Appease the borrow checker

This commit is contained in:
Gregor Reitzenstein 2020-02-18 01:41:32 +01:00
parent 764b08d4fa
commit a3fa03f0ee
2 changed files with 20 additions and 9 deletions

View File

@ -12,9 +12,22 @@ use std::io::{Read, Write};
use std::ops::Deref;
use futures_signals::signal::Mutable;
use casbin::Enforcer;
use casbin::{Enforcer, Model, FileAdapter};
use slog::Logger;
use crate::error::Result;
use crate::config::Config;
pub async fn init(log: Logger, config: Config) -> Result<AuthenticationProvider> {
let passdb = open_passdb(&config.passdb).unwrap();
let m = Model::from_file(&config.access.model).await?;
let a = FileAdapter::new(config.access.policy);
let enforcer = Enforcer::new(m, Box::new(a)).await?;
Ok(AuthenticationProvider::new(passdb, enforcer))
}
#[derive(Debug)]
pub enum SASLError {
@ -50,11 +63,10 @@ pub fn open_passdb(path: &Path) -> Option<PassDB> {
}
}
#[derive(Clone)]
pub struct Plain {
// FIXME: I don't want to store passwords.
passdb: Mutable<PassDB>,
enforcer: Mutable<Enforcer>,
passdb: PassDB,
enforcer: Enforcer,
}
impl Plain {
@ -63,7 +75,7 @@ impl Plain {
if let Some((authzid, authcid, passwd)) = split_nul(data) {
// Check if we know about that user
if let Some(pwd) = self.passdb.lock_ref().get(authcid) {
if let Some(pwd) = self.passdb.get(authcid) {
// Check the provided password
// FIXME: At least use hashes
if pwd == passwd {
@ -73,8 +85,7 @@ impl Plain {
return Ok((true, authcid));
}
let e = self.enforcer.lock_ref();
if let Ok(b) = e.enforce(vec![authcid, authzid, "su"]) {
if let Ok(b) = self.enforcer.enforce(vec![authcid, authzid, "su"]) {
if b {
return Ok((true, authzid));
} else {
@ -109,7 +120,7 @@ pub struct AuthenticationProvider {
}
impl AuthenticationProvider {
pub fn new(passdb: Mutable<PassDB>, enforcer: Mutable<Enforcer>) -> Self {
pub fn new(passdb: PassDB, enforcer: Enforcer) -> Self {
Self {
plain: Plain { passdb, enforcer }
}

View File

@ -106,7 +106,7 @@ fn main() -> Result<(), Error> {
// filtered
let machinedb_f = machine::init(log.new(o!("system" => "machinedb")), &config);
let permission_f = access::init(log.new(o!("system" => "permissions")), &config);
let authentication_f = auth::init(log.new(o!("system" => "authentication")), &config);
let authentication_f = auth::init(log.new(o!("system" => "authentication")), config.clone());
// Bind to each address in config.listen.
// This is a Stream over Futures so it will do absolutely nothing unless polled to completion