
|
||||
type LoggedUser struct {
|
||||
Username string
|
||||
Login *LoginStatus
|
||||
Entry *ldap.Entry
|
||||
Capabilities *Capabilities
|
||||
Quota *UserQuota
|
||||
s3key *garage.KeyInfo
|
||||
}
|
||||
|
||||
func NewLoggedUser(login *LoginStatus) (*LoggedUser, error) {
|
||||
requestKind := "(objectClass=organizationalPerson)"
|
||||
if strings.EqualFold(login.Info.DN(), config.AdminAccount) {
|
||||
requestKind = "(objectclass=*)"
|
||||
}
|
||||
|
||||
searchRequest := ldap.NewSearchRequest(
|
||||
login.Info.DN(),
|
||||
ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false,
|
||||
requestKind,
|
||||
[]string{
|
||||
"dn",
|
||||
"displayname",
|
||||
"givenname",
|
||||
"sn",
|
||||
"mail",
|
||||
"memberof",
|
||||
"description",
|
||||
"garage_s3_access_key",
|
||||
FIELD_NAME_DIRECTORY_VISIBILITY,
|
||||
FIELD_NAME_PROFILE_PICTURE,
|
||||
FIELD_QUOTA_WEBSITE_SIZE_BURSTED,
|
||||
FIELD_QUOTA_WEBSITE_COUNT,
|
||||
},
|
||||
nil)
|
||||
|
||||
sr, err := login.conn.Search(searchRequest)
|
||||
if err != nil {
|
||||
return nil, ErrLDAPSearchInternalError
|
||||
}
|
||||
|
||||
if len(sr.Entries) != 1 {
|
||||
return nil, ErrLDAPSearchNotFound
|
||||
}
|
||||
entry := sr.Entries[0]
|
||||
|
||||
username := login.Info.Username
|
||||
lu := &LoggedUser{
|
||||
Username: username,
|
||||
Login: login,
|
||||
Entry: entry,
|
||||
Capabilities: NewCapabilities(login, entry),
|
||||
Quota: NewUserQuotaFromEntry(entry),
|
||||
}
|
||||
return lu, nil
|
||||
}
|
||||
func (lu *LoggedUser) WelcomeName() string {
|
||||
ret := lu.Entry.GetAttributeValue("givenname")
|
||||
if ret == "" {
|
||||
ret = lu.Entry.GetAttributeValue("displayname")
|
||||
}
|
||||
if ret == "" {
|
||||
ret = lu.Login.Info.Username
|
||||
}
|
||||
return ret
|
||||
}
|
||||
|
||||
func (lu *LoggedUser) S3KeyInfo() (*garage.KeyInfo, error) {
|
||||
var err error
|
||||
var keyPair *garage.KeyInfo
|
||||
|
||||
if lu.s3key == nil {
|
||||
keyID := lu.Entry.GetAttributeValue("garage_s3_access_key")
|
||||
if keyID == "" {
|
||||
// If there is no S3Key in LDAP, generate it...
|
||||
keyPair, err = grgCreateKey(lu.Username)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
modify_request := ldap.NewModifyRequest(lu.Login.Info.DN(), nil)
|
||||
modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId})
|
||||
// @FIXME compatibility feature for bagage (SFTP+webdav)
|
||||
// you can remove it once bagage will be updated to fetch the key from garage directly
|
||||
// or when bottin will be able to dynamically fetch it.
|
||||
modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey.Get()})
|
||||
err = lu.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
} else {
|
||||
// There is an S3 key in LDAP, fetch its descriptor...
|
||||
keyPair, err = grgGetKey(keyID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
// Cache the keypair...
|
||||
lu.s3key = keyPair
|
||||
}
|
||||
|
||||
return lu.s3key, nil
|
||||
}
|
||||
|
||||
// --- Require User Check
|
||||
func RequireUser(r *http.Request) (*LoggedUser, error) {
|
||||
var login_info *LoginInfo
|
||||
|
||||
if li, err := NewLoginInfoFromSession(r); err == nil {
|
||||
login_info = li
|
||||
} else if li, err := NewLoginInfoFromBasicAuth(r); err == nil {
|
||||
login_info = li
|
||||
} else {
|
||||
return nil, ErrNotAuthenticated
|
||||
}
|
||||
|
||||
loginStatus, err := NewLoginStatus(r, login_info)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return NewLoggedUser(loginStatus)
|
||||
}
|
||||
|
||||
func RequireUserHtml(w http.ResponseWriter, r *http.Request) *LoggedUser {
|
||||
user, err := RequireUser(r)
|
||||
|
||||
if errors.Is(err, ErrNotAuthenticated) || errors.Is(err, ErrWrongLDAPCredentials) {
|
||||
http.Redirect(w, r, "/login", http.StatusFound)
|
||||
return nil
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return nil
|
||||
}
|
||||
|
||||
return user
|
||||
}
|
||||
|
||||
func RequireUserApi(w http.ResponseWriter, r *http.Request) *LoggedUser {
|
||||
user, err := RequireUser(r)
|
||||
|
||||
if errors.Is(err, ErrNotAuthenticated) || errors.Is(err, ErrWrongLDAPCredentials) {
|
||||
http.Error(w, err.Error(), http.StatusUnauthorized)
|
||||
return nil
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return nil
|
||||
}
|
||||
|
||||
return user
|
||||
}
|
251
main.go
251
main.go
|
@ -2,10 +2,8 @@ package main
|
|||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"crypto/tls"
|
||||
"encoding/json"
|
||||
"flag"
|
||||
"fmt"
|
||||
"html/template"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
|
@ -29,6 +27,10 @@ type ConfigFile struct {
|
|||
GroupBaseDN string `json:"group_base_dn"`
|
||||
GroupNameAttr string `json:"group_name_attr"`
|
||||
|
||||
MailingBaseDN string `json:"mailing_list_base_dn"`
|
||||
MailingNameAttr string `json:"mailing_list_name_attr"`
|
||||
MailingGuestsBaseDN string `json:"mailing_list_guest_user_base_dn"`
|
||||
|
||||
InvitationBaseDN string `json:"invitation_base_dn"`
|
||||
InvitationNameAttr string `json:"invitation_name_attr"`
|
||||
InvitedMailFormat string `json:"invited_mail_format"`
|
||||
|
@ -44,6 +46,9 @@ type ConfigFile struct {
|
|||
GroupCanInvite string `json:"group_can_invite"`
|
||||
GroupCanAdmin string `json:"group_can_admin"`
|
||||
|
||||
S3AdminEndpoint string `json:"s3_admin_endpoint"`
|
||||
S3AdminToken string `json:"s3_admin_token"`
|
||||
|
||||
S3Endpoint string `json:"s3_endpoint"`
|
||||
S3AccessKey string `json:"s3_access_key"`
|
||||
S3SecretKey string `json:"s3_secret_key"`
|
||||
|
@ -51,12 +56,16 @@ type ConfigFile struct {
|
|||
S3Bucket string `json:"s3_bucket"`
|
||||
}
|
||||
|
||||
var configFlag = flag.String("config", "./config.json", "Configuration file path")
|
||||
var fsServer = flag.NewFlagSet("server", flag.ContinueOnError)
|
||||
var configFlag = fsServer.String("config", "./config.json", "Configuration file path")
|
||||
|
||||
var config *ConfigFile
|
||||
|
||||
const SESSION_NAME = "guichet_session"
|
||||
|
||||
var staticPath = "./static"
|
||||
var templatePath = "./templates"
|
||||
|
||||
var store sessions.Store = nil
|
||||
|
||||
func readConfig() ConfigFile {
|
||||
|
@ -94,9 +103,35 @@ func readConfig() ConfigFile {
|
|||
return config_file
|
||||
}
|
||||
|
||||
func main() {
|
||||
flag.Parse()
|
||||
func getTemplate(name string) *template.Template {
|
||||
return template.Must(template.New("layout.html").Funcs(template.FuncMap{
|
||||
"contains": strings.Contains,
|
||||
}).ParseFiles(
|
||||
templatePath+"/layout.html",
|
||||
templatePath+"/"+name,
|
||||
))
|
||||
}
|
||||
|
||||
func main() {
|
||||
if len(os.Args) < 2 {
|
||||
server(os.Args[1:])
|
||||
return
|
||||
}
|
||||
|
||||
switch os.Args[1] {
|
||||
case "cli":
|
||||
cliMain(os.Args[2:])
|
||||
case "server":
|
||||
server(os.Args[2:])
|
||||
default:
|
||||
log.Println("Usage: guichet [server|cli] --help")
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
||||
func server(args []string) {
|
||||
log.Println("Starting Guichet Server")
|
||||
fsServer.Parse(args)
|
||||
config_file := readConfig()
|
||||
config = &config_file
|
||||
|
||||
|
@ -109,8 +144,12 @@ func main() {
|
|||
|
||||
r := mux.NewRouter()
|
||||
r.HandleFunc("/", handleHome)
|
||||
r.HandleFunc("/login", handleLogin)
|
||||
r.HandleFunc("/logout", handleLogout)
|
||||
|
||||
r.HandleFunc("/api/unstable/website", handleAPIWebsiteList)
|
||||
r.HandleFunc("/api/unstable/website/{bucket}", handleAPIWebsiteInspect)
|
||||
|
||||
r.HandleFunc("/profile", handleProfile)
|
||||
r.HandleFunc("/passwd", handlePasswd)
|
||||
r.HandleFunc("/picture/{name}", handleDownloadPicture)
|
||||
|
@ -118,16 +157,23 @@ func main() {
|
|||
r.HandleFunc("/directory/search", handleDirectorySearch)
|
||||
r.HandleFunc("/directory", handleDirectory)
|
||||
|
||||
r.HandleFunc("/website", handleWebsiteList)
|
||||
r.HandleFunc("/website/new", handleWebsiteNew)
|
||||
r.HandleFunc("/website/inspect/{bucket}", handleWebsiteInspect)
|
||||
r.HandleFunc("/website/vhost/{bucket}", handleWebsiteVhost)
|
||||
|
||||
r.HandleFunc("/invite/new_account", handleInviteNewAccount)
|
||||
r.HandleFunc("/invite/send_code", handleInviteSendCode)
|
||||
r.HandleFunc("/invitation/{code}", handleInvitationCode)
|
||||
|
||||
r.HandleFunc("/admin/users", handleAdminUsers)
|
||||
r.HandleFunc("/admin/groups", handleAdminGroups)
|
||||
r.HandleFunc("/admin/mailing", handleAdminMailing)
|
||||
r.HandleFunc("/admin/mailing/{id}", handleAdminMailingList)
|
||||
r.HandleFunc("/admin/ldap/{dn}", handleAdminLDAP)
|
||||
r.HandleFunc("/admin/create/{template}/{super_dn}", handleAdminCreate)
|
||||
|
||||
staticfiles := http.FileServer(http.Dir("static"))
|
||||
staticfiles := http.FileServer(http.Dir(staticPath))
|
||||
r.Handle("/static/{file:.*}", http.StripPrefix("/static/", staticfiles))
|
||||
|
||||
log.Printf("Starting HTTP server on %s", config.HttpBindAddr)
|
||||
|
@ -137,31 +183,6 @@ func main() {
|
|||
}
|
||||
}
|
||||
|
||||
type LoginInfo struct {
|
||||
Username string
|
||||
DN string
|
||||
Password string
|
||||
}
|
||||
|
||||
type LoginStatus struct {
|
||||
Info *LoginInfo
|
||||
conn *ldap.Conn
|
||||
UserEntry *ldap.Entry
|
||||
CanAdmin bool
|
||||
CanInvite bool
|
||||
}
|
||||
|
||||
func (login *LoginStatus) WelcomeName() string {
|
||||
ret := login.UserEntry.GetAttributeValue("givenname")
|
||||
if ret == "" {
|
||||
ret = login.UserEntry.GetAttributeValue("displayname")
|
||||
}
|
||||
if ret == "" {
|
||||
ret = login.Info.Username
|
||||
}
|
||||
return ret
|
||||
}
|
||||
|
||||
func logRequest(handler http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
log.Printf("%s %s %s\n", r.RemoteAddr, r.Method, r.URL)
|
||||
|
@ -169,148 +190,31 @@ func logRequest(handler http.Handler) http.Handler {
|
|||
})
|
||||
}
|
||||
|
||||
func checkLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
|
||||
var login_info *LoginInfo
|
||||
|
||||
session, err := store.Get(r, SESSION_NAME)
|
||||
if err == nil {
|
||||
username, ok := session.Values["login_username"]
|
||||
password, ok2 := session.Values["login_password"]
|
||||
user_dn, ok3 := session.Values["login_dn"]
|
||||
|
||||
if ok && ok2 && ok3 {
|
||||
login_info = &LoginInfo{
|
||||
DN: user_dn.(string),
|
||||
Username: username.(string),
|
||||
Password: password.(string),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if login_info == nil {
|
||||
login_info = handleLogin(w, r)
|
||||
if login_info == nil {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
l := ldapOpen(w)
|
||||
if l == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
err = l.Bind(login_info.DN, login_info.Password)
|
||||
if err != nil {
|
||||
delete(session.Values, "login_username")
|
||||
delete(session.Values, "login_password")
|
||||
delete(session.Values, "login_dn")
|
||||
|
||||
err = session.Save(r, w)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return nil
|
||||
}
|
||||
return checkLogin(w, r)
|
||||
}
|
||||
|
||||
loginStatus := &LoginStatus{
|
||||
Info: login_info,
|
||||
conn: l,
|
||||
}
|
||||
|
||||
requestKind := "(objectClass=organizationalPerson)"
|
||||
if strings.EqualFold(login_info.DN, config.AdminAccount) {
|
||||
requestKind = "(objectclass=*)"
|
||||
}
|
||||
searchRequest := ldap.NewSearchRequest(
|
||||
login_info.DN,
|
||||
ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false,
|
||||
requestKind,
|
||||
[]string{
|
||||
"dn",
|
||||
"displayname",
|
||||
"givenname",
|
||||
"sn",
|
||||
"mail",
|
||||
"memberof",
|
||||
"description",
|
||||
FIELD_NAME_DIRECTORY_VISIBILITY,
|
||||
FIELD_NAME_PROFILE_PICTURE,
|
||||
},
|
||||
nil)
|
||||
|
||||
sr, err := l.Search(searchRequest)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return nil
|
||||
}
|
||||
|
||||
if len(sr.Entries) != 1 {
|
||||
http.Error(w, fmt.Sprintf("Unable to find entry for %s", login_info.DN), http.StatusInternalServerError)
|
||||
return nil
|
||||
}
|
||||
|
||||
loginStatus.UserEntry = sr.Entries[0]
|
||||
|
||||
loginStatus.CanAdmin = strings.EqualFold(loginStatus.Info.DN, config.AdminAccount)
|
||||
loginStatus.CanInvite = false
|
||||
for _, attr := range loginStatus.UserEntry.Attributes {
|
||||
if strings.EqualFold(attr.Name, "memberof") {
|
||||
for _, group := range attr.Values {
|
||||
if config.GroupCanInvite != "" && strings.EqualFold(group, config.GroupCanInvite) {
|
||||
loginStatus.CanInvite = true
|
||||
}
|
||||
if config.GroupCanAdmin != "" && strings.EqualFold(group, config.GroupCanAdmin) {
|
||||
loginStatus.CanAdmin = true
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return loginStatus
|
||||
}
|
||||
|
||||
func ldapOpen(w http.ResponseWriter) *ldap.Conn {
|
||||
l, err := ldap.DialURL(config.LdapServerAddr)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return nil
|
||||
}
|
||||
|
||||
if config.LdapTLS {
|
||||
err = l.StartTLS(&tls.Config{InsecureSkipVerify: true})
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
return l
|
||||
}
|
||||
|
||||
// Page handlers ----
|
||||
|
||||
// --- Home Controller
|
||||
type HomePageData struct {
|
||||
Login *LoginStatus
|
||||
User *LoggedUser
|
||||
BaseDN string
|
||||
}
|
||||
|
||||
func handleHome(w http.ResponseWriter, r *http.Request) {
|
||||
templateHome := template.Must(template.ParseFiles("templates/layout.html", "templates/home.html"))
|
||||
templateHome := getTemplate("home.html")
|
||||
|
||||
login := checkLogin(w, r)
|
||||
if login == nil {
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
data := &HomePageData{
|
||||
Login: login,
|
||||
User: user,
|
||||
BaseDN: config.BaseDN,
|
||||
}
|
||||
|
||||
templateHome.Execute(w, data)
|
||||
}
|
||||
|
||||
// --- Logout Controller
|
||||
func handleLogout(w http.ResponseWriter, r *http.Request) {
|
||||
session, err := store.Get(r, SESSION_NAME)
|
||||
if err != nil {
|
||||
|
@ -327,9 +231,10 @@ func handleLogout(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
http.Redirect(w, r, "/", http.StatusFound)
|
||||
http.Redirect(w, r, "/login", http.StatusFound)
|
||||
}
|
||||
|
||||
// --- Login Controller ---
|
||||
type LoginFormData struct {
|
||||
Username string
|
||||
WrongUser bool
|
||||
|
@ -337,28 +242,26 @@ type LoginFormData struct {
|
|||
ErrorMessage string
|
||||
}
|
||||
|
||||
func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
||||
templateLogin := template.Must(template.ParseFiles("templates/layout.html", "templates/login.html"))
|
||||
func handleLogin(w http.ResponseWriter, r *http.Request) {
|
||||
templateLogin := getTemplate("login.html")
|
||||
|
||||
if r.Method == "GET" {
|
||||
templateLogin.Execute(w, LoginFormData{})
|
||||
return nil
|
||||
return
|
||||
} else if r.Method == "POST" {
|
||||
r.ParseForm()
|
||||
|
||||
username := strings.Join(r.Form["username"], "")
|
||||
password := strings.Join(r.Form["password"], "")
|
||||
user_dn := fmt.Sprintf("%s=%s,%s", config.UserNameAttr, username, config.UserBaseDN)
|
||||
if strings.EqualFold(username, config.AdminAccount) {
|
||||
user_dn = username
|
||||
loginInfo := LoginInfo{username, password}
|
||||
|
||||
l, err := NewLdapCon()
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
l := ldapOpen(w)
|
||||
if l == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
err := l.Bind(user_dn, password)
|
||||
err = l.Bind(loginInfo.DN(), loginInfo.Password)
|
||||
if err != nil {
|
||||
data := &LoginFormData{
|
||||
Username: username,
|
||||
|
@ -371,7 +274,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
|||
data.ErrorMessage = err.Error()
|
||||
}
|
||||
templateLogin.Execute(w, data)
|
||||
return nil
|
||||
return
|
||||
}
|
||||
|
||||
// Successfully logged in, save it to session
|
||||
|
@ -382,21 +285,15 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
|||
|
||||
session.Values["login_username"] = username
|
||||
session.Values["login_password"] = password
|
||||
session.Values["login_dn"] = user_dn
|
||||
|
||||
err = session.Save(r, w)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return nil
|
||||
return
|
||||
}
|
||||
|
||||
return &LoginInfo{
|
||||
DN: user_dn,
|
||||
Username: username,
|
||||
Password: password,
|
||||
}
|
||||
http.Redirect(w, r, "/", http.StatusFound)
|
||||
} else {
|
||||
http.Error(w, "Unsupported method", http.StatusBadRequest)
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
|
12
picture.go
12
picture.go
|
@ -43,8 +43,8 @@ func newMinioClient() (*minio.Client, error) {
|
|||
return minioCLient, nil
|
||||
}
|
||||
|
||||
//Upload image through guichet server.
|
||||
func uploadProfilePicture(w http.ResponseWriter, r *http.Request, login *LoginStatus) (string, error) {
|
||||
// Upload image through guichet server.
|
||||
func uploadProfilePicture(w http.ResponseWriter, r *http.Request, user *LoggedUser) (string, error) {
|
||||
file, _, err := r.FormFile("image")
|
||||
|
||||
if err == http.ErrMissingFile {
|
||||
|
@ -74,7 +74,7 @@ func uploadProfilePicture(w http.ResponseWriter, r *http.Request, login *LoginSt
|
|||
|
||||
// If a previous profile picture existed, delete it
|
||||
// (don't care about errors)
|
||||
if nameConsul := login.UserEntry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE); nameConsul != "" {
|
||||
if nameConsul := user.Entry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE); nameConsul != "" {
|
||||
mc.RemoveObject(context.Background(), config.S3Bucket, nameConsul, minio.RemoveObjectOptions{})
|
||||
mc.RemoveObject(context.Background(), config.S3Bucket, nameConsul+"-thumb", minio.RemoveObjectOptions{})
|
||||
}
|
||||
|
@ -144,9 +144,9 @@ func resizePicture(file multipart.File, buffFull, buffThumb *bytes.Buffer) error
|
|||
func handleDownloadPicture(w http.ResponseWriter, r *http.Request) {
|
||||
name := mux.Vars(r)["name"]
|
||||
|
||||
//Check login
|
||||
login := checkLogin(w, r)
|
||||
if login == nil {
|
||||
// Get user
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
|
|
58
profile.go
58
profile.go
|
@ -1,7 +1,6 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"html/template"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
|
@ -9,7 +8,7 @@ import (
|
|||
)
|
||||
|
||||
type ProfileTplData struct {
|
||||
Status *LoginStatus
|
||||
User *LoggedUser
|
||||
ErrorMessage string
|
||||
Success bool
|
||||
Mail string
|
||||
|
@ -22,26 +21,26 @@ type ProfileTplData struct {
|
|||
}
|
||||
|
||||
func handleProfile(w http.ResponseWriter, r *http.Request) {
|
||||
templateProfile := template.Must(template.ParseFiles("templates/layout.html", "templates/profile.html"))
|
||||
templateProfile := getTemplate("profile.html")
|
||||
|
||||
login := checkLogin(w, r)
|
||||
if login == nil {
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
data := &ProfileTplData{
|
||||
Status: login,
|
||||
User: user,
|
||||
ErrorMessage: "",
|
||||
Success: false,
|
||||
}
|
||||
|
||||
data.Mail = login.UserEntry.GetAttributeValue("mail")
|
||||
data.DisplayName = login.UserEntry.GetAttributeValue("displayname")
|
||||
data.GivenName = login.UserEntry.GetAttributeValue("givenname")
|
||||
data.Surname = login.UserEntry.GetAttributeValue("sn")
|
||||
data.Visibility = login.UserEntry.GetAttributeValue(FIELD_NAME_DIRECTORY_VISIBILITY)
|
||||
data.Description = login.UserEntry.GetAttributeValue("description")
|
||||
data.ProfilePicture = login.UserEntry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE)
|
||||
data.Mail = user.Entry.GetAttributeValue("mail")
|
||||
data.DisplayName = user.Entry.GetAttributeValue("displayname")
|
||||
data.GivenName = user.Entry.GetAttributeValue("givenname")
|
||||
data.Surname = user.Entry.GetAttributeValue("sn")
|
||||
data.Visibility = user.Entry.GetAttributeValue(FIELD_NAME_DIRECTORY_VISIBILITY)
|
||||
data.Description = user.Entry.GetAttributeValue("description")
|
||||
data.ProfilePicture = user.Entry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE)
|
||||
|
||||
if r.Method == "POST" {
|
||||
//5MB maximum size files
|
||||
|
@ -57,7 +56,7 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
data.Visibility = visible
|
||||
|
||||
profilePicture, err := uploadProfilePicture(w, r, login)
|
||||
profilePicture, err := uploadProfilePicture(w, r, user)
|
||||
if err != nil {
|
||||
data.ErrorMessage = err.Error()
|
||||
}
|
||||
|
@ -66,7 +65,7 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
|
|||
data.ProfilePicture = profilePicture
|
||||
}
|
||||
|
||||
modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
|
||||
modify_request := ldap.NewModifyRequest(user.Login.Info.DN(), nil)
|
||||
modify_request.Replace("displayname", []string{data.DisplayName})
|
||||
modify_request.Replace("givenname", []string{data.GivenName})
|
||||
modify_request.Replace("sn", []string{data.Surname})
|
||||
|
@ -76,7 +75,7 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
|
|||
modify_request.Replace(FIELD_NAME_PROFILE_PICTURE, []string{data.ProfilePicture})
|
||||
}
|
||||
|
||||
err = login.conn.Modify(modify_request)
|
||||
err = user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
data.ErrorMessage = err.Error()
|
||||
} else {
|
||||
|
@ -89,7 +88,7 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
type PasswdTplData struct {
|
||||
Status *LoginStatus
|
||||
User *LoggedUser
|
||||
ErrorMessage string
|
||||
TooShortError bool
|
||||
NoMatchError bool
|
||||
|
@ -97,15 +96,15 @@ type PasswdTplData struct {
|
|||
}
|
||||
|
||||
func handlePasswd(w http.ResponseWriter, r *http.Request) {
|
||||
templatePasswd := template.Must(template.ParseFiles("templates/layout.html", "templates/passwd.html"))
|
||||
templatePasswd := getTemplate("passwd.html")
|
||||
|
||||
login := checkLogin(w, r)
|
||||
if login == nil {
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
data := &PasswdTplData{
|
||||
Status: login,
|
||||
User: user,
|
||||
ErrorMessage: "",
|
||||
Success: false,
|
||||
}
|
||||
|
@ -121,13 +120,18 @@ func handlePasswd(w http.ResponseWriter, r *http.Request) {
|
|||
} else if password2 != password {
|
||||
data.NoMatchError = true
|
||||
} else {
|
||||
modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
|
||||
modify_request.Replace("userpassword", []string{SSHAEncode([]byte(password))})
|
||||
err := login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
data.ErrorMessage = err.Error()
|
||||
modify_request := ldap.NewModifyRequest(user.Login.Info.DN(), nil)
|
||||
pw, err := SSHAEncode(password)
|
||||
if err == nil {
|
||||
modify_request.Replace("userpassword", []string{pw})
|
||||
err := user.Login.conn.Modify(modify_request)
|
||||
if err != nil {
|
||||
data.ErrorMessage = err.Error()
|
||||
} else {
|
||||
data.Success = true
|
||||
}
|
||||
} else {
|
||||
data.Success = true
|
||||
data.ErrorMessage = err.Error()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
151
quotas.go
Normal file
151
quotas.go
Normal file
|
@ -0,0 +1,151 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"strconv"
|
||||
|
||||
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
|
||||
"github.com/go-ldap/ldap/v3"
|
||||
)
|
||||
|
||||
const (
|
||||
// --- Default Quota Values ---
|
||||
QUOTA_WEBSITE_SIZE_DEFAULT = 1024 * 1024 * 50 // 50MB
|
||||
QUOTA_WEBSITE_SIZE_BURSTED = 1024 * 1024 * 200 // 200MB
|
||||
QUOTA_WEBSITE_OBJECTS = 10000 // 10k objects
|
||||
QUOTA_WEBSITE_COUNT = 5 // 5 buckets
|
||||
|
||||
// --- Per-user overridable fields ---
|
||||
FIELD_QUOTA_WEBSITE_SIZE_BURSTED = "quota_website_size_bursted"
|
||||
FIELD_QUOTA_WEBSITE_COUNT = "quota_website_count"
|
||||
)
|
||||
|
||||
type UserQuota struct {
|
||||
WebsiteCount int64
|
||||
WebsiteSizeDefault int64
|
||||
WebsiteSizeBursted int64
|
||||
WebsiteObjects int64
|
||||
}
|
||||
|
||||
func NewUserQuota() *UserQuota {
|
||||
return &UserQuota{
|
||||
WebsiteCount: QUOTA_WEBSITE_COUNT,
|
||||
WebsiteSizeDefault: QUOTA_WEBSITE_SIZE_DEFAULT,
|
||||
WebsiteSizeBursted: QUOTA_WEBSITE_SIZE_BURSTED,
|
||||
WebsiteObjects: QUOTA_WEBSITE_OBJECTS,
|
||||
}
|
||||
}
|
||||
|
||||
var (
|
||||
ErrQuotaEmpty = fmt.Errorf("No quota is defined for this entry")
|
||||
ErrQuotaInvalid = fmt.Errorf("The defined quota can't be parsed")
|
||||
)
|
||||
|
||||
func entryToQuota(entry *ldap.Entry, field string) (int64, error) {
|
||||
f := entry.GetAttributeValue(field)
|
||||
if f == "" {
|
||||
return -1, ErrQuotaEmpty
|
||||
}
|
||||
|
||||
q, err := strconv.ParseInt(f, 10, 64)
|
||||
if err != nil {
|
||||
return -1, errors.Join(ErrQuotaInvalid, err)
|
||||
}
|
||||
return q, nil
|
||||
}
|
||||
|
||||
func NewUserQuotaFromEntry(entry *ldap.Entry) *UserQuota {
|
||||
quotas := NewUserQuota()
|
||||
|
||||
if q, err := entryToQuota(entry, FIELD_QUOTA_WEBSITE_COUNT); err == nil {
|
||||
quotas.WebsiteCount = q
|
||||
}
|
||||
|
||||
if q, err := entryToQuota(entry, FIELD_QUOTA_WEBSITE_SIZE_BURSTED); err == nil {
|
||||
quotas.WebsiteSizeBursted = q
|
||||
}
|
||||
|
||||
return quotas
|
||||
}
|
||||
|
||||
func (q *UserQuota) DefaultWebsiteQuota() *garage.UpdateBucketRequestQuotas {
|
||||
qr := garage.NewUpdateBucketRequestQuotas()
|
||||
|
||||
qr.SetMaxSize(q.WebsiteSizeDefault)
|
||||
qr.SetMaxObjects(q.WebsiteSizeBursted)
|
||||
|
||||
return qr
|
||||
}
|
||||
|
||||
func (q *UserQuota) WebsiteSizeAdjust(sz int64) int64 {
|
||||
if sz < q.WebsiteSizeDefault {
|
||||
return q.WebsiteSizeDefault
|
||||
} else if sz > q.WebsiteSizeBursted {
|
||||
return q.WebsiteSizeBursted
|
||||
} else {
|
||||
return sz
|
||||
}
|
||||
}
|
||||
|
||||
func (q *UserQuota) WebsiteObjectAdjust(objs int64) int64 {
|
||||
if objs > q.WebsiteObjects || objs <= 0 {
|
||||
return q.WebsiteObjects
|
||||
} else {
|
||||
return objs
|
||||
}
|
||||
}
|
||||
|
||||
func (q *UserQuota) WebsiteSizeBurstedPretty() string {
|
||||
return prettyValue(q.WebsiteSizeBursted)
|
||||
}
|
||||
|
||||
// --- A quota stat we can use
|
||||
type QuotaStat struct {
|
||||
Current int64 `json:"current"`
|
||||
Max int64 `json:"max"`
|
||||
Ratio float64 `json:"ratio"`
|
||||
Burstable bool `json:"burstable"`
|
||||
}
|
||||
|
||||
func NewQuotaStat(current, max int64, burstable bool) QuotaStat {
|
||||
return QuotaStat{
|
||||
Current: current,
|
||||
Max: max,
|
||||
Ratio: float64(current) / float64(max),
|
||||
Burstable: burstable,
|
||||
}
|
||||
}
|
||||
func (q *QuotaStat) IsFull() bool {
|
||||
return q.Current >= q.Max
|
||||
}
|
||||
func (q *QuotaStat) Percent() int64 {
|
||||
return int64(q.Ratio * 100)
|
||||
}
|
||||
|
||||
func (q *QuotaStat) PrettyCurrent() string {
|
||||
return prettyValue(q.Current)
|
||||
}
|
||||
func (q *QuotaStat) PrettyMax() string {
|
||||
return prettyValue(q.Max)
|
||||
}
|
||||
|
||||
func prettyValue(v int64) string {
|
||||
if v < 1024 {
|
||||
return fmt.Sprintf("%d octets", v)
|
||||
}
|
||||
v = v / 1024
|
||||
if v < 1024 {
|
||||
return fmt.Sprintf("%d kio", v)
|
||||
}
|
||||
v = v / 1024
|
||||
if v < 1024 {
|
||||
return fmt.Sprintf("%d Mio", v)
|
||||
}
|
||||
v = v / 1024
|
||||
if v < 1024 {
|
||||
return fmt.Sprintf("%d Gio", v)
|
||||
}
|
||||
v = v / 1024
|
||||
return fmt.Sprintf("%d Tio", v)
|
||||
}
|
33
ssha.go
33
ssha.go
|
@ -1,37 +1,10 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"crypto/sha1"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
|
||||
log "github.com/sirupsen/logrus"
|
||||
"github.com/jsimonetti/pwscheme/ssha512"
|
||||
)
|
||||
|
||||
// Encode encodes the []byte of raw password
|
||||
func SSHAEncode(rawPassPhrase []byte) string {
|
||||
hash := makeSSHAHash(rawPassPhrase, makeSalt())
|
||||
b64 := base64.StdEncoding.EncodeToString(hash)
|
||||
return fmt.Sprintf("{ssha}%s", b64)
|
||||
}
|
||||
|
||||
// makeSalt make a 32 byte array containing random bytes.
|
||||
func makeSalt() []byte {
|
||||
sbytes := make([]byte, 32)
|
||||
_, err := rand.Read(sbytes)
|
||||
if err != nil {
|
||||
log.Panicf("Could not read random bytes: %s", err)
|
||||
}
|
||||
return sbytes
|
||||
}
|
||||
|
||||
// makeSSHAHash make hasing using SHA-1 with salt. This is not the final output though. You need to append {SSHA} string with base64 of this hash.
|
||||
func makeSSHAHash(passphrase, salt []byte) []byte {
|
||||
sha := sha1.New()
|
||||
sha.Write(passphrase)
|
||||
sha.Write(salt)
|
||||
|
||||
h := sha.Sum(nil)
|
||||
return append(h, salt...)
|
||||
func SSHAEncode(rawPassPhrase string) (string, error) {
|
||||
return ssha512.Generate(rawPassPhrase, 16)
|
||||
}
|
||||
|
|
10
static/css/bootstrap.min.css
vendored
10
static/css/bootstrap.min.css
vendored
File diff suppressed because one or more lines are too long
7
static/javascript/bootstrap.bundle.min.js
vendored
Normal file
7
static/javascript/bootstrap.bundle.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
2
static/javascript/jquery.slim.min.js
vendored
Normal file
2
static/javascript/jquery.slim.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
|
@ -30,33 +30,40 @@
|
|||
<input type="text" disabled="true" class="form-control" value="{{ .SuperDN }}" />
|
||||
</div>
|
||||
-->
|
||||
{{if eq .Template "ml"}}
|
||||
<div class="form-group">
|
||||
<label for="idvalue">Adresse complète de la mailing list :</label>
|
||||
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" placeholder="example@deuxfleurs.fr" />
|
||||
</div>
|
||||
{{else}}
|
||||
<div class="form-group">
|
||||
<label for="idvalue">Identifiant :</label>
|
||||
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" />
|
||||
</div>
|
||||
{{end}}
|
||||
<div class="form-group">
|
||||
<label for="idvalue">Identifiant:</label>
|
||||
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" />
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="idtype">Type d'identifiant:</label>
|
||||
<label for="idtype">Type d'identifiant :</label>
|
||||
<input type="text" {{if .Template}}disabled="disabled"{{end}} id="idtype" name="idtype" class="form-control" value="{{ .IdType }}" />
|
||||
</div>
|
||||
{{ if eq .Template "user" }}
|
||||
<div class="form-group">
|
||||
<label for="displayname">Nom:</label>
|
||||
<label for="displayname">Nom :</label>
|
||||
<input type="text" id="displayname" name="displayname" class="form-control" value="{{ .DisplayName }}" />
|
||||
</div>
|
||||
<input type="hidden" name="description" value="" />
|
||||
{{ else }}
|
||||
<div class="form-group">
|
||||
<label for="description">Description:</label>
|
||||
<label for="description">Description :</label>
|
||||
<input type="text" id="description" name="description" class="form-control" value="{{ .Description }}" />
|
||||
</div>
|
||||
<input type="hidden" name="displayname" value="" />
|
||||
{{ end }}
|
||||
<div class="form-group">
|
||||
<label for="soc">StructuralObjectClass:</label>
|
||||
<label for="soc">StructuralObjectClass :</label>
|
||||
<input type="text" {{if .Template}}disabled="disabled"{{end}} id="soc" name="soc" class="form-control" value="{{ .StructuralObjectClass }}" />
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="oc">ObjectClass:</label>
|
||||
<label for="oc">ObjectClass :</label>
|
||||
<textarea rows="5" {{if .Template}}disabled="disabled"{{end}} id="oc" name="oc" class="form-control">{{ .ObjectClass }}</textarea>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Créer l'objet</button>
|
||||
|
|
|
@ -8,6 +8,11 @@
|
|||
<a class="ml-4 btn btn-info" href="/">Menu principal</a>
|
||||
</div>
|
||||
|
||||
<div class="alert alert-warning mt-4">
|
||||
Les groupes servent uniquement à contrôler l'accès à différentes fonctionalités de Deuxfleurs.
|
||||
Ce ne sont pas des <a href="/admin/mailing">mailing lists</a>.
|
||||
</div>
|
||||
|
||||
<table class="table mt-4">
|
||||
<thead>
|
||||
<th scope="col">Identifiant</th>
|
||||
|
|
|
@ -23,7 +23,17 @@
|
|||
|
||||
<table class="table mt-4">
|
||||
<tbody>
|
||||
{{range .Children}}
|
||||
{{range .ChildrenOU}}
|
||||
<tr>
|
||||
<td>
|
||||
<a href="/admin/ldap/{{.DN}}">
|
||||
🗀 {{.Identifier}}
|
||||
</a>
|
||||
</td>
|
||||
<td>{{.Name}}</td>
|
||||
</tr>
|
||||
{{end}}
|
||||
{{range .ChildrenOther}}
|
||||
<tr>
|
||||
<td>
|
||||
<a href="/admin/ldap/{{.DN}}">
|
||||
|
@ -94,7 +104,11 @@
|
|||
<div class="col-md-3"><strong>{{$key}}</strong></div>
|
||||
<div class="col-md-9">
|
||||
{{range $value.Values}}
|
||||
<div>{{.}}</div>
|
||||
{{if eq $key "creatorsname" "modifiersname" }}
|
||||
<div><a href="/admin/ldap/{{.}}">{{.}}</a></div>
|
||||
{{else}}
|
||||
<div>{{.}}</div>
|
||||
{{end}}
|
||||
{{end}}
|
||||
</div>
|
||||
</div>
|
||||
|
|
32
templates/admin_mailing.html
Normal file
32
templates/admin_mailing.html
Normal file
|
@ -0,0 +1,32 @@
|
|||
{{define "title"}}Mailing lists |{{end}}
|
||||
|
||||
{{define "body"}}
|
||||
|
||||
<div class="d-flex">
|
||||
<h4>Mailing lists</h4>
|
||||
<a class="ml-auto btn btn-success" href="/admin/create/ml/{{.MailingBaseDN}}">Nouvelle mailing list</a>
|
||||
<a class="ml-4 btn btn-info" href="/">Menu principal</a>
|
||||
</div>
|
||||
|
||||
<table class="table mt-4">
|
||||
<thead>
|
||||
<th scope="col">Adresse</th>
|
||||
<th scope="col">Description</th>
|
||||
</thead>
|
||||
<tbody>
|
||||
{{with $root := .}}
|
||||
{{range $ml := $root.MailingLists}}
|
||||
<tr>
|
||||
<td>
|
||||
<a href="/admin/mailing/{{$ml.GetAttributeValue $root.MailingNameAttr}}">
|
||||
{{$ml.GetAttributeValue $root.MailingNameAttr}}
|
||||
</a>
|
||||
</td>
|
||||
<td>{{$ml.GetAttributeValue "description"}}</td>
|
||||
</tr>
|
||||
{{end}}
|
||||
{{end}}
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
{{end}}
|
117
templates/admin_mailing_list.html
Normal file
117
templates/admin_mailing_list.html
Normal file
|
@ -0,0 +1,117 @@
|
|||
{{define "title"}}ML {{.MailingList.GetAttributeValue .MailingNameAttr}} |{{end}}
|
||||
|
||||
{{define "body"}}
|
||||
|
||||
<div class="d-flex">
|
||||
<h4>ML {{.MailingList.GetAttributeValue .MailingNameAttr}}
|
||||
<a class="ml-auto btn btn-sm btn-dark" href="/admin/ldap/{{.MailingList.DN}}">Vue avancée</a>
|
||||
</h4>
|
||||
<a class="ml-auto btn btn-dark" href="/admin/mailing">Liste des ML</a>
|
||||
<a class="ml-4 btn btn-info" href="/">Menu principal</a>
|
||||
</div>
|
||||
|
||||
{{if .Success}}
|
||||
<div class="alert alert-success mt-2">Modification enregistrée.</div>
|
||||
{{end}}
|
||||
{{if .Error}}
|
||||
<div class="alert alert-danger mt-2">
|
||||
Impossible d'effectuer la modification.
|
||||
<div style="font-size: 0.8em">{{.Error}}</div>
|
||||
</div>
|
||||
{{end}}
|
||||
|
||||
{{with $desc := .MailingList.GetAttributeValue "description"}}{{if $desc}}
|
||||
<p class="mt-4">{{$desc}}</p>
|
||||
{{end}}{{end}}
|
||||
|
||||
<table class="table mt-4">
|
||||
<thead>
|
||||
<th scope="col">Adresse</th>
|
||||
<th scope="col">Nom</th>
|
||||
<th scope="col" style="width: 6em"></th>
|
||||
</thead>
|
||||
<tbody>
|
||||
{{with $root := .}}
|
||||
{{range $member := $root.Members}}
|
||||
<tr>
|
||||
<td>
|
||||
<a href="/admin/ldap/{{$member.DN}}">
|
||||
{{$member.GetAttributeValue "mail"}}
|
||||
</a>
|
||||
</td>
|
||||
<td>{{$member.GetAttributeValue "displayname"}}</td>
|
||||
<td>
|
||||
<form method="POST" onsubmit="return confirm('Supprimer de la ML ?');">
|
||||
<input type="hidden" name="action" value="delete-member" />
|
||||
<input type="hidden" name="member" value="{{.DN}}" />
|
||||
<input type="submit" value="Suppr" class="form-control btn btn-danger btn-sm" />
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
{{end}}
|
||||
{{end}}
|
||||
{{if not .Members}}
|
||||
<tr><td>(aucun abonné)</td></tr>
|
||||
{{end}}
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
<hr class="mt-4" />
|
||||
<h5 class="mt-4">Ajouter un destinataire</h5>
|
||||
|
||||
<div class="container">
|
||||
<form method="POST">
|
||||
<input type="hidden" name="action" value="add-member" />
|
||||
<div class="row mt-4">
|
||||
<div class="col-md-3"><strong>Utilisateur existant :</strong> </div>
|
||||
<div class="col-md-5">
|
||||
<input class="form-control" type="text" list="users" name="member" placeholder="Utilisateur..." />
|
||||
<datalist id="users">
|
||||
{{range .PossibleNewMembers}}
|
||||
{{if .GetAttributeValue "mail"}}
|
||||
<option value="{{.DN}}">{{if .GetAttributeValue "displayname"}}{{.GetAttributeValue "displayname"}} ({{.GetAttributeValue "mail" }}){{else}}{{.GetAttributeValue "mail"}}{{end}}</option>
|
||||
{{end}}
|
||||
{{end}}
|
||||
</datalist>
|
||||
</div>
|
||||
<div class="col-md-2">
|
||||
<input type="submit" value="Ajouter" class="form-control btn btn-success btn-sm" />
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
{{if .AllowGuest}}
|
||||
<div class="row mt-4">
|
||||
<div class="col-md-10">OU</div>
|
||||
</div>
|
||||
|
||||
<form method="POST">
|
||||
<input type="hidden" name="action" value="add-external" />
|
||||
<div class="row mt-4">
|
||||
<div class="col-md-3"><strong>E-mail :</strong></div>
|
||||
<div class="col-md-5">
|
||||
<input class="form-control" type="text" name="mail" placeholder="machin@truc.net..." />
|
||||
</div>
|
||||
<div class="col-md-2">
|
||||
</div>
|
||||
</div>
|
||||
<div class="row mt-4">
|
||||
<div class="col-md-3"><strong>Nom (optionnel) :</strong></div>
|
||||
<div class="col-md-5">
|
||||
<input class="form-control" type="text" name="displayname" placeholder="Machin Truc..." />
|
||||
</div>
|
||||
<div class="col-md-2">
|
||||
<input type="submit" value="Ajouter" class="form-control btn btn-success btn-sm" />
|
||||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<small class="form-text text-muted col-md-10">
|
||||
Si un utilisateur existe déjà avec l'email spécifiée, celui-ci sera ajouté à la liste.
|
||||
Sinon, un utilisateur invité sera créé.
|
||||
</small>
|
||||
</div>
|
||||
</form>
|
||||
{{end}}
|
||||
</div>
|
||||
|
||||
{{end}}
|
72
templates/garage_website_edit.html
Normal file
72
templates/garage_website_edit.html
Normal file
|
@ -0,0 +1,72 @@
|
|||
{{define "title"}}Créer un site web |{{end}}
|
||||
|
||||
{{define "body"}}
|
||||
<div class="d-flex">
|
||||
<h4>Modifier le nom de domaine</h4>
|
||||
<a class="ml-auto btn btn-link" href="/website/configure">Mes identifiants</a>
|
||||
<a class="ml-4 btn btn-info" href="/website">Mes sites webs</a>
|
||||
</div>
|
||||
|
||||
<div class="row mt-3">
|
||||
<div class="col-md-12">
|
||||
{{if .Err}}
|
||||
<div class="alert alert-danger">{{ .Err.Error }}</div>
|
||||
{{end}}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<ul class="nav nav-tabs" id="proto" role="tablist">
|
||||
<li class="nav-item">
|
||||
<a class="nav-link active" id="dnsint-tab" data-toggle="tab" href="#dnsint" role="tab" aria-controls="dnsint" aria-selected="true">Je n'ai pas de nom de domaine</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" id="dnsext-tab" data-toggle="tab" href="#dnsext" role="tab" aria-controls="dnsext" aria-selected="false">Utiliser mon propre nom de domaine</a>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
<div class="tab-content" id="protocols">
|
||||
|
||||
<div class="tab-pane fade show active" id="dnsint" role="tabpanel" aria-labelledby="dnsint-tab">
|
||||
<form method="POST" class="mt-4">
|
||||
<div class="form-row">
|
||||
<div class="form-group col-md-6">
|
||||
<label for="bucket">Sous-domaine désiré :</label>
|
||||
<input type="text" id="bucket" name="bucket" placeholder="mon-site" class="form-control" value="" onkeyup="document.getElementById('url').value = `https://${document.getElementById('bucket').value}.web.deuxfleurs.fr`" />
|
||||
</div>
|
||||
<div class="form-group col-md-6">
|
||||
<label for="url">Votre site sera accessible à l'URL suivante :</label>
|
||||
<input type="text" id="url" disabled="true" name="url" class="form-control" value="https://mon-site.web.deuxfleurs.fr" />
|
||||
</div>
|
||||
</div>
|
||||
<div class="mt-4">
|
||||
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Modifier le nom de domaine</button>
|
||||
</form>
|
||||
</div>
|
||||
<div class="tab-pane fade show" id="dnsext" role="tabpanel" aria-labelledby="dnsext-tab">
|
||||
<form method="POST" class="mt-4">
|
||||
<div class="form-row">
|
||||
<div class="form-group col-md-6">
|
||||
<label for="bucket2">Votre nom de domaine :</label>
|
||||
<input type="text" id="bucket2" name="bucket2" placeholder="example.com" class="form-control" value="" onkeyup="document.getElementById('url2').value = `https://${document.getElementById('bucket2').value}`" />
|
||||
</div>
|
||||
<div class="form-group col-md-6">
|
||||
<label for="url2">Votre site sera accessible à l'URL suivante :</label>
|
||||
<input type="text" id="url2" disabled="true" name="url2" class="form-control" value="https://example.com" />
|
||||
</div>
|
||||
</div>
|
||||
<div>
|
||||
<p>Vous devez éditer votre zone DNS, souvent gérée par votre bureau d'enregistrement, comme Gandi, pour la faire pointer vers Deuxfleurs. Si vous utilisez un sous domaine (eg. <code>site.example.com</code>), une entrée <code>CNAME</code> est appropriée :</p>
|
||||
<pre>site CNAME 3600 garage.deuxfleurs.fr.</pre>
|
||||
<p>Si vous utilisez la racine de votre nom de domaine (eg. <code>example.com</code>, aussi appelée APEX), la solution dépend de votre fournisseur DNS, il vous faudra au choix une entrée <code>ALIAS</code> ou <code>CNAME</code> en fonction de ce que votre fournisseur supporte :</p>
|
||||
<pre>@ ALIAS 3600 garage.deuxfleurs.fr.</pre>
|
||||
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
|
||||
</div>
|
||||
<div class="mt-4">
|
||||
<button type="submit" class="btn btn-primary">Modifier le nom de domaine</button>
|
||||
</form>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
355
templates/garage_website_inspect.html
Normal file
355
templates/garage_website_inspect.html
Normal file
|
@ -0,0 +1,355 @@
|
|||
{{define "title"}}Inspecter le site web |{{end}}
|
||||
|
||||
{{define "body"}}
|
||||
<div class="d-flex">
|
||||
<!--<h4>Inspecter les sites webs</h4>-->
|
||||
<a class="ml-auto btn btn-link" href="/website/configure">Mes identifiants</a>
|
||||
<a class="ml-4 btn btn-info" href="/">Menu principal</a>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
{{ if .Err }}
|
||||
<div class="col-md-12 mt-3">
|
||||
<div class="alert alert-danger">{{ .Err.Error }}</div>
|
||||
</div>
|
||||
{{ end }}
|
||||
|
||||
<div class="col-md-3 mt-3">
|
||||
<a class="btn btn-primary btn-block" href="/website/new">
|
||||
<svg id="i-plus" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 32 32" width="18" height="18" fill="none" stroke="currentcolor" stroke-linecap="round" stroke-linejoin="round" stroke-width="6">
|
||||
<path d="M16 2 L16 30 M2 16 L30 16" />
|
||||
</svg>
|
||||
<span class="ml-1">Nouveau site web</span>
|
||||
</a>
|
||||
|
||||
<div class="list-group mt-3">
|
||||
{{ $view := .View }}
|
||||
{{ range $wid := .Describe.Websites }}
|
||||
{{ if eq $wid.Internal $view.Name.Internal }}
|
||||
<a href="/website/inspect/{{ $wid.Pretty }}" class="list-group-item list-group-item-action active">
|
||||
{{ $wid.Url }}
|
||||
</a>
|
||||
{{ else }}
|
||||
<a href="/website/inspect/{{ $wid.Pretty }}" class="list-group-item list-group-item-action">
|
||||
{{ $wid.Url }}
|
||||
</a>
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
</div>
|
||||
|
||||
<p class="text-center mt-2">
|
||||
{{ .Describe.AllowedWebsites.Current }} sites créés sur {{ .Describe.AllowedWebsites.Max }}<br/>
|
||||
Jusqu'à {{ .Describe.BurstBucketQuotaSize }} par site web
|
||||
</p>
|
||||
</div>
|
||||
<div class="col-md-9">
|
||||
<h2>{{ .View.Name.Url }}</h2>
|
||||
|
||||
<!-- QUOTAS -->
|
||||
|
||||
<h5 class="mt-3">Quotas</h5>
|
||||
<div class="progress mt-3">
|
||||
<div class="progress-bar" role="progressbar" aria-valuenow="{{ .View.Size.Current }}" aria-valuemin="0" aria-valuemax="{{ .View.Size.Max }}" style="width: {{ .View.Size.Percent }}%; min-width: 2em;">
|
||||
{{ .View.Size.Percent }}%
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<p class="text-center">
|
||||
{{ .View.Size.PrettyCurrent }} utilisé sur un maximum de {{ .View.Size.PrettyMax }}
|
||||
{{ if gt .View.Files.Ratio 0.5 }}
|
||||
<br>{{ .View.Files.Current }} fichiers sur un maximum de {{ .View.Files.Max }}
|
||||
{{ end }}
|
||||
</p>
|
||||
|
||||
<!-- ACTIONS -->
|
||||
<h5 class="mt-3">Actions</h5>
|
||||
<form action="" method="post">
|
||||
<div class="btn-group" role="group" aria-label="Actions sur le site web">
|
||||
<button class="btn btn-secondary" name="action" value="increase_quota">Augmenter le quota</button>
|
||||
<button class="btn btn-secondary" name="action" value="rotate_key">Rotation de la clé</button>
|
||||
<a class="btn btn-secondary" href="/website/vhost/{{ .View.Name.Pretty }}">Changer le nom de domaine</a>
|
||||
<button class="btn btn-danger" name="action" value="delete_bucket">Supprimer</button>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
|
||||
<!-- INFO -->
|
||||
<h5 class="mt-3">Informations de connexion</h5>
|
||||
<ul class="nav nav-tabs" id="proto" role="tablist">
|
||||
<li class="nav-item">
|
||||
<a class="nav-link active" id="s3-tab" data-toggle="tab" href="#s3" role="tab" aria-controls="s3" aria-selected="true">S3 (recommandé)</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" id="sftp-tab" data-toggle="tab" href="#sftp" role="tab" aria-controls="sftp" aria-selected="false">SFTP</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" id="dav-tab" data-toggle="tab" href="#dav" role="tab" aria-controls="dav" aria-selected="false">WebDAV</a>
|
||||
</li>
|
||||
</ul>
|
||||
<div class="tab-content" id="protocols">
|
||||
<div class="tab-pane fade show active" id="s3" role="tabpanel" aria-labelledby="s3-tab">
|
||||
<table class="table mt-4">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th scope="row" class="col-md-2">Identifiant de clé</th>
|
||||
<td>{{ .View.AccessKeyId }}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Clé secrète</th>
|
||||
<td>
|
||||
<a href="#" onclick="document.getElementById('secret_key').style.display='inline'; this.style.display='none'">[Afficher la clé secrète]</a>
|
||||
<span id="secret_key" style="display: none">{{ .View.SecretAccessKey }}</span>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Région</th>
|
||||
<td>garage</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Endpoint URL</th>
|
||||
<td>https://garage.deuxfleurs.fr</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Type d'URL</th>
|
||||
<td>DNS et chemin (préférer chemin)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Signature</th>
|
||||
<td>Version 4</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
<p>Configurer votre logiciel :</p>
|
||||
|
||||
<div class="accordion" id="softconfig">
|
||||
<div class="card">
|
||||
<div class="card-header" id="awscli-title">
|
||||
<h2 class="mb-0">
|
||||
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#awscli" aria-expanded="false" aria-controls="awscli">
|
||||
awscli (tout générateur de site statique)
|
||||
</button>
|
||||
</h2>
|
||||
</div>
|
||||
<div id="awscli" class="collapse show" aria-labelledby="awscli-title" data-parent="#softconfig">
|
||||
<div class="card-body">
|
||||
<p>Lancez la commande :</p>
|
||||
<pre>aws --profile {{ .View.Name.Pretty }} configure</pre>
|
||||
|
||||
<p>Entrez les informations suivantes quand elles vous sont demandées :</p>
|
||||
<dl>
|
||||
<dt>AWS Access Key ID [None]:</dt><dd>{{ .View.AccessKeyId }}</dd>
|
||||
<dt>AWS Secret Access Key [None]:</dt><dd><a href="#" onclick="document.getElementById('aws_secret_key').style.display='inline'; this.style.display='none'">[Afficher la clé secrète]</a><span id="aws_secret_key" style="display: none">{{ .View.SecretAccessKey }}</span></dd>
|
||||
<dt>Default region name [None]:</dt> <dd>garage</dd>
|
||||
<dt>Default output format [None]:</dt> <dd>(laissez vide et appuyez sur entrée)</dd>
|
||||
</dl>
|
||||
|
||||
<p>Finalisez la configuration :</p>
|
||||
<pre>aws --profile {{ .View.Name.Pretty }} configure set endpoint_url https://garage.deuxfleurs.fr</pre>
|
||||
|
||||
|
||||
<p>Pour déployer votre dossier local <code>public</code> lancez :</p>
|
||||
<pre>
|
||||
aws --profile {{ .View.Name.Pretty }} s3 sync ./public s3://{{ .View.Name.Pretty }}
|
||||
</pre>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-header" id="minio-title">
|
||||
<h2 class="mb-0">
|
||||
<button class="btn btn-link btn-block text-left" type="button" data-toggle="collapse" data-target="#minio" aria-expanded="true" aria-controls="minio">
|
||||
Minio CLI (tout générateur de site statique)
|
||||
</button>
|
||||
</h2>
|
||||
</div>
|
||||
|
||||
<div id="minio" class="collapse" aria-labelledby="minio-title" data-parent="#softconfig">
|
||||
<div class="card-body">
|
||||
<p>Vous pouvez configurer Minio CLI avec cette commande :</p>
|
||||
<pre>
|
||||
mc alias set \
|
||||
{{ .View.Name.Pretty }} \
|
||||
https://garage.deuxfleurs.fr \
|
||||
{{ .View.AccessKeyId }} \
|
||||
<a href="#" onclick="document.getElementById('minio_secret_key').style.display='inline'; this.style.display='none'">[Afficher la clé secrète]</a><span id="minio_secret_key" style="display: none">{{ .View.SecretAccessKey }}</span> \
|
||||
--api S3v4
|
||||
</pre>
|
||||
<p>Et ensuite copiez votre site web avec la sous-commande mirror de Minio CLI :</p>
|
||||
<pre>
|
||||
mc mirror --overwrite ./public/ {{ .View.Name.Pretty }}/
|
||||
</pre>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-header" id="hugo-title">
|
||||
<h2 class="mb-0">
|
||||
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#hugo" aria-expanded="false" aria-controls="hugo">
|
||||
Hugo
|
||||
</button>
|
||||
</h2>
|
||||
</div>
|
||||
<div id="hugo" class="collapse" aria-labelledby="hugo-title" data-parent="#softconfig">
|
||||
<div class="card-body">
|
||||
<p>Créez un fichier nommé <code>.deployment.secrets</code> (ne commitez pas ce fichier dans votre dépôt !) :</p>
|
||||
<pre>
|
||||
export AWS_ACCESS_KEY_ID={{ .View.AccessKeyId }}
|
||||
export AWS_SECRET_ACCESS_KEY=<a href="#" onclick="document.getElementById('ugo_secret_key').style.display='inline'; this.style.display='none'">[Afficher la clé secrète]</a><span id="hugo_secret_key" style="display: none">{{ .View.SecretAccessKey }}</span>
|
||||
</pre>
|
||||
<p>Dans votre fichier de configuration Hugo <code>config.toml</code> (que vous pouvez commiter), rajoutez :</p>
|
||||
<pre>
|
||||
[[deployment.targets]]
|
||||
URL = "s3://bucket?endpoint=garage.deuxfleurs.fr&s3ForcePathStyle=true&region=garage"
|
||||
</pre>
|
||||
|
||||
<p>Pour déployer, sourcez le fichier de configuration et laissez hugo faire : </p>
|
||||
<pre>
|
||||
source .deployment.secrets
|
||||
hugo deploy
|
||||
</pre>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="tab-pane fade" id="sftp" role="tabpanel" aria-labelledby="sftp-tab">
|
||||
<br>
|
||||
<div class="alert alert-danger" role="alert">
|
||||
N'automatisez pas votre déploiement en SFTP car vous risqueriez de faire fuiter votre mot de passe.<br>
|
||||
Pour toute forme d'automatisation, préférez le protocole S3.
|
||||
</div>
|
||||
<div class="alert alert-warning" role="alert">
|
||||
L'algorithme de clé utilisé par le serveur est désactivé par défaut sur les clients SSH récents.<br>
|
||||
Vous devez rajouter l'option -oHostKeyAlgorithms=+ssh-rsa pour vous connecter.
|
||||
</div>
|
||||
|
||||
<table class="table mt-4">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th scope="row">Nom d'utilisateur-ice</th>
|
||||
<td>{{ .Describe.Username }}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Mot de passe</th>
|
||||
<td>(votre mot de passe guichet)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Hôte</th>
|
||||
<td>sftp://sftp.deuxfleurs.fr</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Port</th>
|
||||
<td>2222</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<p>Configurez votre logiciel :</p>
|
||||
|
||||
<div class="accordion" id="softconfig2">
|
||||
<div class="card">
|
||||
<div class="card-header" id="scp-title">
|
||||
<h2 class="mb-0">
|
||||
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#filezilla" aria-expanded="false" aria-controls="filezilla">
|
||||
scp
|
||||
</button>
|
||||
</h2>
|
||||
</div>
|
||||
<div id="filezilla" class="collapse show" aria-labelledby="scp-title" data-parent="#softconfig2">
|
||||
<div class="card-body">
|
||||
<p>Déployer le dossier local <em>public</em> sur le site web {{ .View.Name.Pretty }} :</p>
|
||||
<pre>
|
||||
scp -oHostKeyAlgorithms=+ssh-rsa -P2222 -r ./public {{ .Describe.Username }}@sftp.deuxfleurs.fr:{{ .View.Name.Pretty }}/
|
||||
</pre>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="card">
|
||||
<div class="card-header" id="filezilla-title">
|
||||
<h2 class="mb-0">
|
||||
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#filezilla" aria-expanded="false" aria-controls="filezilla">
|
||||
Filezilla
|
||||
</button>
|
||||
</h2>
|
||||
</div>
|
||||
<div id="filezilla" class="collapse" aria-labelledby="filezilla-title" data-parent="#softconfig2">
|
||||
<div class="card-body">
|
||||
<p>Dans la barre de connexion rapide du haut, entrez :</p>
|
||||
<dl>
|
||||
<dt>Hôte</dt> <dd>sftp://sftp.deuxfleurs.fr</dd>
|
||||
<dt>Nom d'utilisateur</dt> <dd>{{ .Describe.Username }}</dd>
|
||||
<dt>Mot de passe</dt> <dd>(votre mot de passe guichet)</dd>
|
||||
<dt>Port</dt> <dd>2222</dd>
|
||||
</dl>
|
||||
<p>Cliquez ensuite sur <strong>Connexion rapide</strong></p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="tab-pane fade" id="dav" role="tabpanel" aria-labelledby="dav-tab">
|
||||
<br>
|
||||
<div class="alert alert-danger" role="alert">
|
||||
N'automatisez pas votre déploiement en WebDAV car vous risqueriez de faire fuiter votre mot de passe.<br>
|
||||
Pour toute forme d'automatisation, préférez le protocole S3.
|
||||
</div>
|
||||
|
||||
<table class="table mt-4">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th scope="row">Nom d'utilisateur-ice</th>
|
||||
<td>{{ .Describe.Username }}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Mot de passe</th>
|
||||
<td>(votre mot de passe guichet)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Hôte</th>
|
||||
<td>https://bagage.deuxfleurs.fr ou davs://bagage.deuxfleurs.fr</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Port</th>
|
||||
<td>443 (par défaut)</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<p>Configurez votre logiciel :</p>
|
||||
|
||||
<div class="accordion" id="softconfig3">
|
||||
<div class="card">
|
||||
<div class="card-header" id="drive-title">
|
||||
<h2 class="mb-0">
|
||||
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#drive" aria-expanded="false" aria-controls="filezilla">
|
||||
Explorateur web
|
||||
</button>
|
||||
</h2>
|
||||
</div>
|
||||
<div id="drive" class="collapse show" aria-labelledby="drive-title" data-parent="#softconfig3">
|
||||
<div class="card-body">
|
||||
<p>Vous pouvez naviguer dans vos fichiers via l'explorateur web.
|
||||
Utilisez simplement vos identifiants Guichet, l'explorateur est préconfiguré.</p>
|
||||
|
||||
<p><a href="https://drive.deuxfleurs.fr">Accéder à l'explorateur</a></p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{{ if .View.Name.Expanded }}
|
||||
<h5 class="mt-5">Vous ne savez pas comment configurer votre nom de domaine ?</h5>
|
||||
<p> Le nom de domaine {{ .View.Name.Url }} n'est pas géré par Deuxfleurs, il vous revient donc de configurer la zone DNS. Vous devez ajouter une entrée <code>CNAME garage.deuxfleurs.fr</code> ou <code>ALIAS garage.deuxfleurs.fr</code> auprès de votre hébergeur DNS, qui est souvent aussi le bureau d'enregistrement (eg. Gandi, GoDaddy, BookMyName, etc.).</p>
|
||||
{{ end }}
|
||||
|
||||
|
||||
</div>
|
||||
{{ end }}
|
||||
|
72
templates/garage_website_new.html
Normal file
72
templates/garage_website_new.html
Normal file
|
@ -0,0 +1,72 @@
|
|||
{{define "title"}}Créer un site web |{{end}}
|
||||
|
||||
{{define "body"}}
|
||||
<div class="d-flex">
|
||||
<h4>Créer un site web</h4>
|
||||
<a class="ml-auto btn btn-link" href="/website/configure">Mes identifiants</a>
|
||||
<a class="ml-4 btn btn-info" href="/website">Mes sites webs</a>
|
||||
</div>
|
||||
|
||||
<div class="row mt-3">
|
||||
<div class="col-md-12">
|
||||
{{if .Err}}
|
||||
<div class="alert alert-danger">{{ .Err.Error }}</div>
|
||||
{{end}}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<ul class="nav nav-tabs" id="proto" role="tablist">
|
||||
<li class="nav-item">
|
||||
<a class="nav-link active" id="dnsint-tab" data-toggle="tab" href="#dnsint" role="tab" aria-controls="dnsint" aria-selected="true">Je n'ai pas de nom de domaine</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" id="dnsext-tab" data-toggle="tab" href="#dnsext" role="tab" aria-controls="dnsext" aria-selected="false">Utiliser mon propre nom de domaine</a>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
<div class="tab-content" id="protocols">
|
||||
|
||||
<div class="tab-pane fade show active" id="dnsint" role="tabpanel" aria-labelledby="dnsint-tab">
|
||||
<form method="POST" class="mt-4">
|
||||
<div class="form-row">
|
||||
<div class="form-group col-md-6">
|
||||
<label for="bucket">Sous-domaine désiré :</label>
|
||||
<input type="text" id="bucket" name="bucket" placeholder="mon-site" class="form-control" value="" onkeyup="document.getElementById('url').value = `https://${document.getElementById('bucket').value}.web.deuxfleurs.fr`" />
|
||||
</div>
|
||||
<div class="form-group col-md-6">
|
||||
<label for="url">Votre site sera accessible à l'URL suivante :</label>
|
||||
<input type="text" id="url" disabled="true" name="url" class="form-control" value="https://mon-site.web.deuxfleurs.fr" />
|
||||
</div>
|
||||
</div>
|
||||
<div class="mt-4">
|
||||
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Créer un nouveau site web</button>
|
||||
</form>
|
||||
</div>
|
||||
<div class="tab-pane fade show" id="dnsext" role="tabpanel" aria-labelledby="dnsext-tab">
|
||||
<form method="POST" class="mt-4">
|
||||
<div class="form-row">
|
||||
<div class="form-group col-md-6">
|
||||
<label for="bucket2">Votre nom de domaine :</label>
|
||||
<input type="text" id="bucket2" name="bucket2" placeholder="example.com" class="form-control" value="" onkeyup="document.getElementById('url2').value = `https://${document.getElementById('bucket2').value}`" />
|
||||
</div>
|
||||
<div class="form-group col-md-6">
|
||||
<label for="url2">Votre site sera accessible à l'URL suivante :</label>
|
||||
<input type="text" id="url2" disabled="true" name="url2" class="form-control" value="https://example.com" />
|
||||
</div>
|
||||
</div>
|
||||
<div>
|
||||
<p>Vous devez éditer votre zone DNS, souvent gérée par votre bureau d'enregistrement, comme Gandi, pour la faire pointer vers Deuxfleurs. Si vous utilisez un sous domaine (eg. <code>site.example.com</code>), une entrée <code>CNAME</code> est appropriée :</p>
|
||||
<pre>site CNAME 3600 garage.deuxfleurs.fr.</pre>
|
||||
<p>Si vous utilisez la racine de votre nom de domaine (eg. <code>example.com</code>, aussi appelée APEX), la solution dépend de votre fournisseur DNS, il vous faudra au choix une entrée <code>ALIAS</code> ou <code>CNAME</code> en fonction de ce que votre fournisseur supporte :</p>
|
||||
<pre>@ ALIAS 3600 garage.deuxfleurs.fr.</pre>
|
||||
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
|
||||
</div>
|
||||
<div class="mt-4">
|
||||
<button type="submit" class="btn btn-primary">Créer un nouveau site web</button>
|
||||
</form>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
|
@ -2,25 +2,37 @@
|
|||
|
||||
{{define "body"}}
|
||||
<div class="alert alert-info">
|
||||
Bienvenue, <strong>{{ .Login.WelcomeName }}</strong> !
|
||||
Bienvenue, <strong>{{ .User.WelcomeName }}</strong> !
|
||||
</div>
|
||||
<div class="d-flex">
|
||||
<a class="ml-auto btn btn-sm btn-dark" href="/logout">Se déconnecter</a>
|
||||
</div>
|
||||
<div class="mt-3"></div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-header">
|
||||
Mon compte
|
||||
</div>
|
||||
<div class="list-group list-group-flush">
|
||||
<a class="list-group-item list-group-item-action" href="/profile">Modifier mon profil</a>
|
||||
<a class="list-group-item list-group-item-action" href="/passwd">Modifier mon mot de passe</a>
|
||||
<a class="list-group-item list-group-item-action" href="/directory">Annuaire</a>
|
||||
</div>
|
||||
<div class="mt-3">
|
||||
<div class="card">
|
||||
<div class="card-header">
|
||||
Mon compte
|
||||
</div>
|
||||
<div class="list-group list-group-flush">
|
||||
<a class="list-group-item list-group-item-action" href="/profile">Modifier mon profil</a>
|
||||
<a class="list-group-item list-group-item-action" href="/passwd">Modifier mon mot de passe</a>
|
||||
<a class="list-group-item list-group-item-action" href="/directory">Annuaire</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{{if .Login.CanInvite}}
|
||||
<div class="mt-3">
|
||||
<div class="card">
|
||||
<div class="card-header">
|
||||
Mes services
|
||||
</div>
|
||||
<div class="list-group list-group-flush">
|
||||
<a class="list-group-item list-group-item-action" href="/website">Mes sites Web</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{{if .User.Capabilities.CanInvite}}
|
||||
<div class="card mt-3">
|
||||
<div class="card-header">
|
||||
Inviter des gens sur Deuxfleurs
|
||||
|
@ -32,14 +44,15 @@
|
|||
</div>
|
||||
{{end}}
|
||||
|
||||
{{if .Login.CanAdmin}}
|
||||
{{if .User.Capabilities.CanAdmin}}
|
||||
<div class="card mt-3">
|
||||
<div class="card-header">
|
||||
Administration
|
||||
</div>
|
||||
<div class="list-group list-group-flush">
|
||||
<a class="list-group-item list-group-item-action" href="/admin/users">Utilisateurs</a>
|
||||
<a class="list-group-item list-group-item-action" href="/admin/users">Utilisateur·ices</a>
|
||||
<a class="list-group-item list-group-item-action" href="/admin/groups">Groupes</a>
|
||||
<a class="list-group-item list-group-item-action" href="/admin/mailing">Mailing lists</a>
|
||||
<a class="list-group-item list-group-item-action" href="/admin/ldap/{{.BaseDN}}">Explorateur LDAP</a>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
</div>
|
||||
{{end}}
|
||||
{{if .WarningMessage}}
|
||||
<div class="alert alert-danger mt-4">Des erreurs se sont produtes, le compte pourrait ne pas être totalement fonctionnel.
|
||||
<div class="alert alert-danger mt-4">Des erreurs se sont produites, le compte pourrait ne pas être totalement fonctionnel.
|
||||
<div style="font-size: 0.8em">{{ .WarningMessage }}</div>
|
||||
</div>
|
||||
{{end}}
|
||||
|
@ -25,12 +25,15 @@
|
|||
<form method="POST" class="mt-4">
|
||||
<h5>Renseignements obligatoires</h5>
|
||||
<div class="form-group">
|
||||
<label for="username">Nom d'utilisateur souhaité :</label>
|
||||
<label for="username">Identifiant souhaité :</label>
|
||||
<input type="text" id="username" name="username" class="form-control" value="{{ .Username }}" />
|
||||
<small class="form-text text-muted">
|
||||
Votre identifiant doit être en minuscule.
|
||||
</small>
|
||||
</div>
|
||||
{{if .ErrorInvalidUsername}}
|
||||
<div class="alert alert-warning">
|
||||
Nom d'utilisateur invalide. Ne peut contenir que les caractères suivants : chiffres, lettres, point, tiret bas (_) et tiret du milieu (-).
|
||||
Nom d'utilisateur invalide. Ne peut contenir que les caractères suivants : chiffres, lettres minuscules, point, tiret bas (_) et tiret du milieu (-).
|
||||
</div>
|
||||
{{end}}
|
||||
{{if .ErrorUsernameTaken}}
|
||||
|
@ -41,6 +44,9 @@
|
|||
<div class="form-group">
|
||||
<label for="password">Mot de passe :</label>
|
||||
<input type="password" id="password" name="password" class="form-control" />
|
||||
<small class="form-text text-muted">
|
||||
La seule contrainte est que votre mot de passe doit faire au moins 8 caractères. Utilisez chiffres, majuscules, et caractères spéciaux sans modération !
|
||||
</small>
|
||||
</div>
|
||||
{{if .ErrorPasswordTooShort}}
|
||||
<div class="alert alert-warning">
|
||||
|
@ -58,6 +64,9 @@
|
|||
{{end}}
|
||||
|
||||
<h5>Renseignements optionnels</h5>
|
||||
<small class="form-text text-muted">
|
||||
Ces informations sont utilisées exclusivement pour "pré-configurer" les services que vous utiliserez, elles n'ont pas besoin de correspondre à votre état civil.
|
||||
</small>
|
||||
<div class="form-group">
|
||||
<label for="displayname">Nom complet :</label>
|
||||
<input type="text" id="displayname" name="displayname" class="form-control" value="{{ .DisplayName }}" />
|
||||
|
|
|
@ -6,13 +6,15 @@
|
|||
|
||||
<link rel="stylesheet" href="/static/css/bootstrap.min.css">
|
||||
|
||||
<title>{{template "title"}} Guichet</title>
|
||||
<title>{{template "title" .}} Guichet</title>
|
||||
</head>
|
||||
<body>
|
||||
<div class="container">
|
||||
<div class="container mb-4">
|
||||
<h1>Guichet Deuxfleurs💮💮</h1>
|
||||
<hr />
|
||||
{{template "body" .}}
|
||||
</div>
|
||||
<script src="/static/javascript/jquery.slim.min.js"></script>
|
||||
<script src="/static/javascript/bootstrap.bundle.min.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
<form method="POST">
|
||||
{{if .WrongUser}}
|
||||
<div class="alert alert-danger">Nom d'utilisateur invalide.</div>
|
||||
<div class="alert alert-danger">Identifiant invalide.</div>
|
||||
{{end}}
|
||||
{{if .WrongPass}}
|
||||
<div class="alert alert-danger">Mot de passe invalide.</div>
|
||||
|
@ -16,11 +16,11 @@
|
|||
</div>
|
||||
{{end}}
|
||||
<div class="form-group">
|
||||
<label for="username">Nom d'utilisateur:</label>
|
||||
<label for="username">Identifiant :</label>
|
||||
<input type="text" name="username" id="username" class="form-control" value="{{ .Username }}" />
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="password">Mot de passe:</label>
|
||||
<label for="password">Mot de passe :</label>
|
||||
<input type="password" name="password" id="password" class="form-control" />
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Se connecter</button>
|
||||
|
@ -30,6 +30,6 @@
|
|||
|
||||
<p><strong>Mot de passe oublié ?</strong>
|
||||
Écrivez à <samp>coucou</samp><img src="static/image/at_sign.svg" style="height: 1em" alt="arobase" /><samp>deuxfleurs.fr</samp>
|
||||
ou contactez directement votre administrateur favori.</p>
|
||||
ou contactez directement votre opérateur·ice préféré·e.</p>
|
||||
|
||||
{{end}}
|
||||
|
|
|
@ -19,8 +19,8 @@
|
|||
<form method="POST" class="mt-4" enctype="multipart/form-data">
|
||||
<div class="form-row">
|
||||
<div class="form-group col-md-6">
|
||||
<label>Nom d'utilisateur:</label>
|
||||
<input type="text" disabled="true" class="form-control" value="{{ .Status.Info.Username }}" />
|
||||
<label>Identifiant:</label>
|
||||
<input type="text" disabled="true" class="form-control" value="{{ .User.Login.Info.Username }}" />
|
||||
</div>
|
||||
<div class="form-group col-md-6">
|
||||
<label for="mail">Adresse e-mail:</label>
|
||||
|
|
435
website.go
Normal file
435
website.go
Normal file
|
@ -0,0 +1,435 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
|
||||
"log"
|
||||
"sort"
|
||||
"strings"
|
||||
)
|
||||
|
||||
var (
|
||||
ErrWebsiteNotFound = fmt.Errorf("Website not found")
|
||||
ErrFetchBucketInfo = fmt.Errorf("Failed to fetch bucket information")
|
||||
ErrWebsiteQuotaReached = fmt.Errorf("Can't create additional websites, quota reached")
|
||||
ErrEmptyBucketName = fmt.Errorf("You can't create a website with an empty name")
|
||||
ErrCantCreateBucket = fmt.Errorf("Can't create this bucket. Maybe another bucket already exists with this name or you have an invalid character")
|
||||
ErrCantAllowKey = fmt.Errorf("Can't allow given key on the target bucket")
|
||||
ErrCantConfigureBucket = fmt.Errorf("Unable to configure the bucket (activating website, adding quotas, etc.)")
|
||||
ErrBucketDeleteNotEmpty = fmt.Errorf("You must remove all the files before deleting a bucket")
|
||||
ErrBucketDeleteUnfinishedUpload = fmt.Errorf("You must remove all the unfinished multipart uploads before deleting a bucket")
|
||||
ErrCantChangeVhost = fmt.Errorf("Can't change the vhost to the desired value. Maybe it's already used by someone else or an internal error occured")
|
||||
ErrCantRemoveOldVhost = fmt.Errorf("The new vhost is bound to the bucket but the old one can't be removed, it's an internal error")
|
||||
ErrFetchDedicatedKey = fmt.Errorf("Bucket has no dedicated key while it's required, it's an internal error")
|
||||
ErrDedicatedKeyInvariant = fmt.Errorf("A security invariant on the dedicated key has been violated, aborting.")
|
||||
)
|
||||
|
||||
type WebsiteId struct {
|
||||
Pretty string `json:"name"`
|
||||
Internal string `json:"-"`
|
||||
Alt []string `json:"alt_name"`
|
||||
Expanded bool `json:"expanded"`
|
||||
Url string `json:"domain"`
|
||||
}
|
||||
|
||||
func NewWebsiteId(id string, aliases []string) *WebsiteId {
|
||||
pretty := id
|
||||
var alt []string
|
||||
if len(aliases) > 0 {
|
||||
pretty = aliases[0]
|
||||
alt = aliases[1:]
|
||||
}
|
||||
expanded := strings.Contains(pretty, ".")
|
||||
|
||||
url := pretty
|
||||
if !expanded {
|
||||
url = fmt.Sprintf("%s.web.deuxfleurs.fr", pretty)
|
||||
}
|
||||
|
||||
return &WebsiteId{pretty, id, alt, expanded, url}
|
||||
}
|
||||
func NewWebsiteIdFromBucketInfo(binfo *garage.BucketInfo) *WebsiteId {
|
||||
return NewWebsiteId(*binfo.Id, binfo.GlobalAliases)
|
||||
}
|
||||
|
||||
// -----
|
||||
|
||||
type WebsiteDescribe struct {
|
||||
Username string `json:"username"`
|
||||
AllowedWebsites *QuotaStat `json:"quota_website_count"`
|
||||
BurstBucketQuotaSize string `json:"burst_bucket_quota_size"`
|
||||
Websites []*WebsiteId `json:"vhosts"`
|
||||
}
|
||||
|
||||
type WebsiteController struct {
|
||||
User *LoggedUser
|
||||
RootKey *garage.KeyInfo
|
||||
WebsiteIdx map[string]*WebsiteId
|
||||
PrettyList []string
|
||||
WebsiteCount QuotaStat
|
||||
}
|
||||
|
||||
func NewWebsiteController(user *LoggedUser) (*WebsiteController, error) {
|
||||
idx := map[string]*WebsiteId{}
|
||||
var wlist []string
|
||||
|
||||
keyInfo, err := user.S3KeyInfo()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
for _, bckt := range keyInfo.Buckets {
|
||||
if len(bckt.GlobalAliases) > 0 {
|
||||
wid := NewWebsiteId(*bckt.Id, bckt.GlobalAliases)
|
||||
idx[wid.Pretty] = wid
|
||||
wlist = append(wlist, wid.Pretty)
|
||||
}
|
||||
}
|
||||
sort.Strings(wlist)
|
||||
|
||||
maxW := user.Quota.WebsiteCount
|
||||
quota := NewQuotaStat(int64(len(wlist)), maxW, true)
|
||||
|
||||
return &WebsiteController{user, keyInfo, idx, wlist, quota}, nil
|
||||
}
|
||||
|
||||
func (w *WebsiteController) getDedicatedWebsiteKey(binfo *garage.BucketInfo) (*garage.KeyInfo, error) {
|
||||
// Check bucket info is not null
|
||||
if binfo == nil {
|
||||
return nil, ErrFetchBucketInfo
|
||||
}
|
||||
|
||||
// Check the bucket is owned by the user's root key
|
||||
usersRootKeyFound := false
|
||||
for _, bucketKeyInfo := range binfo.Keys {
|
||||
if *bucketKeyInfo.AccessKeyId == *w.RootKey.AccessKeyId && *bucketKeyInfo.Permissions.Owner {
|
||||
usersRootKeyFound = true
|
||||
break
|
||||
}
|
||||
}
|
||||
if !usersRootKeyFound {
|
||||
log.Printf("%s is not an owner of bucket %s. Invariant violated.\n", w.User.Username, *binfo.Id)
|
||||
return nil, ErrDedicatedKeyInvariant
|
||||
}
|
||||
|
||||
// Check that username does not contain a ":" (should not be possible due to the invitation regex)
|
||||
// We do this check as ":" is used as a separator
|
||||
if strings.Contains(w.User.Username, ":") || w.User.Username == "" || *binfo.Id == "" {
|
||||
log.Printf("Username (%s) or bucket identifier (%s) is invalid. Invariant violated.\n", w.User.Username, *binfo.Id)
|
||||
return nil, ErrDedicatedKeyInvariant
|
||||
}
|
||||
|
||||
// Build the string template by concatening the username and the bucket identifier
|
||||
dedicatedKeyName := fmt.Sprintf("%s:web:%s", w.User.Username, *binfo.Id)
|
||||
|
||||
// Try to fetch the dedicated key
|
||||
keyInfo, err := grgSearchKey(dedicatedKeyName)
|
||||
if err != nil {
|
||||
// On error, try to create it.
|
||||
// @FIXME we should try to create only on 404 Not Found errors
|
||||
keyInfo, err = grgCreateKey(dedicatedKeyName)
|
||||
if err != nil {
|
||||
// On error again, abort
|
||||
return nil, err
|
||||
}
|
||||
log.Printf("Created dedicated key %s\n", dedicatedKeyName)
|
||||
}
|
||||
|
||||
// Check that the key name is *exactly* the one we requested
|
||||
if *keyInfo.Name != dedicatedKeyName {
|
||||
log.Printf("Expected key: %s, got %s. Invariant violated.\n", dedicatedKeyName, *keyInfo.Name)
|
||||
return nil, ErrDedicatedKeyInvariant
|
||||
}
|
||||
|
||||
// Check that the dedicated key does not contain any other bucket than this one
|
||||
// and report if this bucket key is found with correct permissions
|
||||
permissionsOk := false
|
||||
for _, buck := range keyInfo.Buckets {
|
||||
if *buck.Id != *binfo.Id {
|
||||
log.Printf("Key %s is used on bucket %s while it should be exclusive to %s. Invariant violated.\n", dedicatedKeyName, *buck.Id, *binfo.Id)
|
||||
return nil, ErrDedicatedKeyInvariant
|
||||
}
|
||||
if *buck.Id == *binfo.Id && *buck.Permissions.Read && *buck.Permissions.Write {
|
||||
permissionsOk = true
|
||||
}
|
||||
}
|
||||
|
||||
// Allow this bucket on the key if it's not already the case
|
||||
// (will be executed when 1) key is first created and 2) as an healing mechanism)
|
||||
if !permissionsOk {
|
||||
binfo, err = grgAllowKeyOnBucket(*binfo.Id, *keyInfo.AccessKeyId, true, true, false)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
log.Printf("Key %s was not properly allowed on bucket %s, fixing permissions. Intended behavior.", dedicatedKeyName, *binfo.Id)
|
||||
|
||||
// Refresh the key to have an object with proper permissions
|
||||
keyInfo, err = grgGetKey(*keyInfo.AccessKeyId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
// Return the key
|
||||
return keyInfo, nil
|
||||
}
|
||||
|
||||
func (w *WebsiteController) flushDedicatedWebsiteKey(binfo *garage.BucketInfo) error {
|
||||
// Check bucket info is not null
|
||||
if binfo == nil {
|
||||
return ErrFetchBucketInfo
|
||||
}
|
||||
|
||||
// Check the bucket is owned by the user's root key
|
||||
usersRootKeyFound := false
|
||||
for _, bucketKeyInfo := range binfo.Keys {
|
||||
if *bucketKeyInfo.AccessKeyId == *w.RootKey.AccessKeyId && *bucketKeyInfo.Permissions.Owner {
|
||||
usersRootKeyFound = true
|
||||
break
|
||||
}
|
||||
}
|
||||
if !usersRootKeyFound {
|
||||
log.Printf("%s is not an owner of bucket %s. Invariant violated.\n", w.User.Username, *binfo.Id)
|
||||
return ErrDedicatedKeyInvariant
|
||||
}
|
||||
|
||||
// Build the string template by concatening the username and the bucket identifier
|
||||
dedicatedKeyName := fmt.Sprintf("%s:web:%s", w.User.Username, *binfo.Id)
|
||||
|
||||
// Fetch the dedicated key
|
||||
keyInfo, err := grgSearchKey(dedicatedKeyName)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Check that the key name is *exactly* the one we requested
|
||||
if *keyInfo.Name != dedicatedKeyName {
|
||||
log.Printf("Expected key: %s, got %s. Invariant violated.\n", dedicatedKeyName, *keyInfo.Name)
|
||||
return ErrDedicatedKeyInvariant
|
||||
}
|
||||
|
||||
// Check that the dedicated key contains no other bucket than this one
|
||||
// (can also be empty, useful to heal a partially created key)
|
||||
for _, buck := range keyInfo.Buckets {
|
||||
if *buck.Id != *binfo.Id {
|
||||
log.Printf("Key %s is used on bucket %s while it should be exclusive to %s. Invariant violated.\n", dedicatedKeyName, *buck.Id, *binfo.Id)
|
||||
return ErrDedicatedKeyInvariant
|
||||
}
|
||||
}
|
||||
|
||||
// Finally delete this key
|
||||
err = grgDelKey(*keyInfo.AccessKeyId)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
log.Printf("Deleted dedicated key %s", dedicatedKeyName)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (w *WebsiteController) Describe() (*WebsiteDescribe, error) {
|
||||
r := make([]*WebsiteId, 0, len(w.PrettyList))
|
||||
for _, k := range w.PrettyList {
|
||||
r = append(r, w.WebsiteIdx[k])
|
||||
}
|
||||
|
||||
return &WebsiteDescribe{
|
||||
w.User.Username,
|
||||
&w.WebsiteCount,
|
||||
w.User.Quota.WebsiteSizeBurstedPretty(),
|
||||
r,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (w *WebsiteController) Inspect(pretty string) (*WebsiteView, error) {
|
||||
website, ok := w.WebsiteIdx[pretty]
|
||||
if !ok {
|
||||
return nil, ErrWebsiteNotFound
|
||||
}
|
||||
|
||||
binfo, err := grgGetBucket(website.Internal)
|
||||
if err != nil {
|
||||
return nil, ErrFetchBucketInfo
|
||||
}
|
||||
|
||||
dedicatedKey, err := w.getDedicatedWebsiteKey(binfo)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return NewWebsiteView(binfo, dedicatedKey)
|
||||
}
|
||||
|
||||
func (w *WebsiteController) Patch(pretty string, patch *WebsitePatch) (*WebsiteView, error) {
|
||||
website, ok := w.WebsiteIdx[pretty]
|
||||
if !ok {
|
||||
return nil, ErrWebsiteNotFound
|
||||
}
|
||||
|
||||
binfo, err := grgGetBucket(website.Internal)
|
||||
if err != nil {
|
||||
return nil, ErrFetchBucketInfo
|
||||
}
|
||||
|
||||
// Patch the max size
|
||||
urQuota := garage.NewUpdateBucketRequestQuotas()
|
||||
urQuota.SetMaxSize(w.User.Quota.WebsiteSizeAdjust(binfo.Quotas.GetMaxSize()))
|
||||
urQuota.SetMaxObjects(w.User.Quota.WebsiteObjectAdjust(binfo.Quotas.GetMaxObjects()))
|
||||
if patch.Size != nil {
|
||||
urQuota.SetMaxSize(w.User.Quota.WebsiteSizeAdjust(*patch.Size))
|
||||
}
|
||||
|
||||
// Build the update
|
||||
ur := garage.NewUpdateBucketRequest()
|
||||
ur.SetQuotas(*urQuota)
|
||||
|
||||
// Call garage "update bucket" function
|
||||
binfo, err = grgUpdateBucket(website.Internal, ur)
|
||||
if err != nil {
|
||||
return nil, ErrCantConfigureBucket
|
||||
}
|
||||
|
||||
// Update the alias if the vhost field is set and different
|
||||
if patch.Vhost != nil && *patch.Vhost != "" && *patch.Vhost != pretty {
|
||||
binfo, err = grgAddGlobalAlias(website.Internal, *patch.Vhost)
|
||||
if err != nil {
|
||||
return nil, ErrCantChangeVhost
|
||||
}
|
||||
binfo, err = grgDelGlobalAlias(website.Internal, pretty)
|
||||
if err != nil {
|
||||
return nil, ErrCantRemoveOldVhost
|
||||
}
|
||||
}
|
||||
|
||||
if patch.RotateKey != nil && *patch.RotateKey {
|
||||
err = w.flushDedicatedWebsiteKey(binfo)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
dedicatedKey, err := w.getDedicatedWebsiteKey(binfo)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return NewWebsiteView(binfo, dedicatedKey)
|
||||
}
|
||||
|
||||
func (w *WebsiteController) Create(pretty string) (*WebsiteView, error) {
|
||||
if pretty == "" {
|
||||
return nil, ErrEmptyBucketName
|
||||
}
|
||||
|
||||
if w.WebsiteCount.IsFull() {
|
||||
return nil, ErrWebsiteQuotaReached
|
||||
}
|
||||
|
||||
// Create bucket
|
||||
binfo, err := grgCreateBucket(pretty)
|
||||
if err != nil {
|
||||
return nil, ErrCantCreateBucket
|
||||
}
|
||||
|
||||
// Allow user's global key on bucket
|
||||
s3key, err := w.User.S3KeyInfo()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
binfo, err = grgAllowKeyOnBucket(*binfo.Id, *s3key.AccessKeyId, true, true, true)
|
||||
if err != nil {
|
||||
return nil, ErrCantAllowKey
|
||||
}
|
||||
|
||||
// Set quota
|
||||
qr := w.User.Quota.DefaultWebsiteQuota()
|
||||
wr := allowWebsiteDefault()
|
||||
|
||||
ur := garage.NewUpdateBucketRequest()
|
||||
ur.SetWebsiteAccess(*wr)
|
||||
ur.SetQuotas(*qr)
|
||||
|
||||
binfo, err = grgUpdateBucket(*binfo.Id, ur)
|
||||
if err != nil {
|
||||
return nil, ErrCantConfigureBucket
|
||||
}
|
||||
|
||||
// Create a dedicated key
|
||||
dedicatedKey, err := w.getDedicatedWebsiteKey(binfo)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return NewWebsiteView(binfo, dedicatedKey)
|
||||
}
|
||||
|
||||
func (w *WebsiteController) Delete(pretty string) error {
|
||||
if pretty == "" {
|
||||
return ErrEmptyBucketName
|
||||
}
|
||||
|
||||
website, ok := w.WebsiteIdx[pretty]
|
||||
if !ok {
|
||||
return ErrWebsiteNotFound
|
||||
}
|
||||
|
||||
// Error checking
|
||||
binfo, err := grgGetBucket(website.Internal)
|
||||
if err != nil {
|
||||
return ErrFetchBucketInfo
|
||||
}
|
||||
|
||||
if *binfo.Objects > int64(0) {
|
||||
return ErrBucketDeleteNotEmpty
|
||||
}
|
||||
|
||||
if *binfo.UnfinishedUploads > int32(0) {
|
||||
return ErrBucketDeleteUnfinishedUpload
|
||||
}
|
||||
|
||||
// Delete dedicated key
|
||||
err = w.flushDedicatedWebsiteKey(binfo)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Actually delete bucket
|
||||
err = grgDeleteBucket(website.Internal)
|
||||
return err
|
||||
}
|
||||
|
||||
type WebsiteView struct {
|
||||
Name *WebsiteId `json:"vhost"`
|
||||
AccessKeyId string `json:"access_key_id"`
|
||||
SecretAccessKey string `json:"secret_access_key"`
|
||||
Size QuotaStat `json:"quota_size"`
|
||||
Files QuotaStat `json:"quota_files"`
|
||||
}
|
||||
|
||||
func NewWebsiteView(binfo *garage.BucketInfo, s3key *garage.KeyInfo) (*WebsiteView, error) {
|
||||
if binfo == nil {
|
||||
return nil, ErrFetchBucketInfo
|
||||
}
|
||||
if s3key == nil {
|
||||
return nil, ErrFetchDedicatedKey
|
||||
}
|
||||
|
||||
q := binfo.GetQuotas()
|
||||
|
||||
wid := NewWebsiteIdFromBucketInfo(binfo)
|
||||
size := NewQuotaStat(*binfo.Bytes, (&q).GetMaxSize(), true)
|
||||
objects := NewQuotaStat(*binfo.Objects, (&q).GetMaxObjects(), false)
|
||||
return &WebsiteView{
|
||||
wid,
|
||||
*s3key.AccessKeyId,
|
||||
*s3key.SecretAccessKey.Get(),
|
||||
size,
|
||||
objects,
|
||||
}, nil
|
||||
}
|
||||
|
||||
type WebsitePatch struct {
|
||||
Size *int64 `json:"quota_size"`
|
||||
Vhost *string `json:"vhost"`
|
||||
RotateKey *bool `json:"rotate_key"`
|
||||
}
|
178
webui_website.go
Normal file
178
webui_website.go
Normal file
|
@ -0,0 +1,178 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/gorilla/mux"
|
||||
"net/http"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// --- Start page rendering functions
|
||||
func handleWebsiteList(w http.ResponseWriter, r *http.Request) {
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
ctrl, err := NewWebsiteController(user)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
if len(ctrl.PrettyList) > 0 {
|
||||
http.Redirect(w, r, "/website/inspect/"+ctrl.PrettyList[0], http.StatusFound)
|
||||
} else {
|
||||
http.Redirect(w, r, "/website/new", http.StatusFound)
|
||||
}
|
||||
}
|
||||
|
||||
type WebsiteNewTpl struct {
|
||||
Ctrl *WebsiteController
|
||||
Err error
|
||||
}
|
||||
|
||||
func handleWebsiteNew(w http.ResponseWriter, r *http.Request) {
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
ctrl, err := NewWebsiteController(user)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
tpl := &WebsiteNewTpl{ctrl, nil}
|
||||
|
||||
tWebsiteNew := getTemplate("garage_website_new.html")
|
||||
if r.Method == "POST" {
|
||||
r.ParseForm()
|
||||
|
||||
bucket := strings.Join(r.Form["bucket"], "")
|
||||
if bucket == "" {
|
||||
bucket = strings.Join(r.Form["bucket2"], "")
|
||||
}
|
||||
|
||||
view, err := ctrl.Create(bucket)
|
||||
if err != nil {
|
||||
tpl.Err = err
|
||||
tWebsiteNew.Execute(w, tpl)
|
||||
return
|
||||
}
|
||||
|
||||
http.Redirect(w, r, "/website/inspect/"+view.Name.Pretty, http.StatusFound)
|
||||
return
|
||||
}
|
||||
|
||||
tWebsiteNew.Execute(w, tpl)
|
||||
}
|
||||
|
||||
type WebsiteInspectTpl struct {
|
||||
Describe *WebsiteDescribe
|
||||
View *WebsiteView
|
||||
Err error
|
||||
}
|
||||
|
||||
func handleWebsiteInspect(w http.ResponseWriter, r *http.Request) {
|
||||
var processErr error
|
||||
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
ctrl, err := NewWebsiteController(user)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
bucketName := mux.Vars(r)["bucket"]
|
||||
|
||||
if r.Method == "POST" {
|
||||
r.ParseForm()
|
||||
action := strings.Join(r.Form["action"], "")
|
||||
switch action {
|
||||
case "increase_quota":
|
||||
_, processErr = ctrl.Patch(bucketName, &WebsitePatch{Size: &user.Quota.WebsiteSizeBursted})
|
||||
case "delete_bucket":
|
||||
processErr = ctrl.Delete(bucketName)
|
||||
if processErr == nil {
|
||||
http.Redirect(w, r, "/website", http.StatusFound)
|
||||
}
|
||||
case "rotate_key":
|
||||
do_action := true
|
||||
_, processErr = ctrl.Patch(bucketName, &WebsitePatch{RotateKey: &do_action})
|
||||
default:
|
||||
processErr = fmt.Errorf("Unknown action")
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
view, err := ctrl.Inspect(bucketName)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
describe, err := ctrl.Describe()
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
tpl := &WebsiteInspectTpl{describe, view, processErr}
|
||||
|
||||
tWebsiteInspect := getTemplate("garage_website_inspect.html")
|
||||
tWebsiteInspect.Execute(w, &tpl)
|
||||
}
|
||||
|
||||
func handleWebsiteVhost(w http.ResponseWriter, r *http.Request) {
|
||||
var processErr error
|
||||
|
||||
user := RequireUserHtml(w, r)
|
||||
if user == nil {
|
||||
return
|
||||
}
|
||||
|
||||
ctrl, err := NewWebsiteController(user)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
bucketName := mux.Vars(r)["bucket"]
|
||||
|
||||
if r.Method == "POST" {
|
||||
r.ParseForm()
|
||||
|
||||
bucket := strings.Join(r.Form["bucket"], "")
|
||||
if bucket == "" {
|
||||
bucket = strings.Join(r.Form["bucket2"], "")
|
||||
}
|
||||
|
||||
view, processErr := ctrl.Patch(bucketName, &WebsitePatch{Vhost: &bucket})
|
||||
if processErr == nil {
|
||||
http.Redirect(w, r, "/website/inspect/"+view.Name.Pretty, http.StatusFound)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
view, err := ctrl.Inspect(bucketName)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
describe, err := ctrl.Describe()
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
tpl := &WebsiteInspectTpl{describe, view, processErr}
|
||||
tWebsiteEdit := getTemplate("garage_website_edit.html")
|
||||
tWebsiteEdit.Execute(w, &tpl)
|
||||
}
|
Loading…
Reference in a new issue