v1.3.0

Merge pull request #9 from moul/dev/moul/roles
Support multiple roles
2017-11-23 19:04:00 +01:00 · 2017-11-23 19:00:12 +01:00 · 2017-11-23 18:59:59 +01:00 · 2017-11-23 17:45:16 +01:00 · 2017-11-23 17:45:16 +01:00 · 2017-11-23 12:01:17 +01:00
28 changed files with 4471 additions and 514 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 /sshportal
-*.db
+*.db
+/data
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,38 @@
+# Changelog
+
+## v1.3.0 (2017-11-23)
+
+* More details in 'ls' commands
+* Add 'host update' command (fix [#2](https://github.com/moul/sshportal/issues/2))
+* Add 'user update' command (fix [#3](https://github.com/moul/sshportal/issues/3))
+* Add 'acl update' command (fix [#4](https://github.com/moul/sshportal/issues/4))
+* Allow connecting to the shell mode with the registered username or email (fix [#5](https://github.com/moul/sshportal/issues/5))
+* Add 'listhosts' role (fix [#5](https://github.com/moul/sshportal/issues/5))
+
+## v1.2.0 (2017-11-22)
+
+* Support adding multiple `--group` links on `host create` and `user create`
+* Use govalidator to perform more consistent input validation
+* Use a database migration system
+
+## v1.1.0 (2017-11-15)
+
+* Improve versionning (static VERSION + dynamic GIT_* info)
+* Configuration management (backup + restore)
+* Implement Exit (fix [#6](https://github.com/moul/sshportal/pull/6))
+* Disable mysql support (not fully working right now)
+* Set random seed properly
+
+## v1.0.0 (2017-11-14)
+
+Initial version
+
+* Host management
+* User management
+* User Group management
+* Host Group management
+* Host Key management
+* User Key management
+* ACL management
+* Connect to host using key or password
+* Admin commands can be run directly or in an interactive shell
--- a/2
+++ b/2
@@ -2,7 +2,7 @@
 FROM            golang:1.9 as builder
 COPY            . /go/src/github.com/moul/sshportal
 WORKDIR         /go/src/github.com/moul/sshportal
-RUN             CGO_ENABLED=1 go build -tags netgo -ldflags '-extldflags "-static"' -v -o /go/bin/sshportal
+RUN             make _docker_install

 # minimal runtime
 FROM            scratch
--- a/28
+++ b/28
@@ -1,13 +1,37 @@
+GIT_SHA ?=	$(shell git rev-parse HEAD)
+GIT_TAG ?=	$(shell git describe --tags --always)
+GIT_BRANCH ?=	$(shell git rev-parse --abbrev-ref HEAD)
+LDFLAGS ?=	-X main.GIT_SHA=$(GIT_SHA) -X main.GIT_TAG=$(GIT_TAG) -X main.GIT_BRANCH=$(GIT_BRANCH)
+VERSION ?=	$(shell grep 'VERSION =' main.go | cut -d'"' -f2)
+PORT ?=		2222
+
 .PHONY: install
 install:
-	go install .
+	go install -ldflags '$(LDFLAGS)' .
+
+.PHONY: docker.build
+docker.build:
+	docker build -t moul/sshportal .
+
+.PHONY: integration
+integration:
+	PORT="$(PORT)" bash ./examples/integration/test.sh
+
+.PHONY: _docker_install
+_docker_install:
+	CGO_ENABLED=1 go build -ldflags '-extldflags "-static" $(LDFLAGS)' -tags netgo -v -o /go/bin/sshportal

 .PHONY: dev
 dev:
 	-go get github.com/githubnemo/CompileDaemon
-	CompileDaemon -exclude-dir=.git -exclude=".#*" -color=true -command="./sshportal --demo --debug" .
+	CompileDaemon -exclude-dir=.git -exclude=".#*" -color=true -command="./sshportal --demo --debug --bind-address=:$(PORT)" .

 .PHONY: test
 test:
 	go test -i .
 	go test -v .
+
+.PHONY: backup
+backup:
+	mkdir -p data/backups
+	cp sshportal.db data/backups/$(shell date +%s)-$(VERSION)-sshportal.sqlite
--- a/README.md
+++ b/README.md
@@ -134,62 +134,138 @@ ssh admin@portal.example.org host inspect toto

 You can enter in interactive mode using this syntax: `ssh admin@portal.example.org`

-
 ### Synopsis

 ```sh
 # acl management
 acl help
-acl create [-h] [--hostgroup=<value>...] [--usergroup=<value>...] [--pattern=<value>] [--comment=<value>] [--action=<value>] [--weight=value]
-acl inspect [-h] <id> [<id> [<id>...]]
+acl create [-h] [--hostgroup=HOSTGROUP...] [--usergroup=USERGROUP...] [--pattern=<value>] [--comment=<value>] [--action=<value>] [--weight=value]
+acl inspect [-h] ACL...
 acl ls [-h]
-acl rm [-h] <id> [<id> [<id>...]]
+acl rm [-h] ACL...
+acl update [-h] [--comment=<value>] [--action=<value>] [--weight=<value>] [--assign-hostgroup=HOSTGROUP...] [--unassign-hostgroup=HOSTGROUP...] [--assign-usergroup=USERGROUP...] [--unassign-usergroup=USERGROUP...] ACL...
+
+# config management
+config help
+config backup [-h] [--indent]
+config restore [-h] [--confirm]

 # host management
 host help
-host create [-h] [--name=<value>] [--password=<value>] [--fingerprint=<value>] [--comment=<value>] [--key=<value>] [--group=<value>] <user>[:<password>]@<host>[:<port>]
-host inspect [-h] <id or name> [<id or name> [<id or name>...]]
+host create [-h] [--name=<value>] [--password=<value>] [--fingerprint=<value>] [--comment=<value>] [--key=KEY] [--group=HOSTGROUP...] <username>[:<password>]@<host>[:<port>]
+host inspect [-h] HOST...
 host ls [-h]
-host rm [-h] <id or name> [<id or name> [<id or name>...]]
+host rm [-h] HOST...
+host update [-h] [--name=<value>] [--comment=<value>] [--fingerprint=<value>] [--key=KEY] [--assign-group=HOSTGROUP...] [--unassign-group=HOSTGROUP...] HOST...

 # hostgroup management
 hostgroup help
 hostgroup create [-h] [--name=<value>] [--comment=<value>]
-hostgroup inspect [-h] <id or name> [<id or name> [<id or name>...]]
+hostgroup inspect [-h] HOSTGROUP...
 hostgroup ls [-h]
-hostgroup rm [-h] <id or name> [<id or name> [<id or name>...]]
+hostgroup rm [-h] HOSTGROUP...

 # key management
 key help
 key create [-h] [--name=<value>] [--type=<value>] [--length=<value>] [--comment=<value>]
-key inspect [-h] <id or name> [<id or name> [<id or name>...]]
+key inspect [-h] KEY...
 key ls [-h]
-key rm [-h] <id or name> [<id or name> [<id or name>...]]
+key rm [-h] KEY...

 # user management
 user help
-user invite [-h] [--name=<value>] [--comment=<value>] [--group=<value>] <email>
-user inspect [-h] <id or email> [<id or email> [<id or email>...]]
+user invite [-h] [--name=<value>] [--comment=<value>] [--group=USERGROUP...] <email>
+user inspect [-h] USER...
 user ls [-h]
-user rm [-h] <id or email> [<id or email> [<id or email>...]]
+user rm [-h] USER...
+user update [-h] [--name=<value>] [--email=<value>] [--set-admin] [--unset-admin] [--assign-group=USERGROUP...] [--unassign-group=USERGROUP...] USER...

 # usergroup management
 usergroup help
 hostgroup create [-h] [--name=<value>] [--comment=<value>]
-usergroup inspect [-h] <id or name> [<id or name> [<id or name>...]]
+usergroup inspect [-h] USERGROUP...
 usergroup ls [-h]
-usergroup rm [-h] <id or name> [<id or name> [<id or name>...]]
+usergroup rm [-h] USERGROUP...

 # other
+exit [-h]
 help, h
 info [-h]
 version [-h]
 ```

-## Install
+## Docker

-Get the latest version using GO (recommended way):
+Docker is the recommended way to run sshportal.
+
+An [automated build is setup on the Docker Hub](https://hub.docker.com/r/moul/sshportal/tags/).
+
+```console
+# Start a server in background
+#   mount `pwd` to persist the sqlite database file
+docker run -p 2222:2222 -d --name=sshportal -v "$(pwd):$(pwd)" -w "$(pwd)" moul/sshportal:v1.3.0
+
+# check logs (mandatory on first run to get the administrator invite token)
+docker logs -f sshportal
+```
+
+The easier way to upgrade sshportal is to do the following:
+
+```sh
+# we consider you were using the version v1.2.0 and you want to use the new version v1.3.0
+
+# stop and rename the last working container + backup the database
+docker stop sshportal
+docker rename sshportal sshportal_old
+cp sshportal.db sshportal.db.bkp
+
+# run the new version
+docker run -p 2222:2222 -d --name=sshportal -v "$(pwd):$(pwd)" -w "$(pwd)" moul/sshportal:v1.3.0
+# check the logs for migration or cross-version incompabitility errors
+docker logs -f sshportal
+```
+
+Now you can test ssh-ing to sshportal to check if everything looks OK.
+
+In case of problem, you can rollback to the latest working version with the latest working backup, using:
+
+```sh
+docker stop sshportal
+docker rm sshportal
+cp sshportal.db.bkp sshportal.db
+docker rename sshportal_old sshportal
+docker start sshportal
+docker logs -f sshportal
+```
+
+## Manual Install
+
+Get the latest version using GO.

 ```sh
 go get -u github.com/moul/sshportal
 ```
+
+## Backup / Restore
+
+sshportal embeds built-in backup/restore methods which basically import/export JSON objects:
+
+```sh
+# Backup
+ssh admin@sshportal config backup  > sshportal.bkp
+
+# Restore
+ssh admin@sshportal config restore < sshportal.bkp
+```
+
+This method is particularly useful as it should be resistant against future DB schema changes (expected during development phase).
+
+I suggest you to be careful during this development phase, and use an additional backup method, for example:
+
+```sh
+# sqlite dump
+sqlite3 sshportal.db .dump > sshportal.sql.bkp
+
+# or just the immortal cp
+cp sshportal.db sshportal.db.bkp
+```
--- a/acl.go
+++ b/acl.go
@@ -2,7 +2,7 @@ package main

 import "sort"

-type ByWeight []ACL
+type ByWeight []*ACL

 func (a ByWeight) Len() int           { return len(a) }
 func (a ByWeight) Swap(i, j int)      { a[i], a[j] = a[j], a[i] }
@@ -10,7 +10,7 @@ func (a ByWeight) Less(i, j int) bool { return a[i].Weight < a[j].Weight }

 func CheckACLs(user User, host Host) (string, error) {
 	// shared ACLs between user and host
-	aclMap := map[uint]ACL{}
+	aclMap := map[uint]*ACL{}
 	for _, userGroup := range user.Groups {
 		for _, userGroupACL := range userGroup.ACLs {
 			for _, hostGroup := range host.Groups {
@@ -30,7 +30,7 @@ func CheckACLs(user User, host Host) (string, error) {
 	}

 	// transofrm map to slice and sort it
-	acls := []ACL{}
+	acls := []*ACL{}
 	for _, acl := range aclMap {
 		acls = append(acls, acl)
 	}
--- a/db.go
+++ b/db.go
@@ -2,227 +2,123 @@ package main

 import (
 	"fmt"
-	"log"
 	"net/url"
+	"regexp"
 	"strings"
+	"time"

+	"github.com/asaskevich/govalidator"
 	"github.com/gliderlabs/ssh"
 	"github.com/jinzhu/gorm"
 )

+type Config struct {
+	SSHKeys    []*SSHKey    `json:"keys"`
+	Hosts      []*Host      `json:"hosts"`
+	UserKeys   []*UserKey   `json:"user_keys"`
+	Users      []*User      `json:"users"`
+	UserGroups []*UserGroup `json:"user_groups"`
+	HostGroups []*HostGroup `json:"host_groups"`
+	ACLs       []*ACL       `json:"acls"`
+	Settings   []*Setting   `json:"settings"`
+	Date       time.Time    `json:"date"`
+}
+
+type Setting struct {
+	gorm.Model
+	Name  string `valid:"required"`
+	Value string `valid:"required"`
+}
+
 type SSHKey struct {
 	// FIXME: use uuid for ID
 	gorm.Model
-	Name        string // FIXME: govalidator: min length 3, alphanum
-	Type        string
-	Length      uint
-	Fingerprint string
-	PrivKey     string `sql:"size:10000;"`
-	PubKey      string `sql:"size:10000;"`
-	Hosts       []Host
-	Comment     string
+	Name        string  `valid:"required,length(1|32),unix_user"`
+	Type        string  `valid:"required"`
+	Length      uint    `valid:"required"`
+	Fingerprint string  `valid:"optional"`
+	PrivKey     string  `sql:"size:10000" valid:"required"`
+	PubKey      string  `sql:"size:10000" valid:"optional"`
+	Hosts       []*Host `gorm:"ForeignKey:SSHKeyID"`
+	Comment     string  `valid:"optional"`
 }

 type Host struct {
 	// FIXME: use uuid for ID
 	gorm.Model
-	Name        string `gorm:"size:63"` // FIXME: govalidator: min length 3, alphanum
-	Addr        string
-	User        string
-	Password    string
-	SSHKey      *SSHKey
-	SSHKeyID    uint        `gorm:"index"`
-	Groups      []HostGroup `gorm:"many2many:host_host_groups;"`
-	Fingerprint string      // FIXME: replace with hostkey ?
-	Comment     string
+	Name        string       `gorm:"size:32" valid:"required,length(1|32),unix_user"`
+	Addr        string       `valid:"required"`
+	User        string       `valid:"optional"`
+	Password    string       `valid:"optional"`
+	SSHKey      *SSHKey      `gorm:"ForeignKey:SSHKeyID"`
+	SSHKeyID    uint         `gorm:"index"`
+	Groups      []*HostGroup `gorm:"many2many:host_host_groups;"`
+	Fingerprint string       `valid:"optional"` // FIXME: replace with hostKey ?
+	Comment     string       `valid:"optional"`
 }

 type UserKey struct {
 	gorm.Model
-	Key     []byte `sql:"size:10000;"`
-	UserID  uint
-	User    *User
-	Comment string
+	Key     []byte `sql:"size:10000" valid:"required,length(1|10000)"`
+	UserID  uint   ``
+	User    *User  `gorm:"ForeignKey:UserID"`
+	Comment string `valid:"optional"`
+}
+
+type UserRole struct {
+	gorm.Model
+	Name  string  `valid:"required,length(1|32),unix_user"`
+	Users []*User `gorm:"many2many:user_user_roles"`
 }

 type User struct {
 	// FIXME: use uuid for ID
 	gorm.Model
-	IsAdmin     bool
-	Email       string // FIXME: govalidator: email
-	Name        string // FIXME: govalidator: min length 3, alphanum
-	Keys        []UserKey
-	Groups      []UserGroup `gorm:"many2many:user_user_groups;"`
-	Comment     string
-	InviteToken string
+	Roles       []*UserRole  `gorm:"many2many:user_user_roles"`
+	Email       string       `valid:"required,email"`
+	Name        string       `valid:"required,length(1|32),unix_user"`
+	Keys        []*UserKey   `gorm:"ForeignKey:UserID"`
+	Groups      []*UserGroup `gorm:"many2many:user_user_groups;"`
+	Comment     string       `valid:"optional"`
+	InviteToken string       `valid:"optional,length(10|60)"`
 }

 type UserGroup struct {
 	gorm.Model
-	Name    string
-	Users   []User `gorm:"many2many:user_user_groups;"`
-	ACLs    []ACL  `gorm:"many2many:user_group_acls;"`
-	Comment string
+	Name    string  `valid:"required,length(1|32),unix_user"`
+	Users   []*User `gorm:"many2many:user_user_groups;"`
+	ACLs    []*ACL  `gorm:"many2many:user_group_acls;"`
+	Comment string  `valid:"optional"`
 }

 type HostGroup struct {
 	gorm.Model
-	Name    string
-	Hosts   []Host `gorm:"many2many:host_host_groups;"`
-	ACLs    []ACL  `gorm:"many2many:host_group_acls;"`
-	Comment string
+	Name    string  `valid:"required,length(1|32),unix_user"`
+	Hosts   []*Host `gorm:"many2many:host_host_groups;"`
+	ACLs    []*ACL  `gorm:"many2many:host_group_acls;"`
+	Comment string  `valid:"optional"`
 }

 type ACL struct {
 	gorm.Model
-	HostGroups  []HostGroup `gorm:"many2many:host_group_acls;"`
-	UserGroups  []UserGroup `gorm:"many2many:user_group_acls;"`
-	HostPattern string
-	Action      string
-	Weight      uint
-	Comment     string
+	HostGroups  []*HostGroup `gorm:"many2many:host_group_acls;"`
+	UserGroups  []*UserGroup `gorm:"many2many:user_group_acls;"`
+	HostPattern string       `valid:"optional"`
+	Action      string       `valid:"required"`
+	Weight      uint         ``
+	Comment     string       `valid:"optional"`
 }

-func dbInit(db *gorm.DB) error {
-	db.AutoMigrate(&User{})
-	db.AutoMigrate(&SSHKey{})
-	db.AutoMigrate(&Host{})
-	db.AutoMigrate(&UserKey{})
-	db.AutoMigrate(&UserGroup{})
-	db.AutoMigrate(&HostGroup{})
-	db.AutoMigrate(&ACL{})
-	// FIXME: check if indexes exist to avoid gorm warns
-	db.Exec(`CREATE UNIQUE INDEX uix_keys_name        ON "ssh_keys"("name")      WHERE ("deleted_at" IS NULL)`)
-	db.Exec(`CREATE UNIQUE INDEX uix_hosts_name       ON "hosts"("name")         WHERE ("deleted_at" IS NULL)`)
-	db.Exec(`CREATE UNIQUE INDEX uix_users_name       ON "users"("email")        WHERE ("deleted_at" IS NULL)`)
-	db.Exec(`CREATE UNIQUE INDEX uix_usergroups_name  ON "user_groups"("name")   WHERE ("deleted_at" IS NULL)`)
-	db.Exec(`CREATE UNIQUE INDEX uix_hostgroups_name  ON "host_groups"("name")   WHERE ("deleted_at" IS NULL)`)
+func init() {
+	unixUserRegexp := regexp.MustCompile("[a-z_][a-z0-9_-]*")

-	// create default ssh key
-	var count uint
-	if err := db.Table("ssh_keys").Where("name = ?", "default").Count(&count).Error; err != nil {
-		return err
-	}
-	if count == 0 {
-		key, err := NewSSHKey("rsa", 2048)
-		if err != nil {
-			return err
+	govalidator.CustomTypeTagMap.Set("unix_user", govalidator.CustomTypeValidator(func(i interface{}, context interface{}) bool {
+		name, ok := i.(string)
+		if !ok {
+			return false
 		}
-		key.Name = "default"
-		key.Comment = "created by sshportal"
-		if err := db.Create(&key).Error; err != nil {
-			return err
-		}
-	}
-
-	// create default host group
-	if err := db.Table("host_groups").Where("name = ?", "default").Count(&count).Error; err != nil {
-		return err
-	}
-	if count == 0 {
-		hostGroup := HostGroup{
-			Name:    "default",
-			Comment: "created by sshportal",
-		}
-		if err := db.Create(&hostGroup).Error; err != nil {
-			return err
-		}
-	}
-
-	// create default user group
-	if err := db.Table("user_groups").Where("name = ?", "default").Count(&count).Error; err != nil {
-		return err
-	}
-	if count == 0 {
-		userGroup := UserGroup{
-			Name:    "default",
-			Comment: "created by sshportal",
-		}
-		if err := db.Create(&userGroup).Error; err != nil {
-			return err
-		}
-	}
-
-	// create default acl
-	if err := db.Table("acls").Count(&count).Error; err != nil {
-		return err
-	}
-	if count == 0 {
-		var defaultUserGroup UserGroup
-		db.Where("name = ?", "default").First(&defaultUserGroup)
-		var defaultHostGroup HostGroup
-		db.Where("name = ?", "default").First(&defaultHostGroup)
-		acl := ACL{
-			UserGroups: []UserGroup{defaultUserGroup},
-			HostGroups: []HostGroup{defaultHostGroup},
-			Action:     "allow",
-			//HostPattern: "",
-			//Weight:      0,
-			Comment: "created by sshportal",
-		}
-		if err := db.Create(&acl).Error; err != nil {
-			return err
-		}
-	}
-
-	// create admin user
-	var defaultUserGroup UserGroup
-	db.Where("name = ?", "default").First(&defaultUserGroup)
-	db.Table("users").Count(&count)
-	if count == 0 {
-		// if no admin, create an account for the first connection
-		user := User{
-			Name:        "Administrator",
-			Email:       "admin@sshportal",
-			Comment:     "created by sshportal",
-			IsAdmin:     true,
-			InviteToken: RandStringBytes(16),
-			Groups:      []UserGroup{defaultUserGroup},
-		}
-		db.Create(&user)
-		log.Printf("Admin user created, use the user 'invite:%s' to associate a public key with this account", user.InviteToken)
-	}
-
-	// create host ssh key
-	if err := db.Table("ssh_keys").Where("name = ?", "host").Count(&count).Error; err != nil {
-		return err
-	}
-	if count == 0 {
-		key, err := NewSSHKey("rsa", 2048)
-		if err != nil {
-			return err
-		}
-		key.Name = "host"
-		key.Comment = "created by sshportal"
-		if err := db.Create(&key).Error; err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func dbDemo(db *gorm.DB) error {
-	hostGroup, err := FindHostGroupByIdOrName(db, "default")
-	if err != nil {
-		return err
-	}
-
-	key, err := FindKeyByIdOrName(db, "default")
-	if err != nil {
-		return err
-	}
-
-	var (
-		host1 = Host{Name: "sdf", Addr: "sdf.org:22", User: "new", SSHKeyID: key.ID, Groups: []HostGroup{*hostGroup}}
-		host2 = Host{Name: "whoami", Addr: "whoami.filippo.io:22", User: "test", SSHKeyID: key.ID, Groups: []HostGroup{*hostGroup}}
-		host3 = Host{Name: "ssh-chat", Addr: "chat.shazow.net:22", User: "test", SSHKeyID: key.ID, Fingerprint: "MD5:e5:d5:d1:75:90:38:42:f6:c7:03:d7:d0:56:7d:6a:db", Groups: []HostGroup{*hostGroup}}
-	)
-
-	// FIXME: check if hosts exist to avoid `UNIQUE constraint` error
-	db.Create(&host1)
-	db.Create(&host2)
-	db.Create(&host3)
-	return nil
+		return unixUserRegexp.MatchString(name)
+	}))
 }

 func RemoteHostFromSession(s ssh.Session, db *gorm.DB) (*Host, error) {
@@ -265,148 +161,86 @@ func (host *Host) Hostname() string {
 }

 // Host helpers
-
-func FindHostByIdOrName(db *gorm.DB, query string) (*Host, error) {
-	var host Host
-	if err := db.Preload("Groups").Preload("SSHKey").Where("id = ?", query).Or("name = ?", query).First(&host).Error; err != nil {
-		return nil, err
-	}
-	return &host, nil
+func HostsPreload(db *gorm.DB) *gorm.DB {
+	return db.Preload("Groups").Preload("SSHKey")
 }
-func FindHostsByIdOrName(db *gorm.DB, queries []string) ([]*Host, error) {
-	var hosts []*Host
-	for _, query := range queries {
-		host, err := FindHostByIdOrName(db, query)
-		if err != nil {
-			return nil, err
-		}
-		hosts = append(hosts, host)
-	}
-	return hosts, nil
+func HostsByIdentifiers(db *gorm.DB, identifiers []string) *gorm.DB {
+	return db.Where("id IN (?)", identifiers).Or("name IN (?)", identifiers)
 }

 // SSHKey helpers
-
-func FindKeyByIdOrName(db *gorm.DB, query string) (*SSHKey, error) {
-	var key SSHKey
-	if err := db.Preload("Hosts").Where("id = ?", query).Or("name = ?", query).First(&key).Error; err != nil {
-		return nil, err
-	}
-	return &key, nil
+func SSHKeysPreload(db *gorm.DB) *gorm.DB {
+	return db.Preload("Hosts")
 }
-func FindKeysByIdOrName(db *gorm.DB, queries []string) ([]*SSHKey, error) {
-	var keys []*SSHKey
-	for _, query := range queries {
-		key, err := FindKeyByIdOrName(db, query)
-		if err != nil {
-			return nil, err
-		}
-		keys = append(keys, key)
-	}
-	return keys, nil
+func SSHKeysByIdentifiers(db *gorm.DB, identifiers []string) *gorm.DB {
+	return db.Where("id IN (?)", identifiers).Or("name IN (?)", identifiers)
 }

 // HostGroup helpers
-
-func FindHostGroupByIdOrName(db *gorm.DB, query string) (*HostGroup, error) {
-	var hostGroup HostGroup
-	if err := db.Preload("ACLs").Preload("Hosts").Where("id = ?", query).Or("name = ?", query).First(&hostGroup).Error; err != nil {
-		return nil, err
-	}
-	return &hostGroup, nil
+func HostGroupsPreload(db *gorm.DB) *gorm.DB {
+	return db.Preload("ACLs").Preload("Hosts")
 }
-func FindHostGroupsByIdOrName(db *gorm.DB, queries []string) ([]*HostGroup, error) {
-	var hostGroups []*HostGroup
-	for _, query := range queries {
-		hostGroup, err := FindHostGroupByIdOrName(db, query)
-		if err != nil {
-			return nil, err
-		}
-		hostGroups = append(hostGroups, hostGroup)
-	}
-	return hostGroups, nil
+func HostGroupsByIdentifiers(db *gorm.DB, identifiers []string) *gorm.DB {
+	return db.Where("id IN (?)", identifiers).Or("name IN (?)", identifiers)
 }

 // UserGroup heleprs
-
-func FindUserGroupByIdOrName(db *gorm.DB, query string) (*UserGroup, error) {
-	var userGroup UserGroup
-	if err := db.Preload("ACLs").Preload("Users").Where("id = ?", query).Or("name = ?", query).First(&userGroup).Error; err != nil {
-		return nil, err
-	}
-	return &userGroup, nil
+func UserGroupsPreload(db *gorm.DB) *gorm.DB {
+	return db.Preload("ACLs").Preload("Users")
 }
-func FindUserGroupsByIdOrName(db *gorm.DB, queries []string) ([]*UserGroup, error) {
-	var userGroups []*UserGroup
-	for _, query := range queries {
-		userGroup, err := FindUserGroupByIdOrName(db, query)
-		if err != nil {
-			return nil, err
-		}
-		userGroups = append(userGroups, userGroup)
-	}
-	return userGroups, nil
+func UserGroupsByIdentifiers(db *gorm.DB, identifiers []string) *gorm.DB {
+	return db.Where("id IN (?)", identifiers).Or("name IN (?)", identifiers)
 }

 // User helpers
-
-func FindUserByIdOrEmail(db *gorm.DB, query string) (*User, error) {
-	var user User
-	if err := db.Preload("Groups").Preload("Keys").Where("id = ?", query).Or("email = ?", query).First(&user).Error; err != nil {
-		return nil, err
-	}
-	return &user, nil
+func UsersPreload(db *gorm.DB) *gorm.DB {
+	return db.Preload("Groups").Preload("Keys").Preload("Roles")
 }
-func FindUsersByIdOrEmail(db *gorm.DB, queries []string) ([]*User, error) {
-	var users []*User
-	for _, query := range queries {
-		user, err := FindUserByIdOrEmail(db, query)
-		if err != nil {
-			return nil, err
+func UsersByIdentifiers(db *gorm.DB, identifiers []string) *gorm.DB {
+	return db.Where("id IN (?)", identifiers).Or("email IN (?)", identifiers).Or("name IN (?)", identifiers)
+}
+func UserHasRole(user User, name string) bool {
+	for _, role := range user.Roles {
+		if role.Name == name {
+			return true
 		}
-		users = append(users, user)
 	}
-	return users, nil
+	return false
+}
+func UserCheckRoles(user User, names []string) error {
+	ok := false
+	for _, name := range names {
+		if UserHasRole(user, name) {
+			ok = true
+			break
+		}
+	}
+	if ok {
+		return nil
+	}
+	return fmt.Errorf("you don't have permission to access this feature (requires any of these roles: '%s')", strings.Join(names, "', '"))
 }

 // ACL helpers
-
-func FindACLById(db *gorm.DB, query string) (*ACL, error) {
-	var acl ACL
-	if err := db.Preload("UserGroups").Preload("HostGroups").Where("id = ?", query).First(&acl).Error; err != nil {
-		return nil, err
-	}
-	return &acl, nil
+func ACLsPreload(db *gorm.DB) *gorm.DB {
+	return db.Preload("UserGroups").Preload("HostGroups")
 }
-func FindACLsById(db *gorm.DB, queries []string) ([]*ACL, error) {
-	var acls []*ACL
-	for _, query := range queries {
-		acl, err := FindACLById(db, query)
-		if err != nil {
-			return nil, err
-		}
-		acls = append(acls, acl)
-	}
-	return acls, nil
+func ACLsByIdentifiers(db *gorm.DB, identifiers []string) *gorm.DB {
+	return db.Where("id IN (?)", identifiers)
 }

 // UserKey helpers
+func UserKeysPreload(db *gorm.DB) *gorm.DB {
+	return db.Preload("User")
+}
+func UserKeysByIdentifiers(db *gorm.DB, identifiers []string) *gorm.DB {
+	return db.Where("id IN (?)", identifiers)
+}

-func FindUserkeyById(db *gorm.DB, query string) (*UserKey, error) {
-	var userkey UserKey
-	if err := db.Preload("User").Where("id = ?", query).First(&userkey).Error; err != nil {
-		return nil, err
-	}
-	return &userkey, nil
+// UserRole helpers
+func UserRolesPreload(db *gorm.DB) *gorm.DB {
+	return db.Preload("Users")
 }
-func FindUserkeysById(db *gorm.DB, queries []string) ([]*UserKey, error) {
-	var userkeys []*UserKey
-	for _, query := range queries {
-		userkey, err := FindUserkeyById(db, query)
-		if err != nil {
-			return nil, err
-		}
-		userkeys = append(userkeys, userkey)
-	}
-	return userkeys, nil
+func UserRolesByIdentifiers(db *gorm.DB, identifiers []string) *gorm.DB {
+	return db.Where("id IN (?)", identifiers).Or("name IN (?)", identifiers)
 }
--- a/dbinit.go
+++ b/dbinit.go
@@ -0,0 +1,436 @@
+package main
+
+import (
+	"fmt"
+	"log"
+	"os"
+
+	"github.com/go-gormigrate/gormigrate"
+	"github.com/jinzhu/gorm"
+)
+
+func dbInit(db *gorm.DB) error {
+	m := gormigrate.New(db, gormigrate.DefaultOptions, []*gormigrate.Migration{
+		{
+			ID: "1",
+			Migrate: func(tx *gorm.DB) error {
+				type Setting struct {
+					gorm.Model
+					Name  string
+					Value string
+				}
+				return tx.AutoMigrate(&Setting{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("settings").Error
+			},
+		},
+		{
+			ID: "2",
+			Migrate: func(tx *gorm.DB) error {
+				type SSHKey struct {
+					// FIXME: use uuid for ID
+					gorm.Model
+					Name        string
+					Type        string
+					Length      uint
+					Fingerprint string
+					PrivKey     string  `sql:"size:10000"`
+					PubKey      string  `sql:"size:10000"`
+					Hosts       []*Host `gorm:"ForeignKey:SSHKeyID"`
+					Comment     string
+				}
+				return tx.AutoMigrate(&SSHKey{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("ssh_keys").Error
+			},
+		}, {
+			ID: "3",
+			Migrate: func(tx *gorm.DB) error {
+				type Host struct {
+					// FIXME: use uuid for ID
+					gorm.Model
+					Name        string `gorm:"size:32"`
+					Addr        string
+					User        string
+					Password    string
+					SSHKey      *SSHKey      `gorm:"ForeignKey:SSHKeyID"`
+					SSHKeyID    uint         `gorm:"index"`
+					Groups      []*HostGroup `gorm:"many2many:host_host_groups;"`
+					Fingerprint string
+					Comment     string
+				}
+				return tx.AutoMigrate(&Host{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("hosts").Error
+			},
+		}, {
+			ID: "4",
+			Migrate: func(tx *gorm.DB) error {
+				type UserKey struct {
+					gorm.Model
+					Key     []byte `sql:"size:10000"`
+					UserID  uint   ``
+					User    *User  `gorm:"ForeignKey:UserID"`
+					Comment string
+				}
+				return tx.AutoMigrate(&UserKey{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("user_keys").Error
+			},
+		}, {
+			ID: "5",
+			Migrate: func(tx *gorm.DB) error {
+				type User struct {
+					// FIXME: use uuid for ID
+					gorm.Model
+					IsAdmin     bool
+					Email       string
+					Name        string
+					Keys        []*UserKey   `gorm:"ForeignKey:UserID"`
+					Groups      []*UserGroup `gorm:"many2many:user_user_groups;"`
+					Comment     string
+					InviteToken string
+				}
+				return tx.AutoMigrate(&User{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("users").Error
+			},
+		}, {
+			ID: "6",
+			Migrate: func(tx *gorm.DB) error {
+				type UserGroup struct {
+					gorm.Model
+					Name    string
+					Users   []*User `gorm:"many2many:user_user_groups;"`
+					ACLs    []*ACL  `gorm:"many2many:user_group_acls;"`
+					Comment string
+				}
+				return tx.AutoMigrate(&UserGroup{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("user_groups").Error
+			},
+		}, {
+			ID: "7",
+			Migrate: func(tx *gorm.DB) error {
+				type HostGroup struct {
+					gorm.Model
+					Name    string
+					Hosts   []*Host `gorm:"many2many:host_host_groups;"`
+					ACLs    []*ACL  `gorm:"many2many:host_group_acls;"`
+					Comment string
+				}
+				return tx.AutoMigrate(&HostGroup{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("host_groups").Error
+			},
+		}, {
+			ID: "8",
+			Migrate: func(tx *gorm.DB) error {
+				type ACL struct {
+					gorm.Model
+					HostGroups  []*HostGroup `gorm:"many2many:host_group_acls;"`
+					UserGroups  []*UserGroup `gorm:"many2many:user_group_acls;"`
+					HostPattern string
+					Action      string
+					Weight      uint
+					Comment     string
+				}
+
+				return tx.AutoMigrate(&ACL{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("acls").Error
+			},
+		}, {
+			ID: "9",
+			Migrate: func(tx *gorm.DB) error {
+				db.Model(&Setting{}).RemoveIndex("uix_settings_name")
+				return db.Model(&Setting{}).Where(`"deleted_at" IS NULL`).AddUniqueIndex("uix_settings_name", "name").Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return db.Model(&Setting{}).RemoveIndex("uix_settings_name").Error
+			},
+		}, {
+			ID: "10",
+			Migrate: func(tx *gorm.DB) error {
+				db.Model(&SSHKey{}).RemoveIndex("uix_keys_name")
+				return db.Model(&SSHKey{}).Where(`"deleted_at" IS NULL`).AddUniqueIndex("uix_keys_name", "name").Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return db.Model(&SSHKey{}).RemoveIndex("uix_keys_name").Error
+			},
+		}, {
+			ID: "11",
+			Migrate: func(tx *gorm.DB) error {
+				db.Model(&Host{}).RemoveIndex("uix_hosts_name")
+				return db.Model(&Host{}).Where(`"deleted_at" IS NULL`).AddUniqueIndex("uix_hosts_name", "name").Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return db.Model(&Host{}).RemoveIndex("uix_hosts_name").Error
+			},
+		}, {
+			ID: "12",
+			Migrate: func(tx *gorm.DB) error {
+				db.Model(&User{}).RemoveIndex("uix_users_name")
+				return db.Model(&User{}).Where(`"deleted_at" IS NULL`).AddUniqueIndex("uix_users_name", "name").Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return db.Model(&User{}).RemoveIndex("uix_users_name").Error
+			},
+		}, {
+			ID: "13",
+			Migrate: func(tx *gorm.DB) error {
+				db.Model(&UserGroup{}).RemoveIndex("uix_usergroups_name")
+				return db.Model(&UserGroup{}).Where(`"deleted_at" IS NULL`).AddUniqueIndex("uix_usergroups_name", "name").Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return db.Model(&UserGroup{}).RemoveIndex("uix_usergroups_name").Error
+			},
+		}, {
+			ID: "14",
+			Migrate: func(tx *gorm.DB) error {
+				db.Model(&HostGroup{}).RemoveIndex("uix_hostgroups_name")
+				return db.Model(&HostGroup{}).Where(`"deleted_at" IS NULL`).AddUniqueIndex("uix_hostgroups_name", "name").Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return db.Model(&HostGroup{}).RemoveIndex("uix_hostgroups_name").Error
+			},
+		}, {
+			ID: "15",
+			Migrate: func(tx *gorm.DB) error {
+				type UserRole struct {
+					gorm.Model
+					Name  string  `valid:"required,length(1|32),unix_user"`
+					Users []*User `gorm:"many2many:user_user_roles"`
+				}
+				return tx.AutoMigrate(&UserRole{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("user_roles").Error
+			},
+		}, {
+			ID: "16",
+			Migrate: func(tx *gorm.DB) error {
+				type User struct {
+					gorm.Model
+					IsAdmin     bool
+					Roles       []*UserRole  `gorm:"many2many:user_user_roles"`
+					Email       string       `valid:"required,email"`
+					Name        string       `valid:"required,length(1|32),unix_user"`
+					Keys        []*UserKey   `gorm:"ForeignKey:UserID"`
+					Groups      []*UserGroup `gorm:"many2many:user_user_groups;"`
+					Comment     string       `valid:"optional"`
+					InviteToken string       `valid:"optional,length(10|60)"`
+				}
+				return tx.AutoMigrate(&User{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return fmt.Errorf("not implemented")
+			},
+		}, {
+			ID: "17",
+			Migrate: func(tx *gorm.DB) error {
+				return tx.Create(&UserRole{Name: "admin"}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.Where("name = ?", "admin").Delete(&UserRole{}).Error
+			},
+		}, {
+			ID: "18",
+			Migrate: func(tx *gorm.DB) error {
+				var adminRole UserRole
+				if err := db.Where("name = ?", "admin").First(&adminRole).Error; err != nil {
+					return err
+				}
+
+				var users []User
+				if err := db.Preload("Roles").Where("is_admin = ?", true).Find(&users).Error; err != nil {
+					return err
+				}
+
+				for _, user := range users {
+					user.Roles = append(user.Roles, &adminRole)
+					if err := tx.Save(&user).Error; err != nil {
+						return err
+					}
+				}
+				return nil
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return fmt.Errorf("not implemented")
+			},
+		}, {
+			ID: "19",
+			Migrate: func(tx *gorm.DB) error {
+				type User struct {
+					gorm.Model
+					Roles       []*UserRole  `gorm:"many2many:user_user_roles"`
+					Email       string       `valid:"required,email"`
+					Name        string       `valid:"required,length(1|32),unix_user"`
+					Keys        []*UserKey   `gorm:"ForeignKey:UserID"`
+					Groups      []*UserGroup `gorm:"many2many:user_user_groups;"`
+					Comment     string       `valid:"optional"`
+					InviteToken string       `valid:"optional,length(10|60)"`
+				}
+				return tx.AutoMigrate(&User{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return fmt.Errorf("not implemented")
+			},
+		}, {
+			ID: "20",
+			Migrate: func(tx *gorm.DB) error {
+				return tx.Create(&UserRole{Name: "listhosts"}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.Where("name = ?", "listhosts").Delete(&UserRole{}).Error
+			},
+		},
+	})
+	if err := m.Migrate(); err != nil {
+		return err
+	}
+
+	// create default ssh key
+	var count uint
+	if err := db.Table("ssh_keys").Where("name = ?", "default").Count(&count).Error; err != nil {
+		return err
+	}
+	if count == 0 {
+		key, err := NewSSHKey("rsa", 2048)
+		if err != nil {
+			return err
+		}
+		key.Name = "default"
+		key.Comment = "created by sshportal"
+		if err := db.Create(&key).Error; err != nil {
+			return err
+		}
+	}
+
+	// create default host group
+	if err := db.Table("host_groups").Where("name = ?", "default").Count(&count).Error; err != nil {
+		return err
+	}
+	if count == 0 {
+		hostGroup := HostGroup{
+			Name:    "default",
+			Comment: "created by sshportal",
+		}
+		if err := db.Create(&hostGroup).Error; err != nil {
+			return err
+		}
+	}
+
+	// create default user group
+	if err := db.Table("user_groups").Where("name = ?", "default").Count(&count).Error; err != nil {
+		return err
+	}
+	if count == 0 {
+		userGroup := UserGroup{
+			Name:    "default",
+			Comment: "created by sshportal",
+		}
+		if err := db.Create(&userGroup).Error; err != nil {
+			return err
+		}
+	}
+
+	// create default acl
+	if err := db.Table("acls").Count(&count).Error; err != nil {
+		return err
+	}
+	if count == 0 {
+		var defaultUserGroup UserGroup
+		db.Where("name = ?", "default").First(&defaultUserGroup)
+		var defaultHostGroup HostGroup
+		db.Where("name = ?", "default").First(&defaultHostGroup)
+		acl := ACL{
+			UserGroups: []*UserGroup{&defaultUserGroup},
+			HostGroups: []*HostGroup{&defaultHostGroup},
+			Action:     "allow",
+			//HostPattern: "",
+			//Weight:      0,
+			Comment: "created by sshportal",
+		}
+		if err := db.Create(&acl).Error; err != nil {
+			return err
+		}
+	}
+
+	// create admin user
+	var defaultUserGroup UserGroup
+	db.Where("name = ?", "default").First(&defaultUserGroup)
+	db.Table("users").Count(&count)
+	if count == 0 {
+		// if no admin, create an account for the first connection
+		inviteToken := RandStringBytes(16)
+		if os.Getenv("SSHPORTAL_DEFAULT_ADMIN_INVITE_TOKEN") != "" {
+			inviteToken = os.Getenv("SSHPORTAL_DEFAULT_ADMIN_INVITE_TOKEN")
+		}
+		var adminRole UserRole
+		if err := db.Where("name = ?", "admin").First(&adminRole).Error; err != nil {
+			return err
+		}
+		user := User{
+			Name:        "Administrator",
+			Email:       "admin@sshportal",
+			Comment:     "created by sshportal",
+			Roles:       []*UserRole{&adminRole},
+			InviteToken: inviteToken,
+			Groups:      []*UserGroup{&defaultUserGroup},
+		}
+		if err := db.Create(&user).Error; err != nil {
+			return err
+		}
+		log.Printf("Admin user created, use the user 'invite:%s' to associate a public key with this account", user.InviteToken)
+	}
+
+	// create host ssh key
+	if err := db.Table("ssh_keys").Where("name = ?", "host").Count(&count).Error; err != nil {
+		return err
+	}
+	if count == 0 {
+		key, err := NewSSHKey("rsa", 2048)
+		if err != nil {
+			return err
+		}
+		key.Name = "host"
+		key.Comment = "created by sshportal"
+		if err := db.Create(&key).Error; err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func dbDemo(db *gorm.DB) error {
+	var hostGroup HostGroup
+	if err := HostGroupsByIdentifiers(db, []string{"default"}).First(&hostGroup).Error; err != nil {
+		return err
+	}
+
+	var key SSHKey
+	if err := SSHKeysByIdentifiers(db, []string{"default"}).First(&key).Error; err != nil {
+		return err
+	}
+
+	var (
+		host1 = Host{Name: "sdf", Addr: "sdf.org:22", User: "new", SSHKeyID: key.ID, Groups: []*HostGroup{&hostGroup}}
+		host2 = Host{Name: "whoami", Addr: "whoami.filippo.io:22", User: "test", SSHKeyID: key.ID, Groups: []*HostGroup{&hostGroup}}
+		host3 = Host{Name: "ssh-chat", Addr: "chat.shazow.net:22", User: "test", SSHKeyID: key.ID, Fingerprint: "MD5:e5:d5:d1:75:90:38:42:f6:c7:03:d7:d0:56:7d:6a:db", Groups: []*HostGroup{&hostGroup}}
+	)
+
+	// FIXME: check if hosts exist to avoid `UNIQUE constraint` error
+	db.FirstOrCreate(&host1)
+	db.FirstOrCreate(&host2)
+	db.FirstOrCreate(&host3)
+	return nil
+}
--- a/examples/integration/test.sh
+++ b/examples/integration/test.sh
@@ -0,0 +1,82 @@
+#!/bin/sh -e
+# Setup a new sshportal and performs some checks
+
+PORT=${PORT:-2222}
+SSHPORTAL_DEFAULT_ADMIN_INVITE_TOKEN=integration
+
+# tempdir
+WORK_DIR=`mktemp -d`
+if [[ ! "$WORK_DIR" || ! -d "$WORK_DIR" ]]; then
+  echo "Could not create temp dir"
+  exit 1
+fi
+cd "${WORK_DIR}"
+
+# pre cleanup
+docker_cleanup() {
+    ( set -x
+      docker rm -f -v sshportal-integration 2>/dev/null >/dev/null || true
+    )
+}
+tempdir_cleanup() {
+    rm -rf "${WORK_DIR}"
+}
+docker_cleanup
+trap tempdir_cleanup EXIT
+
+# start server
+( set -xe;
+  docker run \
+       -d \
+       -e SSHPORTAL_DEFAULT_ADMIN_INVITE_TOKEN=${SSHPORTAL_DEFAULT_ADMIN_INVITE_TOKEN} \
+       --name=sshportal-integration \
+       -p${PORT}:2222 \
+       moul/sshportal --debug
+)
+while ! nc -z localhost ${PORT}; do
+    sleep 1
+done
+sleep 3
+
+# integration suite
+xssh() {
+    set -e
+    echo "+ ssh {sshportal} $@" >&2
+    ssh -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no localhost -p ${PORT} $@
+}
+# login
+xssh -l invite:integration
+
+# hostgroup/usergroup/acl
+xssh -l admin hostgroup create
+xssh -l admin hostgroup create --name=hg1
+xssh -l admin hostgroup create --name=hg2 --comment=test
+xssh -l admin usergroup inspect hg1 hg2
+xssh -l admin hostgroup ls
+
+xssh -l admin usergroup create
+xssh -l admin usergroup create --name=ug1
+xssh -l admin usergroup create --name=ug2 --comment=test
+xssh -l admin usergroup inspect ug1 ug2
+xssh -l admin usergroup ls
+
+xssh -l admin acl create --ug=ug1 --ug=ug2 --hg=hg1 --hg=hg2 --comment=test --action=allow --weight=42
+xssh -l admin acl inspect 2
+xssh -l admin acl ls
+
+# basic host create
+xssh -l admin host create bob@example.org:1234
+xssh -l admin host create test42
+xssh -l admin host create --name=testtest --comment=test --password=test test@test.test
+xssh -l admin host create --group=hg1 --group=hg2 hostwithgroups.org
+xssh -l admin host inspect example test42 testtest hostwithgroups
+xssh -l admin host ls
+
+# backup/restore
+xssh -l admin config backup --indent > backup-1
+xssh -l admin config restore --confirm < backup-1
+xssh -l admin config backup --indent > backup-2
+diff <(cat backup-1 | grep -v '"date":') <(cat backup-2 | grep -v '"date":')
+
+# post cleanup
+#cleanup
--- a/main.go
+++ b/main.go
@@ -4,9 +4,11 @@ import (
 	"errors"
 	"fmt"
 	"log"
+	"math/rand"
 	"os"
 	"path"
 	"strings"
+	"time"

 	"github.com/gliderlabs/ssh"
 	"github.com/jinzhu/gorm"
@@ -16,7 +18,16 @@ import (
 	gossh "golang.org/x/crypto/ssh"
 )

-var version = "0.0.1"
+var (
+	// VERSION should be updated by hand at each release
+	VERSION = "1.3.0"
+	// GIT_TAG will be overwritten automatically by the build system
+	GIT_TAG string
+	// GIT_SHA will be overwritten automatically by the build system
+	GIT_SHA string
+	// GIT_BRANCH will be overwritten automatically by the build system
+	GIT_BRANCH string
+)

 type sshportalContextKey string

@@ -27,10 +38,12 @@ var (
 )

 func main() {
+	rand.Seed(time.Now().UnixNano())
+
 	app := cli.NewApp()
 	app.Name = path.Base(os.Args[0])
 	app.Author = "Manfred Touron"
-	app.Version = version
+	app.Version = VERSION + " (" + GIT_SHA + ")"
 	app.Email = "https://github.com/moul/sshportal"
 	app.Flags = []cli.Flag{
 		cli.StringFlag{
@@ -43,11 +56,11 @@ func main() {
 			Name:  "demo",
 			Usage: "*unsafe* - demo mode: accept all connections",
 		},
-		cli.StringFlag{
+		/*cli.StringFlag{
 			Name:  "db-driver",
 			Value: "sqlite3",
-			Usage: "GORM driver (sqlite3, mysql)",
-		},
+			Usage: "GORM driver (sqlite3)",
+		},*/
 		cli.StringFlag{
 			Name:  "db-conn",
 			Value: "./sshportal.db",
@@ -70,19 +83,28 @@ func main() {
 }

 func server(c *cli.Context) error {
-	db, err := gorm.Open(c.String("db-driver"), c.String("db-conn"))
+	// db
+	db, err := gorm.Open("sqlite3", c.String("db-conn"))
 	if err != nil {
 		return err
 	}
 	defer db.Close()
-
+	if err = db.DB().Ping(); err != nil {
+		return err
+	}
 	if c.Bool("debug") {
 		db.LogMode(true)
 	}
 	if err := dbInit(db); err != nil {
 		return err
 	}
+	if c.Bool("demo") {
+		if err := dbDemo(db); err != nil {
+			return err
+		}
+	}

+	// ssh server
 	ssh.Handle(func(s ssh.Session) {
 		currentUser := s.Context().Value(userContextKey).(User)
 		log.Printf("New connection: sshUser=%q remote=%q local=%q command=%q dbUser=id:%q,email:%s", s.User(), s.RemoteAddr(), s.LocalAddr(), s.Command(), currentUser.ID, currentUser.Email)
@@ -97,11 +119,7 @@ func server(c *cli.Context) error {
 		}

 		switch username := s.User(); {
-		case username == c.String("config-user"):
-			if !currentUser.IsAdmin {
-				fmt.Fprintf(s, "You are not an administrator, permission denied.\n")
-				return
-			}
+		case username == currentUser.Name || username == currentUser.Email || username == c.String("config-user"):
 			if err := shell(c, s, s.Command(), db); err != nil {
 				fmt.Fprintf(s, "error: %v\n", err)
 			}
@@ -149,14 +167,6 @@ func server(c *cli.Context) error {
 	})

 	opts := []ssh.Option{}
-	if c.Bool("demo") {
-		if c.Bool("demo") {
-			if err := dbDemo(db); err != nil {
-				return err
-			}
-		}
-	}
-
 	opts = append(opts, ssh.PublicKeyAuth(func(ctx ssh.Context, key ssh.PublicKey) bool {
 		var (
 			userKey  UserKey
@@ -167,7 +177,7 @@ func server(c *cli.Context) error {
 		// lookup user by key
 		db.Where("key = ?", key.Marshal()).First(&userKey)
 		if userKey.UserID > 0 {
-			db.Where("id = ?", userKey.UserID).First(&user)
+			db.Preload("Roles").Where("id = ?", userKey.UserID).First(&user)
 			if strings.HasPrefix(username, "invite:") {
 				ctx.SetValue(errorContextKey, fmt.Errorf("invites are only supported for ney SSH keys; your ssh key is already associated with the user %q.", user.Email))
 			}
@@ -178,7 +188,7 @@ func server(c *cli.Context) error {
 		// handle invite "links"
 		if strings.HasPrefix(username, "invite:") {
 			inputToken := strings.Split(username, ":")[1]
-			if len(inputToken) == 16 {
+			if len(inputToken) > 0 {
 				db.Where("invite_token = ?", inputToken).First(&user)
 			}
 			if user.ID > 0 {
@@ -209,8 +219,8 @@ func server(c *cli.Context) error {
 	}))

 	opts = append(opts, func(srv *ssh.Server) error {
-		key, err := FindKeyByIdOrName(db, "host")
-		if err != nil {
+		var key SSHKey
+		if err := SSHKeysByIdentifiers(db, []string{"host"}).First(&key).Error; err != nil {
 			return err
 		}
 		signer, err := gossh.ParsePrivateKey([]byte(key.PrivKey))
--- a/shell.go
+++ b/shell.go
--- a/vendor/github.com/asaskevich/govalidator/LICENSE
+++ b/vendor/github.com/asaskevich/govalidator/LICENSE
@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Alex Saskevich
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/vendor/github.com/asaskevich/govalidator/README.md
+++ b/vendor/github.com/asaskevich/govalidator/README.md
@@ -0,0 +1,410 @@
+govalidator
+===========
+[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/asaskevich/govalidator?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge) [![GoDoc](https://godoc.org/github.com/asaskevich/govalidator?status.png)](https://godoc.org/github.com/asaskevich/govalidator) [![Coverage Status](https://img.shields.io/coveralls/asaskevich/govalidator.svg)](https://coveralls.io/r/asaskevich/govalidator?branch=master) [![wercker status](https://app.wercker.com/status/1ec990b09ea86c910d5f08b0e02c6043/s "wercker status")](https://app.wercker.com/project/bykey/1ec990b09ea86c910d5f08b0e02c6043)
+[![Build Status](https://travis-ci.org/asaskevich/govalidator.svg?branch=master)](https://travis-ci.org/asaskevich/govalidator)
+
+A package of validators and sanitizers for strings, structs and collections. Based on [validator.js](https://github.com/chriso/validator.js).
+
+#### Installation
+Make sure that Go is installed on your computer.
+Type the following command in your terminal:
+
+	go get github.com/asaskevich/govalidator
+
+or you can get specified release of the package with `gopkg.in`:
+
+	go get gopkg.in/asaskevich/govalidator.v4
+
+After it the package is ready to use.
+
+
+#### Import package in your project
+Add following line in your `*.go` file:
+```go
+import "github.com/asaskevich/govalidator"
+```
+If you are unhappy to use long `govalidator`, you can do something like this:
+```go
+import (
+  valid "github.com/asaskevich/govalidator"
+)
+```
+
+#### Activate behavior to require all fields have a validation tag by default
+`SetFieldsRequiredByDefault` causes validation to fail when struct fields do not include validations or are not explicitly marked as exempt (using `valid:"-"` or `valid:"email,optional"`). A good place to activate this is a package init function or the main() function.
+
+```go
+import "github.com/asaskevich/govalidator"
+
+func init() {
+  govalidator.SetFieldsRequiredByDefault(true)
+}
+```
+
+Here's some code to explain it:
+```go
+// this struct definition will fail govalidator.ValidateStruct() (and the field values do not matter):
+type exampleStruct struct {
+  Name  string ``
+  Email string `valid:"email"`
+}
+
+// this, however, will only fail when Email is empty or an invalid email address:
+type exampleStruct2 struct {
+  Name  string `valid:"-"`
+  Email string `valid:"email"`
+}
+
+// lastly, this will only fail when Email is an invalid email address but not when it's empty:
+type exampleStruct2 struct {
+  Name  string `valid:"-"`
+  Email string `valid:"email,optional"`
+}
+```
+
+#### Recent breaking changes (see [#123](https://github.com/asaskevich/govalidator/pull/123))
+##### Custom validator function signature
+A context was added as the second parameter, for structs this is the object being validated – this makes dependent validation possible.
+```go
+import "github.com/asaskevich/govalidator"
+
+// old signature
+func(i interface{}) bool
+
+// new signature
+func(i interface{}, o interface{}) bool
+```
+
+##### Adding a custom validator
+This was changed to prevent data races when accessing custom validators.
+```go
+import "github.com/asaskevich/govalidator"
+
+// before
+govalidator.CustomTypeTagMap["customByteArrayValidator"] = CustomTypeValidator(func(i interface{}, o interface{}) bool {
+  // ...
+})
+
+// after
+govalidator.CustomTypeTagMap.Set("customByteArrayValidator", CustomTypeValidator(func(i interface{}, o interface{}) bool {
+  // ...
+}))
+```
+
+#### List of functions:
+```go
+func Abs(value float64) float64
+func BlackList(str, chars string) string
+func ByteLength(str string, params ...string) bool
+func StringLength(str string, params ...string) bool
+func StringMatches(s string, params ...string) bool
+func CamelCaseToUnderscore(str string) string
+func Contains(str, substring string) bool
+func Count(array []interface{}, iterator ConditionIterator) int
+func Each(array []interface{}, iterator Iterator)
+func ErrorByField(e error, field string) string
+func Filter(array []interface{}, iterator ConditionIterator) []interface{}
+func Find(array []interface{}, iterator ConditionIterator) interface{}
+func GetLine(s string, index int) (string, error)
+func GetLines(s string) []string
+func IsHost(s string) bool
+func InRange(value, left, right float64) bool
+func IsASCII(str string) bool
+func IsAlpha(str string) bool
+func IsAlphanumeric(str string) bool
+func IsBase64(str string) bool
+func IsByteLength(str string, min, max int) bool
+func IsCreditCard(str string) bool
+func IsDataURI(str string) bool
+func IsDialString(str string) bool
+func IsDNSName(str string) bool
+func IsDivisibleBy(str, num string) bool
+func IsEmail(str string) bool
+func IsFilePath(str string) (bool, int)
+func IsFloat(str string) bool
+func IsFullWidth(str string) bool
+func IsHalfWidth(str string) bool
+func IsHexadecimal(str string) bool
+func IsHexcolor(str string) bool
+func IsIP(str string) bool
+func IsIPv4(str string) bool
+func IsIPv6(str string) bool
+func IsISBN(str string, version int) bool
+func IsISBN10(str string) bool
+func IsISBN13(str string) bool
+func IsISO3166Alpha2(str string) bool
+func IsISO3166Alpha3(str string) bool
+func IsInt(str string) bool
+func IsIn(str string, params ...string) bool
+func IsJSON(str string) bool
+func IsLatitude(str string) bool
+func IsLongitude(str string) bool
+func IsLowerCase(str string) bool
+func IsMAC(str string) bool
+func IsMongoID(str string) bool
+func IsMultibyte(str string) bool
+func IsNatural(value float64) bool
+func IsNegative(value float64) bool
+func IsNonNegative(value float64) bool
+func IsNonPositive(value float64) bool
+func IsNull(str string) bool
+func IsNumeric(str string) bool
+func IsPort(str string) bool
+func IsPositive(value float64) bool
+func IsPrintableASCII(str string) bool
+func IsRGBcolor(str string) bool
+func IsRequestURI(rawurl string) bool
+func IsRequestURL(rawurl string) bool
+func IsSSN(str string) bool
+func IsSemver(str string) bool
+func IsURL(str string) bool
+func IsUTFDigit(str string) bool
+func IsUTFLetter(str string) bool
+func IsUTFLetterNumeric(str string) bool
+func IsUTFNumeric(str string) bool
+func IsUUID(str string) bool
+func IsUUIDv3(str string) bool
+func IsUUIDv4(str string) bool
+func IsUUIDv5(str string) bool
+func IsUpperCase(str string) bool
+func IsVariableWidth(str string) bool
+func IsWhole(value float64) bool
+func LeftTrim(str, chars string) string
+func Map(array []interface{}, iterator ResultIterator) []interface{}
+func Matches(str, pattern string) bool
+func NormalizeEmail(str string) (string, error)
+func PadBoth(str string, padStr string, padLen int) string
+func PadLeft(str string, padStr string, padLen int)  string
+func PadRight(str string, padStr string, padLen int) string
+func RemoveTags(s string) string
+func ReplacePattern(str, pattern, replace string) string
+func Reverse(s string) string
+func RightTrim(str, chars string) string
+func SafeFileName(str string) string
+func Sign(value float64) float64
+func StripLow(str string, keepNewLines bool) string
+func ToBoolean(str string) (bool, error)
+func ToFloat(str string) (float64, error)
+func ToInt(str string) (int64, error)
+func ToJSON(obj interface{}) (string, error)
+func ToString(obj interface{}) string
+func Trim(str, chars string) string
+func Truncate(str string, length int, ending string) string
+func UnderscoreToCamelCase(s string) string
+func ValidateStruct(s interface{}) (bool, error)
+func WhiteList(str, chars string) string
+type ConditionIterator
+type Error
+func (e Error) Error() string
+type Errors
+func (es Errors) Error() string
+type ISO3166Entry
+type Iterator
+type ParamValidator
+type ResultIterator
+type UnsupportedTypeError
+func (e *UnsupportedTypeError) Error() string
+type Validator
+```
+
+#### Examples
+###### IsURL
+```go
+println(govalidator.IsURL(`http://user@pass:domain.com/path/page`))
+```
+###### ToString
+```go
+type User struct {
+	FirstName string
+	LastName string
+}
+
+str := govalidator.ToString(&User{"John", "Juan"})
+println(str)
+```
+###### Each, Map, Filter, Count for slices
+Each iterates over the slice/array and calls Iterator for every item
+```go
+data := []interface{}{1, 2, 3, 4, 5}
+var fn govalidator.Iterator = func(value interface{}, index int) {
+	println(value.(int))
+}
+govalidator.Each(data, fn)
+```
+```go
+data := []interface{}{1, 2, 3, 4, 5}
+var fn govalidator.ResultIterator = func(value interface{}, index int) interface{} {
+	return value.(int) * 3
+}
+_ = govalidator.Map(data, fn) // result = []interface{}{1, 6, 9, 12, 15}
+```
+```go
+data := []interface{}{1, 2, 3, 4, 5, 6, 7, 8, 9, 10}
+var fn govalidator.ConditionIterator = func(value interface{}, index int) bool {
+	return value.(int)%2 == 0
+}
+_ = govalidator.Filter(data, fn) // result = []interface{}{2, 4, 6, 8, 10}
+_ = govalidator.Count(data, fn) // result = 5
+```
+###### ValidateStruct [#2](https://github.com/asaskevich/govalidator/pull/2)
+If you want to validate structs, you can use tag `valid` for any field in your structure. All validators used with this field in one tag are separated by comma. If you want to skip validation, place `-` in your tag. If you need a validator that is not on the list below, you can add it like this:
+```go
+govalidator.TagMap["duck"] = govalidator.Validator(func(str string) bool {
+	return str == "duck"
+})
+```
+For completely custom validators (interface-based), see below.
+
+Here is a list of available validators for struct fields (validator - used function):
+```go
+"email":          IsEmail,
+"url":            IsURL,
+"dialstring":     IsDialString,
+"requrl":         IsRequestURL,
+"requri":         IsRequestURI,
+"alpha":          IsAlpha,
+"utfletter":      IsUTFLetter,
+"alphanum":       IsAlphanumeric,
+"utfletternum":   IsUTFLetterNumeric,
+"numeric":        IsNumeric,
+"utfnumeric":     IsUTFNumeric,
+"utfdigit":       IsUTFDigit,
+"hexadecimal":    IsHexadecimal,
+"hexcolor":       IsHexcolor,
+"rgbcolor":       IsRGBcolor,
+"lowercase":      IsLowerCase,
+"uppercase":      IsUpperCase,
+"int":            IsInt,
+"float":          IsFloat,
+"null":           IsNull,
+"uuid":           IsUUID,
+"uuidv3":         IsUUIDv3,
+"uuidv4":         IsUUIDv4,
+"uuidv5":         IsUUIDv5,
+"creditcard":     IsCreditCard,
+"isbn10":         IsISBN10,
+"isbn13":         IsISBN13,
+"json":           IsJSON,
+"multibyte":      IsMultibyte,
+"ascii":          IsASCII,
+"printableascii": IsPrintableASCII,
+"fullwidth":      IsFullWidth,
+"halfwidth":      IsHalfWidth,
+"variablewidth":  IsVariableWidth,
+"base64":         IsBase64,
+"datauri":        IsDataURI,
+"ip":             IsIP,
+"port":           IsPort,
+"ipv4":           IsIPv4,
+"ipv6":           IsIPv6,
+"dns":            IsDNSName,
+"host":           IsHost,
+"mac":            IsMAC,
+"latitude":       IsLatitude,
+"longitude":      IsLongitude,
+"ssn":            IsSSN,
+"semver":         IsSemver,
+"rfc3339":        IsRFC3339,
+"ISO3166Alpha2":  IsISO3166Alpha2,
+"ISO3166Alpha3":  IsISO3166Alpha3,
+```
+Validators with parameters
+
+```go
+"length(min|max)": ByteLength,
+"runelength(min|max)": RuneLegth,
+"matches(pattern)": StringMatches,
+"in(string1|string2|...|stringN)": IsIn,
+```
+
+And here is small example of usage:
+```go
+type Post struct {
+	Title    string `valid:"alphanum,required"`
+	Message  string `valid:"duck,ascii"`
+	AuthorIP string `valid:"ipv4"`
+	Date     string `valid:"-"`
+}
+post := &Post{
+	Title:   "My Example Post",
+	Message: "duck",
+	AuthorIP: "123.234.54.3",
+}
+
+// Add your own struct validation tags
+govalidator.TagMap["duck"] = govalidator.Validator(func(str string) bool {
+	return str == "duck"
+})
+
+result, err := govalidator.ValidateStruct(post)
+if err != nil {
+	println("error: " + err.Error())
+}
+println(result)
+```
+###### WhiteList
+```go
+// Remove all characters from string ignoring characters between "a" and "z"
+println(govalidator.WhiteList("a3a43a5a4a3a2a23a4a5a4a3a4", "a-z") == "aaaaaaaaaaaa")
+```
+
+###### Custom validation functions
+Custom validation using your own domain specific validators is also available - here's an example of how to use it:
+```go
+import "github.com/asaskevich/govalidator"
+
+type CustomByteArray [6]byte // custom types are supported and can be validated
+
+type StructWithCustomByteArray struct {
+  ID              CustomByteArray `valid:"customByteArrayValidator,customMinLengthValidator"` // multiple custom validators are possible as well and will be evaluated in sequence
+  Email           string          `valid:"email"`
+  CustomMinLength int             `valid:"-"`
+}
+
+govalidator.CustomTypeTagMap.Set("customByteArrayValidator", CustomTypeValidator(func(i interface{}, context interface{}) bool {
+  switch v := context.(type) { // you can type switch on the context interface being validated
+  case StructWithCustomByteArray:
+    // you can check and validate against some other field in the context,
+    // return early or not validate against the context at all – your choice
+  case SomeOtherType:
+    // ...
+  default:
+    // expecting some other type? Throw/panic here or continue
+  }
+
+  switch v := i.(type) { // type switch on the struct field being validated
+  case CustomByteArray:
+    for _, e := range v { // this validator checks that the byte array is not empty, i.e. not all zeroes
+      if e != 0 {
+        return true
+      }
+    }
+  }
+  return false
+}))
+govalidator.CustomTypeTagMap.Set("customMinLengthValidator", CustomTypeValidator(func(i interface{}, context interface{}) bool {
+  switch v := context.(type) { // this validates a field against the value in another field, i.e. dependent validation
+  case StructWithCustomByteArray:
+    return len(v.ID) >= v.CustomMinLength
+  }
+  return false
+}))
+```
+
+#### Notes
+Documentation is available here: [godoc.org](https://godoc.org/github.com/asaskevich/govalidator).
+Full information about code coverage is also available here: [govalidator on gocover.io](http://gocover.io/github.com/asaskevich/govalidator).
+
+#### Support
+If you do have a contribution for the package feel free to put up a Pull Request or open Issue.
+
+#### Special thanks to [contributors](https://github.com/asaskevich/govalidator/graphs/contributors)
+* [Daniel Lohse](https://github.com/annismckenzie)
+* [Attila Oláh](https://github.com/attilaolah)
+* [Daniel Korner](https://github.com/Dadie)
+* [Steven Wilkin](https://github.com/stevenwilkin)
+* [Deiwin Sarjas](https://github.com/deiwin)
+* [Noah Shibley](https://github.com/slugmobile)
+* [Nathan Davies](https://github.com/nathj07)
+* [Matt Sanford](https://github.com/mzsanford)
+* [Simon ccl1115](https://github.com/ccl1115)
--- a/vendor/github.com/asaskevich/govalidator/arrays.go
+++ b/vendor/github.com/asaskevich/govalidator/arrays.go
@@ -0,0 +1,58 @@
+package govalidator
+
+// Iterator is the function that accepts element of slice/array and its index
+type Iterator func(interface{}, int)
+
+// ResultIterator is the function that accepts element of slice/array and its index and returns any result
+type ResultIterator func(interface{}, int) interface{}
+
+// ConditionIterator is the function that accepts element of slice/array and its index and returns boolean
+type ConditionIterator func(interface{}, int) bool
+
+// Each iterates over the slice and apply Iterator to every item
+func Each(array []interface{}, iterator Iterator) {
+	for index, data := range array {
+		iterator(data, index)
+	}
+}
+
+// Map iterates over the slice and apply ResultIterator to every item. Returns new slice as a result.
+func Map(array []interface{}, iterator ResultIterator) []interface{} {
+	var result = make([]interface{}, len(array))
+	for index, data := range array {
+		result[index] = iterator(data, index)
+	}
+	return result
+}
+
+// Find iterates over the slice and apply ConditionIterator to every item. Returns first item that meet ConditionIterator or nil otherwise.
+func Find(array []interface{}, iterator ConditionIterator) interface{} {
+	for index, data := range array {
+		if iterator(data, index) {
+			return data
+		}
+	}
+	return nil
+}
+
+// Filter iterates over the slice and apply ConditionIterator to every item. Returns new slice.
+func Filter(array []interface{}, iterator ConditionIterator) []interface{} {
+	var result = make([]interface{}, 0)
+	for index, data := range array {
+		if iterator(data, index) {
+			result = append(result, data)
+		}
+	}
+	return result
+}
+
+// Count iterates over the slice and apply ConditionIterator to every item. Returns count of items that meets ConditionIterator.
+func Count(array []interface{}, iterator ConditionIterator) int {
+	count := 0
+	for index, data := range array {
+		if iterator(data, index) {
+			count = count + 1
+		}
+	}
+	return count
+}
--- a/vendor/github.com/asaskevich/govalidator/converter.go
+++ b/vendor/github.com/asaskevich/govalidator/converter.go
@@ -0,0 +1,49 @@
+package govalidator
+
+import (
+	"encoding/json"
+	"fmt"
+	"strconv"
+)
+
+// ToString convert the input to a string.
+func ToString(obj interface{}) string {
+	res := fmt.Sprintf("%v", obj)
+	return string(res)
+}
+
+// ToJSON convert the input to a valid JSON string
+func ToJSON(obj interface{}) (string, error) {
+	res, err := json.Marshal(obj)
+	if err != nil {
+		res = []byte("")
+	}
+	return string(res), err
+}
+
+// ToFloat convert the input string to a float, or 0.0 if the input is not a float.
+func ToFloat(str string) (float64, error) {
+	res, err := strconv.ParseFloat(str, 64)
+	if err != nil {
+		res = 0.0
+	}
+	return res, err
+}
+
+// ToInt convert the input string to an integer, or 0 if the input is not an integer.
+func ToInt(str string) (int64, error) {
+	res, err := strconv.ParseInt(str, 0, 64)
+	if err != nil {
+		res = 0
+	}
+	return res, err
+}
+
+// ToBoolean convert the input string to a boolean.
+func ToBoolean(str string) (bool, error) {
+	res, err := strconv.ParseBool(str)
+	if err != nil {
+		res = false
+	}
+	return res, err
+}
--- a/vendor/github.com/asaskevich/govalidator/error.go
+++ b/vendor/github.com/asaskevich/govalidator/error.go
@@ -0,0 +1,31 @@
+package govalidator
+
+// Errors is an array of multiple errors and conforms to the error interface.
+type Errors []error
+
+// Errors returns itself.
+func (es Errors) Errors() []error {
+	return es
+}
+
+func (es Errors) Error() string {
+	var err string
+	for _, e := range es {
+		err += e.Error() + ";"
+	}
+	return err
+}
+
+// Error encapsulates a name, an error and whether there's a custom error message or not.
+type Error struct {
+	Name                     string
+	Err                      error
+	CustomErrorMessageExists bool
+}
+
+func (e Error) Error() string {
+	if e.CustomErrorMessageExists {
+		return e.Err.Error()
+	}
+	return e.Name + ": " + e.Err.Error()
+}
--- a/vendor/github.com/asaskevich/govalidator/numerics.go
+++ b/vendor/github.com/asaskevich/govalidator/numerics.go
@@ -0,0 +1,57 @@
+package govalidator
+
+import "math"
+
+// Abs returns absolute value of number
+func Abs(value float64) float64 {
+	return value * Sign(value)
+}
+
+// Sign returns signum of number: 1 in case of value > 0, -1 in case of value < 0, 0 otherwise
+func Sign(value float64) float64 {
+	if value > 0 {
+		return 1
+	} else if value < 0 {
+		return -1
+	} else {
+		return 0
+	}
+}
+
+// IsNegative returns true if value < 0
+func IsNegative(value float64) bool {
+	return value < 0
+}
+
+// IsPositive returns true if value > 0
+func IsPositive(value float64) bool {
+	return value > 0
+}
+
+// IsNonNegative returns true if value >= 0
+func IsNonNegative(value float64) bool {
+	return value >= 0
+}
+
+// IsNonPositive returns true if value <= 0
+func IsNonPositive(value float64) bool {
+	return value <= 0
+}
+
+// InRange returns true if value lies between left and right border
+func InRange(value, left, right float64) bool {
+	if left > right {
+		left, right = right, left
+	}
+	return value >= left && value <= right
+}
+
+// IsWhole returns true if value is whole number
+func IsWhole(value float64) bool {
+	return Abs(math.Remainder(value, 1)) == 0
+}
+
+// IsNatural returns true if value is natural number (positive and whole)
+func IsNatural(value float64) bool {
+	return IsWhole(value) && IsPositive(value)
+}
--- a/vendor/github.com/asaskevich/govalidator/patterns.go
+++ b/vendor/github.com/asaskevich/govalidator/patterns.go
@@ -0,0 +1,91 @@
+package govalidator
+
+import "regexp"
+
+// Basic regular expressions for validating strings
+const (
+	Email          string = "^(((([a-zA-Z]|\\d|[!#\\$%&'\\*\\+\\-\\/=\\?\\^_`{\\|}~]|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])+(\\.([a-zA-Z]|\\d|[!#\\$%&'\\*\\+\\-\\/=\\?\\^_`{\\|}~]|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])+)*)|((\\x22)((((\\x20|\\x09)*(\\x0d\\x0a))?(\\x20|\\x09)+)?(([\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x7f]|\\x21|[\\x23-\\x5b]|[\\x5d-\\x7e]|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])|(\\([\\x01-\\x09\\x0b\\x0c\\x0d-\\x7f]|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}]))))*(((\\x20|\\x09)*(\\x0d\\x0a))?(\\x20|\\x09)+)?(\\x22)))@((([a-zA-Z]|\\d|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])|(([a-zA-Z]|\\d|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])([a-zA-Z]|\\d|-|\\.|_|~|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])*([a-zA-Z]|\\d|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])))\\.)+(([a-zA-Z]|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])|(([a-zA-Z]|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])([a-zA-Z]|\\d|-|\\.|_|~|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])*([a-zA-Z]|[\\x{00A0}-\\x{D7FF}\\x{F900}-\\x{FDCF}\\x{FDF0}-\\x{FFEF}])))\\.?$"
+	CreditCard     string = "^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$"
+	ISBN10         string = "^(?:[0-9]{9}X|[0-9]{10})$"
+	ISBN13         string = "^(?:[0-9]{13})$"
+	UUID3          string = "^[0-9a-f]{8}-[0-9a-f]{4}-3[0-9a-f]{3}-[0-9a-f]{4}-[0-9a-f]{12}$"
+	UUID4          string = "^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$"
+	UUID5          string = "^[0-9a-f]{8}-[0-9a-f]{4}-5[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$"
+	UUID           string = "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
+	Alpha          string = "^[a-zA-Z]+$"
+	Alphanumeric   string = "^[a-zA-Z0-9]+$"
+	Numeric        string = "^[-+]?[0-9]+$"
+	Int            string = "^(?:[-+]?(?:0|[1-9][0-9]*))$"
+	Float          string = "^(?:[-+]?(?:[0-9]+))?(?:\\.[0-9]*)?(?:[eE][\\+\\-]?(?:[0-9]+))?$"
+	Hexadecimal    string = "^[0-9a-fA-F]+$"
+	Hexcolor       string = "^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$"
+	RGBcolor       string = "^rgb\\(\\s*(0|[1-9]\\d?|1\\d\\d?|2[0-4]\\d|25[0-5])\\s*,\\s*(0|[1-9]\\d?|1\\d\\d?|2[0-4]\\d|25[0-5])\\s*,\\s*(0|[1-9]\\d?|1\\d\\d?|2[0-4]\\d|25[0-5])\\s*\\)$"
+	ASCII          string = "^[\x00-\x7F]+$"
+	Multibyte      string = "[^\x00-\x7F]"
+	FullWidth      string = "[^\u0020-\u007E\uFF61-\uFF9F\uFFA0-\uFFDC\uFFE8-\uFFEE0-9a-zA-Z]"
+	HalfWidth      string = "[\u0020-\u007E\uFF61-\uFF9F\uFFA0-\uFFDC\uFFE8-\uFFEE0-9a-zA-Z]"
+	Base64         string = "^(?:[A-Za-z0-9+\\/]{4})*(?:[A-Za-z0-9+\\/]{2}==|[A-Za-z0-9+\\/]{3}=|[A-Za-z0-9+\\/]{4})$"
+	PrintableASCII string = "^[\x20-\x7E]+$"
+	DataURI        string = "^data:.+\\/(.+);base64$"
+	Latitude       string = "^[-+]?([1-8]?\\d(\\.\\d+)?|90(\\.0+)?)$"
+	Longitude      string = "^[-+]?(180(\\.0+)?|((1[0-7]\\d)|([1-9]?\\d))(\\.\\d+)?)$"
+	DNSName        string = `^([a-zA-Z0-9]{1}[a-zA-Z0-9_-]{0,62}){1}(\.[a-zA-Z0-9]{1}[a-zA-Z0-9_-]{1,62})*$`
+	IP             string = `(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))`
+	URLSchema      string = `((ftp|tcp|udp|wss?|https?):\/\/)`
+	URLUsername    string = `(\S+(:\S*)?@)`
+	Hostname       string = ``
+	URLPath        string = `((\/|\?|#)[^\s]*)`
+	URLPort        string = `(:(\d{1,5}))`
+	URLIP          string = `([1-9]\d?|1\d\d|2[01]\d|22[0-3])(\.(1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.([0-9]\d?|1\d\d|2[0-4]\d|25[0-4]))`
+	URLSubdomain   string = `((www\.)|([a-zA-Z0-9]([-\.][a-zA-Z0-9]+)*))`
+	URL            string = `^` + URLSchema + `?` + URLUsername + `?` + `((` + URLIP + `|(\[` + IP + `\])|(([a-zA-Z0-9]([a-zA-Z0-9-]+)?[a-zA-Z0-9]([-\.][a-zA-Z0-9]+)*)|(` + URLSubdomain + `?))?(([a-zA-Z\x{00a1}-\x{ffff}0-9]+-?-?)*[a-zA-Z\x{00a1}-\x{ffff}0-9]+)(?:\.([a-zA-Z\x{00a1}-\x{ffff}]{1,}))?))` + URLPort + `?` + URLPath + `?$`
+	SSN            string = `^\d{3}[- ]?\d{2}[- ]?\d{4}$`
+	WinPath        string = `^[a-zA-Z]:\\(?:[^\\/:*?"<>|\r\n]+\\)*[^\\/:*?"<>|\r\n]*$`
+	UnixPath       string = `^(/[^/\x00]*)+/?$`
+	Semver         string = "^v?(?:0|[1-9]\\d*)\\.(?:0|[1-9]\\d*)\\.(?:0|[1-9]\\d*)(-(0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(\\.(0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*)?(\\+[0-9a-zA-Z-]+(\\.[0-9a-zA-Z-]+)*)?$"
+	tagName        string = "valid"
+)
+
+// Used by IsFilePath func
+const (
+	// Unknown is unresolved OS type
+	Unknown = iota
+	// Win is Windows type
+	Win
+	// Unix is *nix OS types
+	Unix
+)
+
+var (
+	rxEmail          = regexp.MustCompile(Email)
+	rxCreditCard     = regexp.MustCompile(CreditCard)
+	rxISBN10         = regexp.MustCompile(ISBN10)
+	rxISBN13         = regexp.MustCompile(ISBN13)
+	rxUUID3          = regexp.MustCompile(UUID3)
+	rxUUID4          = regexp.MustCompile(UUID4)
+	rxUUID5          = regexp.MustCompile(UUID5)
+	rxUUID           = regexp.MustCompile(UUID)
+	rxAlpha          = regexp.MustCompile(Alpha)
+	rxAlphanumeric   = regexp.MustCompile(Alphanumeric)
+	rxNumeric        = regexp.MustCompile(Numeric)
+	rxInt            = regexp.MustCompile(Int)
+	rxFloat          = regexp.MustCompile(Float)
+	rxHexadecimal    = regexp.MustCompile(Hexadecimal)
+	rxHexcolor       = regexp.MustCompile(Hexcolor)
+	rxRGBcolor       = regexp.MustCompile(RGBcolor)
+	rxASCII          = regexp.MustCompile(ASCII)
+	rxPrintableASCII = regexp.MustCompile(PrintableASCII)
+	rxMultibyte      = regexp.MustCompile(Multibyte)
+	rxFullWidth      = regexp.MustCompile(FullWidth)
+	rxHalfWidth      = regexp.MustCompile(HalfWidth)
+	rxBase64         = regexp.MustCompile(Base64)
+	rxDataURI        = regexp.MustCompile(DataURI)
+	rxLatitude       = regexp.MustCompile(Latitude)
+	rxLongitude      = regexp.MustCompile(Longitude)
+	rxDNSName        = regexp.MustCompile(DNSName)
+	rxURL            = regexp.MustCompile(URL)
+	rxSSN            = regexp.MustCompile(SSN)
+	rxWinPath        = regexp.MustCompile(WinPath)
+	rxUnixPath       = regexp.MustCompile(UnixPath)
+	rxSemver         = regexp.MustCompile(Semver)
+)
--- a/vendor/github.com/asaskevich/govalidator/types.go
+++ b/vendor/github.com/asaskevich/govalidator/types.go
@@ -0,0 +1,385 @@
+package govalidator
+
+import (
+	"reflect"
+	"regexp"
+	"sync"
+)
+
+// Validator is a wrapper for a validator function that returns bool and accepts string.
+type Validator func(str string) bool
+
+// CustomTypeValidator is a wrapper for validator functions that returns bool and accepts any type.
+// The second parameter should be the context (in the case of validating a struct: the whole object being validated).
+type CustomTypeValidator func(i interface{}, o interface{}) bool
+
+// ParamValidator is a wrapper for validator functions that accepts additional parameters.
+type ParamValidator func(str string, params ...string) bool
+type tagOptionsMap map[string]string
+
+// UnsupportedTypeError is a wrapper for reflect.Type
+type UnsupportedTypeError struct {
+	Type reflect.Type
+}
+
+// stringValues is a slice of reflect.Value holding *reflect.StringValue.
+// It implements the methods to sort by string.
+type stringValues []reflect.Value
+
+// ParamTagMap is a map of functions accept variants parameters
+var ParamTagMap = map[string]ParamValidator{
+	"length":       ByteLength,
+	"runelength":   RuneLength,
+	"stringlength": StringLength,
+	"matches":      StringMatches,
+	"in":           isInRaw,
+}
+
+// ParamTagRegexMap maps param tags to their respective regexes.
+var ParamTagRegexMap = map[string]*regexp.Regexp{
+	"length":       regexp.MustCompile("^length\\((\\d+)\\|(\\d+)\\)$"),
+	"runelength":   regexp.MustCompile("^runelength\\((\\d+)\\|(\\d+)\\)$"),
+	"stringlength": regexp.MustCompile("^stringlength\\((\\d+)\\|(\\d+)\\)$"),
+	"in":           regexp.MustCompile(`^in\((.*)\)`),
+	"matches":      regexp.MustCompile(`^matches\((.+)\)$`),
+}
+
+type customTypeTagMap struct {
+	validators map[string]CustomTypeValidator
+
+	sync.RWMutex
+}
+
+func (tm *customTypeTagMap) Get(name string) (CustomTypeValidator, bool) {
+	tm.RLock()
+	defer tm.RUnlock()
+	v, ok := tm.validators[name]
+	return v, ok
+}
+
+func (tm *customTypeTagMap) Set(name string, ctv CustomTypeValidator) {
+	tm.Lock()
+	defer tm.Unlock()
+	tm.validators[name] = ctv
+}
+
+// CustomTypeTagMap is a map of functions that can be used as tags for ValidateStruct function.
+// Use this to validate compound or custom types that need to be handled as a whole, e.g.
+// `type UUID [16]byte` (this would be handled as an array of bytes).
+var CustomTypeTagMap = &customTypeTagMap{validators: make(map[string]CustomTypeValidator)}
+
+// TagMap is a map of functions, that can be used as tags for ValidateStruct function.
+var TagMap = map[string]Validator{
+	"email":          IsEmail,
+	"url":            IsURL,
+	"dialstring":     IsDialString,
+	"requrl":         IsRequestURL,
+	"requri":         IsRequestURI,
+	"alpha":          IsAlpha,
+	"utfletter":      IsUTFLetter,
+	"alphanum":       IsAlphanumeric,
+	"utfletternum":   IsUTFLetterNumeric,
+	"numeric":        IsNumeric,
+	"utfnumeric":     IsUTFNumeric,
+	"utfdigit":       IsUTFDigit,
+	"hexadecimal":    IsHexadecimal,
+	"hexcolor":       IsHexcolor,
+	"rgbcolor":       IsRGBcolor,
+	"lowercase":      IsLowerCase,
+	"uppercase":      IsUpperCase,
+	"int":            IsInt,
+	"float":          IsFloat,
+	"null":           IsNull,
+	"uuid":           IsUUID,
+	"uuidv3":         IsUUIDv3,
+	"uuidv4":         IsUUIDv4,
+	"uuidv5":         IsUUIDv5,
+	"creditcard":     IsCreditCard,
+	"isbn10":         IsISBN10,
+	"isbn13":         IsISBN13,
+	"json":           IsJSON,
+	"multibyte":      IsMultibyte,
+	"ascii":          IsASCII,
+	"printableascii": IsPrintableASCII,
+	"fullwidth":      IsFullWidth,
+	"halfwidth":      IsHalfWidth,
+	"variablewidth":  IsVariableWidth,
+	"base64":         IsBase64,
+	"datauri":        IsDataURI,
+	"ip":             IsIP,
+	"port":           IsPort,
+	"ipv4":           IsIPv4,
+	"ipv6":           IsIPv6,
+	"dns":            IsDNSName,
+	"host":           IsHost,
+	"mac":            IsMAC,
+	"latitude":       IsLatitude,
+	"longitude":      IsLongitude,
+	"ssn":            IsSSN,
+	"semver":         IsSemver,
+	"rfc3339":        IsRFC3339,
+	"ISO3166Alpha2":  IsISO3166Alpha2,
+	"ISO3166Alpha3":  IsISO3166Alpha3,
+}
+
+// ISO3166Entry stores country codes
+type ISO3166Entry struct {
+	EnglishShortName string
+	FrenchShortName  string
+	Alpha2Code       string
+	Alpha3Code       string
+	Numeric          string
+}
+
+//ISO3166List based on https://www.iso.org/obp/ui/#search/code/ Code Type "Officially Assigned Codes"
+var ISO3166List = []ISO3166Entry{
+	{"Afghanistan", "Afghanistan (l')", "AF", "AFG", "004"},
+	{"Albania", "Albanie (l')", "AL", "ALB", "008"},
+	{"Antarctica", "Antarctique (l')", "AQ", "ATA", "010"},
+	{"Algeria", "Algérie (l')", "DZ", "DZA", "012"},
+	{"American Samoa", "Samoa américaines (les)", "AS", "ASM", "016"},
+	{"Andorra", "Andorre (l')", "AD", "AND", "020"},
+	{"Angola", "Angola (l')", "AO", "AGO", "024"},
+	{"Antigua and Barbuda", "Antigua-et-Barbuda", "AG", "ATG", "028"},
+	{"Azerbaijan", "Azerbaïdjan (l')", "AZ", "AZE", "031"},
+	{"Argentina", "Argentine (l')", "AR", "ARG", "032"},
+	{"Australia", "Australie (l')", "AU", "AUS", "036"},
+	{"Austria", "Autriche (l')", "AT", "AUT", "040"},
+	{"Bahamas (the)", "Bahamas (les)", "BS", "BHS", "044"},
+	{"Bahrain", "Bahreïn", "BH", "BHR", "048"},
+	{"Bangladesh", "Bangladesh (le)", "BD", "BGD", "050"},
+	{"Armenia", "Arménie (l')", "AM", "ARM", "051"},
+	{"Barbados", "Barbade (la)", "BB", "BRB", "052"},
+	{"Belgium", "Belgique (la)", "BE", "BEL", "056"},
+	{"Bermuda", "Bermudes (les)", "BM", "BMU", "060"},
+	{"Bhutan", "Bhoutan (le)", "BT", "BTN", "064"},
+	{"Bolivia (Plurinational State of)", "Bolivie (État plurinational de)", "BO", "BOL", "068"},
+	{"Bosnia and Herzegovina", "Bosnie-Herzégovine (la)", "BA", "BIH", "070"},
+	{"Botswana", "Botswana (le)", "BW", "BWA", "072"},
+	{"Bouvet Island", "Bouvet (l'Île)", "BV", "BVT", "074"},
+	{"Brazil", "Brésil (le)", "BR", "BRA", "076"},
+	{"Belize", "Belize (le)", "BZ", "BLZ", "084"},
+	{"British Indian Ocean Territory (the)", "Indien (le Territoire britannique de l'océan)", "IO", "IOT", "086"},
+	{"Solomon Islands", "Salomon (Îles)", "SB", "SLB", "090"},
+	{"Virgin Islands (British)", "Vierges britanniques (les Îles)", "VG", "VGB", "092"},
+	{"Brunei Darussalam", "Brunéi Darussalam (le)", "BN", "BRN", "096"},
+	{"Bulgaria", "Bulgarie (la)", "BG", "BGR", "100"},
+	{"Myanmar", "Myanmar (le)", "MM", "MMR", "104"},
+	{"Burundi", "Burundi (le)", "BI", "BDI", "108"},
+	{"Belarus", "Bélarus (le)", "BY", "BLR", "112"},
+	{"Cambodia", "Cambodge (le)", "KH", "KHM", "116"},
+	{"Cameroon", "Cameroun (le)", "CM", "CMR", "120"},
+	{"Canada", "Canada (le)", "CA", "CAN", "124"},
+	{"Cabo Verde", "Cabo Verde", "CV", "CPV", "132"},
+	{"Cayman Islands (the)", "Caïmans (les Îles)", "KY", "CYM", "136"},
+	{"Central African Republic (the)", "République centrafricaine (la)", "CF", "CAF", "140"},
+	{"Sri Lanka", "Sri Lanka", "LK", "LKA", "144"},
+	{"Chad", "Tchad (le)", "TD", "TCD", "148"},
+	{"Chile", "Chili (le)", "CL", "CHL", "152"},
+	{"China", "Chine (la)", "CN", "CHN", "156"},
+	{"Taiwan (Province of China)", "Taïwan (Province de Chine)", "TW", "TWN", "158"},
+	{"Christmas Island", "Christmas (l'Île)", "CX", "CXR", "162"},
+	{"Cocos (Keeling) Islands (the)", "Cocos (les Îles)/ Keeling (les Îles)", "CC", "CCK", "166"},
+	{"Colombia", "Colombie (la)", "CO", "COL", "170"},
+	{"Comoros (the)", "Comores (les)", "KM", "COM", "174"},
+	{"Mayotte", "Mayotte", "YT", "MYT", "175"},
+	{"Congo (the)", "Congo (le)", "CG", "COG", "178"},
+	{"Congo (the Democratic Republic of the)", "Congo (la République démocratique du)", "CD", "COD", "180"},
+	{"Cook Islands (the)", "Cook (les Îles)", "CK", "COK", "184"},
+	{"Costa Rica", "Costa Rica (le)", "CR", "CRI", "188"},
+	{"Croatia", "Croatie (la)", "HR", "HRV", "191"},
+	{"Cuba", "Cuba", "CU", "CUB", "192"},
+	{"Cyprus", "Chypre", "CY", "CYP", "196"},
+	{"Czech Republic (the)", "tchèque (la République)", "CZ", "CZE", "203"},
+	{"Benin", "Bénin (le)", "BJ", "BEN", "204"},
+	{"Denmark", "Danemark (le)", "DK", "DNK", "208"},
+	{"Dominica", "Dominique (la)", "DM", "DMA", "212"},
+	{"Dominican Republic (the)", "dominicaine (la République)", "DO", "DOM", "214"},
+	{"Ecuador", "Équateur (l')", "EC", "ECU", "218"},
+	{"El Salvador", "El Salvador", "SV", "SLV", "222"},
+	{"Equatorial Guinea", "Guinée équatoriale (la)", "GQ", "GNQ", "226"},
+	{"Ethiopia", "Éthiopie (l')", "ET", "ETH", "231"},
+	{"Eritrea", "Érythrée (l')", "ER", "ERI", "232"},
+	{"Estonia", "Estonie (l')", "EE", "EST", "233"},
+	{"Faroe Islands (the)", "Féroé (les Îles)", "FO", "FRO", "234"},
+	{"Falkland Islands (the) [Malvinas]", "Falkland (les Îles)/Malouines (les Îles)", "FK", "FLK", "238"},
+	{"South Georgia and the South Sandwich Islands", "Géorgie du Sud-et-les Îles Sandwich du Sud (la)", "GS", "SGS", "239"},
+	{"Fiji", "Fidji (les)", "FJ", "FJI", "242"},
+	{"Finland", "Finlande (la)", "FI", "FIN", "246"},
+	{"Åland Islands", "Åland(les Îles)", "AX", "ALA", "248"},
+	{"France", "France (la)", "FR", "FRA", "250"},
+	{"French Guiana", "Guyane française (la )", "GF", "GUF", "254"},
+	{"French Polynesia", "Polynésie française (la)", "PF", "PYF", "258"},
+	{"French Southern Territories (the)", "Terres australes françaises (les)", "TF", "ATF", "260"},
+	{"Djibouti", "Djibouti", "DJ", "DJI", "262"},
+	{"Gabon", "Gabon (le)", "GA", "GAB", "266"},
+	{"Georgia", "Géorgie (la)", "GE", "GEO", "268"},
+	{"Gambia (the)", "Gambie (la)", "GM", "GMB", "270"},
+	{"Palestine, State of", "Palestine, État de", "PS", "PSE", "275"},
+	{"Germany", "Allemagne (l')", "DE", "DEU", "276"},
+	{"Ghana", "Ghana (le)", "GH", "GHA", "288"},
+	{"Gibraltar", "Gibraltar", "GI", "GIB", "292"},
+	{"Kiribati", "Kiribati", "KI", "KIR", "296"},
+	{"Greece", "Grèce (la)", "GR", "GRC", "300"},
+	{"Greenland", "Groenland (le)", "GL", "GRL", "304"},
+	{"Grenada", "Grenade (la)", "GD", "GRD", "308"},
+	{"Guadeloupe", "Guadeloupe (la)", "GP", "GLP", "312"},
+	{"Guam", "Guam", "GU", "GUM", "316"},
+	{"Guatemala", "Guatemala (le)", "GT", "GTM", "320"},
+	{"Guinea", "Guinée (la)", "GN", "GIN", "324"},
+	{"Guyana", "Guyana (le)", "GY", "GUY", "328"},
+	{"Haiti", "Haïti", "HT", "HTI", "332"},
+	{"Heard Island and McDonald Islands", "Heard-et-Îles MacDonald (l'Île)", "HM", "HMD", "334"},
+	{"Holy See (the)", "Saint-Siège (le)", "VA", "VAT", "336"},
+	{"Honduras", "Honduras (le)", "HN", "HND", "340"},
+	{"Hong Kong", "Hong Kong", "HK", "HKG", "344"},
+	{"Hungary", "Hongrie (la)", "HU", "HUN", "348"},
+	{"Iceland", "Islande (l')", "IS", "ISL", "352"},
+	{"India", "Inde (l')", "IN", "IND", "356"},
+	{"Indonesia", "Indonésie (l')", "ID", "IDN", "360"},
+	{"Iran (Islamic Republic of)", "Iran (République Islamique d')", "IR", "IRN", "364"},
+	{"Iraq", "Iraq (l')", "IQ", "IRQ", "368"},
+	{"Ireland", "Irlande (l')", "IE", "IRL", "372"},
+	{"Israel", "Israël", "IL", "ISR", "376"},
+	{"Italy", "Italie (l')", "IT", "ITA", "380"},
+	{"Côte d'Ivoire", "Côte d'Ivoire (la)", "CI", "CIV", "384"},
+	{"Jamaica", "Jamaïque (la)", "JM", "JAM", "388"},
+	{"Japan", "Japon (le)", "JP", "JPN", "392"},
+	{"Kazakhstan", "Kazakhstan (le)", "KZ", "KAZ", "398"},
+	{"Jordan", "Jordanie (la)", "JO", "JOR", "400"},
+	{"Kenya", "Kenya (le)", "KE", "KEN", "404"},
+	{"Korea (the Democratic People's Republic of)", "Corée (la République populaire démocratique de)", "KP", "PRK", "408"},
+	{"Korea (the Republic of)", "Corée (la République de)", "KR", "KOR", "410"},
+	{"Kuwait", "Koweït (le)", "KW", "KWT", "414"},
+	{"Kyrgyzstan", "Kirghizistan (le)", "KG", "KGZ", "417"},
+	{"Lao People's Democratic Republic (the)", "Lao, République démocratique populaire", "LA", "LAO", "418"},
+	{"Lebanon", "Liban (le)", "LB", "LBN", "422"},
+	{"Lesotho", "Lesotho (le)", "LS", "LSO", "426"},
+	{"Latvia", "Lettonie (la)", "LV", "LVA", "428"},
+	{"Liberia", "Libéria (le)", "LR", "LBR", "430"},
+	{"Libya", "Libye (la)", "LY", "LBY", "434"},
+	{"Liechtenstein", "Liechtenstein (le)", "LI", "LIE", "438"},
+	{"Lithuania", "Lituanie (la)", "LT", "LTU", "440"},
+	{"Luxembourg", "Luxembourg (le)", "LU", "LUX", "442"},
+	{"Macao", "Macao", "MO", "MAC", "446"},
+	{"Madagascar", "Madagascar", "MG", "MDG", "450"},
+	{"Malawi", "Malawi (le)", "MW", "MWI", "454"},
+	{"Malaysia", "Malaisie (la)", "MY", "MYS", "458"},
+	{"Maldives", "Maldives (les)", "MV", "MDV", "462"},
+	{"Mali", "Mali (le)", "ML", "MLI", "466"},
+	{"Malta", "Malte", "MT", "MLT", "470"},
+	{"Martinique", "Martinique (la)", "MQ", "MTQ", "474"},
+	{"Mauritania", "Mauritanie (la)", "MR", "MRT", "478"},
+	{"Mauritius", "Maurice", "MU", "MUS", "480"},
+	{"Mexico", "Mexique (le)", "MX", "MEX", "484"},
+	{"Monaco", "Monaco", "MC", "MCO", "492"},
+	{"Mongolia", "Mongolie (la)", "MN", "MNG", "496"},
+	{"Moldova (the Republic of)", "Moldova , République de", "MD", "MDA", "498"},
+	{"Montenegro", "Monténégro (le)", "ME", "MNE", "499"},
+	{"Montserrat", "Montserrat", "MS", "MSR", "500"},
+	{"Morocco", "Maroc (le)", "MA", "MAR", "504"},
+	{"Mozambique", "Mozambique (le)", "MZ", "MOZ", "508"},
+	{"Oman", "Oman", "OM", "OMN", "512"},
+	{"Namibia", "Namibie (la)", "NA", "NAM", "516"},
+	{"Nauru", "Nauru", "NR", "NRU", "520"},
+	{"Nepal", "Népal (le)", "NP", "NPL", "524"},
+	{"Netherlands (the)", "Pays-Bas (les)", "NL", "NLD", "528"},
+	{"Curaçao", "Curaçao", "CW", "CUW", "531"},
+	{"Aruba", "Aruba", "AW", "ABW", "533"},
+	{"Sint Maarten (Dutch part)", "Saint-Martin (partie néerlandaise)", "SX", "SXM", "534"},
+	{"Bonaire, Sint Eustatius and Saba", "Bonaire, Saint-Eustache et Saba", "BQ", "BES", "535"},
+	{"New Caledonia", "Nouvelle-Calédonie (la)", "NC", "NCL", "540"},
+	{"Vanuatu", "Vanuatu (le)", "VU", "VUT", "548"},
+	{"New Zealand", "Nouvelle-Zélande (la)", "NZ", "NZL", "554"},
+	{"Nicaragua", "Nicaragua (le)", "NI", "NIC", "558"},
+	{"Niger (the)", "Niger (le)", "NE", "NER", "562"},
+	{"Nigeria", "Nigéria (le)", "NG", "NGA", "566"},
+	{"Niue", "Niue", "NU", "NIU", "570"},
+	{"Norfolk Island", "Norfolk (l'Île)", "NF", "NFK", "574"},
+	{"Norway", "Norvège (la)", "NO", "NOR", "578"},
+	{"Northern Mariana Islands (the)", "Mariannes du Nord (les Îles)", "MP", "MNP", "580"},
+	{"United States Minor Outlying Islands (the)", "Îles mineures éloignées des États-Unis (les)", "UM", "UMI", "581"},
+	{"Micronesia (Federated States of)", "Micronésie (États fédérés de)", "FM", "FSM", "583"},
+	{"Marshall Islands (the)", "Marshall (Îles)", "MH", "MHL", "584"},
+	{"Palau", "Palaos (les)", "PW", "PLW", "585"},
+	{"Pakistan", "Pakistan (le)", "PK", "PAK", "586"},
+	{"Panama", "Panama (le)", "PA", "PAN", "591"},
+	{"Papua New Guinea", "Papouasie-Nouvelle-Guinée (la)", "PG", "PNG", "598"},
+	{"Paraguay", "Paraguay (le)", "PY", "PRY", "600"},
+	{"Peru", "Pérou (le)", "PE", "PER", "604"},
+	{"Philippines (the)", "Philippines (les)", "PH", "PHL", "608"},
+	{"Pitcairn", "Pitcairn", "PN", "PCN", "612"},
+	{"Poland", "Pologne (la)", "PL", "POL", "616"},
+	{"Portugal", "Portugal (le)", "PT", "PRT", "620"},
+	{"Guinea-Bissau", "Guinée-Bissau (la)", "GW", "GNB", "624"},
+	{"Timor-Leste", "Timor-Leste (le)", "TL", "TLS", "626"},
+	{"Puerto Rico", "Porto Rico", "PR", "PRI", "630"},
+	{"Qatar", "Qatar (le)", "QA", "QAT", "634"},
+	{"Réunion", "Réunion (La)", "RE", "REU", "638"},
+	{"Romania", "Roumanie (la)", "RO", "ROU", "642"},
+	{"Russian Federation (the)", "Russie (la Fédération de)", "RU", "RUS", "643"},
+	{"Rwanda", "Rwanda (le)", "RW", "RWA", "646"},
+	{"Saint Barthélemy", "Saint-Barthélemy", "BL", "BLM", "652"},
+	{"Saint Helena, Ascension and Tristan da Cunha", "Sainte-Hélène, Ascension et Tristan da Cunha", "SH", "SHN", "654"},
+	{"Saint Kitts and Nevis", "Saint-Kitts-et-Nevis", "KN", "KNA", "659"},
+	{"Anguilla", "Anguilla", "AI", "AIA", "660"},
+	{"Saint Lucia", "Sainte-Lucie", "LC", "LCA", "662"},
+	{"Saint Martin (French part)", "Saint-Martin (partie française)", "MF", "MAF", "663"},
+	{"Saint Pierre and Miquelon", "Saint-Pierre-et-Miquelon", "PM", "SPM", "666"},
+	{"Saint Vincent and the Grenadines", "Saint-Vincent-et-les Grenadines", "VC", "VCT", "670"},
+	{"San Marino", "Saint-Marin", "SM", "SMR", "674"},
+	{"Sao Tome and Principe", "Sao Tomé-et-Principe", "ST", "STP", "678"},
+	{"Saudi Arabia", "Arabie saoudite (l')", "SA", "SAU", "682"},
+	{"Senegal", "Sénégal (le)", "SN", "SEN", "686"},
+	{"Serbia", "Serbie (la)", "RS", "SRB", "688"},
+	{"Seychelles", "Seychelles (les)", "SC", "SYC", "690"},
+	{"Sierra Leone", "Sierra Leone (la)", "SL", "SLE", "694"},
+	{"Singapore", "Singapour", "SG", "SGP", "702"},
+	{"Slovakia", "Slovaquie (la)", "SK", "SVK", "703"},
+	{"Viet Nam", "Viet Nam (le)", "VN", "VNM", "704"},
+	{"Slovenia", "Slovénie (la)", "SI", "SVN", "705"},
+	{"Somalia", "Somalie (la)", "SO", "SOM", "706"},
+	{"South Africa", "Afrique du Sud (l')", "ZA", "ZAF", "710"},
+	{"Zimbabwe", "Zimbabwe (le)", "ZW", "ZWE", "716"},
+	{"Spain", "Espagne (l')", "ES", "ESP", "724"},
+	{"South Sudan", "Soudan du Sud (le)", "SS", "SSD", "728"},
+	{"Sudan (the)", "Soudan (le)", "SD", "SDN", "729"},
+	{"Western Sahara*", "Sahara occidental (le)*", "EH", "ESH", "732"},
+	{"Suriname", "Suriname (le)", "SR", "SUR", "740"},
+	{"Svalbard and Jan Mayen", "Svalbard et l'Île Jan Mayen (le)", "SJ", "SJM", "744"},
+	{"Swaziland", "Swaziland (le)", "SZ", "SWZ", "748"},
+	{"Sweden", "Suède (la)", "SE", "SWE", "752"},
+	{"Switzerland", "Suisse (la)", "CH", "CHE", "756"},
+	{"Syrian Arab Republic", "République arabe syrienne (la)", "SY", "SYR", "760"},
+	{"Tajikistan", "Tadjikistan (le)", "TJ", "TJK", "762"},
+	{"Thailand", "Thaïlande (la)", "TH", "THA", "764"},
+	{"Togo", "Togo (le)", "TG", "TGO", "768"},
+	{"Tokelau", "Tokelau (les)", "TK", "TKL", "772"},
+	{"Tonga", "Tonga (les)", "TO", "TON", "776"},
+	{"Trinidad and Tobago", "Trinité-et-Tobago (la)", "TT", "TTO", "780"},
+	{"United Arab Emirates (the)", "Émirats arabes unis (les)", "AE", "ARE", "784"},
+	{"Tunisia", "Tunisie (la)", "TN", "TUN", "788"},
+	{"Turkey", "Turquie (la)", "TR", "TUR", "792"},
+	{"Turkmenistan", "Turkménistan (le)", "TM", "TKM", "795"},
+	{"Turks and Caicos Islands (the)", "Turks-et-Caïcos (les Îles)", "TC", "TCA", "796"},
+	{"Tuvalu", "Tuvalu (les)", "TV", "TUV", "798"},
+	{"Uganda", "Ouganda (l')", "UG", "UGA", "800"},
+	{"Ukraine", "Ukraine (l')", "UA", "UKR", "804"},
+	{"Macedonia (the former Yugoslav Republic of)", "Macédoine (l'ex‑République yougoslave de)", "MK", "MKD", "807"},
+	{"Egypt", "Égypte (l')", "EG", "EGY", "818"},
+	{"United Kingdom of Great Britain and Northern Ireland (the)", "Royaume-Uni de Grande-Bretagne et d'Irlande du Nord (le)", "GB", "GBR", "826"},
+	{"Guernsey", "Guernesey", "GG", "GGY", "831"},
+	{"Jersey", "Jersey", "JE", "JEY", "832"},
+	{"Isle of Man", "Île de Man", "IM", "IMN", "833"},
+	{"Tanzania, United Republic of", "Tanzanie, République-Unie de", "TZ", "TZA", "834"},
+	{"United States of America (the)", "États-Unis d'Amérique (les)", "US", "USA", "840"},
+	{"Virgin Islands (U.S.)", "Vierges des États-Unis (les Îles)", "VI", "VIR", "850"},
+	{"Burkina Faso", "Burkina Faso (le)", "BF", "BFA", "854"},
+	{"Uruguay", "Uruguay (l')", "UY", "URY", "858"},
+	{"Uzbekistan", "Ouzbékistan (l')", "UZ", "UZB", "860"},
+	{"Venezuela (Bolivarian Republic of)", "Venezuela (République bolivarienne du)", "VE", "VEN", "862"},
+	{"Wallis and Futuna", "Wallis-et-Futuna", "WF", "WLF", "876"},
+	{"Samoa", "Samoa (le)", "WS", "WSM", "882"},
+	{"Yemen", "Yémen (le)", "YE", "YEM", "887"},
+	{"Zambia", "Zambie (la)", "ZM", "ZMB", "894"},
+}
--- a/vendor/github.com/asaskevich/govalidator/utils.go
+++ b/vendor/github.com/asaskevich/govalidator/utils.go
@@ -0,0 +1,268 @@
+package govalidator
+
+import (
+	"errors"
+	"fmt"
+	"html"
+	"math"
+	"path"
+	"regexp"
+	"strings"
+	"unicode"
+	"unicode/utf8"
+)
+
+// Contains check if the string contains the substring.
+func Contains(str, substring string) bool {
+	return strings.Contains(str, substring)
+}
+
+// Matches check if string matches the pattern (pattern is regular expression)
+// In case of error return false
+func Matches(str, pattern string) bool {
+	match, _ := regexp.MatchString(pattern, str)
+	return match
+}
+
+// LeftTrim trim characters from the left-side of the input.
+// If second argument is empty, it's will be remove leading spaces.
+func LeftTrim(str, chars string) string {
+	pattern := ""
+	if chars == "" {
+		pattern = "^\\s+"
+	} else {
+		pattern = "^[" + chars + "]+"
+	}
+	r, _ := regexp.Compile(pattern)
+	return string(r.ReplaceAll([]byte(str), []byte("")))
+}
+
+// RightTrim trim characters from the right-side of the input.
+// If second argument is empty, it's will be remove spaces.
+func RightTrim(str, chars string) string {
+	pattern := ""
+	if chars == "" {
+		pattern = "\\s+$"
+	} else {
+		pattern = "[" + chars + "]+$"
+	}
+	r, _ := regexp.Compile(pattern)
+	return string(r.ReplaceAll([]byte(str), []byte("")))
+}
+
+// Trim trim characters from both sides of the input.
+// If second argument is empty, it's will be remove spaces.
+func Trim(str, chars string) string {
+	return LeftTrim(RightTrim(str, chars), chars)
+}
+
+// WhiteList remove characters that do not appear in the whitelist.
+func WhiteList(str, chars string) string {
+	pattern := "[^" + chars + "]+"
+	r, _ := regexp.Compile(pattern)
+	return string(r.ReplaceAll([]byte(str), []byte("")))
+}
+
+// BlackList remove characters that appear in the blacklist.
+func BlackList(str, chars string) string {
+	pattern := "[" + chars + "]+"
+	r, _ := regexp.Compile(pattern)
+	return string(r.ReplaceAll([]byte(str), []byte("")))
+}
+
+// StripLow remove characters with a numerical value < 32 and 127, mostly control characters.
+// If keep_new_lines is true, newline characters are preserved (\n and \r, hex 0xA and 0xD).
+func StripLow(str string, keepNewLines bool) string {
+	chars := ""
+	if keepNewLines {
+		chars = "\x00-\x09\x0B\x0C\x0E-\x1F\x7F"
+	} else {
+		chars = "\x00-\x1F\x7F"
+	}
+	return BlackList(str, chars)
+}
+
+// ReplacePattern replace regular expression pattern in string
+func ReplacePattern(str, pattern, replace string) string {
+	r, _ := regexp.Compile(pattern)
+	return string(r.ReplaceAll([]byte(str), []byte(replace)))
+}
+
+// Escape replace <, >, & and " with HTML entities.
+var Escape = html.EscapeString
+
+func addSegment(inrune, segment []rune) []rune {
+	if len(segment) == 0 {
+		return inrune
+	}
+	if len(inrune) != 0 {
+		inrune = append(inrune, '_')
+	}
+	inrune = append(inrune, segment...)
+	return inrune
+}
+
+// UnderscoreToCamelCase converts from underscore separated form to camel case form.
+// Ex.: my_func => MyFunc
+func UnderscoreToCamelCase(s string) string {
+	return strings.Replace(strings.Title(strings.Replace(strings.ToLower(s), "_", " ", -1)), " ", "", -1)
+}
+
+// CamelCaseToUnderscore converts from camel case form to underscore separated form.
+// Ex.: MyFunc => my_func
+func CamelCaseToUnderscore(str string) string {
+	var output []rune
+	var segment []rune
+	for _, r := range str {
+		if !unicode.IsLower(r) {
+			output = addSegment(output, segment)
+			segment = nil
+		}
+		segment = append(segment, unicode.ToLower(r))
+	}
+	output = addSegment(output, segment)
+	return string(output)
+}
+
+// Reverse return reversed string
+func Reverse(s string) string {
+	r := []rune(s)
+	for i, j := 0, len(r)-1; i < j; i, j = i+1, j-1 {
+		r[i], r[j] = r[j], r[i]
+	}
+	return string(r)
+}
+
+// GetLines split string by "\n" and return array of lines
+func GetLines(s string) []string {
+	return strings.Split(s, "\n")
+}
+
+// GetLine return specified line of multiline string
+func GetLine(s string, index int) (string, error) {
+	lines := GetLines(s)
+	if index < 0 || index >= len(lines) {
+		return "", errors.New("line index out of bounds")
+	}
+	return lines[index], nil
+}
+
+// RemoveTags remove all tags from HTML string
+func RemoveTags(s string) string {
+	return ReplacePattern(s, "<[^>]*>", "")
+}
+
+// SafeFileName return safe string that can be used in file names
+func SafeFileName(str string) string {
+	name := strings.ToLower(str)
+	name = path.Clean(path.Base(name))
+	name = strings.Trim(name, " ")
+	separators, err := regexp.Compile(`[ &_=+:]`)
+	if err == nil {
+		name = separators.ReplaceAllString(name, "-")
+	}
+	legal, err := regexp.Compile(`[^[:alnum:]-.]`)
+	if err == nil {
+		name = legal.ReplaceAllString(name, "")
+	}
+	for strings.Contains(name, "--") {
+		name = strings.Replace(name, "--", "-", -1)
+	}
+	return name
+}
+
+// NormalizeEmail canonicalize an email address.
+// The local part of the email address is lowercased for all domains; the hostname is always lowercased and
+// the local part of the email address is always lowercased for hosts that are known to be case-insensitive (currently only GMail).
+// Normalization follows special rules for known providers: currently, GMail addresses have dots removed in the local part and
+// are stripped of tags (e.g. some.one+tag@gmail.com becomes someone@gmail.com) and all @googlemail.com addresses are
+// normalized to @gmail.com.
+func NormalizeEmail(str string) (string, error) {
+	if !IsEmail(str) {
+		return "", fmt.Errorf("%s is not an email", str)
+	}
+	parts := strings.Split(str, "@")
+	parts[0] = strings.ToLower(parts[0])
+	parts[1] = strings.ToLower(parts[1])
+	if parts[1] == "gmail.com" || parts[1] == "googlemail.com" {
+		parts[1] = "gmail.com"
+		parts[0] = strings.Split(ReplacePattern(parts[0], `\.`, ""), "+")[0]
+	}
+	return strings.Join(parts, "@"), nil
+}
+
+// Truncate a string to the closest length without breaking words.
+func Truncate(str string, length int, ending string) string {
+	var aftstr, befstr string
+	if len(str) > length {
+		words := strings.Fields(str)
+		before, present := 0, 0
+		for i := range words {
+			befstr = aftstr
+			before = present
+			aftstr = aftstr + words[i] + " "
+			present = len(aftstr)
+			if present > length && i != 0 {
+				if (length - before) < (present - length) {
+					return Trim(befstr, " /\\.,\"'#!?&@+-") + ending
+				}
+				return Trim(aftstr, " /\\.,\"'#!?&@+-") + ending
+			}
+		}
+	}
+
+	return str
+}
+
+// Pad left side of string if size of string is less then indicated pad length
+func PadLeft(str string, padStr string, padLen int) string {
+	return buildPadStr(str, padStr, padLen, true, false)
+}
+
+// Pad right side of string if size of string is less then indicated pad length
+func PadRight(str string, padStr string, padLen int) string {
+	return buildPadStr(str, padStr, padLen, false, true)
+}
+
+// Pad both sides of string if size of string is less then indicated pad length
+func PadBoth(str string, padStr string, padLen int) string {
+	return buildPadStr(str, padStr, padLen, true, true)
+}
+
+// Pad string either left, right or both sides, not the padding string can be unicode and more then one
+// character
+func buildPadStr(str string, padStr string, padLen int, padLeft bool, padRight bool) string {
+
+	// When padded length is less then the current string size
+	if padLen < utf8.RuneCountInString(str) {
+		return str
+	}
+
+	padLen -= utf8.RuneCountInString(str)
+
+	targetLen := padLen
+
+	targetLenLeft := targetLen
+	targetLenRight := targetLen
+	if padLeft && padRight {
+		targetLenLeft = padLen / 2
+		targetLenRight = padLen - targetLenLeft
+	}
+
+	strToRepeatLen := utf8.RuneCountInString(padStr)
+
+	repeatTimes := int(math.Ceil(float64(targetLen) / float64(strToRepeatLen)))
+	repeatedString := strings.Repeat(padStr, repeatTimes)
+
+	leftSide := ""
+	if padLeft {
+		leftSide = repeatedString[0:targetLenLeft]
+	}
+
+	rightSide := ""
+	if padRight {
+		rightSide = repeatedString[0:targetLenRight]
+	}
+
+	return leftSide + str + rightSide
+}
--- a/vendor/github.com/asaskevich/govalidator/validator.go
+++ b/vendor/github.com/asaskevich/govalidator/validator.go
--- a/vendor/github.com/asaskevich/govalidator/wercker.yml
+++ b/vendor/github.com/asaskevich/govalidator/wercker.yml
@@ -0,0 +1,15 @@
+box: golang
+build:
+  steps:
+    - setup-go-workspace
+
+    - script:
+        name: go get
+        code: |
+          go version
+          go get -t ./...
+
+    - script:
+        name: go test
+        code: |
+          go test -race ./...
--- a/vendor/github.com/go-gormigrate/gormigrate/LICENSE
+++ b/vendor/github.com/go-gormigrate/gormigrate/LICENSE
@@ -0,0 +1,8 @@
+MIT License
+Copyright (c) 2016 Andrey Nering
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- a/vendor/github.com/go-gormigrate/gormigrate/README.md
+++ b/vendor/github.com/go-gormigrate/gormigrate/README.md
@@ -0,0 +1,170 @@
+[![license](https://img.shields.io/github/license/mashape/apistatus.svg?maxAge=2592000)](https://github.com/go-gormigrate/gormigrate/blob/master/LICENSE)
+[![GoDoc](https://godoc.org/gopkg.in/gormigrate.v1?status.svg)](https://godoc.org/gopkg.in/gormigrate.v1)
+[![Go Report Card](https://goreportcard.com/badge/gopkg.in/gormigrate.v1)](https://goreportcard.com/report/gopkg.in/gormigrate.v1)
+[![Build Status](https://travis-ci.org/go-gormigrate/gormigrate.svg?branch=master)](https://travis-ci.org/go-gormigrate/gormigrate)
+
+# Gormigrate
+
+[![Join the chat at https://gitter.im/go-gormigrate/gormigrate](https://badges.gitter.im/go-gormigrate/gormigrate.svg)](https://gitter.im/go-gormigrate/gormigrate?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+
+Gormigrate is a migration helper for [Gorm][gorm].
+Gorm already have useful [migrate functions][gormmigrate], just misses
+proper schema versioning and rollback cababilities.
+
+## Supported databases
+
+It supports the databases [Gorm supports][gormdatabases]:
+
+- PostgreSQL
+- MySQL
+- SQLite
+- Microsoft SQL Server
+
+## Installing
+
+```bash
+go get -u gopkg.in/gormigrate.v1
+```
+
+## Usage
+
+```go
+package main
+
+import (
+	"log"
+
+	"gopkg.in/gormigrate.v1"
+	"github.com/jinzhu/gorm"
+	_ "github.com/jinzhu/gorm/dialects/sqlite"
+)
+
+func main() {
+	db, err := gorm.Open("sqlite3", "mydb.sqlite3")
+	if err != nil {
+		log.Fatal(err)
+	}
+	if err = db.DB().Ping(); err != nil {
+		log.Fatal(err)
+	}
+
+	db.LogMode(true)
+
+	m := gormigrate.New(db, gormigrate.DefaultOptions, []*gormigrate.Migration{
+		// create persons table
+		{
+			ID: "201608301400",
+			Migrate: func(tx *gorm.DB) error {
+				// it's a good pratice to copy the struct inside the function,
+				// so side effects are prevented if the original struct changes during the time
+				type Person struct {
+					gorm.Model
+					Name string
+				}
+				return tx.AutoMigrate(&Person{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("people").Error
+			},
+		},
+		// add age column to persons
+		{
+			ID: "201608301415",
+			Migrate: func(tx *gorm.DB) error {
+				// when table already exists, it just adds fields as columns
+				type Person struct {
+					Age int
+				}
+				return tx.AutoMigrate(&Person{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.Table("people").DropColumn("age").Error
+			},
+		},
+		// add pets table
+		{
+			ID: "201608301430",
+			Migrate: func(tx *gorm.DB) error {
+				type Pet struct {
+					gorm.Model
+					Name     string
+					PersonID int
+				}
+				return tx.AutoMigrate(&Pet{}).Error
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return tx.DropTable("pets").Error
+			},
+		},
+	})
+
+	if err = m.Migrate(); err != nil {
+		log.Fatalf("Could not migrate: %v", err)
+	}
+	log.Printf("Migration did run successfully")
+}
+```
+
+## Having a separated function for initializing the schema
+
+If you have a lot of migrations, it can be a pain to run all them, as example,
+when you are deploying a new instance of the app, in a clean database.
+To prevent this, you can set a function that will run if no migration was run
+before (in a new clean database). Remember to create everything here, all tables,
+foreign keys and what more you need in your app.
+
+```go
+type Person struct {
+	gorm.Model
+	Name string
+	Age int
+}
+
+type Pet struct {
+	gorm.Model
+	Name     string
+	PersonID int
+}
+
+m := gormigrate.New(db, gormigrate.DefaultOptions, []*gormigrate.Migration{
+    // you migrations here
+})
+
+m.InitSchema(func(tx *gorm.DB) error {
+	err := tx.AutoMigrate(
+		&Person{},
+		&Pet{},
+		// all other tables of you app
+	)
+	if err != nil {
+		return err
+	}
+
+	if err := tx.Model(Pet{}).AddForeignKey("person_id", "people (id)", "RESTRICT", "RESTRICT").Error; err != nil {
+		return err
+	}
+	// all other foreign keys...
+	return nil
+})
+```
+
+## Options
+
+This is the options struct, in case you don't want the defaults:
+
+```go
+type Options struct {
+	// Migrations table name. Default to "migrations".
+	TableName string
+	// The of the column that stores the id of migrations. Defaults to "id".
+	IDColumnName string
+	// UseTransaction makes Gormigrate execute migrations inside a single transaction.
+	// Keep in mind that not all databases support DDL commands inside transactions.
+	// Defaults to false.
+	UseTransaction bool
+}
+```
+
+[gorm]: http://jinzhu.me/gorm/
+[gormmigrate]: http://jinzhu.me/gorm/database.html#migration
+[gormdatabases]: http://jinzhu.me/gorm/database.html#connecting-to-a-database
--- a/vendor/github.com/go-gormigrate/gormigrate/Taskfile.yml
+++ b/vendor/github.com/go-gormigrate/gormigrate/Taskfile.yml
@@ -0,0 +1,16 @@
+# https://github.com/go-task/task
+
+dl-deps:
+  desc: Downloads cli dependencies
+  cmds:
+    - go get -u github.com/golang/lint/golint
+
+lint:
+  desc: Runs golint on this project
+  cmds:
+    - golint .
+
+test:
+  desc: Runs automated tests for this project
+  cmds:
+    - go test -v .
--- a/vendor/github.com/go-gormigrate/gormigrate/doc.go
+++ b/vendor/github.com/go-gormigrate/gormigrate/doc.go
@@ -0,0 +1,68 @@
+// Package gormigrate is a migration helper for Gorm (http://jinzhu.me/gorm/).
+// Gorm already have useful migrate functions
+// (http://jinzhu.me/gorm/database.html#migration), just misses
+// proper schema versioning and rollback cababilities.
+//
+// Example:
+//
+//  package main
+//
+//  import (
+//      "log"
+//
+//      "github.com/go-gormigrate/gormigrate"
+//      "github.com/jinzhu/gorm"
+//      _ "github.com/jinzhu/gorm/dialects/sqlite"
+//  )
+//
+//  type Person struct {
+//      gorm.Model
+//      Name string
+//  }
+//
+//  type Pet struct {
+//      gorm.Model
+//      Name     string
+//      PersonID int
+//  }
+//
+//  func main() {
+//      db, err := gorm.Open("sqlite3", "mydb.sqlite3")
+//      if err != nil {
+//          log.Fatal(err)
+//      }
+//      if err = db.DB().Ping(); err != nil {
+//          log.Fatal(err)
+//      }
+//
+//      db.LogMode(true)
+//
+//      m := gormigrate.New(db, gormigrate.DefaultOptions, []*gormigrate.Migration{
+//          {
+//              ID: "201608301400",
+//              Migrate: func(tx *gorm.DB) error {
+//                  return tx.AutoMigrate(&Person{}).Error
+//              },
+//              Rollback: func(tx *gorm.DB) error {
+//                  return tx.DropTable("people").Error
+//              },
+//          },
+//          {
+//              ID: "201608301430",
+//              Migrate: func(tx *gorm.DB) error {
+//                  return tx.AutoMigrate(&Pet{}).Error
+//              },
+//              Rollback: func(tx *gorm.DB) error {
+//                  return tx.DropTable("pets").Error
+//              },
+//          },
+//      })
+//
+//      err = m.Migrate()
+//      if err == nil {
+//          log.Printf("Migration did run successfully")
+//      } else {
+//          log.Printf("Could not migrate: %v", err)
+//      }
+//  }
+package gormigrate
--- a/vendor/github.com/go-gormigrate/gormigrate/gormigrate.go
+++ b/vendor/github.com/go-gormigrate/gormigrate/gormigrate.go
@@ -0,0 +1,285 @@
+package gormigrate
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/jinzhu/gorm"
+)
+
+// MigrateFunc is the func signature for migrating.
+type MigrateFunc func(*gorm.DB) error
+
+// RollbackFunc is the func signature for rollbacking.
+type RollbackFunc func(*gorm.DB) error
+
+// InitSchemaFunc is the func signature for initializing the schema.
+type InitSchemaFunc func(*gorm.DB) error
+
+// Options define options for all migrations.
+type Options struct {
+	// TableName is the migration table.
+	TableName string
+	// IDColumnName is the name of column where the migration id will be stored.
+	IDColumnName string
+	// IDColumnSize is the length of the migration id column
+	IDColumnSize int
+	// UseTransaction makes Gormigrate execute migrations inside a single transaction.
+	// Keep in mind that not all databases support DDL commands inside transactions.
+	UseTransaction bool
+}
+
+// Migration represents a database migration (a modification to be made on the database).
+type Migration struct {
+	// ID is the migration identifier. Usually a timestamp like "201601021504".
+	ID string
+	// Migrate is a function that will br executed while running this migration.
+	Migrate MigrateFunc
+	// Rollback will be executed on rollback. Can be nil.
+	Rollback RollbackFunc
+}
+
+// Gormigrate represents a collection of all migrations of a database schema.
+type Gormigrate struct {
+	db         *gorm.DB
+	tx         *gorm.DB
+	options    *Options
+	migrations []*Migration
+	initSchema InitSchemaFunc
+}
+
+// DuplicatedIDError is returned when more than one migration have the same ID
+type DuplicatedIDError struct {
+	ID string
+}
+
+func (e *DuplicatedIDError) Error() string {
+	return fmt.Sprintf(`Duplicated migration ID: "%s"`, e.ID)
+}
+
+var (
+	// DefaultOptions can be used if you don't want to think about options.
+	DefaultOptions = &Options{
+		TableName:      "migrations",
+		IDColumnName:   "id",
+		IDColumnSize:   255,
+		UseTransaction: false,
+	}
+
+	// ErrRollbackImpossible is returned when trying to rollback a migration
+	// that has no rollback function.
+	ErrRollbackImpossible = errors.New("It's impossible to rollback this migration")
+
+	// ErrNoMigrationDefined is returned when no migration is defined.
+	ErrNoMigrationDefined = errors.New("No migration defined")
+
+	// ErrMissingID is returned when the ID od migration is equal to ""
+	ErrMissingID = errors.New("Missing ID in migration")
+
+	// ErrNoRunnedMigration is returned when any runned migration was found while
+	// running RollbackLast
+	ErrNoRunnedMigration = errors.New("Could not find last runned migration")
+)
+
+// New returns a new Gormigrate.
+func New(db *gorm.DB, options *Options, migrations []*Migration) *Gormigrate {
+	if options.TableName == "" {
+		options.TableName = DefaultOptions.TableName
+	}
+	if options.IDColumnName == "" {
+		options.IDColumnName = DefaultOptions.IDColumnName
+	}
+	if options.IDColumnSize == 0 {
+		options.IDColumnSize = DefaultOptions.IDColumnSize
+	}
+	return &Gormigrate{
+		db:         db,
+		options:    options,
+		migrations: migrations,
+	}
+}
+
+// InitSchema sets a function that is run if no migration is found.
+// The idea is preventing to run all migrations when a new clean database
+// is being migrating. In this function you should create all tables and
+// foreign key necessary to your application.
+func (g *Gormigrate) InitSchema(initSchema InitSchemaFunc) {
+	g.initSchema = initSchema
+}
+
+// Migrate executes all migrations that did not run yet.
+func (g *Gormigrate) Migrate() error {
+	if err := g.checkDuplicatedID(); err != nil {
+		return err
+	}
+
+	if err := g.createMigrationTableIfNotExists(); err != nil {
+		return err
+	}
+
+	g.begin()
+
+	if g.initSchema != nil && g.isFirstRun() {
+		if err := g.runInitSchema(); err != nil {
+			g.rollback()
+			return err
+		}
+		return g.commit()
+	}
+
+	for _, migration := range g.migrations {
+		if err := g.runMigration(migration); err != nil {
+			g.rollback()
+			return err
+		}
+	}
+
+	return g.commit()
+}
+
+func (g *Gormigrate) checkDuplicatedID() error {
+	lookup := make(map[string]struct{}, len(g.migrations))
+	for _, m := range g.migrations {
+		if _, ok := lookup[m.ID]; ok {
+			return &DuplicatedIDError{ID: m.ID}
+		}
+		lookup[m.ID] = struct{}{}
+	}
+	return nil
+}
+
+// RollbackLast undo the last migration
+func (g *Gormigrate) RollbackLast() error {
+	if len(g.migrations) == 0 {
+		return ErrNoMigrationDefined
+	}
+
+	lastRunnedMigration, err := g.getLastRunnedMigration()
+	if err != nil {
+		return err
+	}
+
+	if err := g.RollbackMigration(lastRunnedMigration); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (g *Gormigrate) getLastRunnedMigration() (*Migration, error) {
+	for i := len(g.migrations) - 1; i >= 0; i-- {
+		migration := g.migrations[i]
+		if g.migrationDidRun(migration) {
+			return migration, nil
+		}
+	}
+	return nil, ErrNoRunnedMigration
+}
+
+// RollbackMigration undo a migration.
+func (g *Gormigrate) RollbackMigration(m *Migration) error {
+	if m.Rollback == nil {
+		return ErrRollbackImpossible
+	}
+
+	g.begin()
+
+	if err := m.Rollback(g.tx); err != nil {
+		return err
+	}
+
+	sql := fmt.Sprintf("DELETE FROM %s WHERE %s = ?", g.options.TableName, g.options.IDColumnName)
+	if err := g.db.Exec(sql, m.ID).Error; err != nil {
+		g.rollback()
+		return err
+	}
+
+	return g.commit()
+}
+
+func (g *Gormigrate) runInitSchema() error {
+	if err := g.initSchema(g.tx); err != nil {
+		return err
+	}
+
+	for _, migration := range g.migrations {
+		if err := g.insertMigration(migration.ID); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (g *Gormigrate) runMigration(migration *Migration) error {
+	if len(migration.ID) == 0 {
+		return ErrMissingID
+	}
+
+	if !g.migrationDidRun(migration) {
+		if err := migration.Migrate(g.tx); err != nil {
+			return err
+		}
+
+		if err := g.insertMigration(migration.ID); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (g *Gormigrate) createMigrationTableIfNotExists() error {
+	if g.db.HasTable(g.options.TableName) {
+		return nil
+	}
+
+	sql := fmt.Sprintf("CREATE TABLE %s (%s VARCHAR(%d) PRIMARY KEY)", g.options.TableName, g.options.IDColumnName, g.options.IDColumnSize)
+	if err := g.db.Exec(sql).Error; err != nil {
+		return err
+	}
+	return nil
+}
+
+func (g *Gormigrate) migrationDidRun(m *Migration) bool {
+	var count int
+	g.db.
+		Table(g.options.TableName).
+		Where(fmt.Sprintf("%s = ?", g.options.IDColumnName), m.ID).
+		Count(&count)
+	return count > 0
+}
+
+func (g *Gormigrate) isFirstRun() bool {
+	var count int
+	g.db.
+		Table(g.options.TableName).
+		Count(&count)
+	return count == 0
+}
+
+func (g *Gormigrate) insertMigration(id string) error {
+	sql := fmt.Sprintf("INSERT INTO %s (%s) VALUES (?)", g.options.TableName, g.options.IDColumnName)
+	return g.tx.Exec(sql, id).Error
+}
+
+func (g *Gormigrate) begin() {
+	if g.options.UseTransaction {
+		g.tx = g.db.Begin()
+	} else {
+		g.tx = g.db
+	}
+}
+
+func (g *Gormigrate) commit() error {
+	if g.options.UseTransaction {
+		if err := g.tx.Commit().Error; err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (g *Gormigrate) rollback() {
+	if g.options.UseTransaction {
+		g.tx.Rollback()
+	}
+}
--- a/vendor/vendor.json
+++ b/vendor/vendor.json
@@ -8,12 +8,24 @@
 			"revision": "648efa622239a2f6ff949fed78ee37b48d499ba4",
 			"revisionTime": "2016-10-02T11:37:05Z"
 		},
+		{
+			"checksumSHA1": "qe14CYEIsrbHmel1u0gsdZNFPLQ=",
+			"path": "github.com/asaskevich/govalidator",
+			"revision": "2c14e1cca90af49b3b21fe2d7aaa8cc7f9da2ff8",
+			"revisionTime": "2017-04-02T15:00:40Z"
+		},
 		{
 			"checksumSHA1": "3z3RDSBixjg5A0XPPwAfrpoajoQ=",
 			"path": "github.com/gliderlabs/ssh",
 			"revision": "0c9c3575f476a0c2779aafb89d1838ca4ab7ac16",
 			"revisionTime": "2017-11-01T23:11:58Z"
 		},
+		{
+			"checksumSHA1": "fI9spYCCgBl19GMD/JsW+znBHkw=",
+			"path": "github.com/go-gormigrate/gormigrate",
+			"revision": "21b0b93e8253d575d9185974835423f98d30158d",
+			"revisionTime": "2017-07-12T16:00:52Z"
+		},
 		{
 			"checksumSHA1": "os4jdoOUjr86qvOwri8Ut1rXDrg=",
 			"path": "github.com/go-sql-driver/mysql",
Author	SHA1	Message	Date
Manfred Touron	f6ba06298d	v1.3.0	2017-11-23 19:04:00 +01:00
Manfred Touron	31a8cef59f	Merge pull request #9 from moul/dev/moul/roles Support multiple roles	2017-11-23 19:00:12 +01:00
Manfred Touron	beeba0551b	Add 'listhosts' role (fix #5 )	2017-11-23 18:59:59 +01:00
Manfred Touron	a36bb68957	Allow connecting to the shell mode with the registered username or email	2017-11-23 17:45:16 +01:00
Manfred Touron	9cd9152a91	Switch from IsAdmin boolean to Roles	2017-11-23 17:45:16 +01:00
Manfred Touron	09c1e0504e	Add 'acl update' command (fix #4 )	2017-11-23 12:01:17 +01:00
Manfred Touron	37d7c839dd	Add 'user update' command (fix #3 )	2017-11-23 11:36:24 +01:00
Manfred Touron	8ba418308e	Merge pull request #8 from moul/dev/moul/wip-update Add 'host update'	2017-11-23 10:36:34 +01:00
Manfred Touron	cfcf124d83	Improve CLI help messages	2017-11-23 10:35:51 +01:00
Manfred Touron	ccb0071d12	Add Add 'host update' command (fix #2 )	2017-11-23 10:15:28 +01:00
Manfred Touron	681f59c1e6	More details in 'ls' commands	2017-11-23 10:05:13 +01:00
Manfred Touron	1bdee1a107	Refactor database helpers	2017-11-23 09:58:32 +01:00
Manfred Touron	a2f3a51fe5	Post-release version bump	2017-11-22 15:16:24 +01:00
Manfred Touron	98d4360a76	v1.2.0	2017-11-22 15:15:30 +01:00
Manfred Touron	15c58c99b2	Small typo	2017-11-20 11:12:58 +01:00
Manfred Touron	e6198e16e5	Testing backup/restore/backup/diff in integration	2017-11-20 10:24:30 +01:00
Manfred Touron	97d166ad8f	Enable debug in integration	2017-11-19 01:30:37 +01:00
Manfred Touron	fb4ca3d219	Use a database migration system	2017-11-19 01:30:35 +01:00
Manfred Touron	62aea661cc	Backup/restore settings	2017-11-19 01:30:16 +01:00
Manfred Touron	f33326db4d	govendor add github.com/go-gormigrate/gormigrate	2017-11-19 01:30:15 +01:00
Manfred Touron	c5d00728d0	$> govendor add github.com/asaskevich/govalidator	2017-11-19 01:30:15 +01:00
Manfred Touron	1591cbc208	Use govalidator to perform more consistent input validation	2017-11-19 01:30:13 +01:00
Manfred Touron	58d9aef616	Test ACLs/hostgroups/usergroups	2017-11-15 19:17:14 +01:00
Manfred Touron	a087cdad09	Store and compare version in database	2017-11-15 19:17:14 +01:00
Manfred Touron	7f754e2ab9	Add basic integration tests	2017-11-15 19:17:14 +01:00
Manfred Touron	2261d27c94	Allow to set the first invite token (for testing)	2017-11-15 19:17:14 +01:00
Manfred Touron	f97c9f2878	Support assign multiple groups to hosts and users (#2 )	2017-11-15 19:16:55 +01:00
Manfred Touron	d6a7a6702f	Post-release version bump	2017-11-14 11:16:24 +01:00
Manfred Touron	abba8dc990	Show how to expose port with Docker	2017-11-14 10:15:40 +01:00
Manfred Touron	602514f517	Add Docker upgrade instructions	2017-11-14 10:12:25 +01:00
Manfred Touron	8db6afe8b9	Add 'make backup' dev helper	2017-11-14 09:57:59 +01:00
Manfred Touron	3e565365f6	v1.1.0	2017-11-14 01:29:59 +01:00
Manfred Touron	20fee4e98a	Set random seed properly	2017-11-14 01:29:25 +01:00
Manfred Touron	2cc91bf681	Disable mysql support	2017-11-14 01:28:18 +01:00
Manfred Touron	9253b9dd60	Add CHANGELOG.md	2017-11-14 01:20:50 +01:00
Manfred Touron	20a2ffcd6c	Add better versionning	2017-11-14 01:13:51 +01:00
Manfred Touron	0b137e1939	Use dynamic version	2017-11-14 00:38:23 +01:00
Manfred Touron	8d6a76a93b	Add Docker instruction	2017-11-14 00:27:12 +01:00
Manfred Touron	5ad2d59b3b	Add note about backup/restore	2017-11-14 00:21:19 +01:00
Manfred Touron	83ad730579	Add 'config restore'	2017-11-13 23:57:52 +01:00
Manfred Touron	f03cdc095c	Add 'config backup'	2017-11-13 20:22:45 +01:00
Manfred Touron	0b9f9b43a8	Implement exit (fix #6 )	2017-11-13 20:15:12 +01:00