Api restructure zum zweiten

This commit is contained in:
Gregor Reitzenstein 2020-11-17 14:35:16 +01:00
parent 220942b80a
commit 5f75dd0925
5 changed files with 67 additions and 54 deletions

View File

@ -1,2 +1,63 @@
use std::sync::Arc;
use capnp::capability::{Params, Results, Promise, FromServer};
use crate::schema::connection_capnp;
use crate::connection::Session;
pub mod auth;
mod machine; mod machine;
mod machines; mod machines;
use machines::Machines;
pub struct Bootstrap {
session: Arc<Session>
}
impl Bootstrap {
pub fn new(session: Arc<Session>) -> Self {
Self { session }
}
}
use connection_capnp::bootstrap::*;
impl connection_capnp::bootstrap::Server for Bootstrap {
fn auth(&mut self,
_: Params<auth_params::Owned>,
mut res: Results<auth_results::Owned>
) -> Promise<(), capnp::Error> {
// Forbid mutltiple authentication for now
// TODO: When should we allow multiple auth and how do me make sure that does not leak
// priviledges (e.g. due to previously issues caps)?
if self.session.user.is_none() {
res.get().set_auth(capnp_rpc::new_client(auth::Auth::new()))
}
Promise::ok(())
}
fn permissions(&mut self,
_: Params<permissions_params::Owned>,
mut res: Results<permissions_results::Owned>
) -> Promise<(), capnp::Error> {
if self.session.user.is_some() {
}
Promise::ok(())
}
fn machines(&mut self,
_: Params<machines_params::Owned>,
mut res: Results<machines_results::Owned>
) -> Promise<(), capnp::Error> {
// TODO actual permission check and stuff
if self.session.user.is_some() {
let c = capnp_rpc::new_client(Machines::new(self.session.clone()));
res.get().set_machines(c);
}
Promise::ok(())
}
}

View File

@ -7,7 +7,7 @@ use crate::schema::api_capnp::machines;
use crate::connection::Session; use crate::connection::Session;
/// An implementation of the `Machines` API /// An implementation of the `Machines` API
struct Machines { pub struct Machines {
/// A reference to the connection — as long as at least one API endpoint is /// A reference to the connection — as long as at least one API endpoint is
/// still alive the session has to be as well. /// still alive the session has to be as well.
session: Arc<Session>, session: Arc<Session>,

View File

@ -5,21 +5,18 @@ use slog::Logger;
use smol::net::TcpStream; use smol::net::TcpStream;
use crate::error::{Error, Result}; use crate::error::{Error, Result};
use crate::auth; use crate::api::auth;
use crate::api; use crate::api::Bootstrap;
pub use crate::schema::connection_capnp;
use crate::db::Databases;
use capnp_rpc::{twoparty, rpc_twoparty_capnp}; use capnp_rpc::{twoparty, rpc_twoparty_capnp};
use capnp::capability::{Params, Results, Promise, FromServer}; use crate::schema::connection_capnp;
/// Connection context /// Connection context
// TODO this should track over several connections // TODO this should track over several connections
pub struct Session { pub struct Session {
log: Logger, log: Logger,
user: Option<auth::User>, pub user: Option<auth::User>,
} }
impl Session { impl Session {
@ -30,50 +27,6 @@ impl Session {
} }
} }
struct Bootstrap {
session: Arc<Session>
}
impl Bootstrap {
pub fn new(session: Arc<Session>) -> Self {
Self { session }
}
}
use connection_capnp::bootstrap::*;
impl connection_capnp::bootstrap::Server for Bootstrap {
fn auth(&mut self,
_: Params<auth_params::Owned>,
mut res: Results<auth_results::Owned>
) -> Promise<(), capnp::Error> {
// Forbid mutltiple authentication for now
// TODO: When should we allow multiple auth and how do me make sure that does not leak
// priviledges (e.g. due to previously issues caps)?
if self.session.user.is_none() {
res.get().set_auth(capnp_rpc::new_client(auth::Auth::new()))
}
Promise::ok(())
}
fn permissions(&mut self,
_: Params<permissions_params::Owned>,
mut res: Results<permissions_results::Owned>
) -> Promise<(), capnp::Error> {
if self.session.user.is_some() {
}
Promise::ok(())
}
fn machines(&mut self,
_: Params<machines_params::Owned>,
mut res: Results<machines_results::Owned>
) -> Promise<(), capnp::Error> {
Promise::ok(())
}
}
async fn handshake(log: &Logger, stream: &mut TcpStream) -> Result<()> { async fn handshake(log: &Logger, stream: &mut TcpStream) -> Result<()> {
if let Some(m) = capnp_futures::serialize::read_message(stream.clone(), Default::default()).await? { if let Some(m) = capnp_futures::serialize::read_message(stream.clone(), Default::default()).await? {
let greeting = m.get_root::<connection_capnp::greeting::Reader>()?; let greeting = m.get_root::<connection_capnp::greeting::Reader>()?;

View File

@ -7,7 +7,6 @@ extern crate capnp_rpc;
#[macro_use] #[macro_use]
extern crate async_trait; extern crate async_trait;
mod auth;
mod modules; mod modules;
mod log; mod log;
mod api; mod api;
@ -144,7 +143,7 @@ fn main() -> Result<(), Error> {
let env = Arc::new(env); let env = Arc::new(env);
let mdb = db::machine::init(log.new(o!("system" => "machines")), &config, env.clone()); let mdb = db::machine::init(log.new(o!("system" => "machines")), &config, env.clone());
let pdb = db::access::init(log.new(o!("system" => "permissions")), &config, env.clone()); let pdb = db::access::init(log.new(o!("system" => "permissions")), &config, env.clone());
let authentication_f = auth::init(log.new(o!("system" => "authentication")), config.clone()); let authentication_f = api::auth::init(log.new(o!("system" => "authentication")), config.clone());
// If --load or --dump is given we can stop at this point and load/dump the database and then // If --load or --dump is given we can stop at this point and load/dump the database and then
// exit. // exit.