mirror of
https://github.com/jech/galene.git
synced 2024-12-22 15:25:48 +01:00
Keep track of issuer and creation date in tokens.
This commit is contained in:
parent
c501b76d2b
commit
8775ce6406
4 changed files with 50 additions and 18 deletions
|
@ -1748,6 +1748,14 @@ func handleClientMessage(c *webClient, m clientMessage) error {
|
|||
}
|
||||
}
|
||||
|
||||
user := c.username
|
||||
if user != "" {
|
||||
tok.IssuedBy = &user
|
||||
}
|
||||
|
||||
now := time.Now()
|
||||
tok.IssuedAt = &now
|
||||
|
||||
new, err := token.Add(tok)
|
||||
if err != nil {
|
||||
return terror("error", err.Error())
|
||||
|
@ -1778,7 +1786,9 @@ func handleClientMessage(c *webClient, m clientMessage) error {
|
|||
}
|
||||
if tok.Group != "" || tok.Username != nil ||
|
||||
tok.Permissions != nil ||
|
||||
tok.NotBefore != nil {
|
||||
tok.NotBefore != nil ||
|
||||
tok.IssuedBy != nil ||
|
||||
tok.IssuedAt != nil {
|
||||
return terror(
|
||||
"error", "this field cannot be edited",
|
||||
)
|
||||
|
|
|
@ -2651,7 +2651,7 @@ function gotUserMessage(id, dest, username, time, privileged, kind, error, messa
|
|||
displayError('Unexpected type for token');
|
||||
return;
|
||||
}
|
||||
let f = formatToken(message);
|
||||
let f = formatToken(message, false);
|
||||
localMessage(f[0] + ': ' + f[1]);
|
||||
if('share' in navigator) {
|
||||
try {
|
||||
|
@ -2676,7 +2676,7 @@ function gotUserMessage(id, dest, username, time, privileged, kind, error, messa
|
|||
}
|
||||
let s = '';
|
||||
for(let i = 0; i < message.length; i++) {
|
||||
let f = formatToken(message[i]);
|
||||
let f = formatToken(message[i], true);
|
||||
s = s + f[0] + ': ' + f[1] + "\n";
|
||||
}
|
||||
localMessage(s);
|
||||
|
@ -2689,23 +2689,37 @@ function gotUserMessage(id, dest, username, time, privileged, kind, error, messa
|
|||
|
||||
/**
|
||||
* @param {Object} token
|
||||
* @param {boolean} [details]
|
||||
*/
|
||||
function formatToken(token) {
|
||||
function formatToken(token, details) {
|
||||
let url = new URL(window.location.href);
|
||||
let params = new URLSearchParams();
|
||||
params.append('token', token.token);
|
||||
url.search = params.toString();
|
||||
let foruser = ''
|
||||
let foruser = '', by = '', togroup = '';
|
||||
if(token.username)
|
||||
foruser = ` for user ${token.username}`;
|
||||
if(details) {
|
||||
if(token.issuedBy)
|
||||
by = ' issued by ' + token.issuedBy;
|
||||
if(token.issuedAt) {
|
||||
if(by === '')
|
||||
by = ' issued at ' + token.issuedAt;
|
||||
else
|
||||
by = by + ' at ' + (new Date(token.issuedAt)).toLocaleString();
|
||||
}
|
||||
} else {
|
||||
if(token.group)
|
||||
togroup = ' to group ' + token.group;
|
||||
}
|
||||
/** @type{Date} */
|
||||
let expires = null;
|
||||
if(token.expires)
|
||||
expires = new Date(token.expires);
|
||||
return [
|
||||
(expires && (expires >= new Date())) ?
|
||||
`Invitation${foruser} valid until ${expires.toLocaleString()}` :
|
||||
`Expired invitation${foruser}`,
|
||||
`Invitation${foruser}${togroup}${by} valid until ${expires.toLocaleString()}` :
|
||||
`Expired invitation${foruser}${togroup}${by}`,
|
||||
url.toString(),
|
||||
];
|
||||
}
|
||||
|
|
|
@ -19,6 +19,8 @@ type Stateful struct {
|
|||
Permissions []string `json:"permissions"`
|
||||
Expires *time.Time `json:"expires"`
|
||||
NotBefore *time.Time `json:"not-before,omitempty"`
|
||||
IssuedAt *time.Time `json:"issuedAt,omitempty"`
|
||||
IssuedBy *string `json:"issuedBy,omitempty"`
|
||||
}
|
||||
|
||||
func (token *Stateful) Clone() *Stateful {
|
||||
|
|
|
@ -11,23 +11,29 @@ import (
|
|||
"time"
|
||||
)
|
||||
|
||||
func timeEqual(a, b *time.Time) bool {
|
||||
if a == nil && b == nil {
|
||||
return true
|
||||
}
|
||||
|
||||
if a!= nil && b != nil {
|
||||
return (*a).Equal(*b)
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
func equal(a, b *Stateful) bool {
|
||||
if a.Token != b.Token || a.Group != b.Group ||
|
||||
!reflect.DeepEqual(a.Username, b.Username) ||
|
||||
!reflect.DeepEqual(a.Permissions, b.Permissions) {
|
||||
return false
|
||||
}
|
||||
if a.Expires != nil && b.Expires != nil {
|
||||
return (*a.Expires).Equal(*b.Expires)
|
||||
}
|
||||
if (a.Expires != nil) != (b.Expires != nil) {
|
||||
!reflect.DeepEqual(a.Permissions, b.Permissions) ||
|
||||
!timeEqual(a.Expires, b.Expires) ||
|
||||
!reflect.DeepEqual(a.IssuedBy, b.IssuedBy) ||
|
||||
!timeEqual(a.IssuedAt, b.IssuedAt) {
|
||||
return false
|
||||
}
|
||||
|
||||
if a.NotBefore != nil && b.NotBefore != nil {
|
||||
return (*a.NotBefore).Equal(*b.NotBefore)
|
||||
}
|
||||
return (a.NotBefore != nil) == (b.NotBefore != nil)
|
||||
return true
|
||||
}
|
||||
|
||||
func TestStatefulCheck(t *testing.T) {
|
||||
|
|
Loading…
Reference in a new issue