zeitbild/backend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[task-192] [int]

Browse source
This commit is contained in:
Fenris Wolf 2025-09-04 07:46:49 +00:00
parent 00f416a126
commit 6ad47e1943
9 changed files with 95 additions and 149 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
source/api/actions/davina_calendars.ts
View file

@ -10,13 +10,17 @@ namespace _zeitbild.api
{
register<
null,
null | Array<
(
null
|
Array<
{
id : int;
name : string;
access_level : string;
}
>
)
>
(
rest_subject,
@ -30,23 +34,12 @@ namespace _zeitbild.api
"nullable": false,
"type": "boolean",
}),
"query_parameters": () => ([
{
"name": "username",
"required": true,
"description": "username",
},
]),
/**
* @todo
*/
"restriction": restriction_none,
"execution": async ({"query_parameters": query_parameters}) => {
const username : string = query_parameters["username"];
const user_id : _zeitbild.type_user_id = await _zeitbild.service.user.identify(username);
"restriction": restriction_web_auth,
"execution": async (stuff) => {
const user : {id : _zeitbild.type_user_id; object : _zeitbild.type_user_object;} = await _zeitbild.api.user_from_web_auth(stuff);
return (
_zeitbild.service.calendar.overview(user_id)
_zeitbild.service.calendar.overview(user.id)
.then(
(data_raw) => Promise.resolve(
data_raw

17
source/api/actions/davina_check.ts
View file

@ -10,7 +10,7 @@ namespace _zeitbild.api
{
register<
null,
boolean
null
>
(
rest_subject,
@ -21,8 +21,7 @@ namespace _zeitbild.api
"nullable": true,
}),
"output_schema": () => ({
"nullable": false,
"type": "boolean",
"nullable": true,
}),
"query_parameters": () => ([
{
@ -36,17 +35,11 @@ namespace _zeitbild.api
"description": "password",
},
]),
"restriction": restriction_none,
"execution": async ({"query_parameters": query_parameters}) => {
const username : string = query_parameters["username"];
const password : string = query_parameters["password"];
/**
* @todo [important] rectify
*/
const valid : boolean = (username === password);
"restriction": restriction_web_auth,
"execution": async (stuff) => {
return Promise.resolve({
"status_code": 200,
"data": valid,
"data": null,
});
},
}

17
source/api/actions/davina_event_get.ts
View file

@ -10,18 +10,13 @@ namespace _zeitbild.api
{
register<
null,
lib_plankton.ical.type_vcalendar
(null | lib_plankton.ical.type_vcalendar)
>(
rest_subject,
lib_plankton.http.enum_method.get,
"/davina/event_get",
{
"query_parameters": () => ([
{
"name": "username",
"required": true,
"description": "user name",
},
{
"name": "calendar_id",
"required": true,
@ -51,16 +46,12 @@ namespace _zeitbild.api
// .replace(new RegExp("[\\s\\S]*BEGIN:VEVENT([\\s\\S]*)END:VEVENT[\\s\\S]*", "m"), "BEGIN:VEVENT$1END:VEVENT")
)
),
/**
* @todo
*/
"restriction": restriction_none,
"restriction": restriction_web_auth,
"execution": async (stuff) => {
const username : string = stuff.query_parameters["username"];
const user_id : _zeitbild.type_user_id = await _zeitbild.service.user.identify(username);
const user : {id : _zeitbild.type_user_id; object : _zeitbild.type_user_object;} = await _zeitbild.api.user_from_web_auth(stuff);
const calendar_id : int = parseInt(stuff.query_parameters["calendar_id"]);
const calendar_object : _zeitbild.type_calendar_object = await _zeitbild.service.calendar.get(calendar_id, user_id);
const calendar_object : _zeitbild.type_calendar_object = await _zeitbild.service.calendar.get(calendar_id, user.id);
const event_id : int = parseInt(stuff.query_parameters["event_id"]);
const event_object : _zeitbild.type_event_object = await _zeitbild.service.resource.event_get(calendar_object.resource_id, event_id);

22
source/api/actions/davina_event_list.ts
View file

@ -25,18 +25,6 @@ namespace _zeitbild.api
lib_plankton.http.enum_method.get,
"/davina/event_list",
{
"query_parameters": () => ([
{
"name": "username",
"required": true,
"description": "user name",
},
{
"name": "calendar_id",
"required": true,
"description": "calendar ID",
},
]),
"output_schema": () => ({
"type": "array",
"items": {
@ -59,13 +47,9 @@ namespace _zeitbild.api
],
}
}),
/**
* @todo
*/
"restriction": restriction_none,
"restriction": restriction_web_auth,
"execution": async (stuff) => {
const username : string = stuff.query_parameters["username"];
const user_id : _zeitbild.type_user_id = await _zeitbild.service.user.identify(username);
const user : {id : _zeitbild.type_user_id; object : _zeitbild.type_user_object;} = await _zeitbild.api.user_from_web_auth(stuff);
/**
* @todo
@ -79,7 +63,7 @@ namespace _zeitbild.api
[calendar_id],
from,
to,
user_id
user.id
)
.then(
(data) => Promise.resolve(

1
source/api/actions/session_oidc.ts
View file

@ -74,6 +74,7 @@ namespace _zeitbild.api
{
"name": data.userinfo.name,
"email_address": data.userinfo.email,
"dav_token": null,
}
);
lib_plankton.log.info(

128
source/api/base.ts
View file

@ -6,10 +6,10 @@ namespace _zeitbild.api
* @todo zu plankton auslagern?
*/
type type_stuff = {
version: (null | string);
headers: Record<string, string>;
path_parameters: Record<string, string>;
query_parameters: Record<string, string>;
version : (null | string);
headers : Record<string, string>;
path_parameters : Record<string, string>;
query_parameters : Record<string, string>;
};
@ -26,37 +26,47 @@ namespace _zeitbild.api
/**
* @todo outsource?
*/
export async function web_auth(
authorization_string : (null | string),
export async function user_from_web_auth(
stuff : {headers : Record<string, string>;}
) : Promise<
{
"via_dav_token": via_dav_token = false,
} : {
via_dav_token ?: boolean;
} = {
id : _zeitbild.type_user_id;
object : _zeitbild.type_user_object;
}
) : Promise<(null | _zeitbild.type_user_id)>
>
{
if (authorization_string === null) {
return Promise.resolve<(null | _zeitbild.type_user_id)>(null);
const authorization_string : string = (
stuff.headers["Authorization"]
??
stuff.headers["authorization"]
??
null
);
if (authorization_string === null)
{
return Promise.reject();
}
else {
else
{
const parts : Array<string> = authorization_string.split(" ");
const strategy : string = parts[0];
const data_raw : string = parts.slice(1).join(" ");
switch (strategy) {
default: {
switch (strategy)
{
default:
{
lib_plankton.log.notice(
"zeitbild.web_auth.unhandled_strategy",
"zeitbild.user_from_web_auth.unhandled_strategy",
{
"strategy": strategy,
}
);
return Promise.resolve<(null | _zeitbild.type_user_id)>(null);
return Promise.reject();
break;
}
case "Basic": {
case "Basic":
{
const data_raw_decoded : string = lib_plankton.base64.decode(data_raw);
const parts_ : Array<string> = data_raw_decoded.split(":");
const username : string = parts_[0];
@ -64,28 +74,34 @@ namespace _zeitbild.api
const {"value": user_id, "error": error} = await lib_plankton.call.try_catch_wrap_async<_zeitbild.type_user_id>(
() => _zeitbild.service.user.identify(username)
);
if (error !== null) {
if ((error !== null) || (user_id === null))
{
lib_plankton.log.notice(
"zeitbild.web_auth.unknown_user",
"zeitbild.user_from_web_auth.unknown_user",
{
"username": username,
}
);
return Promise.resolve<(null | _zeitbild.type_user_id)>(null);
return Promise.reject();
}
else {
else
{
const user_object : _zeitbild.type_user_object = await _zeitbild.service.user.get(user_id);
const password_shall : string = (
via_dav_token
(user_object.dav_token !== null)
?
user_object.dav_token
:
/**
* @todo deprecate?
*/
lib_plankton.sha256.get(
username,
_zeitbild.conf.get()["misc"]["auth_salt"]
)
);
if (! (password_is === password_shall)) {
if (! (password_is === password_shall))
{
/**
* @todo remove
*/
@ -96,10 +112,11 @@ namespace _zeitbild.api
"is": password_is,
}
);
return Promise.resolve<(null | _zeitbild.type_user_id)>(null);
return Promise.reject();
}
else {
return Promise.resolve<(null | _zeitbild.type_user_id)>(user_id);
else
{
return Promise.resolve({"id": user_id, "object": user_object});
}
}
break;
@ -118,9 +135,9 @@ namespace _zeitbild.api
/**
*/
export const restriction_logged_in : lib_plankton.rest_caldav.type_restriction<any> = (
(stuff) => (
session_from_stuff(stuff)
export const restriction_web_auth : lib_plankton.rest_caldav.type_restriction<any> = (
stuff => (
user_from_web_auth(stuff)
.then(() => Promise.resolve<boolean>(true))
.catch(() => Promise.resolve<boolean>(false))
)
@ -129,50 +146,11 @@ namespace _zeitbild.api
/**
*/
export const restriction_basic_auth : lib_plankton.rest_caldav.type_restriction<any> = (
export const restriction_logged_in : lib_plankton.rest_caldav.type_restriction<any> = (
(stuff) => (
web_auth(
(
stuff.headers["Authorization"]
??
stuff.headers["authorization"]
??
null
),
{
"via_dav_token": false,
}
)
.then<boolean>(
(user_id) => Promise.resolve<boolean>(
(user_id !== null)
)
)
)
);
/**
*/
export const restriction_dav_token : lib_plankton.rest_caldav.type_restriction<any> = (
(stuff) => (
web_auth(
(
stuff.headers["Authorization"]
??
stuff.headers["authorization"]
??
null
),
{
"via_dav_token": true,
}
)
.then<boolean>(
(user_id) => Promise.resolve<boolean>(
(user_id !== null)
)
)
session_from_stuff(stuff)
.then(() => Promise.resolve<boolean>(true))
.catch(() => Promise.resolve<boolean>(false))
)
);

2
source/api/functions.ts
View file

@ -51,6 +51,7 @@ namespace _zeitbild.api
_zeitbild.api.register_export_ical(rest_subject);
}
// caldav
/*
{
_zeitbild.api.register_caldav_sniff(rest_subject);
_zeitbild.api.register_caldav_put(rest_subject);
@ -59,6 +60,7 @@ namespace _zeitbild.api
_zeitbild.api.register_caldav_projects(rest_subject);
_zeitbild.api.register_caldav_get(rest_subject);
}
*/
// davina
{
_zeitbild.api.register_davina_check(rest_subject);

10
source/services/user.ts
View file

@ -28,6 +28,16 @@ namespace _zeitbild.service.user
}
/**
*/
export function get(
user_id : _zeitbild.type_user_id
) : Promise<_zeitbild.type_user_object>
{
return _zeitbild.repository.user.read(user_id);
}
/**
*/
export function add(

6
tools/makefile
View file

@ -77,12 +77,6 @@ ${dir_temp}/zeitbild-unlinked.js: \
${dir_source}/api/actions/calendar_event_remove.ts \
${dir_source}/api/actions/events.ts \
${dir_source}/api/actions/export_ical.ts \
${dir_source}/api/actions/caldav_sniff.ts \
${dir_source}/api/actions/caldav_put.ts \
${dir_source}/api/actions/caldav_probe.ts \
${dir_source}/api/actions/caldav_probe_via_well_known.ts \
${dir_source}/api/actions/caldav_projects.ts \
${dir_source}/api/actions/caldav_get.ts \
${dir_source}/api/actions/davina_check.ts \
${dir_source}/api/actions/davina_calendars.ts \
${dir_source}/api/actions/davina_event_list.ts \