Merge pull request #289 from dedis/fix/update-dbUtils-script-to-reflect-new-architecture

Fix: update db utils script to reflect new architecture

Author: pierluca

.github/workflows/releases.yml

@@ -83,7 +83,6 @@ jobs:
           cd ${{ steps.get_version.outputs.version_file }}
           cp -r ../build/* .
           cp -r ../node_modules .
-          cp -r ../dbUtils.js .
           cp -r ../config.env.template .
 
       - name: Create tar.gz

README.docker.md

@@ -54,4 +54,4 @@ to delete the volumes (this will reset your instance).
 
 1. run the script `DELA_REPLICAS=... init_dela.sh` to initialize the DELA network with `DELA_REPLICAS set to the same value as in .env`
 2. run `docker exec -it d-voting-backend-1 /bin/bash` to connect to the backend
-3. execute `node -e 'require("./dbUtils").addAdmin("./dvoting-users", <sciper>)'` with your Sciper to add yourself as admin
+3. execute `npx cli addAdmin --sciper 123455` with your SCIPER to add yourself as admin

deb-package/README.md

@@ -25,12 +25,10 @@ and be sure to *export* variables in `config.env` (i.e do `export xx=yy`).
 However it is recommended to use a service manager such as systemd to run the
 app.
 
-4) Use dbUtils.js
-
-You can manually update the rights with `dbUtils.js`:
+4) Use the CLI to set yourself up as an admin 
 
 ```sh
-NODE_PATH=./node_modules node -e 'require("./dbUtils").listEls("../data/dvoting-users")'
+npx cli addAdmin --sciper 1234
 ```
 
 # Run the web frontend

web/backend/.eslintignore

@@ -1,2 +1 @@
 dist/
-dbUtils.js

web/backend/dbUtils.js

@@ -13,6 +13,9 @@
     "prettier-check": "./node_modules/.bin/prettier --check .",
     "test": "echo \"Error: no test specified\" && exit 1"
   },
+  "bin": {
+    "cli": "./src/cli.ts"
+  },
   "keywords": [],
   "author": "",
   "license": "ISC",
@@ -21,6 +24,7 @@
     "axios": "^0.24.0",
     "casbin": "^5.19.1",
     "casbin-sequelize-adapter": "^2.4.0",
+    "commander": "^11.0.0",
     "cookie-parser": "^1.4.6",
     "crypto": "^1.0.1",
     "express": "^4.17.2",
@@ -29,8 +33,8 @@
     "lodash": "^4.17.21",
     "memorystore": "^1.6.7",
     "morgan": "^1.10.0",
-    "xss": "^1.0.11",
-    "pg": "^8.11.1"
+    "pg": "^8.11.1",
+    "xss": "^1.0.11"
   },
   "devDependencies": {
     "@types/cookie-parser": "^1.4.2",

web/backend/package-lock.json

@@ -25,3 +25,26 @@ func GenerateKey() {
 # Run the program
 
 Once all the previous steps done, the project can be run using `npm start`
+
+# CLI
+
+To control the administration right of different users, the CLI tool can be used.
+For example,
+```sh
+$ npx cli addAdmin --sciper MY_SCIPER_NUMBER
+```
+
+You can also consult the following command for more information
+```sh
+$ npx cli help
+Usage: cli [options] [command]
+
+Options:
+  -h, --help                     display help for command
+
+Commands:
+  addAdmin [options]             Given a SCIPER number, the owner would gain full admin permissions
+  listUserPermissions [options]  Lists the permissions -if any- of the owner of a given SCIPER
+  removeAdmin [options]          Given a SCIPER number, the owner would lose all admin privileges -if any-
+  help [command]                 display help for command
+```

web/backend/package.json

@@ -55,7 +55,7 @@ async function initEnforcer() {
     database: 'casbin',
   });
 
-  return newEnforcer('model.conf', dbAdapter);
+  return newEnforcer('src/model.conf', dbAdapter);
 }
 
 const port = process.env.PORT || 5000;

web/backend/readme.md

@@ -0,0 +1,68 @@
+#!/usr/bin/env ts-node
+
+/*
+Backend CLI, currently providing 3 commands for user management:
+  npx cli addAdmin --sciper 1234
+  npx cli listUserPermissions --sciper 1234
+  npx cli removeAdmin --sciper 1234
+*/
+
+import { Command } from 'commander';
+import { SequelizeAdapter } from 'casbin-sequelize-adapter';
+import { newEnforcer } from 'casbin';
+
+const program = new Command();
+
+async function initEnforcer() {
+  const dbAdapter = await SequelizeAdapter.newAdapter({
+    dialect: 'postgres',
+    host: process.env.DATABASE_HOST,
+    port: parseInt(process.env.DATABASE_PORT || '5432', 10),
+    username: process.env.DATABASE_USERNAME,
+    password: process.env.DATABASE_PASSWORD,
+    database: 'casbin',
+  });
+
+  return newEnforcer('src/model.conf', dbAdapter);
+}
+
+program
+  .command('addAdmin')
+  .description('Given a SCIPER number, the owner would gain full admin permissions')
+  .requiredOption('-s, --sciper <char>', 'user SCIPER')
+  .action(async ({ sciper }) => {
+    const enforcer = await initEnforcer();
+    const permissions = [
+      [sciper, 'roles', 'add'],
+      [sciper, 'roles', 'list'],
+      [sciper, 'roles', 'remove'],
+      [sciper, 'proxies', 'post'],
+      [sciper, 'proxies', 'put'],
+      [sciper, 'proxies', 'delete'],
+      [sciper, 'election', 'create'],
+    ];
+    await enforcer.addPolicies(permissions);
+    console.log('Successfully imported permissions for user!');
+  });
+
+program
+  .command('listUserPermissions')
+  .description('Lists the permissions -if any- of the owner of a given SCIPER')
+  .requiredOption('-s, --sciper <char>', 'user SCIPER')
+  .action(async ({ sciper }) => {
+    const enforcer = await initEnforcer();
+    const userPermissions = await enforcer.getPermissionsForUser(sciper);
+    console.log(userPermissions);
+  });
+
+program
+  .command('removeAdmin')
+  .description('Given a SCIPER number, the owner would lose all admin privileges -if any-')
+  .requiredOption('-s, --sciper <char>', 'user SCIPER')
+  .action(async ({ sciper }) => {
+    const enforcer = await initEnforcer();
+    await enforcer.deletePermissionsForUser(sciper);
+    console.log('Permissions removed successfully!');
+  });
+
+program.parse();

web/backend/src/Server.ts

@@ -9,4 +9,4 @@ p = sub, obj, act
 e = some(where (p.eft == allow))
 
 [matchers]
-m = r.sub == p.sub && r.obj == p.obj && r.act == p.act
+m = r.sub == p.sub && r.obj == p.obj && r.act == p.act

web/backend/src/cli.ts

@@ -25,17 +25,16 @@
     }
   },
   "include": [
-    "model.conf",
+    "src/model.conf",
     "policy.csv",
-    "src/Server.ts",
+    "src/*.ts",
     "config.json"
   ],
   "exclude": [
     "node_modules",
     "jest.config.js",
     ".eslintrc",
     "dist",
-    "dbUtils.js"
   ],
   "typedocOptions": {
     "entryPoints": [