Allow Clubs and Socs to have accounts again #49

Merged
silver merged 3 commits from #26-clubs-and-socs into main 2024-03-11 21:30:27 +00:00
2 changed files with 18 additions and 65 deletions

View file

@ -60,6 +60,7 @@
USERS_LIFETIME = lib.strings.concatStringsSep "," cfg.users.lifetime; USERS_LIFETIME = lib.strings.concatStringsSep "," cfg.users.lifetime;
USERS_BANNED = lib.strings.concatStringsSep "," cfg.users.banned; USERS_BANNED = lib.strings.concatStringsSep "," cfg.users.banned;
USERS_RESTRICTED = lib.strings.concatStringsSep "," cfg.users.restricted; USERS_RESTRICTED = lib.strings.concatStringsSep "," cfg.users.restricted;
USERS_CLUBS_SOCIETIES = lib.strings.concatStringsSep "," cfg.users.clubs_societies;
}; };
service_name = script: lib.strings.sanitizeDerivationName("${cfg.user}@${script}"); service_name = script: lib.strings.sanitizeDerivationName("${cfg.user}@${script}");
@ -162,6 +163,11 @@
default = []; default = [];
description = "array of restricted user accounts"; description = "array of restricted user accounts";
}; };
clubs_societies = mkOption rec {
type = types.listOf types.str;
default = [];
description = "array of accounts for Clubs and Societies";
};
}; };
host_port = mkOption rec { host_port = mkOption rec {

View file

@ -1,6 +1,6 @@
use skynet_ldap_backend::{db_init, get_config, get_now_iso, get_wolves, update_group, Accounts, Config}; use skynet_ldap_backend::{db_init, get_config, update_group, Accounts, Config};
use sqlx::{Pool, Sqlite}; use sqlx::{Pool, Sqlite};
use std::{collections::HashSet, env, error::Error}; use std::{collections::HashSet, env};
#[async_std::main] #[async_std::main]
async fn main() -> tide::Result<()> { async fn main() -> tide::Result<()> {
@ -26,9 +26,10 @@ async fn update(config: &Config) -> tide::Result<()> {
} }
} }
// pull from wolves csv if let Ok(x) = env::var("USERS_CLUBS_SOCIETIES") {
for user in from_csv(&db).await.unwrap_or_default() { for user in x.split(',').collect::<Vec<&str>>() {
users_tmp.insert(user); users_tmp.insert(user.to_string());
}
} }
get_from_env(&mut users_tmp, &mut admins_tmp, "USERS_ADMIN"); get_from_env(&mut users_tmp, &mut admins_tmp, "USERS_ADMIN");
@ -67,60 +68,6 @@ fn get_from_env(users: &mut HashSet<String>, other: &mut HashSet<String>, key: &
} }
} }
async fn from_csv(db: &Pool<Sqlite>) -> Result<HashSet<String>, Box<dyn Error>> {
let mut uids = HashSet::new();
for record in get_wolves(db).await {
// only import users if it is actually active.
if record.expiry < get_now_iso(true) {
continue;
}
if let Some(uid) = account_mail_get_uid(db, &record.email).await {
uids.insert(uid);
} else if let Some(id_student) = record.id_student {
if let Some(uid) = account_id_get_uid(db, &id_student).await {
uids.insert(uid);
}
}
}
Ok(uids)
}
async fn account_mail_get_uid(db: &Pool<Sqlite>, mail: &str) -> Option<String> {
match sqlx::query_as::<_, Accounts>(
r#"
SELECT *
FROM accounts
WHERE mail == ?
"#,
)
.bind(mail)
.fetch_one(db)
.await
{
Ok(res) => Some(res.user.to_owned()),
Err(_) => None,
}
}
async fn account_id_get_uid(db: &Pool<Sqlite>, id: &str) -> Option<String> {
match sqlx::query_as::<_, Accounts>(
r#"
SELECT *
FROM accounts
WHERE student_id == ?
"#,
)
.bind(id)
.fetch_one(db)
.await
{
Ok(res) => Some(res.student_id.to_owned()),
Err(_) => None,
}
}
struct AccountsSecure { struct AccountsSecure {
users: Vec<String>, users: Vec<String>,
admins: Vec<String>, admins: Vec<String>,