4cb7e80568
新增功能: - ACL: 访问控制列表(91行) - Auth: 用户认证(41行) - Monitor: 监控和日志(113行) - CLI命令:user/stats/logs 功能验证: - ✅ stats命令显示连接统计 - ✅ user add生成权限配置 - ✅ logs命令显示访问日志 - ✅ 编译成功(0 errors) 总代码量:512行(Phase 1-3完整) Phase 1: 212行(基础配置) Phase 2: 132行(权限控制) Phase 3: 113行(监控日志) 下一步:用户手动启用SMB服务测试
92 lines
2.4 KiB
Rust
92 lines
2.4 KiB
Rust
use serde::{Deserialize, Serialize};
|
|
|
|
#[derive(Debug, Clone, Serialize, Deserialize)]
|
|
pub struct UserPermission {
|
|
pub username: String,
|
|
pub read_access: bool,
|
|
pub write_access: bool,
|
|
pub admin_access: bool,
|
|
}
|
|
|
|
impl Default for UserPermission {
|
|
fn default() -> Self {
|
|
UserPermission {
|
|
username: "accusys".to_string(),
|
|
read_access: true,
|
|
write_access: true,
|
|
admin_access: false,
|
|
}
|
|
}
|
|
}
|
|
|
|
impl UserPermission {
|
|
pub fn new(username: String, read: bool, write: bool, admin: bool) -> Self {
|
|
UserPermission {
|
|
username,
|
|
read_access: read,
|
|
write_access: write,
|
|
admin_access: admin,
|
|
}
|
|
}
|
|
|
|
pub fn readonly(username: String) -> Self {
|
|
UserPermission::new(username, true, false, false)
|
|
}
|
|
|
|
pub fn full_access(username: String) -> Self {
|
|
UserPermission::new(username, true, true, false)
|
|
}
|
|
|
|
pub fn admin(username: String) -> Self {
|
|
UserPermission::new(username, true, true, true)
|
|
}
|
|
}
|
|
|
|
#[derive(Debug, Clone, Serialize, Deserialize, Default)]
|
|
pub struct AccessControlList {
|
|
pub users: Vec<UserPermission>,
|
|
pub guest_access: bool,
|
|
pub max_connections: u32,
|
|
}
|
|
|
|
impl AccessControlList {
|
|
pub fn new() -> Self {
|
|
AccessControlList {
|
|
users: vec![UserPermission::default()],
|
|
guest_access: false,
|
|
max_connections: 10,
|
|
}
|
|
}
|
|
|
|
pub fn add_user(&mut self, permission: UserPermission) {
|
|
if let Some(existing) = self.users.iter_mut().find(|u| u.username == permission.username) {
|
|
*existing = permission;
|
|
} else {
|
|
self.users.push(permission);
|
|
}
|
|
}
|
|
|
|
pub fn remove_user(&mut self, username: &str) {
|
|
self.users.retain(|u| u.username != username);
|
|
}
|
|
|
|
pub fn get_user(&self, username: &str) -> Option<&UserPermission> {
|
|
self.users.iter().find(|u| u.username == username)
|
|
}
|
|
|
|
pub fn has_access(&self, username: &str, require_write: bool) -> bool {
|
|
if self.guest_access && !require_write {
|
|
return true;
|
|
}
|
|
|
|
self.get_user(username)
|
|
.map(|u| {
|
|
if require_write {
|
|
u.write_access
|
|
} else {
|
|
u.read_access
|
|
}
|
|
})
|
|
.unwrap_or(false)
|
|
}
|
|
} |