Trident 79 - sysadmin set does not function

debian/changelog

@@ -1,3 +1,18 @@
+pitchfork (1.9.5) stable; urgency=medium
+
+  * #82 Documentation work.
+  * #84 Page_Show -> PageShow.
+  * #88 SQL Cleanup.
+  * #72 Add dep for pitchfork-data package.
+  * (PF59) Make iptrk, jet timeout and login attempts config variables.
+  * (T97) Group Member Vouch overview shows wrong affiliation.
+  * (T93) Add a note in UI and email about the characters used in the recovery token
+  * (PF Merge 163) Typo Fix by wesdawg
+  * (PF Merge 160) Fix PGP download link by wesdawg
+  * Support ARF files.
+
+ -- Ben April <[email protected]>  Sun, 24 Sep 2017 00:46:15 -0400
+
 pitchfork (1.9.4) stable; urgency=medium
 
   * (PF65) Update login min length to be a config value along with example username.

doc.go

@@ -227,7 +227,7 @@ The core permission code is located in lib/ctx.go with CheckPerm and lib/struct.
 Permissions in pfget/pfset tag can be specified separated by commas to specify multiple permissions that would be acceptible to satisfy the permission check.
 Perm's FromString function in lib/ctx handles this conversion from textual edition of a permission to the binary Perm that is used throughout.
 
-## Sysadmin Privilege
+## SysAdmin Privilege
 
 The sysadmin privilege is gained by having the sysadmin flag set in the user's table. This can be toggled using the CLI by executing 'user set <username> sysadmin true|false' or using the user configuration UI. Of course it requires sysadmin privileges to toggle.
 

lib/cfg.go

@@ -5,55 +5,59 @@ import (
 	"bufio"
 	"encoding/json"
 	"errors"
+	"fmt"
 	"net"
 	"os"
 	"strings"
 )
 
 // PfConfig contains the configuration details for the system, as loaded from the configuration file
 type PfConfig struct {
-	Conf_root       string       ``                             /* From command line option or default setting */
-	File_roots      []string     `json:"file_roots"`            /* Where we look for files */
-	Var_root        string       `json:"var_root"`              /* Where variable files are stored */
-	Tmp_roots       []string     `json:"tmp_roots"`             /* Templates */
-	LogFile         string       `json:"logfile"`               /* Where to write our log file (with logrotate support) */
-	Token_prv       interface{}  ``                             // Private portion of the JWT Token
-	Token_pub       interface{}  ``                             // Public portion of the JWT Token
-	UserAgent       string       `json:"useragent"`             // The HTTP and SMTP/Email user agent to use when contacting other servers
-	CSS             []string     `json:"css"`                   // The CSS files to load (HTML meta header)
-	Javascript      []string     `json:"javascript"`            // The javascript libraries to load (HTML meta header)
-	CSP             string       `json:"csp"`                   // The Content-Security-Protection HTTP header we include in our output
-	XFF             []string     `json:"xff_trusted_cidr"`      // The CIDR prefixes that are trusted X-Forwarded-For networks
-	XFFc            []*net.IPNet ``                             // Cached parsed version of X-Forward-For configuration
-	Db_host         string       `json:"db_host"`               // The database hostname
-	Db_port         string       `json:"db_port"`               // The database port
-	Db_name         string       `json:"db_name"`               // The database name
-	Db_user         string       `json:"db_user"`               // The database user
-	Db_pass         string       `json:"db_pass"`               // The database password
-	Db_ssl_mode     string       `json:"db_ssl_mode"`           // The database SSL mode (require|ignore)
-	Db_admin_db     string       `json:"db_admin_db"`           // The database name used for administrative actions
-	Db_admin_user   string       `json:"db_admin_user"`         // The database user used for administrative actions
-	Db_admin_pass   string       `json:"db_admin_pass"`         // The database password used for administrative actions
-	Nodename        string       `json:"nodename"`              // Name of this node (typically matches the hostname and automatically set by program)
-	Http_host       string       `json:"http_host"`             // The Host on which we serve HTTP
-	Http_port       string       `json:"http_port"`             // The port on which we serve HTTP
-	JWT_prv         string       `json:"jwt_key_prv"`           // Private portion of the JWT Token
-	JWT_pub         string       `json:"jwt_key_pub"`           // Public portion of the JWT Token
-	Application     interface{}  `json:"application"`           // Application specific configuration see GetAppConfig() / GetAppConfigBool()
-	Username_regexp string       `json:"username_regexp"`       // Regular expression for filtering/rejecting usernames
-	UserHomeLinks   bool         `json:"user_home_links"`       // If User Home Links are active
-	SMTP_host       string       `json:"smtp_host"`             // SMTP Host to use for outbound emails
-	SMTP_port       string       `json:"smtp_port"`             // SMTP Port to use for outbound emails
-	SMTP_SSL        string       `json:"smtp_ssl"`              // Whether to require SSL for outbound emails (ignore|require)
-	Msg_mon_from    string       `json:"msg_monitor_from"`      // Email address used for From: for monitoring messages (messages module)
-	Msg_mon_to      string       `json:"msg_monitor_to"`        // Email address used for To: for monitoring messages (messages module)
-	TimeFormat      string       `json:"timeformat"`            // Time Format
-	DateFormat      string       `json:"dateformat"`            // Date Format
-	PW_WeakDicts    []string     `json:"pw_weakdicts"`          // List of filenames containing password dictionaries
-	CFG_UserMinLen  string       `json:"username_min_length"`   // Minimum Username length
-	CFG_UserExample string       `json:"username_example"`      // Username Example
-	TransDefault    string       `json:"translation_default"`   // Translation - Default Language
-	TransLanguages  []string     `json:"translation_languages"` // Translation - Available Languages
+	Conf_root        string       ``                             /* From command line option or default setting */
+	File_roots       []string     `json:"file_roots"`            /* Where we look for files */
+	Var_root         string       `json:"var_root"`              /* Where variable files are stored */
+	Tmp_roots        []string     `json:"tmp_roots"`             /* Templates */
+	LogFile          string       `json:"logfile"`               /* Where to write our log file (with logrotate support) */
+	Token_prv        interface{}  ``                             // Private portion of the JWT Token
+	Token_pub        interface{}  ``                             // Public portion of the JWT Token
+	UserAgent        string       `json:"useragent"`             // The HTTP and SMTP/Email user agent to use when contacting other servers
+	CSS              []string     `json:"css"`                   // The CSS files to load (HTML meta header)
+	Javascript       []string     `json:"javascript"`            // The javascript libraries to load (HTML meta header)
+	CSP              string       `json:"csp"`                   // The Content-Security-Protection HTTP header we include in our output
+	XFF              []string     `json:"xff_trusted_cidr"`      // The CIDR prefixes that are trusted X-Forwarded-For networks
+	XFFc             []*net.IPNet ``                             // Cached parsed version of X-Forward-For configuration
+	Db_host          string       `json:"db_host"`               // The database hostname
+	Db_port          string       `json:"db_port"`               // The database port
+	Db_name          string       `json:"db_name"`               // The database name
+	Db_user          string       `json:"db_user"`               // The database user
+	Db_pass          string       `json:"db_pass"`               // The database password
+	Db_ssl_mode      string       `json:"db_ssl_mode"`           // The database SSL mode (require|ignore)
+	Db_admin_db      string       `json:"db_admin_db"`           // The database name used for administrative actions
+	Db_admin_user    string       `json:"db_admin_user"`         // The database user used for administrative actions
+	Db_admin_pass    string       `json:"db_admin_pass"`         // The database password used for administrative actions
+	Nodename         string       `json:"nodename"`              // Name of this node (typically matches the hostname and automatically set by program)
+	Http_host        string       `json:"http_host"`             // The Host on which we serve HTTP
+	Http_port        string       `json:"http_port"`             // The port on which we serve HTTP
+	JWT_prv          string       `json:"jwt_key_prv"`           // Private portion of the JWT Token
+	JWT_pub          string       `json:"jwt_key_pub"`           // Public portion of the JWT Token
+	Application      interface{}  `json:"application"`           // Application specific configuration see GetAppConfig() / GetAppConfigBool()
+	Username_regexp  string       `json:"username_regexp"`       // Regular expression for filtering/rejecting usernames
+	UserHomeLinks    bool         `json:"user_home_links"`       // If User Home Links are active
+	SMTP_host        string       `json:"smtp_host"`             // SMTP Host to use for outbound emails
+	SMTP_port        string       `json:"smtp_port"`             // SMTP Port to use for outbound emails
+	SMTP_SSL         string       `json:"smtp_ssl"`              // Whether to require SSL for outbound emails (ignore|require)
+	Msg_mon_from     string       `json:"msg_monitor_from"`      // Email address used for From: for monitoring messages (messages module)
+	Msg_mon_to       string       `json:"msg_monitor_to"`        // Email address used for To: for monitoring messages (messages module)
+	TimeFormat       string       `json:"timeformat"`            // Time Format
+	DateFormat       string       `json:"dateformat"`            // Date Format
+	PW_WeakDicts     []string     `json:"pw_weakdicts"`          // List of filenames containing password dictionaries
+	CFG_UserMinLen   string       `json:"username_min_length"`   // Minimum Username length
+	CFG_UserExample  string       `json:"username_example"`      // Username Example
+	TransDefault     string       `json:"translation_default"`   // Translation - Default Language
+	TransLanguages   []string     `json:"translation_languages"` // Translation - Available Languages
+	IPTrkMax         int          `json:"iptrk_max"`             /* Maximum IPTrk count, before being locked out */
+	JWTTimeout       int          `json:"jwt_timeout"`           /* JWT Timeout in minutes */
+	LoginAttemptsMax int          `json:"loginattempts_max"`     /* Maximum Login attempts (tracked and checked per-account) */
 }
 
 /* SMTP_SSL = ignore | require */
@@ -130,15 +134,22 @@ func (cfg *PfConfig) Load(toolname string, confroot string) (err error) {
 		Errf("Could not determine working directory: %s", err.Error())
 		return
 	}
+
 	Dbgf("Running from: %s", wd)
 
 	if confroot == "" {
-		confroot = "/etc/" + toolname + "/"
+		confroot = "/etc/" + toolname
 	}
 
+	/* Ensure that the confroot path ends in a slash */
+	confroot = URL_EnsureSlash(confroot)
+
 	/* Defaults */
 	Config.Conf_root = confroot
 	Config.UserHomeLinks = true
+	Config.IPTrkMax = 100
+	Config.JWTTimeout = 30
+	Config.LoginAttemptsMax = 5
 
 	/* Open the configuration file */
 	fn := Config.Conf_root + toolname + ".conf"
@@ -267,7 +278,24 @@ func (cfg *PfConfig) Load(toolname string, confroot string) (err error) {
 		Config.DateFormat = "2006-01-02"
 	}
 
-	/* Check that the configuration is sane */
+	/* Verify IPtrk count is minimum value */
+	if Config.IPTrkMax <= 1 {
+		err = fmt.Errorf("iptrk_max set to %d but that would lock everybody out after one failed attempt, minimum is 1", Config.IPTrkMax)
+		return
+	}
+
+	/* Verify JWT is at least long enough for people to be logged in for a bit */
+	if Config.JWTTimeout < 5 {
+		err = fmt.Errorf("jwt_timeout set to %d which is too short for a useable session", Config.JWTTimeout)
+		return
+	}
+
+	if Config.LoginAttemptsMax < 1 {
+		err = fmt.Errorf("loginattempts_max set to %d which would mean nobody could ever login, please configure it above 1", Config.LoginAttemptsMax)
+		return
+	}
+
+	/* Check that XFF are sane & pre-parse it */
 	for _, x := range Config.XFF {
 		var xc *net.IPNet
 

lib/ctx.go

@@ -100,7 +100,6 @@ type PfCtx interface {
 	GroupHasWiki() bool
 	GroupHasFile() bool
 	GroupHasCalendar() bool
-	CanBeSysAdmin() bool
 	SwapSysAdmin() bool
 	IsSysAdmin() bool
 	CheckPerms(what string, perms Perm) (ok bool, err error)
@@ -176,6 +175,7 @@ type PfCtxS struct {
 	output         string             /* Output buffer */
 	mode_buffered  bool               /* Buffering of output in effect */
 	user           PfUser             /* Authenticated User */
+	is_sysadmin    bool               /* Whether the user's sysadmin priveleges are enabled */
 	token          string             /* The authentication token */
 	token_claims   SessionClaims      /* Parsed Token Claims */
 	remote         string             /* The address of the client, including X-Forwarded-For */
@@ -663,7 +663,7 @@ func (ctx *PfCtxS) NewToken() (err error) {
 
 	// Set some claims
 	ctx.token_claims.UserDesc = theuser.GetFullName()
-	ctx.token_claims.IsSysAdmin = theuser.IsSysAdmin()
+	ctx.token_claims.IsSysAdmin = ctx.is_sysadmin
 
 	username := theuser.GetUserName()
 
@@ -687,22 +687,25 @@ func (ctx *PfCtxS) NewToken() (err error) {
 // (and thus indicating that a new token should be sent out to the user)
 // and/or an error to indicate failure.
 func (ctx *PfCtxS) LoginToken(tok string) (expsoon bool, err error) {
-	/* No valid token */
+	// No valid token
 	ctx.token = ""
 
-	/* Parse the provided token */
+	// Not a SysAdmin
+	ctx.is_sysadmin = false
+
+	// Parse the provided token
 	expsoon, err = Token_Parse(tok, "websession", &ctx.token_claims)
 	if err != nil {
 		return expsoon, err
 	}
 
-	/* Who they claim they are */
+	// Who they claim they are
 	user := ctx.NewUser()
 	user.SetUserName(ctx.token_claims.Subject)
 	user.SetFullName(ctx.token_claims.UserDesc)
-	user.SetSysAdmin(ctx.token_claims.IsSysAdmin)
+	ctx.is_sysadmin = ctx.token_claims.IsSysAdmin
 
-	/* Fetch the details */
+	// Fetch the details
 	err = user.Refresh(ctx)
 	if err == ErrNoRows {
 		ctx.Dbgf("No such user %q", ctx.token_claims.Subject)
@@ -712,10 +715,10 @@ func (ctx *PfCtxS) LoginToken(tok string) (expsoon bool, err error) {
 		return false, err
 	}
 
-	/* Looking good, become the user */
+	// Looking good, become the user
 	ctx.Become(user)
 
-	/* Valid Token */
+	// Valid Token
 	ctx.token = tok
 
 	return expsoon, nil
@@ -726,6 +729,7 @@ func (ctx *PfCtxS) LoginToken(tok string) (expsoon bool, err error) {
 //
 // A userevent is logged when this function was succesful.
 func (ctx *PfCtxS) Login(username string, password string, twofactor string) (err error) {
+	// The new user */
 	user := ctx.NewUser()
 
 	err = user.CheckAuth(ctx, username, password, twofactor)
@@ -738,9 +742,12 @@ func (ctx *PfCtxS) Login(username string, password string, twofactor string) (er
 		return
 	}
 
-	/* Force generation of a new token */
+	// Force generation of a new token
 	ctx.token = ""
 
+	// Not a sysadmin till they swapadmin
+	ctx.is_sysadmin = false
+
 	ctx.Become(user)
 
 	userevent(ctx, "login")
@@ -772,7 +779,7 @@ func (ctx *PfCtxS) IsLoggedIn() bool {
 }
 
 // IsGroupMember can be used to check if the selected user
-// is a member of the selected group and wether the user
+// is a member of the selected group and whether the user
 // can see the group.
 func (ctx *PfCtxS) IsGroupMember() bool {
 	if !ctx.HasSelectedUser() {
@@ -798,7 +805,7 @@ func (ctx *PfCtxS) IsGroupMember() bool {
 		return true
 	}
 
-	/* Normal group users, it depends on wether they can see them */
+	/* Normal group users, it depends on whether they can see them */
 	return state.can_see
 }
 
@@ -868,21 +875,6 @@ func (ctx *PfCtxS) GroupHasCalendar() bool {
 	return ctx.sel_group.HasCalendar()
 }
 
-// CanBeSysAdmin returns whether the loggedin user can become a sysadmin.
-func (ctx *PfCtxS) CanBeSysAdmin() bool {
-	if !ctx.IsLoggedIn() {
-		return false
-	}
-
-	/* Can we be or not? */
-	if !ctx.user.CanBeSysAdmin() {
-		return false
-	}
-
-	/* Could be, if the user wanted */
-	return true
-}
-
 // SwapSysAdmin swaps a user's privilege between normal user and sysadmin.
 func (ctx *PfCtxS) SwapSysAdmin() bool {
 	/* Not logged, can't be SysAdmin */
@@ -891,12 +883,12 @@ func (ctx *PfCtxS) SwapSysAdmin() bool {
 	}
 
 	/* If they cannot be one, then do not toggle either */
-	if !ctx.user.CanBeSysAdmin() {
+	if !ctx.TheUser().CanBeSysAdmin() {
 		return false
 	}
 
 	/* Toggle state: SysAdmin <> Regular */
-	ctx.user.SetSysAdmin(!ctx.user.IsSysAdmin())
+	ctx.is_sysadmin = !ctx.is_sysadmin
 
 	/* Force generation of a new token */
 	ctx.token = ""
@@ -917,7 +909,7 @@ func (ctx *PfCtxS) IsSysAdmin() bool {
 	}
 
 	/* Not a SysAdmin, easy */
-	if !ctx.user.IsSysAdmin() {
+	if !ctx.is_sysadmin {
 		return false
 	}
 
@@ -1303,7 +1295,7 @@ func (ctx *PfCtxS) CheckPerms(what string, perms Perm) (ok bool, err error) {
 	if perms.IsSet(PERM_SYS_ADMIN_CAN) {
 		if ctx.IsLoggedIn() {
 			ctx.PDbgf(what, perms, "Sys Admin Can - Logged In")
-			if ctx.CanBeSysAdmin() {
+			if ctx.TheUser().CanBeSysAdmin() {
 				ctx.PDbgf(what, perms, "Sys Admin Can")
 				/* Passed the test */
 				return true, nil

lib/file.go

@@ -320,6 +320,7 @@ func file_mimetype(path string) (mt string, err error) {
 
 	/* Quick lookup of our own to guarantee that these types are supported */
 	types := map[string]string{
+		"arf":  "application/octet-stream",
 		"doc":  "application/msword",
 		"docx": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
 		"html": "text/html",