From 18827838920660686b077e13ecccb4f29a7d1101 Mon Sep 17 00:00:00 2001 From: Michael Quigley Date: Tue, 5 Mar 2024 12:44:56 -0500 Subject: [PATCH] wiring up the private share cli to the permission mode; sqlite tweak (#432) --- cmd/zrok/sharePrivate.go | 18 +++++++++++++----- .../sqlite3/019_v0_4_26_permission_model.sql | 2 +- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/cmd/zrok/sharePrivate.go b/cmd/zrok/sharePrivate.go index 09d6baee..11838227 100644 --- a/cmd/zrok/sharePrivate.go +++ b/cmd/zrok/sharePrivate.go @@ -25,11 +25,13 @@ func init() { } type sharePrivateCommand struct { - basicAuth []string - backendMode string - headless bool - insecure bool - cmd *cobra.Command + basicAuth []string + backendMode string + headless bool + insecure bool + closed bool + accessGrants []string + cmd *cobra.Command } func newSharePrivateCommand() *sharePrivateCommand { @@ -43,6 +45,8 @@ func newSharePrivateCommand() *sharePrivateCommand { cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, tcpTunnel, udpTunnel, caddy, drive, socks}") cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless") cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for ") + cmd.Flags().BoolVar(&command.closed, "closed", false, "Enable closed permission mode (see --access-grant)") + cmd.Flags().StringArrayVar(&command.accessGrants, "access-grant", []string{}, "zrok accounts that area allowed to access this share (see --closed)") cmd.Run = command.run return command } @@ -131,6 +135,10 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) { BasicAuth: cmd.basicAuth, Target: target, } + if cmd.closed { + req.PermissionMode = sdk.ClosedPermissionMode + req.AccessGrants = cmd.accessGrants + } shr, err := sdk.CreateShare(root, req) if err != nil { if !panicInstead { diff --git a/controller/store/sql/sqlite3/019_v0_4_26_permission_model.sql b/controller/store/sql/sqlite3/019_v0_4_26_permission_model.sql index 102618c9..eade2df2 100644 --- a/controller/store/sql/sqlite3/019_v0_4_26_permission_model.sql +++ b/controller/store/sql/sqlite3/019_v0_4_26_permission_model.sql @@ -3,7 +3,7 @@ alter table shares add column permission_mode string not null default('open'); create table access_grants ( - id serial primary key, + id integer primary key, share_id integer references shares(id), account_id integer references accounts(id), created_at datetime not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),