1:- module(bc_data_user, [
2 bc_user_auth/2, 3 bc_user_save/3, 4 bc_user_save_initial/1, 5 bc_user_update/2, 6 bc_user_remove/2, 7 bc_user_list/2, 8 bc_user/3 9]).
13:- use_module(library(sort_dict)). 14:- use_module(library(docstore)). 15:- use_module(library(sha)). 16
17:- use_module(bc_user). 18:- use_module(bc_access). 19:- use_module(bc_role).
26bc_user_auth(Auth, Info):-
27 user_auth(Auth, User),
28 login_access(User),
29 Info = _{
30 id: User.'$id',
31 type: User.type,
32 key: User.key },
33 Username = Auth.username,
34 debug(bc_data, 'authenticated user ~p', [Username]).
35
36login_access(User):-
37 bc_login_access(User), !.
38
39login_access(_):-
40 throw(error(no_login_access)).
41
44
45user_auth(Auth, User):-
46 ds_find(user, username=Auth.username, [User]),
47 password_hash(Auth.password, User.salt, User.password), !.
48
49user_auth(_, _):-
50 throw(error(invalid_credentials)).
56bc_user_save(Actor, User, Id):-
57 users_access(Actor),
58 user_save_common(User, Id).
59
60users_access(Actor):-
61 Actor.type = admin, !.
62
63users_access(_):-
64 throw(error(no_access)).
72bc_user_save_initial(User):-
73 user_save_common(User, _).
74
78
79user_save_common(User, Id):-
80 bc_valid_username(User.username),
81 bc_unique_username(User.username),
82 bc_valid_role(User.type),
83 user_hash(User, Hashed),
84 ds_uuid(Key),
85 put_dict(key, Hashed, Key, Keyed),
86 ds_insert(Keyed, Id),
87 debug(bc_data, 'saved user ~p', [Id]).
93bc_user_update(Actor, User):-
94 Id = User.'$id',
95 users_access(Actor),
96 bc_user_exists(Id),
97 bc_valid_username(User.username),
98 bc_unique_username(User.username, Id),
99 bc_valid_role(User.type),
100 ( User.type = admin
101 -> true
102 ; bc_remaining_admin(Id)),
103 user_hash(User, Hashed),
104 ds_update(Hashed),
105 debug(bc_data, 'updated user ~p', [Id]).
106
111
112user_hash(UserIn, UserOut):-
113 ( get_dict(password, UserIn, Password)
114 -> ds_uuid(Salt),
115 password_hash(Password, Salt, Hash),
116 put_dict(_{ password: Hash, salt: Salt }, UserIn, UserOut)
117 ; UserOut = UserIn).
124bc_user_list(Actor, Sorted):-
125 users_access(Actor),
126 ds_all(user, [username, fullname, type], Users),
127 sort_dict(username, asc, Users, Sorted),
128 debug(bc_data, 'retrieved the users list', []).
134bc_user(Actor, Id, User):-
135 users_access(Actor),
136 bc_user_exists(Id),
137 ds_col_get(user, Id,
138 [username, fullname, type,
139 link, comment_notifications], User),
140 debug(bc_data, 'retrieved the user ~p', [Id]).
146bc_user_remove(Actor, Id):-
147 users_access(Actor),
148 bc_user_exists(Id),
149 bc_remaining_admin(Id),
150 bc_no_entries(Id),
151 ds_col_remove(user, Id),
152 debug(bc_data, 'removed user ~p', [Id]).
153
156
157password_hash(Password, Salt, Hash):-
158 atom_concat(Salt, Password, Data),
159 sha_hash(Data, Raw, [encoding(utf8), algorithm(sha256)]),
160 hash_atom(Raw, Hash)
Handles the user and authentication data */