wiring up the private share cli to the permission mode; sqlite tweak (#432)

2024-11-07 08:44:14 +01:00 · 2024-03-05 12:44:56 -05:00 · 2024-03-05 12:44:56 -05:00 · 1882783892
commit 1882783892
parent 6ba4460eb7
2 changed files with 14 additions and 6 deletions
--- a/cmd/zrok/sharePrivate.go
+++ b/cmd/zrok/sharePrivate.go
@ -25,11 +25,13 @@ func init() {
 }

 type sharePrivateCommand struct {
-	basicAuth   []string
-	backendMode string
-	headless    bool
-	insecure    bool
-	cmd         *cobra.Command
+	basicAuth    []string
+	backendMode  string
+	headless     bool
+	insecure     bool
+	closed       bool
+	accessGrants []string
+	cmd          *cobra.Command
 }

 func newSharePrivateCommand() *sharePrivateCommand {
@ -43,6 +45,8 @@ func newSharePrivateCommand() *sharePrivateCommand {
 	cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, tcpTunnel, udpTunnel, caddy, drive, socks}")
 	cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless")
 	cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>")
+	cmd.Flags().BoolVar(&command.closed, "closed", false, "Enable closed permission mode (see --access-grant)")
+	cmd.Flags().StringArrayVar(&command.accessGrants, "access-grant", []string{}, "zrok accounts that area allowed to access this share (see --closed)")
 	cmd.Run = command.run
 	return command
 }
@ -131,6 +135,10 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 		BasicAuth:   cmd.basicAuth,
 		Target:      target,
 	}
+	if cmd.closed {
+		req.PermissionMode = sdk.ClosedPermissionMode
+		req.AccessGrants = cmd.accessGrants
+	}
 	shr, err := sdk.CreateShare(root, req)
 	if err != nil {
 		if !panicInstead {
--- a/controller/store/sql/sqlite3/019_v0_4_26_permission_model.sql
+++ b/controller/store/sql/sqlite3/019_v0_4_26_permission_model.sql
@ -3,7 +3,7 @@
 alter table shares add column permission_mode string not null default('open');

 create table access_grants (
-    id                  serial                  primary key,
+    id                  integer                 primary key,
    share_id            integer                 references shares(id),
    account_id          integer                 references accounts(id),
    created_at          datetime                not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),