forked from Deuxfleurs/guichet
Compare commits
55 commits
show-every
...
main
Author | SHA1 | Date | |
---|---|---|---|
9917429da3 | |||
bc7bc61f74 | |||
898122c19e | |||
64363b29e0 | |||
df79d11028 | |||
e940996f0f | |||
a7edf6d1ba | |||
9cd06c95eb | |||
793cb2d3c2 | |||
37a9f6fa54 | |||
e7e05ed929 | |||
13874b44a6 | |||
8abf382954 | |||
51a5771b0b | |||
4f7cbdd825 | |||
e0fbd16f92 | |||
10bdee10cf | |||
ef67706cb4 | |||
c735183a7a | |||
49d8e81fbe | |||
706ff58a6f | |||
d8633d7fb8 | |||
982bd8a43c | |||
0828737573 | |||
bc368943a4 | |||
be97a1be58 | |||
c06f52837e | |||
d0ed765be7 | |||
5b246ec86b | |||
e876bdd663 | |||
f8f417906a | |||
9c21c2e799 | |||
74113fad49 | |||
02e384f99e | |||
1e75c21b65 | |||
83ed187dbc | |||
27efd5384b | |||
1f34547a4c | |||
ddb1ca205a | |||
bdb9af5a26 | |||
24600c8787 | |||
e77b9ebd9c | |||
37b7694910 | |||
02670ba6a6 | |||
5fb0139a3f | |||
9eaa4c068d | |||
f77697f501 | |||
670123df38 | |||
cd41532572 | |||
ca41c481b1 | |||
085a7cfd26 | |||
5eed8fa506 | |||
3c846b6a59 | |||
216e175eaf | |||
d26f5670bd |
46 changed files with 3430 additions and 423 deletions
13
.drone.yml
13
.drone.yml
|
@ -1,13 +0,0 @@
|
||||||
---
|
|
||||||
pipeline:
|
|
||||||
build:
|
|
||||||
image: golang:stretch
|
|
||||||
commands:
|
|
||||||
- go get -d -v
|
|
||||||
- go build -v
|
|
||||||
|
|
||||||
---
|
|
||||||
kind: signature
|
|
||||||
hmac: 38948cd073f3a0b73ab7bb13ba1b5e18c64c02976abfd6dcd5bf7a4c34197e8c
|
|
||||||
|
|
||||||
...
|
|
1
.envrc
Normal file
1
.envrc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
use flake
|
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -1,3 +1,6 @@
|
||||||
guichet
|
guichet
|
||||||
guichet.static
|
guichet.static
|
||||||
config.json
|
config.json
|
||||||
|
result
|
||||||
|
.direnv/
|
||||||
|
password
|
||||||
|
|
13
.woodpecker.yml
Normal file
13
.woodpecker.yml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
when:
|
||||||
|
event:
|
||||||
|
- push
|
||||||
|
- pull_request
|
||||||
|
- tag
|
||||||
|
- cron
|
||||||
|
- manual
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: build
|
||||||
|
image: nixpkgs/nix:nixos-22.05
|
||||||
|
commands:
|
||||||
|
- nix build --extra-experimental-features nix-command --extra-experimental-features flakes .
|
|
@ -1,6 +1,6 @@
|
||||||
# Guichet
|
# Guichet
|
||||||
|
|
||||||
[![Build Status](https://drone.deuxfleurs.fr/api/badges/Deuxfleurs/guichet/status.svg?ref=refs/heads/main)](https://drone.deuxfleurs.fr/Deuxfleurs/guichet)
|
[![status-badge](https://woodpecker.deuxfleurs.fr/api/badges/37/status.svg)](https://woodpecker.deuxfleurs.fr/repos/37)
|
||||||
|
|
||||||
Guichet is a simple LDAP web interface for the following tasks:
|
Guichet is a simple LDAP web interface for the following tasks:
|
||||||
|
|
||||||
|
|
329
admin.go
329
admin.go
|
@ -2,7 +2,6 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"html/template"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"regexp"
|
"regexp"
|
||||||
"sort"
|
"sort"
|
||||||
|
@ -12,18 +11,18 @@ import (
|
||||||
"github.com/gorilla/mux"
|
"github.com/gorilla/mux"
|
||||||
)
|
)
|
||||||
|
|
||||||
func checkAdminLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
|
func checkAdminLogin(w http.ResponseWriter, r *http.Request) *LoggedUser {
|
||||||
login := checkLogin(w, r)
|
user := RequireUserHtml(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
if !login.CanAdmin {
|
if !user.Capabilities.CanAdmin {
|
||||||
http.Error(w, "Not authorized to perform administrative operations.", http.StatusUnauthorized)
|
http.Error(w, "Not authorized to perform administrative operations.", http.StatusUnauthorized)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
return login
|
return user
|
||||||
}
|
}
|
||||||
|
|
||||||
type EntryList []*ldap.Entry
|
type EntryList []*ldap.Entry
|
||||||
|
@ -41,17 +40,17 @@ func (d EntryList) Less(i, j int) bool {
|
||||||
}
|
}
|
||||||
|
|
||||||
type AdminUsersTplData struct {
|
type AdminUsersTplData struct {
|
||||||
Login *LoginStatus
|
User *LoggedUser
|
||||||
UserNameAttr string
|
UserNameAttr string
|
||||||
UserBaseDN string
|
UserBaseDN string
|
||||||
Users EntryList
|
Users EntryList
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleAdminUsers(w http.ResponseWriter, r *http.Request) {
|
func handleAdminUsers(w http.ResponseWriter, r *http.Request) {
|
||||||
templateAdminUsers := template.Must(template.ParseFiles("templates/layout.html", "templates/admin_users.html"))
|
templateAdminUsers := getTemplate("admin_users.html")
|
||||||
|
|
||||||
login := checkAdminLogin(w, r)
|
user := checkAdminLogin(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -62,14 +61,14 @@ func handleAdminUsers(w http.ResponseWriter, r *http.Request) {
|
||||||
[]string{config.UserNameAttr, "dn", "displayname", "givenname", "sn", "mail"},
|
[]string{config.UserNameAttr, "dn", "displayname", "givenname", "sn", "mail"},
|
||||||
nil)
|
nil)
|
||||||
|
|
||||||
sr, err := login.conn.Search(searchRequest)
|
sr, err := user.Login.conn.Search(searchRequest)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
data := &AdminUsersTplData{
|
data := &AdminUsersTplData{
|
||||||
Login: login,
|
User: user,
|
||||||
UserNameAttr: config.UserNameAttr,
|
UserNameAttr: config.UserNameAttr,
|
||||||
UserBaseDN: config.UserBaseDN,
|
UserBaseDN: config.UserBaseDN,
|
||||||
Users: EntryList(sr.Entries),
|
Users: EntryList(sr.Entries),
|
||||||
|
@ -80,17 +79,17 @@ func handleAdminUsers(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
type AdminGroupsTplData struct {
|
type AdminGroupsTplData struct {
|
||||||
Login *LoginStatus
|
User *LoggedUser
|
||||||
GroupNameAttr string
|
GroupNameAttr string
|
||||||
GroupBaseDN string
|
GroupBaseDN string
|
||||||
Groups EntryList
|
Groups EntryList
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleAdminGroups(w http.ResponseWriter, r *http.Request) {
|
func handleAdminGroups(w http.ResponseWriter, r *http.Request) {
|
||||||
templateAdminGroups := template.Must(template.ParseFiles("templates/layout.html", "templates/admin_groups.html"))
|
templateAdminGroups := getTemplate("admin_groups.html")
|
||||||
|
|
||||||
login := checkAdminLogin(w, r)
|
user := checkAdminLogin(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -101,14 +100,14 @@ func handleAdminGroups(w http.ResponseWriter, r *http.Request) {
|
||||||
[]string{config.GroupNameAttr, "dn", "description"},
|
[]string{config.GroupNameAttr, "dn", "description"},
|
||||||
nil)
|
nil)
|
||||||
|
|
||||||
sr, err := login.conn.Search(searchRequest)
|
sr, err := user.Login.conn.Search(searchRequest)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
data := &AdminGroupsTplData{
|
data := &AdminGroupsTplData{
|
||||||
Login: login,
|
User: user,
|
||||||
GroupNameAttr: config.GroupNameAttr,
|
GroupNameAttr: config.GroupNameAttr,
|
||||||
GroupBaseDN: config.GroupBaseDN,
|
GroupBaseDN: config.GroupBaseDN,
|
||||||
Groups: EntryList(sr.Entries),
|
Groups: EntryList(sr.Entries),
|
||||||
|
@ -118,11 +117,239 @@ func handleAdminGroups(w http.ResponseWriter, r *http.Request) {
|
||||||
templateAdminGroups.Execute(w, data)
|
templateAdminGroups.Execute(w, data)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type AdminMailingTplData struct {
|
||||||
|
User *LoggedUser
|
||||||
|
MailingNameAttr string
|
||||||
|
MailingBaseDN string
|
||||||
|
MailingLists EntryList
|
||||||
|
}
|
||||||
|
|
||||||
|
func handleAdminMailing(w http.ResponseWriter, r *http.Request) {
|
||||||
|
templateAdminMailing := getTemplate("admin_mailing.html")
|
||||||
|
|
||||||
|
user := checkAdminLogin(w, r)
|
||||||
|
if user == nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
searchRequest := ldap.NewSearchRequest(
|
||||||
|
config.MailingBaseDN,
|
||||||
|
ldap.ScopeSingleLevel, ldap.NeverDerefAliases, 0, 0, false,
|
||||||
|
fmt.Sprintf("(&(objectClass=groupOfNames))"),
|
||||||
|
[]string{config.MailingNameAttr, "dn", "description"},
|
||||||
|
nil)
|
||||||
|
|
||||||
|
sr, err := user.Login.conn.Search(searchRequest)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
data := &AdminMailingTplData{
|
||||||
|
User: user,
|
||||||
|
MailingNameAttr: config.MailingNameAttr,
|
||||||
|
MailingBaseDN: config.MailingBaseDN,
|
||||||
|
MailingLists: EntryList(sr.Entries),
|
||||||
|
}
|
||||||
|
sort.Sort(data.MailingLists)
|
||||||
|
|
||||||
|
templateAdminMailing.Execute(w, data)
|
||||||
|
}
|
||||||
|
|
||||||
|
type AdminMailingListTplData struct {
|
||||||
|
User *LoggedUser
|
||||||
|
MailingNameAttr string
|
||||||
|
MailingBaseDN string
|
||||||
|
|
||||||
|
MailingList *ldap.Entry
|
||||||
|
Members EntryList
|
||||||
|
PossibleNewMembers EntryList
|
||||||
|
AllowGuest bool
|
||||||
|
|
||||||
|
Error string
|
||||||
|
Success bool
|
||||||
|
}
|
||||||
|
|
||||||
|
func handleAdminMailingList(w http.ResponseWriter, r *http.Request) {
|
||||||
|
templateAdminMailingList := getTemplate("admin_mailing_list.html")
|
||||||
|
|
||||||
|
user := checkAdminLogin(w, r)
|
||||||
|
if user == nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
id := mux.Vars(r)["id"]
|
||||||
|
dn := fmt.Sprintf("%s=%s,%s", config.MailingNameAttr, id, config.MailingBaseDN)
|
||||||
|
|
||||||
|
// handle modifications
|
||||||
|
dError := ""
|
||||||
|
dSuccess := false
|
||||||
|
|
||||||
|
if r.Method == "POST" {
|
||||||
|
r.ParseForm()
|
||||||
|
action := strings.Join(r.Form["action"], "")
|
||||||
|
if action == "add-member" {
|
||||||
|
member := strings.Join(r.Form["member"], "")
|
||||||
|
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||||
|
modify_request.Add("member", []string{member})
|
||||||
|
|
||||||
|
err := user.Login.conn.Modify(modify_request)
|
||||||
|
if err != nil {
|
||||||
|
dError = err.Error()
|
||||||
|
} else {
|
||||||
|
dSuccess = true
|
||||||
|
}
|
||||||
|
} else if action == "add-external" {
|
||||||
|
mail := strings.Join(r.Form["mail"], "")
|
||||||
|
displayname := strings.Join(r.Form["displayname"], "")
|
||||||
|
|
||||||
|
searchRequest := ldap.NewSearchRequest(
|
||||||
|
config.UserBaseDN,
|
||||||
|
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
|
||||||
|
fmt.Sprintf("(&(objectClass=organizationalPerson)(mail=%s))", mail),
|
||||||
|
[]string{"dn", "displayname", "mail"},
|
||||||
|
nil)
|
||||||
|
sr, err := user.Login.conn.Search(searchRequest)
|
||||||
|
if err != nil {
|
||||||
|
dError = err.Error()
|
||||||
|
} else {
|
||||||
|
if len(sr.Entries) == 0 {
|
||||||
|
if config.MailingGuestsBaseDN != "" {
|
||||||
|
guestDn := fmt.Sprintf("%s=%s,%s", config.UserNameAttr, mail, config.MailingGuestsBaseDN)
|
||||||
|
req := ldap.NewAddRequest(guestDn, nil)
|
||||||
|
req.Attribute("objectclass", []string{"inetOrgPerson", "organizationalPerson", "person", "top"})
|
||||||
|
req.Attribute("mail", []string{mail})
|
||||||
|
if displayname != "" {
|
||||||
|
req.Attribute("displayname", []string{displayname})
|
||||||
|
}
|
||||||
|
err := user.Login.conn.Add(req)
|
||||||
|
if err != nil {
|
||||||
|
dError = err.Error()
|
||||||
|
} else {
|
||||||
|
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||||
|
modify_request.Add("member", []string{guestDn})
|
||||||
|
|
||||||
|
err := user.Login.conn.Modify(modify_request)
|
||||||
|
if err != nil {
|
||||||
|
dError = err.Error()
|
||||||
|
} else {
|
||||||
|
dSuccess = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
dError = "Adding guest users not supported, the user must already have an LDAP account."
|
||||||
|
}
|
||||||
|
} else if len(sr.Entries) == 1 {
|
||||||
|
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||||
|
modify_request.Add("member", []string{sr.Entries[0].DN})
|
||||||
|
|
||||||
|
err := user.Login.conn.Modify(modify_request)
|
||||||
|
if err != nil {
|
||||||
|
dError = err.Error()
|
||||||
|
} else {
|
||||||
|
dSuccess = true
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
dError = fmt.Sprintf("Multiple users exist with email address %s", mail)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else if action == "delete-member" {
|
||||||
|
member := strings.Join(r.Form["member"], "")
|
||||||
|
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||||
|
modify_request.Delete("member", []string{member})
|
||||||
|
|
||||||
|
err := user.Login.conn.Modify(modify_request)
|
||||||
|
if err != nil {
|
||||||
|
dError = err.Error()
|
||||||
|
} else {
|
||||||
|
dSuccess = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Retrieve mailing list
|
||||||
|
searchRequest := ldap.NewSearchRequest(
|
||||||
|
dn,
|
||||||
|
ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false,
|
||||||
|
fmt.Sprintf("(objectclass=groupOfNames)"),
|
||||||
|
[]string{"dn", config.MailingNameAttr, "member", "description"},
|
||||||
|
nil)
|
||||||
|
|
||||||
|
sr, err := user.Login.conn.Search(searchRequest)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(sr.Entries) != 1 {
|
||||||
|
http.Error(w, fmt.Sprintf("Object not found: %s", dn), http.StatusNotFound)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
ml := sr.Entries[0]
|
||||||
|
|
||||||
|
memberDns := make(map[string]bool)
|
||||||
|
for _, attr := range ml.Attributes {
|
||||||
|
if attr.Name == "member" {
|
||||||
|
for _, v := range attr.Values {
|
||||||
|
memberDns[v] = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Retrieve list of current and possible new members
|
||||||
|
members := []*ldap.Entry{}
|
||||||
|
possibleNewMembers := []*ldap.Entry{}
|
||||||
|
|
||||||
|
searchRequest = ldap.NewSearchRequest(
|
||||||
|
config.UserBaseDN,
|
||||||
|
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
|
||||||
|
fmt.Sprintf("(objectClass=organizationalPerson)"),
|
||||||
|
[]string{"dn", "displayname", "mail"},
|
||||||
|
nil)
|
||||||
|
sr, err = user.Login.conn.Search(searchRequest)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, ent := range sr.Entries {
|
||||||
|
if _, ok := memberDns[ent.DN]; ok {
|
||||||
|
members = append(members, ent)
|
||||||
|
} else {
|
||||||
|
possibleNewMembers = append(possibleNewMembers, ent)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
data := &AdminMailingListTplData{
|
||||||
|
User: user,
|
||||||
|
MailingNameAttr: config.MailingNameAttr,
|
||||||
|
MailingBaseDN: config.MailingBaseDN,
|
||||||
|
|
||||||
|
MailingList: ml,
|
||||||
|
Members: members,
|
||||||
|
PossibleNewMembers: possibleNewMembers,
|
||||||
|
AllowGuest: config.MailingGuestsBaseDN != "",
|
||||||
|
|
||||||
|
Error: dError,
|
||||||
|
Success: dSuccess,
|
||||||
|
}
|
||||||
|
sort.Sort(data.Members)
|
||||||
|
sort.Sort(data.PossibleNewMembers)
|
||||||
|
|
||||||
|
templateAdminMailingList.Execute(w, data)
|
||||||
|
}
|
||||||
|
|
||||||
|
// ===================================================
|
||||||
|
// LDAP EXPLORER
|
||||||
|
// ===================================================
|
||||||
|
|
||||||
type AdminLDAPTplData struct {
|
type AdminLDAPTplData struct {
|
||||||
DN string
|
DN string
|
||||||
|
|
||||||
Path []PathItem
|
Path []PathItem
|
||||||
Children []Child
|
ChildrenOU []Child
|
||||||
|
ChildrenOther []Child
|
||||||
CanAddChild bool
|
CanAddChild bool
|
||||||
Props map[string]*PropValues
|
Props map[string]*PropValues
|
||||||
CanDelete bool
|
CanDelete bool
|
||||||
|
@ -165,10 +392,10 @@ type PropValues struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
templateAdminLDAP := template.Must(template.ParseFiles("templates/layout.html", "templates/admin_ldap.html"))
|
templateAdminLDAP := getTemplate("admin_ldap.html")
|
||||||
|
|
||||||
login := checkAdminLogin(w, r)
|
user := checkAdminLogin(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -218,7 +445,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
modify_request := ldap.NewModifyRequest(dn, nil)
|
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||||
modify_request.Replace(attr, values_filtered)
|
modify_request.Replace(attr, values_filtered)
|
||||||
|
|
||||||
err := login.conn.Modify(modify_request)
|
err := user.Login.conn.Modify(modify_request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
dError = err.Error()
|
dError = err.Error()
|
||||||
} else {
|
} else {
|
||||||
|
@ -239,7 +466,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
modify_request := ldap.NewModifyRequest(dn, nil)
|
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||||
modify_request.Add(attr, values_filtered)
|
modify_request.Add(attr, values_filtered)
|
||||||
|
|
||||||
err := login.conn.Modify(modify_request)
|
err := user.Login.conn.Modify(modify_request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
dError = err.Error()
|
dError = err.Error()
|
||||||
} else {
|
} else {
|
||||||
|
@ -251,7 +478,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
modify_request := ldap.NewModifyRequest(dn, nil)
|
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||||
modify_request.Replace(attr, []string{})
|
modify_request.Replace(attr, []string{})
|
||||||
|
|
||||||
err := login.conn.Modify(modify_request)
|
err := user.Login.conn.Modify(modify_request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
dError = err.Error()
|
dError = err.Error()
|
||||||
} else {
|
} else {
|
||||||
|
@ -262,7 +489,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
modify_request := ldap.NewModifyRequest(group, nil)
|
modify_request := ldap.NewModifyRequest(group, nil)
|
||||||
modify_request.Delete("member", []string{dn})
|
modify_request.Delete("member", []string{dn})
|
||||||
|
|
||||||
err := login.conn.Modify(modify_request)
|
err := user.Login.conn.Modify(modify_request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
dError = err.Error()
|
dError = err.Error()
|
||||||
} else {
|
} else {
|
||||||
|
@ -273,7 +500,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
modify_request := ldap.NewModifyRequest(group, nil)
|
modify_request := ldap.NewModifyRequest(group, nil)
|
||||||
modify_request.Add("member", []string{dn})
|
modify_request.Add("member", []string{dn})
|
||||||
|
|
||||||
err := login.conn.Modify(modify_request)
|
err := user.Login.conn.Modify(modify_request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
dError = err.Error()
|
dError = err.Error()
|
||||||
} else {
|
} else {
|
||||||
|
@ -284,7 +511,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
modify_request := ldap.NewModifyRequest(dn, nil)
|
modify_request := ldap.NewModifyRequest(dn, nil)
|
||||||
modify_request.Delete("member", []string{member})
|
modify_request.Delete("member", []string{member})
|
||||||
|
|
||||||
err := login.conn.Modify(modify_request)
|
err := user.Login.conn.Modify(modify_request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
dError = err.Error()
|
dError = err.Error()
|
||||||
} else {
|
} else {
|
||||||
|
@ -292,7 +519,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
} else if action == "delete-object" {
|
} else if action == "delete-object" {
|
||||||
del_request := ldap.NewDelRequest(dn, nil)
|
del_request := ldap.NewDelRequest(dn, nil)
|
||||||
err := login.conn.Del(del_request)
|
err := user.Login.conn.Del(del_request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
dError = err.Error()
|
dError = err.Error()
|
||||||
} else {
|
} else {
|
||||||
|
@ -310,7 +537,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
[]string{},
|
[]string{},
|
||||||
nil)
|
nil)
|
||||||
|
|
||||||
sr, err := login.conn.Search(searchRequest)
|
sr, err := user.Login.conn.Search(searchRequest)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
|
@ -394,7 +621,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
fmt.Sprintf("(objectClass=organizationalPerson)"),
|
fmt.Sprintf("(objectClass=organizationalPerson)"),
|
||||||
[]string{"dn", "displayname", "description"},
|
[]string{"dn", "displayname", "description"},
|
||||||
nil)
|
nil)
|
||||||
sr, err = login.conn.Search(searchRequest)
|
sr, err = user.Login.conn.Search(searchRequest)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
|
@ -448,7 +675,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
fmt.Sprintf("(objectClass=groupOfNames)"),
|
fmt.Sprintf("(objectClass=groupOfNames)"),
|
||||||
[]string{"dn", "description"},
|
[]string{"dn", "description"},
|
||||||
nil)
|
nil)
|
||||||
sr, err = login.conn.Search(searchRequest)
|
sr, err = user.Login.conn.Search(searchRequest)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
|
@ -492,7 +719,7 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
[]string{"dn", "displayname", "description"},
|
[]string{"dn", "displayname", "description"},
|
||||||
nil)
|
nil)
|
||||||
|
|
||||||
sr, err = login.conn.Search(searchRequest)
|
sr, err = user.Login.conn.Search(searchRequest)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
|
@ -500,17 +727,23 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
sort.Sort(EntryList(sr.Entries))
|
sort.Sort(EntryList(sr.Entries))
|
||||||
|
|
||||||
children := []Child{}
|
childrenOU := []Child{}
|
||||||
|
childrenOther := []Child{}
|
||||||
for _, item := range sr.Entries {
|
for _, item := range sr.Entries {
|
||||||
name := item.GetAttributeValue("displayname")
|
name := item.GetAttributeValue("displayname")
|
||||||
if name == "" {
|
if name == "" {
|
||||||
name = item.GetAttributeValue("description")
|
name = item.GetAttributeValue("description")
|
||||||
}
|
}
|
||||||
children = append(children, Child{
|
child := Child{
|
||||||
DN: item.DN,
|
DN: item.DN,
|
||||||
Identifier: strings.Split(item.DN, ",")[0],
|
Identifier: strings.Split(item.DN, ",")[0],
|
||||||
Name: name,
|
Name: name,
|
||||||
})
|
}
|
||||||
|
if strings.HasPrefix(item.DN, "ou=") {
|
||||||
|
childrenOU = append(childrenOU, child)
|
||||||
|
} else {
|
||||||
|
childrenOther = append(childrenOther, child)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Run template, finally!
|
// Run template, finally!
|
||||||
|
@ -518,10 +751,11 @@ func handleAdminLDAP(w http.ResponseWriter, r *http.Request) {
|
||||||
DN: dn,
|
DN: dn,
|
||||||
|
|
||||||
Path: path,
|
Path: path,
|
||||||
Children: children,
|
ChildrenOU: childrenOU,
|
||||||
|
ChildrenOther: childrenOther,
|
||||||
Props: props,
|
Props: props,
|
||||||
CanAddChild: dn_last_attr == "ou" || isOrganization,
|
CanAddChild: dn_last_attr == "ou" || isOrganization,
|
||||||
CanDelete: dn != config.BaseDN && len(children) == 0,
|
CanDelete: dn != config.BaseDN && len(childrenOU) == 0 && len(childrenOther) == 0,
|
||||||
|
|
||||||
HasMembers: len(members) > 0 || hasMembers,
|
HasMembers: len(members) > 0 || hasMembers,
|
||||||
Members: members,
|
Members: members,
|
||||||
|
@ -551,10 +785,10 @@ type CreateData struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
||||||
templateAdminCreate := template.Must(template.ParseFiles("templates/layout.html", "templates/admin_create.html"))
|
templateAdminCreate := getTemplate("admin_create.html")
|
||||||
|
|
||||||
login := checkAdminLogin(w, r)
|
user := checkAdminLogin(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -569,7 +803,7 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
||||||
[]string{},
|
[]string{},
|
||||||
nil)
|
nil)
|
||||||
|
|
||||||
sr, err := login.conn.Search(searchRequest)
|
sr, err := user.Login.conn.Search(searchRequest)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
|
@ -607,7 +841,7 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
||||||
data.IdType = config.UserNameAttr
|
data.IdType = config.UserNameAttr
|
||||||
data.StructuralObjectClass = "inetOrgPerson"
|
data.StructuralObjectClass = "inetOrgPerson"
|
||||||
data.ObjectClass = "inetOrgPerson\norganizationalPerson\nperson\ntop"
|
data.ObjectClass = "inetOrgPerson\norganizationalPerson\nperson\ntop"
|
||||||
} else if template == "group" {
|
} else if template == "group" || template == "ml" {
|
||||||
data.IdType = config.UserNameAttr
|
data.IdType = config.UserNameAttr
|
||||||
data.StructuralObjectClass = "groupOfNames"
|
data.StructuralObjectClass = "groupOfNames"
|
||||||
data.ObjectClass = "groupOfNames\ntop"
|
data.ObjectClass = "groupOfNames\ntop"
|
||||||
|
@ -646,8 +880,6 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
||||||
data.Error = "Invalid identifier type"
|
data.Error = "Invalid identifier type"
|
||||||
} else if len(data.IdValue) == 0 {
|
} else if len(data.IdValue) == 0 {
|
||||||
data.Error = "No identifier specified"
|
data.Error = "No identifier specified"
|
||||||
} else if match, err := regexp.MatchString("^[\\d\\w_-]+$", data.IdValue); err != nil || !match {
|
|
||||||
data.Error = "Invalid identifier"
|
|
||||||
} else {
|
} else {
|
||||||
dn := data.IdType + "=" + data.IdValue + "," + super_dn
|
dn := data.IdType + "=" + data.IdValue + "," + super_dn
|
||||||
req := ldap.NewAddRequest(dn, nil)
|
req := ldap.NewAddRequest(dn, nil)
|
||||||
|
@ -662,13 +894,16 @@ func handleAdminCreate(w http.ResponseWriter, r *http.Request) {
|
||||||
req.Attribute("description", []string{data.Description})
|
req.Attribute("description", []string{data.Description})
|
||||||
}
|
}
|
||||||
|
|
||||||
err := login.conn.Add(req)
|
err := user.Login.conn.Add(req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
data.Error = err.Error()
|
data.Error = err.Error()
|
||||||
|
} else {
|
||||||
|
if template == "ml" {
|
||||||
|
http.Redirect(w, r, "/admin/mailing/"+data.IdValue, http.StatusFound)
|
||||||
} else {
|
} else {
|
||||||
http.Redirect(w, r, "/admin/ldap/"+dn, http.StatusFound)
|
http.Redirect(w, r, "/admin/ldap/"+dn, http.StatusFound)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
127
api.go
Normal file
127
api.go
Normal file
|
@ -0,0 +1,127 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"github.com/gorilla/mux"
|
||||||
|
"net/http"
|
||||||
|
)
|
||||||
|
|
||||||
|
func handleAPIWebsiteList(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := RequireUserApi(w, r)
|
||||||
|
|
||||||
|
if user == nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
ctrl, err := NewWebsiteController(user)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if r.Method == http.MethodGet {
|
||||||
|
describe, err := ctrl.Describe()
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
}
|
||||||
|
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
json.NewEncoder(w).Encode(describe)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
http.Error(w, "This method is not implemented for this endpoint", http.StatusNotImplemented)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
func handleAPIWebsiteInspect(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := RequireUserApi(w, r)
|
||||||
|
|
||||||
|
if user == nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
bucketName := mux.Vars(r)["bucket"]
|
||||||
|
ctrl, err := NewWebsiteController(user)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if r.Method == http.MethodGet {
|
||||||
|
view, err := ctrl.Inspect(bucketName)
|
||||||
|
if errors.Is(err, ErrWebsiteNotFound) {
|
||||||
|
http.Error(w, err.Error(), http.StatusNotFound)
|
||||||
|
return
|
||||||
|
} else if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
json.NewEncoder(w).Encode(view)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if r.Method == http.MethodPost {
|
||||||
|
view, err := ctrl.Create(bucketName)
|
||||||
|
if errors.Is(err, ErrEmptyBucketName) {
|
||||||
|
http.Error(w, err.Error(), http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
} else if errors.Is(err, ErrWebsiteQuotaReached) {
|
||||||
|
http.Error(w, err.Error(), http.StatusForbidden)
|
||||||
|
return
|
||||||
|
} else if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
w.WriteHeader(http.StatusCreated)
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
json.NewEncoder(w).Encode(view)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if r.Method == http.MethodPatch {
|
||||||
|
var patch WebsitePatch
|
||||||
|
err := json.NewDecoder(r.Body).Decode(&patch)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, errors.Join(fmt.Errorf("Can't parse the request body as a website patch JSON"), err).Error(), http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
view, err := ctrl.Patch(bucketName, &patch)
|
||||||
|
if errors.Is(err, ErrWebsiteNotFound) {
|
||||||
|
http.Error(w, err.Error(), http.StatusNotFound)
|
||||||
|
return
|
||||||
|
} else if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
json.NewEncoder(w).Encode(view)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if r.Method == http.MethodDelete {
|
||||||
|
err := ctrl.Delete(bucketName)
|
||||||
|
if errors.Is(err, ErrEmptyBucketName) || errors.Is(err, ErrBucketDeleteNotEmpty) || errors.Is(err, ErrBucketDeleteUnfinishedUpload) {
|
||||||
|
http.Error(w, err.Error(), http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
} else if errors.Is(err, ErrWebsiteNotFound) {
|
||||||
|
http.Error(w, err.Error(), http.StatusNotFound)
|
||||||
|
return
|
||||||
|
} else if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
w.WriteHeader(http.StatusNoContent)
|
||||||
|
return
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
http.Error(w, "This method is not implemented for this endpoint", http.StatusNotImplemented)
|
||||||
|
return
|
||||||
|
}
|
44
cli.go
Normal file
44
cli.go
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"flag"
|
||||||
|
"fmt"
|
||||||
|
"golang.org/x/term"
|
||||||
|
"os"
|
||||||
|
"syscall"
|
||||||
|
)
|
||||||
|
|
||||||
|
var fsCli = flag.NewFlagSet("cli", flag.ContinueOnError)
|
||||||
|
var passFlag = fsCli.Bool("passwd", false, "Tool to generate a guichet-compatible password hash")
|
||||||
|
|
||||||
|
func cliMain(args []string) {
|
||||||
|
if err := fsCli.Parse(args); err != nil {
|
||||||
|
fmt.Println(err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
if *passFlag {
|
||||||
|
cliPasswd()
|
||||||
|
} else {
|
||||||
|
fsCli.PrintDefaults()
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func cliPasswd() {
|
||||||
|
fmt.Print("Password: ")
|
||||||
|
bytepw, err := term.ReadPassword(int(syscall.Stdin))
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println(err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
pass := string(bytepw)
|
||||||
|
|
||||||
|
hash, err := SSHAEncode(pass)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println(err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
fmt.Println(hash)
|
||||||
|
}
|
|
@ -2,30 +2,31 @@
|
||||||
"http_bind_addr": ":9991",
|
"http_bind_addr": ":9991",
|
||||||
"ldap_server_addr": "ldap://127.0.0.1:389",
|
"ldap_server_addr": "ldap://127.0.0.1:389",
|
||||||
|
|
||||||
"base_dn": "dc=example,dc=com",
|
"base_dn": "dc=bottin,dc=eu",
|
||||||
"user_base_dn": "ou=users,dc=example,dc=com",
|
"user_base_dn": "ou=users,dc=bottin,dc=eu",
|
||||||
"user_name_attr": "uid",
|
"user_name_attr": "cn",
|
||||||
"group_base_dn": "ou=groups,dc=example,dc=com",
|
"group_base_dn": "ou=groups,dc=bottin,dc=eu",
|
||||||
"group_name_attr": "gid",
|
"group_name_attr": "cn",
|
||||||
|
|
||||||
"invitation_base_dn": "ou=invitations,dc=example,dc=com",
|
"invitation_base_dn": "ou=invitations,dc=bottin,dc=eu",
|
||||||
"invitation_name_attr": "cn",
|
"invitation_name_attr": "cn",
|
||||||
"invited_mail_format": "{}@example.com",
|
"invited_mail_format": "{}@bottin.eu",
|
||||||
"invited_auto_groups": [
|
"invited_auto_groups": [ ],
|
||||||
"cn=email,ou=groups,dc=example,dc=com"
|
|
||||||
],
|
|
||||||
|
|
||||||
"web_address": "https://guichet.example.com",
|
"web_address": "http://localhost:9991",
|
||||||
"mail_from": "welcome@example.com",
|
"mail_from": "welcome@bottin.eu",
|
||||||
"smtp_server": "smtp.example.com",
|
"smtp_server": "smtp.bottin.eu",
|
||||||
"smtp_username": "guichet",
|
"smtp_username": "guichet",
|
||||||
"smtp_password": "",
|
"smtp_password": "",
|
||||||
|
|
||||||
"admin_account": "uid=admin,dc=example,dc=com",
|
"admin_account": "cn=admin,dc=bottin,dc=eu",
|
||||||
"group_can_admin": "gid=admin,ou=groups,dc=example,dc=com",
|
"group_can_admin": "cn=admin,ou=groups,dc=bottin,dc=eu",
|
||||||
"group_can_invite": ""
|
"group_can_invite": "cn=admin,ou=groups,dc=bottin,dc=eu",
|
||||||
|
|
||||||
"s3_endpoint": "garage.example.com",
|
"s3_admin_endpoint": "localhost:3903",
|
||||||
|
"s3_admin_token": "GlXP43PWH3LuvEGSNxKYzZCyUss8VqZmarBU+HUlrxw=",
|
||||||
|
|
||||||
|
"s3_endpoint": "localhost:3900",
|
||||||
"s3_access_key": "",
|
"s3_access_key": "",
|
||||||
"s3_secret_key": "",
|
"s3_secret_key": "",
|
||||||
"s3_region": "garage",
|
"s3_region": "garage",
|
||||||
|
|
14
directory.go
14
directory.go
|
@ -13,10 +13,10 @@ const FIELD_NAME_PROFILE_PICTURE = "profilePicture"
|
||||||
const FIELD_NAME_DIRECTORY_VISIBILITY = "directoryVisibility"
|
const FIELD_NAME_DIRECTORY_VISIBILITY = "directoryVisibility"
|
||||||
|
|
||||||
func handleDirectory(w http.ResponseWriter, r *http.Request) {
|
func handleDirectory(w http.ResponseWriter, r *http.Request) {
|
||||||
templateDirectory := template.Must(template.ParseFiles("templates/layout.html", "templates/directory.html"))
|
templateDirectory := getTemplate("directory.html")
|
||||||
|
|
||||||
login := checkLogin(w, r)
|
user := RequireUserHtml(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -37,7 +37,7 @@ type SearchResults struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleDirectorySearch(w http.ResponseWriter, r *http.Request) {
|
func handleDirectorySearch(w http.ResponseWriter, r *http.Request) {
|
||||||
templateDirectoryResults := template.Must(template.ParseFiles("templates/directory_results.html"))
|
templateDirectoryResults := template.Must(template.ParseFiles(templatePath + "/directory_results.html"))
|
||||||
|
|
||||||
//Get input value by user
|
//Get input value by user
|
||||||
r.ParseMultipartForm(1024)
|
r.ParseMultipartForm(1024)
|
||||||
|
@ -49,8 +49,8 @@ func handleDirectorySearch(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
//Log to allow the research
|
//Log to allow the research
|
||||||
login := checkLogin(w, r)
|
user := RequireUserHtml(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
http.Error(w, "Login required", http.StatusUnauthorized)
|
http.Error(w, "Login required", http.StatusUnauthorized)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -69,7 +69,7 @@ func handleDirectorySearch(w http.ResponseWriter, r *http.Request) {
|
||||||
},
|
},
|
||||||
nil)
|
nil)
|
||||||
|
|
||||||
sr, err := login.conn.Search(searchRequest)
|
sr, err := user.Login.conn.Search(searchRequest)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
|
|
97
flake.lock
Normal file
97
flake.lock
Normal file
|
@ -0,0 +1,97 @@
|
||||||
|
{
|
||||||
|
"nodes": {
|
||||||
|
"flake-utils": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1694529238,
|
||||||
|
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"gomod2nix": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": "flake-utils",
|
||||||
|
"nixpkgs": "nixpkgs"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1694616124,
|
||||||
|
"narHash": "sha256-c49BVhQKw3XDRgt+y+uPAbArtgUlMXCET6VxEBmzHXE=",
|
||||||
|
"owner": "tweag",
|
||||||
|
"repo": "gomod2nix",
|
||||||
|
"rev": "f95720e89af6165c8c0aa77f180461fe786f3c21",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "tweag",
|
||||||
|
"repo": "gomod2nix",
|
||||||
|
"rev": "f95720e89af6165c8c0aa77f180461fe786f3c21",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1695711119,
|
||||||
|
"narHash": "sha256-qrtJ4zliGgH24FMhj5a/5Gq7SkjqKquF5AVS0eEevBk=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "044b1b65fd5dd49a535e9a9bd1a2cee884eb22d6",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "master",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1695710730,
|
||||||
|
"narHash": "sha256-GigCuk3t8AVXr2NdX6eBgouc20JWWrZatbKH3xZZSC4=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "f758d66c9cc3011f5327f8583908a7803cc019b1",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "f758d66c9cc3011f5327f8583908a7803cc019b1",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"root": {
|
||||||
|
"inputs": {
|
||||||
|
"gomod2nix": "gomod2nix",
|
||||||
|
"nixpkgs": "nixpkgs_2"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"systems": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"root": "root",
|
||||||
|
"version": 7
|
||||||
|
}
|
57
flake.nix
Normal file
57
flake.nix
Normal file
|
@ -0,0 +1,57 @@
|
||||||
|
{
|
||||||
|
description = "A simple LDAP web interface for Bottin";
|
||||||
|
|
||||||
|
inputs.nixpkgs.url =
|
||||||
|
"github:nixos/nixpkgs/f758d66c9cc3011f5327f8583908a7803cc019b1";
|
||||||
|
inputs.gomod2nix.url =
|
||||||
|
"github:tweag/gomod2nix/f95720e89af6165c8c0aa77f180461fe786f3c21";
|
||||||
|
|
||||||
|
outputs = { self, nixpkgs, gomod2nix }:
|
||||||
|
let
|
||||||
|
pkgs = import nixpkgs {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
overlays = [
|
||||||
|
(import "${gomod2nix}/overlay.nix")
|
||||||
|
];
|
||||||
|
};
|
||||||
|
src = ./.;
|
||||||
|
guichet = pkgs.buildGoApplication {
|
||||||
|
pname = "guichet";
|
||||||
|
version = "0.1.0";
|
||||||
|
src = src;
|
||||||
|
modules = ./gomod2nix.toml;
|
||||||
|
|
||||||
|
CGO_ENABLED = 0;
|
||||||
|
|
||||||
|
ldflags = [
|
||||||
|
"-X main.templatePath=${src + "/templates"}"
|
||||||
|
"-X main.staticPath=${src + "/static"}"
|
||||||
|
];
|
||||||
|
|
||||||
|
meta = with pkgs.lib; {
|
||||||
|
description = "A simple LDAP web interface for Bottin";
|
||||||
|
homepage = "https://git.deuxfleurs.fr/Deuxfleurs/guichet";
|
||||||
|
license = licenses.gpl3Plus;
|
||||||
|
platforms = platforms.linux;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
container = pkgs.dockerTools.buildImage {
|
||||||
|
name = "dxflrs/guichet";
|
||||||
|
copyToRoot = pkgs.buildEnv {
|
||||||
|
name = "guichet-env";
|
||||||
|
paths = [ guichet pkgs.cacert ];
|
||||||
|
};
|
||||||
|
config = {
|
||||||
|
Entrypoint = "/bin/guichet";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
packages.x86_64-linux.guichet = guichet;
|
||||||
|
packages.x86_64-linux.container = container;
|
||||||
|
packages.x86_64-linux.default = guichet;
|
||||||
|
|
||||||
|
devShell.x86_64-linux = pkgs.mkShell { nativeBuildInputs = [ pkgs.go pkgs.gomod2nix ]; };
|
||||||
|
};
|
||||||
|
}
|
188
garage.go
Normal file
188
garage.go
Normal file
|
@ -0,0 +1,188 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"fmt"
|
||||||
|
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
|
||||||
|
"log"
|
||||||
|
)
|
||||||
|
|
||||||
|
func gadmin() (*garage.APIClient, context.Context) {
|
||||||
|
// Set Host and other parameters
|
||||||
|
configuration := garage.NewConfiguration()
|
||||||
|
configuration.Host = config.S3AdminEndpoint
|
||||||
|
|
||||||
|
// We can now generate a client
|
||||||
|
client := garage.NewAPIClient(configuration)
|
||||||
|
|
||||||
|
// Authentication is handled through the context pattern
|
||||||
|
ctx := context.WithValue(context.Background(), garage.ContextAccessToken, config.S3AdminToken)
|
||||||
|
return client, ctx
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgCreateKey(name string) (*garage.KeyInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
kr := garage.NewAddKeyRequest()
|
||||||
|
kr.SetName(name)
|
||||||
|
resp, _, err := client.KeyApi.AddKey(ctx).AddKeyRequest(*kr).Execute()
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("%+v\n", err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return resp, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgGetKey(accessKey string) (*garage.KeyInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
resp, _, err := client.KeyApi.GetKey(ctx).Id(accessKey).ShowSecretKey("true").Execute()
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("%+v\n", err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return resp, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgSearchKey(name string) (*garage.KeyInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
resp, _, err := client.KeyApi.GetKey(ctx).Search(name).ShowSecretKey("true").Execute()
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("%+v\n", err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return resp, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgDelKey(accessKey string) error {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
_, err := client.KeyApi.DeleteKey(ctx).Id(accessKey).Execute()
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("%+v\n", err)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgCreateBucket(bucket string) (*garage.BucketInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
br := garage.NewCreateBucketRequest()
|
||||||
|
br.SetGlobalAlias(bucket)
|
||||||
|
|
||||||
|
// Create Bucket
|
||||||
|
binfo, _, err := client.BucketApi.CreateBucket(ctx).CreateBucketRequest(*br).Execute()
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("%+v\n", err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return binfo, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgAllowKeyOnBucket(bid, gkey string, read, write, owner bool) (*garage.BucketInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
// Allow user's key
|
||||||
|
ar := garage.AllowBucketKeyRequest{
|
||||||
|
BucketId: bid,
|
||||||
|
AccessKeyId: gkey,
|
||||||
|
Permissions: *garage.NewAllowBucketKeyRequestPermissions(read, write, owner),
|
||||||
|
}
|
||||||
|
binfo, _, err := client.BucketApi.AllowBucketKey(ctx).AllowBucketKeyRequest(ar).Execute()
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("%+v\n", err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return binfo, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func allowWebsiteDefault() *garage.UpdateBucketRequestWebsiteAccess {
|
||||||
|
wr := garage.NewUpdateBucketRequestWebsiteAccess()
|
||||||
|
wr.SetEnabled(true)
|
||||||
|
wr.SetIndexDocument("index.html")
|
||||||
|
wr.SetErrorDocument("error.html")
|
||||||
|
|
||||||
|
return wr
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgUpdateBucket(bid string, ur *garage.UpdateBucketRequest) (*garage.BucketInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
binfo, _, err := client.BucketApi.UpdateBucket(ctx).Id(bid).UpdateBucketRequest(*ur).Execute()
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("%+v\n", err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Return updated binfo
|
||||||
|
return binfo, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgAddGlobalAlias(bid, alias string) (*garage.BucketInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
resp, _, err := client.BucketApi.PutBucketGlobalAlias(ctx).Id(bid).Alias(alias).Execute()
|
||||||
|
if err != nil {
|
||||||
|
log.Println(err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return resp, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgAddLocalAlias(bid, key, alias string) (*garage.BucketInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
resp, _, err := client.BucketApi.PutBucketLocalAlias(ctx).Id(bid).AccessKeyId(key).Alias(alias).Execute()
|
||||||
|
if err != nil {
|
||||||
|
log.Println(err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return resp, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgDelGlobalAlias(bid, alias string) (*garage.BucketInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
resp, _, err := client.BucketApi.DeleteBucketGlobalAlias(ctx).Id(bid).Alias(alias).Execute()
|
||||||
|
if err != nil {
|
||||||
|
log.Println(err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return resp, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgDelLocalAlias(bid, key, alias string) (*garage.BucketInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
resp, _, err := client.BucketApi.DeleteBucketLocalAlias(ctx).Id(bid).AccessKeyId(key).Alias(alias).Execute()
|
||||||
|
if err != nil {
|
||||||
|
log.Println(err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return resp, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgGetBucket(bid string) (*garage.BucketInfo, error) {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
resp, _, err := client.BucketApi.GetBucketInfo(ctx).Id(bid).Execute()
|
||||||
|
if err != nil {
|
||||||
|
log.Println(err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return resp, nil
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
func grgDeleteBucket(bid string) error {
|
||||||
|
client, ctx := gadmin()
|
||||||
|
|
||||||
|
_, err := client.BucketApi.DeleteBucket(ctx).Id(bid).Execute()
|
||||||
|
if err != nil {
|
||||||
|
log.Println(err)
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
32
go.mod
32
go.mod
|
@ -1,18 +1,38 @@
|
||||||
module deuxfleurs.fr/Deuxfleurs/guichet
|
module git.deuxfleurs.fr/Deuxfleurs/guichet
|
||||||
|
|
||||||
go 1.13
|
go 1.18
|
||||||
|
|
||||||
require (
|
require (
|
||||||
|
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20231128153612-8b81fae65e5e
|
||||||
github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b
|
github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b
|
||||||
github.com/emersion/go-smtp v0.12.1
|
github.com/emersion/go-smtp v0.12.1
|
||||||
github.com/go-ldap/ldap v3.0.3+incompatible
|
|
||||||
github.com/go-ldap/ldap/v3 v3.1.6
|
github.com/go-ldap/ldap/v3 v3.1.6
|
||||||
github.com/google/uuid v1.1.1
|
github.com/google/uuid v1.1.1
|
||||||
github.com/gorilla/mux v1.7.3
|
github.com/gorilla/mux v1.7.3
|
||||||
github.com/gorilla/sessions v1.2.0
|
github.com/gorilla/sessions v1.2.0
|
||||||
|
github.com/jsimonetti/pwscheme v0.0.0-20220125093853-4d9895f5db73
|
||||||
github.com/minio/minio-go/v7 v7.0.0
|
github.com/minio/minio-go/v7 v7.0.0
|
||||||
github.com/sirupsen/logrus v1.6.0
|
|
||||||
github.com/stretchr/objx v0.1.1 // indirect
|
|
||||||
golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6
|
|
||||||
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646
|
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646
|
||||||
|
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
|
||||||
|
golang.org/x/term v0.12.0
|
||||||
|
)
|
||||||
|
|
||||||
|
require (
|
||||||
|
github.com/go-asn1-ber/asn1-ber v1.3.1 // indirect
|
||||||
|
github.com/golang/protobuf v1.4.2 // indirect
|
||||||
|
github.com/gorilla/securecookie v1.1.1 // indirect
|
||||||
|
github.com/json-iterator/go v1.1.10 // indirect
|
||||||
|
github.com/klauspost/cpuid v1.2.3 // indirect
|
||||||
|
github.com/minio/md5-simd v1.1.0 // indirect
|
||||||
|
github.com/minio/sha256-simd v0.1.1 // indirect
|
||||||
|
github.com/mitchellh/go-homedir v1.1.0 // indirect
|
||||||
|
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 // indirect
|
||||||
|
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 // indirect
|
||||||
|
golang.org/x/net v0.0.0-20200822124328-c89045814202 // indirect
|
||||||
|
golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558 // indirect
|
||||||
|
golang.org/x/sys v0.12.0 // indirect
|
||||||
|
golang.org/x/text v0.3.3 // indirect
|
||||||
|
google.golang.org/appengine v1.6.6 // indirect
|
||||||
|
google.golang.org/protobuf v1.25.0 // indirect
|
||||||
|
gopkg.in/ini.v1 v1.57.0 // indirect
|
||||||
)
|
)
|
||||||
|
|
387
go.sum
387
go.sum
|
@ -1,4 +1,50 @@
|
||||||
|
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
||||||
|
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
||||||
|
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
|
||||||
|
cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
|
||||||
|
cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
|
||||||
|
cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
|
||||||
|
cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
|
||||||
|
cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To=
|
||||||
|
cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4=
|
||||||
|
cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M=
|
||||||
|
cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc=
|
||||||
|
cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk=
|
||||||
|
cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
|
||||||
|
cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
|
||||||
|
cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
|
||||||
|
cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
|
||||||
|
cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
|
||||||
|
cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
|
||||||
|
cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
|
||||||
|
cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
|
||||||
|
cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
|
||||||
|
cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
|
||||||
|
cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
|
||||||
|
cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
|
||||||
|
cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
|
||||||
|
cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
|
||||||
|
cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU=
|
||||||
|
cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
|
||||||
|
cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
|
||||||
|
cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
|
||||||
|
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
|
||||||
|
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
|
||||||
|
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
|
||||||
|
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9 h1:ERg8KCpIKym98EOKa8Gq0NSBxsasD3sqb/R0gg1wOzU=
|
||||||
|
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9/go.mod h1:TlSL6QVxozmdRaSgP6Akspi0HCJv4HAkkq3Dldru4GM=
|
||||||
|
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20231128153612-8b81fae65e5e h1:h89CAh0qmUcGJykss/utXIw+yRGa3Gr6VyrZ5ZWN0kY=
|
||||||
|
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20231128153612-8b81fae65e5e/go.mod h1:TlSL6QVxozmdRaSgP6Akspi0HCJv4HAkkq3Dldru4GM=
|
||||||
|
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||||
|
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||||
|
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||||
|
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
|
||||||
|
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
|
||||||
|
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
||||||
|
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
||||||
|
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
||||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
|
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
|
||||||
github.com/emersion/go-sasl v0.0.0-20190817083125-240c8404624e/go.mod h1:G/dpzLu16WtQpBfQ/z3LYiYJn3ZhKSGWn83fyoyQe/k=
|
github.com/emersion/go-sasl v0.0.0-20190817083125-240c8404624e/go.mod h1:G/dpzLu16WtQpBfQ/z3LYiYJn3ZhKSGWn83fyoyQe/k=
|
||||||
|
@ -6,15 +52,68 @@ github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b h1:uhWtEWBHgop1rq
|
||||||
github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b/go.mod h1:G/dpzLu16WtQpBfQ/z3LYiYJn3ZhKSGWn83fyoyQe/k=
|
github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b/go.mod h1:G/dpzLu16WtQpBfQ/z3LYiYJn3ZhKSGWn83fyoyQe/k=
|
||||||
github.com/emersion/go-smtp v0.12.1 h1:1R8BDqrR2HhlGwgFYcOi+BVTvK1bMjAB65QcVpJ5sNA=
|
github.com/emersion/go-smtp v0.12.1 h1:1R8BDqrR2HhlGwgFYcOi+BVTvK1bMjAB65QcVpJ5sNA=
|
||||||
github.com/emersion/go-smtp v0.12.1/go.mod h1:SD9V/xa4ndMw77lR3Mf7htkp8RBNYuPh9UeuBs9tpUQ=
|
github.com/emersion/go-smtp v0.12.1/go.mod h1:SD9V/xa4ndMw77lR3Mf7htkp8RBNYuPh9UeuBs9tpUQ=
|
||||||
|
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||||
|
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||||
|
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
||||||
|
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
||||||
github.com/go-asn1-ber/asn1-ber v1.3.1 h1:gvPdv/Hr++TRFCl0UbPFHC54P9N9jgsRPnmnr419Uck=
|
github.com/go-asn1-ber/asn1-ber v1.3.1 h1:gvPdv/Hr++TRFCl0UbPFHC54P9N9jgsRPnmnr419Uck=
|
||||||
github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
|
github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
|
||||||
github.com/go-ldap/ldap v3.0.3+incompatible h1:HTeSZO8hWMS1Rgb2Ziku6b8a7qRIZZMHjsvuZyatzwk=
|
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
|
||||||
github.com/go-ldap/ldap v3.0.3+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc=
|
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||||
|
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||||
github.com/go-ldap/ldap/v3 v3.1.6 h1:VTihvB7egSAvU6KOagaiA/EvgJMR2jsjRAVIho2ydBo=
|
github.com/go-ldap/ldap/v3 v3.1.6 h1:VTihvB7egSAvU6KOagaiA/EvgJMR2jsjRAVIho2ydBo=
|
||||||
github.com/go-ldap/ldap/v3 v3.1.6/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q=
|
github.com/go-ldap/ldap/v3 v3.1.6/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q=
|
||||||
|
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
||||||
|
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||||
|
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||||
|
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||||
|
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
|
||||||
|
github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
|
||||||
|
github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
|
||||||
|
github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||||
|
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||||
|
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||||
|
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
|
||||||
|
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||||
|
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||||
|
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||||
|
github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
|
||||||
|
github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
|
||||||
|
github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
|
||||||
|
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
|
||||||
|
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
|
||||||
|
github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
|
||||||
|
github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
|
||||||
|
github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
|
||||||
|
github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
|
||||||
|
github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0=
|
||||||
|
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
|
||||||
|
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
|
||||||
|
github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
|
||||||
|
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
|
||||||
|
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||||
|
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||||
|
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
|
github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
|
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
|
github.com/google/go-cmp v0.5.1 h1:JFrFEBb2xKufg6XkJsJr+WbKb4FQlURi5RUcBveYu9k=
|
||||||
|
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||||
|
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
|
||||||
|
github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
|
||||||
|
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
|
||||||
|
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
|
||||||
|
github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||||
|
github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||||
|
github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||||
|
github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||||
|
github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||||
|
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
|
||||||
github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
|
github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
|
||||||
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
|
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
|
||||||
|
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
|
||||||
|
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
|
||||||
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
||||||
github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=
|
github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=
|
||||||
github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
|
github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
|
||||||
|
@ -22,15 +121,24 @@ github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyC
|
||||||
github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
|
github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
|
||||||
github.com/gorilla/sessions v1.2.0 h1:S7P+1Hm5V/AT9cjEcUD5uDaQSX0OE577aCXgoaKpYbQ=
|
github.com/gorilla/sessions v1.2.0 h1:S7P+1Hm5V/AT9cjEcUD5uDaQSX0OE577aCXgoaKpYbQ=
|
||||||
github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
|
github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
|
||||||
|
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||||
|
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||||
|
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
||||||
|
github.com/jsimonetti/pwscheme v0.0.0-20220125093853-4d9895f5db73 h1:ZhC4QngptYaGx53+ph1RjxcH8fkCozBaY+935TNX4i8=
|
||||||
|
github.com/jsimonetti/pwscheme v0.0.0-20220125093853-4d9895f5db73/go.mod h1:t0Q9JvoMTfTYdAWIk2MF69iz+Qpdk9D+PgVu6fVmaDI=
|
||||||
github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
|
github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
|
||||||
github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
|
github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
|
||||||
|
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
|
||||||
|
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
|
||||||
|
github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
|
||||||
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
|
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
|
||||||
|
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
||||||
github.com/klauspost/cpuid v1.2.3 h1:CCtW0xUnWGVINKvE/WWOYKdsPV6mawAtvQuSl8guwQs=
|
github.com/klauspost/cpuid v1.2.3 h1:CCtW0xUnWGVINKvE/WWOYKdsPV6mawAtvQuSl8guwQs=
|
||||||
github.com/klauspost/cpuid v1.2.3/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
|
github.com/klauspost/cpuid v1.2.3/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
|
||||||
github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
|
|
||||||
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
|
||||||
github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8=
|
|
||||||
github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||||
|
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||||
|
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||||
|
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||||
github.com/minio/md5-simd v1.1.0 h1:QPfiOqlZH+Cj9teu0t9b1nTBfPbyTl16Of5MeuShdK4=
|
github.com/minio/md5-simd v1.1.0 h1:QPfiOqlZH+Cj9teu0t9b1nTBfPbyTl16Of5MeuShdK4=
|
||||||
github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77ZrKZ0Gw=
|
github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77ZrKZ0Gw=
|
||||||
github.com/minio/minio-go/v7 v7.0.0 h1:99hRCmsmMi+hKK93C26iPnRQebTsdK8GEx8Xb4XLr7I=
|
github.com/minio/minio-go/v7 v7.0.0 h1:99hRCmsmMi+hKK93C26iPnRQebTsdK8GEx8Xb4XLr7I=
|
||||||
|
@ -45,33 +153,282 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 h1:Esafd1046DLD
|
||||||
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
||||||
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ=
|
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ=
|
||||||
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8=
|
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8=
|
||||||
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=
|
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||||
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
|
||||||
github.com/sirupsen/logrus v1.6.0 h1:UBcNElsrwanuuMsnGSlYmtmgbb23qDR5dG+6X6Oo89I=
|
|
||||||
github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
|
github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
|
||||||
|
github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM=
|
||||||
github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
|
github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
|
||||||
|
github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a h1:pa8hGb/2YqsZKovtsgrwcDH1RZhVbTKCjLp47XpqCDs=
|
||||||
github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
|
github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
|
||||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
|
||||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||||
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
||||||
|
github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
|
||||||
|
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
||||||
|
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
|
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
|
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
|
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
|
||||||
|
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
|
||||||
|
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||||
|
go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||||
|
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
|
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20190513172903-22d7a77e9e5f/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20190513172903-22d7a77e9e5f/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6 h1:Sy5bstxEqwwbYs6n0/pBuxKENqOeZUgD45Gp3Q3pqLg=
|
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
|
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
|
||||||
|
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
|
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
|
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
|
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
||||||
|
golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
|
||||||
|
golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
|
||||||
|
golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||||
|
golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||||
|
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||||
|
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
|
||||||
|
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
|
||||||
|
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||||
|
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||||
|
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||||
|
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
||||||
|
golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||||
|
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||||
|
golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||||
|
golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||||
|
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||||
|
golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
|
||||||
|
golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||||
|
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||||
|
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
|
||||||
|
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
|
||||||
|
golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
|
||||||
|
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
|
||||||
|
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||||
|
golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||||
|
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
|
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
|
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
golang.org/x/net v0.0.0-20190522155817-f3200d17e092 h1:4QSRKanuywn15aTZvI/mIDEgPQpswuFndXpOj3rKEco=
|
golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
|
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
|
golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
|
||||||
|
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
|
||||||
|
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||||
|
golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||||
|
golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||||
|
golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||||
|
golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||||
|
golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
||||||
|
golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
||||||
|
golang.org/x/net v0.0.0-20200822124328-c89045814202 h1:VvcQYSHwXgi7W+TpUR6A9g6Up98WAHf3f/ulnJ62IyA=
|
||||||
|
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
||||||
|
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||||
|
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||||
|
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||||
|
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||||
|
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||||
|
golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558 h1:D7nTwh4J0i+5mW4Zjzn5omvlr6YBcWywE6KOcatyNxY=
|
||||||
|
golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
|
||||||
|
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190422165155-953cdadca894 h1:Cz4ceDQGXuKRnVBDTS23GTn/pU5OE2C0WrNTOYK1Uuc=
|
|
||||||
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae h1:/WDfKMnPU+m5M4xB+6x4kaepxRw6jWvR5iDRdvjHgy8=
|
golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
|
golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
|
||||||
|
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU=
|
||||||
|
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
|
||||||
|
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
|
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
|
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||||
|
golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
|
||||||
|
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
|
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
|
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
|
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
|
||||||
|
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
|
golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
|
golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
|
golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||||
|
golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||||
|
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||||
|
golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||||
|
golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||||
|
golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||||
|
golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
|
||||||
|
golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
|
||||||
|
golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
|
||||||
|
golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||||
|
golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||||
|
golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||||
|
golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||||
|
golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||||
|
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||||
|
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||||
|
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
|
||||||
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
|
||||||
|
google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
|
||||||
|
google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
|
||||||
|
google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
|
||||||
|
google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
|
||||||
|
google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
|
||||||
|
google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
|
||||||
|
google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||||
|
google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||||
|
google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||||
|
google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||||
|
google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
|
||||||
|
google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
|
||||||
|
google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
|
||||||
|
google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
|
||||||
|
google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
|
||||||
|
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
|
||||||
|
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||||
|
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||||
|
google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
|
||||||
|
google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
|
||||||
|
google.golang.org/appengine v1.6.6 h1:lMO5rYAqUxkmaj76jAkRUvt5JZgFymx/+Q5Mzfivuhc=
|
||||||
|
google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
|
||||||
|
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
|
||||||
|
google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||||
|
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||||
|
google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||||
|
google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||||
|
google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
||||||
|
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
||||||
|
google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
|
||||||
|
google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||||
|
google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||||
|
google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||||
|
google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||||
|
google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||||
|
google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
|
||||||
|
google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA=
|
||||||
|
google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||||
|
google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||||
|
google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||||
|
google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||||
|
google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||||
|
google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||||
|
google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||||
|
google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||||
|
google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U=
|
||||||
|
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
|
||||||
|
google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
|
||||||
|
google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||||
|
google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||||
|
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||||
|
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
||||||
|
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
|
||||||
|
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
|
||||||
|
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
||||||
|
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
|
||||||
|
google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||||
|
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||||
|
google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||||
|
google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
|
||||||
|
google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
|
||||||
|
google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
|
||||||
|
google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
|
||||||
|
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
||||||
|
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
||||||
|
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
||||||
|
google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
|
||||||
|
google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
|
||||||
|
google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||||
|
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||||
|
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||||
|
google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
|
||||||
|
google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c=
|
||||||
|
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
|
||||||
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
|
||||||
gopkg.in/ini.v1 v1.57.0 h1:9unxIsFcTt4I55uWluz+UmL95q4kdJ0buvQ1ZIqVQww=
|
gopkg.in/ini.v1 v1.57.0 h1:9unxIsFcTt4I55uWluz+UmL95q4kdJ0buvQ1ZIqVQww=
|
||||||
gopkg.in/ini.v1 v1.57.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
gopkg.in/ini.v1 v1.57.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
||||||
|
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
|
||||||
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
|
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
|
honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
|
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
|
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
||||||
|
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||||
|
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||||
|
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
|
||||||
|
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
|
||||||
|
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
|
||||||
|
|
90
gomod2nix.toml
Normal file
90
gomod2nix.toml
Normal file
|
@ -0,0 +1,90 @@
|
||||||
|
schema = 3
|
||||||
|
|
||||||
|
[mod]
|
||||||
|
[mod."git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"]
|
||||||
|
version = "v0.0.0-20231128153612-8b81fae65e5e"
|
||||||
|
hash = "sha256-o9kbcJ25/cYYwWZz/LBF7ZDyW8bZAjdg5pPu0gvb5JQ="
|
||||||
|
[mod."github.com/emersion/go-sasl"]
|
||||||
|
version = "v0.0.0-20191210011802-430746ea8b9b"
|
||||||
|
hash = "sha256-bADpAn0ZhlTTsEB3MsG8J31cQjTtHTzohX/wkL1aMIc="
|
||||||
|
[mod."github.com/emersion/go-smtp"]
|
||||||
|
version = "v0.12.1"
|
||||||
|
hash = "sha256-fiss5y7chfHv80vIQ9Xwx3J+3qLMA63EOP4OG3DxAtI="
|
||||||
|
[mod."github.com/go-asn1-ber/asn1-ber"]
|
||||||
|
version = "v1.3.1"
|
||||||
|
hash = "sha256-Alh6bUq9HoBDhY+n6W7xNBto/dUMxPGvucA6guarrjc="
|
||||||
|
[mod."github.com/go-ldap/ldap/v3"]
|
||||||
|
version = "v3.1.6"
|
||||||
|
hash = "sha256-UPUdYKOoCQWgl2Onbq1Oql7XU4TeYQA/+j4atwhdKbE="
|
||||||
|
[mod."github.com/golang/protobuf"]
|
||||||
|
version = "v1.4.2"
|
||||||
|
hash = "sha256-zhA1d1Kw1ZV/kDBZ4Iv5miKHjZBhcV8m3BiD1qocJqw="
|
||||||
|
[mod."github.com/google/uuid"]
|
||||||
|
version = "v1.1.1"
|
||||||
|
hash = "sha256-66PXC/RCPUyhS9PhkIPQFR3tbM2zZYDNPGXN7JJj3UE="
|
||||||
|
[mod."github.com/gorilla/mux"]
|
||||||
|
version = "v1.7.3"
|
||||||
|
hash = "sha256-YZSIN7Ua+hPqSIrT+tiRz3aFqJ1EWHvwee+PptpHI28="
|
||||||
|
[mod."github.com/gorilla/securecookie"]
|
||||||
|
version = "v1.1.1"
|
||||||
|
hash = "sha256-IBBYWfdOuXvQsb01DaA8tBizCfAE1J2KLXIn3W+NeJk="
|
||||||
|
[mod."github.com/gorilla/sessions"]
|
||||||
|
version = "v1.2.0"
|
||||||
|
hash = "sha256-4V7yd/vf03CEsb3pz5dbLWwv7t9QgKkEhVXtc1/z5s8="
|
||||||
|
[mod."github.com/jsimonetti/pwscheme"]
|
||||||
|
version = "v0.0.0-20220125093853-4d9895f5db73"
|
||||||
|
hash = "sha256-YF3RKU/4CWvLPgGzUd7Hk/2+41OUFuRWZgzQuqcsKg0="
|
||||||
|
[mod."github.com/json-iterator/go"]
|
||||||
|
version = "v1.1.10"
|
||||||
|
hash = "sha256-jdS2C0WsgsWREBSj+YUzSqdZofMfUMecaOQ/lB9Mu6k="
|
||||||
|
[mod."github.com/klauspost/cpuid"]
|
||||||
|
version = "v1.2.3"
|
||||||
|
hash = "sha256-1IBlONMxKVgudV/mzNrFZB60z8w4xFjVbEU2DoIAoeg="
|
||||||
|
[mod."github.com/minio/md5-simd"]
|
||||||
|
version = "v1.1.0"
|
||||||
|
hash = "sha256-jJbDwg7KlLB991wj1U6y+kJKOUxKVGQrDbM3nY+6qxE="
|
||||||
|
[mod."github.com/minio/minio-go/v7"]
|
||||||
|
version = "v7.0.0"
|
||||||
|
hash = "sha256-xWAELgH6mWVGKFEe2gbzvigJDNk+ELmegJe09KvUqvY="
|
||||||
|
[mod."github.com/minio/sha256-simd"]
|
||||||
|
version = "v0.1.1"
|
||||||
|
hash = "sha256-HpcuLTnpcyKe0ua2MN/ysK5cXdrwquDjrx4Y2dG6W2s="
|
||||||
|
[mod."github.com/mitchellh/go-homedir"]
|
||||||
|
version = "v1.1.0"
|
||||||
|
hash = "sha256-oduBKXHAQG8X6aqLEpqZHs5DOKe84u6WkBwi4W6cv3k="
|
||||||
|
[mod."github.com/modern-go/concurrent"]
|
||||||
|
version = "v0.0.0-20180228061459-e0a39a4cb421"
|
||||||
|
hash = "sha256-+bdeHUArnpkk4eMQIwXm9K249NkpwAjoTrXrGn/4VUE="
|
||||||
|
[mod."github.com/modern-go/reflect2"]
|
||||||
|
version = "v0.0.0-20180701023420-4b7aa43c6742"
|
||||||
|
hash = "sha256-RyIwgrPwtd4lNjLGkBVxRvu5IdXLDqf5F69QWLm0zLw="
|
||||||
|
[mod."github.com/nfnt/resize"]
|
||||||
|
version = "v0.0.0-20180221191011-83c6a9932646"
|
||||||
|
hash = "sha256-yvPV+HlDOyJsiwAcVHQkmtw8DHSXyw+cXHkigXm8rAA="
|
||||||
|
[mod."golang.org/x/crypto"]
|
||||||
|
version = "v0.0.0-20200622213623-75b288015ac9"
|
||||||
|
hash = "sha256-QvFbJEm3gXs2NtaaREbkbAtdHpU4fqX+0C0EvTezdKM="
|
||||||
|
[mod."golang.org/x/net"]
|
||||||
|
version = "v0.0.0-20200822124328-c89045814202"
|
||||||
|
hash = "sha256-wg5IrlVfnsRL86dbi3WJ9XA6Er6JuuyusytIPf18mO0="
|
||||||
|
[mod."golang.org/x/oauth2"]
|
||||||
|
version = "v0.0.0-20210323180902-22b0adad7558"
|
||||||
|
hash = "sha256-mQv+EELtNg99ZYiRFxel405A66PtHK6eCx6XM3vqKG8="
|
||||||
|
[mod."golang.org/x/sys"]
|
||||||
|
version = "v0.12.0"
|
||||||
|
hash = "sha256-Ht/PhBJGWNBg4ksmdUu4+7hJjFypSwoUN/8DJricd+0="
|
||||||
|
[mod."golang.org/x/term"]
|
||||||
|
version = "v0.12.0"
|
||||||
|
hash = "sha256-NFko0uqv/r2VxrbSgS1IwWzaWQK3RZuk0MvUV+qxIsc="
|
||||||
|
[mod."golang.org/x/text"]
|
||||||
|
version = "v0.3.3"
|
||||||
|
hash = "sha256-kiauoT7vd7Mh2AW7TnceQyoCDsARxWkDZu1OSD9dCZw="
|
||||||
|
[mod."google.golang.org/appengine"]
|
||||||
|
version = "v1.6.6"
|
||||||
|
hash = "sha256-nZnEfsXy3mgzRnlyWGHJKqsosvnAQFkhVszw3DSFe6Y="
|
||||||
|
[mod."google.golang.org/protobuf"]
|
||||||
|
version = "v1.25.0"
|
||||||
|
hash = "sha256-3sf57K5A0nmA1UmDe+6FUNJI6UR+SfVyZWNv+2TGHT4="
|
||||||
|
[mod."gopkg.in/ini.v1"]
|
||||||
|
version = "v1.57.0"
|
||||||
|
hash = "sha256-WSjX+qHJ1Rf4FRMTs7udQwEBkIo+z8+EK3uB5CebrZ4="
|
16
integration/README.md
Normal file
16
integration/README.md
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
# Intégration de Guichet dans un environnement de dev/test
|
||||||
|
|
||||||
|
## Dev process
|
||||||
|
|
||||||
|
On utilise `docker compose` pour mettre en place l'infrastructure dont dépend Guichet, que l'on développe. (On rajoutera Garage dedans plus tard.)
|
||||||
|
|
||||||
|
On ne met pas Guichet dans le `compose` pour pouvoir itérer plus rapidement : un `go build` et on a la nouvelle version, sans avoir restart les dépendances (Bottin, Consul...).
|
||||||
|
|
||||||
|
## Notes
|
||||||
|
|
||||||
|
* Bien récupérer le password `admin` dans les logs de 1er lancement de Bottin : il ne sera pas réaffiché.
|
||||||
|
* Identifiant de l'admin sur Guichet : `cn=admin,dc=bottin,dc=eu` because il n'est pas dans `ou=users,dc=bottin,dc=eu` qui est l'organisation par défaut dans laquelle on va chercher les utilisateurs.
|
||||||
|
|
||||||
|
## TODO
|
||||||
|
|
||||||
|
* Bridger Garage/S3 (pour le moment ne sert que pour les avatars dans l'annuaire)
|
19
integration/config/bottin.json
Normal file
19
integration/config/bottin.json
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
{
|
||||||
|
"suffix": "dc=bottin,dc=eu",
|
||||||
|
"bind": "bottin:389",
|
||||||
|
"consul_host": "consul:8500",
|
||||||
|
"acl": [
|
||||||
|
"ANONYMOUS::bind:*,ou=users,dc=bottin,dc=eu:",
|
||||||
|
"ANONYMOUS::bind:cn=admin,dc=bottin,dc=eu:",
|
||||||
|
"*,dc=bottin,dc=eu::read:*:* !userpassword",
|
||||||
|
"cn=admin,dc=bottin,dc=eu::read add modify delete:*:*",
|
||||||
|
"*:cn=admin,ou=groups,dc=bottin,dc=eu:read add modify delete:*:*",
|
||||||
|
|
||||||
|
"ANONYMOUS::bind:*,ou=invitations,dc=bottin,dc=eu:",
|
||||||
|
"*,ou=invitations,dc=bottin,dc=eu::delete:SELF:*",
|
||||||
|
"*,ou=invitations,dc=bottin,dc=eu::add:*,ou=users,dc=bottin,dc=eu:*",
|
||||||
|
"*,ou=invitations,dc=bottin,dc=eu::modifyAdd:cn=email,ou=groups,dc=bottin,dc=eu:*",
|
||||||
|
|
||||||
|
"*::read modify:SELF:*"
|
||||||
|
]
|
||||||
|
}
|
26
integration/config/garage.toml
Normal file
26
integration/config/garage.toml
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
metadata_dir = "/tmp/meta"
|
||||||
|
data_dir = "/tmp/data"
|
||||||
|
db_engine = "lmdb"
|
||||||
|
|
||||||
|
replication_mode = "none"
|
||||||
|
|
||||||
|
rpc_bind_addr = "[::]:3901"
|
||||||
|
rpc_public_addr = "127.0.0.1:3901"
|
||||||
|
rpc_secret = "93086c2378eecea1cc9e83ee0554a8c510359215168774a396dcb5a01f88dd79"
|
||||||
|
|
||||||
|
[s3_api]
|
||||||
|
s3_region = "garage"
|
||||||
|
api_bind_addr = "[::]:3900"
|
||||||
|
root_domain = ".s3.garage.localhost"
|
||||||
|
|
||||||
|
[s3_web]
|
||||||
|
bind_addr = "[::]:3902"
|
||||||
|
root_domain = ".web.garage.localhost"
|
||||||
|
index = "index.html"
|
||||||
|
|
||||||
|
[k2v_api]
|
||||||
|
api_bind_addr = "[::]:3904"
|
||||||
|
|
||||||
|
[admin]
|
||||||
|
api_bind_addr = "0.0.0.0:3903"
|
||||||
|
admin_token = "GlXP43PWH3LuvEGSNxKYzZCyUss8VqZmarBU+HUlrxw="
|
34
integration/config/guichet.json
Normal file
34
integration/config/guichet.json
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
{
|
||||||
|
"http_bind_addr": ":9991",
|
||||||
|
"ldap_server_addr": "ldap://127.0.0.1:389",
|
||||||
|
|
||||||
|
"base_dn": "dc=bottin,dc=eu",
|
||||||
|
"user_base_dn": "ou=users,dc=bottin,dc=eu",
|
||||||
|
"user_name_attr": "cn",
|
||||||
|
"group_base_dn": "ou=groups,dc=bottin,dc=eu",
|
||||||
|
"group_name_attr": "cn",
|
||||||
|
|
||||||
|
"invitation_base_dn": "ou=invitations,dc=bottin,dc=eu",
|
||||||
|
"invitation_name_attr": "cn",
|
||||||
|
"invited_mail_format": "{}@bottin.eu",
|
||||||
|
"invited_auto_groups": [
|
||||||
|
"cn=email,ou=groups,dc=bottin,dc=eu"
|
||||||
|
],
|
||||||
|
|
||||||
|
"web_address": "https://guichet.bottin.eu",
|
||||||
|
"mail_from": "welcome@bottin.eu",
|
||||||
|
"smtp_server": "smtp.bottin.eu",
|
||||||
|
"smtp_username": "guichet",
|
||||||
|
"smtp_password": "",
|
||||||
|
|
||||||
|
"admin_account": "cn=admin,dc=bottin,dc=eu",
|
||||||
|
"group_can_admin": "gid=admin,ou=groups,dc=bottin,dc=eu",
|
||||||
|
"group_can_invite": "",
|
||||||
|
|
||||||
|
"s3_endpoint": "garage.bottin.eu",
|
||||||
|
"s3_access_key": "",
|
||||||
|
"s3_secret_key": "",
|
||||||
|
"s3_region": "garage",
|
||||||
|
"s3_bucket": "bottin-pictures"
|
||||||
|
}
|
||||||
|
|
31
integration/docker-compose.yml
Normal file
31
integration/docker-compose.yml
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
version: '3'
|
||||||
|
services:
|
||||||
|
consul:
|
||||||
|
# sync with nixos stable packages assuming our stack is up to date
|
||||||
|
# https://search.nixos.org/packages?channel=24.05&from=0&size=50&sort=relevance&type=packages&query=consul
|
||||||
|
image: hashicorp/consul:1.18
|
||||||
|
restart: "always"
|
||||||
|
expose:
|
||||||
|
- 8500
|
||||||
|
bottin:
|
||||||
|
# sync with deuxfleurs/nixcfg/cluster/prod/app/core/deploy/bottin.hcl
|
||||||
|
# to ensure compatibility with prod
|
||||||
|
image: dxflrs/bottin:7h18i30cckckaahv87d3c86pn4a7q41z
|
||||||
|
#command: "-config /etc/bottin.json"
|
||||||
|
restart: "always"
|
||||||
|
depends_on: ["consul"]
|
||||||
|
ports:
|
||||||
|
- "389:389"
|
||||||
|
volumes:
|
||||||
|
- "./config/bottin.json:/config.json"
|
||||||
|
garage:
|
||||||
|
# sync with deuxfleurs/nixcfg/cluster/prod/app/garage/deploy/garage.hcl
|
||||||
|
# to ensure compatibility with prod
|
||||||
|
image: superboum/garage:v1.0.0-rc1-hotfix-red-ftr-wquorum
|
||||||
|
ports:
|
||||||
|
- "3900:3900"
|
||||||
|
- "3902:3902"
|
||||||
|
- "3903:3903"
|
||||||
|
- "3904:3904"
|
||||||
|
volumes:
|
||||||
|
- "./config/garage.toml:/etc/garage.toml"
|
74
invite.go
74
invite.go
|
@ -21,29 +21,29 @@ import (
|
||||||
|
|
||||||
var EMAIL_REGEXP = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
|
var EMAIL_REGEXP = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
|
||||||
|
|
||||||
func checkInviterLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
|
func checkInviterLogin(w http.ResponseWriter, r *http.Request) *LoggedUser {
|
||||||
login := checkLogin(w, r)
|
user := RequireUserHtml(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
if !login.CanInvite {
|
if !user.Capabilities.CanInvite {
|
||||||
http.Error(w, "Not authorized to invite new users.", http.StatusUnauthorized)
|
http.Error(w, "Not authorized to invite new users.", http.StatusUnauthorized)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
return login
|
return user
|
||||||
}
|
}
|
||||||
|
|
||||||
// New account creation directly from interface
|
// New account creation directly from interface
|
||||||
|
|
||||||
func handleInviteNewAccount(w http.ResponseWriter, r *http.Request) {
|
func handleInviteNewAccount(w http.ResponseWriter, r *http.Request) {
|
||||||
login := checkInviterLogin(w, r)
|
user := checkInviterLogin(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
handleNewAccount(w, r, login.conn, login.Info.DN)
|
handleNewAccount(w, r, user.Login.conn, user.Login.Info.DN())
|
||||||
}
|
}
|
||||||
|
|
||||||
// New account creation using code
|
// New account creation using code
|
||||||
|
@ -52,15 +52,16 @@ func handleInvitationCode(w http.ResponseWriter, r *http.Request) {
|
||||||
code := mux.Vars(r)["code"]
|
code := mux.Vars(r)["code"]
|
||||||
code_id, code_pw := readCode(code)
|
code_id, code_pw := readCode(code)
|
||||||
|
|
||||||
l := ldapOpen(w)
|
l, err := NewLdapCon()
|
||||||
if l == nil {
|
if err != nil {
|
||||||
return
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
}
|
}
|
||||||
|
|
||||||
inviteDn := config.InvitationNameAttr + "=" + code_id + "," + config.InvitationBaseDN
|
inviteDn := config.InvitationNameAttr + "=" + code_id + "," + config.InvitationBaseDN
|
||||||
err := l.Bind(inviteDn, code_pw)
|
err = l.Bind(inviteDn, code_pw)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
templateInviteInvalidCode := template.Must(template.ParseFiles("templates/layout.html", "templates/invite_invalid_code.html"))
|
log.Println(err)
|
||||||
|
templateInviteInvalidCode := getTemplate("invite_invalid_code.html")
|
||||||
templateInviteInvalidCode.Execute(w, nil)
|
templateInviteInvalidCode.Execute(w, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -110,7 +111,7 @@ type NewAccountData struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn, invitedBy string) bool {
|
func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn, invitedBy string) bool {
|
||||||
templateInviteNewAccount := template.Must(template.ParseFiles("templates/layout.html", "templates/invite_new_account.html"))
|
templateInviteNewAccount := getTemplate("invite_new_account.html")
|
||||||
|
|
||||||
data := &NewAccountData{}
|
data := &NewAccountData{}
|
||||||
|
|
||||||
|
@ -133,9 +134,12 @@ func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn, invi
|
||||||
}
|
}
|
||||||
|
|
||||||
func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 string, invitedBy string) {
|
func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 string, invitedBy string) {
|
||||||
|
checkFailed := false
|
||||||
|
|
||||||
// Check if username is correct
|
// Check if username is correct
|
||||||
if match, err := regexp.MatchString("^[a-zA-Z0-9._-]+$", data.Username); !(err == nil && match) {
|
if match, err := regexp.MatchString("^[a-z0-9._-]+$", data.Username); !(err == nil && match) {
|
||||||
data.ErrorInvalidUsername = true
|
data.ErrorInvalidUsername = true
|
||||||
|
checkFailed = true
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if user exists
|
// Check if user exists
|
||||||
|
@ -150,22 +154,26 @@ func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 st
|
||||||
sr, err := l.Search(searchRq)
|
sr, err := l.Search(searchRq)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
data.ErrorMessage = err.Error()
|
data.ErrorMessage = err.Error()
|
||||||
return
|
checkFailed = true
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(sr.Entries) > 0 {
|
if len(sr.Entries) > 0 {
|
||||||
data.ErrorUsernameTaken = true
|
data.ErrorUsernameTaken = true
|
||||||
return
|
checkFailed = true
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check that password is long enough
|
// Check that password is long enough
|
||||||
if len(pass1) < 8 {
|
if len(pass1) < 8 {
|
||||||
data.ErrorPasswordTooShort = true
|
data.ErrorPasswordTooShort = true
|
||||||
return
|
checkFailed = true
|
||||||
}
|
}
|
||||||
|
|
||||||
if pass1 != pass2 {
|
if pass1 != pass2 {
|
||||||
data.ErrorPasswordMismatch = true
|
data.ErrorPasswordMismatch = true
|
||||||
|
checkFailed = true
|
||||||
|
}
|
||||||
|
|
||||||
|
if checkFailed {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -173,7 +181,12 @@ func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 st
|
||||||
req := ldap.NewAddRequest(userDn, nil)
|
req := ldap.NewAddRequest(userDn, nil)
|
||||||
req.Attribute("objectclass", []string{"inetOrgPerson", "organizationalPerson", "person", "top"})
|
req.Attribute("objectclass", []string{"inetOrgPerson", "organizationalPerson", "person", "top"})
|
||||||
req.Attribute("structuralobjectclass", []string{"inetOrgPerson"})
|
req.Attribute("structuralobjectclass", []string{"inetOrgPerson"})
|
||||||
req.Attribute("userpassword", []string{SSHAEncode([]byte(pass1))})
|
pw, err := SSHAEncode(pass1)
|
||||||
|
if err != nil {
|
||||||
|
data.ErrorMessage = err.Error()
|
||||||
|
return
|
||||||
|
}
|
||||||
|
req.Attribute("userpassword", []string{pw})
|
||||||
req.Attribute("invitedby", []string{invitedBy})
|
req.Attribute("invitedby", []string{invitedBy})
|
||||||
if len(data.DisplayName) > 0 {
|
if len(data.DisplayName) > 0 {
|
||||||
req.Attribute("displayname", []string{data.DisplayName})
|
req.Attribute("displayname", []string{data.DisplayName})
|
||||||
|
@ -227,10 +240,10 @@ type CodeMailFields struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleInviteSendCode(w http.ResponseWriter, r *http.Request) {
|
func handleInviteSendCode(w http.ResponseWriter, r *http.Request) {
|
||||||
templateInviteSendCode := template.Must(template.ParseFiles("templates/layout.html", "templates/invite_send_code.html"))
|
templateInviteSendCode := getTemplate("invite_send_code.html")
|
||||||
|
|
||||||
login := checkInviterLogin(w, r)
|
user := checkInviterLogin(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -245,24 +258,29 @@ func handleInviteSendCode(w http.ResponseWriter, r *http.Request) {
|
||||||
sendto := strings.Join(r.Form["sendto"], "")
|
sendto := strings.Join(r.Form["sendto"], "")
|
||||||
|
|
||||||
if choice == "display" || choice == "send" {
|
if choice == "display" || choice == "send" {
|
||||||
trySendCode(login, choice, sendto, data)
|
trySendCode(user, choice, sendto, data)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
templateInviteSendCode.Execute(w, data)
|
templateInviteSendCode.Execute(w, data)
|
||||||
}
|
}
|
||||||
|
|
||||||
func trySendCode(login *LoginStatus, choice string, sendto string, data *SendCodeData) {
|
func trySendCode(user *LoggedUser, choice string, sendto string, data *SendCodeData) {
|
||||||
// Generate code
|
// Generate code
|
||||||
code, code_id, code_pw := genCode()
|
code, code_id, code_pw := genCode()
|
||||||
|
|
||||||
// Create invitation object in database
|
// Create invitation object in database
|
||||||
inviteDn := config.InvitationNameAttr + "=" + code_id + "," + config.InvitationBaseDN
|
inviteDn := config.InvitationNameAttr + "=" + code_id + "," + config.InvitationBaseDN
|
||||||
req := ldap.NewAddRequest(inviteDn, nil)
|
req := ldap.NewAddRequest(inviteDn, nil)
|
||||||
req.Attribute("userpassword", []string{SSHAEncode([]byte(code_pw))})
|
pw, err := SSHAEncode(code_pw)
|
||||||
|
if err != nil {
|
||||||
|
data.ErrorMessage = err.Error()
|
||||||
|
return
|
||||||
|
}
|
||||||
|
req.Attribute("userpassword", []string{pw})
|
||||||
req.Attribute("objectclass", []string{"top", "invitationCode"})
|
req.Attribute("objectclass", []string{"top", "invitationCode"})
|
||||||
|
|
||||||
err := login.conn.Add(req)
|
err = user.Login.conn.Add(req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
data.ErrorMessage = err.Error()
|
data.ErrorMessage = err.Error()
|
||||||
return
|
return
|
||||||
|
@ -281,12 +299,12 @@ func trySendCode(login *LoginStatus, choice string, sendto string, data *SendCod
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
templateMail := template.Must(template.ParseFiles("templates/invite_mail.txt"))
|
templateMail := template.Must(template.ParseFiles(templatePath + "/invite_mail.txt"))
|
||||||
buf := bytes.NewBuffer([]byte{})
|
buf := bytes.NewBuffer([]byte{})
|
||||||
templateMail.Execute(buf, &CodeMailFields{
|
templateMail.Execute(buf, &CodeMailFields{
|
||||||
To: sendto,
|
To: sendto,
|
||||||
From: config.MailFrom,
|
From: config.MailFrom,
|
||||||
InviteFrom: login.WelcomeName(),
|
InviteFrom: user.WelcomeName(),
|
||||||
Code: code,
|
Code: code,
|
||||||
WebBaseAddress: config.WebAddress,
|
WebBaseAddress: config.WebAddress,
|
||||||
})
|
})
|
||||||
|
|
298
login.go
Normal file
298
login.go
Normal file
|
@ -0,0 +1,298 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/tls"
|
||||||
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
|
||||||
|
"github.com/go-ldap/ldap/v3"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
ErrNotAuthenticatedSession = fmt.Errorf("User has no session")
|
||||||
|
ErrNotAuthenticatedBasic = fmt.Errorf("User has not sent Authentication Basic information")
|
||||||
|
ErrNotAuthenticated = fmt.Errorf("User is not authenticated")
|
||||||
|
ErrWrongLDAPCredentials = fmt.Errorf("LDAP credentials are wrong")
|
||||||
|
ErrLDAPServerUnreachable = fmt.Errorf("Unable to open the LDAP server")
|
||||||
|
ErrLDAPSearchInternalError = fmt.Errorf("LDAP Search of this user failed with an internal error")
|
||||||
|
ErrLDAPSearchNotFound = fmt.Errorf("User is authenticated but its associated data can not be found during search")
|
||||||
|
)
|
||||||
|
|
||||||
|
// --- Login Info ---
|
||||||
|
type LoginInfo struct {
|
||||||
|
Username string
|
||||||
|
Password string
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewLoginInfoFromSession(r *http.Request) (*LoginInfo, error) {
|
||||||
|
session, err := store.Get(r, SESSION_NAME)
|
||||||
|
if err == nil {
|
||||||
|
username, ok_user := session.Values["login_username"]
|
||||||
|
password, ok_pwd := session.Values["login_password"]
|
||||||
|
|
||||||
|
if ok_user && ok_pwd {
|
||||||
|
loginInfo := &LoginInfo{
|
||||||
|
Username: username.(string),
|
||||||
|
Password: password.(string),
|
||||||
|
}
|
||||||
|
return loginInfo, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil, errors.Join(ErrNotAuthenticatedSession, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewLoginInfoFromBasicAuth(r *http.Request) (*LoginInfo, error) {
|
||||||
|
username, password, ok := r.BasicAuth()
|
||||||
|
if ok {
|
||||||
|
login_info := &LoginInfo{
|
||||||
|
Username: username,
|
||||||
|
Password: password,
|
||||||
|
}
|
||||||
|
|
||||||
|
return login_info, nil
|
||||||
|
}
|
||||||
|
return nil, ErrNotAuthenticatedBasic
|
||||||
|
}
|
||||||
|
|
||||||
|
func (li *LoginInfo) DN() string {
|
||||||
|
user_dn := fmt.Sprintf("%s=%s,%s", config.UserNameAttr, li.Username, config.UserBaseDN)
|
||||||
|
if strings.EqualFold(li.Username, config.AdminAccount) {
|
||||||
|
user_dn = li.Username
|
||||||
|
}
|
||||||
|
|
||||||
|
return user_dn
|
||||||
|
}
|
||||||
|
|
||||||
|
// --- Login Status ---
|
||||||
|
type LoginStatus struct {
|
||||||
|
Info *LoginInfo
|
||||||
|
conn *ldap.Conn
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewLoginStatus(r *http.Request, login_info *LoginInfo) (*LoginStatus, error) {
|
||||||
|
l, err := NewLdapCon()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
err = l.Bind(login_info.DN(), login_info.Password)
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.Join(ErrWrongLDAPCredentials, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
loginStatus := &LoginStatus{
|
||||||
|
Info: login_info,
|
||||||
|
conn: l,
|
||||||
|
}
|
||||||
|
return loginStatus, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewLdapCon() (*ldap.Conn, error) {
|
||||||
|
l, err := ldap.DialURL(config.LdapServerAddr)
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.Join(ErrLDAPServerUnreachable, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if config.LdapTLS {
|
||||||
|
err = l.StartTLS(&tls.Config{InsecureSkipVerify: true})
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.Join(ErrLDAPServerUnreachable, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return l, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// --- Capabilities ---
|
||||||
|
type Capabilities struct {
|
||||||
|
CanAdmin bool
|
||||||
|
CanInvite bool
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewCapabilities(login *LoginStatus, entry *ldap.Entry) *Capabilities {
|
||||||
|
// Initialize
|
||||||
|
canAdmin := false
|
||||||
|
canInvite := false
|
||||||
|
|
||||||
|
// Special case for the "admin" account that is de-facto admin
|
||||||
|
canAdmin = strings.EqualFold(login.Info.DN(), config.AdminAccount)
|
||||||
|
|
||||||
|
// Check if this account is part of a group that give capabilities
|
||||||
|
for _, attr := range entry.Attributes {
|
||||||
|
if strings.EqualFold(attr.Name, "memberof") {
|
||||||
|
for _, group := range attr.Values {
|
||||||
|
if config.GroupCanInvite != "" && strings.EqualFold(group, config.GroupCanInvite) {
|
||||||
|
canInvite = true
|
||||||
|
}
|
||||||
|
if config.GroupCanAdmin != "" && strings.EqualFold(group, config.GroupCanAdmin) {
|
||||||
|
canAdmin = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return &Capabilities{
|
||||||
|
CanAdmin: canAdmin,
|
||||||
|
CanInvite: canInvite,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// --- Logged User ---
|
||||||
|
type LoggedUser struct {
|
||||||
|
Username string
|
||||||
|
Login *LoginStatus
|
||||||
|
Entry *ldap.Entry
|
||||||
|
Capabilities *Capabilities
|
||||||
|
Quota *UserQuota
|
||||||
|
s3key *garage.KeyInfo
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewLoggedUser(login *LoginStatus) (*LoggedUser, error) {
|
||||||
|
requestKind := "(objectClass=organizationalPerson)"
|
||||||
|
if strings.EqualFold(login.Info.DN(), config.AdminAccount) {
|
||||||
|
requestKind = "(objectclass=*)"
|
||||||
|
}
|
||||||
|
|
||||||
|
searchRequest := ldap.NewSearchRequest(
|
||||||
|
login.Info.DN(),
|
||||||
|
ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false,
|
||||||
|
requestKind,
|
||||||
|
[]string{
|
||||||
|
"dn",
|
||||||
|
"displayname",
|
||||||
|
"givenname",
|
||||||
|
"sn",
|
||||||
|
"mail",
|
||||||
|
"memberof",
|
||||||
|
"description",
|
||||||
|
"garage_s3_access_key",
|
||||||
|
FIELD_NAME_DIRECTORY_VISIBILITY,
|
||||||
|
FIELD_NAME_PROFILE_PICTURE,
|
||||||
|
FIELD_QUOTA_WEBSITE_SIZE_BURSTED,
|
||||||
|
FIELD_QUOTA_WEBSITE_COUNT,
|
||||||
|
},
|
||||||
|
nil)
|
||||||
|
|
||||||
|
sr, err := login.conn.Search(searchRequest)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrLDAPSearchInternalError
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(sr.Entries) != 1 {
|
||||||
|
return nil, ErrLDAPSearchNotFound
|
||||||
|
}
|
||||||
|
entry := sr.Entries[0]
|
||||||
|
|
||||||
|
username := login.Info.Username
|
||||||
|
lu := &LoggedUser{
|
||||||
|
Username: username,
|
||||||
|
Login: login,
|
||||||
|
Entry: entry,
|
||||||
|
Capabilities: NewCapabilities(login, entry),
|
||||||
|
Quota: NewUserQuotaFromEntry(entry),
|
||||||
|
}
|
||||||
|
return lu, nil
|
||||||
|
}
|
||||||
|
func (lu *LoggedUser) WelcomeName() string {
|
||||||
|
ret := lu.Entry.GetAttributeValue("givenname")
|
||||||
|
if ret == "" {
|
||||||
|
ret = lu.Entry.GetAttributeValue("displayname")
|
||||||
|
}
|
||||||
|
if ret == "" {
|
||||||
|
ret = lu.Login.Info.Username
|
||||||
|
}
|
||||||
|
return ret
|
||||||
|
}
|
||||||
|
|
||||||
|
func (lu *LoggedUser) S3KeyInfo() (*garage.KeyInfo, error) {
|
||||||
|
var err error
|
||||||
|
var keyPair *garage.KeyInfo
|
||||||
|
|
||||||
|
if lu.s3key == nil {
|
||||||
|
keyID := lu.Entry.GetAttributeValue("garage_s3_access_key")
|
||||||
|
if keyID == "" {
|
||||||
|
// If there is no S3Key in LDAP, generate it...
|
||||||
|
keyPair, err = grgCreateKey(lu.Username)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
modify_request := ldap.NewModifyRequest(lu.Login.Info.DN(), nil)
|
||||||
|
modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId})
|
||||||
|
// @FIXME compatibility feature for bagage (SFTP+webdav)
|
||||||
|
// you can remove it once bagage will be updated to fetch the key from garage directly
|
||||||
|
// or when bottin will be able to dynamically fetch it.
|
||||||
|
modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey.Get()})
|
||||||
|
err = lu.Login.conn.Modify(modify_request)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// There is an S3 key in LDAP, fetch its descriptor...
|
||||||
|
keyPair, err = grgGetKey(keyID)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Cache the keypair...
|
||||||
|
lu.s3key = keyPair
|
||||||
|
}
|
||||||
|
|
||||||
|
return lu.s3key, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// --- Require User Check
|
||||||
|
func RequireUser(r *http.Request) (*LoggedUser, error) {
|
||||||
|
var login_info *LoginInfo
|
||||||
|
|
||||||
|
if li, err := NewLoginInfoFromSession(r); err == nil {
|
||||||
|
login_info = li
|
||||||
|
} else if li, err := NewLoginInfoFromBasicAuth(r); err == nil {
|
||||||
|
login_info = li
|
||||||
|
} else {
|
||||||
|
return nil, ErrNotAuthenticated
|
||||||
|
}
|
||||||
|
|
||||||
|
loginStatus, err := NewLoginStatus(r, login_info)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return NewLoggedUser(loginStatus)
|
||||||
|
}
|
||||||
|
|
||||||
|
func RequireUserHtml(w http.ResponseWriter, r *http.Request) *LoggedUser {
|
||||||
|
user, err := RequireUser(r)
|
||||||
|
|
||||||
|
if errors.Is(err, ErrNotAuthenticated) || errors.Is(err, ErrWrongLDAPCredentials) {
|
||||||
|
http.Redirect(w, r, "/login", http.StatusFound)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return user
|
||||||
|
}
|
||||||
|
|
||||||
|
func RequireUserApi(w http.ResponseWriter, r *http.Request) *LoggedUser {
|
||||||
|
user, err := RequireUser(r)
|
||||||
|
|
||||||
|
if errors.Is(err, ErrNotAuthenticated) || errors.Is(err, ErrWrongLDAPCredentials) {
|
||||||
|
http.Error(w, err.Error(), http.StatusUnauthorized)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return user
|
||||||
|
}
|
251
main.go
251
main.go
|
@ -2,10 +2,8 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/tls"
|
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"flag"
|
"flag"
|
||||||
"fmt"
|
|
||||||
"html/template"
|
"html/template"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
|
@ -29,6 +27,10 @@ type ConfigFile struct {
|
||||||
GroupBaseDN string `json:"group_base_dn"`
|
GroupBaseDN string `json:"group_base_dn"`
|
||||||
GroupNameAttr string `json:"group_name_attr"`
|
GroupNameAttr string `json:"group_name_attr"`
|
||||||
|
|
||||||
|
MailingBaseDN string `json:"mailing_list_base_dn"`
|
||||||
|
MailingNameAttr string `json:"mailing_list_name_attr"`
|
||||||
|
MailingGuestsBaseDN string `json:"mailing_list_guest_user_base_dn"`
|
||||||
|
|
||||||
InvitationBaseDN string `json:"invitation_base_dn"`
|
InvitationBaseDN string `json:"invitation_base_dn"`
|
||||||
InvitationNameAttr string `json:"invitation_name_attr"`
|
InvitationNameAttr string `json:"invitation_name_attr"`
|
||||||
InvitedMailFormat string `json:"invited_mail_format"`
|
InvitedMailFormat string `json:"invited_mail_format"`
|
||||||
|
@ -44,6 +46,9 @@ type ConfigFile struct {
|
||||||
GroupCanInvite string `json:"group_can_invite"`
|
GroupCanInvite string `json:"group_can_invite"`
|
||||||
GroupCanAdmin string `json:"group_can_admin"`
|
GroupCanAdmin string `json:"group_can_admin"`
|
||||||
|
|
||||||
|
S3AdminEndpoint string `json:"s3_admin_endpoint"`
|
||||||
|
S3AdminToken string `json:"s3_admin_token"`
|
||||||
|
|
||||||
S3Endpoint string `json:"s3_endpoint"`
|
S3Endpoint string `json:"s3_endpoint"`
|
||||||
S3AccessKey string `json:"s3_access_key"`
|
S3AccessKey string `json:"s3_access_key"`
|
||||||
S3SecretKey string `json:"s3_secret_key"`
|
S3SecretKey string `json:"s3_secret_key"`
|
||||||
|
@ -51,12 +56,16 @@ type ConfigFile struct {
|
||||||
S3Bucket string `json:"s3_bucket"`
|
S3Bucket string `json:"s3_bucket"`
|
||||||
}
|
}
|
||||||
|
|
||||||
var configFlag = flag.String("config", "./config.json", "Configuration file path")
|
var fsServer = flag.NewFlagSet("server", flag.ContinueOnError)
|
||||||
|
var configFlag = fsServer.String("config", "./config.json", "Configuration file path")
|
||||||
|
|
||||||
var config *ConfigFile
|
var config *ConfigFile
|
||||||
|
|
||||||
const SESSION_NAME = "guichet_session"
|
const SESSION_NAME = "guichet_session"
|
||||||
|
|
||||||
|
var staticPath = "./static"
|
||||||
|
var templatePath = "./templates"
|
||||||
|
|
||||||
var store sessions.Store = nil
|
var store sessions.Store = nil
|
||||||
|
|
||||||
func readConfig() ConfigFile {
|
func readConfig() ConfigFile {
|
||||||
|
@ -94,9 +103,35 @@ func readConfig() ConfigFile {
|
||||||
return config_file
|
return config_file
|
||||||
}
|
}
|
||||||
|
|
||||||
func main() {
|
func getTemplate(name string) *template.Template {
|
||||||
flag.Parse()
|
return template.Must(template.New("layout.html").Funcs(template.FuncMap{
|
||||||
|
"contains": strings.Contains,
|
||||||
|
}).ParseFiles(
|
||||||
|
templatePath+"/layout.html",
|
||||||
|
templatePath+"/"+name,
|
||||||
|
))
|
||||||
|
}
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
if len(os.Args) < 2 {
|
||||||
|
server(os.Args[1:])
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
switch os.Args[1] {
|
||||||
|
case "cli":
|
||||||
|
cliMain(os.Args[2:])
|
||||||
|
case "server":
|
||||||
|
server(os.Args[2:])
|
||||||
|
default:
|
||||||
|
log.Println("Usage: guichet [server|cli] --help")
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func server(args []string) {
|
||||||
|
log.Println("Starting Guichet Server")
|
||||||
|
fsServer.Parse(args)
|
||||||
config_file := readConfig()
|
config_file := readConfig()
|
||||||
config = &config_file
|
config = &config_file
|
||||||
|
|
||||||
|
@ -109,8 +144,12 @@ func main() {
|
||||||
|
|
||||||
r := mux.NewRouter()
|
r := mux.NewRouter()
|
||||||
r.HandleFunc("/", handleHome)
|
r.HandleFunc("/", handleHome)
|
||||||
|
r.HandleFunc("/login", handleLogin)
|
||||||
r.HandleFunc("/logout", handleLogout)
|
r.HandleFunc("/logout", handleLogout)
|
||||||
|
|
||||||
|
r.HandleFunc("/api/unstable/website", handleAPIWebsiteList)
|
||||||
|
r.HandleFunc("/api/unstable/website/{bucket}", handleAPIWebsiteInspect)
|
||||||
|
|
||||||
r.HandleFunc("/profile", handleProfile)
|
r.HandleFunc("/profile", handleProfile)
|
||||||
r.HandleFunc("/passwd", handlePasswd)
|
r.HandleFunc("/passwd", handlePasswd)
|
||||||
r.HandleFunc("/picture/{name}", handleDownloadPicture)
|
r.HandleFunc("/picture/{name}", handleDownloadPicture)
|
||||||
|
@ -118,16 +157,23 @@ func main() {
|
||||||
r.HandleFunc("/directory/search", handleDirectorySearch)
|
r.HandleFunc("/directory/search", handleDirectorySearch)
|
||||||
r.HandleFunc("/directory", handleDirectory)
|
r.HandleFunc("/directory", handleDirectory)
|
||||||
|
|
||||||
|
r.HandleFunc("/website", handleWebsiteList)
|
||||||
|
r.HandleFunc("/website/new", handleWebsiteNew)
|
||||||
|
r.HandleFunc("/website/inspect/{bucket}", handleWebsiteInspect)
|
||||||
|
r.HandleFunc("/website/vhost/{bucket}", handleWebsiteVhost)
|
||||||
|
|
||||||
r.HandleFunc("/invite/new_account", handleInviteNewAccount)
|
r.HandleFunc("/invite/new_account", handleInviteNewAccount)
|
||||||
r.HandleFunc("/invite/send_code", handleInviteSendCode)
|
r.HandleFunc("/invite/send_code", handleInviteSendCode)
|
||||||
r.HandleFunc("/invitation/{code}", handleInvitationCode)
|
r.HandleFunc("/invitation/{code}", handleInvitationCode)
|
||||||
|
|
||||||
r.HandleFunc("/admin/users", handleAdminUsers)
|
r.HandleFunc("/admin/users", handleAdminUsers)
|
||||||
r.HandleFunc("/admin/groups", handleAdminGroups)
|
r.HandleFunc("/admin/groups", handleAdminGroups)
|
||||||
|
r.HandleFunc("/admin/mailing", handleAdminMailing)
|
||||||
|
r.HandleFunc("/admin/mailing/{id}", handleAdminMailingList)
|
||||||
r.HandleFunc("/admin/ldap/{dn}", handleAdminLDAP)
|
r.HandleFunc("/admin/ldap/{dn}", handleAdminLDAP)
|
||||||
r.HandleFunc("/admin/create/{template}/{super_dn}", handleAdminCreate)
|
r.HandleFunc("/admin/create/{template}/{super_dn}", handleAdminCreate)
|
||||||
|
|
||||||
staticfiles := http.FileServer(http.Dir("static"))
|
staticfiles := http.FileServer(http.Dir(staticPath))
|
||||||
r.Handle("/static/{file:.*}", http.StripPrefix("/static/", staticfiles))
|
r.Handle("/static/{file:.*}", http.StripPrefix("/static/", staticfiles))
|
||||||
|
|
||||||
log.Printf("Starting HTTP server on %s", config.HttpBindAddr)
|
log.Printf("Starting HTTP server on %s", config.HttpBindAddr)
|
||||||
|
@ -137,31 +183,6 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
type LoginInfo struct {
|
|
||||||
Username string
|
|
||||||
DN string
|
|
||||||
Password string
|
|
||||||
}
|
|
||||||
|
|
||||||
type LoginStatus struct {
|
|
||||||
Info *LoginInfo
|
|
||||||
conn *ldap.Conn
|
|
||||||
UserEntry *ldap.Entry
|
|
||||||
CanAdmin bool
|
|
||||||
CanInvite bool
|
|
||||||
}
|
|
||||||
|
|
||||||
func (login *LoginStatus) WelcomeName() string {
|
|
||||||
ret := login.UserEntry.GetAttributeValue("givenname")
|
|
||||||
if ret == "" {
|
|
||||||
ret = login.UserEntry.GetAttributeValue("displayname")
|
|
||||||
}
|
|
||||||
if ret == "" {
|
|
||||||
ret = login.Info.Username
|
|
||||||
}
|
|
||||||
return ret
|
|
||||||
}
|
|
||||||
|
|
||||||
func logRequest(handler http.Handler) http.Handler {
|
func logRequest(handler http.Handler) http.Handler {
|
||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
log.Printf("%s %s %s\n", r.RemoteAddr, r.Method, r.URL)
|
log.Printf("%s %s %s\n", r.RemoteAddr, r.Method, r.URL)
|
||||||
|
@ -169,148 +190,31 @@ func logRequest(handler http.Handler) http.Handler {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func checkLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
|
|
||||||
var login_info *LoginInfo
|
|
||||||
|
|
||||||
session, err := store.Get(r, SESSION_NAME)
|
|
||||||
if err == nil {
|
|
||||||
username, ok := session.Values["login_username"]
|
|
||||||
password, ok2 := session.Values["login_password"]
|
|
||||||
user_dn, ok3 := session.Values["login_dn"]
|
|
||||||
|
|
||||||
if ok && ok2 && ok3 {
|
|
||||||
login_info = &LoginInfo{
|
|
||||||
DN: user_dn.(string),
|
|
||||||
Username: username.(string),
|
|
||||||
Password: password.(string),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if login_info == nil {
|
|
||||||
login_info = handleLogin(w, r)
|
|
||||||
if login_info == nil {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
l := ldapOpen(w)
|
|
||||||
if l == nil {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
err = l.Bind(login_info.DN, login_info.Password)
|
|
||||||
if err != nil {
|
|
||||||
delete(session.Values, "login_username")
|
|
||||||
delete(session.Values, "login_password")
|
|
||||||
delete(session.Values, "login_dn")
|
|
||||||
|
|
||||||
err = session.Save(r, w)
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
return checkLogin(w, r)
|
|
||||||
}
|
|
||||||
|
|
||||||
loginStatus := &LoginStatus{
|
|
||||||
Info: login_info,
|
|
||||||
conn: l,
|
|
||||||
}
|
|
||||||
|
|
||||||
requestKind := "(objectClass=organizationalPerson)"
|
|
||||||
if strings.EqualFold(login_info.DN, config.AdminAccount) {
|
|
||||||
requestKind = "(objectclass=*)"
|
|
||||||
}
|
|
||||||
searchRequest := ldap.NewSearchRequest(
|
|
||||||
login_info.DN,
|
|
||||||
ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false,
|
|
||||||
requestKind,
|
|
||||||
[]string{
|
|
||||||
"dn",
|
|
||||||
"displayname",
|
|
||||||
"givenname",
|
|
||||||
"sn",
|
|
||||||
"mail",
|
|
||||||
"memberof",
|
|
||||||
"description",
|
|
||||||
FIELD_NAME_DIRECTORY_VISIBILITY,
|
|
||||||
FIELD_NAME_PROFILE_PICTURE,
|
|
||||||
},
|
|
||||||
nil)
|
|
||||||
|
|
||||||
sr, err := l.Search(searchRequest)
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(sr.Entries) != 1 {
|
|
||||||
http.Error(w, fmt.Sprintf("Unable to find entry for %s", login_info.DN), http.StatusInternalServerError)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
loginStatus.UserEntry = sr.Entries[0]
|
|
||||||
|
|
||||||
loginStatus.CanAdmin = strings.EqualFold(loginStatus.Info.DN, config.AdminAccount)
|
|
||||||
loginStatus.CanInvite = false
|
|
||||||
for _, attr := range loginStatus.UserEntry.Attributes {
|
|
||||||
if strings.EqualFold(attr.Name, "memberof") {
|
|
||||||
for _, group := range attr.Values {
|
|
||||||
if config.GroupCanInvite != "" && strings.EqualFold(group, config.GroupCanInvite) {
|
|
||||||
loginStatus.CanInvite = true
|
|
||||||
}
|
|
||||||
if config.GroupCanAdmin != "" && strings.EqualFold(group, config.GroupCanAdmin) {
|
|
||||||
loginStatus.CanAdmin = true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return loginStatus
|
|
||||||
}
|
|
||||||
|
|
||||||
func ldapOpen(w http.ResponseWriter) *ldap.Conn {
|
|
||||||
l, err := ldap.DialURL(config.LdapServerAddr)
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
if config.LdapTLS {
|
|
||||||
err = l.StartTLS(&tls.Config{InsecureSkipVerify: true})
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return l
|
|
||||||
}
|
|
||||||
|
|
||||||
// Page handlers ----
|
// Page handlers ----
|
||||||
|
|
||||||
|
// --- Home Controller
|
||||||
type HomePageData struct {
|
type HomePageData struct {
|
||||||
Login *LoginStatus
|
User *LoggedUser
|
||||||
BaseDN string
|
BaseDN string
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleHome(w http.ResponseWriter, r *http.Request) {
|
func handleHome(w http.ResponseWriter, r *http.Request) {
|
||||||
templateHome := template.Must(template.ParseFiles("templates/layout.html", "templates/home.html"))
|
templateHome := getTemplate("home.html")
|
||||||
|
|
||||||
login := checkLogin(w, r)
|
user := RequireUserHtml(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
data := &HomePageData{
|
data := &HomePageData{
|
||||||
Login: login,
|
User: user,
|
||||||
BaseDN: config.BaseDN,
|
BaseDN: config.BaseDN,
|
||||||
}
|
}
|
||||||
|
|
||||||
templateHome.Execute(w, data)
|
templateHome.Execute(w, data)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// --- Logout Controller
|
||||||
func handleLogout(w http.ResponseWriter, r *http.Request) {
|
func handleLogout(w http.ResponseWriter, r *http.Request) {
|
||||||
session, err := store.Get(r, SESSION_NAME)
|
session, err := store.Get(r, SESSION_NAME)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -327,9 +231,10 @@ func handleLogout(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
http.Redirect(w, r, "/", http.StatusFound)
|
http.Redirect(w, r, "/login", http.StatusFound)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// --- Login Controller ---
|
||||||
type LoginFormData struct {
|
type LoginFormData struct {
|
||||||
Username string
|
Username string
|
||||||
WrongUser bool
|
WrongUser bool
|
||||||
|
@ -337,28 +242,26 @@ type LoginFormData struct {
|
||||||
ErrorMessage string
|
ErrorMessage string
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
func handleLogin(w http.ResponseWriter, r *http.Request) {
|
||||||
templateLogin := template.Must(template.ParseFiles("templates/layout.html", "templates/login.html"))
|
templateLogin := getTemplate("login.html")
|
||||||
|
|
||||||
if r.Method == "GET" {
|
if r.Method == "GET" {
|
||||||
templateLogin.Execute(w, LoginFormData{})
|
templateLogin.Execute(w, LoginFormData{})
|
||||||
return nil
|
return
|
||||||
} else if r.Method == "POST" {
|
} else if r.Method == "POST" {
|
||||||
r.ParseForm()
|
r.ParseForm()
|
||||||
|
|
||||||
username := strings.Join(r.Form["username"], "")
|
username := strings.Join(r.Form["username"], "")
|
||||||
password := strings.Join(r.Form["password"], "")
|
password := strings.Join(r.Form["password"], "")
|
||||||
user_dn := fmt.Sprintf("%s=%s,%s", config.UserNameAttr, username, config.UserBaseDN)
|
loginInfo := LoginInfo{username, password}
|
||||||
if strings.EqualFold(username, config.AdminAccount) {
|
|
||||||
user_dn = username
|
l, err := NewLdapCon()
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
l := ldapOpen(w)
|
err = l.Bind(loginInfo.DN(), loginInfo.Password)
|
||||||
if l == nil {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
err := l.Bind(user_dn, password)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
data := &LoginFormData{
|
data := &LoginFormData{
|
||||||
Username: username,
|
Username: username,
|
||||||
|
@ -371,7 +274,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
||||||
data.ErrorMessage = err.Error()
|
data.ErrorMessage = err.Error()
|
||||||
}
|
}
|
||||||
templateLogin.Execute(w, data)
|
templateLogin.Execute(w, data)
|
||||||
return nil
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Successfully logged in, save it to session
|
// Successfully logged in, save it to session
|
||||||
|
@ -382,21 +285,15 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
||||||
|
|
||||||
session.Values["login_username"] = username
|
session.Values["login_username"] = username
|
||||||
session.Values["login_password"] = password
|
session.Values["login_password"] = password
|
||||||
session.Values["login_dn"] = user_dn
|
|
||||||
|
|
||||||
err = session.Save(r, w)
|
err = session.Save(r, w)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return nil
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
return &LoginInfo{
|
http.Redirect(w, r, "/", http.StatusFound)
|
||||||
DN: user_dn,
|
|
||||||
Username: username,
|
|
||||||
Password: password,
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
http.Error(w, "Unsupported method", http.StatusBadRequest)
|
http.Error(w, "Unsupported method", http.StatusBadRequest)
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
12
picture.go
12
picture.go
|
@ -43,8 +43,8 @@ func newMinioClient() (*minio.Client, error) {
|
||||||
return minioCLient, nil
|
return minioCLient, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
//Upload image through guichet server.
|
// Upload image through guichet server.
|
||||||
func uploadProfilePicture(w http.ResponseWriter, r *http.Request, login *LoginStatus) (string, error) {
|
func uploadProfilePicture(w http.ResponseWriter, r *http.Request, user *LoggedUser) (string, error) {
|
||||||
file, _, err := r.FormFile("image")
|
file, _, err := r.FormFile("image")
|
||||||
|
|
||||||
if err == http.ErrMissingFile {
|
if err == http.ErrMissingFile {
|
||||||
|
@ -74,7 +74,7 @@ func uploadProfilePicture(w http.ResponseWriter, r *http.Request, login *LoginSt
|
||||||
|
|
||||||
// If a previous profile picture existed, delete it
|
// If a previous profile picture existed, delete it
|
||||||
// (don't care about errors)
|
// (don't care about errors)
|
||||||
if nameConsul := login.UserEntry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE); nameConsul != "" {
|
if nameConsul := user.Entry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE); nameConsul != "" {
|
||||||
mc.RemoveObject(context.Background(), config.S3Bucket, nameConsul, minio.RemoveObjectOptions{})
|
mc.RemoveObject(context.Background(), config.S3Bucket, nameConsul, minio.RemoveObjectOptions{})
|
||||||
mc.RemoveObject(context.Background(), config.S3Bucket, nameConsul+"-thumb", minio.RemoveObjectOptions{})
|
mc.RemoveObject(context.Background(), config.S3Bucket, nameConsul+"-thumb", minio.RemoveObjectOptions{})
|
||||||
}
|
}
|
||||||
|
@ -144,9 +144,9 @@ func resizePicture(file multipart.File, buffFull, buffThumb *bytes.Buffer) error
|
||||||
func handleDownloadPicture(w http.ResponseWriter, r *http.Request) {
|
func handleDownloadPicture(w http.ResponseWriter, r *http.Request) {
|
||||||
name := mux.Vars(r)["name"]
|
name := mux.Vars(r)["name"]
|
||||||
|
|
||||||
//Check login
|
// Get user
|
||||||
login := checkLogin(w, r)
|
user := RequireUserHtml(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
52
profile.go
52
profile.go
|
@ -1,7 +1,6 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"html/template"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
@ -9,7 +8,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type ProfileTplData struct {
|
type ProfileTplData struct {
|
||||||
Status *LoginStatus
|
User *LoggedUser
|
||||||
ErrorMessage string
|
ErrorMessage string
|
||||||
Success bool
|
Success bool
|
||||||
Mail string
|
Mail string
|
||||||
|
@ -22,26 +21,26 @@ type ProfileTplData struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleProfile(w http.ResponseWriter, r *http.Request) {
|
func handleProfile(w http.ResponseWriter, r *http.Request) {
|
||||||
templateProfile := template.Must(template.ParseFiles("templates/layout.html", "templates/profile.html"))
|
templateProfile := getTemplate("profile.html")
|
||||||
|
|
||||||
login := checkLogin(w, r)
|
user := RequireUserHtml(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
data := &ProfileTplData{
|
data := &ProfileTplData{
|
||||||
Status: login,
|
User: user,
|
||||||
ErrorMessage: "",
|
ErrorMessage: "",
|
||||||
Success: false,
|
Success: false,
|
||||||
}
|
}
|
||||||
|
|
||||||
data.Mail = login.UserEntry.GetAttributeValue("mail")
|
data.Mail = user.Entry.GetAttributeValue("mail")
|
||||||
data.DisplayName = login.UserEntry.GetAttributeValue("displayname")
|
data.DisplayName = user.Entry.GetAttributeValue("displayname")
|
||||||
data.GivenName = login.UserEntry.GetAttributeValue("givenname")
|
data.GivenName = user.Entry.GetAttributeValue("givenname")
|
||||||
data.Surname = login.UserEntry.GetAttributeValue("sn")
|
data.Surname = user.Entry.GetAttributeValue("sn")
|
||||||
data.Visibility = login.UserEntry.GetAttributeValue(FIELD_NAME_DIRECTORY_VISIBILITY)
|
data.Visibility = user.Entry.GetAttributeValue(FIELD_NAME_DIRECTORY_VISIBILITY)
|
||||||
data.Description = login.UserEntry.GetAttributeValue("description")
|
data.Description = user.Entry.GetAttributeValue("description")
|
||||||
data.ProfilePicture = login.UserEntry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE)
|
data.ProfilePicture = user.Entry.GetAttributeValue(FIELD_NAME_PROFILE_PICTURE)
|
||||||
|
|
||||||
if r.Method == "POST" {
|
if r.Method == "POST" {
|
||||||
//5MB maximum size files
|
//5MB maximum size files
|
||||||
|
@ -57,7 +56,7 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
data.Visibility = visible
|
data.Visibility = visible
|
||||||
|
|
||||||
profilePicture, err := uploadProfilePicture(w, r, login)
|
profilePicture, err := uploadProfilePicture(w, r, user)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
data.ErrorMessage = err.Error()
|
data.ErrorMessage = err.Error()
|
||||||
}
|
}
|
||||||
|
@ -66,7 +65,7 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
|
||||||
data.ProfilePicture = profilePicture
|
data.ProfilePicture = profilePicture
|
||||||
}
|
}
|
||||||
|
|
||||||
modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
|
modify_request := ldap.NewModifyRequest(user.Login.Info.DN(), nil)
|
||||||
modify_request.Replace("displayname", []string{data.DisplayName})
|
modify_request.Replace("displayname", []string{data.DisplayName})
|
||||||
modify_request.Replace("givenname", []string{data.GivenName})
|
modify_request.Replace("givenname", []string{data.GivenName})
|
||||||
modify_request.Replace("sn", []string{data.Surname})
|
modify_request.Replace("sn", []string{data.Surname})
|
||||||
|
@ -76,7 +75,7 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
|
||||||
modify_request.Replace(FIELD_NAME_PROFILE_PICTURE, []string{data.ProfilePicture})
|
modify_request.Replace(FIELD_NAME_PROFILE_PICTURE, []string{data.ProfilePicture})
|
||||||
}
|
}
|
||||||
|
|
||||||
err = login.conn.Modify(modify_request)
|
err = user.Login.conn.Modify(modify_request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
data.ErrorMessage = err.Error()
|
data.ErrorMessage = err.Error()
|
||||||
} else {
|
} else {
|
||||||
|
@ -89,7 +88,7 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
type PasswdTplData struct {
|
type PasswdTplData struct {
|
||||||
Status *LoginStatus
|
User *LoggedUser
|
||||||
ErrorMessage string
|
ErrorMessage string
|
||||||
TooShortError bool
|
TooShortError bool
|
||||||
NoMatchError bool
|
NoMatchError bool
|
||||||
|
@ -97,15 +96,15 @@ type PasswdTplData struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func handlePasswd(w http.ResponseWriter, r *http.Request) {
|
func handlePasswd(w http.ResponseWriter, r *http.Request) {
|
||||||
templatePasswd := template.Must(template.ParseFiles("templates/layout.html", "templates/passwd.html"))
|
templatePasswd := getTemplate("passwd.html")
|
||||||
|
|
||||||
login := checkLogin(w, r)
|
user := RequireUserHtml(w, r)
|
||||||
if login == nil {
|
if user == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
data := &PasswdTplData{
|
data := &PasswdTplData{
|
||||||
Status: login,
|
User: user,
|
||||||
ErrorMessage: "",
|
ErrorMessage: "",
|
||||||
Success: false,
|
Success: false,
|
||||||
}
|
}
|
||||||
|
@ -121,14 +120,19 @@ func handlePasswd(w http.ResponseWriter, r *http.Request) {
|
||||||
} else if password2 != password {
|
} else if password2 != password {
|
||||||
data.NoMatchError = true
|
data.NoMatchError = true
|
||||||
} else {
|
} else {
|
||||||
modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
|
modify_request := ldap.NewModifyRequest(user.Login.Info.DN(), nil)
|
||||||
modify_request.Replace("userpassword", []string{SSHAEncode([]byte(password))})
|
pw, err := SSHAEncode(password)
|
||||||
err := login.conn.Modify(modify_request)
|
if err == nil {
|
||||||
|
modify_request.Replace("userpassword", []string{pw})
|
||||||
|
err := user.Login.conn.Modify(modify_request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
data.ErrorMessage = err.Error()
|
data.ErrorMessage = err.Error()
|
||||||
} else {
|
} else {
|
||||||
data.Success = true
|
data.Success = true
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
data.ErrorMessage = err.Error()
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
151
quotas.go
Normal file
151
quotas.go
Normal file
|
@ -0,0 +1,151 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"strconv"
|
||||||
|
|
||||||
|
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
|
||||||
|
"github.com/go-ldap/ldap/v3"
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
// --- Default Quota Values ---
|
||||||
|
QUOTA_WEBSITE_SIZE_DEFAULT = 1024 * 1024 * 50 // 50MB
|
||||||
|
QUOTA_WEBSITE_SIZE_BURSTED = 1024 * 1024 * 200 // 200MB
|
||||||
|
QUOTA_WEBSITE_OBJECTS = 10000 // 10k objects
|
||||||
|
QUOTA_WEBSITE_COUNT = 5 // 5 buckets
|
||||||
|
|
||||||
|
// --- Per-user overridable fields ---
|
||||||
|
FIELD_QUOTA_WEBSITE_SIZE_BURSTED = "quota_website_size_bursted"
|
||||||
|
FIELD_QUOTA_WEBSITE_COUNT = "quota_website_count"
|
||||||
|
)
|
||||||
|
|
||||||
|
type UserQuota struct {
|
||||||
|
WebsiteCount int64
|
||||||
|
WebsiteSizeDefault int64
|
||||||
|
WebsiteSizeBursted int64
|
||||||
|
WebsiteObjects int64
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewUserQuota() *UserQuota {
|
||||||
|
return &UserQuota{
|
||||||
|
WebsiteCount: QUOTA_WEBSITE_COUNT,
|
||||||
|
WebsiteSizeDefault: QUOTA_WEBSITE_SIZE_DEFAULT,
|
||||||
|
WebsiteSizeBursted: QUOTA_WEBSITE_SIZE_BURSTED,
|
||||||
|
WebsiteObjects: QUOTA_WEBSITE_OBJECTS,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var (
|
||||||
|
ErrQuotaEmpty = fmt.Errorf("No quota is defined for this entry")
|
||||||
|
ErrQuotaInvalid = fmt.Errorf("The defined quota can't be parsed")
|
||||||
|
)
|
||||||
|
|
||||||
|
func entryToQuota(entry *ldap.Entry, field string) (int64, error) {
|
||||||
|
f := entry.GetAttributeValue(field)
|
||||||
|
if f == "" {
|
||||||
|
return -1, ErrQuotaEmpty
|
||||||
|
}
|
||||||
|
|
||||||
|
q, err := strconv.ParseInt(f, 10, 64)
|
||||||
|
if err != nil {
|
||||||
|
return -1, errors.Join(ErrQuotaInvalid, err)
|
||||||
|
}
|
||||||
|
return q, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewUserQuotaFromEntry(entry *ldap.Entry) *UserQuota {
|
||||||
|
quotas := NewUserQuota()
|
||||||
|
|
||||||
|
if q, err := entryToQuota(entry, FIELD_QUOTA_WEBSITE_COUNT); err == nil {
|
||||||
|
quotas.WebsiteCount = q
|
||||||
|
}
|
||||||
|
|
||||||
|
if q, err := entryToQuota(entry, FIELD_QUOTA_WEBSITE_SIZE_BURSTED); err == nil {
|
||||||
|
quotas.WebsiteSizeBursted = q
|
||||||
|
}
|
||||||
|
|
||||||
|
return quotas
|
||||||
|
}
|
||||||
|
|
||||||
|
func (q *UserQuota) DefaultWebsiteQuota() *garage.UpdateBucketRequestQuotas {
|
||||||
|
qr := garage.NewUpdateBucketRequestQuotas()
|
||||||
|
|
||||||
|
qr.SetMaxSize(q.WebsiteSizeDefault)
|
||||||
|
qr.SetMaxObjects(q.WebsiteSizeBursted)
|
||||||
|
|
||||||
|
return qr
|
||||||
|
}
|
||||||
|
|
||||||
|
func (q *UserQuota) WebsiteSizeAdjust(sz int64) int64 {
|
||||||
|
if sz < q.WebsiteSizeDefault {
|
||||||
|
return q.WebsiteSizeDefault
|
||||||
|
} else if sz > q.WebsiteSizeBursted {
|
||||||
|
return q.WebsiteSizeBursted
|
||||||
|
} else {
|
||||||
|
return sz
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (q *UserQuota) WebsiteObjectAdjust(objs int64) int64 {
|
||||||
|
if objs > q.WebsiteObjects || objs <= 0 {
|
||||||
|
return q.WebsiteObjects
|
||||||
|
} else {
|
||||||
|
return objs
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (q *UserQuota) WebsiteSizeBurstedPretty() string {
|
||||||
|
return prettyValue(q.WebsiteSizeBursted)
|
||||||
|
}
|
||||||
|
|
||||||
|
// --- A quota stat we can use
|
||||||
|
type QuotaStat struct {
|
||||||
|
Current int64 `json:"current"`
|
||||||
|
Max int64 `json:"max"`
|
||||||
|
Ratio float64 `json:"ratio"`
|
||||||
|
Burstable bool `json:"burstable"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewQuotaStat(current, max int64, burstable bool) QuotaStat {
|
||||||
|
return QuotaStat{
|
||||||
|
Current: current,
|
||||||
|
Max: max,
|
||||||
|
Ratio: float64(current) / float64(max),
|
||||||
|
Burstable: burstable,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
func (q *QuotaStat) IsFull() bool {
|
||||||
|
return q.Current >= q.Max
|
||||||
|
}
|
||||||
|
func (q *QuotaStat) Percent() int64 {
|
||||||
|
return int64(q.Ratio * 100)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (q *QuotaStat) PrettyCurrent() string {
|
||||||
|
return prettyValue(q.Current)
|
||||||
|
}
|
||||||
|
func (q *QuotaStat) PrettyMax() string {
|
||||||
|
return prettyValue(q.Max)
|
||||||
|
}
|
||||||
|
|
||||||
|
func prettyValue(v int64) string {
|
||||||
|
if v < 1024 {
|
||||||
|
return fmt.Sprintf("%d octets", v)
|
||||||
|
}
|
||||||
|
v = v / 1024
|
||||||
|
if v < 1024 {
|
||||||
|
return fmt.Sprintf("%d kio", v)
|
||||||
|
}
|
||||||
|
v = v / 1024
|
||||||
|
if v < 1024 {
|
||||||
|
return fmt.Sprintf("%d Mio", v)
|
||||||
|
}
|
||||||
|
v = v / 1024
|
||||||
|
if v < 1024 {
|
||||||
|
return fmt.Sprintf("%d Gio", v)
|
||||||
|
}
|
||||||
|
v = v / 1024
|
||||||
|
return fmt.Sprintf("%d Tio", v)
|
||||||
|
}
|
33
ssha.go
33
ssha.go
|
@ -1,37 +1,10 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/rand"
|
"github.com/jsimonetti/pwscheme/ssha512"
|
||||||
"crypto/sha1"
|
|
||||||
"encoding/base64"
|
|
||||||
"fmt"
|
|
||||||
|
|
||||||
log "github.com/sirupsen/logrus"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// Encode encodes the []byte of raw password
|
// Encode encodes the []byte of raw password
|
||||||
func SSHAEncode(rawPassPhrase []byte) string {
|
func SSHAEncode(rawPassPhrase string) (string, error) {
|
||||||
hash := makeSSHAHash(rawPassPhrase, makeSalt())
|
return ssha512.Generate(rawPassPhrase, 16)
|
||||||
b64 := base64.StdEncoding.EncodeToString(hash)
|
|
||||||
return fmt.Sprintf("{ssha}%s", b64)
|
|
||||||
}
|
|
||||||
|
|
||||||
// makeSalt make a 32 byte array containing random bytes.
|
|
||||||
func makeSalt() []byte {
|
|
||||||
sbytes := make([]byte, 32)
|
|
||||||
_, err := rand.Read(sbytes)
|
|
||||||
if err != nil {
|
|
||||||
log.Panicf("Could not read random bytes: %s", err)
|
|
||||||
}
|
|
||||||
return sbytes
|
|
||||||
}
|
|
||||||
|
|
||||||
// makeSSHAHash make hasing using SHA-1 with salt. This is not the final output though. You need to append {SSHA} string with base64 of this hash.
|
|
||||||
func makeSSHAHash(passphrase, salt []byte) []byte {
|
|
||||||
sha := sha1.New()
|
|
||||||
sha.Write(passphrase)
|
|
||||||
sha.Write(salt)
|
|
||||||
|
|
||||||
h := sha.Sum(nil)
|
|
||||||
return append(h, salt...)
|
|
||||||
}
|
}
|
||||||
|
|
10
static/css/bootstrap.min.css
vendored
10
static/css/bootstrap.min.css
vendored
File diff suppressed because one or more lines are too long
7
static/javascript/bootstrap.bundle.min.js
vendored
Normal file
7
static/javascript/bootstrap.bundle.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
2
static/javascript/jquery.slim.min.js
vendored
Normal file
2
static/javascript/jquery.slim.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
|
@ -30,33 +30,40 @@
|
||||||
<input type="text" disabled="true" class="form-control" value="{{ .SuperDN }}" />
|
<input type="text" disabled="true" class="form-control" value="{{ .SuperDN }}" />
|
||||||
</div>
|
</div>
|
||||||
-->
|
-->
|
||||||
|
{{if eq .Template "ml"}}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="idvalue">Identifiant:</label>
|
<label for="idvalue">Adresse complète de la mailing list :</label>
|
||||||
|
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" placeholder="example@deuxfleurs.fr" />
|
||||||
|
</div>
|
||||||
|
{{else}}
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="idvalue">Identifiant :</label>
|
||||||
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" />
|
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" />
|
||||||
</div>
|
</div>
|
||||||
|
{{end}}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="idtype">Type d'identifiant:</label>
|
<label for="idtype">Type d'identifiant :</label>
|
||||||
<input type="text" {{if .Template}}disabled="disabled"{{end}} id="idtype" name="idtype" class="form-control" value="{{ .IdType }}" />
|
<input type="text" {{if .Template}}disabled="disabled"{{end}} id="idtype" name="idtype" class="form-control" value="{{ .IdType }}" />
|
||||||
</div>
|
</div>
|
||||||
{{ if eq .Template "user" }}
|
{{ if eq .Template "user" }}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="displayname">Nom:</label>
|
<label for="displayname">Nom :</label>
|
||||||
<input type="text" id="displayname" name="displayname" class="form-control" value="{{ .DisplayName }}" />
|
<input type="text" id="displayname" name="displayname" class="form-control" value="{{ .DisplayName }}" />
|
||||||
</div>
|
</div>
|
||||||
<input type="hidden" name="description" value="" />
|
<input type="hidden" name="description" value="" />
|
||||||
{{ else }}
|
{{ else }}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="description">Description:</label>
|
<label for="description">Description :</label>
|
||||||
<input type="text" id="description" name="description" class="form-control" value="{{ .Description }}" />
|
<input type="text" id="description" name="description" class="form-control" value="{{ .Description }}" />
|
||||||
</div>
|
</div>
|
||||||
<input type="hidden" name="displayname" value="" />
|
<input type="hidden" name="displayname" value="" />
|
||||||
{{ end }}
|
{{ end }}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="soc">StructuralObjectClass:</label>
|
<label for="soc">StructuralObjectClass :</label>
|
||||||
<input type="text" {{if .Template}}disabled="disabled"{{end}} id="soc" name="soc" class="form-control" value="{{ .StructuralObjectClass }}" />
|
<input type="text" {{if .Template}}disabled="disabled"{{end}} id="soc" name="soc" class="form-control" value="{{ .StructuralObjectClass }}" />
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="oc">ObjectClass:</label>
|
<label for="oc">ObjectClass :</label>
|
||||||
<textarea rows="5" {{if .Template}}disabled="disabled"{{end}} id="oc" name="oc" class="form-control">{{ .ObjectClass }}</textarea>
|
<textarea rows="5" {{if .Template}}disabled="disabled"{{end}} id="oc" name="oc" class="form-control">{{ .ObjectClass }}</textarea>
|
||||||
</div>
|
</div>
|
||||||
<button type="submit" class="btn btn-primary">Créer l'objet</button>
|
<button type="submit" class="btn btn-primary">Créer l'objet</button>
|
||||||
|
|
|
@ -8,6 +8,11 @@
|
||||||
<a class="ml-4 btn btn-info" href="/">Menu principal</a>
|
<a class="ml-4 btn btn-info" href="/">Menu principal</a>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div class="alert alert-warning mt-4">
|
||||||
|
Les groupes servent uniquement à contrôler l'accès à différentes fonctionalités de Deuxfleurs.
|
||||||
|
Ce ne sont pas des <a href="/admin/mailing">mailing lists</a>.
|
||||||
|
</div>
|
||||||
|
|
||||||
<table class="table mt-4">
|
<table class="table mt-4">
|
||||||
<thead>
|
<thead>
|
||||||
<th scope="col">Identifiant</th>
|
<th scope="col">Identifiant</th>
|
||||||
|
|
|
@ -23,7 +23,17 @@
|
||||||
|
|
||||||
<table class="table mt-4">
|
<table class="table mt-4">
|
||||||
<tbody>
|
<tbody>
|
||||||
{{range .Children}}
|
{{range .ChildrenOU}}
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
<a href="/admin/ldap/{{.DN}}">
|
||||||
|
🗀 {{.Identifier}}
|
||||||
|
</a>
|
||||||
|
</td>
|
||||||
|
<td>{{.Name}}</td>
|
||||||
|
</tr>
|
||||||
|
{{end}}
|
||||||
|
{{range .ChildrenOther}}
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<a href="/admin/ldap/{{.DN}}">
|
<a href="/admin/ldap/{{.DN}}">
|
||||||
|
@ -94,8 +104,12 @@
|
||||||
<div class="col-md-3"><strong>{{$key}}</strong></div>
|
<div class="col-md-3"><strong>{{$key}}</strong></div>
|
||||||
<div class="col-md-9">
|
<div class="col-md-9">
|
||||||
{{range $value.Values}}
|
{{range $value.Values}}
|
||||||
|
{{if eq $key "creatorsname" "modifiersname" }}
|
||||||
|
<div><a href="/admin/ldap/{{.}}">{{.}}</a></div>
|
||||||
|
{{else}}
|
||||||
<div>{{.}}</div>
|
<div>{{.}}</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
{{end}}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
32
templates/admin_mailing.html
Normal file
32
templates/admin_mailing.html
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
{{define "title"}}Mailing lists |{{end}}
|
||||||
|
|
||||||
|
{{define "body"}}
|
||||||
|
|
||||||
|
<div class="d-flex">
|
||||||
|
<h4>Mailing lists</h4>
|
||||||
|
<a class="ml-auto btn btn-success" href="/admin/create/ml/{{.MailingBaseDN}}">Nouvelle mailing list</a>
|
||||||
|
<a class="ml-4 btn btn-info" href="/">Menu principal</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<table class="table mt-4">
|
||||||
|
<thead>
|
||||||
|
<th scope="col">Adresse</th>
|
||||||
|
<th scope="col">Description</th>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
{{with $root := .}}
|
||||||
|
{{range $ml := $root.MailingLists}}
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
<a href="/admin/mailing/{{$ml.GetAttributeValue $root.MailingNameAttr}}">
|
||||||
|
{{$ml.GetAttributeValue $root.MailingNameAttr}}
|
||||||
|
</a>
|
||||||
|
</td>
|
||||||
|
<td>{{$ml.GetAttributeValue "description"}}</td>
|
||||||
|
</tr>
|
||||||
|
{{end}}
|
||||||
|
{{end}}
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
{{end}}
|
117
templates/admin_mailing_list.html
Normal file
117
templates/admin_mailing_list.html
Normal file
|
@ -0,0 +1,117 @@
|
||||||
|
{{define "title"}}ML {{.MailingList.GetAttributeValue .MailingNameAttr}} |{{end}}
|
||||||
|
|
||||||
|
{{define "body"}}
|
||||||
|
|
||||||
|
<div class="d-flex">
|
||||||
|
<h4>ML {{.MailingList.GetAttributeValue .MailingNameAttr}}
|
||||||
|
<a class="ml-auto btn btn-sm btn-dark" href="/admin/ldap/{{.MailingList.DN}}">Vue avancée</a>
|
||||||
|
</h4>
|
||||||
|
<a class="ml-auto btn btn-dark" href="/admin/mailing">Liste des ML</a>
|
||||||
|
<a class="ml-4 btn btn-info" href="/">Menu principal</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{{if .Success}}
|
||||||
|
<div class="alert alert-success mt-2">Modification enregistrée.</div>
|
||||||
|
{{end}}
|
||||||
|
{{if .Error}}
|
||||||
|
<div class="alert alert-danger mt-2">
|
||||||
|
Impossible d'effectuer la modification.
|
||||||
|
<div style="font-size: 0.8em">{{.Error}}</div>
|
||||||
|
</div>
|
||||||
|
{{end}}
|
||||||
|
|
||||||
|
{{with $desc := .MailingList.GetAttributeValue "description"}}{{if $desc}}
|
||||||
|
<p class="mt-4">{{$desc}}</p>
|
||||||
|
{{end}}{{end}}
|
||||||
|
|
||||||
|
<table class="table mt-4">
|
||||||
|
<thead>
|
||||||
|
<th scope="col">Adresse</th>
|
||||||
|
<th scope="col">Nom</th>
|
||||||
|
<th scope="col" style="width: 6em"></th>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
{{with $root := .}}
|
||||||
|
{{range $member := $root.Members}}
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
<a href="/admin/ldap/{{$member.DN}}">
|
||||||
|
{{$member.GetAttributeValue "mail"}}
|
||||||
|
</a>
|
||||||
|
</td>
|
||||||
|
<td>{{$member.GetAttributeValue "displayname"}}</td>
|
||||||
|
<td>
|
||||||
|
<form method="POST" onsubmit="return confirm('Supprimer de la ML ?');">
|
||||||
|
<input type="hidden" name="action" value="delete-member" />
|
||||||
|
<input type="hidden" name="member" value="{{.DN}}" />
|
||||||
|
<input type="submit" value="Suppr" class="form-control btn btn-danger btn-sm" />
|
||||||
|
</form>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
{{end}}
|
||||||
|
{{end}}
|
||||||
|
{{if not .Members}}
|
||||||
|
<tr><td>(aucun abonné)</td></tr>
|
||||||
|
{{end}}
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
<hr class="mt-4" />
|
||||||
|
<h5 class="mt-4">Ajouter un destinataire</h5>
|
||||||
|
|
||||||
|
<div class="container">
|
||||||
|
<form method="POST">
|
||||||
|
<input type="hidden" name="action" value="add-member" />
|
||||||
|
<div class="row mt-4">
|
||||||
|
<div class="col-md-3"><strong>Utilisateur existant :</strong> </div>
|
||||||
|
<div class="col-md-5">
|
||||||
|
<input class="form-control" type="text" list="users" name="member" placeholder="Utilisateur..." />
|
||||||
|
<datalist id="users">
|
||||||
|
{{range .PossibleNewMembers}}
|
||||||
|
{{if .GetAttributeValue "mail"}}
|
||||||
|
<option value="{{.DN}}">{{if .GetAttributeValue "displayname"}}{{.GetAttributeValue "displayname"}} ({{.GetAttributeValue "mail" }}){{else}}{{.GetAttributeValue "mail"}}{{end}}</option>
|
||||||
|
{{end}}
|
||||||
|
{{end}}
|
||||||
|
</datalist>
|
||||||
|
</div>
|
||||||
|
<div class="col-md-2">
|
||||||
|
<input type="submit" value="Ajouter" class="form-control btn btn-success btn-sm" />
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
{{if .AllowGuest}}
|
||||||
|
<div class="row mt-4">
|
||||||
|
<div class="col-md-10">OU</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<form method="POST">
|
||||||
|
<input type="hidden" name="action" value="add-external" />
|
||||||
|
<div class="row mt-4">
|
||||||
|
<div class="col-md-3"><strong>E-mail :</strong></div>
|
||||||
|
<div class="col-md-5">
|
||||||
|
<input class="form-control" type="text" name="mail" placeholder="machin@truc.net..." />
|
||||||
|
</div>
|
||||||
|
<div class="col-md-2">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="row mt-4">
|
||||||
|
<div class="col-md-3"><strong>Nom (optionnel) :</strong></div>
|
||||||
|
<div class="col-md-5">
|
||||||
|
<input class="form-control" type="text" name="displayname" placeholder="Machin Truc..." />
|
||||||
|
</div>
|
||||||
|
<div class="col-md-2">
|
||||||
|
<input type="submit" value="Ajouter" class="form-control btn btn-success btn-sm" />
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="row">
|
||||||
|
<small class="form-text text-muted col-md-10">
|
||||||
|
Si un utilisateur existe déjà avec l'email spécifiée, celui-ci sera ajouté à la liste.
|
||||||
|
Sinon, un utilisateur invité sera créé.
|
||||||
|
</small>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
{{end}}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{{end}}
|
72
templates/garage_website_edit.html
Normal file
72
templates/garage_website_edit.html
Normal file
|
@ -0,0 +1,72 @@
|
||||||
|
{{define "title"}}Créer un site web |{{end}}
|
||||||
|
|
||||||
|
{{define "body"}}
|
||||||
|
<div class="d-flex">
|
||||||
|
<h4>Modifier le nom de domaine</h4>
|
||||||
|
<a class="ml-auto btn btn-link" href="/website/configure">Mes identifiants</a>
|
||||||
|
<a class="ml-4 btn btn-info" href="/website">Mes sites webs</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="row mt-3">
|
||||||
|
<div class="col-md-12">
|
||||||
|
{{if .Err}}
|
||||||
|
<div class="alert alert-danger">{{ .Err.Error }}</div>
|
||||||
|
{{end}}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<ul class="nav nav-tabs" id="proto" role="tablist">
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link active" id="dnsint-tab" data-toggle="tab" href="#dnsint" role="tab" aria-controls="dnsint" aria-selected="true">Je n'ai pas de nom de domaine</a>
|
||||||
|
</li>
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link" id="dnsext-tab" data-toggle="tab" href="#dnsext" role="tab" aria-controls="dnsext" aria-selected="false">Utiliser mon propre nom de domaine</a>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<div class="tab-content" id="protocols">
|
||||||
|
|
||||||
|
<div class="tab-pane fade show active" id="dnsint" role="tabpanel" aria-labelledby="dnsint-tab">
|
||||||
|
<form method="POST" class="mt-4">
|
||||||
|
<div class="form-row">
|
||||||
|
<div class="form-group col-md-6">
|
||||||
|
<label for="bucket">Sous-domaine désiré :</label>
|
||||||
|
<input type="text" id="bucket" name="bucket" placeholder="mon-site" class="form-control" value="" onkeyup="document.getElementById('url').value = `https://${document.getElementById('bucket').value}.web.deuxfleurs.fr`" />
|
||||||
|
</div>
|
||||||
|
<div class="form-group col-md-6">
|
||||||
|
<label for="url">Votre site sera accessible à l'URL suivante :</label>
|
||||||
|
<input type="text" id="url" disabled="true" name="url" class="form-control" value="https://mon-site.web.deuxfleurs.fr" />
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="mt-4">
|
||||||
|
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
|
||||||
|
</div>
|
||||||
|
<button type="submit" class="btn btn-primary">Modifier le nom de domaine</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
<div class="tab-pane fade show" id="dnsext" role="tabpanel" aria-labelledby="dnsext-tab">
|
||||||
|
<form method="POST" class="mt-4">
|
||||||
|
<div class="form-row">
|
||||||
|
<div class="form-group col-md-6">
|
||||||
|
<label for="bucket2">Votre nom de domaine :</label>
|
||||||
|
<input type="text" id="bucket2" name="bucket2" placeholder="example.com" class="form-control" value="" onkeyup="document.getElementById('url2').value = `https://${document.getElementById('bucket2').value}`" />
|
||||||
|
</div>
|
||||||
|
<div class="form-group col-md-6">
|
||||||
|
<label for="url2">Votre site sera accessible à l'URL suivante :</label>
|
||||||
|
<input type="text" id="url2" disabled="true" name="url2" class="form-control" value="https://example.com" />
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div>
|
||||||
|
<p>Vous devez éditer votre zone DNS, souvent gérée par votre bureau d'enregistrement, comme Gandi, pour la faire pointer vers Deuxfleurs. Si vous utilisez un sous domaine (eg. <code>site.example.com</code>), une entrée <code>CNAME</code> est appropriée :</p>
|
||||||
|
<pre>site CNAME 3600 garage.deuxfleurs.fr.</pre>
|
||||||
|
<p>Si vous utilisez la racine de votre nom de domaine (eg. <code>example.com</code>, aussi appelée APEX), la solution dépend de votre fournisseur DNS, il vous faudra au choix une entrée <code>ALIAS</code> ou <code>CNAME</code> en fonction de ce que votre fournisseur supporte :</p>
|
||||||
|
<pre>@ ALIAS 3600 garage.deuxfleurs.fr.</pre>
|
||||||
|
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
|
||||||
|
</div>
|
||||||
|
<div class="mt-4">
|
||||||
|
<button type="submit" class="btn btn-primary">Modifier le nom de domaine</button>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{{end}}
|
355
templates/garage_website_inspect.html
Normal file
355
templates/garage_website_inspect.html
Normal file
|
@ -0,0 +1,355 @@
|
||||||
|
{{define "title"}}Inspecter le site web |{{end}}
|
||||||
|
|
||||||
|
{{define "body"}}
|
||||||
|
<div class="d-flex">
|
||||||
|
<!--<h4>Inspecter les sites webs</h4>-->
|
||||||
|
<a class="ml-auto btn btn-link" href="/website/configure">Mes identifiants</a>
|
||||||
|
<a class="ml-4 btn btn-info" href="/">Menu principal</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
{{ if .Err }}
|
||||||
|
<div class="col-md-12 mt-3">
|
||||||
|
<div class="alert alert-danger">{{ .Err.Error }}</div>
|
||||||
|
</div>
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
|
<div class="col-md-3 mt-3">
|
||||||
|
<a class="btn btn-primary btn-block" href="/website/new">
|
||||||
|
<svg id="i-plus" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 32 32" width="18" height="18" fill="none" stroke="currentcolor" stroke-linecap="round" stroke-linejoin="round" stroke-width="6">
|
||||||
|
<path d="M16 2 L16 30 M2 16 L30 16" />
|
||||||
|
</svg>
|
||||||
|
<span class="ml-1">Nouveau site web</span>
|
||||||
|
</a>
|
||||||
|
|
||||||
|
<div class="list-group mt-3">
|
||||||
|
{{ $view := .View }}
|
||||||
|
{{ range $wid := .Describe.Websites }}
|
||||||
|
{{ if eq $wid.Internal $view.Name.Internal }}
|
||||||
|
<a href="/website/inspect/{{ $wid.Pretty }}" class="list-group-item list-group-item-action active">
|
||||||
|
{{ $wid.Url }}
|
||||||
|
</a>
|
||||||
|
{{ else }}
|
||||||
|
<a href="/website/inspect/{{ $wid.Pretty }}" class="list-group-item list-group-item-action">
|
||||||
|
{{ $wid.Url }}
|
||||||
|
</a>
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<p class="text-center mt-2">
|
||||||
|
{{ .Describe.AllowedWebsites.Current }} sites créés sur {{ .Describe.AllowedWebsites.Max }}<br/>
|
||||||
|
Jusqu'à {{ .Describe.BurstBucketQuotaSize }} par site web
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
<div class="col-md-9">
|
||||||
|
<h2>{{ .View.Name.Url }}</h2>
|
||||||
|
|
||||||
|
<!-- QUOTAS -->
|
||||||
|
|
||||||
|
<h5 class="mt-3">Quotas</h5>
|
||||||
|
<div class="progress mt-3">
|
||||||
|
<div class="progress-bar" role="progressbar" aria-valuenow="{{ .View.Size.Current }}" aria-valuemin="0" aria-valuemax="{{ .View.Size.Max }}" style="width: {{ .View.Size.Percent }}%; min-width: 2em;">
|
||||||
|
{{ .View.Size.Percent }}%
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<p class="text-center">
|
||||||
|
{{ .View.Size.PrettyCurrent }} utilisé sur un maximum de {{ .View.Size.PrettyMax }}
|
||||||
|
{{ if gt .View.Files.Ratio 0.5 }}
|
||||||
|
<br>{{ .View.Files.Current }} fichiers sur un maximum de {{ .View.Files.Max }}
|
||||||
|
{{ end }}
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<!-- ACTIONS -->
|
||||||
|
<h5 class="mt-3">Actions</h5>
|
||||||
|
<form action="" method="post">
|
||||||
|
<div class="btn-group" role="group" aria-label="Actions sur le site web">
|
||||||
|
<button class="btn btn-secondary" name="action" value="increase_quota">Augmenter le quota</button>
|
||||||
|
<button class="btn btn-secondary" name="action" value="rotate_key">Rotation de la clé</button>
|
||||||
|
<a class="btn btn-secondary" href="/website/vhost/{{ .View.Name.Pretty }}">Changer le nom de domaine</a>
|
||||||
|
<button class="btn btn-danger" name="action" value="delete_bucket">Supprimer</button>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
|
||||||
|
<!-- INFO -->
|
||||||
|
<h5 class="mt-3">Informations de connexion</h5>
|
||||||
|
<ul class="nav nav-tabs" id="proto" role="tablist">
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link active" id="s3-tab" data-toggle="tab" href="#s3" role="tab" aria-controls="s3" aria-selected="true">S3 (recommandé)</a>
|
||||||
|
</li>
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link" id="sftp-tab" data-toggle="tab" href="#sftp" role="tab" aria-controls="sftp" aria-selected="false">SFTP</a>
|
||||||
|
</li>
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link" id="dav-tab" data-toggle="tab" href="#dav" role="tab" aria-controls="dav" aria-selected="false">WebDAV</a>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<div class="tab-content" id="protocols">
|
||||||
|
<div class="tab-pane fade show active" id="s3" role="tabpanel" aria-labelledby="s3-tab">
|
||||||
|
<table class="table mt-4">
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<th scope="row" class="col-md-2">Identifiant de clé</th>
|
||||||
|
<td>{{ .View.AccessKeyId }}</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Clé secrète</th>
|
||||||
|
<td>
|
||||||
|
<a href="#" onclick="document.getElementById('secret_key').style.display='inline'; this.style.display='none'">[Afficher la clé secrète]</a>
|
||||||
|
<span id="secret_key" style="display: none">{{ .View.SecretAccessKey }}</span>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Région</th>
|
||||||
|
<td>garage</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Endpoint URL</th>
|
||||||
|
<td>https://garage.deuxfleurs.fr</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Type d'URL</th>
|
||||||
|
<td>DNS et chemin (préférer chemin)</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Signature</th>
|
||||||
|
<td>Version 4</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
<p>Configurer votre logiciel :</p>
|
||||||
|
|
||||||
|
<div class="accordion" id="softconfig">
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-header" id="awscli-title">
|
||||||
|
<h2 class="mb-0">
|
||||||
|
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#awscli" aria-expanded="false" aria-controls="awscli">
|
||||||
|
awscli (tout générateur de site statique)
|
||||||
|
</button>
|
||||||
|
</h2>
|
||||||
|
</div>
|
||||||
|
<div id="awscli" class="collapse show" aria-labelledby="awscli-title" data-parent="#softconfig">
|
||||||
|
<div class="card-body">
|
||||||
|
<p>Lancez la commande :</p>
|
||||||
|
<pre>aws --profile {{ .View.Name.Pretty }} configure</pre>
|
||||||
|
|
||||||
|
<p>Entrez les informations suivantes quand elles vous sont demandées :</p>
|
||||||
|
<dl>
|
||||||
|
<dt>AWS Access Key ID [None]:</dt><dd>{{ .View.AccessKeyId }}</dd>
|
||||||
|
<dt>AWS Secret Access Key [None]:</dt><dd><a href="#" onclick="document.getElementById('aws_secret_key').style.display='inline'; this.style.display='none'">[Afficher la clé secrète]</a><span id="aws_secret_key" style="display: none">{{ .View.SecretAccessKey }}</span></dd>
|
||||||
|
<dt>Default region name [None]:</dt> <dd>garage</dd>
|
||||||
|
<dt>Default output format [None]:</dt> <dd>(laissez vide et appuyez sur entrée)</dd>
|
||||||
|
</dl>
|
||||||
|
|
||||||
|
<p>Finalisez la configuration :</p>
|
||||||
|
<pre>aws --profile {{ .View.Name.Pretty }} configure set endpoint_url https://garage.deuxfleurs.fr</pre>
|
||||||
|
|
||||||
|
|
||||||
|
<p>Pour déployer votre dossier local <code>public</code> lancez :</p>
|
||||||
|
<pre>
|
||||||
|
aws --profile {{ .View.Name.Pretty }} s3 sync ./public s3://{{ .View.Name.Pretty }}
|
||||||
|
</pre>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-header" id="minio-title">
|
||||||
|
<h2 class="mb-0">
|
||||||
|
<button class="btn btn-link btn-block text-left" type="button" data-toggle="collapse" data-target="#minio" aria-expanded="true" aria-controls="minio">
|
||||||
|
Minio CLI (tout générateur de site statique)
|
||||||
|
</button>
|
||||||
|
</h2>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id="minio" class="collapse" aria-labelledby="minio-title" data-parent="#softconfig">
|
||||||
|
<div class="card-body">
|
||||||
|
<p>Vous pouvez configurer Minio CLI avec cette commande :</p>
|
||||||
|
<pre>
|
||||||
|
mc alias set \
|
||||||
|
{{ .View.Name.Pretty }} \
|
||||||
|
https://garage.deuxfleurs.fr \
|
||||||
|
{{ .View.AccessKeyId }} \
|
||||||
|
<a href="#" onclick="document.getElementById('minio_secret_key').style.display='inline'; this.style.display='none'">[Afficher la clé secrète]</a><span id="minio_secret_key" style="display: none">{{ .View.SecretAccessKey }}</span> \
|
||||||
|
--api S3v4
|
||||||
|
</pre>
|
||||||
|
<p>Et ensuite copiez votre site web avec la sous-commande mirror de Minio CLI :</p>
|
||||||
|
<pre>
|
||||||
|
mc mirror --overwrite ./public/ {{ .View.Name.Pretty }}/
|
||||||
|
</pre>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-header" id="hugo-title">
|
||||||
|
<h2 class="mb-0">
|
||||||
|
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#hugo" aria-expanded="false" aria-controls="hugo">
|
||||||
|
Hugo
|
||||||
|
</button>
|
||||||
|
</h2>
|
||||||
|
</div>
|
||||||
|
<div id="hugo" class="collapse" aria-labelledby="hugo-title" data-parent="#softconfig">
|
||||||
|
<div class="card-body">
|
||||||
|
<p>Créez un fichier nommé <code>.deployment.secrets</code> (ne commitez pas ce fichier dans votre dépôt !) :</p>
|
||||||
|
<pre>
|
||||||
|
export AWS_ACCESS_KEY_ID={{ .View.AccessKeyId }}
|
||||||
|
export AWS_SECRET_ACCESS_KEY=<a href="#" onclick="document.getElementById('ugo_secret_key').style.display='inline'; this.style.display='none'">[Afficher la clé secrète]</a><span id="hugo_secret_key" style="display: none">{{ .View.SecretAccessKey }}</span>
|
||||||
|
</pre>
|
||||||
|
<p>Dans votre fichier de configuration Hugo <code>config.toml</code> (que vous pouvez commiter), rajoutez :</p>
|
||||||
|
<pre>
|
||||||
|
[[deployment.targets]]
|
||||||
|
URL = "s3://bucket?endpoint=garage.deuxfleurs.fr&s3ForcePathStyle=true&region=garage"
|
||||||
|
</pre>
|
||||||
|
|
||||||
|
<p>Pour déployer, sourcez le fichier de configuration et laissez hugo faire : </p>
|
||||||
|
<pre>
|
||||||
|
source .deployment.secrets
|
||||||
|
hugo deploy
|
||||||
|
</pre>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="tab-pane fade" id="sftp" role="tabpanel" aria-labelledby="sftp-tab">
|
||||||
|
<br>
|
||||||
|
<div class="alert alert-danger" role="alert">
|
||||||
|
N'automatisez pas votre déploiement en SFTP car vous risqueriez de faire fuiter votre mot de passe.<br>
|
||||||
|
Pour toute forme d'automatisation, préférez le protocole S3.
|
||||||
|
</div>
|
||||||
|
<div class="alert alert-warning" role="alert">
|
||||||
|
L'algorithme de clé utilisé par le serveur est désactivé par défaut sur les clients SSH récents.<br>
|
||||||
|
Vous devez rajouter l'option -oHostKeyAlgorithms=+ssh-rsa pour vous connecter.
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<table class="table mt-4">
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Nom d'utilisateur-ice</th>
|
||||||
|
<td>{{ .Describe.Username }}</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Mot de passe</th>
|
||||||
|
<td>(votre mot de passe guichet)</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Hôte</th>
|
||||||
|
<td>sftp://sftp.deuxfleurs.fr</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Port</th>
|
||||||
|
<td>2222</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<p>Configurez votre logiciel :</p>
|
||||||
|
|
||||||
|
<div class="accordion" id="softconfig2">
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-header" id="scp-title">
|
||||||
|
<h2 class="mb-0">
|
||||||
|
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#filezilla" aria-expanded="false" aria-controls="filezilla">
|
||||||
|
scp
|
||||||
|
</button>
|
||||||
|
</h2>
|
||||||
|
</div>
|
||||||
|
<div id="filezilla" class="collapse show" aria-labelledby="scp-title" data-parent="#softconfig2">
|
||||||
|
<div class="card-body">
|
||||||
|
<p>Déployer le dossier local <em>public</em> sur le site web {{ .View.Name.Pretty }} :</p>
|
||||||
|
<pre>
|
||||||
|
scp -oHostKeyAlgorithms=+ssh-rsa -P2222 -r ./public {{ .Describe.Username }}@sftp.deuxfleurs.fr:{{ .View.Name.Pretty }}/
|
||||||
|
</pre>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-header" id="filezilla-title">
|
||||||
|
<h2 class="mb-0">
|
||||||
|
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#filezilla" aria-expanded="false" aria-controls="filezilla">
|
||||||
|
Filezilla
|
||||||
|
</button>
|
||||||
|
</h2>
|
||||||
|
</div>
|
||||||
|
<div id="filezilla" class="collapse" aria-labelledby="filezilla-title" data-parent="#softconfig2">
|
||||||
|
<div class="card-body">
|
||||||
|
<p>Dans la barre de connexion rapide du haut, entrez :</p>
|
||||||
|
<dl>
|
||||||
|
<dt>Hôte</dt> <dd>sftp://sftp.deuxfleurs.fr</dd>
|
||||||
|
<dt>Nom d'utilisateur</dt> <dd>{{ .Describe.Username }}</dd>
|
||||||
|
<dt>Mot de passe</dt> <dd>(votre mot de passe guichet)</dd>
|
||||||
|
<dt>Port</dt> <dd>2222</dd>
|
||||||
|
</dl>
|
||||||
|
<p>Cliquez ensuite sur <strong>Connexion rapide</strong></p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="tab-pane fade" id="dav" role="tabpanel" aria-labelledby="dav-tab">
|
||||||
|
<br>
|
||||||
|
<div class="alert alert-danger" role="alert">
|
||||||
|
N'automatisez pas votre déploiement en WebDAV car vous risqueriez de faire fuiter votre mot de passe.<br>
|
||||||
|
Pour toute forme d'automatisation, préférez le protocole S3.
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<table class="table mt-4">
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Nom d'utilisateur-ice</th>
|
||||||
|
<td>{{ .Describe.Username }}</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Mot de passe</th>
|
||||||
|
<td>(votre mot de passe guichet)</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Hôte</th>
|
||||||
|
<td>https://bagage.deuxfleurs.fr ou davs://bagage.deuxfleurs.fr</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th scope="row">Port</th>
|
||||||
|
<td>443 (par défaut)</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<p>Configurez votre logiciel :</p>
|
||||||
|
|
||||||
|
<div class="accordion" id="softconfig3">
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-header" id="drive-title">
|
||||||
|
<h2 class="mb-0">
|
||||||
|
<button class="btn btn-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#drive" aria-expanded="false" aria-controls="filezilla">
|
||||||
|
Explorateur web
|
||||||
|
</button>
|
||||||
|
</h2>
|
||||||
|
</div>
|
||||||
|
<div id="drive" class="collapse show" aria-labelledby="drive-title" data-parent="#softconfig3">
|
||||||
|
<div class="card-body">
|
||||||
|
<p>Vous pouvez naviguer dans vos fichiers via l'explorateur web.
|
||||||
|
Utilisez simplement vos identifiants Guichet, l'explorateur est préconfiguré.</p>
|
||||||
|
|
||||||
|
<p><a href="https://drive.deuxfleurs.fr">Accéder à l'explorateur</a></p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{{ if .View.Name.Expanded }}
|
||||||
|
<h5 class="mt-5">Vous ne savez pas comment configurer votre nom de domaine ?</h5>
|
||||||
|
<p> Le nom de domaine {{ .View.Name.Url }} n'est pas géré par Deuxfleurs, il vous revient donc de configurer la zone DNS. Vous devez ajouter une entrée <code>CNAME garage.deuxfleurs.fr</code> ou <code>ALIAS garage.deuxfleurs.fr</code> auprès de votre hébergeur DNS, qui est souvent aussi le bureau d'enregistrement (eg. Gandi, GoDaddy, BookMyName, etc.).</p>
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
|
|
||||||
|
</div>
|
||||||
|
{{ end }}
|
||||||
|
|
72
templates/garage_website_new.html
Normal file
72
templates/garage_website_new.html
Normal file
|
@ -0,0 +1,72 @@
|
||||||
|
{{define "title"}}Créer un site web |{{end}}
|
||||||
|
|
||||||
|
{{define "body"}}
|
||||||
|
<div class="d-flex">
|
||||||
|
<h4>Créer un site web</h4>
|
||||||
|
<a class="ml-auto btn btn-link" href="/website/configure">Mes identifiants</a>
|
||||||
|
<a class="ml-4 btn btn-info" href="/website">Mes sites webs</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="row mt-3">
|
||||||
|
<div class="col-md-12">
|
||||||
|
{{if .Err}}
|
||||||
|
<div class="alert alert-danger">{{ .Err.Error }}</div>
|
||||||
|
{{end}}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<ul class="nav nav-tabs" id="proto" role="tablist">
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link active" id="dnsint-tab" data-toggle="tab" href="#dnsint" role="tab" aria-controls="dnsint" aria-selected="true">Je n'ai pas de nom de domaine</a>
|
||||||
|
</li>
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link" id="dnsext-tab" data-toggle="tab" href="#dnsext" role="tab" aria-controls="dnsext" aria-selected="false">Utiliser mon propre nom de domaine</a>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<div class="tab-content" id="protocols">
|
||||||
|
|
||||||
|
<div class="tab-pane fade show active" id="dnsint" role="tabpanel" aria-labelledby="dnsint-tab">
|
||||||
|
<form method="POST" class="mt-4">
|
||||||
|
<div class="form-row">
|
||||||
|
<div class="form-group col-md-6">
|
||||||
|
<label for="bucket">Sous-domaine désiré :</label>
|
||||||
|
<input type="text" id="bucket" name="bucket" placeholder="mon-site" class="form-control" value="" onkeyup="document.getElementById('url').value = `https://${document.getElementById('bucket').value}.web.deuxfleurs.fr`" />
|
||||||
|
</div>
|
||||||
|
<div class="form-group col-md-6">
|
||||||
|
<label for="url">Votre site sera accessible à l'URL suivante :</label>
|
||||||
|
<input type="text" id="url" disabled="true" name="url" class="form-control" value="https://mon-site.web.deuxfleurs.fr" />
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="mt-4">
|
||||||
|
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
|
||||||
|
</div>
|
||||||
|
<button type="submit" class="btn btn-primary">Créer un nouveau site web</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
<div class="tab-pane fade show" id="dnsext" role="tabpanel" aria-labelledby="dnsext-tab">
|
||||||
|
<form method="POST" class="mt-4">
|
||||||
|
<div class="form-row">
|
||||||
|
<div class="form-group col-md-6">
|
||||||
|
<label for="bucket2">Votre nom de domaine :</label>
|
||||||
|
<input type="text" id="bucket2" name="bucket2" placeholder="example.com" class="form-control" value="" onkeyup="document.getElementById('url2').value = `https://${document.getElementById('bucket2').value}`" />
|
||||||
|
</div>
|
||||||
|
<div class="form-group col-md-6">
|
||||||
|
<label for="url2">Votre site sera accessible à l'URL suivante :</label>
|
||||||
|
<input type="text" id="url2" disabled="true" name="url2" class="form-control" value="https://example.com" />
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div>
|
||||||
|
<p>Vous devez éditer votre zone DNS, souvent gérée par votre bureau d'enregistrement, comme Gandi, pour la faire pointer vers Deuxfleurs. Si vous utilisez un sous domaine (eg. <code>site.example.com</code>), une entrée <code>CNAME</code> est appropriée :</p>
|
||||||
|
<pre>site CNAME 3600 garage.deuxfleurs.fr.</pre>
|
||||||
|
<p>Si vous utilisez la racine de votre nom de domaine (eg. <code>example.com</code>, aussi appelée APEX), la solution dépend de votre fournisseur DNS, il vous faudra au choix une entrée <code>ALIAS</code> ou <code>CNAME</code> en fonction de ce que votre fournisseur supporte :</p>
|
||||||
|
<pre>@ ALIAS 3600 garage.deuxfleurs.fr.</pre>
|
||||||
|
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
|
||||||
|
</div>
|
||||||
|
<div class="mt-4">
|
||||||
|
<button type="submit" class="btn btn-primary">Créer un nouveau site web</button>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{{end}}
|
|
@ -2,14 +2,14 @@
|
||||||
|
|
||||||
{{define "body"}}
|
{{define "body"}}
|
||||||
<div class="alert alert-info">
|
<div class="alert alert-info">
|
||||||
Bienvenue, <strong>{{ .Login.WelcomeName }}</strong> !
|
Bienvenue, <strong>{{ .User.WelcomeName }}</strong> !
|
||||||
</div>
|
</div>
|
||||||
<div class="d-flex">
|
<div class="d-flex">
|
||||||
<a class="ml-auto btn btn-sm btn-dark" href="/logout">Se déconnecter</a>
|
<a class="ml-auto btn btn-sm btn-dark" href="/logout">Se déconnecter</a>
|
||||||
</div>
|
</div>
|
||||||
<div class="mt-3"></div>
|
|
||||||
|
|
||||||
<div class="card">
|
<div class="mt-3">
|
||||||
|
<div class="card">
|
||||||
<div class="card-header">
|
<div class="card-header">
|
||||||
Mon compte
|
Mon compte
|
||||||
</div>
|
</div>
|
||||||
|
@ -18,9 +18,21 @@
|
||||||
<a class="list-group-item list-group-item-action" href="/passwd">Modifier mon mot de passe</a>
|
<a class="list-group-item list-group-item-action" href="/passwd">Modifier mon mot de passe</a>
|
||||||
<a class="list-group-item list-group-item-action" href="/directory">Annuaire</a>
|
<a class="list-group-item list-group-item-action" href="/directory">Annuaire</a>
|
||||||
</div>
|
</div>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
{{if .Login.CanInvite}}
|
<div class="mt-3">
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-header">
|
||||||
|
Mes services
|
||||||
|
</div>
|
||||||
|
<div class="list-group list-group-flush">
|
||||||
|
<a class="list-group-item list-group-item-action" href="/website">Mes sites Web</a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{{if .User.Capabilities.CanInvite}}
|
||||||
<div class="card mt-3">
|
<div class="card mt-3">
|
||||||
<div class="card-header">
|
<div class="card-header">
|
||||||
Inviter des gens sur Deuxfleurs
|
Inviter des gens sur Deuxfleurs
|
||||||
|
@ -32,14 +44,15 @@
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
{{if .Login.CanAdmin}}
|
{{if .User.Capabilities.CanAdmin}}
|
||||||
<div class="card mt-3">
|
<div class="card mt-3">
|
||||||
<div class="card-header">
|
<div class="card-header">
|
||||||
Administration
|
Administration
|
||||||
</div>
|
</div>
|
||||||
<div class="list-group list-group-flush">
|
<div class="list-group list-group-flush">
|
||||||
<a class="list-group-item list-group-item-action" href="/admin/users">Utilisateurs</a>
|
<a class="list-group-item list-group-item-action" href="/admin/users">Utilisateur·ices</a>
|
||||||
<a class="list-group-item list-group-item-action" href="/admin/groups">Groupes</a>
|
<a class="list-group-item list-group-item-action" href="/admin/groups">Groupes</a>
|
||||||
|
<a class="list-group-item list-group-item-action" href="/admin/mailing">Mailing lists</a>
|
||||||
<a class="list-group-item list-group-item-action" href="/admin/ldap/{{.BaseDN}}">Explorateur LDAP</a>
|
<a class="list-group-item list-group-item-action" href="/admin/ldap/{{.BaseDN}}">Explorateur LDAP</a>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
{{if .WarningMessage}}
|
{{if .WarningMessage}}
|
||||||
<div class="alert alert-danger mt-4">Des erreurs se sont produtes, le compte pourrait ne pas être totalement fonctionnel.
|
<div class="alert alert-danger mt-4">Des erreurs se sont produites, le compte pourrait ne pas être totalement fonctionnel.
|
||||||
<div style="font-size: 0.8em">{{ .WarningMessage }}</div>
|
<div style="font-size: 0.8em">{{ .WarningMessage }}</div>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
@ -25,12 +25,15 @@
|
||||||
<form method="POST" class="mt-4">
|
<form method="POST" class="mt-4">
|
||||||
<h5>Renseignements obligatoires</h5>
|
<h5>Renseignements obligatoires</h5>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="username">Nom d'utilisateur souhaité :</label>
|
<label for="username">Identifiant souhaité :</label>
|
||||||
<input type="text" id="username" name="username" class="form-control" value="{{ .Username }}" />
|
<input type="text" id="username" name="username" class="form-control" value="{{ .Username }}" />
|
||||||
|
<small class="form-text text-muted">
|
||||||
|
Votre identifiant doit être en minuscule.
|
||||||
|
</small>
|
||||||
</div>
|
</div>
|
||||||
{{if .ErrorInvalidUsername}}
|
{{if .ErrorInvalidUsername}}
|
||||||
<div class="alert alert-warning">
|
<div class="alert alert-warning">
|
||||||
Nom d'utilisateur invalide. Ne peut contenir que les caractères suivants : chiffres, lettres, point, tiret bas (_) et tiret du milieu (-).
|
Nom d'utilisateur invalide. Ne peut contenir que les caractères suivants : chiffres, lettres minuscules, point, tiret bas (_) et tiret du milieu (-).
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
{{if .ErrorUsernameTaken}}
|
{{if .ErrorUsernameTaken}}
|
||||||
|
@ -41,6 +44,9 @@
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="password">Mot de passe :</label>
|
<label for="password">Mot de passe :</label>
|
||||||
<input type="password" id="password" name="password" class="form-control" />
|
<input type="password" id="password" name="password" class="form-control" />
|
||||||
|
<small class="form-text text-muted">
|
||||||
|
La seule contrainte est que votre mot de passe doit faire au moins 8 caractères. Utilisez chiffres, majuscules, et caractères spéciaux sans modération !
|
||||||
|
</small>
|
||||||
</div>
|
</div>
|
||||||
{{if .ErrorPasswordTooShort}}
|
{{if .ErrorPasswordTooShort}}
|
||||||
<div class="alert alert-warning">
|
<div class="alert alert-warning">
|
||||||
|
@ -58,6 +64,9 @@
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
<h5>Renseignements optionnels</h5>
|
<h5>Renseignements optionnels</h5>
|
||||||
|
<small class="form-text text-muted">
|
||||||
|
Ces informations sont utilisées exclusivement pour "pré-configurer" les services que vous utiliserez, elles n'ont pas besoin de correspondre à votre état civil.
|
||||||
|
</small>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="displayname">Nom complet :</label>
|
<label for="displayname">Nom complet :</label>
|
||||||
<input type="text" id="displayname" name="displayname" class="form-control" value="{{ .DisplayName }}" />
|
<input type="text" id="displayname" name="displayname" class="form-control" value="{{ .DisplayName }}" />
|
||||||
|
|
|
@ -6,13 +6,15 @@
|
||||||
|
|
||||||
<link rel="stylesheet" href="/static/css/bootstrap.min.css">
|
<link rel="stylesheet" href="/static/css/bootstrap.min.css">
|
||||||
|
|
||||||
<title>{{template "title"}} Guichet</title>
|
<title>{{template "title" .}} Guichet</title>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<div class="container">
|
<div class="container mb-4">
|
||||||
<h1>Guichet Deuxfleurs💮💮</h1>
|
<h1>Guichet Deuxfleurs💮💮</h1>
|
||||||
<hr />
|
<hr />
|
||||||
{{template "body" .}}
|
{{template "body" .}}
|
||||||
</div>
|
</div>
|
||||||
|
<script src="/static/javascript/jquery.slim.min.js"></script>
|
||||||
|
<script src="/static/javascript/bootstrap.bundle.min.js"></script>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
|
|
||||||
<form method="POST">
|
<form method="POST">
|
||||||
{{if .WrongUser}}
|
{{if .WrongUser}}
|
||||||
<div class="alert alert-danger">Nom d'utilisateur invalide.</div>
|
<div class="alert alert-danger">Identifiant invalide.</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
{{if .WrongPass}}
|
{{if .WrongPass}}
|
||||||
<div class="alert alert-danger">Mot de passe invalide.</div>
|
<div class="alert alert-danger">Mot de passe invalide.</div>
|
||||||
|
@ -16,11 +16,11 @@
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="username">Nom d'utilisateur:</label>
|
<label for="username">Identifiant :</label>
|
||||||
<input type="text" name="username" id="username" class="form-control" value="{{ .Username }}" />
|
<input type="text" name="username" id="username" class="form-control" value="{{ .Username }}" />
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="password">Mot de passe:</label>
|
<label for="password">Mot de passe :</label>
|
||||||
<input type="password" name="password" id="password" class="form-control" />
|
<input type="password" name="password" id="password" class="form-control" />
|
||||||
</div>
|
</div>
|
||||||
<button type="submit" class="btn btn-primary">Se connecter</button>
|
<button type="submit" class="btn btn-primary">Se connecter</button>
|
||||||
|
@ -30,6 +30,6 @@
|
||||||
|
|
||||||
<p><strong>Mot de passe oublié ?</strong>
|
<p><strong>Mot de passe oublié ?</strong>
|
||||||
Écrivez à <samp>coucou</samp><img src="static/image/at_sign.svg" style="height: 1em" alt="arobase" /><samp>deuxfleurs.fr</samp>
|
Écrivez à <samp>coucou</samp><img src="static/image/at_sign.svg" style="height: 1em" alt="arobase" /><samp>deuxfleurs.fr</samp>
|
||||||
ou contactez directement votre administrateur favori.</p>
|
ou contactez directement votre opérateur·ice préféré·e.</p>
|
||||||
|
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
|
@ -19,8 +19,8 @@
|
||||||
<form method="POST" class="mt-4" enctype="multipart/form-data">
|
<form method="POST" class="mt-4" enctype="multipart/form-data">
|
||||||
<div class="form-row">
|
<div class="form-row">
|
||||||
<div class="form-group col-md-6">
|
<div class="form-group col-md-6">
|
||||||
<label>Nom d'utilisateur:</label>
|
<label>Identifiant:</label>
|
||||||
<input type="text" disabled="true" class="form-control" value="{{ .Status.Info.Username }}" />
|
<input type="text" disabled="true" class="form-control" value="{{ .User.Login.Info.Username }}" />
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group col-md-6">
|
<div class="form-group col-md-6">
|
||||||
<label for="mail">Adresse e-mail:</label>
|
<label for="mail">Adresse e-mail:</label>
|
||||||
|
|
435
website.go
Normal file
435
website.go
Normal file
|
@ -0,0 +1,435 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
|
||||||
|
"log"
|
||||||
|
"sort"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
ErrWebsiteNotFound = fmt.Errorf("Website not found")
|
||||||
|
ErrFetchBucketInfo = fmt.Errorf("Failed to fetch bucket information")
|
||||||
|
ErrWebsiteQuotaReached = fmt.Errorf("Can't create additional websites, quota reached")
|
||||||
|
ErrEmptyBucketName = fmt.Errorf("You can't create a website with an empty name")
|
||||||
|
ErrCantCreateBucket = fmt.Errorf("Can't create this bucket. Maybe another bucket already exists with this name or you have an invalid character")
|
||||||
|
ErrCantAllowKey = fmt.Errorf("Can't allow given key on the target bucket")
|
||||||
|
ErrCantConfigureBucket = fmt.Errorf("Unable to configure the bucket (activating website, adding quotas, etc.)")
|
||||||
|
ErrBucketDeleteNotEmpty = fmt.Errorf("You must remove all the files before deleting a bucket")
|
||||||
|
ErrBucketDeleteUnfinishedUpload = fmt.Errorf("You must remove all the unfinished multipart uploads before deleting a bucket")
|
||||||
|
ErrCantChangeVhost = fmt.Errorf("Can't change the vhost to the desired value. Maybe it's already used by someone else or an internal error occured")
|
||||||
|
ErrCantRemoveOldVhost = fmt.Errorf("The new vhost is bound to the bucket but the old one can't be removed, it's an internal error")
|
||||||
|
ErrFetchDedicatedKey = fmt.Errorf("Bucket has no dedicated key while it's required, it's an internal error")
|
||||||
|
ErrDedicatedKeyInvariant = fmt.Errorf("A security invariant on the dedicated key has been violated, aborting.")
|
||||||
|
)
|
||||||
|
|
||||||
|
type WebsiteId struct {
|
||||||
|
Pretty string `json:"name"`
|
||||||
|
Internal string `json:"-"`
|
||||||
|
Alt []string `json:"alt_name"`
|
||||||
|
Expanded bool `json:"expanded"`
|
||||||
|
Url string `json:"domain"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewWebsiteId(id string, aliases []string) *WebsiteId {
|
||||||
|
pretty := id
|
||||||
|
var alt []string
|
||||||
|
if len(aliases) > 0 {
|
||||||
|
pretty = aliases[0]
|
||||||
|
alt = aliases[1:]
|
||||||
|
}
|
||||||
|
expanded := strings.Contains(pretty, ".")
|
||||||
|
|
||||||
|
url := pretty
|
||||||
|
if !expanded {
|
||||||
|
url = fmt.Sprintf("%s.web.deuxfleurs.fr", pretty)
|
||||||
|
}
|
||||||
|
|
||||||
|
return &WebsiteId{pretty, id, alt, expanded, url}
|
||||||
|
}
|
||||||
|
func NewWebsiteIdFromBucketInfo(binfo *garage.BucketInfo) *WebsiteId {
|
||||||
|
return NewWebsiteId(*binfo.Id, binfo.GlobalAliases)
|
||||||
|
}
|
||||||
|
|
||||||
|
// -----
|
||||||
|
|
||||||
|
type WebsiteDescribe struct {
|
||||||
|
Username string `json:"username"`
|
||||||
|
AllowedWebsites *QuotaStat `json:"quota_website_count"`
|
||||||
|
BurstBucketQuotaSize string `json:"burst_bucket_quota_size"`
|
||||||
|
Websites []*WebsiteId `json:"vhosts"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type WebsiteController struct {
|
||||||
|
User *LoggedUser
|
||||||
|
RootKey *garage.KeyInfo
|
||||||
|
WebsiteIdx map[string]*WebsiteId
|
||||||
|
PrettyList []string
|
||||||
|
WebsiteCount QuotaStat
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewWebsiteController(user *LoggedUser) (*WebsiteController, error) {
|
||||||
|
idx := map[string]*WebsiteId{}
|
||||||
|
var wlist []string
|
||||||
|
|
||||||
|
keyInfo, err := user.S3KeyInfo()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, bckt := range keyInfo.Buckets {
|
||||||
|
if len(bckt.GlobalAliases) > 0 {
|
||||||
|
wid := NewWebsiteId(*bckt.Id, bckt.GlobalAliases)
|
||||||
|
idx[wid.Pretty] = wid
|
||||||
|
wlist = append(wlist, wid.Pretty)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
sort.Strings(wlist)
|
||||||
|
|
||||||
|
maxW := user.Quota.WebsiteCount
|
||||||
|
quota := NewQuotaStat(int64(len(wlist)), maxW, true)
|
||||||
|
|
||||||
|
return &WebsiteController{user, keyInfo, idx, wlist, quota}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *WebsiteController) getDedicatedWebsiteKey(binfo *garage.BucketInfo) (*garage.KeyInfo, error) {
|
||||||
|
// Check bucket info is not null
|
||||||
|
if binfo == nil {
|
||||||
|
return nil, ErrFetchBucketInfo
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check the bucket is owned by the user's root key
|
||||||
|
usersRootKeyFound := false
|
||||||
|
for _, bucketKeyInfo := range binfo.Keys {
|
||||||
|
if *bucketKeyInfo.AccessKeyId == *w.RootKey.AccessKeyId && *bucketKeyInfo.Permissions.Owner {
|
||||||
|
usersRootKeyFound = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if !usersRootKeyFound {
|
||||||
|
log.Printf("%s is not an owner of bucket %s. Invariant violated.\n", w.User.Username, *binfo.Id)
|
||||||
|
return nil, ErrDedicatedKeyInvariant
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that username does not contain a ":" (should not be possible due to the invitation regex)
|
||||||
|
// We do this check as ":" is used as a separator
|
||||||
|
if strings.Contains(w.User.Username, ":") || w.User.Username == "" || *binfo.Id == "" {
|
||||||
|
log.Printf("Username (%s) or bucket identifier (%s) is invalid. Invariant violated.\n", w.User.Username, *binfo.Id)
|
||||||
|
return nil, ErrDedicatedKeyInvariant
|
||||||
|
}
|
||||||
|
|
||||||
|
// Build the string template by concatening the username and the bucket identifier
|
||||||
|
dedicatedKeyName := fmt.Sprintf("%s:web:%s", w.User.Username, *binfo.Id)
|
||||||
|
|
||||||
|
// Try to fetch the dedicated key
|
||||||
|
keyInfo, err := grgSearchKey(dedicatedKeyName)
|
||||||
|
if err != nil {
|
||||||
|
// On error, try to create it.
|
||||||
|
// @FIXME we should try to create only on 404 Not Found errors
|
||||||
|
keyInfo, err = grgCreateKey(dedicatedKeyName)
|
||||||
|
if err != nil {
|
||||||
|
// On error again, abort
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
log.Printf("Created dedicated key %s\n", dedicatedKeyName)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that the key name is *exactly* the one we requested
|
||||||
|
if *keyInfo.Name != dedicatedKeyName {
|
||||||
|
log.Printf("Expected key: %s, got %s. Invariant violated.\n", dedicatedKeyName, *keyInfo.Name)
|
||||||
|
return nil, ErrDedicatedKeyInvariant
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that the dedicated key does not contain any other bucket than this one
|
||||||
|
// and report if this bucket key is found with correct permissions
|
||||||
|
permissionsOk := false
|
||||||
|
for _, buck := range keyInfo.Buckets {
|
||||||
|
if *buck.Id != *binfo.Id {
|
||||||
|
log.Printf("Key %s is used on bucket %s while it should be exclusive to %s. Invariant violated.\n", dedicatedKeyName, *buck.Id, *binfo.Id)
|
||||||
|
return nil, ErrDedicatedKeyInvariant
|
||||||
|
}
|
||||||
|
if *buck.Id == *binfo.Id && *buck.Permissions.Read && *buck.Permissions.Write {
|
||||||
|
permissionsOk = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Allow this bucket on the key if it's not already the case
|
||||||
|
// (will be executed when 1) key is first created and 2) as an healing mechanism)
|
||||||
|
if !permissionsOk {
|
||||||
|
binfo, err = grgAllowKeyOnBucket(*binfo.Id, *keyInfo.AccessKeyId, true, true, false)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
log.Printf("Key %s was not properly allowed on bucket %s, fixing permissions. Intended behavior.", dedicatedKeyName, *binfo.Id)
|
||||||
|
|
||||||
|
// Refresh the key to have an object with proper permissions
|
||||||
|
keyInfo, err = grgGetKey(*keyInfo.AccessKeyId)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Return the key
|
||||||
|
return keyInfo, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *WebsiteController) flushDedicatedWebsiteKey(binfo *garage.BucketInfo) error {
|
||||||
|
// Check bucket info is not null
|
||||||
|
if binfo == nil {
|
||||||
|
return ErrFetchBucketInfo
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check the bucket is owned by the user's root key
|
||||||
|
usersRootKeyFound := false
|
||||||
|
for _, bucketKeyInfo := range binfo.Keys {
|
||||||
|
if *bucketKeyInfo.AccessKeyId == *w.RootKey.AccessKeyId && *bucketKeyInfo.Permissions.Owner {
|
||||||
|
usersRootKeyFound = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if !usersRootKeyFound {
|
||||||
|
log.Printf("%s is not an owner of bucket %s. Invariant violated.\n", w.User.Username, *binfo.Id)
|
||||||
|
return ErrDedicatedKeyInvariant
|
||||||
|
}
|
||||||
|
|
||||||
|
// Build the string template by concatening the username and the bucket identifier
|
||||||
|
dedicatedKeyName := fmt.Sprintf("%s:web:%s", w.User.Username, *binfo.Id)
|
||||||
|
|
||||||
|
// Fetch the dedicated key
|
||||||
|
keyInfo, err := grgSearchKey(dedicatedKeyName)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that the key name is *exactly* the one we requested
|
||||||
|
if *keyInfo.Name != dedicatedKeyName {
|
||||||
|
log.Printf("Expected key: %s, got %s. Invariant violated.\n", dedicatedKeyName, *keyInfo.Name)
|
||||||
|
return ErrDedicatedKeyInvariant
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that the dedicated key contains no other bucket than this one
|
||||||
|
// (can also be empty, useful to heal a partially created key)
|
||||||
|
for _, buck := range keyInfo.Buckets {
|
||||||
|
if *buck.Id != *binfo.Id {
|
||||||
|
log.Printf("Key %s is used on bucket %s while it should be exclusive to %s. Invariant violated.\n", dedicatedKeyName, *buck.Id, *binfo.Id)
|
||||||
|
return ErrDedicatedKeyInvariant
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Finally delete this key
|
||||||
|
err = grgDelKey(*keyInfo.AccessKeyId)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
log.Printf("Deleted dedicated key %s", dedicatedKeyName)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *WebsiteController) Describe() (*WebsiteDescribe, error) {
|
||||||
|
r := make([]*WebsiteId, 0, len(w.PrettyList))
|
||||||
|
for _, k := range w.PrettyList {
|
||||||
|
r = append(r, w.WebsiteIdx[k])
|
||||||
|
}
|
||||||
|
|
||||||
|
return &WebsiteDescribe{
|
||||||
|
w.User.Username,
|
||||||
|
&w.WebsiteCount,
|
||||||
|
w.User.Quota.WebsiteSizeBurstedPretty(),
|
||||||
|
r,
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *WebsiteController) Inspect(pretty string) (*WebsiteView, error) {
|
||||||
|
website, ok := w.WebsiteIdx[pretty]
|
||||||
|
if !ok {
|
||||||
|
return nil, ErrWebsiteNotFound
|
||||||
|
}
|
||||||
|
|
||||||
|
binfo, err := grgGetBucket(website.Internal)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrFetchBucketInfo
|
||||||
|
}
|
||||||
|
|
||||||
|
dedicatedKey, err := w.getDedicatedWebsiteKey(binfo)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return NewWebsiteView(binfo, dedicatedKey)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *WebsiteController) Patch(pretty string, patch *WebsitePatch) (*WebsiteView, error) {
|
||||||
|
website, ok := w.WebsiteIdx[pretty]
|
||||||
|
if !ok {
|
||||||
|
return nil, ErrWebsiteNotFound
|
||||||
|
}
|
||||||
|
|
||||||
|
binfo, err := grgGetBucket(website.Internal)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrFetchBucketInfo
|
||||||
|
}
|
||||||
|
|
||||||
|
// Patch the max size
|
||||||
|
urQuota := garage.NewUpdateBucketRequestQuotas()
|
||||||
|
urQuota.SetMaxSize(w.User.Quota.WebsiteSizeAdjust(binfo.Quotas.GetMaxSize()))
|
||||||
|
urQuota.SetMaxObjects(w.User.Quota.WebsiteObjectAdjust(binfo.Quotas.GetMaxObjects()))
|
||||||
|
if patch.Size != nil {
|
||||||
|
urQuota.SetMaxSize(w.User.Quota.WebsiteSizeAdjust(*patch.Size))
|
||||||
|
}
|
||||||
|
|
||||||
|
// Build the update
|
||||||
|
ur := garage.NewUpdateBucketRequest()
|
||||||
|
ur.SetQuotas(*urQuota)
|
||||||
|
|
||||||
|
// Call garage "update bucket" function
|
||||||
|
binfo, err = grgUpdateBucket(website.Internal, ur)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrCantConfigureBucket
|
||||||
|
}
|
||||||
|
|
||||||
|
// Update the alias if the vhost field is set and different
|
||||||
|
if patch.Vhost != nil && *patch.Vhost != "" && *patch.Vhost != pretty {
|
||||||
|
binfo, err = grgAddGlobalAlias(website.Internal, *patch.Vhost)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrCantChangeVhost
|
||||||
|
}
|
||||||
|
binfo, err = grgDelGlobalAlias(website.Internal, pretty)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrCantRemoveOldVhost
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if patch.RotateKey != nil && *patch.RotateKey {
|
||||||
|
err = w.flushDedicatedWebsiteKey(binfo)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
dedicatedKey, err := w.getDedicatedWebsiteKey(binfo)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return NewWebsiteView(binfo, dedicatedKey)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *WebsiteController) Create(pretty string) (*WebsiteView, error) {
|
||||||
|
if pretty == "" {
|
||||||
|
return nil, ErrEmptyBucketName
|
||||||
|
}
|
||||||
|
|
||||||
|
if w.WebsiteCount.IsFull() {
|
||||||
|
return nil, ErrWebsiteQuotaReached
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create bucket
|
||||||
|
binfo, err := grgCreateBucket(pretty)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrCantCreateBucket
|
||||||
|
}
|
||||||
|
|
||||||
|
// Allow user's global key on bucket
|
||||||
|
s3key, err := w.User.S3KeyInfo()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
binfo, err = grgAllowKeyOnBucket(*binfo.Id, *s3key.AccessKeyId, true, true, true)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrCantAllowKey
|
||||||
|
}
|
||||||
|
|
||||||
|
// Set quota
|
||||||
|
qr := w.User.Quota.DefaultWebsiteQuota()
|
||||||
|
wr := allowWebsiteDefault()
|
||||||
|
|
||||||
|
ur := garage.NewUpdateBucketRequest()
|
||||||
|
ur.SetWebsiteAccess(*wr)
|
||||||
|
ur.SetQuotas(*qr)
|
||||||
|
|
||||||
|
binfo, err = grgUpdateBucket(*binfo.Id, ur)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrCantConfigureBucket
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create a dedicated key
|
||||||
|
dedicatedKey, err := w.getDedicatedWebsiteKey(binfo)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return NewWebsiteView(binfo, dedicatedKey)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *WebsiteController) Delete(pretty string) error {
|
||||||
|
if pretty == "" {
|
||||||
|
return ErrEmptyBucketName
|
||||||
|
}
|
||||||
|
|
||||||
|
website, ok := w.WebsiteIdx[pretty]
|
||||||
|
if !ok {
|
||||||
|
return ErrWebsiteNotFound
|
||||||
|
}
|
||||||
|
|
||||||
|
// Error checking
|
||||||
|
binfo, err := grgGetBucket(website.Internal)
|
||||||
|
if err != nil {
|
||||||
|
return ErrFetchBucketInfo
|
||||||
|
}
|
||||||
|
|
||||||
|
if *binfo.Objects > int64(0) {
|
||||||
|
return ErrBucketDeleteNotEmpty
|
||||||
|
}
|
||||||
|
|
||||||
|
if *binfo.UnfinishedUploads > int32(0) {
|
||||||
|
return ErrBucketDeleteUnfinishedUpload
|
||||||
|
}
|
||||||
|
|
||||||
|
// Delete dedicated key
|
||||||
|
err = w.flushDedicatedWebsiteKey(binfo)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Actually delete bucket
|
||||||
|
err = grgDeleteBucket(website.Internal)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
type WebsiteView struct {
|
||||||
|
Name *WebsiteId `json:"vhost"`
|
||||||
|
AccessKeyId string `json:"access_key_id"`
|
||||||
|
SecretAccessKey string `json:"secret_access_key"`
|
||||||
|
Size QuotaStat `json:"quota_size"`
|
||||||
|
Files QuotaStat `json:"quota_files"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewWebsiteView(binfo *garage.BucketInfo, s3key *garage.KeyInfo) (*WebsiteView, error) {
|
||||||
|
if binfo == nil {
|
||||||
|
return nil, ErrFetchBucketInfo
|
||||||
|
}
|
||||||
|
if s3key == nil {
|
||||||
|
return nil, ErrFetchDedicatedKey
|
||||||
|
}
|
||||||
|
|
||||||
|
q := binfo.GetQuotas()
|
||||||
|
|
||||||
|
wid := NewWebsiteIdFromBucketInfo(binfo)
|
||||||
|
size := NewQuotaStat(*binfo.Bytes, (&q).GetMaxSize(), true)
|
||||||
|
objects := NewQuotaStat(*binfo.Objects, (&q).GetMaxObjects(), false)
|
||||||
|
return &WebsiteView{
|
||||||
|
wid,
|
||||||
|
*s3key.AccessKeyId,
|
||||||
|
*s3key.SecretAccessKey.Get(),
|
||||||
|
size,
|
||||||
|
objects,
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
type WebsitePatch struct {
|
||||||
|
Size *int64 `json:"quota_size"`
|
||||||
|
Vhost *string `json:"vhost"`
|
||||||
|
RotateKey *bool `json:"rotate_key"`
|
||||||
|
}
|
178
webui_website.go
Normal file
178
webui_website.go
Normal file
|
@ -0,0 +1,178 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"github.com/gorilla/mux"
|
||||||
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
// --- Start page rendering functions
|
||||||
|
func handleWebsiteList(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := RequireUserHtml(w, r)
|
||||||
|
if user == nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
ctrl, err := NewWebsiteController(user)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(ctrl.PrettyList) > 0 {
|
||||||
|
http.Redirect(w, r, "/website/inspect/"+ctrl.PrettyList[0], http.StatusFound)
|
||||||
|
} else {
|
||||||
|
http.Redirect(w, r, "/website/new", http.StatusFound)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
type WebsiteNewTpl struct {
|
||||||
|
Ctrl *WebsiteController
|
||||||
|
Err error
|
||||||
|
}
|
||||||
|
|
||||||
|
func handleWebsiteNew(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user := RequireUserHtml(w, r)
|
||||||
|
if user == nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
ctrl, err := NewWebsiteController(user)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
tpl := &WebsiteNewTpl{ctrl, nil}
|
||||||
|
|
||||||
|
tWebsiteNew := getTemplate("garage_website_new.html")
|
||||||
|
if r.Method == "POST" {
|
||||||
|
r.ParseForm()
|
||||||
|
|
||||||
|
bucket := strings.Join(r.Form["bucket"], "")
|
||||||
|
if bucket == "" {
|
||||||
|
bucket = strings.Join(r.Form["bucket2"], "")
|
||||||
|
}
|
||||||
|
|
||||||
|
view, err := ctrl.Create(bucket)
|
||||||
|
if err != nil {
|
||||||
|
tpl.Err = err
|
||||||
|
tWebsiteNew.Execute(w, tpl)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
http.Redirect(w, r, "/website/inspect/"+view.Name.Pretty, http.StatusFound)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
tWebsiteNew.Execute(w, tpl)
|
||||||
|
}
|
||||||
|
|
||||||
|
type WebsiteInspectTpl struct {
|
||||||
|
Describe *WebsiteDescribe
|
||||||
|
View *WebsiteView
|
||||||
|
Err error
|
||||||
|
}
|
||||||
|
|
||||||
|
func handleWebsiteInspect(w http.ResponseWriter, r *http.Request) {
|
||||||
|
var processErr error
|
||||||
|
|
||||||
|
user := RequireUserHtml(w, r)
|
||||||
|
if user == nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
ctrl, err := NewWebsiteController(user)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
bucketName := mux.Vars(r)["bucket"]
|
||||||
|
|
||||||
|
if r.Method == "POST" {
|
||||||
|
r.ParseForm()
|
||||||
|
action := strings.Join(r.Form["action"], "")
|
||||||
|
switch action {
|
||||||
|
case "increase_quota":
|
||||||
|
_, processErr = ctrl.Patch(bucketName, &WebsitePatch{Size: &user.Quota.WebsiteSizeBursted})
|
||||||
|
case "delete_bucket":
|
||||||
|
processErr = ctrl.Delete(bucketName)
|
||||||
|
if processErr == nil {
|
||||||
|
http.Redirect(w, r, "/website", http.StatusFound)
|
||||||
|
}
|
||||||
|
case "rotate_key":
|
||||||
|
do_action := true
|
||||||
|
_, processErr = ctrl.Patch(bucketName, &WebsitePatch{RotateKey: &do_action})
|
||||||
|
default:
|
||||||
|
processErr = fmt.Errorf("Unknown action")
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
view, err := ctrl.Inspect(bucketName)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
describe, err := ctrl.Describe()
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
tpl := &WebsiteInspectTpl{describe, view, processErr}
|
||||||
|
|
||||||
|
tWebsiteInspect := getTemplate("garage_website_inspect.html")
|
||||||
|
tWebsiteInspect.Execute(w, &tpl)
|
||||||
|
}
|
||||||
|
|
||||||
|
func handleWebsiteVhost(w http.ResponseWriter, r *http.Request) {
|
||||||
|
var processErr error
|
||||||
|
|
||||||
|
user := RequireUserHtml(w, r)
|
||||||
|
if user == nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
ctrl, err := NewWebsiteController(user)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
bucketName := mux.Vars(r)["bucket"]
|
||||||
|
|
||||||
|
if r.Method == "POST" {
|
||||||
|
r.ParseForm()
|
||||||
|
|
||||||
|
bucket := strings.Join(r.Form["bucket"], "")
|
||||||
|
if bucket == "" {
|
||||||
|
bucket = strings.Join(r.Form["bucket2"], "")
|
||||||
|
}
|
||||||
|
|
||||||
|
view, processErr := ctrl.Patch(bucketName, &WebsitePatch{Vhost: &bucket})
|
||||||
|
if processErr == nil {
|
||||||
|
http.Redirect(w, r, "/website/inspect/"+view.Name.Pretty, http.StatusFound)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
view, err := ctrl.Inspect(bucketName)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
describe, err := ctrl.Describe()
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
tpl := &WebsiteInspectTpl{describe, view, processErr}
|
||||||
|
tWebsiteEdit := getTemplate("garage_website_edit.html")
|
||||||
|
tWebsiteEdit.Execute(w, &tpl)
|
||||||
|
}
|
Loading…
Reference in a new issue