예제 #1
0
// Merge applies the properties of the passed-in User to the User on which it
// is called and returns a new User with these modifications applied. Think of
// all Users as immutable sets of data. Merge allows you to perform the set
// operations (desired grants and revokes) atomically
func (u User) Merge(n User) (User, error) {
	var out User
	if u.User != n.User {
		return out, mergeErr("Merging user data with conflicting usernames: %s %s", u.User, n.User)
	}
	out.User = u.User
	if n.Password != "" {
		hash, err := bcrypt.GenerateFromPassword([]byte(n.Password), bcrypt.DefaultCost)
		if err != nil {
			return out, err
		}
		out.Password = string(hash)
	} else {
		out.Password = u.Password
	}
	currentRoles := types.NewUnsafeSet(u.Roles...)
	for _, g := range n.Grant {
		if currentRoles.Contains(g) {
			return out, mergeErr("Granting duplicate role %s for user %s", g, n.User)
		}
		currentRoles.Add(g)
	}
	for _, r := range n.Revoke {
		if !currentRoles.Contains(r) {
			return out, mergeErr("Revoking ungranted role %s for user %s", r, n.User)
		}
		currentRoles.Remove(r)
	}
	out.Roles = currentRoles.Values()
	return out, nil
}
예제 #2
0
func (s *Store) createUserInternal(user User) error {
	hash, err := bcrypt.GenerateFromPassword([]byte(user.Password), bcrypt.DefaultCost)
	if err != nil {
		return err
	}
	user.Password = string(hash)

	_, err = s.createResource("/users/"+user.User, user)
	return err
}