mstar/linstrom
1
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity Actions

WIP New auth management system
Some checks failed
/ test (push) Has been cancelled
Details

Browse source 
Wait, what's this? A new commit to Linstrom?
And I thought I was done for good with this project now that I've left
Fedi.
Well, I got bored at work and inspired by a random bit I've seen in
Elixir Phoenix's docs.

So here is the start of a new subsystem: Authentication
Intended to bundle all authentication related checks and updates in one
place. Http handlers should not be the ones to perform the logic, too
much duplication. Technically, they probably shouldn't even contain any
business logic at all, only calling it and transforming it into visible
output

Also may be considering switching to Vue or at least changing how the
ember frontend interacts with the backend
This commit is contained in:
Melody Becker 2025-02-21 15:52:21 +01:00
parent e5e0b54035
commit 402932602d
2 changed files with 37 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
auth/auth.go Normal file
View file

@ -0,0 +1,11 @@
package auth
import "gorm.io/gorm"
type Authentication struct {
db *gorm.DB
}
func NewAuth(db *gorm.DB) *Authentication {
return &Authentication{db}
}

26
auth/checks.go Normal file
View file

@ -0,0 +1,26 @@
package auth
import "git.mstar.dev/mstar/linstrom/storage"
// Can actorId access the account with targetId?
func (a *Authentication) CanAccessAccount(actorId *string, targetId string) bool { return true }
// Can actorId edit the account with targetId?
func (a *Authentication) CanEditAccount(actorId *string, targetIt *string) bool { return true }
// Can actorId delete the account with targetId?
func (a *Authentication) CanDeleteAccount(actorId *string, targetIt *string) bool { return true }
// Can actorId create a new post at all?
// Specific restrictions regarding the content are not checked
func (a *Authentication) CanCreatePost(actorId string) bool { return true }
// Ensures that a given post conforms with all roles attached to the author account.
// Returns the conforming note (or nil of it can't be changed to conform)
// and whether the note was changed
func (a *Authentication) EnsureNoteConformsWithRoles(note *storage.Note) (*storage.Note, bool) {
return note, false
}
// Does the given note conform with the roles attached to the author account?
func (a *Authentication) DoesNoteConform(note *storage.Note) bool { return true }