Add CLI for most basic user management

2025-12-13 20:32:48 +00:00 · 2025-04-17 23:27:43 +02:00
parent 39b1da3a8f
commit 626eff0373
9 changed files with 140 additions and 5 deletions
--- a/src/commands/mod.rs
+++ b/src/commands/mod.rs
@@ -11,6 +11,8 @@ use crate::config::{
    TracingConfig,
 };

+pub mod principals;
+
 #[derive(Debug, Parser)]
 pub struct GenConfigArgs {}

--- a/src/commands/principals.rs
+++ b/src/commands/principals.rs
@@ -0,0 +1,105 @@
+use clap::{Parser, Subcommand};
+use figment::{
+    Figment,
+    providers::{Env, Format, Toml},
+};
+use password_hash::PasswordHasher;
+use password_hash::SaltString;
+use rand::rngs::OsRng;
+use rustical_store::auth::{AuthenticationProvider, TomlPrincipalStore, User, user::PrincipalType};
+
+use crate::config::{self, Config};
+
+#[derive(Parser, Debug)]
+pub struct PrincipalsArgs {
+    #[arg(short, long, env, default_value = "/etc/rustical/config.toml")]
+    config_file: String,
+
+    #[command(subcommand)]
+    command: Command,
+}
+
+#[derive(Parser, Debug)]
+struct CreateArgs {
+    id: String,
+    #[arg(value_enum, short, long)]
+    principal_type: Option<PrincipalType>,
+    #[arg(short, long)]
+    name: Option<String>,
+    #[arg(long, help = "Ask for password input")]
+    password: bool,
+}
+
+#[derive(Parser, Debug)]
+struct RemoveArgs {
+    id: String,
+}
+
+#[derive(Debug, Subcommand)]
+enum Command {
+    List,
+    Create(CreateArgs),
+    Remove(RemoveArgs),
+}
+
+pub async fn cmd_principals(args: PrincipalsArgs) -> anyhow::Result<()> {
+    let config: Config = Figment::new()
+        // TODO: What to do when config file does not exist?
+        .merge(Toml::file(&args.config_file))
+        .merge(Env::prefixed("RUSTICAL_").split("__"))
+        .extract()?;
+
+    let user_store = match config.auth {
+        config::AuthConfig::Toml(config) => TomlPrincipalStore::new(config)?,
+    };
+
+    match args.command {
+        Command::List => {
+            for principal in user_store.get_principals().await? {
+                println!(
+                    "{} (displayname={}) [{}]",
+                    principal.id,
+                    principal.displayname.unwrap_or_default(),
+                    principal.principal_type
+                );
+            }
+        }
+        Command::Create(CreateArgs {
+            id,
+            principal_type,
+            name,
+            password,
+        }) => {
+            let salt = SaltString::generate(OsRng);
+            let password = if password {
+                println!("Enter your password:");
+                let password = rpassword::read_password()?;
+                Some(
+                    argon2::Argon2::default()
+                        .hash_password(password.as_bytes(), &salt)
+                        .unwrap()
+                        .to_string()
+                        .into(),
+                )
+            } else {
+                None
+            };
+            user_store
+                .insert_principal(User {
+                    id,
+                    displayname: name,
+                    principal_type: principal_type.unwrap_or_default(),
+                    app_tokens: vec![],
+                    password,
+                    memberships: vec![],
+                })
+                .await?;
+            println!("Principal created");
+        }
+        Command::Remove(RemoveArgs { id }) => {
+            user_store.remove_principal(&id).await?;
+            println!("Principal {id} removed");
+        }
+    }
+    Ok(())
+}
--- a/src/main.rs
+++ b/src/main.rs
@@ -4,6 +4,7 @@ use actix_web::http::KeepAlive;
 use anyhow::Result;
 use app::make_app;
 use clap::{Parser, Subcommand};
+use commands::principals::{PrincipalsArgs, cmd_principals};
 use commands::{cmd_gen_config, cmd_pwhash};
 use config::{DataStoreConfig, SqliteDataStoreConfig};
 use figment::Figment;
@@ -40,6 +41,7 @@ struct Args {
 enum Command {
    GenConfig(commands::GenConfigArgs),
    Pwhash(commands::PwhashArgs),
+    Principals(PrincipalsArgs),
 }

 async fn get_data_stores(
@@ -72,6 +74,7 @@ async fn main() -> Result<()> {
    match args.command {
        Some(Command::GenConfig(gen_config_args)) => cmd_gen_config(gen_config_args)?,
        Some(Command::Pwhash(pwhash_args)) => cmd_pwhash(pwhash_args)?,
+        Some(Command::Principals(principals_args)) => cmd_principals(principals_args).await?,
        None => {
            let config: Config = Figment::new()
                // TODO: What to do when config file does not exist?
@@ -140,11 +143,20 @@ mod tests {

    #[async_trait]
    impl AuthenticationProvider for MockUserStore {
+        async fn get_principals(
+            &self,
+        ) -> Result<Vec<rustical_store::auth::User>, rustical_store::Error> {
+            Err(rustical_store::Error::Other(anyhow!("Not implemented")))
+        }
        async fn get_principal(
            &self,
            id: &str,
        ) -> Result<Option<rustical_store::auth::User>, rustical_store::Error> {
-            Err(rustical_store::Error::NotFound)
+            Err(rustical_store::Error::Other(anyhow!("Not implemented")))
+        }
+
+        async fn remove_principal(&self, id: &str) -> Result<(), rustical_store::Error> {
+            Err(rustical_store::Error::Other(anyhow!("Not implemented")))
        }

        async fn validate_password(
@@ -152,7 +164,7 @@ mod tests {
            user_id: &str,
            password: &str,
        ) -> Result<Option<rustical_store::auth::User>, rustical_store::Error> {
-            Err(rustical_store::Error::NotFound)
+            Err(rustical_store::Error::Other(anyhow!("Not implemented")))
        }

        async fn validate_app_token(
@@ -160,7 +172,7 @@ mod tests {
            user_id: &str,
            token: &str,
        ) -> Result<Option<rustical_store::auth::User>, rustical_store::Error> {
-            Err(rustical_store::Error::NotFound)
+            Err(rustical_store::Error::Other(anyhow!("Not implemented")))
        }

        async fn add_app_token(