mirror of
https://github.com/hay-kot/homebox.git
synced 2025-08-04 08:40:28 +00:00
disable password when in demo mode
This commit is contained in:
Hayden
parent
01d6746c30
commit
64f7ff2e2f
3 changed files with 59 additions and 46 deletions
|
|
@ -42,58 +42,59 @@ func (a *app) newRouter(repos *repo.AllRepos) *chi.Mux {
|
||||||
// API Version 1
|
// API Version 1
|
||||||
|
|
||||||
v1Base := v1.BaseUrlFunc(prefix)
|
v1Base := v1.BaseUrlFunc(prefix)
|
||||||
v1Ctrl := v1.NewControllerV1(a.services, v1.WithMaxUploadSize(a.conf.Web.MaxUploadSize))
|
v1Ctrl := v1.NewControllerV1(a.services,
|
||||||
{
|
v1.WithMaxUploadSize(a.conf.Web.MaxUploadSize),
|
||||||
r.Get(v1Base("/status"), v1Ctrl.HandleBase(func() bool { return true }, v1.Build{
|
v1.WithDisablePasswordChange(a.conf.Demo), // Disable Password Change in Demo Mode
|
||||||
Version: Version,
|
)
|
||||||
Commit: Commit,
|
r.Get(v1Base("/status"), v1Ctrl.HandleBase(func() bool { return true }, v1.Build{
|
||||||
BuildTime: BuildTime,
|
Version: Version,
|
||||||
}))
|
Commit: Commit,
|
||||||
|
BuildTime: BuildTime,
|
||||||
|
}))
|
||||||
|
|
||||||
r.Post(v1Base("/users/register"), v1Ctrl.HandleUserRegistration())
|
r.Post(v1Base("/users/register"), v1Ctrl.HandleUserRegistration())
|
||||||
r.Post(v1Base("/users/login"), v1Ctrl.HandleAuthLogin())
|
r.Post(v1Base("/users/login"), v1Ctrl.HandleAuthLogin())
|
||||||
|
|
||||||
// Attachment download URl needs a `token` query param to be passed in the request.
|
// Attachment download URl needs a `token` query param to be passed in the request.
|
||||||
// and also needs to be outside of the `auth` middleware.
|
// and also needs to be outside of the `auth` middleware.
|
||||||
r.Get(v1Base("/items/{id}/attachments/download"), v1Ctrl.HandleItemAttachmentDownload())
|
r.Get(v1Base("/items/{id}/attachments/download"), v1Ctrl.HandleItemAttachmentDownload())
|
||||||
|
|
||||||
r.Group(func(r chi.Router) {
|
r.Group(func(r chi.Router) {
|
||||||
r.Use(a.mwAuthToken)
|
r.Use(a.mwAuthToken)
|
||||||
r.Get(v1Base("/users/self"), v1Ctrl.HandleUserSelf())
|
r.Get(v1Base("/users/self"), v1Ctrl.HandleUserSelf())
|
||||||
r.Put(v1Base("/users/self"), v1Ctrl.HandleUserSelfUpdate())
|
r.Put(v1Base("/users/self"), v1Ctrl.HandleUserSelfUpdate())
|
||||||
r.Delete(v1Base("/users/self"), v1Ctrl.HandleUserSelfDelete())
|
r.Delete(v1Base("/users/self"), v1Ctrl.HandleUserSelfDelete())
|
||||||
r.Put(v1Base("/users/self/password"), v1Ctrl.HandleUserUpdatePassword())
|
r.Put(v1Base("/users/self/password"), v1Ctrl.HandleUserUpdatePassword())
|
||||||
r.Post(v1Base("/users/logout"), v1Ctrl.HandleAuthLogout())
|
r.Post(v1Base("/users/logout"), v1Ctrl.HandleAuthLogout())
|
||||||
r.Get(v1Base("/users/refresh"), v1Ctrl.HandleAuthRefresh())
|
r.Get(v1Base("/users/refresh"), v1Ctrl.HandleAuthRefresh())
|
||||||
r.Put(v1Base("/users/self/change-password"), v1Ctrl.HandleUserSelfChangePassword())
|
r.Put(v1Base("/users/self/change-password"), v1Ctrl.HandleUserSelfChangePassword())
|
||||||
|
|
||||||
r.Post(v1Base("/groups/invitations"), v1Ctrl.HandleGroupInvitationsCreate())
|
r.Post(v1Base("/groups/invitations"), v1Ctrl.HandleGroupInvitationsCreate())
|
||||||
|
|
||||||
r.Get(v1Base("/locations"), v1Ctrl.HandleLocationGetAll())
|
r.Get(v1Base("/locations"), v1Ctrl.HandleLocationGetAll())
|
||||||
r.Post(v1Base("/locations"), v1Ctrl.HandleLocationCreate())
|
r.Post(v1Base("/locations"), v1Ctrl.HandleLocationCreate())
|
||||||
r.Get(v1Base("/locations/{id}"), v1Ctrl.HandleLocationGet())
|
r.Get(v1Base("/locations/{id}"), v1Ctrl.HandleLocationGet())
|
||||||
r.Put(v1Base("/locations/{id}"), v1Ctrl.HandleLocationUpdate())
|
r.Put(v1Base("/locations/{id}"), v1Ctrl.HandleLocationUpdate())
|
||||||
r.Delete(v1Base("/locations/{id}"), v1Ctrl.HandleLocationDelete())
|
r.Delete(v1Base("/locations/{id}"), v1Ctrl.HandleLocationDelete())
|
||||||
|
|
||||||
r.Get(v1Base("/labels"), v1Ctrl.HandleLabelsGetAll())
|
r.Get(v1Base("/labels"), v1Ctrl.HandleLabelsGetAll())
|
||||||
r.Post(v1Base("/labels"), v1Ctrl.HandleLabelsCreate())
|
r.Post(v1Base("/labels"), v1Ctrl.HandleLabelsCreate())
|
||||||
r.Get(v1Base("/labels/{id}"), v1Ctrl.HandleLabelGet())
|
r.Get(v1Base("/labels/{id}"), v1Ctrl.HandleLabelGet())
|
||||||
r.Put(v1Base("/labels/{id}"), v1Ctrl.HandleLabelUpdate())
|
r.Put(v1Base("/labels/{id}"), v1Ctrl.HandleLabelUpdate())
|
||||||
r.Delete(v1Base("/labels/{id}"), v1Ctrl.HandleLabelDelete())
|
r.Delete(v1Base("/labels/{id}"), v1Ctrl.HandleLabelDelete())
|
||||||
|
|
||||||
r.Get(v1Base("/items"), v1Ctrl.HandleItemsGetAll())
|
r.Get(v1Base("/items"), v1Ctrl.HandleItemsGetAll())
|
||||||
r.Post(v1Base("/items/import"), v1Ctrl.HandleItemsImport())
|
r.Post(v1Base("/items/import"), v1Ctrl.HandleItemsImport())
|
||||||
r.Post(v1Base("/items"), v1Ctrl.HandleItemsCreate())
|
r.Post(v1Base("/items"), v1Ctrl.HandleItemsCreate())
|
||||||
r.Get(v1Base("/items/{id}"), v1Ctrl.HandleItemGet())
|
r.Get(v1Base("/items/{id}"), v1Ctrl.HandleItemGet())
|
||||||
r.Put(v1Base("/items/{id}"), v1Ctrl.HandleItemUpdate())
|
r.Put(v1Base("/items/{id}"), v1Ctrl.HandleItemUpdate())
|
||||||
r.Delete(v1Base("/items/{id}"), v1Ctrl.HandleItemDelete())
|
r.Delete(v1Base("/items/{id}"), v1Ctrl.HandleItemDelete())
|
||||||
|
|
||||||
r.Post(v1Base("/items/{id}/attachments"), v1Ctrl.HandleItemAttachmentCreate())
|
r.Post(v1Base("/items/{id}/attachments"), v1Ctrl.HandleItemAttachmentCreate())
|
||||||
r.Get(v1Base("/items/{id}/attachments/{attachment_id}"), v1Ctrl.HandleItemAttachmentToken())
|
r.Get(v1Base("/items/{id}/attachments/{attachment_id}"), v1Ctrl.HandleItemAttachmentToken())
|
||||||
r.Put(v1Base("/items/{id}/attachments/{attachment_id}"), v1Ctrl.HandleItemAttachmentUpdate())
|
r.Put(v1Base("/items/{id}/attachments/{attachment_id}"), v1Ctrl.HandleItemAttachmentUpdate())
|
||||||
r.Delete(v1Base("/items/{id}/attachments/{attachment_id}"), v1Ctrl.HandleItemAttachmentDelete())
|
r.Delete(v1Base("/items/{id}/attachments/{attachment_id}"), v1Ctrl.HandleItemAttachmentDelete())
|
||||||
})
|
})
|
||||||
}
|
|
||||||
|
|
||||||
r.NotFound(notFoundHandler())
|
r.NotFound(notFoundHandler())
|
||||||
return r
|
return r
|
||||||
|
|
|
||||||
|
|
@ -13,9 +13,16 @@ func WithMaxUploadSize(maxUploadSize int64) func(*V1Controller) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func WithDisablePasswordChange(disablePasswordChange bool) func(*V1Controller) {
|
||||||
|
return func(ctrl *V1Controller) {
|
||||||
|
ctrl.disablePasswordChange = disablePasswordChange
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
type V1Controller struct {
|
type V1Controller struct {
|
||||||
svc *services.AllServices
|
svc *services.AllServices
|
||||||
maxUploadSize int64
|
maxUploadSize int64
|
||||||
|
disablePasswordChange bool
|
||||||
}
|
}
|
||||||
|
|
||||||
type (
|
type (
|
||||||
|
|
|
||||||
|
|
@ -136,6 +136,11 @@ type (
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (ctrl *V1Controller) HandleUserSelfChangePassword() http.HandlerFunc {
|
func (ctrl *V1Controller) HandleUserSelfChangePassword() http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
if ctrl.disablePasswordChange {
|
||||||
|
server.RespondError(w, http.StatusForbidden, nil)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
var cp ChangePassword
|
var cp ChangePassword
|
||||||
err := server.Decode(r, &cp)
|
err := server.Decode(r, &cp)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue