Auth CLI, continued

auth/auth.go

@@ -11,6 +11,8 @@ type Auther interface {
 type Manager interface {
 	AddUser(username, password string, role Role) error
 	RemoveUser(username string) error
+	Users() ([]*User, error)
+	User(username string) (*User, error)
 	ChangePassword(username, password string) error
 	ChangeRole(username string, role Role) error
 	AllowAccess(username string, topic string, read bool, write bool) error
@@ -18,8 +20,16 @@ type Manager interface {
 }
 
 type User struct {
-	Name string
-	Role Role
+	Name   string
+	Pass   string // hashed
+	Role   Role
+	Grants []Grant
+}
+
+type Grant struct {
+	Topic string
+	Read  bool
+	Write bool
 }
 
 type Permission int
@@ -52,4 +62,7 @@ func AllowedRole(role Role) bool {
 	return role == RoleUser || role == RoleAdmin
 }
 
-var ErrUnauthorized = errors.New("unauthorized")
+var (
+	ErrUnauthorized = errors.New("unauthorized")
+	ErrNotFound     = errors.New("not found")
+)