Make SuperUser a regular user (don't special case it).

2011-04-11 21:18:46 +02:00 · 2011-04-11 21:18:46 +02:00 · 5607764dfa
commit 5607764dfa
parent 91b83edf9c
5 changed files with 23 additions and 22 deletions
--- a/client.go
+++ b/client.go
@ -43,11 +43,6 @@ type Client struct {
 	// the user field will point to the registration record.
 	user *User

-	// If the client has SuperUser privileges, superUser will be true.
-	// Note that Grumble doesn't store credentials of the SuperUser in
-	// the user data store, so we have to keep track of it separately.
-	superUser bool
-
 	// The clientReady channel signals the client's reciever routine that
 	// the client has been successfully authenticated and that it has been
 	// sent the necessary information to be a participant on the server.
@ -80,7 +75,7 @@ type Client struct {

 // Is the client a registered user?
 func (client *Client) IsRegistered() bool {
-	return client.user != nil || client.IsSuperUser()
+	return client.user != nil
 }

 // Does the client have a certificate?
@ -90,7 +85,10 @@ func (client *Client) HasCertificate() bool {

 // Is the client the SuperUser?
 func (client *Client) IsSuperUser() bool {
-	return client.superUser
+	if client.user == nil {
+		return false
+	}
+	return client.user.Id == 0
 }

 // Get the User ID of this client.
@ -98,8 +96,6 @@ func (client *Client) IsSuperUser() bool {
 func (client *Client) UserId() int {
 	if client.user == nil {
 		return -1
-	} else if client.superUser {
-		return 0
 	}
 	return int(client.user.Id)
 }
--- a/freeze.go
+++ b/freeze.go
@ -13,7 +13,6 @@ import (
 type frozenServer struct {
 	Id                int             "id"
 	MaxUsers          int             "max_user"
-	SuperUserPassword string          "super_user_password"
 	Channels          []frozenChannel "channels"
 	Users             []frozenUser    "users"
 }
@ -21,6 +20,7 @@ type frozenServer struct {
 type frozenUser struct {
 	Id            uint32 "id"
 	Name          string "name"
+	Password      string "password"
 	CertHash      string "cert_hash"
 	Email         string "email"
 	TextureBlob   string "texture_blob"
@ -61,7 +61,6 @@ type frozenGroup struct {
 // Freeze a server
 func (server *Server) Freeze() (fs frozenServer, err os.Error) {
 	fs.Id = int(server.Id)
-	fs.SuperUserPassword = server.superUserPassword
 	fs.MaxUsers = server.MaxUsers

 	channels := []frozenChannel{}
@ -132,6 +131,7 @@ func (channel *Channel) Freeze() (fc frozenChannel, err os.Error) {
 func (user *User) Freeze() (fu frozenUser, err os.Error) {
 	fu.Id = user.Id
 	fu.Name = user.Name
+	fu.Password = user.Password
 	fu.CertHash = user.CertHash
 	fu.Email = user.Email
 	fu.TextureBlob = user.TextureBlob
@ -187,8 +187,6 @@ func NewServerFromFrozen(filename string) (s *Server, err os.Error) {
 		return nil, err
 	}

-	s.superUserPassword = fs.SuperUserPassword
-
 	// Add all channels, but don't hook up parent/child relationships
 	// until all of them are loaded.
 	for _, fc := range fs.Channels {
@ -248,6 +246,7 @@ func NewServerFromFrozen(filename string) (s *Server, err os.Error) {
 			return nil, err
 		}

+		u.Password = fu.Password
 		u.CertHash = fu.CertHash
 		u.Email = fu.Email
 		u.TextureBlob = fu.TextureBlob
--- a/murmurdb.go
+++ b/murmurdb.go
@ -309,16 +309,13 @@ func populateUsers(server *Server, db *sqlite.Conn) (err os.Error) {
 			continue
 		}

-		if UserId == 0 {
-			server.superUserPassword = "sha1$$" + SHA1Password
-			continue
-		}
-
 		user, err := NewUser(uint32(UserId), UserName)
 		if err != nil {
 			return err
 		}

+		user.Password = "sha1$$" + SHA1Password
+
 		key, err := globalBlobstore.Put(Texture)
 		if err != nil {
 			return err
--- a/server.go
+++ b/server.go
@ -76,7 +76,6 @@ type Server struct {
 	Channels map[int]*Channel

 	// Users
-	superUserPassword string
 	Users             map[uint32]*User
 	UserCertMap       map[string]*User
 	UserNameMap       map[string]*User
@ -118,7 +117,12 @@ func NewServer(id int64, addr string, port int) (s *Server, err os.Error) {

 // Check whether password matches the set SuperUser password.
 func (server *Server) CheckSuperUserPassword(password string) bool {
-	parts := strings.Split(server.superUserPassword, "$", -1)
+	superUser, exists := server.Users[0]
+	if !exists {
+		log.Panicf("Fatal error: No SuperUser for server %v", server.Id)
+	}
+
+	parts := strings.Split(superUser.Password, "$", -1)
 	if len(parts) != 3 {
 		return false
 	}
@ -374,7 +378,11 @@ func (server *Server) handleAuthenticate(client *Client, msg *Message) {
 			return
 		} else {
 			if server.CheckSuperUserPassword(*auth.Password) {
-				client.superUser = true
+				client.user, ok = server.UserNameMap[client.Username]
+				if !ok {
+					client.RejectAuth("InvalidUsername", "")
+					return
+				}
 			} else {
 				client.RejectAuth("WrongUserPW", "")
 				return
--- a/user.go
+++ b/user.go
@ -16,6 +16,7 @@ import (
 type User struct {
 	Id            uint32
 	Name          string
+	Password      string
 	CertHash      string
 	Email         string
 	TextureBlob   string
@ -29,7 +30,7 @@ func NewUser(id uint32, name string) (user *User, err os.Error) {
 	if id < 0 {
 		return nil, os.NewError("Invalid user id")
 	}
-	if len(name) == 0 || name == "SuperUser" {
+	if len(name) == 0 {
 		return nil, os.NewError("Invalid username")
 	}