func (a Authorizer) AddUser(user models.User, password string) error {
if user.Username == "" {
logger.Get().Error("no user name given")
return mkerror("no username given")
}
if user.Email == "" {
logger.Get().Warning("Email not mentioned for the user")
}
user.Status = true
// Validate username
_, err := a.userDao.User(user.Username)
if err == nil {
logger.Get().Error("User %s already exists", user.Username)
return mkerror("user already exists")
} else if err.Error() != ErrMissingUser.Error() {
if err != nil {
logger.Get().Error("Error retrieving details of user: %s. error: %v", user.Username, err)
return mkerror(err.Error())
}
return nil
}
// Validate role
if user.Role == "" {
user.Role = a.defaultRole
} else {
if _, ok := a.roles[user.Role]; !ok {
logger.Get().Error("Non Existing Role: %s", user.Role)
return mkerror("non-existant role")
}
}
user.Hash = nil
if user.Type == authprovider.Internal {
if password == "" {
logger.Get().Error("no password given for user: %s", user.Username)
return mkerror("no password given")
}
// Generate and save hash
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil {
logger.Get().Error("couldn't save password for user: %s. error: %v", user.Username, err)
return mkerror("couldn't save password: "******"Error saving the user: %s. error: %v", user.Username, err)
return mkerror(err.Error())
}
return nil
}
