Add maut (#468)

Co-authored-by: Jonas Plum <git@jonasplum.de>
2025-12-06 23:32:47 +01:00 · 2022-10-01 21:38:13 +02:00
parent 4eb0658888
commit f73e91d142
56 changed files with 402 additions and 1760 deletions
--- a/database/busdb/context.go
+++ b/database/busdb/context.go
@@ -1,38 +0,0 @@
-package busdb
-
-import (
-	"context"
-	"net/http"
-
-	"github.com/SecurityBrewery/catalyst/generated/model"
-	"github.com/SecurityBrewery/catalyst/role"
-)
-
-type contextKey string
-
-const (
-	userContextKey  contextKey = "user"
-	groupContextKey contextKey = "groups"
-)
-
-func SetContext(r *http.Request, user *model.UserResponse) *http.Request {
-	user.Roles = role.Strings(role.Explodes(user.Roles))
-
-	return r.WithContext(context.WithValue(r.Context(), userContextKey, user))
-}
-
-func SetGroupContext(r *http.Request, groups []string) *http.Request {
-	return r.WithContext(context.WithValue(r.Context(), groupContextKey, groups))
-}
-
-func UserContext(ctx context.Context, user *model.UserResponse) context.Context {
-	user.Roles = role.Strings(role.Explodes(user.Roles))
-
-	return context.WithValue(ctx, userContextKey, user)
-}
-
-func UserFromContext(ctx context.Context) (*model.UserResponse, bool) {
-	u, ok := ctx.Value(userContextKey).(*model.UserResponse)
-
-	return u, ok
-}
--- a/database/busdb/log.go
+++ b/database/busdb/log.go
@@ -6,6 +6,7 @@ import (
 	"strings"

 	"github.com/arangodb/go-driver"
+	maut "github.com/jonas-plum/maut/auth"

 	"github.com/SecurityBrewery/catalyst/bus"
 	"github.com/SecurityBrewery/catalyst/generated/model"
@@ -15,7 +16,7 @@ import (
 const LogCollectionName = "logs"

 func (db *BusDatabase) LogCreate(ctx context.Context, logType, reference, message string) (*model.LogEntry, error) {
-	user, ok := UserFromContext(ctx)
+	user, _, ok := maut.UserFromContext(ctx)
 	if !ok {
 		return nil, errors.New("no user in context")
 	}
--- a/database/migrations/migrations.go
+++ b/database/migrations/migrations.go
@@ -62,6 +62,8 @@ func generateMigrations() ([]Migration, error) {
 		&updateDocument[model.Settings]{ID: "update-settings-global-1", Collection: "settings", Key: "global", Document: &model.Settings{ArtifactStates: []*model.Type{{Icon: "mdi-help-circle-outline", ID: "unknown", Name: "Unknown", Color: pointer.String(model.TypeColorInfo)}, {Icon: "mdi-skull", ID: "malicious", Name: "Malicious", Color: pointer.String(model.TypeColorError)}, {Icon: "mdi-check", ID: "clean", Name: "Clean", Color: pointer.String(model.TypeColorSuccess)}}, ArtifactKinds: []*model.Type{{Icon: "mdi-server", ID: "asset", Name: "Asset"}, {Icon: "mdi-bullseye", ID: "ioc", Name: "IOC"}}, Timeformat: "yyyy-MM-dd hh:mm:ss"}},

 		&updateSchema{ID: "update-user-simple-login", Name: "users", DataType: "user", Schema: `{"type":"object","properties":{"apikey":{"type":"boolean"},"blocked":{"type":"boolean"},"roles":{"items":{"type":"string"},"type":"array"},"salt":{"type":"string"},"sha256":{"type":"string"},"sha512":{"type":"string"}},"required":["blocked","apikey","roles"],"$id":"#/definitions/User"}`},
+
+		&mapRoles{ID: "simplify-roles"},
 	}, nil
 }

@@ -232,3 +234,17 @@ func (m *updateDocument[T]) Migrate(ctx context.Context, driver driver.Database)

 	return err
 }
+
+type mapRoles struct {
+	ID string
+}
+
+func (m mapRoles) MID() string {
+	return m.ID
+}
+
+func (m mapRoles) Migrate(ctx context.Context, driver driver.Database) error {
+	_, err := driver.Query(ctx, "FOR u IN users UPDATE u WITH {roles: u.roles[*].name} IN users", nil)
+
+	return err
+}
--- a/database/ticket_field.go
+++ b/database/ticket_field.go
@@ -7,6 +7,7 @@ import (

 	"github.com/arangodb/go-driver"
 	"github.com/iancoleman/strcase"
+	maut "github.com/jonas-plum/maut/auth"
 	"github.com/mingrammer/commonregex"

 	"github.com/SecurityBrewery/catalyst/bus"
@@ -110,7 +111,7 @@ func (db *Database) AddComment(ctx context.Context, id int64, comment *model.Com
 	}

 	if comment.Creator == nil || *comment.Creator == "" {
-		user, exists := busdb.UserFromContext(ctx)
+		user, _, exists := maut.UserFromContext(ctx)
 		if !exists {
 			return nil, errors.New("no user in context")
 		}
--- a/database/user.go
+++ b/database/user.go
@@ -11,12 +11,12 @@ import (

 	"github.com/arangodb/go-driver"
 	"github.com/iancoleman/strcase"
+	maut "github.com/jonas-plum/maut/auth"

 	"github.com/SecurityBrewery/catalyst/database/busdb"
 	"github.com/SecurityBrewery/catalyst/generated/model"
 	"github.com/SecurityBrewery/catalyst/generated/pointer"
 	"github.com/SecurityBrewery/catalyst/generated/time"
-	"github.com/SecurityBrewery/catalyst/role"
 )

 var letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_")
@@ -35,11 +35,9 @@ func generateKey() string {
 }

 func toUser(user *model.UserForm, salt, sha256, sha512 *string) *model.User {
-	roles := []string{}
-	roles = append(roles, role.Strings(role.Explodes(user.Roles))...)
 	u := &model.User{
 		Blocked: user.Blocked,
-		Roles:   roles,
+		Roles:   user.Roles,
 		Salt:    salt,
 		Sha256:  sha256,
 		Sha512:  sha512,
@@ -94,7 +92,7 @@ func (db *Database) UserCreate(ctx context.Context, newUser *model.UserForm) (*m
 	var key, salt, sha256Hash, sha512Hash *string
 	if newUser.Apikey {
 		key, sha256Hash = generateAPIKey()
-	} else {
+	} else if newUser.Password != nil {
 		salt, sha512Hash = hashUserPassword(newUser)
 	}

@@ -111,7 +109,7 @@ func (db *Database) UserCreate(ctx context.Context, newUser *model.UserForm) (*m
 func (db *Database) UserCreateSetupAPIKey(ctx context.Context, key string) (*model.UserResponse, error) {
 	newUser := &model.UserForm{
 		ID:      "setup",
-		Roles:   []string{role.Admin},
+		Roles:   []string{maut.AdminRole},
 		Apikey:  true,
 		Blocked: false,
 	}