From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 1A8A170BA4 for ; Fri, 25 Jun 2021 11:21:02 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id C145616100 for ; Fri, 25 Jun 2021 11:21:01 +0200 (CEST) Received: from dev7.proxmox.com (unknown [94.136.29.99]) by firstgate.proxmox.com (Proxmox) with ESMTP id 698A31607C for ; Fri, 25 Jun 2021 11:20:58 +0200 (CEST) Received: by dev7.proxmox.com (Postfix, from userid 0) id 0C5C380F57; Fri, 25 Jun 2021 11:20:52 +0200 (CEST) From: Dietmar Maurer To: pbs-devel@lists.proxmox.com Date: Fri, 25 Jun 2021 11:20:47 +0200 Message-Id: <20210625092050.2329182-8-dietmar@proxmox.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210625092050.2329182-1-dietmar@proxmox.com> References: <20210625092050.2329182-1-dietmar@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.601 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [user.rs] Subject: [pbs-devel] [PATCH proxmox-backup v3 07/10] cleanup user/token is_active() check X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2021 09:21:02 -0000 --- src/config/cached_user_info.rs | 25 ++++--------------------- src/config/user.rs | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 21 deletions(-) diff --git a/src/config/cached_user_info.rs b/src/config/cached_user_info.rs index a574043f..6cb64162 100644 --- a/src/config/cached_user_info.rs +++ b/src/config/cached_user_info.rs @@ -7,6 +7,7 @@ use anyhow::{Error, bail}; use proxmox::api::section_config::SectionConfigData; use lazy_static::lazy_static; use proxmox::api::UserInformation; +use proxmox::tools::time::epoch_i64; use super::acl::{AclTree, ROLE_NAMES, ROLE_ADMIN}; use super::user::{ApiToken, User}; @@ -18,8 +19,6 @@ pub struct CachedUserInfo { acl_tree: Arc, } -fn now() -> i64 { unsafe { libc::time(std::ptr::null_mut()) } } - struct ConfigCache { data: Option>, last_update: i64, @@ -35,7 +34,7 @@ impl CachedUserInfo { /// Returns a cached instance (up to 5 seconds old). pub fn new() -> Result, Error> { - let now = now(); + let now = epoch_i64(); { // limit scope let cache = CACHED_CONFIG.read().unwrap(); if (now - cache.last_update) < 5 { @@ -68,15 +67,7 @@ impl CachedUserInfo { /// Test if a user_id is enabled and not expired pub fn is_active_user_id(&self, userid: &Userid) -> bool { if let Ok(info) = self.user_cfg.lookup::("user", userid.as_str()) { - if !info.enable.unwrap_or(true) { - return false; - } - if let Some(expire) = info.expire { - if expire > 0 && expire <= now() { - return false; - } - } - true + info.is_active() } else { false } @@ -92,15 +83,7 @@ impl CachedUserInfo { if auth_id.is_token() { if let Ok(info) = self.user_cfg.lookup::("token", &auth_id.to_string()) { - if !info.enable.unwrap_or(true) { - return false; - } - if let Some(expire) = info.expire { - if expire > 0 && expire <= now() { - return false; - } - } - return true; + return info.is_active(); } else { return false; } diff --git a/src/config/user.rs b/src/config/user.rs index ff7e54e4..28e81876 100644 --- a/src/config/user.rs +++ b/src/config/user.rs @@ -83,6 +83,22 @@ pub struct ApiToken { pub expire: Option, } +impl ApiToken { + + pub fn is_active(&self) -> bool { + if !self.enable.unwrap_or(true) { + return false; + } + if let Some(expire) = self.expire { + let now = proxmox::tools::time::epoch_i64(); + if expire > 0 && expire <= now { + return false; + } + } + true + } +} + #[api( properties: { userid: { @@ -132,6 +148,22 @@ pub struct User { pub email: Option, } +impl User { + + pub fn is_active(&self) -> bool { + if !self.enable.unwrap_or(true) { + return false; + } + if let Some(expire) = self.expire { + let now = proxmox::tools::time::epoch_i64(); + if expire > 0 && expire <= now { + return false; + } + } + true + } +} + fn init() -> SectionConfig { let mut config = SectionConfig::new(&Authid::API_SCHEMA); -- 2.30.2