mirror of
https://gitlab.com/fabinfra/fabaccess/bffh.git
synced 2024-12-22 03:33:48 +01:00
Tracing and dumping
This commit is contained in:
parent
48003ef51c
commit
2e5f343d52
@ -22,8 +22,4 @@ impl AuthorizationHandle {
|
||||
let user = self.users.get_user(uid.as_ref())?;
|
||||
Some(user.userdata.roles.clone())
|
||||
}
|
||||
|
||||
pub fn is_permitted<'a>(&self, roles: impl IntoIterator<Item=&'a Role>, perm: impl AsRef<Permission>) -> bool {
|
||||
unimplemented!()
|
||||
}
|
||||
}
|
@ -54,6 +54,8 @@ enum State {
|
||||
|
||||
impl AuthenticationSystem for Authentication {
|
||||
fn step(&mut self, params: StepParams, mut results: StepResults) -> Promise<(), Error> {
|
||||
let span = tracing::trace_span!("step");
|
||||
let _guard = span.enter();
|
||||
let mut builder = results.get();
|
||||
if let State::Running(mut session, manager) =
|
||||
std::mem::replace(&mut self.state, State::Aborted)
|
||||
|
@ -1,3 +1,4 @@
|
||||
use std::net::SocketAddr;
|
||||
pub use api::connection_capnp::bootstrap::Client;
|
||||
use api::connection_capnp::bootstrap;
|
||||
|
||||
@ -10,13 +11,16 @@ use crate::session::SessionManager;
|
||||
|
||||
/// Cap'n Proto API Handler
|
||||
pub struct BootCap {
|
||||
peer_addr: SocketAddr,
|
||||
authentication: AuthenticationHandle,
|
||||
sessionmanager: SessionManager,
|
||||
}
|
||||
|
||||
impl BootCap {
|
||||
pub fn new(authentication: AuthenticationHandle, sessionmanager: SessionManager) -> Self {
|
||||
pub fn new(peer_addr: SocketAddr, authentication: AuthenticationHandle, sessionmanager: SessionManager) -> Self {
|
||||
tracing::trace!(%peer_addr, "bootstrapping RPC");
|
||||
Self {
|
||||
peer_addr,
|
||||
authentication,
|
||||
sessionmanager,
|
||||
}
|
||||
@ -29,6 +33,8 @@ impl bootstrap::Server for BootCap {
|
||||
_: bootstrap::GetAPIVersionParams,
|
||||
_: bootstrap::GetAPIVersionResults,
|
||||
) -> Promise<(), ::capnp::Error> {
|
||||
let span = tracing::trace_span!("get_api_version", peer_addr=%self.peer_addr);
|
||||
let _guard = span.enter();
|
||||
Promise::ok(())
|
||||
}
|
||||
|
||||
@ -37,6 +43,8 @@ impl bootstrap::Server for BootCap {
|
||||
_: bootstrap::GetServerReleaseParams,
|
||||
mut result: bootstrap::GetServerReleaseResults,
|
||||
) -> Promise<(), ::capnp::Error> {
|
||||
let span = tracing::trace_span!("get_server_release", peer_addr=%self.peer_addr);
|
||||
let _guard = span.enter();
|
||||
let mut builder = result.get();
|
||||
builder.set_name("bffhd");
|
||||
builder.set_release(crate::RELEASE_STRING);
|
||||
@ -45,9 +53,14 @@ impl bootstrap::Server for BootCap {
|
||||
|
||||
fn mechanisms(
|
||||
&mut self,
|
||||
_: bootstrap::MechanismsParams,
|
||||
params: bootstrap::MechanismsParams,
|
||||
mut result: bootstrap::MechanismsResults,
|
||||
) -> Promise<(), ::capnp::Error> {
|
||||
let span = tracing::trace_span!("mechanisms", peer_addr=%self.peer_addr);
|
||||
let _guard = span.enter();
|
||||
|
||||
tracing::trace!("mechanisms");
|
||||
|
||||
let mut builder = result.get();
|
||||
let mechs: Vec<_> = self.authentication.list_available_mechs()
|
||||
.into_iter()
|
||||
@ -66,9 +79,14 @@ impl bootstrap::Server for BootCap {
|
||||
params: bootstrap::CreateSessionParams,
|
||||
mut result: bootstrap::CreateSessionResults,
|
||||
) -> Promise<(), ::capnp::Error> {
|
||||
let span = tracing::trace_span!("create_session", peer_addr=%self.peer_addr);
|
||||
let _guard = span.enter();
|
||||
|
||||
let params = pry!(params.get());
|
||||
let mechanism: &str = pry!(params.get_mechanism());
|
||||
|
||||
tracing::trace!(mechanism);
|
||||
|
||||
let mechname = Mechname::new(mechanism.as_bytes());
|
||||
let auth = if let Ok(mechname) = mechname {
|
||||
if let Ok(session) = self.authentication.start(mechname) {
|
||||
|
@ -16,7 +16,9 @@ use std::fs::File;
|
||||
use std::future::Future;
|
||||
use std::io;
|
||||
use std::io::BufReader;
|
||||
use std::net::SocketAddr;
|
||||
use std::sync::Arc;
|
||||
use nix::sys::socket::SockAddr;
|
||||
use crate::authentication::AuthenticationHandle;
|
||||
use crate::authorization::AuthorizationHandle;
|
||||
|
||||
@ -107,6 +109,8 @@ impl APIServer {
|
||||
.collect()
|
||||
.await;
|
||||
|
||||
tracing::info!("listening on {:?}", sockets);
|
||||
|
||||
if sockets.is_empty() {
|
||||
tracing::warn!("No usable listen addresses configured for the API server!");
|
||||
}
|
||||
@ -123,16 +127,25 @@ impl APIServer {
|
||||
.take_until(stop)
|
||||
.for_each(|stream| async {
|
||||
match stream {
|
||||
Ok(stream) => self.handle(self.acceptor.accept(stream)),
|
||||
Ok(stream) => {
|
||||
if let Ok(peer_addr) = stream.peer_addr() {
|
||||
self.handle(peer_addr, self.acceptor.accept(stream))
|
||||
} else {
|
||||
tracing::error!(?stream, "failing a TCP connection with no peer addr");
|
||||
}
|
||||
},
|
||||
Err(e) => tracing::warn!("Failed to accept stream: {}", e),
|
||||
}
|
||||
});
|
||||
}).await;
|
||||
tracing::info!("closing down API handler");
|
||||
}
|
||||
|
||||
fn handle<IO: 'static + Unpin + AsyncRead + AsyncWrite>(
|
||||
&self,
|
||||
peer_addr: SocketAddr,
|
||||
stream: impl Future<Output = io::Result<TlsStream<IO>>>,
|
||||
) {
|
||||
tracing::debug!("handling new API connection");
|
||||
let f = async move {
|
||||
let stream = match stream.await {
|
||||
Ok(stream) => stream,
|
||||
@ -144,7 +157,7 @@ impl APIServer {
|
||||
let (rx, tx) = futures_lite::io::split(stream);
|
||||
let vat = VatNetwork::new(rx, tx, Side::Server, Default::default());
|
||||
|
||||
let bootstrap: connection::Client = capnp_rpc::new_client(connection::BootCap::new(self.authentication.clone(), self.sessionmanager.clone()));
|
||||
let bootstrap: connection::Client = capnp_rpc::new_client(connection::BootCap::new(peer_addr, self.authentication.clone(), self.sessionmanager.clone()));
|
||||
|
||||
if let Err(e) = RpcSystem::new(Box::new(vat), Some(bootstrap.client)).await {
|
||||
tracing::error!("Error during RPC handling: {}", e);
|
||||
|
@ -49,10 +49,10 @@ use rkyv::Infallible;
|
||||
use crate::resources::state::{State, db::StateDB};
|
||||
use std::iter::FromIterator;
|
||||
use std::ops::Deref;
|
||||
use crate::authentication::db::PassDB;
|
||||
use crate::resources::search::ResourcesHandle;
|
||||
use crate::utils::oid::{ArchivedObjectIdentifier, ObjectIdentifier};
|
||||
use crate::resources::state::value::SerializeValue;
|
||||
use crate::Users;
|
||||
|
||||
#[derive(Debug)]
|
||||
pub enum DBError {
|
||||
@ -130,14 +130,12 @@ impl<V: Serialize<AlignedSerializer<AlignedVec>>> Adapter for AlignedAdapter<V>
|
||||
#[derive(Debug, serde::Serialize)]
|
||||
pub struct Dump {
|
||||
users: HashMap<String, User>,
|
||||
passwds: HashMap<String, String>,
|
||||
states: HashMap<String, State>,
|
||||
}
|
||||
|
||||
impl Dump {
|
||||
pub fn new(userdb: UserDB, passdb: PassDB, resources: ResourcesHandle) -> Result<Self> {
|
||||
let users = HashMap::from_iter(userdb.get_all()?.into_iter());
|
||||
let passwds = HashMap::from_iter(passdb.get_all()?.into_iter());
|
||||
pub fn new(userdb: Users, resources: ResourcesHandle) -> Result<Self> {
|
||||
let users = HashMap::from_iter(userdb.into_inner().get_all()?.into_iter());
|
||||
let mut states = HashMap::new();
|
||||
for resource in resources.list_all().into_iter() {
|
||||
if let Some(output) = resource.get_raw_state() {
|
||||
@ -147,6 +145,6 @@ impl Dump {
|
||||
}
|
||||
}
|
||||
|
||||
Ok(Self { users, passwds, states })
|
||||
Ok(Self { users, states })
|
||||
}
|
||||
}
|
@ -47,7 +47,7 @@ impl StateDB {
|
||||
| EnvironmentFlags::NO_SUB_DIR
|
||||
| EnvironmentFlags::NO_TLS
|
||||
| EnvironmentFlags::NO_READAHEAD)
|
||||
.set_max_dbs(2)
|
||||
.set_max_dbs(4)
|
||||
.open(path.as_ref())
|
||||
.map(Arc::new)
|
||||
}
|
||||
|
@ -25,7 +25,6 @@ use std::sync::Arc;
|
||||
|
||||
pub mod db;
|
||||
|
||||
pub use crate::authentication::db::PassDB;
|
||||
use crate::authorization::roles::Role;
|
||||
use crate::db::LMDBorrow;
|
||||
use crate::users::db::UserData;
|
||||
@ -80,6 +79,10 @@ impl Users {
|
||||
Ok(Self { userdb })
|
||||
}
|
||||
|
||||
pub(crate) fn into_inner(self) -> &'static UserDB {
|
||||
self.userdb
|
||||
}
|
||||
|
||||
pub fn get_user(&self, uid: &str) -> Option<db::User> {
|
||||
tracing::trace!(uid, "Looking up user");
|
||||
self.userdb
|
||||
|
@ -112,7 +112,9 @@ fn main() -> anyhow::Result<()> {
|
||||
let mut config = config::read(&PathBuf::from_str(configpath).unwrap()).unwrap();
|
||||
|
||||
if matches.is_present("dump") {
|
||||
unimplemented!()
|
||||
let bffh = Diflouroborane::new(config)?;
|
||||
let dump = Dump::new(bffh.users, bffh.resources)?;
|
||||
println!("{:?}", dump);
|
||||
} else if matches.is_present("load") {
|
||||
let bffh = Diflouroborane::new(config)?;
|
||||
bffh.users.load_file(matches.value_of("load").unwrap());
|
||||
|
Loading…
Reference in New Issue
Block a user