X-Git-Url: https://git.hcoop.net/hcoop/domtool2.git/blobdiff_plain/77a8fca278b561808959fa1aa7d9f02c5cfe7720..e69e60ccf1aa77a40cd5b15c4361f378ce332a42:/src/main.sml?ds=sidebyside

diff --git a/src/main.sml b/src/main.sml
index f22c430..997713d 100644
--- a/src/main.sml
+++ b/src/main.sml
@@ -371,6 +371,21 @@ fun requestRmdom dom =
 	OpenSSL.close bio
     end
 
+fun requestRmuser user =
+    let
+	val (_, bio) = requestBio (fn () => ())
+    in
+	Msg.send (bio, MsgRmuser user);
+	case Msg.recv bio of
+	    NONE => print "Server closed connection unexpectedly.\n"
+	  | SOME m =>
+	    case m of
+		MsgOk => print "Removal succeeded.\n"
+	      | MsgError s => print ("Removal failed: " ^ s ^ "\n")
+	      | _ => print "Unexpected server reply.\n";
+	OpenSSL.close bio
+    end
+
 fun regenerate context =
     let
 	val b = basis ()
@@ -439,6 +454,18 @@ fun regenerate context =
 	Env.post ()
     end
 
+fun rmuser user =
+    let
+	val doms = Acl.class {user = user, class = "domain"}
+	val doms = List.filter (fn dom =>
+				   case Acl.whoHas {class = "domain", value = dom} of
+				       [_] => true
+				     | _ => false) (StringSet.listItems doms)
+    in
+	Acl.rmuser user;
+	Domain.rmdom doms
+    end
+
 fun service () =
     let
 	val () = Acl.read Config.aclFile
@@ -583,12 +610,15 @@ fun service () =
 				handle OpenSSL.OpenSSL _ => ();
 				loop ())
 
-			      | MsgRmdom dom =>
+			      | MsgRmdom doms =>
 				if Acl.query {user = user, class = "priv", value = "all"}
-				   orelse Acl.query {user = user, class = "domain", value = dom} then
-				    ((Domain.rmdom dom;
+				   orelse List.all (fn dom => Acl.query {user = user, class = "domain", value = dom}) doms then
+				    ((Domain.rmdom doms;
+				      app (fn dom =>
+					      Acl.revokeFromAll {class = "domain", value = dom}) doms;
+				      Acl.write Config.aclFile;
 				      Msg.send (bio, MsgOk);
-				      print ("Removed domain " ^ dom ^ ".\n"))
+				      print ("Removed domains" ^ foldl (fn (d, s) => s ^ " " ^ d) "" doms ^ ".\n"))
 				     handle OpenSSL.OpenSSL s =>
 					    (print "OpenSSL error\n";
 					     Msg.send (bio,
@@ -629,6 +659,30 @@ fun service () =
 				      ignore (OpenSSL.readChar bio);
 				      OpenSSL.close bio)
 				     handle OpenSSL.OpenSSL _ => ();
+				     loop ())
+
+			      | MsgRmuser user =>
+				if Acl.query {user = user, class = "priv", value = "all"} then
+				    ((rmuser user;
+				      Acl.write Config.aclFile;
+				      Msg.send (bio, MsgOk);
+				      print ("Removed user " ^ user ^ ".\n"))
+				     handle OpenSSL.OpenSSL s =>
+					    (print "OpenSSL error\n";
+					     Msg.send (bio,
+						       MsgError
+							   ("Error during revocation: "
+							    ^ s)));
+				    (ignore (OpenSSL.readChar bio);
+				     OpenSSL.close bio)
+				    handle OpenSSL.OpenSSL _ => ();
+				    loop ())
+				else
+				    ((Msg.send (bio, MsgError "Not authorized to remove users");
+				      print "Unauthorized user asked to remove a user!\n";
+				      ignore (OpenSSL.readChar bio);
+				      OpenSSL.close bio)
+				     handle OpenSSL.OpenSSL _ => ();
 				     loop ())				
 
 			      | _ =>