Plumb ACL through to state

mkw-re · Jul 30, 2023 · bcb4ba6 · bcb4ba6
1 parent ceba607
commit bcb4ba6
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 2 deletions.
diff --git a/srepanel/common/types.go b/srepanel/common/types.go
@@ -18,3 +18,8 @@ type Link struct {
 	Name string `json:"name"`
 	URL  string `json:"url"`
 }
+
+type UserRepoAccess struct {
+	Repo string
+	Perm string
+}
diff --git a/srepanel/ghidra/acl.go b/srepanel/ghidra/acl.go
@@ -19,6 +19,12 @@ const (
 
 const AnonAllowedStr = "=ANONYMOUS_ALLOWED"
 
+var PermStrs = []string{
+	PermRead:  PermReadStr,
+	PermWrite: PermWriteStr,
+	PermAdmin: PermAdminStr,
+}
+
 // ACL is an in-memory representation of a repo access list.
 type ACL struct {
 	AnonymousAccess bool

diff --git a/srepanel/main.go b/srepanel/main.go
@@ -40,6 +40,7 @@ func main() {
 	dbPath := flag.String("db", "ghidra_panel.db", "path to database file")
 	listen := flag.String("listen", ":8080", "listen address")
 	cmdInit := flag.Bool("init", false, "initialize database and exit")
+	dev := flag.Bool("dev", false, "enable development mode")
 
 	flag.Parse()
 
@@ -109,6 +110,7 @@ func main() {
 	webConfig := web.Config{
 		GhidraEndpoint: &cfg.Ghidra.Endpoint,
 		Links:          cfg.Links,
+		Dev:            *dev,
 	}
 	server, err := web.NewServer(&webConfig, db, auth, &issuer, &acls)
 	if err != nil {

diff --git a/srepanel/web/server.go b/srepanel/web/server.go
@@ -2,13 +2,13 @@ package web
 
 import (
 	"embed"
-	"go.mkw.re/ghidra-panel/ghidra"
 	"html/template"
 	"net/http"
 
 	"go.mkw.re/ghidra-panel/common"
 	"go.mkw.re/ghidra-panel/database"
 	"go.mkw.re/ghidra-panel/discord_auth"
+	"go.mkw.re/ghidra-panel/ghidra"
 	"go.mkw.re/ghidra-panel/token"
 )
 
@@ -37,6 +37,7 @@ func init() {
 type Config struct {
 	GhidraEndpoint *common.GhidraEndpoint
 	Links          []common.Link
+	Dev            bool // developer mode
 }
 
 type Server struct {
@@ -83,6 +84,7 @@ type State struct {
 	Nav       []Nav         // navigation bar
 	Links     []common.Link // footer links
 	Ghidra    *common.GhidraEndpoint
+	ACL       []common.UserRepoAccess
 }
 
 type Nav struct {
@@ -118,7 +120,16 @@ func (s *Server) authenticateState(wr http.ResponseWriter, req *http.Request, st
 		http.Error(wr, "failed to get user state, please contact server admin", http.StatusInternalServerError)
 		return false
 	}
-
 	state.UserState = userState
+
+	acl := s.ACLs.Get().QueryUser(ident.Username)
+	state.ACL = make([]common.UserRepoAccess, len(acl))
+	for i, v := range acl {
+		state.ACL[i] = common.UserRepoAccess{
+			Repo: v.Repo,
+			Perm: ghidra.PermStrs[v.Perm],
+		}
+	}
+
 	return true
 }