github.com/avfs/avfs@v0.33.1-0.20240303173310-c6ba67c33eb7/idm/memidm/memidm.go (about) 1 // 2 // Copyright 2020 The AVFS authors 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 // Package memidm implements an in memory identity manager. 18 package memidm 19 20 import "github.com/avfs/avfs" 21 22 // AdminGroup returns the administrator (root) group. 23 func (idm *MemIdm) AdminGroup() avfs.GroupReader { 24 return idm.adminGroup 25 } 26 27 // AdminUser returns the administrator (root) user. 28 func (idm *MemIdm) AdminUser() avfs.UserReader { 29 return idm.adminUser 30 } 31 32 // GroupAdd adds a new group. 33 func (idm *MemIdm) GroupAdd(name string) (avfs.GroupReader, error) { 34 idm.grpMu.Lock() 35 defer idm.grpMu.Unlock() 36 37 if _, ok := idm.groupsByName[name]; ok { 38 return nil, avfs.AlreadyExistsGroupError(name) 39 } 40 41 idm.maxGid++ 42 gid := idm.maxGid 43 44 g := &MemGroup{name: name, gid: gid} 45 idm.groupsByName[name] = g 46 idm.groupsById[gid] = g 47 48 return g, nil 49 } 50 51 // GroupDel deletes an existing group. 52 func (idm *MemIdm) GroupDel(name string) error { 53 idm.grpMu.Lock() 54 defer idm.grpMu.Unlock() 55 56 g, ok := idm.groupsByName[name] 57 if !ok { 58 return avfs.UnknownGroupError(name) 59 } 60 61 delete(idm.groupsByName, g.name) 62 delete(idm.groupsById, g.gid) 63 64 return nil 65 } 66 67 // LookupGroup looks up a group by name. 68 // If the group cannot be found, the returned error is of type UnknownGroupError. 69 func (idm *MemIdm) LookupGroup(name string) (avfs.GroupReader, error) { 70 idm.grpMu.RLock() 71 defer idm.grpMu.RUnlock() 72 73 g, ok := idm.groupsByName[name] 74 if !ok { 75 return nil, avfs.UnknownGroupError(name) 76 } 77 78 return g, nil 79 } 80 81 // LookupGroupId looks up a group by groupid. 82 // If the group cannot be found, the returned error is of type UnknownGroupIdError. 83 func (idm *MemIdm) LookupGroupId(gid int) (avfs.GroupReader, error) { 84 idm.grpMu.RLock() 85 defer idm.grpMu.RUnlock() 86 87 g, ok := idm.groupsById[gid] 88 if !ok { 89 return nil, avfs.UnknownGroupIdError(gid) 90 } 91 92 return g, nil 93 } 94 95 // LookupUser looks up a user by username. 96 // If the user cannot be found, the returned error is of type UnknownUserError. 97 func (idm *MemIdm) LookupUser(name string) (avfs.UserReader, error) { 98 idm.usrMu.RLock() 99 defer idm.usrMu.RUnlock() 100 101 u, ok := idm.usersByName[name] 102 if !ok { 103 return nil, avfs.UnknownUserError(name) 104 } 105 106 return u, nil 107 } 108 109 // LookupUserId looks up a user by userid. 110 // If the user cannot be found, the returned error is of type UnknownUserIdError. 111 func (idm *MemIdm) LookupUserId(uid int) (avfs.UserReader, error) { 112 idm.usrMu.RLock() 113 defer idm.usrMu.RUnlock() 114 115 u, ok := idm.usersById[uid] 116 if !ok { 117 return nil, avfs.UnknownUserIdError(uid) 118 } 119 120 return u, nil 121 } 122 123 // UserAdd adds a new user. 124 func (idm *MemIdm) UserAdd(name, groupName string) (avfs.UserReader, error) { 125 g, err := idm.LookupGroup(groupName) 126 if err != nil { 127 return nil, err 128 } 129 130 idm.usrMu.Lock() 131 defer idm.usrMu.Unlock() 132 133 if _, ok := idm.usersByName[name]; ok { 134 return nil, avfs.AlreadyExistsUserError(name) 135 } 136 137 idm.maxUid++ 138 uid := idm.maxUid 139 140 u := &MemUser{ 141 name: name, 142 uid: uid, 143 gid: g.Gid(), 144 } 145 146 idm.usersByName[name] = u 147 idm.usersById[uid] = u 148 149 return u, nil 150 } 151 152 // UserDel deletes an existing group. 153 func (idm *MemIdm) UserDel(name string) error { 154 idm.usrMu.Lock() 155 defer idm.usrMu.Unlock() 156 157 u, ok := idm.usersByName[name] 158 if !ok { 159 return avfs.UnknownUserError(name) 160 } 161 162 delete(idm.usersByName, u.name) 163 delete(idm.usersById, u.uid) 164 165 return nil 166 } 167 168 // MemUser 169 170 // Name returns the user name. 171 func (u *MemUser) Name() string { 172 return u.name 173 } 174 175 // Gid returns the primary group ID of the user. 176 func (u *MemUser) Gid() int { 177 return u.gid 178 } 179 180 // IsAdmin returns true if the user has administrator (root) privileges. 181 func (u *MemUser) IsAdmin() bool { 182 return u.uid == 0 || u.gid == 0 183 } 184 185 // Uid returns the user ID. 186 func (u *MemUser) Uid() int { 187 return u.uid 188 } 189 190 // MemGroup 191 192 // Gid returns the group ID. 193 func (g *MemGroup) Gid() int { 194 return g.gid 195 } 196 197 // Name returns the group name. 198 func (g *MemGroup) Name() string { 199 return g.name 200 }