vmario/fabaccess-bffh
1
0
Fork 0
mirror of https://gitlab.com/fabinfra/fabaccess/bffh.git synced 2024-11-23 15:17:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make compile by deleting functionality that doesn't

Browse Source
This commit is contained in:
Nadja Reitzenstein 2022-11-07 11:58:38 +01:00
parent 06b8e19805
commit e2b9d2a306
9 changed files with 441 additions and 363 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

649
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

4
Cargo.toml
View File

@ -80,8 +80,8 @@ tracing-futures = { version = "0.2", features = ["futures-03"] }
# API # API
api = { path = "api", features = ["generated"] } api = { path = "api", features = ["generated"] }
capnp = "0.14" capnp = "0.15.0"
capnp-rpc = "0.14.1" capnp-rpc = "0.15.0"
# API Authentication # API Authentication
desfire = "0.2.0-alpha3" desfire = "0.2.0-alpha3"

6
api/Cargo.toml
View File

@ -10,10 +10,10 @@ generated = []
gen_static = [] gen_static = []
[dependencies] [dependencies]
capnp = "0.14.3" capnp = "0.15.0"
capnpc = "0.14.4" capnpc = "0.15.0"
[build-dependencies] [build-dependencies]
capnpc = "0.14.4" capnpc = "0.15.0"
# Used in build.rs to iterate over all files in schema/ # Used in build.rs to iterate over all files in schema/
walkdir = "2.3.2" walkdir = "2.3.2"

3
bffhd/capnp/authenticationsystem.rs
View File

@ -98,7 +98,8 @@ enum State {
} }
impl AuthenticationSystem for Authentication { impl AuthenticationSystem for Authentication {
fn step(&mut self, params: StepParams, mut results: StepResults) -> Promise<(), Error> { fn step(&mut self, params: StepParams, mut results: StepResults) -> Promise<(),
Error> {
let _guard = self.span.enter(); let _guard = self.span.enter();
let _span = tracing::trace_span!(target: TARGET, "step",).entered(); let _span = tracing::trace_span!(target: TARGET, "step",).entered();

1
bffhd/capnp/mod.rs
View File

@ -28,6 +28,7 @@ mod permissionsystem;
mod session; mod session;
mod user; mod user;
mod user_system; mod user_system;
mod role;
pub struct APIServer { pub struct APIServer {
executor: Executor<'static>, executor: Executor<'static>,

16
bffhd/capnp/role.rs Normal file
View File

@ -0,0 +1,16 @@
use api::role_capnp::role;
use crate::session::SessionHandle;
pub struct Role {
session: SessionHandle,
id: String,
}
impl Role {
pub fn new(session: SessionHandle, id: String) -> Self {
Self { session, id }
}
}
impl role::Server for Role {
}

4
bffhd/capnp/session.rs
View File

@ -1,12 +1,14 @@
use capnp_rpc::CapabilityServerSet;
use crate::authorization::permissions::Permission; use crate::authorization::permissions::Permission;
use api::auth_capnp::response::successful::Builder; use api::auth_capnp::response::successful::Builder;
use api::role_capnp;
use crate::capnp::machinesystem::Machines; use crate::capnp::machinesystem::Machines;
use crate::capnp::permissionsystem::Permissions; use crate::capnp::permissionsystem::Permissions;
use crate::capnp::role::Role;
use crate::capnp::user_system::Users; use crate::capnp::user_system::Users;
use crate::session::SessionHandle; use crate::session::SessionHandle;
#[derive(Debug, Clone)]
pub struct APISession; pub struct APISession;
impl APISession { impl APISession {

86
bffhd/capnp/user.rs
View File

@ -2,8 +2,10 @@ use crate::authorization::permissions::Permission;
use crate::session::SessionHandle; use crate::session::SessionHandle;
use crate::users::{db, UserRef}; use crate::users::{db, UserRef};
use api::user_capnp::user::{self, self_service, manage, admin}; use api::user_capnp::user::{self, self_service, manage, admin};
use capnp::capability::Promise; use capnp::capability::{Promise, FromClientHook};
use capnp_rpc::pry; use capnp_rpc::pry;
use api::role_capnp;
use crate::capnp::role::Role;
#[derive(Clone)] #[derive(Clone)]
pub struct User { pub struct User {
@ -21,28 +23,10 @@ impl User {
Self::new(session, user) Self::new(session, user)
} }
pub fn build(session: SessionHandle, builder: user::Builder) { pub fn fill(session: SessionHandle, user: db::User) -> Self {
let this = Self::new_self(session); Self {
let user = this.session.get_user(); user: UserRef::new(user.id),
Self::fill(&this.session, user, builder); session,
}
pub fn fill(session: &SessionHandle, user: db::User) -> Self {
builder.set_username(user.id.as_str());
// We have permissions on ourself
let is_me = &session.get_user_ref().id == &user.id;
let client = Self::new(session.clone(), UserRef::new(user.id));
if is_me || session.has_perm(Permission::new("bffh.users.info")) {
builder.set_info(capnp_rpc::new_client(client.clone()));
}
if is_me {
builder.set_manage(capnp_rpc::new_client(client.clone()));
}
if session.has_perm(Permission::new("bffh.users.admin")) {
builder.set_admin(capnp_rpc::new_client(client.clone()));
} }
} }
} }
@ -56,8 +40,9 @@ impl user::Server for User {
if let Some(user) = self.session.users.get_user(self.user.get_username()) { if let Some(user) = self.session.users.get_user(self.user.get_username()) {
let mut builder = result.get().init_roles(user.userdata.roles.len() as u32); let mut builder = result.get().init_roles(user.userdata.roles.len() as u32);
for (i, role) in user.userdata.roles.into_iter().enumerate() { for (i, role) in user.userdata.roles.into_iter().enumerate() {
let mut b = builder.reborrow().get(i as u32); let role = Role::new(self.session.clone(), role);
b.set_name(role.as_str()); let cap: role_capnp::role::Client = capnp_rpc::new_client(role);
builder.reborrow().set(i as u32, cap.into_client_hook());
} }
} }
Promise::ok(()) Promise::ok(())
@ -65,56 +50,7 @@ impl user::Server for User {
} }
impl manage::Server for User { impl manage::Server for User {
fn add_role(
&mut self,
param: manage::AddRoleParams,
_: manage::AddRoleResults,
) -> Promise<(), ::capnp::Error> {
let rolename = pry!(pry!(pry!(param.get()).get_role()).get_name());
if let Some(_role) = self.session.roles.get(rolename) {
let mut target = self
.session
.users
.get_user(self.user.get_username())
.unwrap();
// Only update if needed
if !target.userdata.roles.iter().any(|r| r.as_str() == rolename) {
target.userdata.roles.push(rolename.to_string());
self.session
.users
.put_user(self.user.get_username(), &target);
}
}
Promise::ok(())
}
fn remove_role(
&mut self,
param: manage::RemoveRoleParams,
_: manage::RemoveRoleResults,
) -> Promise<(), ::capnp::Error> {
let rolename = pry!(pry!(pry!(param.get()).get_role()).get_name());
if let Some(_role) = self.session.roles.get(rolename) {
let mut target = self
.session
.users
.get_user(self.user.get_username())
.unwrap();
// Only update if needed
if target.userdata.roles.iter().any(|r| r.as_str() == rolename) {
target.userdata.roles.retain(|r| r.as_str() != rolename);
self.session
.users
.put_user(self.user.get_username(), &target);
}
}
Promise::ok(())
}
} }
impl admin::Server for User { impl admin::Server for User {
@ -123,7 +59,7 @@ impl admin::Server for User {
param: admin::SetpwParams, param: admin::SetpwParams,
_: admin::SetpwResults, _: admin::SetpwResults,
) -> Promise<(), ::capnp::Error> { ) -> Promise<(), ::capnp::Error> {
let new_pw = pry!(pry!(param.get()).get_new_pwd()); let new_pw = pry!(pry!(param.get()).get_new());
let uid = self.user.get_username(); let uid = self.user.get_username();
if let Some(mut user) = self.session.users.get_user(uid) { if let Some(mut user) = self.session.users.get_user(uid) {
user.set_pw(new_pw.as_bytes()); user.set_pw(new_pw.as_bytes());

35
bffhd/capnp/user_system.rs
View File

@ -1,7 +1,8 @@
use api::users_capnp::users; use api::users_capnp::users;
use capnp::capability::Promise; use capnp::capability::{Promise, FromClientHook};
use capnp_rpc::pry; use capnp_rpc::pry;
use tracing::Span; use tracing::Span;
use api::user_capnp;
use crate::capnp::user::User; use crate::capnp::user::User;
@ -40,7 +41,8 @@ impl users::Server for Users {
let mut builder = result.get().init_users(users.len() as u32); let mut builder = result.get().init_users(users.len() as u32);
for (i, (id, userdata)) in users.into_iter().enumerate() { for (i, (id, userdata)) in users.into_iter().enumerate() {
let user = db::User { id, userdata }; let user = db::User { id, userdata };
builder.reborrow().set(i as u32, User::fill(&self.session, user)); let cap: user_capnp::user::Client = capnp_rpc::new_client(User::fill(self.session.clone(), user));
builder.reborrow().set(i as u32, cap.into_client_hook());
} }
tracing::trace!("method return"); tracing::trace!("method return");
@ -72,20 +74,20 @@ impl users::Server for Users {
if self.session.users.get_user(username).is_none() { if self.session.users.get_user(username).is_none() {
let user = db::User::new_with_plain_pw(username, password); let user = db::User::new_with_plain_pw(username, password);
self.session.users.put_user(username, &user); self.session.users.put_user(username, &user);
builder.set_user(capnp_rpc::new_client(User::fill(&self.session, user))); builder.set_user(capnp_rpc::new_client(User::fill(self.session.clone(), user)));
} else { } else {
let mut builder = builder.init_error(); let mut builder = builder.init_error();
builder.set_exists(); builder.set_exists(());
tracing::warn!("Failed to add user: Username taken"); tracing::warn!("Failed to add user: Username taken");
} }
} else { } else {
if username.is_empty() { if username.is_empty() {
let mut builder = builder.init_error(); let mut builder = builder.init_error();
builder.set_username_invalid(); builder.set_username_invalid(());
tracing::warn!("Failed to add user: Username empty"); tracing::warn!("Failed to add user: Username empty");
} else if password.is_empty() { } else if password.is_empty() {
let mut builder = builder.init_error(); let mut builder = builder.init_error();
builder.set_password_invalid(); builder.set_password_invalid(());
tracing::warn!("Failed to add user: Password empty"); tracing::warn!("Failed to add user: Password empty");
} }
} }
@ -94,25 +96,4 @@ impl users::Server for Users {
Promise::ok(()) Promise::ok(())
} }
fn remove_user(
&mut self,
params: users::RemoveUserParams,
_: users::RemoveUserResults,
) -> Promise<(), ::capnp::Error> {
let _guard = self.span.enter();
let _span = tracing::trace_span!(target: TARGET, "removeUser",).entered();
let who: &str = pry!(pry!(pry!(params.get()).get_user()).get_username());
tracing::trace!(params.user = who, "method call");
if let Err(e) = self.session.users.del_user(who) {
tracing::warn!("Failed to delete user: {:?}", e);
} else {
tracing::info!("Deleted user {}", who);
}
tracing::trace!("method return");
Promise::ok(())
}
} }