2023-10-20 13:02:21 +02:00
|
|
|
#include <spdlog/spdlog.h>
|
|
|
|
#include "server_internal.hxx"
|
|
|
|
|
|
|
|
#define check_admin_response() check_user_response(); if (!user->admin) return { .e = "Forbidden" };
|
|
|
|
#define check_admin_optional() check_user_optional(); if (!user->admin) return "Forbidden";
|
|
|
|
|
|
|
|
// TODO Log admin action
|
|
|
|
|
|
|
|
mrpc::Response<std::vector<mrpc::UserInfo>> Server::Admin_list_users(std::string &&token) {
|
|
|
|
check_admin_response();
|
|
|
|
{
|
|
|
|
std::shared_lock lock{user_lock};
|
|
|
|
std::vector<mrpc::UserInfo> info;
|
|
|
|
info.reserve(users.size());
|
|
|
|
for (const auto &us : users) {
|
|
|
|
const auto u = us.second.get();
|
|
|
|
info.push_back(mrpc::UserInfo {
|
|
|
|
.id = u->id,
|
|
|
|
.name = u->name,
|
|
|
|
.tfa = u->tfa_enabled,
|
|
|
|
.admin = u->admin,
|
|
|
|
.enabled = u->enabled
|
|
|
|
});
|
|
|
|
}
|
|
|
|
return { .o = std::move(info) };
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
std::optional<std::string> Server::Admin_delete_user(std::string &&token, std::uint64_t &&user_id) {
|
|
|
|
check_admin_optional();
|
|
|
|
auto target = get_user(user_id);
|
|
|
|
if (!target) return "Invalid user";
|
|
|
|
delete_user(target);
|
|
|
|
save();
|
|
|
|
return std::nullopt;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::optional<std::string> Server::Admin_logout(std::string &&token, std::uint64_t &&user_id) {
|
|
|
|
check_admin_optional();
|
|
|
|
logout_user(user_id);
|
|
|
|
return std::nullopt;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::optional<std::string> Server::Admin_disable_tfa(std::string &&token, std::uint64_t &&user_id) {
|
|
|
|
check_admin_optional();
|
|
|
|
auto u = get_user(user_id);
|
|
|
|
if (u) u->tfa_enabled = false;
|
|
|
|
save();
|
|
|
|
return std::nullopt;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::optional<std::string> Server::Admin_set_admin(std::string &&token, std::uint64_t &&user_id, bool &&admin) {
|
|
|
|
check_admin_optional();
|
|
|
|
auto u = get_user(user_id);
|
|
|
|
if (u) u->admin = admin;
|
|
|
|
save();
|
|
|
|
return std::nullopt;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::optional<std::string> Server::Admin_set_enabled(std::string &&token, std::uint64_t &&user_id, bool &&enabled) {
|
|
|
|
check_admin_optional();
|
|
|
|
auto u = get_user(user_id);
|
|
|
|
if (u) u->enabled = enabled;
|
|
|
|
save();
|
|
|
|
return std::nullopt;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::optional<std::string> Server::Admin_sudo(std::string &&token, std::uint64_t &&user_id) {
|
|
|
|
check_admin_optional();
|
|
|
|
auto u = get_user(user_id);
|
|
|
|
if (!u)
|
|
|
|
return "Invalid user";
|
|
|
|
{
|
|
|
|
std::unique_lock tlock{token_lock};
|
|
|
|
auto &t = tokens.at(token);
|
|
|
|
t->sudo_original_user = user;
|
|
|
|
t->user = u;
|
|
|
|
t->refresh();
|
|
|
|
}
|
|
|
|
return std::nullopt;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::optional<std::string> Server::Admin_unsudo(std::string &&token) {
|
|
|
|
check_user_optional();
|
|
|
|
{
|
|
|
|
std::unique_lock lock{token_lock};
|
|
|
|
auto &t = tokens.at(token);
|
|
|
|
if (t->sudo_original_user == nullptr)
|
|
|
|
return "Unauthorized";
|
|
|
|
t->user = t->sudo_original_user;
|
|
|
|
t->sudo_original_user = nullptr;
|
|
|
|
t->refresh();
|
|
|
|
}
|
|
|
|
return std::nullopt;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::optional<std::string> Server::Admin_shutdown(std::string &&token) {
|
|
|
|
check_admin_optional();
|
|
|
|
spdlog::info("Received rpc shutdown request from admin user {}", user->name);
|
2024-04-23 15:38:41 +02:00
|
|
|
g_stop_service();
|
2023-10-20 13:02:21 +02:00
|
|
|
return std::nullopt;
|
|
|
|
}
|