fileserver/src/server/admin.cxx

103 lines
3.0 KiB
C++
Raw Normal View History

#include <spdlog/spdlog.h>
#include "server_internal.hxx"
#define check_admin_response() check_user_response(); if (!user->admin) return { .e = "Forbidden" };
#define check_admin_optional() check_user_optional(); if (!user->admin) return "Forbidden";
// TODO Log admin action
mrpc::Response<std::vector<mrpc::UserInfo>> Server::Admin_list_users(std::string &&token) {
check_admin_response();
{
std::shared_lock lock{user_lock};
std::vector<mrpc::UserInfo> info;
info.reserve(users.size());
for (const auto &us : users) {
const auto u = us.second.get();
info.push_back(mrpc::UserInfo {
.id = u->id,
.name = u->name,
.tfa = u->tfa_enabled,
.admin = u->admin,
.enabled = u->enabled
});
}
return { .o = std::move(info) };
}
}
std::optional<std::string> Server::Admin_delete_user(std::string &&token, std::uint64_t &&user_id) {
check_admin_optional();
auto target = get_user(user_id);
if (!target) return "Invalid user";
delete_user(target);
save();
return std::nullopt;
}
std::optional<std::string> Server::Admin_logout(std::string &&token, std::uint64_t &&user_id) {
check_admin_optional();
logout_user(user_id);
return std::nullopt;
}
std::optional<std::string> Server::Admin_disable_tfa(std::string &&token, std::uint64_t &&user_id) {
check_admin_optional();
auto u = get_user(user_id);
if (u) u->tfa_enabled = false;
save();
return std::nullopt;
}
std::optional<std::string> Server::Admin_set_admin(std::string &&token, std::uint64_t &&user_id, bool &&admin) {
check_admin_optional();
auto u = get_user(user_id);
if (u) u->admin = admin;
save();
return std::nullopt;
}
std::optional<std::string> Server::Admin_set_enabled(std::string &&token, std::uint64_t &&user_id, bool &&enabled) {
check_admin_optional();
auto u = get_user(user_id);
if (u) u->enabled = enabled;
save();
return std::nullopt;
}
std::optional<std::string> Server::Admin_sudo(std::string &&token, std::uint64_t &&user_id) {
check_admin_optional();
auto u = get_user(user_id);
if (!u)
return "Invalid user";
{
std::unique_lock tlock{token_lock};
auto &t = tokens.at(token);
t->sudo_original_user = user;
t->user = u;
t->refresh();
}
return std::nullopt;
}
std::optional<std::string> Server::Admin_unsudo(std::string &&token) {
check_user_optional();
{
std::unique_lock lock{token_lock};
auto &t = tokens.at(token);
if (t->sudo_original_user == nullptr)
return "Unauthorized";
t->user = t->sudo_original_user;
t->sudo_original_user = nullptr;
t->refresh();
}
return std::nullopt;
}
std::optional<std::string> Server::Admin_shutdown(std::string &&token) {
check_admin_optional();
spdlog::info("Received rpc shutdown request from admin user {}", user->name);
2024-04-23 15:38:41 +02:00
g_stop_service();
return std::nullopt;
}