mirror of
https://gitlab.com/fabinfra/fabaccess/bffh.git
synced 2024-11-22 14:57:56 +01:00
Api restructure zum zweiten
This commit is contained in:
parent
220942b80a
commit
5f75dd0925
61
src/api.rs
61
src/api.rs
@ -1,2 +1,63 @@
|
||||
use std::sync::Arc;
|
||||
|
||||
use capnp::capability::{Params, Results, Promise, FromServer};
|
||||
|
||||
use crate::schema::connection_capnp;
|
||||
use crate::connection::Session;
|
||||
|
||||
pub mod auth;
|
||||
mod machine;
|
||||
mod machines;
|
||||
|
||||
use machines::Machines;
|
||||
|
||||
pub struct Bootstrap {
|
||||
session: Arc<Session>
|
||||
}
|
||||
|
||||
impl Bootstrap {
|
||||
pub fn new(session: Arc<Session>) -> Self {
|
||||
Self { session }
|
||||
}
|
||||
}
|
||||
|
||||
use connection_capnp::bootstrap::*;
|
||||
impl connection_capnp::bootstrap::Server for Bootstrap {
|
||||
fn auth(&mut self,
|
||||
_: Params<auth_params::Owned>,
|
||||
mut res: Results<auth_results::Owned>
|
||||
) -> Promise<(), capnp::Error> {
|
||||
// Forbid mutltiple authentication for now
|
||||
// TODO: When should we allow multiple auth and how do me make sure that does not leak
|
||||
// priviledges (e.g. due to previously issues caps)?
|
||||
if self.session.user.is_none() {
|
||||
res.get().set_auth(capnp_rpc::new_client(auth::Auth::new()))
|
||||
}
|
||||
|
||||
Promise::ok(())
|
||||
}
|
||||
|
||||
fn permissions(&mut self,
|
||||
_: Params<permissions_params::Owned>,
|
||||
mut res: Results<permissions_results::Owned>
|
||||
) -> Promise<(), capnp::Error> {
|
||||
if self.session.user.is_some() {
|
||||
}
|
||||
|
||||
Promise::ok(())
|
||||
}
|
||||
|
||||
fn machines(&mut self,
|
||||
_: Params<machines_params::Owned>,
|
||||
mut res: Results<machines_results::Owned>
|
||||
) -> Promise<(), capnp::Error> {
|
||||
// TODO actual permission check and stuff
|
||||
if self.session.user.is_some() {
|
||||
let c = capnp_rpc::new_client(Machines::new(self.session.clone()));
|
||||
res.get().set_machines(c);
|
||||
}
|
||||
|
||||
Promise::ok(())
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -7,7 +7,7 @@ use crate::schema::api_capnp::machines;
|
||||
use crate::connection::Session;
|
||||
|
||||
/// An implementation of the `Machines` API
|
||||
struct Machines {
|
||||
pub struct Machines {
|
||||
/// A reference to the connection — as long as at least one API endpoint is
|
||||
/// still alive the session has to be as well.
|
||||
session: Arc<Session>,
|
||||
|
@ -5,21 +5,18 @@ use slog::Logger;
|
||||
use smol::net::TcpStream;
|
||||
|
||||
use crate::error::{Error, Result};
|
||||
use crate::auth;
|
||||
use crate::api;
|
||||
|
||||
pub use crate::schema::connection_capnp;
|
||||
use crate::db::Databases;
|
||||
use crate::api::auth;
|
||||
use crate::api::Bootstrap;
|
||||
|
||||
use capnp_rpc::{twoparty, rpc_twoparty_capnp};
|
||||
|
||||
use capnp::capability::{Params, Results, Promise, FromServer};
|
||||
use crate::schema::connection_capnp;
|
||||
|
||||
/// Connection context
|
||||
// TODO this should track over several connections
|
||||
pub struct Session {
|
||||
log: Logger,
|
||||
user: Option<auth::User>,
|
||||
pub user: Option<auth::User>,
|
||||
}
|
||||
|
||||
impl Session {
|
||||
@ -30,50 +27,6 @@ impl Session {
|
||||
}
|
||||
}
|
||||
|
||||
struct Bootstrap {
|
||||
session: Arc<Session>
|
||||
}
|
||||
|
||||
impl Bootstrap {
|
||||
pub fn new(session: Arc<Session>) -> Self {
|
||||
Self { session }
|
||||
}
|
||||
}
|
||||
|
||||
use connection_capnp::bootstrap::*;
|
||||
impl connection_capnp::bootstrap::Server for Bootstrap {
|
||||
fn auth(&mut self,
|
||||
_: Params<auth_params::Owned>,
|
||||
mut res: Results<auth_results::Owned>
|
||||
) -> Promise<(), capnp::Error> {
|
||||
// Forbid mutltiple authentication for now
|
||||
// TODO: When should we allow multiple auth and how do me make sure that does not leak
|
||||
// priviledges (e.g. due to previously issues caps)?
|
||||
if self.session.user.is_none() {
|
||||
res.get().set_auth(capnp_rpc::new_client(auth::Auth::new()))
|
||||
}
|
||||
|
||||
Promise::ok(())
|
||||
}
|
||||
|
||||
fn permissions(&mut self,
|
||||
_: Params<permissions_params::Owned>,
|
||||
mut res: Results<permissions_results::Owned>
|
||||
) -> Promise<(), capnp::Error> {
|
||||
if self.session.user.is_some() {
|
||||
}
|
||||
|
||||
Promise::ok(())
|
||||
}
|
||||
|
||||
fn machines(&mut self,
|
||||
_: Params<machines_params::Owned>,
|
||||
mut res: Results<machines_results::Owned>
|
||||
) -> Promise<(), capnp::Error> {
|
||||
Promise::ok(())
|
||||
}
|
||||
}
|
||||
|
||||
async fn handshake(log: &Logger, stream: &mut TcpStream) -> Result<()> {
|
||||
if let Some(m) = capnp_futures::serialize::read_message(stream.clone(), Default::default()).await? {
|
||||
let greeting = m.get_root::<connection_capnp::greeting::Reader>()?;
|
||||
|
@ -7,7 +7,6 @@ extern crate capnp_rpc;
|
||||
#[macro_use]
|
||||
extern crate async_trait;
|
||||
|
||||
mod auth;
|
||||
mod modules;
|
||||
mod log;
|
||||
mod api;
|
||||
@ -144,7 +143,7 @@ fn main() -> Result<(), Error> {
|
||||
let env = Arc::new(env);
|
||||
let mdb = db::machine::init(log.new(o!("system" => "machines")), &config, env.clone());
|
||||
let pdb = db::access::init(log.new(o!("system" => "permissions")), &config, env.clone());
|
||||
let authentication_f = auth::init(log.new(o!("system" => "authentication")), config.clone());
|
||||
let authentication_f = api::auth::init(log.new(o!("system" => "authentication")), config.clone());
|
||||
|
||||
// If --load or --dump is given we can stop at this point and load/dump the database and then
|
||||
// exit.
|
||||
|
Loading…
Reference in New Issue
Block a user