Add dedicated API for creating users

2026-05-01 21:36:02 +00:00 · 2015-10-09 13:00:08 -07:00
parent 69359bf035
commit 9443fdbf7a
3 changed files with 78 additions and 11 deletions
--- a/client/client.go
+++ b/client/client.go
@@ -149,6 +149,21 @@ func (c *RemoteServer) Delegate(req core.DelegateRequest) (*core.ResponseData, e
 	return unmarshalResponseData(respBytes)
 }

+// CreateUser issues a create-user request to the remote server
+func (c *RemoteServer) CreateUser(req core.CreateUserRequest) (*core.ResponseData, error) {
+	reqBytes, err := json.Marshal(req)
+	if err != nil {
+		return nil, err
+	}
+
+	respBytes, err := c.doAction("create-user", reqBytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return unmarshalResponseData(respBytes)
+}
+
 // Purge issues a purge request to the remote server
 func (c *RemoteServer) Purge(req core.DelegateRequest) (*core.ResponseData, error) {
 	reqBytes, err := json.Marshal(req)
--- a/core/core.go
+++ b/core/core.go
@@ -51,6 +51,12 @@ type DelegateRequest struct {
 	Labels []string
 }

+type CreateUserRequest struct {
+	Name     string
+	Password string
+	UserType string
+}
+
 type PasswordRequest struct {
 	Name     string
 	Password string
@@ -338,6 +344,51 @@ func Delegate(jsonIn []byte) ([]byte, error) {
 	return jsonStatusOk()
 }

+// Create User processes a create-user request.
+func CreateUser(jsonIn []byte) ([]byte, error) {
+	var s CreateUserRequest
+	var err error
+
+	defer func() {
+		if err != nil {
+			log.Printf("core.create-user failed: user=%s %v", s.Name, err)
+		} else {
+			log.Printf("core.create-user success: user=%s", s.Name)
+		}
+	}()
+
+	if err = json.Unmarshal(jsonIn, &s); err != nil {
+		return jsonStatusError(err)
+	}
+
+	// If no UserType if provided use the default one
+	if s.UserType == "" {
+		s.UserType = passvault.DefaultRecordType
+	}
+
+	if records.NumRecords() == 0 {
+		err = errors.New("Vault is not created yet")
+		return jsonStatusError(err)
+	}
+
+	// Validate the Name and Password as valid
+	if err = validateName(s.Name, s.Password); err != nil {
+		return jsonStatusError(err)
+	}
+
+	_, found := records.GetRecord(s.Name)
+	if found {
+		err = errors.New("User with that name already exists")
+		return jsonStatusError(err)
+	}
+
+	if _, err = records.AddNewRecord(s.Name, s.Password, false, s.UserType); err != nil {
+		return jsonStatusError(err)
+	}
+
+	return jsonStatusOk()
+}
+
 // Password processes a password change request.
 func Password(jsonIn []byte) ([]byte, error) {
 	var err error
--- a/redoctober.go
+++ b/redoctober.go
@@ -27,17 +27,18 @@ import (
 // List of URLs to register and their related functions

 var functions = map[string]func([]byte) ([]byte, error){
-	"/create":     core.Create,
-	"/summary":    core.Summary,
-	"/purge":      core.Purge,
-	"/delegate":   core.Delegate,
-	"/password":   core.Password,
-	"/encrypt":    core.Encrypt,
-	"/re-encrypt": core.ReEncrypt,
-	"/decrypt":    core.Decrypt,
-	"/owners":     core.Owners,
-	"/modify":     core.Modify,
-	"/export":     core.Export,
+	"/create":      core.Create,
+	"/summary":     core.Summary,
+	"/purge":       core.Purge,
+	"/delegate":    core.Delegate,
+	"/create-user": core.CreateUser,
+	"/password":    core.Password,
+	"/encrypt":     core.Encrypt,
+	"/re-encrypt":  core.ReEncrypt,
+	"/decrypt":     core.Decrypt,
+	"/owners":      core.Owners,
+	"/modify":      core.Modify,
+	"/export":      core.Export,
 }

 type userRequest struct {