From 2e5162a29b1340b75314879195e043c52517c06e Mon Sep 17 00:00:00 2001 From: Gisle Aune Date: Thu, 13 Sep 2018 20:08:37 +0200 Subject: [PATCH] auth: Fixed incorrect error reporting on permissions mismatching, added ensuring of user in auth.FindUser. --- internal/auth/token.go | 2 +- internal/auth/user.go | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/internal/auth/token.go b/internal/auth/token.go index 5885b51..5133a56 100644 --- a/internal/auth/token.go +++ b/internal/auth/token.go @@ -29,7 +29,7 @@ var ErrExpired = errors.New("Claims have already expired") var ErrWrongUser = errors.New("Key is not valid for this user") // ErrWrongPermissions is returned by CheckToken if the key cannot claim one or more of its permissions -var ErrWrongPermissions = errors.New("Key is not valid for this user") +var ErrWrongPermissions = errors.New("User does not have these permissions") // ErrDeletedUser is returned by CheckToken if the key can represent this user, but the user doesn't exist. var ErrDeletedUser = errors.New("User was not found") diff --git a/internal/auth/user.go b/internal/auth/user.go index d9db5fb..94a4eb5 100644 --- a/internal/auth/user.go +++ b/internal/auth/user.go @@ -34,6 +34,25 @@ func FindUser(userid string) (User, error) { user := User{} err := userCollection.FindId(userid).One(&user) + if err == mgo.ErrNotFound { + user := User{ + ID: userid, + Nick: "", + Permissions: []string{ + "member", + "log.edit", + "post.edit", + "post.move", + "file.upload", + }, + } + + err := userCollection.Insert(user) + if err != nil { + return User{}, err + } + } + return user, err }