cloudamqp
diff --git a/‎spec/api/definitions_spec.cr‎
Lines changed: 3 additions & 3 deletions b/‎spec/api/definitions_spec.cr‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎spec/users_spec.cr‎
Lines changed: 7 additions & 7 deletions b/‎spec/users_spec.cr‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎src/lavinmq/amqp/client.cr‎
Lines changed: 1 addition & 1 deletion b/‎src/lavinmq/amqp/client.cr‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/lavinmq/auth/user.cr‎
Lines changed: 136 additions & 134 deletions b/‎src/lavinmq/auth/user.cr‎
Lines changed: 136 additions & 134 deletions
@@ -29,7 +29,7 @@ describe LavinMQ::HTTP::Server do
         response = http.post("/api/definitions", body: body)
         response.status_code.should eq 200
         s.users.select("sha256", "sha512", "bcrypt", "md5").each do |_, u|
-          u.should be_a(LavinMQ::User)
+          u.should be_a(LavinMQ::Auth::User)
           ok = u.not_nil!.password.not_nil!.verify "hej"
           {u.name, ok}.should(eq({u.name, true}))
         end
@@ -646,7 +646,7 @@ describe LavinMQ::HTTP::Server do
       response.status_code.should eq 200
 
       u = s.users[name]
-      u.should be_a(LavinMQ::User)
+      u.should be_a(LavinMQ::Auth::User)
       ok = u.not_nil!.password.not_nil!.verify "hej"
       {u.name, ok}.should eq({name, true})
 
@@ -661,7 +661,7 @@ describe LavinMQ::HTTP::Server do
       response.status_code.should eq 200
 
       u = s.users[name]
-      u.should be_a(LavinMQ::User)
+      u.should be_a(LavinMQ::Auth::User)
       ok = u.not_nil!.password.not_nil!.verify "test"
       {u.name, ok}.should eq({name, true})
     end
 
@@ -1,16 +1,16 @@
 require "./spec_helper"
 
-describe LavinMQ::User do
+describe LavinMQ::Auth::User do
   describe "#update_password" do
     it "should not update password hash when given same password as current" do
-      u = LavinMQ::User.create("username", "password", "sha256", [] of LavinMQ::Tag)
+      u = LavinMQ::Auth::User.create("username", "password", "sha256", [] of LavinMQ::Tag)
       password_hash_before = u.password
       u.update_password("password")
       u.password.should eq password_hash_before
     end
 
     it "should update password hash when given other password than current" do
-      u = LavinMQ::User.create("username", "password", "sha256", [] of LavinMQ::Tag)
+      u = LavinMQ::Auth::User.create("username", "password", "sha256", [] of LavinMQ::Tag)
       password_hash_before = u.password
       u.update_password("other")
       u.password.should_not eq password_hash_before
@@ -276,26 +276,26 @@ describe LavinMQ::Server do
 
   it "allows changing default user" do
     LavinMQ::Config.instance.default_user = "spec"
-    LavinMQ::Config.instance.default_password = LavinMQ::User.hash_password("spec", "SHA256").to_s
+    LavinMQ::Config.instance.default_password = LavinMQ::Auth::User.hash_password("spec", "SHA256").to_s
     with_amqp_server do |s|
       with_channel(s, user: "spec", password: "spec") { }
     end
   ensure
     LavinMQ::Config.instance.default_user = "guest"
-    LavinMQ::Config.instance.default_password = LavinMQ::User.hash_password("guest", "SHA256").to_s
+    LavinMQ::Config.instance.default_password = LavinMQ::Auth::User.hash_password("guest", "SHA256").to_s
   end
 
   it "disallows 'guest' if default user is changed" do
     LavinMQ::Config.instance.default_user = "spec"
-    LavinMQ::Config.instance.default_password = LavinMQ::User.hash_password("spec", "SHA256").to_s
+    LavinMQ::Config.instance.default_password = LavinMQ::Auth::User.hash_password("spec", "SHA256").to_s
     with_amqp_server do |s|
       expect_raises(AMQP::Client::Connection::ClosedException) do
         with_channel(s, user: "guest", password: "guest") { }
       end
     end
   ensure
     LavinMQ::Config.instance.default_user = "guest"
-    LavinMQ::Config.instance.default_password = LavinMQ::User.hash_password("guest", "SHA256").to_s
+    LavinMQ::Config.instance.default_password = LavinMQ::Auth::User.hash_password("guest", "SHA256").to_s
   end
 end
 
 
@@ -40,7 +40,7 @@ module LavinMQ
       def initialize(@socket : IO,
                      @connection_info : ConnectionInfo,
                      @vhost : VHost,
-                     @user : User,
+                     @user : Auth::User,
                      tune_ok,
                      start_ok)
         @max_frame_size = tune_ok.frame_max
 
@@ -4,169 +4,171 @@ require "../sortable_json"
 require "../tag"
 
 module LavinMQ
-  class User
-    include SortableJSON
-    getter name, password, permissions
-    property tags, plain_text_password
-    alias Permissions = NamedTuple(config: Regex, read: Regex, write: Regex)
-
-    @name : String
-    @permissions = Hash(String, Permissions).new
-    @password : Auth::Password? = nil
-    @plain_text_password : String?
-    @tags = Array(Tag).new
-
-    def initialize(pull : JSON::PullParser)
-      loc = pull.location
-      name = hash = hash_algo = nil
-      pull.read_object do |key|
-        case key
-        when "name"
-          name = pull.read_string
-        when "password_hash"
-          hash = pull.read_string
-        when "hashing_algorithm"
-          hash_algo = pull.read_string
-        when "permissions"
-          parse_permissions(pull)
-        when "tags"
-          @tags = Tag.parse_list(pull.read_string)
-        else nil
+  module Auth
+    class User
+      include SortableJSON
+      getter name, password, permissions
+      property tags, plain_text_password
+      alias Permissions = NamedTuple(config: Regex, read: Regex, write: Regex)
+
+      @name : String
+      @permissions = Hash(String, Permissions).new
+      @password : Auth::Password? = nil
+      @plain_text_password : String?
+      @tags = Array(Tag).new
+
+      def initialize(pull : JSON::PullParser)
+        loc = pull.location
+        name = hash = hash_algo = nil
+        pull.read_object do |key|
+          case key
+          when "name"
+            name = pull.read_string
+          when "password_hash"
+            hash = pull.read_string
+          when "hashing_algorithm"
+            hash_algo = pull.read_string
+          when "permissions"
+            parse_permissions(pull)
+          when "tags"
+            @tags = Tag.parse_list(pull.read_string)
+          else nil
+          end
         end
+        raise JSON::ParseException.new("Missing json attribute: name", *loc) if name.nil?
+        raise JSON::ParseException.new("Missing json attribute: password_hash", *loc) if hash.nil?
+        @name = name
+        @password = parse_password(hash, hash_algo, loc)
       end
-      raise JSON::ParseException.new("Missing json attribute: name", *loc) if name.nil?
-      raise JSON::ParseException.new("Missing json attribute: password_hash", *loc) if hash.nil?
-      @name = name
-      @password = parse_password(hash, hash_algo, loc)
-    end
 
-    def self.create(name : String, password : String, hash_algorithm : String, tags : Array(Tag))
-      pwd = hash_password(password, hash_algorithm)
-      self.new(name, pwd, tags)
-    end
+      def self.create(name : String, password : String, hash_algorithm : String, tags : Array(Tag))
+        pwd = hash_password(password, hash_algorithm)
+        self.new(name, pwd, tags)
+      end
 
-    def self.hash_password(password, hash_algorithm)
-      case hash_algorithm
-      when /bcrypt$/i then Auth::Password::BcryptPassword.create(password, cost: 4)
-      when /sha256$/i then Auth::Password::SHA256Password.create(password)
-      when /sha512$/i then Auth::Password::SHA512Password.create(password)
-      when /md5$/i    then Auth::Password::MD5Password.create(password)
-      else                 raise UnknownHashAlgoritm.new(hash_algorithm)
+      def self.hash_password(password, hash_algorithm)
+        case hash_algorithm
+        when /bcrypt$/i then Auth::Password::BcryptPassword.create(password, cost: 4)
+        when /sha256$/i then Auth::Password::SHA256Password.create(password)
+        when /sha512$/i then Auth::Password::SHA512Password.create(password)
+        when /md5$/i    then Auth::Password::MD5Password.create(password)
+        else                 raise UnknownHashAlgoritm.new(hash_algorithm)
+        end
       end
-    end
 
-    private def parse_password(hash, hash_algorithm, loc = nil)
-      case hash_algorithm
-      when /bcrypt$/i   then Auth::Password::BcryptPassword.new(hash)
-      when /sha256$/i   then Auth::Password::SHA256Password.new(hash)
-      when /sha512$/i   then Auth::Password::SHA512Password.new(hash)
-      when /md5$/i, nil then Auth::Password::MD5Password.new(hash)
-      else
-        if loc
-          raise JSON::ParseException.new("Unsupported hash algorithm", *loc)
+      private def parse_password(hash, hash_algorithm, loc = nil)
+        case hash_algorithm
+        when /bcrypt$/i   then Auth::Password::BcryptPassword.new(hash)
+        when /sha256$/i   then Auth::Password::SHA256Password.new(hash)
+        when /sha512$/i   then Auth::Password::SHA512Password.new(hash)
+        when /md5$/i, nil then Auth::Password::MD5Password.new(hash)
         else
-          raise UnknownHashAlgoritm.new(hash_algorithm)
+          if loc
+            raise JSON::ParseException.new("Unsupported hash algorithm", *loc)
+          else
+            raise UnknownHashAlgoritm.new(hash_algorithm)
+          end
         end
       end
-    end
 
-    def self.create_hidden_user(name)
-      password = Random::Secure.urlsafe_base64(32)
-      password_hash = hash_password(password, "sha256")
-      user = self.new(name, password_hash, [Tag::Administrator])
-      user.plain_text_password = password
-      user
-    end
+      def self.create_hidden_user(name)
+        password = Random::Secure.urlsafe_base64(32)
+        password_hash = hash_password(password, "sha256")
+        user = self.new(name, password_hash, [Tag::Administrator])
+        user.plain_text_password = password
+        user
+      end
 
-    def initialize(@name, password_hash, hash_algorithm, @tags)
-      update_password_hash(password_hash, hash_algorithm)
-    end
+      def initialize(@name, password_hash, hash_algorithm, @tags)
+        update_password_hash(password_hash, hash_algorithm)
+      end
 
-    def initialize(@name, @password, @tags)
-    end
+      def initialize(@name, @password, @tags)
+      end
 
-    def hidden?
-      UserStore.hidden?(@name)
-    end
+      def hidden?
+        UserStore.hidden?(@name)
+      end
 
-    def update_password_hash(password_hash, hash_algorithm)
-      if password_hash.empty?
-        @password = nil
-        return
+      def update_password_hash(password_hash, hash_algorithm)
+        if password_hash.empty?
+          @password = nil
+          return
+        end
+        @password = parse_password(password_hash, hash_algorithm)
       end
-      @password = parse_password(password_hash, hash_algorithm)
-    end
 
-    def update_password(password, hash_algorithm = "sha256")
-      return if @password.try &.verify(password)
-      @password = User.hash_password(password, hash_algorithm)
-    end
+      def update_password(password, hash_algorithm = "sha256")
+        return if @password.try &.verify(password)
+        @password = User.hash_password(password, hash_algorithm)
+      end
 
-    def details_tuple
-      user_details.merge(permissions: @permissions)
-    end
+      def details_tuple
+        user_details.merge(permissions: @permissions)
+      end
 
-    def user_details
-      {
-        name:              @name,
-        password_hash:     @password,
-        hashing_algorithm: @password.try &.hash_algorithm,
-        tags:              @tags.map(&.to_s.downcase).join(","),
-      }
-    end
+      def user_details
+        {
+          name:              @name,
+          password_hash:     @password,
+          hashing_algorithm: @password.try &.hash_algorithm,
+          tags:              @tags.map(&.to_s.downcase).join(","),
+        }
+      end
 
-    def permissions_details
-      @permissions.map { |k, p| permissions_details(k, p) }
-    end
+      def permissions_details
+        @permissions.map { |k, p| permissions_details(k, p) }
+      end
 
-    def permissions_details(vhost, p)
-      {
-        user:      @name,
-        vhost:     vhost,
-        configure: p[:config],
-        read:      p[:read],
-        write:     p[:write],
-      }
-    end
+      def permissions_details(vhost, p)
+        {
+          user:      @name,
+          vhost:     vhost,
+          configure: p[:config],
+          read:      p[:read],
+          write:     p[:write],
+        }
+      end
 
-    def can_write?(vhost, name) : Bool
-      perm = permissions[vhost]?
-      perm ? perm_match?(perm[:write], name) : false
-    end
+      def can_write?(vhost, name) : Bool
+        perm = permissions[vhost]?
+        perm ? perm_match?(perm[:write], name) : false
+      end
 
-    def can_read?(vhost, name) : Bool
-      perm = permissions[vhost]?
-      perm ? perm_match?(perm[:read], name) : false
-    end
+      def can_read?(vhost, name) : Bool
+        perm = permissions[vhost]?
+        perm ? perm_match?(perm[:read], name) : false
+      end
 
-    def can_config?(vhost, name) : Bool
-      perm = permissions[vhost]?
-      perm ? perm_match?(perm[:config], name) : false
-    end
+      def can_config?(vhost, name) : Bool
+        perm = permissions[vhost]?
+        perm ? perm_match?(perm[:config], name) : false
+      end
 
-    def can_impersonate?
-      @tags.includes? Tag::Impersonator
-    end
+      def can_impersonate?
+        @tags.includes? Tag::Impersonator
+      end
 
-    private def parse_permissions(pull)
-      pull.read_object do |vhost|
-        config = read = write = /^$/
-        pull.read_object do |ikey|
-          case ikey
-          when "config" then config = Regex.from_json(pull)
-          when "read"   then read = Regex.from_json(pull)
-          when "write"  then write = Regex.from_json(pull)
-          else               nil
+      private def parse_permissions(pull)
+        pull.read_object do |vhost|
+          config = read = write = /^$/
+          pull.read_object do |ikey|
+            case ikey
+            when "config" then config = Regex.from_json(pull)
+            when "read"   then read = Regex.from_json(pull)
+            when "write"  then write = Regex.from_json(pull)
+            else               nil
+            end
           end
+          @permissions[vhost] = {config: config, read: read, write: write}
         end
-        @permissions[vhost] = {config: config, read: read, write: write}
       end
-    end
 
-    private def perm_match?(perm, name)
-      perm != /^$/ && perm != // && perm.matches? name
-    end
+      private def perm_match?(perm, name)
+        perm != /^$/ && perm != // && perm.matches? name
+      end
 
-    class UnknownHashAlgoritm < Exception; end
+      class UnknownHashAlgoritm < Exception; end
+    end
   end
 end