nikdoof/rustical
1
1
Fork 0
mirror of https://github.com/lennart-k/rustical.git synced 2025-12-13 15:52:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add CLI for most basic user management

Browse Source
This commit is contained in:
Lennart
2025-04-17 23:27:43 +02:00
parent 39b1da3a8f
commit 626eff0373
9 changed files with 140 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Cargo.lock generated
View File

@@ -3157,6 +3157,7 @@ dependencies = [
"async-trait", "async-trait",
"chrono", "chrono",
"chrono-tz", "chrono-tz",
"clap",
"derive_more 2.0.1", "derive_more 2.0.1",
"ical", "ical",
"lazy_static", "lazy_static",

3
Cargo.toml
View File

@@ -111,6 +111,7 @@ reqwest = { version = "0.12", features = [
"http2", "http2",
], default-features = false } ], default-features = false }
openidconnect = "4.0" openidconnect = "4.0"
clap = { version = "4.5", features = ["derive", "env"] }
[dependencies] [dependencies]
rustical_store = { workspace = true } rustical_store = { workspace = true }
@@ -124,7 +125,7 @@ serde = { workspace = true }
tokio = { workspace = true } tokio = { workspace = true }
tracing = { workspace = true } tracing = { workspace = true }
anyhow = { workspace = true } anyhow = { workspace = true }
clap = { version = "4.5", features = ["derive", "env"] } clap.workspace = true
sqlx = { workspace = true } sqlx = { workspace = true }
async-trait = { workspace = true } async-trait = { workspace = true }
tracing-actix-web = { workspace = true } tracing-actix-web = { workspace = true }

1
crates/store/Cargo.toml
View File

@@ -29,6 +29,7 @@ toml.workspace = true
tokio.workspace = true tokio.workspace = true
rand.workspace = true rand.workspace = true
uuid.workspace = true uuid.workspace = true
clap.workspace = true
[dev-dependencies] [dev-dependencies]
rstest = { workspace = true } rstest = { workspace = true }

2
crates/store/src/auth/mod.rs
View File

@@ -6,7 +6,9 @@ use async_trait::async_trait;
#[async_trait] #[async_trait]
pub trait AuthenticationProvider: 'static { pub trait AuthenticationProvider: 'static {
async fn get_principals(&self) -> Result<Vec<User>, crate::Error>;
async fn get_principal(&self, id: &str) -> Result<Option<User>, crate::Error>; async fn get_principal(&self, id: &str) -> Result<Option<User>, crate::Error>;
async fn remove_principal(&self, id: &str) -> Result<(), crate::Error>;
async fn insert_principal(&self, user: User) -> Result<(), crate::Error>; async fn insert_principal(&self, user: User) -> Result<(), crate::Error>;
async fn validate_password(&self, user_id: &str, password: &str) async fn validate_password(&self, user_id: &str, password: &str)
-> Result<Option<User>, Error>; -> Result<Option<User>, Error>;

11
crates/store/src/auth/toml_user_store.rs
View File

@@ -61,6 +61,10 @@ impl TomlPrincipalStore {
#[async_trait] #[async_trait]
impl AuthenticationProvider for TomlPrincipalStore { impl AuthenticationProvider for TomlPrincipalStore {
async fn get_principals(&self) -> Result<Vec<User>, crate::Error> {
Ok(self.principals.read().await.values().cloned().collect())
}
async fn get_principal(&self, id: &str) -> Result<Option<User>, crate::Error> { async fn get_principal(&self, id: &str) -> Result<Option<User>, crate::Error> {
Ok(self.principals.read().await.get(id).cloned()) Ok(self.principals.read().await.get(id).cloned())
} }
@@ -75,6 +79,13 @@ impl AuthenticationProvider for TomlPrincipalStore {
Ok(()) Ok(())
} }
async fn remove_principal(&self, id: &str) -> Result<(), crate::Error> {
let mut principals = self.principals.write().await;
principals.remove(id);
self.save(principals.deref())?;
Ok(())
}
async fn validate_password( async fn validate_password(
&self, &self,
user_id: &str, user_id: &str,

2
crates/store/src/auth/user.rs
View File

@@ -12,7 +12,7 @@ use std::future::{Ready, ready};
use crate::Secret; use crate::Secret;
/// https://datatracker.ietf.org/doc/html/rfc5545#section-3.2.3 /// https://datatracker.ietf.org/doc/html/rfc5545#section-3.2.3
#[derive(Debug, Clone, Deserialize, Serialize, Default, PartialEq)] #[derive(Debug, Clone, Deserialize, Serialize, Default, PartialEq, Display, clap::ValueEnum)]
#[serde(rename_all = "lowercase")] #[serde(rename_all = "lowercase")]
pub enum PrincipalType { pub enum PrincipalType {
#[default] #[default]

2
src/commands/mod.rs
View File

@@ -11,6 +11,8 @@ use crate::config::{
TracingConfig, TracingConfig,
}; };
pub mod principals;
#[derive(Debug, Parser)] #[derive(Debug, Parser)]
pub struct GenConfigArgs {} pub struct GenConfigArgs {}

105
src/commands/principals.rs Normal file
View File

@@ -0,0 +1,105 @@
use clap::{Parser, Subcommand};
use figment::{
Figment,
providers::{Env, Format, Toml},
};
use password_hash::PasswordHasher;
use password_hash::SaltString;
use rand::rngs::OsRng;
use rustical_store::auth::{AuthenticationProvider, TomlPrincipalStore, User, user::PrincipalType};
use crate::config::{self, Config};
#[derive(Parser, Debug)]
pub struct PrincipalsArgs {
#[arg(short, long, env, default_value = "/etc/rustical/config.toml")]
config_file: String,
#[command(subcommand)]
command: Command,
}
#[derive(Parser, Debug)]
struct CreateArgs {
id: String,
#[arg(value_enum, short, long)]
principal_type: Option<PrincipalType>,
#[arg(short, long)]
name: Option<String>,
#[arg(long, help = "Ask for password input")]
password: bool,
}
#[derive(Parser, Debug)]
struct RemoveArgs {
id: String,
}
#[derive(Debug, Subcommand)]
enum Command {
List,
Create(CreateArgs),
Remove(RemoveArgs),
}
pub async fn cmd_principals(args: PrincipalsArgs) -> anyhow::Result<()> {
let config: Config = Figment::new()
// TODO: What to do when config file does not exist?
.merge(Toml::file(&args.config_file))
.merge(Env::prefixed("RUSTICAL_").split("__"))
.extract()?;
let user_store = match config.auth {
config::AuthConfig::Toml(config) => TomlPrincipalStore::new(config)?,
};
match args.command {
Command::List => {
for principal in user_store.get_principals().await? {
println!(
"{} (displayname={}) [{}]",
principal.id,
principal.displayname.unwrap_or_default(),
principal.principal_type
);
}
}
Command::Create(CreateArgs {
id,
principal_type,
name,
password,
}) => {
let salt = SaltString::generate(OsRng);
let password = if password {
println!("Enter your password:");
let password = rpassword::read_password()?;
Some(
argon2::Argon2::default()
.hash_password(password.as_bytes(), &salt)
.unwrap()
.to_string()
.into(),
)
} else {
None
};
user_store
.insert_principal(User {
id,
displayname: name,
principal_type: principal_type.unwrap_or_default(),
app_tokens: vec![],
password,
memberships: vec![],
})
.await?;
println!("Principal created");
}
Command::Remove(RemoveArgs { id }) => {
user_store.remove_principal(&id).await?;
println!("Principal {id} removed");
}
}
Ok(())
}

18
src/main.rs
View File

@@ -4,6 +4,7 @@ use actix_web::http::KeepAlive;
use anyhow::Result; use anyhow::Result;
use app::make_app; use app::make_app;
use clap::{Parser, Subcommand}; use clap::{Parser, Subcommand};
use commands::principals::{PrincipalsArgs, cmd_principals};
use commands::{cmd_gen_config, cmd_pwhash}; use commands::{cmd_gen_config, cmd_pwhash};
use config::{DataStoreConfig, SqliteDataStoreConfig}; use config::{DataStoreConfig, SqliteDataStoreConfig};
use figment::Figment; use figment::Figment;
@@ -40,6 +41,7 @@ struct Args {
enum Command { enum Command {
GenConfig(commands::GenConfigArgs), GenConfig(commands::GenConfigArgs),
Pwhash(commands::PwhashArgs), Pwhash(commands::PwhashArgs),
Principals(PrincipalsArgs),
} }
async fn get_data_stores( async fn get_data_stores(
@@ -72,6 +74,7 @@ async fn main() -> Result<()> {
match args.command { match args.command {
Some(Command::GenConfig(gen_config_args)) => cmd_gen_config(gen_config_args)?, Some(Command::GenConfig(gen_config_args)) => cmd_gen_config(gen_config_args)?,
Some(Command::Pwhash(pwhash_args)) => cmd_pwhash(pwhash_args)?, Some(Command::Pwhash(pwhash_args)) => cmd_pwhash(pwhash_args)?,
Some(Command::Principals(principals_args)) => cmd_principals(principals_args).await?,
None => { None => {
let config: Config = Figment::new() let config: Config = Figment::new()
// TODO: What to do when config file does not exist? // TODO: What to do when config file does not exist?
@@ -140,11 +143,20 @@ mod tests {
#[async_trait] #[async_trait]
impl AuthenticationProvider for MockUserStore { impl AuthenticationProvider for MockUserStore {
async fn get_principals(
&self,
) -> Result<Vec<rustical_store::auth::User>, rustical_store::Error> {
Err(rustical_store::Error::Other(anyhow!("Not implemented")))
}
async fn get_principal( async fn get_principal(
&self, &self,
id: &str, id: &str,
) -> Result<Option<rustical_store::auth::User>, rustical_store::Error> { ) -> Result<Option<rustical_store::auth::User>, rustical_store::Error> {
Err(rustical_store::Error::NotFound) Err(rustical_store::Error::Other(anyhow!("Not implemented")))
}
async fn remove_principal(&self, id: &str) -> Result<(), rustical_store::Error> {
Err(rustical_store::Error::Other(anyhow!("Not implemented")))
} }
async fn validate_password( async fn validate_password(
@@ -152,7 +164,7 @@ mod tests {
user_id: &str, user_id: &str,
password: &str, password: &str,
) -> Result<Option<rustical_store::auth::User>, rustical_store::Error> { ) -> Result<Option<rustical_store::auth::User>, rustical_store::Error> {
Err(rustical_store::Error::NotFound) Err(rustical_store::Error::Other(anyhow!("Not implemented")))
} }
async fn validate_app_token( async fn validate_app_token(
@@ -160,7 +172,7 @@ mod tests {
user_id: &str, user_id: &str,
token: &str, token: &str,
) -> Result<Option<rustical_store::auth::User>, rustical_store::Error> { ) -> Result<Option<rustical_store::auth::User>, rustical_store::Error> {
Err(rustical_store::Error::NotFound) Err(rustical_store::Error::Other(anyhow!("Not implemented")))
} }
async fn add_app_token( async fn add_app_token(