Ophestra
c64b8163e7
This works better for the implementation. Signed-off-by: Ophestra <cat@gensokyo.uk>
80 lines
1.4 KiB
Go
80 lines
1.4 KiB
Go
package app
|
|
|
|
import (
|
|
"fmt"
|
|
"log"
|
|
"sync"
|
|
|
|
"git.gensokyo.uk/security/fortify/fst"
|
|
"git.gensokyo.uk/security/fortify/internal/fmsg"
|
|
"git.gensokyo.uk/security/fortify/internal/sys"
|
|
)
|
|
|
|
func New(os sys.State) (fst.App, error) {
|
|
a := new(app)
|
|
a.sys = os
|
|
|
|
id := new(fst.ID)
|
|
err := fst.NewAppID(id)
|
|
a.id = newID(id)
|
|
|
|
return a, err
|
|
}
|
|
|
|
func MustNew(os sys.State) fst.App {
|
|
a, err := New(os)
|
|
if err != nil {
|
|
log.Fatalf("cannot create app: %v", err)
|
|
}
|
|
return a
|
|
}
|
|
|
|
type app struct {
|
|
id *stringPair[fst.ID]
|
|
sys sys.State
|
|
|
|
*outcome
|
|
mu sync.RWMutex
|
|
}
|
|
|
|
func (a *app) ID() fst.ID { a.mu.RLock(); defer a.mu.RUnlock(); return a.id.unwrap() }
|
|
|
|
func (a *app) String() string {
|
|
if a == nil {
|
|
return "(invalid app)"
|
|
}
|
|
|
|
a.mu.RLock()
|
|
defer a.mu.RUnlock()
|
|
|
|
if a.outcome != nil {
|
|
if a.outcome.user.uid == nil {
|
|
return fmt.Sprintf("(sealed app %s with invalid uid)", a.id)
|
|
}
|
|
return fmt.Sprintf("(sealed app %s as uid %s)", a.id, a.outcome.user.uid)
|
|
}
|
|
|
|
return fmt.Sprintf("(unsealed app %s)", a.id)
|
|
}
|
|
|
|
func (a *app) Seal(config *fst.Config) (fst.SealedApp, error) {
|
|
a.mu.Lock()
|
|
defer a.mu.Unlock()
|
|
|
|
if a.outcome != nil {
|
|
panic("app sealed twice")
|
|
}
|
|
if config == nil {
|
|
return nil, fmsg.WrapError(ErrConfig,
|
|
"attempted to seal app with nil config")
|
|
}
|
|
|
|
seal := new(outcome)
|
|
seal.id = a.id
|
|
err := seal.finalise(a.sys, config)
|
|
if err == nil {
|
|
a.outcome = seal
|
|
}
|
|
return seal, err
|
|
}
|