b01fe1524a
--- type: change description: |- Completely refactor naming of everything, in light of new SPEC Writing the SPEC shed some light on just how weakly a lot of concepts, like "commit", had been defined, and prompted the delineation of a lot of things along specific lines (commit vs payload, repo vs project). This commit makes the code reflect the SPEC much better in quite a few ways: * Repo is now Project * Commit is now Payload * GitCommit is now just Commit * Hash is now Fingerprint * A lot of minor fields got renamed * All the XXXInterface types are now just XXX, and their old XXX type is now XXXUnion. More than likely there's still some comments and variable names that have slipped passed, but overall I feel like I got most of the changes. fingerprint: AKkDC5BKhKbfXzZQ/F4KquHeMgVvcNxgLmkZFz/nP/tY credentials: - type: pgp_signature pub_key_id: 95C46FA6A41148AC body: iQIzBAABAgAdFiEEJ6tQKp6olvZKJ0lwlcRvpqQRSKwFAl6l7aYACgkQlcRvpqQRSKxFrA//VQ+f8B6pwGS3ORB4VVBnHvvJTGZvAYTvB0fHuHJx2EreR4FwjhaNakk5ClkwbO7WFMq++2OV4xIkvzwswLdbXZF0IHx3wScQM59v4vIkR4V9Lj5p1aGGhQna52uIKugF2gTqKdU4tqYzmBjDND/c2XDwCN5CwTwwnAHXUSSsHxviiPUYPWV5wzFP7uyRW0ZeK8Isv7QECKRXlsDjcSJa+g+jc091FG/jG9Dkai8fbDbW8YXj7W3ALaXgXWEBJMrgQxZcJJRjgCvLY72FIIrUBquu3FepiyzMtZ0yaIvi4NmGCsYqIv00NcMvMtD7iwhOCZn10Sku4wvaKJ8YBMRduhqC99fnr/ZDW0/HvTNcL7GKx11GjwtmzkJgwsHFPy3zX+kMdF4m3WgtoeI0GwEsBXXZE2C49yAk3Mb/3puegl3a1PPMvOabTzo7Xm6xpWkI6gISChI7My71H3EuKZWhkb+IubPmMvJJXIdVxHnsHPz2dl/BZXLgpfVdEgQa2qWeXtYI4NNm37pLl3gv92V4kka+Kr4gfdoq8mJ7aqvc9was35baJbHg4+fEVJG2Wj+2AQU+ncx3nAFzgYyMxwo9K8VuC4QdfRF4ImyxTnWkuokEn9H6JRrbkBDKIELj6vzdPmsjOUEQ4nsYX66/zSibFD7UvhQmdXFs8Gp8/Qq6g4M= account: mediocregopher
95 lines
2.5 KiB
Go
95 lines
2.5 KiB
Go
package dehub
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
|
|
"dehub.dev/src/dehub.git/accessctl"
|
|
"dehub.dev/src/dehub.git/fs"
|
|
"dehub.dev/src/dehub.git/sigcred"
|
|
|
|
yaml "gopkg.in/yaml.v2"
|
|
)
|
|
|
|
// Account represents a single account defined in the Config.
|
|
type Account struct {
|
|
ID string `yaml:"id"`
|
|
Signifiers []sigcred.SignifierUnion `yaml:"signifiers"`
|
|
Meta map[string]string `yaml:"meta,omitempty"`
|
|
}
|
|
|
|
// Config represents the structure of the main dehub configuration file, and is
|
|
// used to marshal/unmarshal the yaml file.
|
|
type Config struct {
|
|
Accounts []Account `yaml:"accounts"`
|
|
AccessControls []accessctl.AccessControl `yaml:"access_controls"`
|
|
}
|
|
|
|
func (proj *Project) loadConfig(fs fs.FS) (Config, error) {
|
|
rc, err := fs.Open(ConfigPath)
|
|
if err != nil {
|
|
return Config{}, fmt.Errorf("could not open config.yml: %w", err)
|
|
}
|
|
defer rc.Close()
|
|
|
|
var cfg Config
|
|
if err := yaml.NewDecoder(rc).Decode(&cfg); err != nil {
|
|
return cfg, fmt.Errorf("could not decode config.yml: %w", err)
|
|
}
|
|
|
|
// older config versions also had access_controls be an array, but not using
|
|
// the action field. So filter out array elements without the action field.
|
|
acl := cfg.AccessControls
|
|
cfg.AccessControls = cfg.AccessControls[:0]
|
|
for _, ac := range acl {
|
|
if ac.Action == "" {
|
|
continue
|
|
}
|
|
cfg.AccessControls = append(cfg.AccessControls, ac)
|
|
}
|
|
|
|
// TODO validate Config
|
|
|
|
return cfg, nil
|
|
}
|
|
|
|
// LoadConfig loads the Config object from the HEAD of the project's git repo,
|
|
// or directly from the filesystem if there is no HEAD yet.
|
|
func (proj *Project) LoadConfig() (Config, error) {
|
|
headFS, err := proj.headFS()
|
|
if err != nil {
|
|
return Config{}, fmt.Errorf("error retrieving repo HEAD: %w", err)
|
|
}
|
|
return proj.loadConfig(headFS)
|
|
}
|
|
|
|
func (proj *Project) signifierForCredential(fs fs.FS, cred sigcred.CredentialUnion) (sigcred.Signifier, error) {
|
|
cfg, err := proj.loadConfig(fs)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error loading config: %w", err)
|
|
}
|
|
|
|
var account Account
|
|
var ok bool
|
|
for _, account = range cfg.Accounts {
|
|
if account.ID == cred.AccountID {
|
|
ok = true
|
|
break
|
|
}
|
|
}
|
|
if !ok {
|
|
return nil, fmt.Errorf("no account object for account id %q present in config", cred.AccountID)
|
|
}
|
|
|
|
for i, sigUn := range account.Signifiers {
|
|
sig := sigUn.Signifier(cred.AccountID)
|
|
if ok, err := sig.Signed(fs, cred); err != nil {
|
|
return nil, fmt.Errorf("error checking if signfier index:%d signed credential: %w", i, err)
|
|
} else if ok {
|
|
return sig, nil
|
|
}
|
|
}
|
|
|
|
return nil, errors.New("no signifier found for credential")
|
|
}
|