Update to make custom themes easier

This commit is contained in:
Melon 2024-06-02 12:23:22 +01:00
parent 3555742316
commit 9bea6805d5
Signed by: melon
GPG Key ID: 6C9D970C50D26A25
14 changed files with 466 additions and 262 deletions

View File

@ -0,0 +1,68 @@
<!DOCTYPE html>
<html lang="en">
<head>
<title>{{.ServiceName}}</title>
<link rel="stylesheet" href="/theme/style.css">
<script>
window.addEventListener("load", function () {
selectText("app-secret");
});
// Thanks again: https://stackoverflow.com/a/987376
function selectText(nodeId) {
const node = document.getElementById(nodeId);
if (document.body.createTextRange) {
const range = document.body.createTextRange();
range.moveToElementText(node);
range.select();
} else if (window.getSelection) {
const selection = window.getSelection();
const range = document.createRange();
range.selectNodeContents(node);
selection.removeAllRanges();
selection.addRange(range);
} else {
console.warn("Could not select text in node: Unsupported browser.");
}
}
</script>
</head>
<body>
<header>
<h1>{{.ServiceName}}</h1>
</header>
<main>
<form method="GET" action="/">
<button type="submit">Home</button>
</form>
<h2>Create Client Application</h2>
<form method="POST" action="/manage/apps">
<input type="hidden" name="action" value="create"/>
<input type="hidden" name="offset" value="{{.Offset}}"/>
<div>
<label for="field_name">Name:</label>
<input type="text" name="name" id="field_name" required/>
</div>
<div>
<label for="field_domain">Domain:</label>
<input type="text" name="domain" id="field_domain" required/>
</div>
<div>
<label for="field_public">Public: <input type="checkbox" name="public" id="field_public"/></label>
</div>
{{if .IsAdmin}}
<div>
<label for="field_sso">SSO: <input type="checkbox" name="sso" id="field_sso"/></label>
</div>
{{end}}
<div>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active"
checked/></label>
</div>
<button type="submit">Create</button>
</form>
</main>
</body>
</html>

View File

@ -0,0 +1,75 @@
<!DOCTYPE html>
<html lang="en">
<head>
<title>{{.ServiceName}}</title>
<link rel="stylesheet" href="/theme/style.css">
<script>
window.addEventListener("load", function () {
selectText("app-secret");
});
// Thanks again: https://stackoverflow.com/a/987376
function selectText(nodeId) {
const node = document.getElementById(nodeId);
if (document.body.createTextRange) {
const range = document.body.createTextRange();
range.moveToElementText(node);
range.select();
} else if (window.getSelection) {
const selection = window.getSelection();
const range = document.createRange();
range.selectNodeContents(node);
selection.removeAllRanges();
selection.addRange(range);
} else {
console.warn("Could not select text in node: Unsupported browser.");
}
}
</script>
</head>
<body>
<header>
<h1>{{.ServiceName}}</h1>
</header>
<main>
<form method="GET" action="/">
<button type="submit">Home</button>
</form>
<h2>Edit Client Application</h2>
<form method="POST" action="/manage/apps">
<input type="hidden" name="action" value="edit"/>
<input type="hidden" name="offset" value="{{.Offset}}"/>
<input type="hidden" name="subject" value="{{.EditApp.Subject}}"/>
<div>
<label>ID: {{.EditApp.Subject}}</label>
</div>
<div>
<label for="field_name">Name:</label>
<input type="text" name="name" id="field_name" value="{{.EditApp.Name}}" required/>
</div>
<div>
<label for="field_domain">Domain:</label>
<input type="text" name="domain" id="field_domain" value="{{.EditApp.Domain}}" required/>
</div>
<div>
<label for="field_public">Public: <input type="checkbox" name="public" id="field_public" {{if .EditApp.Public}}checked{{end}}/></label>
</div>
{{if .IsAdmin}}
<div>
<label for="field_sso">SSO: <input type="checkbox" name="sso" id="field_sso" {{if .EditApp.SSO}}checked{{end}}/></label>
</div>
{{end}}
<div>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" {{if .EditApp.Active}}checked{{end}}/></label>
</div>
<button type="submit">Edit</button>
</form>
<form method="GET" action="/manage/apps">
<input type="hidden" name="offset" value="{{.Offset}}"/>
<button type="submit">Cancel</button>
</form>
</main>
</body>
</html>

View File

@ -41,113 +41,54 @@
<div>New application secret: <span id="app-secret">{{.NewAppSecret}}</span> for {{.NewAppName}}</div> <div>New application secret: <span id="app-secret">{{.NewAppSecret}}</span> for {{.NewAppName}}</div>
{{end}} {{end}}
{{if .Edit}} <h2>Manage Client Applications</h2>
<h2>Edit Client Application</h2> <form method="GET" action="/manage/apps/create">
<form method="POST" action="/manage/apps"> <button type="submit">New Client Application</button>
<input type="hidden" name="action" value="edit"/> </form>
<input type="hidden" name="offset" value="{{.Offset}}"/>
<input type="hidden" name="subject" value="{{.Edit.Subject}}"/>
<div>
<label>ID: {{.Edit.Subject}}</label>
</div>
<div>
<label for="field_name">Name:</label>
<input type="text" name="name" id="field_name" value="{{.Edit.Name}}" required/>
</div>
<div>
<label for="field_domain">Domain:</label>
<input type="text" name="domain" id="field_domain" value="{{.Edit.Domain}}" required/>
</div>
<div>
<label for="field_public">Public: <input type="checkbox" name="public" id="field_public" {{if .Edit.Public}}checked{{end}}/></label>
</div>
{{if .IsAdmin}}
<div>
<label for="field_sso">SSO: <input type="checkbox" name="sso" id="field_sso" {{if .Edit.SSO}}checked{{end}}/></label>
</div>
{{end}}
<div>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" {{if .Edit.Active}}checked{{end}}/></label>
</div>
<button type="submit">Edit</button>
</form>
<form method="GET" action="/manage/apps">
<input type="hidden" name="offset" value="{{.Offset}}"/>
<button type="submit">Cancel</button>
</form>
{{else}}
<h2>Manage Client Applications</h2>
{{if eq (len .Apps) 0}}
<div>No client applications found</div>
{{else}}
<table>
<thead>
<tr>
<th>ID</th>
<th>Name</th>
<th>Domain</th>
<th>Public</th>
<th>SSO</th>
<th>Active</th>
<th>Owner</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
{{range .Apps}}
<tr>
<td>{{.Subject}}</td>
<td>{{.Name}}</td>
<td>{{.Domain}}</td>
<td>{{.Public}}</td>
<td>{{.Sso}}</td>
<td>{{.Active}}</td>
<td>{{.Owner}}</td>
<td>
<form method="GET" action="/manage/apps">
<input type="hidden" name="offset" value="{{$.Offset}}"/>
<input type="hidden" name="edit" value="{{.Subject}}"/>
<button type="submit">Edit</button>
</form>
<form method="POST" action="/manage/apps?offset={{$.Offset}}">
<input type="hidden" name="action" value="secret"/>
<input type="hidden" name="offset" value="{{$.Offset}}"/>
<input type="hidden" name="subject" value="{{.Subject}}"/>
<button type="submit">Reset Secret</button>
</form>
</td>
</tr>
{{end}}
</tbody>
</table>
{{end}}
<h2>Create Client Application</h2> {{if eq (len .Apps) 0}}
<form method="POST" action="/manage/apps"> <div>No client applications found</div>
<input type="hidden" name="action" value="create"/> {{else}}
<input type="hidden" name="offset" value="{{.Offset}}"/> <table>
<div> <thead>
<label for="field_name">Name:</label> <tr>
<input type="text" name="name" id="field_name" required/> <th>ID</th>
</div> <th>Name</th>
<div> <th>Domain</th>
<label for="field_domain">Domain:</label> <th>Public</th>
<input type="text" name="domain" id="field_domain" required/> <th>SSO</th>
</div> <th>Active</th>
<div> <th>Owner</th>
<label for="field_public">Public: <input type="checkbox" name="public" id="field_public"/></label> <th>Actions</th>
</div> </tr>
{{if .IsAdmin}} </thead>
<div> <tbody>
<label for="field_sso">SSO: <input type="checkbox" name="sso" id="field_sso"/></label> {{range .Apps}}
</div> <tr>
<td>{{.Subject}}</td>
<td>{{.Name}}</td>
<td>{{.Domain}}</td>
<td>{{.Public}}</td>
<td>{{.Sso}}</td>
<td>{{.Active}}</td>
<td>{{.Owner}}</td>
<td>
<form method="GET" action="/manage/apps">
<input type="hidden" name="offset" value="{{$.Offset}}"/>
<input type="hidden" name="edit" value="{{.Subject}}"/>
<button type="submit">Edit</button>
</form>
<form method="POST" action="/manage/apps?offset={{$.Offset}}">
<input type="hidden" name="action" value="secret"/>
<input type="hidden" name="offset" value="{{$.Offset}}"/>
<input type="hidden" name="subject" value="{{.Subject}}"/>
<button type="submit">Reset Secret</button>
</form>
</td>
</tr>
{{end}} {{end}}
<div> </tbody>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" </table>
checked/></label>
</div>
<button type="submit">Create</button>
</form>
{{end}} {{end}}
</main> </main>
</body> </body>

View File

@ -0,0 +1,49 @@
<!DOCTYPE html>
<html lang="en">
<head>
<title>{{.ServiceName}}</title>
<link rel="stylesheet" href="/theme/style.css">
</head>
<body>
<header>
<h1>{{.ServiceName}}</h1>
</header>
<main>
<form method="GET" action="/">
<button type="submit">Home</button>
</form>
<h2>Create User</h2>
<form method="POST" action="/manage/users">
<input type="hidden" name="action" value="create"/>
<input type="hidden" name="offset" value="{{.Offset}}"/>
<div>
<label for="field_name">Name:</label>
<input type="text" name="name" id="field_name" required/>
</div>
<div>
<label for="field_username">Username:</label>
<input type="text" name="username" id="field_username" required/>
</div>
<div>
<label for="field_email">Email:</label>
<p>Using an `@{{.Namespace}}` email address will automatically verify as it is owned by this login
service.</p>
<input type="text" name="email" id="field_email" required/>
</div>
<div>
<label for="field_role">Role:</label>
<select name="role" id="field_role" required>
<option value="member" selected>Member</option>
<option value="admin">Admin</option>
</select>
</div>
<div>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active"
checked/></label>
</div>
<button type="submit">Create</button>
</form>
</main>
</body>
</html>

View File

@ -0,0 +1,51 @@
<!DOCTYPE html>
<html lang="en">
<head>
<title>{{.ServiceName}}</title>
<link rel="stylesheet" href="/theme/style.css">
</head>
<body>
<header>
<h1>{{.ServiceName}}</h1>
</header>
<main>
<form method="GET" action="/">
<button type="submit">Home</button>
</form>
<h2>Edit User</h2>
<form method="POST" action="/manage/users">
<input type="hidden" name="action" value="edit"/>
<input type="hidden" name="offset" value="{{.Offset}}"/>
<input type="hidden" name="subject" value="{{.EditUser.Subject}}"/>
<div>
<label>ID: {{.EditUser.Subject}}</label>
</div>
<div>
<label for="field_name">Name:</label>
<input type="text" name="name" id="field_name" value="{{.EditUser.Name}}" required/>
</div>
<div>
<label for="field_username">Username:</label>
<input type="text" name="username" id="field_username" value="{{.EditUser.Username}}" required/>
</div>
<div>
<label for="field_role">Role:</label>
<select name="role" id="field_role" required>
<option value="member" {{if (eq .EditUser.Role 0)}}selected{{end}}>Member</option>
<option value="admin" {{if (eq .EditUser.Role 1)}}selected{{end}}>Admin</option>
</select>
</div>
<div>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active"
checked/></label>
</div>
<button type="submit">Edit</button>
</form>
<form method="GET" action="/manage/users">
<input type="hidden" name="offset" value="{{.Offset}}"/>
<button type="submit">Cancel</button>
</form>
</main>
</body>
</html>

View File

@ -13,142 +13,78 @@
<button type="submit">Home</button> <button type="submit">Home</button>
</form> </form>
{{if .Edit}} <h2>Manage Users</h2>
<h2>Edit User</h2> <form method="GET" action="/manage/users/create">
<form method="POST" action="/manage/users"> <button type="submit">Create User</button>
<input type="hidden" name="action" value="edit"/> </form>
<input type="hidden" name="offset" value="{{.Offset}}"/>
<input type="hidden" name="subject" value="{{.Edit.Subject}}"/> {{if eq (len .Users) 0}}
<div> <div>No users found, this is definitely a bug.</div>
<label>ID: {{.Edit.Subject}}</label> {{else}}
</div> <table>
<div> <thead>
<label for="field_name">Name:</label> <tr>
<input type="text" name="name" id="field_name" value="{{.Edit.Name}}" required/> <th>ID</th>
</div> <th>Name</th>
<div> <th>Username</th>
<label for="field_username">Username:</label> <th>Picture</th>
<input type="text" name="username" id="field_username" value="{{.Edit.Username}}" required/> <th>Website</th>
</div> <th>Email</th>
<div> <th>Email Verified</th>
<label for="field_role">Role:</label> <th>Role</th>
<select name="role" id="field_role" required> <th>Last Updated</th>
<option value="member" {{if (eq .Edit.Role 0)}}selected{{end}}>Member</option> <th>Active</th>
<option value="admin" {{if (eq .Edit.Role 1)}}selected{{end}}>Admin</option> <th>Actions</th>
</select> </tr>
</div> </thead>
<div> <tbody>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" {{range .Users}}
checked/></label> <tr>
</div> <td>{{.Subject}}</td>
<button type="submit">Edit</button> <td>{{.Name}}</td>
</form> <td>{{.Username}}</td>
<td>
{{if .Picture}}
<img width="32" height="32" src="{{.Picture}}" alt="{{.Name}} Profile Picture"/>
{{end}}
</td>
<td><a href="{{.Website}}" target="_blank">{{.Website}}</a></td>
<th>
{{if $.EmailShow}}
<span>{{.Email}}</span>
{{else}}
<span>{{emailHide .Email}}</span>
{{end}}
</th>
<th>{{.EmailVerified}}</th>
<th>{{.Role}}</th>
<th>{{.UpdatedAt}}</th>
<td>{{.Active}}</td>
<td>
{{if eq $.CurrentAdmin .Subject}}
<span></span>
{{else}}
<form method="GET" action="/manage/users">
<input type="hidden" name="offset" value="{{$.Offset}}"/>
<input type="hidden" name="edit" value="{{.Subject}}"/>
<button type="submit">Edit</button>
</form>
<form method="POST" action="/reset-password">
<input type="hidden" name="email" value="{{.Email}}"/>
<button type="submit">Send Reset Password Email</button>
</form>
{{end}}
</td>
</tr>
{{end}}
</tbody>
</table>
<form method="GET" action="/manage/users"> <form method="GET" action="/manage/users">
<input type="hidden" name="offset" value="{{.Offset}}"/> <input type="hidden" name="offset" value="{{.Offset}}"/>
<button type="submit">Cancel</button> {{if not .EmailShow}}
</form> <input type="hidden" name="show-email"/>
{{else}} {{end}}
<h2>Manage Users</h2> <button type="submit">{{if .EmailShow}}Hide Email Addresses{{else}}Show email addresses{{end}}</button>
{{if eq (len .Users) 0}}
<div>No users found, this is definitely a bug.</div>
{{else}}
<table>
<thead>
<tr>
<th>ID</th>
<th>Name</th>
<th>Username</th>
<th>Picture</th>
<th>Website</th>
<th>Email</th>
<th>Email Verified</th>
<th>Role</th>
<th>Last Updated</th>
<th>Active</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
{{range .Users}}
<tr>
<td>{{.Subject}}</td>
<td>{{.Name}}</td>
<td>{{.Username}}</td>
<td>
{{if .Picture}}
<img width="32" height="32" src="{{.Picture}}" alt="{{.Name}} Profile Picture"/>
{{end}}
</td>
<td><a href="{{.Website}}" target="_blank">{{.Website}}</a></td>
<th>
{{if $.EmailShow}}
<span>{{.Email}}</span>
{{else}}
<span>{{emailHide .Email}}</span>
{{end}}
</th>
<th>{{.EmailVerified}}</th>
<th>{{.Role}}</th>
<th>{{.UpdatedAt}}</th>
<td>{{.Active}}</td>
<td>
{{if eq $.CurrentAdmin .Subject}}
<span></span>
{{else}}
<form method="GET" action="/manage/users">
<input type="hidden" name="offset" value="{{$.Offset}}"/>
<input type="hidden" name="edit" value="{{.Subject}}"/>
<button type="submit">Edit</button>
</form>
<form method="POST" action="/reset-password">
<input type="hidden" name="email" value="{{.Email}}"/>
<button type="submit">Send Reset Password Email</button>
</form>
{{end}}
</td>
</tr>
{{end}}
</tbody>
</table>
<form method="GET" action="/manage/users">
<input type="hidden" name="offset" value="{{.Offset}}"/>
{{if not .EmailShow}}
<input type="hidden" name="show-email"/>
{{end}}
<button type="submit">{{if .EmailShow}}Hide Email Addresses{{else}}Show email addresses{{end}}</button>
</form>
{{end}}
<h2>Create User</h2>
<form method="POST" action="/manage/users">
<input type="hidden" name="action" value="create"/>
<input type="hidden" name="offset" value="{{.Offset}}"/>
<div>
<label for="field_name">Name:</label>
<input type="text" name="name" id="field_name" required/>
</div>
<div>
<label for="field_username">Username:</label>
<input type="text" name="username" id="field_username" required/>
</div>
<div>
<label for="field_email">Email:</label>
<p>Using an `@{{.Namespace}}` email address will automatically verify as it is owned by this login
service.</p>
<input type="text" name="email" id="field_email" required/>
</div>
<div>
<label for="field_role">Role:</label>
<select name="role" id="field_role" required>
<option value="member" selected>Member</option>
<option value="admin">Admin</option>
</select>
</div>
<div>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active"
checked/></label>
</div>
<button type="submit">Create</button>
</form> </form>
{{end}} {{end}}
</main> </main>

View File

@ -1,34 +1,36 @@
package pages package pages
import ( import (
"bytes"
"embed" "embed"
_ "embed" _ "embed"
"errors" "errors"
"github.com/1f349/overlapfs" "github.com/1f349/overlapfs"
"github.com/1f349/tulip/logger" "github.com/1f349/tulip/logger"
"github.com/1f349/tulip/utils"
"html/template" "html/template"
"io" "io"
"io/fs" "io/fs"
"os" "os"
"path/filepath" "path/filepath"
"sync"
) )
var ( var (
//go:embed *.go.html //go:embed *.go.html assets/*.css
wwwPages embed.FS wwwPages embed.FS
wwwTemplates *template.Template wwwTemplates *template.Template
loadOnce sync.Once loadOnce utils.Once[error]
cssAssetMap = make(map[string][]byte)
) )
func LoadPages(wd string) (err error) { func LoadPages(wd string) (err error) {
loadOnce.Do(func() { return loadOnce.Do(func() error {
var o fs.FS = wwwPages var o fs.FS = wwwPages
if wd != "" { if wd != "" {
wwwDir := filepath.Join(wd, "www") wwwDir := filepath.Join(wd, "www")
err = os.Mkdir(wwwDir, os.ModePerm) err = os.Mkdir(wwwDir, os.ModePerm)
if err != nil && !errors.Is(err, os.ErrExist) { if err != nil && !errors.Is(err, os.ErrExist) {
return return err
} }
wdFs := os.DirFS(wwwDir) wdFs := os.DirFS(wwwDir)
o = overlapfs.OverlapFS{A: wwwPages, B: wdFs} o = overlapfs.OverlapFS{A: wwwPages, B: wdFs}
@ -36,8 +38,19 @@ func LoadPages(wd string) (err error) {
wwwTemplates, err = template.New("pages").Funcs(template.FuncMap{ wwwTemplates, err = template.New("pages").Funcs(template.FuncMap{
"emailHide": EmailHide, "emailHide": EmailHide,
}).ParseFS(o, "*.go.html") }).ParseFS(o, "*.go.html")
glob, err := fs.Glob(o, "assets/*")
if err != nil {
return err
}
for _, i := range glob {
cssAssetMap[i], err = fs.ReadFile(o, i)
if err != nil {
return err
}
}
return nil
}) })
return err
} }
func RenderPageTemplate(wr io.Writer, name string, data any) { func RenderPageTemplate(wr io.Writer, name string, data any) {
@ -48,6 +61,14 @@ func RenderPageTemplate(wr io.Writer, name string, data any) {
} }
} }
func RenderCss(name string) io.ReadSeeker {
b, ok := cssAssetMap[name]
if !ok {
return nil
}
return bytes.NewReader(b)
}
func EmailHide(a string) string { func EmailHide(a string) string {
b := []byte(a) b := []byte(a)
for i := range b { for i := range b {

View File

@ -5,6 +5,7 @@ import (
"github.com/google/uuid" "github.com/google/uuid"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"net/http" "net/http"
"net/http/httptest"
"net/url" "net/url"
"testing" "testing"
) )
@ -45,9 +46,10 @@ func TestRequireAuthentication(t *testing.T) {
func TestOptionalAuthentication(t *testing.T) { func TestOptionalAuthentication(t *testing.T) {
h := &HttpServer{} h := &HttpServer{}
rec := httptest.NewRecorder()
req, err := http.NewRequest(http.MethodGet, "https://example.com/hello", nil) req, err := http.NewRequest(http.MethodGet, "https://example.com/hello", nil)
assert.NoError(t, err) assert.NoError(t, err)
auth, err := h.internalAuthenticationHandler(nil, req) auth, err := h.internalAuthenticationHandler(rec, req)
assert.NoError(t, err) assert.NoError(t, err)
assert.True(t, auth.IsGuest()) assert.True(t, auth.IsGuest())
auth.Subject = "567" auth.Subject = "567"

View File

@ -52,20 +52,41 @@ func (h *HttpServer) ManageAppsGet(rw http.ResponseWriter, req *http.Request, _
if q.Has("edit") { if q.Has("edit") {
for _, i := range appList { for _, i := range appList {
if i.Subject == q.Get("edit") { if i.Subject == q.Get("edit") {
m["Edit"] = i m["EditApp"] = i
goto validEdit rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-apps-edit", m)
return
} }
} }
http.Error(rw, "400 Bad Request: Invalid client app to edit", http.StatusBadRequest) http.Error(rw, "400 Bad Request: Invalid client app to edit", http.StatusBadRequest)
return return
} }
validEdit:
rw.Header().Set("Content-Type", "text/html") rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK) rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-apps", m) pages.RenderPageTemplate(rw, "manage-apps", m)
} }
func (h *HttpServer) ManageAppsCreateGet(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, auth UserAuth) {
var roles types.UserRole
if h.DbTx(rw, func(tx *database.Queries) (err error) {
roles, err = tx.GetUserRole(req.Context(), auth.Subject)
return
}) {
return
}
m := map[string]any{
"ServiceName": h.conf.ServiceName,
"IsAdmin": roles == types.RoleAdmin,
}
rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-apps-create", m)
}
func (h *HttpServer) ManageAppsPost(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, auth UserAuth) { func (h *HttpServer) ManageAppsPost(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, auth UserAuth) {
err := req.ParseForm() err := req.ParseForm()
if err != nil { if err != nil {

View File

@ -57,20 +57,42 @@ func (h *HttpServer) ManageUsersGet(rw http.ResponseWriter, req *http.Request, _
if q.Has("edit") { if q.Has("edit") {
for _, i := range userList { for _, i := range userList {
if i.Subject == q.Get("edit") { if i.Subject == q.Get("edit") {
m["Edit"] = i m["EditUser"] = i
goto validEdit rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-users-edit", m)
return
} }
} }
http.Error(rw, "400 Bad Request: Invalid user to edit", http.StatusBadRequest) http.Error(rw, "400 Bad Request: Invalid user to edit", http.StatusBadRequest)
return return
} }
validEdit:
rw.Header().Set("Content-Type", "text/html") rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK) rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-users", m) pages.RenderPageTemplate(rw, "manage-users", m)
} }
func (h *HttpServer) ManageUsersCreateGet(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, auth UserAuth) {
var roles types.UserRole
if h.DbTx(rw, func(tx *database.Queries) (err error) {
roles, err = tx.GetUserRole(req.Context(), auth.Subject)
return
}) {
return
}
m := map[string]any{
"ServiceName": h.conf.ServiceName,
"IsAdmin": roles == types.RoleAdmin,
"Namespace": h.conf.Namespace,
}
rw.Header().Set("Content-Type", "text/html")
rw.WriteHeader(http.StatusOK)
pages.RenderPageTemplate(rw, "manage-users-create", m)
}
func (h *HttpServer) ManageUsersPost(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, auth UserAuth) { func (h *HttpServer) ManageUsersPost(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, auth UserAuth) {
err := req.ParseForm() err := req.ParseForm()
if err != nil { if err != nil {

View File

@ -1,7 +1,6 @@
package server package server
import ( import (
"bytes"
"crypto/subtle" "crypto/subtle"
_ "embed" _ "embed"
"encoding/json" "encoding/json"
@ -12,8 +11,8 @@ import (
"github.com/1f349/tulip/database" "github.com/1f349/tulip/database"
"github.com/1f349/tulip/logger" "github.com/1f349/tulip/logger"
"github.com/1f349/tulip/openid" "github.com/1f349/tulip/openid"
"github.com/1f349/tulip/pages"
scope2 "github.com/1f349/tulip/scope" scope2 "github.com/1f349/tulip/scope"
"github.com/1f349/tulip/theme"
"github.com/go-oauth2/oauth2/v4/errors" "github.com/go-oauth2/oauth2/v4/errors"
"github.com/go-oauth2/oauth2/v4/manage" "github.com/go-oauth2/oauth2/v4/manage"
"github.com/go-oauth2/oauth2/v4/server" "github.com/go-oauth2/oauth2/v4/server"
@ -21,6 +20,7 @@ import (
"github.com/julienschmidt/httprouter" "github.com/julienschmidt/httprouter"
"net/http" "net/http"
"net/url" "net/url"
"path"
"strings" "strings"
"time" "time"
) )
@ -52,6 +52,7 @@ type mailLinkKey struct {
func NewHttpServer(conf Conf, db *database.Queries, signingKey mjwt.Signer) *http.Server { func NewHttpServer(conf Conf, db *database.Queries, signingKey mjwt.Signer) *http.Server {
r := httprouter.New() r := httprouter.New()
contentCache := time.Now()
// remove last slash from baseUrl // remove last slash from baseUrl
{ {
@ -145,8 +146,14 @@ func NewHttpServer(conf Conf, db *database.Queries, signingKey mjwt.Signer) *htt
})) }))
// theme styles // theme styles
r.GET("/theme/style.css", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) { r.GET("/assets/*filepath", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {
http.ServeContent(rw, req, "style.css", time.Now(), bytes.NewReader(theme.DefaultThemeCss)) name := params.ByName("filepath")
if strings.Contains(name, "..") {
http.Error(rw, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
return
}
out := pages.RenderCss(path.Join("assets", name))
http.ServeContent(rw, req, path.Base(name), contentCache, out)
}) })
// login steps // login steps
@ -168,8 +175,10 @@ func NewHttpServer(conf Conf, db *database.Queries, signingKey mjwt.Signer) *htt
// management pages // management pages
r.GET("/manage/apps", hs.RequireAuthentication(hs.ManageAppsGet)) r.GET("/manage/apps", hs.RequireAuthentication(hs.ManageAppsGet))
r.GET("/manage/apps/create", hs.RequireAuthentication(hs.ManageAppsCreateGet))
r.POST("/manage/apps", hs.RequireAuthentication(hs.ManageAppsPost)) r.POST("/manage/apps", hs.RequireAuthentication(hs.ManageAppsPost))
r.GET("/manage/users", hs.RequireAdminAuthentication(hs.ManageUsersGet)) r.GET("/manage/users", hs.RequireAdminAuthentication(hs.ManageUsersGet))
r.GET("/manage/users/create", hs.RequireAuthentication(hs.ManageUsersCreateGet))
r.POST("/manage/users", hs.RequireAdminAuthentication(hs.ManageUsersPost)) r.POST("/manage/users", hs.RequireAdminAuthentication(hs.ManageUsersPost))
// oauth pages // oauth pages

View File

@ -1,6 +0,0 @@
package theme
import _ "embed"
//go:embed style.css
var DefaultThemeCss []byte

15
utils/once.go Normal file
View File

@ -0,0 +1,15 @@
package utils
import "sync"
type Once[T any] struct {
once sync.Once
value T
}
func (o *Once[T]) Do(f func() T) T {
o.once.Do(func() {
o.value = f()
})
return o.value
}