fileserver/src/server/admin.cxx

#include <spdlog/spdlog.h>
#include "server_internal.hxx"

#define check_admin_response() check_user_response(); if (!user->admin) return { .e = "Forbidden" };
#define check_admin_optional() check_user_optional(); if (!user->admin) return "Forbidden";

// TODO Log admin action

mrpc::Response<std::vector<mrpc::UserInfo>> Server::Admin_list_users(std::string &&token) {
    check_admin_response();
    {
        std::shared_lock lock{user_lock};
        std::vector<mrpc::UserInfo> info;
        info.reserve(users.size());
        for (const auto &us : users) {
            const auto u = us.second.get();
            info.push_back(mrpc::UserInfo {
                .id = u->id,
                .name = u->name,
                .tfa = u->tfa_enabled,
                .admin = u->admin,
                .enabled = u->enabled
            });
        }
        return { .o = std::move(info) };
    }
}

std::optional<std::string> Server::Admin_delete_user(std::string &&token, std::uint64_t &&user_id) {
    check_admin_optional();
    auto target = get_user(user_id);
    if (!target) return "Invalid user";
    delete_user(target);
    save();
    return std::nullopt;
}

std::optional<std::string> Server::Admin_logout(std::string &&token, std::uint64_t &&user_id) {
    check_admin_optional();
    logout_user(user_id);
    return std::nullopt;
}

std::optional<std::string> Server::Admin_disable_tfa(std::string &&token, std::uint64_t &&user_id) {
    check_admin_optional();
    auto u = get_user(user_id);
    if (u) u->tfa_enabled = false;
    save();
    return std::nullopt;
}

std::optional<std::string> Server::Admin_set_admin(std::string &&token, std::uint64_t &&user_id, bool &&admin) {
    check_admin_optional();
    auto u = get_user(user_id);
    if (u) u->admin = admin;
    save();
    return std::nullopt;
}

std::optional<std::string> Server::Admin_set_enabled(std::string &&token, std::uint64_t &&user_id, bool &&enabled) {
    check_admin_optional();
    auto u = get_user(user_id);
    if (u) u->enabled = enabled;
    save();
    return std::nullopt;
}

std::optional<std::string> Server::Admin_sudo(std::string &&token, std::uint64_t &&user_id) {
    check_admin_optional();
    auto u = get_user(user_id);
    if (!u)
        return "Invalid user";
    {
        std::unique_lock tlock{token_lock};
        auto &t = tokens.at(token);
        t->sudo_original_user = user;
        t->user = u;
        t->refresh();
    }
    return std::nullopt;
}

std::optional<std::string> Server::Admin_unsudo(std::string &&token) {
    check_user_optional();
    {
        std::unique_lock lock{token_lock};
        auto &t = tokens.at(token);
        if (t->sudo_original_user == nullptr)
            return "Unauthorized";
        t->user = t->sudo_original_user;
        t->sudo_original_user = nullptr;
        t->refresh();
    }
    return std::nullopt;
}

std::optional<std::string> Server::Admin_shutdown(std::string &&token) {
    check_admin_optional();
    spdlog::info("Received rpc shutdown request from admin user {}", user->name);
    g_stop_service();
    return std::nullopt;
}
Rewrote the server in cpp with the frontend in svelte 2023-10-20 13:02:21 +02:00			`#include <spdlog/spdlog.h>`
			`#include "server_internal.hxx"`

			`#define check_admin_response() check_user_response(); if (!user->admin) return { .e = "Forbidden" };`
			`#define check_admin_optional() check_user_optional(); if (!user->admin) return "Forbidden";`

			`// TODO Log admin action`

			`mrpc::Response<std::vector<mrpc::UserInfo>> Server::Admin_list_users(std::string &&token) {`
			`check_admin_response();`
			`{`
			`std::shared_lock lock{user_lock};`
			`std::vector<mrpc::UserInfo> info;`
			`info.reserve(users.size());`
			`for (const auto &us : users) {`
			`const auto u = us.second.get();`
			`info.push_back(mrpc::UserInfo {`
			`.id = u->id,`
			`.name = u->name,`
			`.tfa = u->tfa_enabled,`
			`.admin = u->admin,`
			`.enabled = u->enabled`
			`});`
			`}`
			`return { .o = std::move(info) };`
			`}`
			`}`

			`std::optional<std::string> Server::Admin_delete_user(std::string &&token, std::uint64_t &&user_id) {`
			`check_admin_optional();`
			`auto target = get_user(user_id);`
			`if (!target) return "Invalid user";`
			`delete_user(target);`
			`save();`
			`return std::nullopt;`
			`}`

			`std::optional<std::string> Server::Admin_logout(std::string &&token, std::uint64_t &&user_id) {`
			`check_admin_optional();`
			`logout_user(user_id);`
			`return std::nullopt;`
			`}`

			`std::optional<std::string> Server::Admin_disable_tfa(std::string &&token, std::uint64_t &&user_id) {`
			`check_admin_optional();`
			`auto u = get_user(user_id);`
			`if (u) u->tfa_enabled = false;`
			`save();`
			`return std::nullopt;`
			`}`

			`std::optional<std::string> Server::Admin_set_admin(std::string &&token, std::uint64_t &&user_id, bool &&admin) {`
			`check_admin_optional();`
			`auto u = get_user(user_id);`
			`if (u) u->admin = admin;`
			`save();`
			`return std::nullopt;`
			`}`

			`std::optional<std::string> Server::Admin_set_enabled(std::string &&token, std::uint64_t &&user_id, bool &&enabled) {`
			`check_admin_optional();`
			`auto u = get_user(user_id);`
			`if (u) u->enabled = enabled;`
			`save();`
			`return std::nullopt;`
			`}`

			`std::optional<std::string> Server::Admin_sudo(std::string &&token, std::uint64_t &&user_id) {`
			`check_admin_optional();`
			`auto u = get_user(user_id);`
			`if (!u)`
			`return "Invalid user";`
			`{`
			`std::unique_lock tlock{token_lock};`
			`auto &t = tokens.at(token);`
			`t->sudo_original_user = user;`
			`t->user = u;`
			`t->refresh();`
			`}`
			`return std::nullopt;`
			`}`

			`std::optional<std::string> Server::Admin_unsudo(std::string &&token) {`
			`check_user_optional();`
			`{`
			`std::unique_lock lock{token_lock};`
			`auto &t = tokens.at(token);`
			`if (t->sudo_original_user == nullptr)`
			`return "Unauthorized";`
			`t->user = t->sudo_original_user;`
			`t->sudo_original_user = nullptr;`
			`t->refresh();`
			`}`
			`return std::nullopt;`
			`}`

			`std::optional<std::string> Server::Admin_shutdown(std::string &&token) {`
			`check_admin_optional();`
			`spdlog::info("Received rpc shutdown request from admin user {}", user->name);`
Replaced restbed with beast 2024-04-23 15:38:41 +02:00			`g_stop_service();`
Rewrote the server in cpp with the frontend in svelte 2023-10-20 13:02:21 +02:00			`return std::nullopt;`
			`}`