fabaccess-bffh/src/machine.rs

204 lines
7.1 KiB
Rust
Raw Normal View History

use std::path::Path;
2020-11-30 14:08:03 +01:00
use std::task::{Poll, Context};
use std::pin::Pin;
use std::future::Future;
use std::collections::HashMap;
use std::fs;
2020-11-17 13:40:44 +01:00
use serde::{Serialize, Deserialize};
2020-11-17 12:09:45 +01:00
use futures_signals::signal::Signal;
use futures_signals::signal::SignalExt;
use futures_signals::signal::Mutable;
2020-11-17 12:26:35 +01:00
use uuid::Uuid;
2020-11-30 14:08:03 +01:00
use crate::error::{Result, Error};
2020-11-17 12:09:45 +01:00
use crate::db::access;
use crate::db::machine::{MachineIdentifier, Status, MachineState};
2020-11-24 15:57:23 +01:00
use crate::db::user::User;
2020-11-17 12:09:45 +01:00
#[derive(Debug)]
/// Internal machine representation
///
/// A machine connects an event from a sensor to an actor activating/deactivating a real-world
/// machine, checking that the user who wants the machine (de)activated has the required
/// permissions.
pub struct Machine {
/// Globally unique machine readable identifier
2020-11-20 15:43:03 +01:00
pub id: MachineIdentifier,
2020-11-17 13:40:44 +01:00
/// Descriptor of the machine
2020-11-20 15:43:03 +01:00
pub desc: MachineDescription,
2020-11-17 12:09:45 +01:00
/// The state of the machine as bffh thinks the machine *should* be in.
///
/// This is a Signal generator. Subscribers to this signal will be notified of changes. In the
/// case of an actor it should then make sure that the real world matches up with the set state
state: Mutable<MachineState>,
2020-11-30 14:08:03 +01:00
reset: Option<MachineState>,
rx: Option<futures::channel::oneshot::Receiver<()>>,
access: access::AccessControl,
2020-11-17 12:09:45 +01:00
}
impl Machine {
2020-11-30 14:08:03 +01:00
pub fn new(id: MachineIdentifier, desc: MachineDescription, access: access::AccessControl, state: MachineState) -> Machine {
2020-11-17 12:09:45 +01:00
Machine {
id: id,
2020-11-17 13:40:44 +01:00
desc: desc,
2020-11-30 14:08:03 +01:00
state: Mutable::new(state),
reset: None,
rx: None,
access: access,
2020-11-17 12:09:45 +01:00
}
}
/// Generate a signal from the internal state.
///
/// A signal is a lossy stream of state changes. Lossy in that if changes happen in quick
/// succession intermediary values may be lost. But this isn't really relevant in this case
/// since the only relevant state is the latest one.
pub fn signal(&self) -> impl Signal<Item=MachineState> {
// dedupe ensures that if state is changed but only changes to the value it had beforehand
// (could for example happen if the machine changes current user but stays activated) no
// update is sent.
Box::pin(self.state.signal_cloned().dedupe_cloned())
}
2020-11-30 14:08:03 +01:00
/// Requests to use a machine. Returns a return token if successful.
2020-11-17 12:09:45 +01:00
///
/// This will update the internal state of the machine, notifying connected actors, if any.
2020-11-30 14:08:03 +01:00
/// The return token is a channel that considers the machine 'returned' if anything is sent
/// along it or if the sending end gets dropped. Anybody who holds this token needs to check if
/// the receiving end was canceled which indicates that the machine has been taken off their
/// hands.
pub async fn request_state_change(&mut self, who: &User, new_state: MachineState)
-> Result<ReturnToken>
2020-11-17 12:09:45 +01:00
{
2020-11-30 14:08:03 +01:00
if self.access.check(&who.data, &self.desc.privs.write).await? {
if self.state.lock_ref().is_higher_priority(who.data.priority) {
let (tx, rx) = futures::channel::oneshot::channel();
let old_state = self.state.replace(new_state);
self.reset.replace(old_state);
// Also this drops the old receiver, which will signal to the initiator that the
// machine has been taken off their hands.
self.rx.replace(rx);
return Ok(tx);
}
2020-11-17 12:09:45 +01:00
}
2020-11-30 14:08:03 +01:00
return Err(Error::Denied);
2020-11-17 12:09:45 +01:00
}
pub fn set_state(&mut self, state: Status) {
self.state.set(MachineState { state })
}
2020-11-30 14:08:03 +01:00
pub fn get_signal(&self) -> impl Signal {
self.state.signal_cloned().dedupe_cloned()
}
pub fn reset_state(&mut self) {
if let Some(state) = self.reset.take() {
self.state.replace(state);
}
}
}
type ReturnToken = futures::channel::oneshot::Sender<()>;
impl Future for Machine {
type Output = MachineState;
fn poll(mut self: Pin<&mut Self>, cx: &mut Context) -> Poll<Self::Output> {
let mut this = &mut *self;
// TODO Return this on exit
if false {
return Poll::Ready(self.state.get_cloned());
}
if let Some(mut rx) = this.rx.take() {
match Future::poll(Pin::new(&mut rx), cx) {
// Regardless if we were canceled or properly returned, reset.
Poll::Ready(_) => self.reset_state(),
Poll::Pending => { this.rx.replace(rx); },
}
}
Poll::Pending
}
2020-11-17 12:09:45 +01:00
}
2020-11-17 13:40:44 +01:00
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
2020-11-17 13:40:44 +01:00
/// A description of a machine
///
/// This is the struct that a machine is serialized to/from.
/// Combining this with the actual state of the system will return a machine
pub struct MachineDescription {
/// The name of the machine. Doesn't need to be unique but is what humans will be presented.
2020-11-20 15:43:03 +01:00
pub name: String,
2020-11-17 13:40:44 +01:00
/// An optional description of the Machine.
2020-11-20 15:43:03 +01:00
pub description: Option<String>,
2020-11-17 13:40:44 +01:00
/// The permission required
#[serde(flatten)]
2020-11-17 13:40:44 +01:00
privs: access::PrivilegesBuf,
}
impl MachineDescription {
2020-11-20 13:06:55 +01:00
pub fn load_file<P: AsRef<Path>>(path: P) -> Result<HashMap<MachineIdentifier, MachineDescription>> {
let content = fs::read(path)?;
Ok(toml::from_slice(&content[..])?)
}
}
#[cfg(test)]
mod tests {
use super::*;
use std::iter::FromIterator;
use crate::db::access::{PermissionBuf, PrivilegesBuf};
#[test]
fn load_examples_descriptions_test() {
2020-11-19 15:10:42 +01:00
let mut machines = MachineDescription::load_file("examples/machines.toml")
.expect("Couldn't load the example machine defs. Does `examples/machines.toml` exist?");
2020-11-19 15:10:42 +01:00
let expected =
vec![
(Uuid::parse_str("e5408099-d3e5-440b-a92b-3aabf7683d6b").unwrap(),
2020-11-19 15:10:42 +01:00
MachineDescription {
name: "Somemachine".to_string(),
description: None,
privs: PrivilegesBuf {
disclose: PermissionBuf::from_string("lab.some.disclose".to_string()),
read: PermissionBuf::from_string("lab.some.read".to_string()),
write: PermissionBuf::from_string("lab.some.write".to_string()),
manage: PermissionBuf::from_string("lab.some.admin".to_string()),
},
}),
(Uuid::parse_str("eaabebae-34d1-4a3a-912a-967b495d3d6e").unwrap(),
2020-11-19 15:10:42 +01:00
MachineDescription {
name: "Testmachine".to_string(),
description: Some("An optional description".to_string()),
privs: PrivilegesBuf {
disclose: PermissionBuf::from_string("lab.test.read".to_string()),
read: PermissionBuf::from_string("lab.test.read".to_string()),
write: PermissionBuf::from_string("lab.test.write".to_string()),
manage: PermissionBuf::from_string("lab.test.admin".to_string()),
},
}),
];
for (id, machine) in expected.into_iter() {
assert_eq!(machines.remove(&id).unwrap(), machine);
}
2020-11-19 15:10:42 +01:00
assert!(machines.is_empty());
}
}