mirror of
https://gitlab.com/fabinfra/fabaccess/bffh.git
synced 2024-12-25 05:03:48 +01:00
Make compile by deleting functionality that doesn't
This commit is contained in:
parent
06b8e19805
commit
e2b9d2a306
649
Cargo.lock
generated
649
Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
@ -80,8 +80,8 @@ tracing-futures = { version = "0.2", features = ["futures-03"] }
|
||||
|
||||
# API
|
||||
api = { path = "api", features = ["generated"] }
|
||||
capnp = "0.14"
|
||||
capnp-rpc = "0.14.1"
|
||||
capnp = "0.15.0"
|
||||
capnp-rpc = "0.15.0"
|
||||
|
||||
# API Authentication
|
||||
desfire = "0.2.0-alpha3"
|
||||
|
@ -10,10 +10,10 @@ generated = []
|
||||
gen_static = []
|
||||
|
||||
[dependencies]
|
||||
capnp = "0.14.3"
|
||||
capnpc = "0.14.4"
|
||||
capnp = "0.15.0"
|
||||
capnpc = "0.15.0"
|
||||
|
||||
[build-dependencies]
|
||||
capnpc = "0.14.4"
|
||||
capnpc = "0.15.0"
|
||||
# Used in build.rs to iterate over all files in schema/
|
||||
walkdir = "2.3.2"
|
@ -98,7 +98,8 @@ enum State {
|
||||
}
|
||||
|
||||
impl AuthenticationSystem for Authentication {
|
||||
fn step(&mut self, params: StepParams, mut results: StepResults) -> Promise<(), Error> {
|
||||
fn step(&mut self, params: StepParams, mut results: StepResults) -> Promise<(),
|
||||
Error> {
|
||||
let _guard = self.span.enter();
|
||||
let _span = tracing::trace_span!(target: TARGET, "step",).entered();
|
||||
|
||||
|
@ -28,6 +28,7 @@ mod permissionsystem;
|
||||
mod session;
|
||||
mod user;
|
||||
mod user_system;
|
||||
mod role;
|
||||
|
||||
pub struct APIServer {
|
||||
executor: Executor<'static>,
|
||||
|
16
bffhd/capnp/role.rs
Normal file
16
bffhd/capnp/role.rs
Normal file
@ -0,0 +1,16 @@
|
||||
use api::role_capnp::role;
|
||||
use crate::session::SessionHandle;
|
||||
|
||||
pub struct Role {
|
||||
session: SessionHandle,
|
||||
id: String,
|
||||
}
|
||||
impl Role {
|
||||
pub fn new(session: SessionHandle, id: String) -> Self {
|
||||
Self { session, id }
|
||||
}
|
||||
}
|
||||
|
||||
impl role::Server for Role {
|
||||
|
||||
}
|
@ -1,12 +1,14 @@
|
||||
use capnp_rpc::CapabilityServerSet;
|
||||
use crate::authorization::permissions::Permission;
|
||||
use api::auth_capnp::response::successful::Builder;
|
||||
use api::role_capnp;
|
||||
|
||||
use crate::capnp::machinesystem::Machines;
|
||||
use crate::capnp::permissionsystem::Permissions;
|
||||
use crate::capnp::role::Role;
|
||||
use crate::capnp::user_system::Users;
|
||||
use crate::session::SessionHandle;
|
||||
|
||||
#[derive(Debug, Clone)]
|
||||
pub struct APISession;
|
||||
|
||||
impl APISession {
|
||||
|
@ -2,8 +2,10 @@ use crate::authorization::permissions::Permission;
|
||||
use crate::session::SessionHandle;
|
||||
use crate::users::{db, UserRef};
|
||||
use api::user_capnp::user::{self, self_service, manage, admin};
|
||||
use capnp::capability::Promise;
|
||||
use capnp::capability::{Promise, FromClientHook};
|
||||
use capnp_rpc::pry;
|
||||
use api::role_capnp;
|
||||
use crate::capnp::role::Role;
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct User {
|
||||
@ -21,28 +23,10 @@ impl User {
|
||||
Self::new(session, user)
|
||||
}
|
||||
|
||||
pub fn build(session: SessionHandle, builder: user::Builder) {
|
||||
let this = Self::new_self(session);
|
||||
let user = this.session.get_user();
|
||||
Self::fill(&this.session, user, builder);
|
||||
}
|
||||
|
||||
pub fn fill(session: &SessionHandle, user: db::User) -> Self {
|
||||
builder.set_username(user.id.as_str());
|
||||
|
||||
// We have permissions on ourself
|
||||
let is_me = &session.get_user_ref().id == &user.id;
|
||||
|
||||
let client = Self::new(session.clone(), UserRef::new(user.id));
|
||||
|
||||
if is_me || session.has_perm(Permission::new("bffh.users.info")) {
|
||||
builder.set_info(capnp_rpc::new_client(client.clone()));
|
||||
}
|
||||
if is_me {
|
||||
builder.set_manage(capnp_rpc::new_client(client.clone()));
|
||||
}
|
||||
if session.has_perm(Permission::new("bffh.users.admin")) {
|
||||
builder.set_admin(capnp_rpc::new_client(client.clone()));
|
||||
pub fn fill(session: SessionHandle, user: db::User) -> Self {
|
||||
Self {
|
||||
user: UserRef::new(user.id),
|
||||
session,
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -56,8 +40,9 @@ impl user::Server for User {
|
||||
if let Some(user) = self.session.users.get_user(self.user.get_username()) {
|
||||
let mut builder = result.get().init_roles(user.userdata.roles.len() as u32);
|
||||
for (i, role) in user.userdata.roles.into_iter().enumerate() {
|
||||
let mut b = builder.reborrow().get(i as u32);
|
||||
b.set_name(role.as_str());
|
||||
let role = Role::new(self.session.clone(), role);
|
||||
let cap: role_capnp::role::Client = capnp_rpc::new_client(role);
|
||||
builder.reborrow().set(i as u32, cap.into_client_hook());
|
||||
}
|
||||
}
|
||||
Promise::ok(())
|
||||
@ -65,56 +50,7 @@ impl user::Server for User {
|
||||
}
|
||||
|
||||
impl manage::Server for User {
|
||||
fn add_role(
|
||||
&mut self,
|
||||
param: manage::AddRoleParams,
|
||||
_: manage::AddRoleResults,
|
||||
) -> Promise<(), ::capnp::Error> {
|
||||
let rolename = pry!(pry!(pry!(param.get()).get_role()).get_name());
|
||||
|
||||
if let Some(_role) = self.session.roles.get(rolename) {
|
||||
let mut target = self
|
||||
.session
|
||||
.users
|
||||
.get_user(self.user.get_username())
|
||||
.unwrap();
|
||||
|
||||
// Only update if needed
|
||||
if !target.userdata.roles.iter().any(|r| r.as_str() == rolename) {
|
||||
target.userdata.roles.push(rolename.to_string());
|
||||
self.session
|
||||
.users
|
||||
.put_user(self.user.get_username(), &target);
|
||||
}
|
||||
}
|
||||
|
||||
Promise::ok(())
|
||||
}
|
||||
fn remove_role(
|
||||
&mut self,
|
||||
param: manage::RemoveRoleParams,
|
||||
_: manage::RemoveRoleResults,
|
||||
) -> Promise<(), ::capnp::Error> {
|
||||
let rolename = pry!(pry!(pry!(param.get()).get_role()).get_name());
|
||||
|
||||
if let Some(_role) = self.session.roles.get(rolename) {
|
||||
let mut target = self
|
||||
.session
|
||||
.users
|
||||
.get_user(self.user.get_username())
|
||||
.unwrap();
|
||||
|
||||
// Only update if needed
|
||||
if target.userdata.roles.iter().any(|r| r.as_str() == rolename) {
|
||||
target.userdata.roles.retain(|r| r.as_str() != rolename);
|
||||
self.session
|
||||
.users
|
||||
.put_user(self.user.get_username(), &target);
|
||||
}
|
||||
}
|
||||
|
||||
Promise::ok(())
|
||||
}
|
||||
}
|
||||
|
||||
impl admin::Server for User {
|
||||
@ -123,7 +59,7 @@ impl admin::Server for User {
|
||||
param: admin::SetpwParams,
|
||||
_: admin::SetpwResults,
|
||||
) -> Promise<(), ::capnp::Error> {
|
||||
let new_pw = pry!(pry!(param.get()).get_new_pwd());
|
||||
let new_pw = pry!(pry!(param.get()).get_new());
|
||||
let uid = self.user.get_username();
|
||||
if let Some(mut user) = self.session.users.get_user(uid) {
|
||||
user.set_pw(new_pw.as_bytes());
|
||||
|
@ -1,7 +1,8 @@
|
||||
use api::users_capnp::users;
|
||||
use capnp::capability::Promise;
|
||||
use capnp::capability::{Promise, FromClientHook};
|
||||
use capnp_rpc::pry;
|
||||
use tracing::Span;
|
||||
use api::user_capnp;
|
||||
|
||||
use crate::capnp::user::User;
|
||||
|
||||
@ -40,7 +41,8 @@ impl users::Server for Users {
|
||||
let mut builder = result.get().init_users(users.len() as u32);
|
||||
for (i, (id, userdata)) in users.into_iter().enumerate() {
|
||||
let user = db::User { id, userdata };
|
||||
builder.reborrow().set(i as u32, User::fill(&self.session, user));
|
||||
let cap: user_capnp::user::Client = capnp_rpc::new_client(User::fill(self.session.clone(), user));
|
||||
builder.reborrow().set(i as u32, cap.into_client_hook());
|
||||
}
|
||||
|
||||
tracing::trace!("method return");
|
||||
@ -72,20 +74,20 @@ impl users::Server for Users {
|
||||
if self.session.users.get_user(username).is_none() {
|
||||
let user = db::User::new_with_plain_pw(username, password);
|
||||
self.session.users.put_user(username, &user);
|
||||
builder.set_user(capnp_rpc::new_client(User::fill(&self.session, user)));
|
||||
builder.set_user(capnp_rpc::new_client(User::fill(self.session.clone(), user)));
|
||||
} else {
|
||||
let mut builder = builder.init_error();
|
||||
builder.set_exists();
|
||||
builder.set_exists(());
|
||||
tracing::warn!("Failed to add user: Username taken");
|
||||
}
|
||||
} else {
|
||||
if username.is_empty() {
|
||||
let mut builder = builder.init_error();
|
||||
builder.set_username_invalid();
|
||||
builder.set_username_invalid(());
|
||||
tracing::warn!("Failed to add user: Username empty");
|
||||
} else if password.is_empty() {
|
||||
let mut builder = builder.init_error();
|
||||
builder.set_password_invalid();
|
||||
builder.set_password_invalid(());
|
||||
tracing::warn!("Failed to add user: Password empty");
|
||||
}
|
||||
}
|
||||
@ -94,25 +96,4 @@ impl users::Server for Users {
|
||||
Promise::ok(())
|
||||
}
|
||||
|
||||
fn remove_user(
|
||||
&mut self,
|
||||
params: users::RemoveUserParams,
|
||||
_: users::RemoveUserResults,
|
||||
) -> Promise<(), ::capnp::Error> {
|
||||
let _guard = self.span.enter();
|
||||
let _span = tracing::trace_span!(target: TARGET, "removeUser",).entered();
|
||||
|
||||
let who: &str = pry!(pry!(pry!(params.get()).get_user()).get_username());
|
||||
|
||||
tracing::trace!(params.user = who, "method call");
|
||||
|
||||
if let Err(e) = self.session.users.del_user(who) {
|
||||
tracing::warn!("Failed to delete user: {:?}", e);
|
||||
} else {
|
||||
tracing::info!("Deleted user {}", who);
|
||||
}
|
||||
|
||||
tracing::trace!("method return");
|
||||
Promise::ok(())
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user