Mercurial > gemma

comparison pkg/auth/opendb.go @ 461:685b886002b8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Baild out og RunAs if no metamorphic user is configured.
author Sascha L. Teichmann <sascha.teichmann@intevation.de>
date Wed, 22 Aug 2018 16:18:14 +0200
parents a7dc68d8e22f
children 73c7b2d6246e
comparison
equal deleted inserted replaced
458:01deefb7ec7a 461:685b886002b8
41 WHERE oid IN (SELECT oid FROM cte) AND rolname <> current_user 41 WHERE oid IN (SELECT oid FROM cte) AND rolname <> current_user
42 AND EXISTS (SELECT 1 FROM users.list_users WHERE username = current_user)` 42 AND EXISTS (SELECT 1 FROM users.list_users WHERE username = current_user)`
43 43
44 const InvalidRoleCharacters = `\"':;` 44 const InvalidRoleCharacters = `\"':;`
45 45
46 var ErrInvalidRoleCharacters = errors.New("rolename contains invalid character") 46 var (
47 ErrInvalidRoleCharacters = errors.New("rolename contains invalid character")
48 ErrNoMetamorphUser = errors.New("No metamorphic user configured")
49 )
47 50
48 func AllOtherRoles(user, password string) (Roles, error) { 51 func AllOtherRoles(user, password string) (Roles, error) {
49 db, err := OpenDB(user, password) 52 db, err := OpenDB(user, password)
50 if err != nil { 53 if err != nil {
51 return nil, err 54 return nil, err
71 74
72 func RunAs(role string, fn func(*sql.DB) error) error { 75 func RunAs(role string, fn func(*sql.DB) error) error {
73 if strings.Contains(role, InvalidRoleCharacters) { 76 if strings.Contains(role, InvalidRoleCharacters) {
74 return ErrInvalidRoleCharacters 77 return ErrInvalidRoleCharacters
75 } 78 }
76 db, err := OpenDB(config.MetamorphDBUser(), config.MetamorhpDBPassword()) 79 user := config.MetamorphDBUser()
80 if user == "" {
81 return ErrNoMetamorphUser
82 }
83 db, err := OpenDB(user, config.MetamorhpDBPassword())
77 if err != nil { 84 if err != nil {
78 return nil 85 return nil
79 } 86 }
80 defer db.Close() 87 defer db.Close()
81 if _, err := db.Exec(`SET ROLE "` + role + `"`); err != nil { 88 if _, err := db.Exec(`SET ROLE "` + role + `"`); err != nil {