From 6ad47e19431e81550df9676c467997c93adf329a Mon Sep 17 00:00:00 2001 From: Fenris Wolf Date: Thu, 4 Sep 2025 07:46:49 +0000 Subject: [PATCH] [task-192] [int] --- source/api/actions/davina_calendars.ts | 37 +++---- source/api/actions/davina_check.ts | 17 +--- source/api/actions/davina_event_get.ts | 17 +--- source/api/actions/davina_event_list.ts | 24 +---- source/api/actions/session_oidc.ts | 1 + source/api/base.ts | 130 ++++++++++-------------- source/api/functions.ts | 2 + source/services/user.ts | 10 ++ tools/makefile | 6 -- 9 files changed, 95 insertions(+), 149 deletions(-) diff --git a/source/api/actions/davina_calendars.ts b/source/api/actions/davina_calendars.ts index 300f7f9..7314b0f 100644 --- a/source/api/actions/davina_calendars.ts +++ b/source/api/actions/davina_calendars.ts @@ -10,13 +10,17 @@ namespace _zeitbild.api { register< null, - null | Array< - { - id : int; - name : string; - access_level : string; - } - > + ( + null + | + Array< + { + id : int; + name : string; + access_level : string; + } + > + ) > ( rest_subject, @@ -30,23 +34,12 @@ namespace _zeitbild.api "nullable": false, "type": "boolean", }), - "query_parameters": () => ([ - { - "name": "username", - "required": true, - "description": "username", - }, - ]), - /** - * @todo - */ - "restriction": restriction_none, - "execution": async ({"query_parameters": query_parameters}) => { - const username : string = query_parameters["username"]; - const user_id : _zeitbild.type_user_id = await _zeitbild.service.user.identify(username); + "restriction": restriction_web_auth, + "execution": async (stuff) => { + const user : {id : _zeitbild.type_user_id; object : _zeitbild.type_user_object;} = await _zeitbild.api.user_from_web_auth(stuff); return ( - _zeitbild.service.calendar.overview(user_id) + _zeitbild.service.calendar.overview(user.id) .then( (data_raw) => Promise.resolve( data_raw diff --git a/source/api/actions/davina_check.ts b/source/api/actions/davina_check.ts index 7de64b2..264f4f6 100644 --- a/source/api/actions/davina_check.ts +++ b/source/api/actions/davina_check.ts @@ -10,7 +10,7 @@ namespace _zeitbild.api { register< null, - boolean + null > ( rest_subject, @@ -21,8 +21,7 @@ namespace _zeitbild.api "nullable": true, }), "output_schema": () => ({ - "nullable": false, - "type": "boolean", + "nullable": true, }), "query_parameters": () => ([ { @@ -36,17 +35,11 @@ namespace _zeitbild.api "description": "password", }, ]), - "restriction": restriction_none, - "execution": async ({"query_parameters": query_parameters}) => { - const username : string = query_parameters["username"]; - const password : string = query_parameters["password"]; - /** - * @todo [important] rectify - */ - const valid : boolean = (username === password); + "restriction": restriction_web_auth, + "execution": async (stuff) => { return Promise.resolve({ "status_code": 200, - "data": valid, + "data": null, }); }, } diff --git a/source/api/actions/davina_event_get.ts b/source/api/actions/davina_event_get.ts index 95d774d..157c091 100644 --- a/source/api/actions/davina_event_get.ts +++ b/source/api/actions/davina_event_get.ts @@ -10,18 +10,13 @@ namespace _zeitbild.api { register< null, - lib_plankton.ical.type_vcalendar + (null | lib_plankton.ical.type_vcalendar) >( rest_subject, lib_plankton.http.enum_method.get, "/davina/event_get", { "query_parameters": () => ([ - { - "name": "username", - "required": true, - "description": "user name", - }, { "name": "calendar_id", "required": true, @@ -51,16 +46,12 @@ namespace _zeitbild.api // .replace(new RegExp("[\\s\\S]*BEGIN:VEVENT([\\s\\S]*)END:VEVENT[\\s\\S]*", "m"), "BEGIN:VEVENT$1END:VEVENT") ) ), - /** - * @todo - */ - "restriction": restriction_none, + "restriction": restriction_web_auth, "execution": async (stuff) => { - const username : string = stuff.query_parameters["username"]; - const user_id : _zeitbild.type_user_id = await _zeitbild.service.user.identify(username); + const user : {id : _zeitbild.type_user_id; object : _zeitbild.type_user_object;} = await _zeitbild.api.user_from_web_auth(stuff); const calendar_id : int = parseInt(stuff.query_parameters["calendar_id"]); - const calendar_object : _zeitbild.type_calendar_object = await _zeitbild.service.calendar.get(calendar_id, user_id); + const calendar_object : _zeitbild.type_calendar_object = await _zeitbild.service.calendar.get(calendar_id, user.id); const event_id : int = parseInt(stuff.query_parameters["event_id"]); const event_object : _zeitbild.type_event_object = await _zeitbild.service.resource.event_get(calendar_object.resource_id, event_id); diff --git a/source/api/actions/davina_event_list.ts b/source/api/actions/davina_event_list.ts index c37d727..736e738 100644 --- a/source/api/actions/davina_event_list.ts +++ b/source/api/actions/davina_event_list.ts @@ -25,18 +25,6 @@ namespace _zeitbild.api lib_plankton.http.enum_method.get, "/davina/event_list", { - "query_parameters": () => ([ - { - "name": "username", - "required": true, - "description": "user name", - }, - { - "name": "calendar_id", - "required": true, - "description": "calendar ID", - }, - ]), "output_schema": () => ({ "type": "array", "items": { @@ -59,14 +47,10 @@ namespace _zeitbild.api ], } }), - /** - * @todo - */ - "restriction": restriction_none, + "restriction": restriction_web_auth, "execution": async (stuff) => { - const username : string = stuff.query_parameters["username"]; - const user_id : _zeitbild.type_user_id = await _zeitbild.service.user.identify(username); - + const user : {id : _zeitbild.type_user_id; object : _zeitbild.type_user_object;} = await _zeitbild.api.user_from_web_auth(stuff); + /** * @todo */ @@ -79,7 +63,7 @@ namespace _zeitbild.api [calendar_id], from, to, - user_id + user.id ) .then( (data) => Promise.resolve( diff --git a/source/api/actions/session_oidc.ts b/source/api/actions/session_oidc.ts index 9ace510..fefd354 100644 --- a/source/api/actions/session_oidc.ts +++ b/source/api/actions/session_oidc.ts @@ -74,6 +74,7 @@ namespace _zeitbild.api { "name": data.userinfo.name, "email_address": data.userinfo.email, + "dav_token": null, } ); lib_plankton.log.info( diff --git a/source/api/base.ts b/source/api/base.ts index 012a127..31fa1fa 100644 --- a/source/api/base.ts +++ b/source/api/base.ts @@ -6,10 +6,10 @@ namespace _zeitbild.api * @todo zu plankton auslagern? */ type type_stuff = { - version: (null | string); - headers: Record; - path_parameters: Record; - query_parameters: Record; + version : (null | string); + headers : Record; + path_parameters : Record; + query_parameters : Record; }; @@ -24,39 +24,49 @@ namespace _zeitbild.api return {"key": key, "value": value}; } - + /** - * @todo outsource? */ - export async function web_auth( - authorization_string : (null | string), + export async function user_from_web_auth( + stuff : {headers : Record;} + ) : Promise< { - "via_dav_token": via_dav_token = false, - } : { - via_dav_token ?: boolean; - } = { + id : _zeitbild.type_user_id; + object : _zeitbild.type_user_object; } - ) : Promise<(null | _zeitbild.type_user_id)> + > { - if (authorization_string === null) { - return Promise.resolve<(null | _zeitbild.type_user_id)>(null); + const authorization_string : string = ( + stuff.headers["Authorization"] + ?? + stuff.headers["authorization"] + ?? + null + ); + if (authorization_string === null) + { + return Promise.reject(); } - else { + else + { const parts : Array = authorization_string.split(" "); const strategy : string = parts[0]; const data_raw : string = parts.slice(1).join(" "); - switch (strategy) { - default: { + switch (strategy) + { + default: + { lib_plankton.log.notice( - "zeitbild.web_auth.unhandled_strategy", + "zeitbild.user_from_web_auth.unhandled_strategy", { "strategy": strategy, } ); - return Promise.resolve<(null | _zeitbild.type_user_id)>(null); + return Promise.reject(); break; } - case "Basic": { + case "Basic": + { const data_raw_decoded : string = lib_plankton.base64.decode(data_raw); const parts_ : Array = data_raw_decoded.split(":"); const username : string = parts_[0]; @@ -64,28 +74,34 @@ namespace _zeitbild.api const {"value": user_id, "error": error} = await lib_plankton.call.try_catch_wrap_async<_zeitbild.type_user_id>( () => _zeitbild.service.user.identify(username) ); - if (error !== null) { + if ((error !== null) || (user_id === null)) + { lib_plankton.log.notice( - "zeitbild.web_auth.unknown_user", + "zeitbild.user_from_web_auth.unknown_user", { "username": username, } ); - return Promise.resolve<(null | _zeitbild.type_user_id)>(null); + return Promise.reject(); } - else { + else + { const user_object : _zeitbild.type_user_object = await _zeitbild.service.user.get(user_id); const password_shall : string = ( - via_dav_token + (user_object.dav_token !== null) ? user_object.dav_token : + /** + * @todo deprecate? + */ lib_plankton.sha256.get( username, _zeitbild.conf.get()["misc"]["auth_salt"] ) ); - if (! (password_is === password_shall)) { + if (! (password_is === password_shall)) + { /** * @todo remove */ @@ -96,10 +112,11 @@ namespace _zeitbild.api "is": password_is, } ); - return Promise.resolve<(null | _zeitbild.type_user_id)>(null); + return Promise.reject(); } - else { - return Promise.resolve<(null | _zeitbild.type_user_id)>(user_id); + else + { + return Promise.resolve({"id": user_id, "object": user_object}); } } break; @@ -118,9 +135,9 @@ namespace _zeitbild.api /** */ - export const restriction_logged_in : lib_plankton.rest_caldav.type_restriction = ( - (stuff) => ( - session_from_stuff(stuff) + export const restriction_web_auth : lib_plankton.rest_caldav.type_restriction = ( + stuff => ( + user_from_web_auth(stuff) .then(() => Promise.resolve(true)) .catch(() => Promise.resolve(false)) ) @@ -129,50 +146,11 @@ namespace _zeitbild.api /** */ - export const restriction_basic_auth : lib_plankton.rest_caldav.type_restriction = ( + export const restriction_logged_in : lib_plankton.rest_caldav.type_restriction = ( (stuff) => ( - web_auth( - ( - stuff.headers["Authorization"] - ?? - stuff.headers["authorization"] - ?? - null - ), - { - "via_dav_token": false, - } - ) - .then( - (user_id) => Promise.resolve( - (user_id !== null) - ) - ) - ) - ); - - - /** - */ - export const restriction_dav_token : lib_plankton.rest_caldav.type_restriction = ( - (stuff) => ( - web_auth( - ( - stuff.headers["Authorization"] - ?? - stuff.headers["authorization"] - ?? - null - ), - { - "via_dav_token": true, - } - ) - .then( - (user_id) => Promise.resolve( - (user_id !== null) - ) - ) + session_from_stuff(stuff) + .then(() => Promise.resolve(true)) + .catch(() => Promise.resolve(false)) ) ); diff --git a/source/api/functions.ts b/source/api/functions.ts index db222e3..46fcedd 100644 --- a/source/api/functions.ts +++ b/source/api/functions.ts @@ -51,6 +51,7 @@ namespace _zeitbild.api _zeitbild.api.register_export_ical(rest_subject); } // caldav + /* { _zeitbild.api.register_caldav_sniff(rest_subject); _zeitbild.api.register_caldav_put(rest_subject); @@ -59,6 +60,7 @@ namespace _zeitbild.api _zeitbild.api.register_caldav_projects(rest_subject); _zeitbild.api.register_caldav_get(rest_subject); } + */ // davina { _zeitbild.api.register_davina_check(rest_subject); diff --git a/source/services/user.ts b/source/services/user.ts index 98b438d..a6e5a5f 100644 --- a/source/services/user.ts +++ b/source/services/user.ts @@ -28,6 +28,16 @@ namespace _zeitbild.service.user } + /** + */ + export function get( + user_id : _zeitbild.type_user_id + ) : Promise<_zeitbild.type_user_object> + { + return _zeitbild.repository.user.read(user_id); + } + + /** */ export function add( diff --git a/tools/makefile b/tools/makefile index d7e2a36..31d77f3 100644 --- a/tools/makefile +++ b/tools/makefile @@ -77,12 +77,6 @@ ${dir_temp}/zeitbild-unlinked.js: \ ${dir_source}/api/actions/calendar_event_remove.ts \ ${dir_source}/api/actions/events.ts \ ${dir_source}/api/actions/export_ical.ts \ - ${dir_source}/api/actions/caldav_sniff.ts \ - ${dir_source}/api/actions/caldav_put.ts \ - ${dir_source}/api/actions/caldav_probe.ts \ - ${dir_source}/api/actions/caldav_probe_via_well_known.ts \ - ${dir_source}/api/actions/caldav_projects.ts \ - ${dir_source}/api/actions/caldav_get.ts \ ${dir_source}/api/actions/davina_check.ts \ ${dir_source}/api/actions/davina_calendars.ts \ ${dir_source}/api/actions/davina_event_list.ts \