diff --git a/bffhd/capnp/mod.rs b/bffhd/capnp/mod.rs index 4841f7d..1335c26 100644 --- a/bffhd/capnp/mod.rs +++ b/bffhd/capnp/mod.rs @@ -25,12 +25,11 @@ pub use config::{Listen, TlsListen}; mod connection; mod authenticationsystem; mod session; -/* -mod machine; -mod machinesystem; -mod permissionsystem; +//mod machine; +//mod machinesystem; +//mod permissionsystem; mod user; -mod user_system;*/ +mod user_system; pub struct APIServer { executor: Executor<'static>, diff --git a/bffhd/capnp/user.rs b/bffhd/capnp/user.rs index 9990b75..7337d84 100644 --- a/bffhd/capnp/user.rs +++ b/bffhd/capnp/user.rs @@ -2,13 +2,12 @@ use crate::authorization::permissions::Permission; use crate::session::SessionHandle; use crate::users::{db, UserRef}; use crate::CONFIG; -use api::general_capnp::optional; use api::user_capnp::user::card_d_e_s_fire_e_v2::{ BindParams, BindResults, GenCardTokenParams, GenCardTokenResults, GetMetaInfoParams, GetMetaInfoResults, GetSpaceInfoParams, GetSpaceInfoResults, GetTokenListParams, GetTokenListResults, UnbindParams, UnbindResults, }; -use api::user_capnp::user::{self, admin, card_d_e_s_fire_e_v2, info, manage}; +use api::user_capnp::user::{self, admin, card_d_e_s_fire_e_v2, manage}; use capnp::capability::Promise; use capnp::Error; use capnp_rpc::pry; @@ -25,6 +24,10 @@ pub struct User { user: UserRef, } +impl user::Server for User { + +} + impl User { pub fn new(session: SessionHandle, user: UserRef) -> Self { let span = tracing::info_span!(target: TARGET, "User"); @@ -40,6 +43,7 @@ impl User { Self::new(session, user) } + /* pub fn build_optional( session: &SessionHandle, user: Option, @@ -57,25 +61,6 @@ impl User { Self::fill(&this.session, user, builder); } - pub fn fill(session: &SessionHandle, user: db::User, mut builder: user::Builder) { - builder.set_username(user.id.as_str()); - - // We have permissions on ourself - let is_me = &session.get_user_ref().id == &user.id; - - let client = Self::new(session.clone(), UserRef::new(user.id)); - - if is_me || session.has_perm(Permission::new("bffh.users.info")) { - builder.set_info(capnp_rpc::new_client(client.clone())); - } - if is_me { - builder.set_manage(capnp_rpc::new_client(client.clone())); - } - if session.has_perm(Permission::new("bffh.users.admin")) { - builder.set_admin(capnp_rpc::new_client(client.clone())); - builder.set_card_d_e_s_fire_e_v2(capnp_rpc::new_client(client)); - } - } } impl info::Server for User { @@ -398,4 +383,5 @@ impl card_d_e_s_fire_e_v2::Server for User { Promise::ok(()) } + */ } diff --git a/bffhd/capnp/user_system.rs b/bffhd/capnp/user_system.rs index 2d40a44..6626fed 100644 --- a/bffhd/capnp/user_system.rs +++ b/bffhd/capnp/user_system.rs @@ -1,4 +1,5 @@ -use api::usersystem_capnp::user_system::{info, manage, search}; +use api::user_capnp::user; +use api::users_capnp::users; use capnp::capability::Promise; use capnp_rpc::pry; use tracing::Span; @@ -23,136 +24,25 @@ impl Users { } } -impl info::Server for Users { - fn get_user_self( - &mut self, - _: info::GetUserSelfParams, - mut result: info::GetUserSelfResults, - ) -> Promise<(), ::capnp::Error> { +impl users::Server for Users { + fn list(&mut self, _: users::ListParams<>, mut result: users::ListResults<>) -> Promise<(), capnp::Error> { let _guard = self.span.enter(); - let _span = tracing::trace_span!(target: TARGET, "getUserSelf").entered(); - tracing::trace!("method call"); - - let builder = result.get(); - User::build(self.session.clone(), builder); - - tracing::trace!("method return"); - Promise::ok(()) - } -} - -impl manage::Server for Users { - fn get_user_list( - &mut self, - _: manage::GetUserListParams, - mut result: manage::GetUserListResults, - ) -> Promise<(), ::capnp::Error> { - let _guard = self.span.enter(); - let _span = tracing::trace_span!(target: TARGET, "getUserList",).entered(); + let _span = tracing::trace_span!(target: TARGET, "list",).entered(); tracing::trace!("method call"); let userdb = self.session.users.into_inner(); let users = pry!(userdb .get_all() .map_err(|e| capnp::Error::failed(format!("UserDB error: {:?}", e)))); - let mut builder = result.get().init_user_list(users.len() as u32); + let mut builder = result.get().init_users(users.len() as u32); for (i, (id, userdata)) in users.into_iter().enumerate() { - let user = db::User { id, userdata }; - User::fill(&self.session, user, builder.reborrow().get(i as u32)); - } - - tracing::trace!("method return"); - Promise::ok(()) - } - - fn add_user_fallible( - &mut self, - params: manage::AddUserFallibleParams, - mut result: manage::AddUserFallibleResults, - ) -> Promise<(), ::capnp::Error> { - let _guard = self.span.enter(); - let _span = tracing::trace_span!(target: TARGET, "addUserFallible").entered(); - - let params = pry!(params.get()); - let username = pry!(params.get_username()); - let password = pry!(params.get_password()); - // FIXME: saslprep passwords & usernames before storing them - - tracing::trace!( - params.username = username, - params.password = "", - "method call" - ); - - let mut builder = result.get(); - - if !username.is_empty() && !password.is_empty() { - if self.session.users.get_user(username).is_none() { - let user = db::User::new_with_plain_pw(username, password); - self.session.users.put_user(username, &user); - let mut builder = builder.init_successful(); - User::fill(&self.session, user, builder); - } else { - let mut builder = builder.init_failed(); - builder.set_error(manage::add_user_error::AddUserError::AlreadyExists); - tracing::warn!("Failed to add user: Username taken"); - } - } else { - if username.is_empty() { - let mut builder = builder.init_failed(); - builder.set_error(manage::add_user_error::AddUserError::UsernameInvalid); - tracing::warn!("Failed to add user: Username empty"); - } else if password.is_empty() { - let mut builder = builder.init_failed(); - builder.set_error(manage::add_user_error::AddUserError::PasswordInvalid); - tracing::warn!("Failed to add user: Password empty"); - } - } - - tracing::trace!("method return"); - Promise::ok(()) - } - - fn remove_user( - &mut self, - params: manage::RemoveUserParams, - _: manage::RemoveUserResults, - ) -> Promise<(), ::capnp::Error> { - let _guard = self.span.enter(); - let _span = tracing::trace_span!(target: TARGET, "removeUser",).entered(); - - let who: &str = pry!(pry!(pry!(params.get()).get_user()).get_username()); - - tracing::trace!(params.user = who, "method call"); - - if let Err(e) = self.session.users.del_user(who) { - tracing::warn!("Failed to delete user: {:?}", e); - } else { - tracing::info!("Deleted user {}", who); + let user = User::new(self.session.clone(), UserRef::new(id)); + let client: user::Client = capnp_rpc::new_client(user); + builder.reborrow().set(i as u32, client.client.hook); } tracing::trace!("method return"); Promise::ok(()) - } -} - -impl search::Server for Users { - fn get_user_by_name( - &mut self, - params: search::GetUserByNameParams, - mut result: search::GetUserByNameResults, - ) -> Promise<(), ::capnp::Error> { - let _guard = self.span.enter(); - let _span = tracing::trace_span!(target: TARGET, "getUserByName",).entered(); - - let username: &str = pry!(pry!(params.get()).get_username()); - - tracing::trace!(params.username = username, "method call"); - - let userref = UserRef::new(username.to_string()); - User::build_optional(&self.session, Some(userref), result.get()); - - tracing::trace!("method return"); - Promise::ok(()) + } }