From cd27f5de01b385914aa27fbe344288cc86c5b00f Mon Sep 17 00:00:00 2001 From: Ivan Krutov Date: Sun, 7 Jan 2024 15:56:14 +0300 Subject: [PATCH] Flag to explicitly enabled only authenticated access --- docs/cli-flags.adoc | 10 ++++++++-- ggr-ui.go | 19 +++++++++++++++++-- main.go | 18 ++++++++++-------- 3 files changed, 35 insertions(+), 12 deletions(-) diff --git a/docs/cli-flags.adoc b/docs/cli-flags.adoc index 1e2baa8..1c7dda8 100644 --- a/docs/cli-flags.adoc +++ b/docs/cli-flags.adoc @@ -1,9 +1,15 @@ == CLI Flags The following flags are supported by ```ggr-ui``` command: -``` +---- + -authenticated-access-only + Show statistics about all hosts only when credentials are provided -grace-period duration graceful shutdown period (default 5m0s) + -guests-allowed + Allow guest (unauthenticated) users to access the grid + -guests-quota string + Which quota file to use for guests (default "guest") -limit int simultaneous http requests (default 10) -listen string @@ -16,4 +22,4 @@ The following flags are supported by ```ggr-ui``` command: request timeout (default 30s) -version Show version and exit -``` \ No newline at end of file +---- diff --git a/ggr-ui.go b/ggr-ui.go index e075aac..a027ba7 100755 --- a/ggr-ui.go +++ b/ggr-ui.go @@ -51,7 +51,7 @@ func status(w http.ResponseWriter, r *http.Request) { lock.RLock() defer lock.RUnlock() user, remote := info(r) - quota, ok := hosts[user] + quota, ok := userHosts(user) if !ok { log.Printf("[STATUS] [Unknown quota user: %s] [%s]", user, remote) http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) @@ -127,6 +127,21 @@ func status(w http.ResponseWriter, r *http.Request) { } } +func userHosts(user string) (map[string]*config.Host, bool) { + if authenticatedAccessOnly { + quota, ok := hosts[user] + return quota, ok + } + + ret := make(map[string]*config.Host) + for _, quota := range hosts { + for sum, host := range quota { + ret[sum] = host + } + } + return ret, true +} + func (cur Status) Add(sum string, m map[string]interface{}) { for k, v := range m { switch v.(type) { @@ -171,7 +186,7 @@ func proxyWS(p string) func(wsconn *websocket.Conn) { } sum := path[head:tail] lock.RLock() - quota, ok := hosts[user] + quota, ok := userHosts(user) lock.RUnlock() if !ok { log.Printf("[WEBSOCKET] [Unknown quota user: %s] [%s]", user, remote) diff --git a/main.go b/main.go index 978a947..e360b5e 100644 --- a/main.go +++ b/main.go @@ -24,14 +24,15 @@ var ( ) var ( - listen string - timeout time.Duration - responseTime time.Duration - limit int - quotaDir string - gracePeriod time.Duration - guestAccessAllowed bool - guestUserName string + listen string + timeout time.Duration + responseTime time.Duration + limit int + quotaDir string + gracePeriod time.Duration + authenticatedAccessOnly bool + guestAccessAllowed bool + guestUserName string version bool gitRevision = "HEAD" @@ -81,6 +82,7 @@ func configure() error { } func init() { + flag.BoolVar(&authenticatedAccessOnly, "authenticated-access-only", false, "Show statistics about all hosts only when credentials are provided") flag.BoolVar(&guestAccessAllowed, "guests-allowed", false, "Allow guest (unauthenticated) users to access the grid") flag.StringVar(&guestUserName, "guests-quota", "guest", "Which quota file to use for guests") flag.StringVar(&listen, "listen", ":8888", "host and port to listen to")