2023-05-21 16:37:59 +00:00
|
|
|
package db
|
2021-02-27 23:58:09 +00:00
|
|
|
|
|
|
|
import (
|
2021-06-24 13:44:19 +00:00
|
|
|
"errors"
|
2022-02-22 11:45:50 +00:00
|
|
|
"fmt"
|
2021-02-27 23:58:09 +00:00
|
|
|
|
2023-05-21 16:37:59 +00:00
|
|
|
"github.com/juanfont/headscale/hscontrol/types"
|
2023-05-11 07:09:18 +00:00
|
|
|
"github.com/juanfont/headscale/hscontrol/util"
|
2021-08-05 17:23:02 +00:00
|
|
|
"github.com/rs/zerolog/log"
|
2021-06-24 13:44:19 +00:00
|
|
|
"gorm.io/gorm"
|
2021-02-27 23:58:09 +00:00
|
|
|
"tailscale.com/tailcfg"
|
|
|
|
)
|
|
|
|
|
2023-05-11 07:09:18 +00:00
|
|
|
var (
|
|
|
|
ErrUserExists = errors.New("user already exists")
|
|
|
|
ErrUserNotFound = errors.New("user not found")
|
|
|
|
ErrUserStillHasNodes = errors.New("user not empty: node(s) found")
|
2021-11-04 22:15:17 +00:00
|
|
|
)
|
2021-05-09 15:12:05 +00:00
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
// CreateUser creates a new User. Returns error if could not be created
|
|
|
|
// or another user already exists.
|
2023-05-21 16:37:59 +00:00
|
|
|
func (hsdb *HSDatabase) CreateUser(name string) (*types.User, error) {
|
|
|
|
err := util.CheckForFQDNRules(name)
|
2022-02-22 11:45:50 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2023-05-21 16:37:59 +00:00
|
|
|
user := types.User{}
|
2023-05-11 07:09:18 +00:00
|
|
|
if err := hsdb.db.Where("name = ?", name).First(&user).Error; err == nil {
|
2023-01-17 16:43:44 +00:00
|
|
|
return nil, ErrUserExists
|
2021-02-27 23:58:09 +00:00
|
|
|
}
|
2023-01-17 16:43:44 +00:00
|
|
|
user.Name = name
|
2023-05-11 07:09:18 +00:00
|
|
|
if err := hsdb.db.Create(&user).Error; err != nil {
|
2021-08-05 17:23:02 +00:00
|
|
|
log.Error().
|
2023-01-17 16:43:44 +00:00
|
|
|
Str("func", "CreateUser").
|
2021-08-05 17:23:02 +00:00
|
|
|
Err(err).
|
|
|
|
Msg("Could not create row")
|
2021-11-14 15:46:09 +00:00
|
|
|
|
2021-02-27 23:58:09 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
2021-11-14 15:46:09 +00:00
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
return &user, nil
|
2021-02-27 23:58:09 +00:00
|
|
|
}
|
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
// DestroyUser destroys a User. Returns error if the User does
|
2021-05-09 15:12:05 +00:00
|
|
|
// not exist or if there are machines associated with it.
|
2023-05-11 07:09:18 +00:00
|
|
|
func (hsdb *HSDatabase) DestroyUser(name string) error {
|
|
|
|
user, err := hsdb.GetUser(name)
|
2021-05-09 15:12:05 +00:00
|
|
|
if err != nil {
|
2023-01-17 16:43:44 +00:00
|
|
|
return ErrUserNotFound
|
2021-05-09 15:12:05 +00:00
|
|
|
}
|
|
|
|
|
2023-05-11 07:09:18 +00:00
|
|
|
machines, err := hsdb.ListMachinesByUser(name)
|
2021-05-09 15:12:05 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-11-14 19:32:03 +00:00
|
|
|
if len(machines) > 0 {
|
2023-01-17 16:43:44 +00:00
|
|
|
return ErrUserStillHasNodes
|
2021-11-13 19:01:05 +00:00
|
|
|
}
|
|
|
|
|
2023-05-11 07:09:18 +00:00
|
|
|
keys, err := hsdb.ListPreAuthKeys(name)
|
2021-11-13 19:01:05 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-11-14 19:32:03 +00:00
|
|
|
for _, key := range keys {
|
2023-05-11 07:09:18 +00:00
|
|
|
err = hsdb.DestroyPreAuthKey(key)
|
2021-11-13 20:24:32 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-05-09 15:12:05 +00:00
|
|
|
}
|
|
|
|
|
2023-05-11 07:09:18 +00:00
|
|
|
if result := hsdb.db.Unscoped().Delete(&user); result.Error != nil {
|
2021-10-16 15:14:37 +00:00
|
|
|
return result.Error
|
2021-05-09 15:12:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
// RenameUser renames a User. Returns error if the User does
|
|
|
|
// not exist or if another User exists with the new name.
|
2023-05-11 07:09:18 +00:00
|
|
|
func (hsdb *HSDatabase) RenameUser(oldName, newName string) error {
|
2022-02-22 11:45:50 +00:00
|
|
|
var err error
|
2023-05-11 07:09:18 +00:00
|
|
|
oldUser, err := hsdb.GetUser(oldName)
|
2021-10-16 15:20:06 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-05-21 16:37:59 +00:00
|
|
|
err = util.CheckForFQDNRules(newName)
|
2022-02-22 11:45:50 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-05-11 07:09:18 +00:00
|
|
|
_, err = hsdb.GetUser(newName)
|
2021-10-16 15:20:06 +00:00
|
|
|
if err == nil {
|
2023-01-17 16:43:44 +00:00
|
|
|
return ErrUserExists
|
2021-10-16 15:20:06 +00:00
|
|
|
}
|
2023-01-17 16:43:44 +00:00
|
|
|
if !errors.Is(err, ErrUserNotFound) {
|
2021-10-16 15:20:06 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
oldUser.Name = newName
|
2021-10-16 15:20:06 +00:00
|
|
|
|
2023-05-11 07:09:18 +00:00
|
|
|
if result := hsdb.db.Save(&oldUser); result.Error != nil {
|
2021-10-16 15:20:06 +00:00
|
|
|
return result.Error
|
|
|
|
}
|
|
|
|
|
2021-05-09 15:12:05 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
// GetUser fetches a user by name.
|
2023-05-21 16:37:59 +00:00
|
|
|
func (hsdb *HSDatabase) GetUser(name string) (*types.User, error) {
|
|
|
|
user := types.User{}
|
2023-05-11 07:09:18 +00:00
|
|
|
if result := hsdb.db.First(&user, "name = ?", name); errors.Is(
|
2021-11-13 08:36:45 +00:00
|
|
|
result.Error,
|
|
|
|
gorm.ErrRecordNotFound,
|
|
|
|
) {
|
2023-01-17 16:43:44 +00:00
|
|
|
return nil, ErrUserNotFound
|
2021-02-27 23:58:09 +00:00
|
|
|
}
|
2021-11-14 15:46:09 +00:00
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
return &user, nil
|
2021-02-27 23:58:09 +00:00
|
|
|
}
|
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
// ListUsers gets all the existing users.
|
2023-05-21 16:37:59 +00:00
|
|
|
func (hsdb *HSDatabase) ListUsers() ([]types.User, error) {
|
|
|
|
users := []types.User{}
|
2023-05-11 07:09:18 +00:00
|
|
|
if err := hsdb.db.Find(&users).Error; err != nil {
|
2021-02-27 23:58:09 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
2021-11-14 15:46:09 +00:00
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
return users, nil
|
2021-02-27 23:58:09 +00:00
|
|
|
}
|
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
// ListMachinesByUser gets all the nodes in a given user.
|
2023-05-21 16:37:59 +00:00
|
|
|
func (hsdb *HSDatabase) ListMachinesByUser(name string) (types.Machines, error) {
|
|
|
|
err := util.CheckForFQDNRules(name)
|
2022-02-22 11:45:50 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2023-05-11 07:09:18 +00:00
|
|
|
user, err := hsdb.GetUser(name)
|
2021-02-27 23:58:09 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2023-05-21 16:37:59 +00:00
|
|
|
machines := types.Machines{}
|
|
|
|
if err := hsdb.db.Preload("AuthKey").Preload("AuthKey.User").Preload("User").Where(&types.Machine{UserID: user.ID}).Find(&machines).Error; err != nil {
|
2021-02-27 23:58:09 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
2021-11-14 15:46:09 +00:00
|
|
|
|
2021-11-04 22:15:17 +00:00
|
|
|
return machines, nil
|
2021-02-27 23:58:09 +00:00
|
|
|
}
|
|
|
|
|
2023-01-17 16:43:44 +00:00
|
|
|
// SetMachineUser assigns a Machine to a user.
|
2023-05-21 16:37:59 +00:00
|
|
|
func (hsdb *HSDatabase) SetMachineUser(machine *types.Machine, username string) error {
|
|
|
|
err := util.CheckForFQDNRules(username)
|
2022-02-22 11:45:50 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-05-11 07:09:18 +00:00
|
|
|
user, err := hsdb.GetUser(username)
|
2021-02-27 23:58:09 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-01-17 16:43:44 +00:00
|
|
|
machine.User = *user
|
2023-05-11 07:09:18 +00:00
|
|
|
if result := hsdb.db.Save(&machine); result.Error != nil {
|
2022-05-02 09:47:21 +00:00
|
|
|
return result.Error
|
|
|
|
}
|
2021-11-14 15:46:09 +00:00
|
|
|
|
2021-02-27 23:58:09 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-05-21 16:37:59 +00:00
|
|
|
func (hsdb *HSDatabase) GetMapResponseUserProfiles(
|
|
|
|
machine types.Machine,
|
|
|
|
peers types.Machines,
|
2022-11-22 16:36:19 +00:00
|
|
|
) []tailcfg.UserProfile {
|
2023-05-21 16:37:59 +00:00
|
|
|
userMap := make(map[string]types.User)
|
2023-01-17 16:43:44 +00:00
|
|
|
userMap[machine.User.Name] = machine.User
|
2021-11-14 19:32:03 +00:00
|
|
|
for _, peer := range peers {
|
2023-01-17 16:43:44 +00:00
|
|
|
userMap[peer.User.Name] = peer.User // not worth checking if already is there
|
2021-10-17 21:58:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
profiles := []tailcfg.UserProfile{}
|
2023-01-17 16:43:44 +00:00
|
|
|
for _, user := range userMap {
|
|
|
|
displayName := user.Name
|
2022-11-22 16:36:19 +00:00
|
|
|
|
2023-05-11 07:09:18 +00:00
|
|
|
if hsdb.baseDomain != "" {
|
|
|
|
displayName = fmt.Sprintf("%s@%s", user.Name, hsdb.baseDomain)
|
2022-11-22 16:36:19 +00:00
|
|
|
}
|
|
|
|
|
2021-10-17 21:58:09 +00:00
|
|
|
profiles = append(profiles,
|
|
|
|
tailcfg.UserProfile{
|
2023-01-17 16:43:44 +00:00
|
|
|
ID: tailcfg.UserID(user.ID),
|
|
|
|
LoginName: user.Name,
|
2022-11-22 16:36:19 +00:00
|
|
|
DisplayName: displayName,
|
2021-10-17 21:58:09 +00:00
|
|
|
})
|
|
|
|
}
|
2021-11-14 15:46:09 +00:00
|
|
|
|
2021-10-17 21:58:09 +00:00
|
|
|
return profiles
|
|
|
|
}
|