tyler
/
proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cleanup user/token is_active() check

This commit is contained in:
Dietmar Maurer 2021-06-16 13:42:20 +02:00
parent 252cd3b781
commit d8a47ec649
2 changed files with 36 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/config/cached_user_info.rs
View File

@ -7,6 +7,7 @@ use anyhow::{Error, bail};
use proxmox::api::section_config::SectionConfigData; use proxmox::api::section_config::SectionConfigData;
use lazy_static::lazy_static; use lazy_static::lazy_static;
use proxmox::api::UserInformation; use proxmox::api::UserInformation;
use proxmox::tools::time::epoch_i64;
use super::acl::{AclTree, ROLE_NAMES, ROLE_ADMIN}; use super::acl::{AclTree, ROLE_NAMES, ROLE_ADMIN};
use super::user::{ApiToken, User}; use super::user::{ApiToken, User};
@ -18,8 +19,6 @@ pub struct CachedUserInfo {
acl_tree: Arc<AclTree>, acl_tree: Arc<AclTree>,
} }
fn now() -> i64 { unsafe { libc::time(std::ptr::null_mut()) } }
struct ConfigCache { struct ConfigCache {
data: Option<Arc<CachedUserInfo>>, data: Option<Arc<CachedUserInfo>>,
last_update: i64, last_update: i64,
@ -35,7 +34,7 @@ impl CachedUserInfo {
/// Returns a cached instance (up to 5 seconds old). /// Returns a cached instance (up to 5 seconds old).
pub fn new() -> Result<Arc<Self>, Error> { pub fn new() -> Result<Arc<Self>, Error> {
let now = now(); let now = epoch_i64();
{ // limit scope { // limit scope
let cache = CACHED_CONFIG.read().unwrap(); let cache = CACHED_CONFIG.read().unwrap();
if (now - cache.last_update) < 5 { if (now - cache.last_update) < 5 {
@ -68,15 +67,7 @@ impl CachedUserInfo {
/// Test if a user_id is enabled and not expired /// Test if a user_id is enabled and not expired
pub fn is_active_user_id(&self, userid: &Userid) -> bool { pub fn is_active_user_id(&self, userid: &Userid) -> bool {
if let Ok(info) = self.user_cfg.lookup::<User>("user", userid.as_str()) { if let Ok(info) = self.user_cfg.lookup::<User>("user", userid.as_str()) {
if !info.enable.unwrap_or(true) { info.is_active()
return false;
}
if let Some(expire) = info.expire {
if expire > 0 && expire <= now() {
return false;
}
}
true
} else { } else {
false false
} }
@ -92,15 +83,7 @@ impl CachedUserInfo {
if auth_id.is_token() { if auth_id.is_token() {
if let Ok(info) = self.user_cfg.lookup::<ApiToken>("token", &auth_id.to_string()) { if let Ok(info) = self.user_cfg.lookup::<ApiToken>("token", &auth_id.to_string()) {
if !info.enable.unwrap_or(true) { return info.is_active();
return false;
}
if let Some(expire) = info.expire {
if expire > 0 && expire <= now() {
return false;
}
}
return true;
} else { } else {
return false; return false;
} }

32
src/config/user.rs
View File

@ -83,6 +83,22 @@ pub struct ApiToken {
pub expire: Option<i64>, pub expire: Option<i64>,
} }
impl ApiToken {
pub fn is_active(&self) -> bool {
if !self.enable.unwrap_or(true) {
return false;
}
if let Some(expire) = self.expire {
let now = proxmox::tools::time::epoch_i64();
if expire > 0 && expire <= now {
return false;
}
}
true
}
}
#[api( #[api(
properties: { properties: {
userid: { userid: {
@ -132,6 +148,22 @@ pub struct User {
pub email: Option<String>, pub email: Option<String>,
} }
impl User {
pub fn is_active(&self) -> bool {
if !self.enable.unwrap_or(true) {
return false;
}
if let Some(expire) = self.expire {
let now = proxmox::tools::time::epoch_i64();
if expire > 0 && expire <= now {
return false;
}
}
true
}
}
fn init() -> SectionConfig { fn init() -> SectionConfig {
let mut config = SectionConfig::new(&Authid::API_SCHEMA); let mut config = SectionConfig::new(&Authid::API_SCHEMA);