wip: create/update/...

2025-09-13 14:31:15 +00:00 · 2020-11-08 10:26:18 +01:00
parent 3e92cc8551
commit a617cb1059
6 changed files with 103 additions and 27 deletions
--- a/internal/common/iputil.go
+++ b/internal/common/iputil.go
@@ -39,19 +39,19 @@ func IsIPv6(address string) bool {
 	return ip.To4() == nil
 }

-func ParseIPList(lst string) []string {
-	ips := strings.Split(lst, ",")
-	validatedIPs := make([]string, 0, len(ips))
-	for i := range ips {
-		ips[i] = strings.TrimSpace(ips[i])
-		if ips[i] != "" {
-			validatedIPs = append(validatedIPs, ips[i])
+func ParseStringList(lst string) []string {
+	tokens := strings.Split(lst, ",")
+	validatedTokens := make([]string, 0, len(tokens))
+	for i := range tokens {
+		tokens[i] = strings.TrimSpace(tokens[i])
+		if tokens[i] != "" {
+			validatedTokens = append(validatedTokens, tokens[i])
 		}
 	}

-	return validatedIPs
+	return validatedTokens
 }

-func IPListToString(lst []string) string {
+func ListToString(lst []string) string {
 	return strings.Join(lst, ", ")
 }
--- a/internal/server/handlers.go
+++ b/internal/server/handlers.go
@@ -6,8 +6,11 @@ import (
 	"net/http"
 	"net/url"
 	"strconv"
+	"strings"
 	"time"

+	log "github.com/sirupsen/logrus"
+
 	"github.com/h44z/wg-portal/internal/ldap"

 	"github.com/h44z/wg-portal/internal/common"
@@ -89,12 +92,12 @@ func (s *Server) PostAdminEditInterface(c *gin.Context) {
 		return
 	}
 	// Clean list input
-	formDevice.IPs = common.ParseIPList(formDevice.IPsStr)
-	formDevice.AllowedIPs = common.ParseIPList(formDevice.AllowedIPsStr)
-	formDevice.DNS = common.ParseIPList(formDevice.DNSStr)
-	formDevice.IPsStr = common.IPListToString(formDevice.IPs)
-	formDevice.AllowedIPsStr = common.IPListToString(formDevice.AllowedIPs)
-	formDevice.DNSStr = common.IPListToString(formDevice.DNS)
+	formDevice.IPs = common.ParseStringList(formDevice.IPsStr)
+	formDevice.AllowedIPs = common.ParseStringList(formDevice.AllowedIPsStr)
+	formDevice.DNS = common.ParseStringList(formDevice.DNSStr)
+	formDevice.IPsStr = common.ListToString(formDevice.IPs)
+	formDevice.AllowedIPsStr = common.ListToString(formDevice.AllowedIPs)
+	formDevice.DNSStr = common.ListToString(formDevice.DNS)

 	// Update WireGuard device
 	err := s.wg.UpdateDevice(formDevice.DeviceName, formDevice.GetDeviceConfig())
@@ -149,10 +152,10 @@ func (s *Server) PostAdminEditPeer(c *gin.Context) {
 	}

 	// Clean list input
-	formUser.IPs = common.ParseIPList(formUser.IPsStr)
-	formUser.AllowedIPs = common.ParseIPList(formUser.AllowedIPsStr)
-	formUser.IPsStr = common.IPListToString(formUser.IPs)
-	formUser.AllowedIPsStr = common.IPListToString(formUser.AllowedIPs)
+	formUser.IPs = common.ParseStringList(formUser.IPsStr)
+	formUser.AllowedIPs = common.ParseStringList(formUser.AllowedIPsStr)
+	formUser.IPsStr = common.ListToString(formUser.IPs)
+	formUser.AllowedIPsStr = common.ListToString(formUser.AllowedIPs)

 	disabled := c.PostForm("isdisabled") != ""
 	now := time.Now()
@@ -244,10 +247,10 @@ func (s *Server) PostAdminCreatePeer(c *gin.Context) {
 	}

 	// Clean list input
-	formUser.IPs = common.ParseIPList(formUser.IPsStr)
-	formUser.AllowedIPs = common.ParseIPList(formUser.AllowedIPsStr)
-	formUser.IPsStr = common.IPListToString(formUser.IPs)
-	formUser.AllowedIPsStr = common.IPListToString(formUser.AllowedIPs)
+	formUser.IPs = common.ParseStringList(formUser.IPsStr)
+	formUser.AllowedIPs = common.ParseStringList(formUser.AllowedIPsStr)
+	formUser.IPsStr = common.ListToString(formUser.IPs)
+	formUser.AllowedIPsStr = common.ListToString(formUser.AllowedIPs)

 	disabled := c.PostForm("isdisabled") != ""
 	now := time.Now()
@@ -265,7 +268,7 @@ func (s *Server) PostAdminCreatePeer(c *gin.Context) {
 		}
 	}

-	// Update in database
+	// Create in database
 	err := s.users.CreateUser(formUser)
 	if err != nil {
 		s.setAlert(c, "failed to add user in database: "+err.Error(), "danger")
@@ -297,6 +300,73 @@ func (s *Server) GetAdminCreateLdapPeers(c *gin.Context) {
 	})
 }

+func (s *Server) PostAdminCreateLdapPeers(c *gin.Context) {
+	email := c.PostForm("email")
+	identifier := c.PostForm("identifier")
+	if identifier == "" {
+		identifier = "Default"
+	}
+	if email == "" {
+		s.setAlert(c, "missing email address", "danger")
+		c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
+		return
+	}
+	emails := common.ParseStringList(email)
+	for i := range emails {
+		// TODO: also check email addr for validity?
+		if !strings.ContainsRune(emails[i], '@') || s.ldapUsers.GetUserDNByMail(emails[i]) == "" {
+			s.setAlert(c, "invalid email address: "+emails[i], "danger")
+			c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
+			return
+		}
+	}
+
+	log.Infof("creating %d ldap peers", len(emails))
+	device := s.users.GetDevice()
+
+	for i := range emails {
+		ldapUser := s.ldapUsers.GetUserData(s.ldapUsers.GetUserDNByMail(emails[i]))
+		user := User{}
+		user.AllowedIPsStr = device.AllowedIPsStr
+		user.IPsStr = "" // TODO: add a valid ip here
+		psk, err := wgtypes.GenerateKey()
+		if err != nil {
+			s.HandleError(c, http.StatusInternalServerError, "Preshared key generation error", err.Error())
+			return
+		}
+		key, err := wgtypes.GeneratePrivateKey()
+		if err != nil {
+			s.HandleError(c, http.StatusInternalServerError, "Private key generation error", err.Error())
+			return
+		}
+		user.PresharedKey = psk.String()
+		user.PrivateKey = key.String()
+		user.PublicKey = key.PublicKey().String()
+		user.UID = fmt.Sprintf("u%x", md5.Sum([]byte(user.PublicKey)))
+		user.Email = emails[i]
+		user.Identifier = fmt.Sprintf("%s %s (%s)", ldapUser.Firstname, ldapUser.Lastname, identifier)
+
+		// Create wireguard interface
+		err = s.wg.AddPeer(user.GetPeerConfig())
+		if err != nil {
+			s.setAlert(c, "failed to add peer in WireGuard: "+err.Error(), "danger")
+			c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
+			return
+		}
+
+		// Create in database
+		err = s.users.CreateUser(user)
+		if err != nil {
+			s.setAlert(c, "failed to add user in database: "+err.Error(), "danger")
+			c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
+			return
+		}
+	}
+
+	s.setAlert(c, "client(s) created successfully", "success")
+	c.Redirect(http.StatusSeeOther, "/admin/peer/createldap")
+}
+
 func (s *Server) GetUserQRCode(c *gin.Context) {
 	user := s.users.GetUserByKey(c.Query("pkey"))
 	png, err := user.GetQRCode()
--- a/internal/server/routes.go
+++ b/internal/server/routes.go
@@ -27,6 +27,7 @@ func SetupRoutes(s *Server) {
 	admin.GET("/peer/create", s.GetAdminCreatePeer)
 	admin.POST("/peer/create", s.PostAdminCreatePeer)
 	admin.GET("/peer/createldap", s.GetAdminCreateLdapPeers)
+	admin.POST("/peer/createldap", s.PostAdminCreateLdapPeers)

 	// User routes
 	user := s.server.Group("/user")
--- a/internal/server/usermanager.go
+++ b/internal/server/usermanager.go
@@ -32,7 +32,7 @@ import (
 var cidrList validator.Func = func(fl validator.FieldLevel) bool {
 	cidrListStr := fl.Field().String()

-	cidrList := common.ParseIPList(cidrListStr)
+	cidrList := common.ParseStringList(cidrListStr)
 	for i := range cidrList {
 		_, _, err := net.ParseCIDR(cidrList[i])
 		if err != nil {
@@ -45,7 +45,7 @@ var cidrList validator.Func = func(fl validator.FieldLevel) bool {
 var ipList validator.Func = func(fl validator.FieldLevel) bool {
 	ipListStr := fl.Field().String()

-	ipList := common.ParseIPList(ipListStr)
+	ipList := common.ParseStringList(ipListStr)
 	for i := range ipList {
 		ip := net.ParseIP(ipList[i])
 		if ip == nil {