2022-11-04 01:07:22 +01:00
<!DOCTYPE html> < html lang = "en" > < head > < meta charset = "utf-8" > < meta name = "viewport" content = "width=device-width, initial-scale=1.0" > < meta name = "generator" content = "rustdoc" > < meta name = "description" content = "Source of the Rust file `orca/src/kani.rs`." > < meta name = "keywords" content = "rust, rustlang, rust-lang" > < title > kani.rs - source< / title > < link rel = "preload" as = "font" type = "font/woff2" crossorigin href = "../../SourceSerif4-Regular.ttf.woff2" > < link rel = "preload" as = "font" type = "font/woff2" crossorigin href = "../../FiraSans-Regular.woff2" > < link rel = "preload" as = "font" type = "font/woff2" crossorigin href = "../../FiraSans-Medium.woff2" > < link rel = "preload" as = "font" type = "font/woff2" crossorigin href = "../../SourceCodePro-Regular.ttf.woff2" > < link rel = "preload" as = "font" type = "font/woff2" crossorigin href = "../../SourceSerif4-Bold.ttf.woff2" > < link rel = "preload" as = "font" type = "font/woff2" crossorigin href = "../../SourceCodePro-Semibold.ttf.woff2" > < link rel = "stylesheet" href = "../../normalize.css" > < link rel = "stylesheet" href = "../../rustdoc.css" id = "mainThemeStyle" > < link rel = "stylesheet" href = "../../ayu.css" disabled > < link rel = "stylesheet" href = "../../dark.css" disabled > < link rel = "stylesheet" href = "../../light.css" id = "themeStyle" > < script id = "default-settings" > < / script > < script src = "../../storage.js" > < / script > < script defer src = "../../source-script.js" > < / script > < script defer src = "../../source-files.js" > < / script > < script defer src = "../../main.js" > < / script > < noscript > < link rel = "stylesheet" href = "../../noscript.css" > < / noscript > < link rel = "alternate icon" type = "image/png" href = "../../favicon-16x16.png" > < link rel = "alternate icon" type = "image/png" href = "../../favicon-32x32.png" > < link rel = "icon" type = "image/svg+xml" href = "../../favicon.svg" > < / head > < body class = "rustdoc source" > <!-- [if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif] --> < nav class = "mobile-topbar" > < button class = "sidebar-menu-toggle" > ☰ < / button > < a class = "sidebar-logo" href = "../../orca/index.html" > < div class = "logo-container" > < img class = "rust-logo" src = "../../rust-logo.svg" alt = "logo" > < / div > < / a > < h2 class = "location" > < / h2 > < / nav > < nav class = "sidebar" > < a class = "sidebar-logo" href = "../../orca/index.html" > < div class = "logo-container" > < img class = "rust-logo" src = "../../rust-logo.svg" alt = "logo" > < / div > < / a > < / nav > < main > < div class = "width-limiter" > < div class = "sub-container" > < a class = "sub-logo-container" href = "../../orca/index.html" > < img class = "rust-logo" src = "../../rust-logo.svg" alt = "logo" > < / a > < nav class = "sub" > < form class = "search-form" > < div class = "search-container" > < span > < / span > < input class = "search-input" name = "search" autocomplete = "off" spellcheck = "false" placeholder = "Click or press ‘ ’ ‘ ’ type = "search" > < div id = "help-button" title = "help" tabindex = "-1" > < button type = "button" > ?< / button > < / div > < div id = "settings-menu" tabindex = "-1" > < a href = "../../settings.html" title = "settings" > < img width = "22" height = "22" alt = "Change settings" src = "../../wheel.svg" > < / a > < / div > < / div > < / form > < / nav > < / div > < section id = "main-content" class = "content" > < div class = "example-wrap" > < pre class = "line-numbers" > < span id = "1" > 1< / span >
2022-10-07 11:23:12 +02:00
< span id = "2" > 2< / span >
< span id = "3" > 3< / span >
< span id = "4" > 4< / span >
< span id = "5" > 5< / span >
< span id = "6" > 6< / span >
< span id = "7" > 7< / span >
< span id = "8" > 8< / span >
< span id = "9" > 9< / span >
< span id = "10" > 10< / span >
< span id = "11" > 11< / span >
< span id = "12" > 12< / span >
< span id = "13" > 13< / span >
< span id = "14" > 14< / span >
< span id = "15" > 15< / span >
< span id = "16" > 16< / span >
< span id = "17" > 17< / span >
< span id = "18" > 18< / span >
< span id = "19" > 19< / span >
< span id = "20" > 20< / span >
< span id = "21" > 21< / span >
< span id = "22" > 22< / span >
< span id = "23" > 23< / span >
< span id = "24" > 24< / span >
< span id = "25" > 25< / span >
< span id = "26" > 26< / span >
< span id = "27" > 27< / span >
< span id = "28" > 28< / span >
< span id = "29" > 29< / span >
< span id = "30" > 30< / span >
< span id = "31" > 31< / span >
< span id = "32" > 32< / span >
< span id = "33" > 33< / span >
< span id = "34" > 34< / span >
< span id = "35" > 35< / span >
< span id = "36" > 36< / span >
< span id = "37" > 37< / span >
< span id = "38" > 38< / span >
< span id = "39" > 39< / span >
< span id = "40" > 40< / span >
< span id = "41" > 41< / span >
< span id = "42" > 42< / span >
< span id = "43" > 43< / span >
< span id = "44" > 44< / span >
< span id = "45" > 45< / span >
< span id = "46" > 46< / span >
< span id = "47" > 47< / span >
< span id = "48" > 48< / span >
< span id = "49" > 49< / span >
< span id = "50" > 50< / span >
< span id = "51" > 51< / span >
< span id = "52" > 52< / span >
< span id = "53" > 53< / span >
< span id = "54" > 54< / span >
< span id = "55" > 55< / span >
< span id = "56" > 56< / span >
< span id = "57" > 57< / span >
< span id = "58" > 58< / span >
< span id = "59" > 59< / span >
< span id = "60" > 60< / span >
< span id = "61" > 61< / span >
< span id = "62" > 62< / span >
< span id = "63" > 63< / span >
< span id = "64" > 64< / span >
< span id = "65" > 65< / span >
< span id = "66" > 66< / span >
< span id = "67" > 67< / span >
< span id = "68" > 68< / span >
< span id = "69" > 69< / span >
< span id = "70" > 70< / span >
< span id = "71" > 71< / span >
< span id = "72" > 72< / span >
< span id = "73" > 73< / span >
< span id = "74" > 74< / span >
< span id = "75" > 75< / span >
< span id = "76" > 76< / span >
< span id = "77" > 77< / span >
< span id = "78" > 78< / span >
< span id = "79" > 79< / span >
< span id = "80" > 80< / span >
< span id = "81" > 81< / span >
< span id = "82" > 82< / span >
< span id = "83" > 83< / span >
< span id = "84" > 84< / span >
< span id = "85" > 85< / span >
< span id = "86" > 86< / span >
< span id = "87" > 87< / span >
< span id = "88" > 88< / span >
< span id = "89" > 89< / span >
< span id = "90" > 90< / span >
< span id = "91" > 91< / span >
< span id = "92" > 92< / span >
< span id = "93" > 93< / span >
< span id = "94" > 94< / span >
< span id = "95" > 95< / span >
< span id = "96" > 96< / span >
< span id = "97" > 97< / span >
< span id = "98" > 98< / span >
< span id = "99" > 99< / span >
< span id = "100" > 100< / span >
< span id = "101" > 101< / span >
< span id = "102" > 102< / span >
< span id = "103" > 103< / span >
< span id = "104" > 104< / span >
< span id = "105" > 105< / span >
< span id = "106" > 106< / span >
< span id = "107" > 107< / span >
< span id = "108" > 108< / span >
< span id = "109" > 109< / span >
< span id = "110" > 110< / span >
< span id = "111" > 111< / span >
< span id = "112" > 112< / span >
< span id = "113" > 113< / span >
< span id = "114" > 114< / span >
< span id = "115" > 115< / span >
< span id = "116" > 116< / span >
< span id = "117" > 117< / span >
< span id = "118" > 118< / span >
< span id = "119" > 119< / span >
< span id = "120" > 120< / span >
< span id = "121" > 121< / span >
< span id = "122" > 122< / span >
< span id = "123" > 123< / span >
< span id = "124" > 124< / span >
< span id = "125" > 125< / span >
< span id = "126" > 126< / span >
< span id = "127" > 127< / span >
< span id = "128" > 128< / span >
< span id = "129" > 129< / span >
< span id = "130" > 130< / span >
< span id = "131" > 131< / span >
< span id = "132" > 132< / span >
< span id = "133" > 133< / span >
< span id = "134" > 134< / span >
< span id = "135" > 135< / span >
< span id = "136" > 136< / span >
< span id = "137" > 137< / span >
< span id = "138" > 138< / span >
< span id = "139" > 139< / span >
< span id = "140" > 140< / span >
< span id = "141" > 141< / span >
< span id = "142" > 142< / span >
< span id = "143" > 143< / span >
< span id = "144" > 144< / span >
< span id = "145" > 145< / span >
< span id = "146" > 146< / span >
< span id = "147" > 147< / span >
< span id = "148" > 148< / span >
< span id = "149" > 149< / span >
< span id = "150" > 150< / span >
< span id = "151" > 151< / span >
< span id = "152" > 152< / span >
< span id = "153" > 153< / span >
< span id = "154" > 154< / span >
< span id = "155" > 155< / span >
< span id = "156" > 156< / span >
< span id = "157" > 157< / span >
< span id = "158" > 158< / span >
< span id = "159" > 159< / span >
< span id = "160" > 160< / span >
< span id = "161" > 161< / span >
< span id = "162" > 162< / span >
< span id = "163" > 163< / span >
< span id = "164" > 164< / span >
< span id = "165" > 165< / span >
< span id = "166" > 166< / span >
< span id = "167" > 167< / span >
< span id = "168" > 168< / span >
< span id = "169" > 169< / span >
< span id = "170" > 170< / span >
< span id = "171" > 171< / span >
< span id = "172" > 172< / span >
< span id = "173" > 173< / span >
< span id = "174" > 174< / span >
< span id = "175" > 175< / span >
< span id = "176" > 176< / span >
< span id = "177" > 177< / span >
< span id = "178" > 178< / span >
< span id = "179" > 179< / span >
< span id = "180" > 180< / span >
< span id = "181" > 181< / span >
< span id = "182" > 182< / span >
< span id = "183" > 183< / span >
< span id = "184" > 184< / span >
< span id = "185" > 185< / span >
< span id = "186" > 186< / span >
< span id = "187" > 187< / span >
< span id = "188" > 188< / span >
< span id = "189" > 189< / span >
< span id = "190" > 190< / span >
< span id = "191" > 191< / span >
< span id = "192" > 192< / span >
< span id = "193" > 193< / span >
< span id = "194" > 194< / span >
< span id = "195" > 195< / span >
< span id = "196" > 196< / span >
< span id = "197" > 197< / span >
< span id = "198" > 198< / span >
< span id = "199" > 199< / span >
< span id = "200" > 200< / span >
< span id = "201" > 201< / span >
< span id = "202" > 202< / span >
< span id = "203" > 203< / span >
< span id = "204" > 204< / span >
< span id = "205" > 205< / span >
< span id = "206" > 206< / span >
< span id = "207" > 207< / span >
< span id = "208" > 208< / span >
< span id = "209" > 209< / span >
< span id = "210" > 210< / span >
< span id = "211" > 211< / span >
< span id = "212" > 212< / span >
< span id = "213" > 213< / span >
< span id = "214" > 214< / span >
< span id = "215" > 215< / span >
< span id = "216" > 216< / span >
< span id = "217" > 217< / span >
< span id = "218" > 218< / span >
< span id = "219" > 219< / span >
< span id = "220" > 220< / span >
< span id = "221" > 221< / span >
< span id = "222" > 222< / span >
< span id = "223" > 223< / span >
< span id = "224" > 224< / span >
< span id = "225" > 225< / span >
< span id = "226" > 226< / span >
< span id = "227" > 227< / span >
< span id = "228" > 228< / span >
< span id = "229" > 229< / span >
< span id = "230" > 230< / span >
< span id = "231" > 231< / span >
< span id = "232" > 232< / span >
< span id = "233" > 233< / span >
< span id = "234" > 234< / span >
< span id = "235" > 235< / span >
< span id = "236" > 236< / span >
< span id = "237" > 237< / span >
< span id = "238" > 238< / span >
< span id = "239" > 239< / span >
< span id = "240" > 240< / span >
< span id = "241" > 241< / span >
< span id = "242" > 242< / span >
< span id = "243" > 243< / span >
< span id = "244" > 244< / span >
< span id = "245" > 245< / span >
< span id = "246" > 246< / span >
< span id = "247" > 247< / span >
< span id = "248" > 248< / span >
< span id = "249" > 249< / span >
< span id = "250" > 250< / span >
< span id = "251" > 251< / span >
< span id = "252" > 252< / span >
< span id = "253" > 253< / span >
< span id = "254" > 254< / span >
< span id = "255" > 255< / span >
< span id = "256" > 256< / span >
< span id = "257" > 257< / span >
< span id = "258" > 258< / span >
< span id = "259" > 259< / span >
< span id = "260" > 260< / span >
< span id = "261" > 261< / span >
< span id = "262" > 262< / span >
< span id = "263" > 263< / span >
< span id = "264" > 264< / span >
< span id = "265" > 265< / span >
< span id = "266" > 266< / span >
< span id = "267" > 267< / span >
< span id = "268" > 268< / span >
< span id = "269" > 269< / span >
< span id = "270" > 270< / span >
< span id = "271" > 271< / span >
< span id = "272" > 272< / span >
< span id = "273" > 273< / span >
< span id = "274" > 274< / span >
< span id = "275" > 275< / span >
< span id = "276" > 276< / span >
< span id = "277" > 277< / span >
< span id = "278" > 278< / span >
< span id = "279" > 279< / span >
< span id = "280" > 280< / span >
< span id = "281" > 281< / span >
< span id = "282" > 282< / span >
< span id = "283" > 283< / span >
< span id = "284" > 284< / span >
< span id = "285" > 285< / span >
< span id = "286" > 286< / span >
< span id = "287" > 287< / span >
< span id = "288" > 288< / span >
< span id = "289" > 289< / span >
< span id = "290" > 290< / span >
< span id = "291" > 291< / span >
< span id = "292" > 292< / span >
< span id = "293" > 293< / span >
< span id = "294" > 294< / span >
< span id = "295" > 295< / span >
< span id = "296" > 296< / span >
< span id = "297" > 297< / span >
< span id = "298" > 298< / span >
< span id = "299" > 299< / span >
< span id = "300" > 300< / span >
< span id = "301" > 301< / span >
< span id = "302" > 302< / span >
< span id = "303" > 303< / span >
< span id = "304" > 304< / span >
< span id = "305" > 305< / span >
< span id = "306" > 306< / span >
< span id = "307" > 307< / span >
< span id = "308" > 308< / span >
< span id = "309" > 309< / span >
< span id = "310" > 310< / span >
< span id = "311" > 311< / span >
< span id = "312" > 312< / span >
< span id = "313" > 313< / span >
< span id = "314" > 314< / span >
< span id = "315" > 315< / span >
< span id = "316" > 316< / span >
< span id = "317" > 317< / span >
< span id = "318" > 318< / span >
< span id = "319" > 319< / span >
< span id = "320" > 320< / span >
< span id = "321" > 321< / span >
< span id = "322" > 322< / span >
< span id = "323" > 323< / span >
< span id = "324" > 324< / span >
< span id = "325" > 325< / span >
< span id = "326" > 326< / span >
< span id = "327" > 327< / span >
< span id = "328" > 328< / span >
< span id = "329" > 329< / span >
< span id = "330" > 330< / span >
< span id = "331" > 331< / span >
< span id = "332" > 332< / span >
< span id = "333" > 333< / span >
< span id = "334" > 334< / span >
< span id = "335" > 335< / span >
< span id = "336" > 336< / span >
< span id = "337" > 337< / span >
< span id = "338" > 338< / span >
< span id = "339" > 339< / span >
< span id = "340" > 340< / span >
< span id = "341" > 341< / span >
< span id = "342" > 342< / span >
< span id = "343" > 343< / span >
< span id = "344" > 344< / span >
< span id = "345" > 345< / span >
< span id = "346" > 346< / span >
< span id = "347" > 347< / span >
< span id = "348" > 348< / span >
< span id = "349" > 349< / span >
< span id = "350" > 350< / span >
< span id = "351" > 351< / span >
< span id = "352" > 352< / span >
< span id = "353" > 353< / span >
< span id = "354" > 354< / span >
< span id = "355" > 355< / span >
< span id = "356" > 356< / span >
< span id = "357" > 357< / span >
< span id = "358" > 358< / span >
< span id = "359" > 359< / span >
< span id = "360" > 360< / span >
< span id = "361" > 361< / span >
< span id = "362" > 362< / span >
< span id = "363" > 363< / span >
< span id = "364" > 364< / span >
< span id = "365" > 365< / span >
< span id = "366" > 366< / span >
< span id = "367" > 367< / span >
< span id = "368" > 368< / span >
< span id = "369" > 369< / span >
< span id = "370" > 370< / span >
< span id = "371" > 371< / span >
< span id = "372" > 372< / span >
< span id = "373" > 373< / span >
< span id = "374" > 374< / span >
< span id = "375" > 375< / span >
< span id = "376" > 376< / span >
< span id = "377" > 377< / span >
< span id = "378" > 378< / span >
< span id = "379" > 379< / span >
< span id = "380" > 380< / span >
< span id = "381" > 381< / span >
< span id = "382" > 382< / span >
< span id = "383" > 383< / span >
< span id = "384" > 384< / span >
< span id = "385" > 385< / span >
< span id = "386" > 386< / span >
< span id = "387" > 387< / span >
< span id = "388" > 388< / span >
< span id = "389" > 389< / span >
< span id = "390" > 390< / span >
< span id = "391" > 391< / span >
< span id = "392" > 392< / span >
< span id = "393" > 393< / span >
< span id = "394" > 394< / span >
< span id = "395" > 395< / span >
< span id = "396" > 396< / span >
< span id = "397" > 397< / span >
< span id = "398" > 398< / span >
< span id = "399" > 399< / span >
< span id = "400" > 400< / span >
< span id = "401" > 401< / span >
< span id = "402" > 402< / span >
< span id = "403" > 403< / span >
< span id = "404" > 404< / span >
< span id = "405" > 405< / span >
< span id = "406" > 406< / span >
< span id = "407" > 407< / span >
< span id = "408" > 408< / span >
< span id = "409" > 409< / span >
< span id = "410" > 410< / span >
< span id = "411" > 411< / span >
< span id = "412" > 412< / span >
< span id = "413" > 413< / span >
< span id = "414" > 414< / span >
< span id = "415" > 415< / span >
< span id = "416" > 416< / span >
< span id = "417" > 417< / span >
< span id = "418" > 418< / span >
< span id = "419" > 419< / span >
< span id = "420" > 420< / span >
< span id = "421" > 421< / span >
< span id = "422" > 422< / span >
2022-11-04 01:07:22 +01:00
< / pre > < pre class = "rust" > < code > < span class = "kw" > use < / span > std::collections::{HashMap, HashSet};
< span class = "kw" > use < / span > std::time::{Duration, Instant};
< span class = "kw" > use < / span > kanidm_client::{ClientError, KanidmClient, KanidmClientBuilder, StatusCode};
< span class = "kw" > use < / span > kanidm_proto::v1::< span class = "kw-2" > *< / span > ;
< span class = "kw" > use < / span > uuid::Uuid;
< span class = "kw" > use < / span > < span class = "kw" > crate< / span > ::data::< span class = "kw-2" > *< / span > ;
< span class = "kw" > use < / span > < span class = "kw" > crate< / span > ::ldap::{LdapClient, LdapSchema};
< span class = "kw" > use < / span > < span class = "kw" > crate< / span > ::profile::{KaniHttpConfig, KaniLdapConfig};
< span class = "kw" > use crate< / span > ::{TargetServer, TargetServerBuilder};
< span class = "attribute" > #[derive(Debug)]
< / span > < span class = "kw" > pub struct < / span > KaniHttpServer {
uri: String,
admin_pw: String,
client: KanidmClient,
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "attribute" > #[derive(Debug)]
< / span > < span class = "kw" > pub struct < / span > KaniLdapServer {
http: KaniHttpServer,
ldap: LdapClient,
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > impl < / span > KaniHttpServer {
< span class = "kw" > fn < / span > construct(uri: String, admin_pw: String) -> < span class = "prelude-ty" > Result< / span > < < span class = "self" > Self< / span > , ()> {
< span class = "kw" > let < / span > client = KanidmClientBuilder::new()
.address(uri.clone())
.danger_accept_invalid_hostnames(< span class = "bool-val" > true< / span > )
.danger_accept_invalid_certs(< span class = "bool-val" > true< / span > )
.build()
.map_err(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Unable to create kanidm client {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
})< span class = "question-mark" > ?< / span > ;
2022-11-04 01:07:22 +01:00
< span class = "prelude-val" > Ok< / span > (KaniHttpServer {
uri,
admin_pw,
client,
2022-10-07 11:23:12 +02:00
})
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub fn < / span > build(uri: String, admin_pw: String) -> < span class = "prelude-ty" > Result< / span > < TargetServer, ()> {
< span class = "self" > Self< / span > ::construct(uri, admin_pw).map(TargetServer::Kanidm)
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "attribute" > #[allow(clippy::new_ret_no_self)]
< / span > < span class = "kw" > pub fn < / span > new(khconfig: < span class = "kw-2" > & < / span > KaniHttpConfig) -> < span class = "prelude-ty" > Result< / span > < TargetServer, ()> {
< span class = "self" > Self< / span > ::construct(khconfig.uri.clone(), khconfig.admin_pw.clone()).map(TargetServer::Kanidm)
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub fn < / span > info(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ) -> String {
< span class = "macro" > format!< / span > (< span class = "string" > " Kanidm HTTP Connection: {}" < / span > , < span class = "self" > self< / span > .uri)
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub fn < / span > builder(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ) -> TargetServerBuilder {
TargetServerBuilder::Kanidm(< span class = "self" > self< / span > .uri.clone(), < span class = "self" > self< / span > .admin_pw.clone())
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "comment" > // open the admin internal connection
< / span > < span class = "kw" > pub async fn < / span > open_admin_connection(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ) -> < span class = "prelude-ty" > Result< / span > < (), ()> {
< span class = "self" > self< / span > .client
.auth_simple_password(< span class = "string" > " admin" < / span > , < span class = "kw-2" > & < / span > < span class = "self" > self< / span > .admin_pw)
.< span class = "kw" > await
< / span > .map_err(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Unable to authenticate -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
})< span class = "question-mark" > ?< / span > ;
2022-11-04 01:07:22 +01:00
< span class = "comment" > // For admin to work, we need idm permissions.
// NOT RECOMMENDED IN PRODUCTION.
< / span > < span class = "self" > self< / span > .client
.idm_group_add_members(< span class = "string" > " idm_admins" < / span > , < span class = "kw-2" > & < / span > [< span class = "string" > " admin" < / span > ])
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.map_err(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Unable to extend admin permissions (idm) -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
})
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > setup_admin_delete_uuids(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > , targets: < span class = "kw-2" > & < / span > [Uuid]) -> < span class = "prelude-ty" > Result< / span > < (), ()> {
< span class = "comment" > // Build the filter.
< / span > < span class = "kw" > let < / span > inner: Vec< Filter> = targets
.iter()
.map(|u| Filter::Eq(< span class = "string" > " name" < / span > .to_string(), < span class = "macro" > format!< / span > (< span class = "string" > " {}" < / span > , u)))
.collect();
2022-10-07 11:23:12 +02:00
2022-11-04 01:07:22 +01:00
< span class = "kw" > let < / span > filter = Filter::Or(inner);
2022-10-07 11:23:12 +02:00
2022-11-04 01:07:22 +01:00
< span class = "comment" > // Submit it.
< / span > < span class = "self" > self< / span > .client.delete(filter).< span class = "kw" > await< / span > .map(|< span class = "kw" > _< / span > | ()).or_else(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Error during delete -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Ok< / span > (())
})
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > setup_admin_precreate_entities(
2022-10-07 11:23:12 +02:00
< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ,
2022-11-04 01:07:22 +01:00
targets: < span class = "kw-2" > & < / span > HashSet< Uuid> ,
all_entities: < span class = "kw-2" > & < / span > HashMap< Uuid, Entity> ,
) -> < span class = "prelude-ty" > Result< / span > < (), ()> {
< span class = "comment" > // Create all the accounts and groups
< / span > < span class = "kw" > for < / span > u < span class = "kw" > in < / span > targets {
< span class = "kw" > let < / span > e = all_entities.get(u).unwrap();
< span class = "kw" > match < / span > e {
Entity::Account(a) => {
< span class = "self" > self< / span > .client
.idm_person_account_create(< span class = "kw-2" > & < / span > a.name, < span class = "kw-2" > & < / span > a.display_name)
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.or_else(|e| {
< span class = "kw" > match < / span > e {
ClientError::Http(
StatusCode::INTERNAL_SERVER_ERROR,
< span class = "prelude-val" > Some< / span > (OperationError::Plugin(PluginError::AttrUnique(< span class = "kw" > _< / span > ))),
2022-10-07 11:23:12 +02:00
< span class = "kw" > _< / span > ,
) => {
2022-11-04 01:07:22 +01:00
< span class = "comment" > // Ignore.
< / span > < span class = "macro" > debug!< / span > (< span class = "string" > " Account already exists ..." < / span > );
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Ok< / span > (())
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > _ < / span > => {
< span class = "macro" > error!< / span > (< span class = "string" > " Error creating account -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Err< / span > (())
}
}
})< span class = "question-mark" > ?< / span > ;
2022-11-04 01:07:22 +01:00
< span class = "comment" > // Now set the account password
< / span > < span class = "self" > self< / span > .client
.idm_person_account_primary_credential_set_password(< span class = "kw-2" > & < / span > a.name, < span class = "kw-2" > & < / span > a.password)
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.map_err(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Unable to set password for {}: {:?}" < / span > , a.name, e);
2022-10-07 11:23:12 +02:00
})< span class = "question-mark" > ?< / span > ;
2022-11-04 01:07:22 +01:00
< span class = "comment" > // For ldap tests, we need to make these posix accounts.
< / span > < span class = "self" > self< / span > .client
.idm_person_account_unix_extend(< span class = "kw-2" > & < / span > a.name, < span class = "prelude-val" > None< / span > , < span class = "prelude-val" > None< / span > )
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.map_err(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Unable to set unix attributes for {}: {:?}" < / span > , a.name, e);
2022-10-07 11:23:12 +02:00
})< span class = "question-mark" > ?< / span > ;
2022-11-04 01:07:22 +01:00
< span class = "self" > self< / span > .client
.idm_person_account_unix_cred_put(< span class = "kw-2" > & < / span > a.name, < span class = "kw-2" > & < / span > a.password)
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.map_err(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Unable to set unix password for {}: {:?}" < / span > , a.name, e);
2022-10-07 11:23:12 +02:00
})< span class = "question-mark" > ?< / span > ;
}
2022-11-04 01:07:22 +01:00
Entity::Group(g) => {
< span class = "self" > self< / span > .client
.idm_group_create(< span class = "kw-2" > & < / span > g.name)
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.or_else(|e| {
< span class = "kw" > match < / span > e {
ClientError::Http(
StatusCode::INTERNAL_SERVER_ERROR,
< span class = "prelude-val" > Some< / span > (OperationError::Plugin(PluginError::AttrUnique(< span class = "kw" > _< / span > ))),
2022-10-07 11:23:12 +02:00
< span class = "kw" > _< / span > ,
) => {
2022-11-04 01:07:22 +01:00
< span class = "comment" > // Ignore.
< / span > < span class = "macro" > debug!< / span > (< span class = "string" > " Group already exists ..." < / span > );
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Ok< / span > (())
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > _ < / span > => {
< span class = "macro" > error!< / span > (< span class = "string" > " Error creating group -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Err< / span > (())
}
}
})< span class = "question-mark" > ?< / span > ;
}
}
}
2022-11-04 01:07:22 +01:00
< span class = "comment" > // Then add the members to the groups.
< / span > < span class = "kw" > for < / span > g < span class = "kw" > in < / span > targets.iter().filter_map(|u| {
< span class = "kw" > let < / span > e = all_entities.get(u).unwrap();
< span class = "kw" > match < / span > e {
Entity::Group(g) => < span class = "prelude-val" > Some< / span > (g),
< span class = "kw" > _ < / span > => < span class = "prelude-val" > None< / span > ,
2022-10-07 11:23:12 +02:00
}
}) {
2022-11-04 01:07:22 +01:00
< span class = "kw" > let < / span > m: Vec< < span class = "kw" > _< / span > > = g
.members
.iter()
.map(|id| all_entities.get(id).unwrap().get_name())
.collect();
< span class = "self" > self< / span > .client
.idm_group_set_members(< span class = "kw-2" > & < / span > g.name, m.as_slice())
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.or_else(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Error setting group members -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Ok< / span > (())
})< span class = "question-mark" > ?< / span > ;
}
< span class = "prelude-val" > Ok< / span > (())
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > setup_access_controls(
2022-10-07 11:23:12 +02:00
< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ,
2022-11-04 01:07:22 +01:00
access: < span class = "kw-2" > & < / span > HashMap< Uuid, Vec< EntityType> > ,
all_entities: < span class = "kw-2" > & < / span > HashMap< Uuid, Entity> ,
) -> < span class = "prelude-ty" > Result< / span > < (), ()> {
< span class = "comment" > // To make this somewhat effecient, we fold each access req to " need group" or " need user"
// access.
< / span > < span class = "macro" > debug!< / span > (< span class = "string" > " setup_access_controls" < / span > );
< span class = "kw" > for < / span > (id, list) < span class = "kw" > in < / span > access.iter() {
< span class = "comment" > // get the users name.
< / span > < span class = "kw" > let < / span > account = all_entities.get(id).unwrap();
< span class = "kw" > let < / span > need_account = list
.iter()
.filter(|v| < span class = "macro" > matches!< / span > (v, EntityType::Account(< span class = "kw" > _< / span > )))
.count()
== < span class = "number" > 0< / span > ;
< span class = "kw" > let < / span > need_group = list
.iter()
.filter(|v| < span class = "macro" > matches!< / span > (v, EntityType::Group(< span class = "kw" > _< / span > )))
.count()
== < span class = "number" > 0< / span > ;
< span class = "kw" > if < / span > need_account {
< span class = "self" > self< / span > .client
.idm_group_add_members(< span class = "string" > " idm_account_manage_priv" < / span > , < span class = "kw-2" > & < / span > [account.get_name()])
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.or_else(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Error setting group members -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Ok< / span > (())
})< span class = "question-mark" > ?< / span > ;
2022-11-04 01:07:22 +01:00
< span class = "self" > self< / span > .client
.idm_group_add_members(< span class = "string" > " idm_hp_account_manage_priv" < / span > , < span class = "kw-2" > & < / span > [account.get_name()])
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.or_else(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Error setting group members -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Ok< / span > (())
})< span class = "question-mark" > ?< / span > ;
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > if < / span > need_group {
< span class = "self" > self< / span > .client
.idm_group_add_members(< span class = "string" > " idm_group_manage_priv" < / span > , < span class = "kw-2" > & < / span > [account.get_name()])
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.or_else(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Error setting group members -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Ok< / span > (())
})< span class = "question-mark" > ?< / span > ;
2022-11-04 01:07:22 +01:00
< span class = "self" > self< / span > .client
.idm_group_add_members(< span class = "string" > " idm_hp_group_manage_priv" < / span > , < span class = "kw-2" > & < / span > [account.get_name()])
.< span class = "kw" > await
< / span > .map(|< span class = "kw" > _< / span > | ())
.or_else(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Error setting group members -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
< span class = "prelude-val" > Ok< / span > (())
})< span class = "question-mark" > ?< / span > ;
}
}
< span class = "prelude-val" > Ok< / span > (())
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > open_user_connection(
2022-10-07 11:23:12 +02:00
< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ,
2022-11-04 01:07:22 +01:00
test_start: Instant,
name: < span class = "kw-2" > & < / span > str,
pw: < span class = "kw-2" > & < / span > str,
) -> < span class = "prelude-ty" > Result< / span > < (Duration, Duration), ()> {
< span class = "kw" > let < / span > start = Instant::now();
< span class = "self" > self< / span > .client
.auth_simple_password(name, pw)
.< span class = "kw" > await
< / span > .map_err(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " Unable to authenticate -> {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
})
2022-11-04 01:07:22 +01:00
.map(|< span class = "kw" > _< / span > | {
< span class = "kw" > let < / span > end = Instant::now();
< span class = "kw" > let < / span > diff = end.duration_since(start);
< span class = "kw" > let < / span > rel_diff = start.duration_since(test_start);
(rel_diff, diff)
2022-10-07 11:23:12 +02:00
})
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > close_connection(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ) {
< span class = "macro" > assert!< / span > (< span class = "self" > self< / span > .client.logout().< span class = "kw" > await< / span > .is_ok());
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > search(
2022-10-07 11:23:12 +02:00
< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ,
2022-11-04 01:07:22 +01:00
test_start: Instant,
ids: < span class = "kw-2" > & < / span > [String],
) -> < span class = "prelude-ty" > Result< / span > < (Duration, Duration, usize), ()> {
< span class = "comment" > // Create the filter
< / span > < span class = "kw" > let < / span > inner: Vec< < span class = "kw" > _< / span > > = ids
.iter()
.map(|n| Filter::Eq(< span class = "string" > " name" < / span > .to_string(), n.to_string()))
.collect();
< span class = "kw" > let < / span > filter = Filter::Or(inner);
< span class = "kw" > let < / span > start = Instant::now();
< span class = "kw" > let < / span > l = < span class = "self" > self
< / span > .client
.search(filter)
.< span class = "kw" > await
< / span > .map(|r| r.len())
.map_err(|e| {
< span class = "macro" > error!< / span > (< span class = "string" > " {:?}" < / span > , e);
2022-10-07 11:23:12 +02:00
})< span class = "question-mark" > ?< / span > ;
2022-11-04 01:07:22 +01:00
< span class = "kw" > let < / span > end = Instant::now();
< span class = "kw" > let < / span > diff = end.duration_since(start);
< span class = "kw" > let < / span > rel_diff = start.duration_since(test_start);
2022-10-07 11:23:12 +02:00
2022-11-04 01:07:22 +01:00
< span class = "prelude-val" > Ok< / span > ((rel_diff, diff, l))
2022-10-07 11:23:12 +02:00
}
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > impl < / span > KaniLdapServer {
< span class = "kw" > fn < / span > construct(
uri: String,
admin_pw: String,
ldap_uri: String,
basedn: String,
) -> < span class = "prelude-ty" > Result< / span > < Box< < span class = "self" > Self< / span > > , ()> {
< span class = "kw" > let < / span > http = KaniHttpServer::construct(uri, admin_pw)< span class = "question-mark" > ?< / span > ;
< span class = "kw" > let < / span > ldap = LdapClient::new(ldap_uri, basedn, LdapSchema::Kanidm)< span class = "question-mark" > ?< / span > ;
< span class = "prelude-val" > Ok< / span > (Box::new(KaniLdapServer { http, ldap }))
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub fn < / span > build(
uri: String,
admin_pw: String,
ldap_uri: String,
basedn: String,
) -> < span class = "prelude-ty" > Result< / span > < TargetServer, ()> {
< span class = "self" > Self< / span > ::construct(uri, admin_pw, ldap_uri, basedn).map(TargetServer::KanidmLdap)
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "attribute" > #[allow(clippy::new_ret_no_self)]
< / span > < span class = "kw" > pub fn < / span > new(klconfig: < span class = "kw-2" > & < / span > KaniLdapConfig) -> < span class = "prelude-ty" > Result< / span > < TargetServer, ()> {
< span class = "self" > Self< / span > ::construct(
klconfig.uri.clone(),
klconfig.admin_pw.clone(),
klconfig.ldap_uri.clone(),
klconfig.base_dn.clone(),
2022-10-07 11:23:12 +02:00
)
2022-11-04 01:07:22 +01:00
.map(TargetServer::KanidmLdap)
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub fn < / span > info(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ) -> String {
2022-10-07 11:23:12 +02:00
< span class = "macro" > format!< / span > (
< span class = "string" > " Kanidm LDAP Connection: {} {}" < / span > ,
2022-11-04 01:07:22 +01:00
< span class = "self" > self< / span > .ldap.uri, < span class = "self" > self< / span > .ldap.basedn
2022-10-07 11:23:12 +02:00
)
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub fn < / span > builder(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ) -> TargetServerBuilder {
TargetServerBuilder::KanidmLdap(
< span class = "self" > self< / span > .http.uri.clone(),
< span class = "self" > self< / span > .http.admin_pw.clone(),
< span class = "self" > self< / span > .ldap.uri.clone(),
< span class = "self" > self< / span > .ldap.basedn.clone(),
2022-10-07 11:23:12 +02:00
)
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > open_admin_connection(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ) -> < span class = "prelude-ty" > Result< / span > < (), ()> {
< span class = "self" > self< / span > .http.open_admin_connection().< span class = "kw" > await
< / span > }
2022-10-07 11:23:12 +02:00
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > setup_admin_delete_uuids(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > , targets: < span class = "kw-2" > & < / span > [Uuid]) -> < span class = "prelude-ty" > Result< / span > < (), ()> {
< span class = "self" > self< / span > .http.setup_admin_delete_uuids(targets).< span class = "kw" > await
< / span > }
2022-10-07 11:23:12 +02:00
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > setup_admin_precreate_entities(
2022-10-07 11:23:12 +02:00
< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ,
2022-11-04 01:07:22 +01:00
targets: < span class = "kw-2" > & < / span > HashSet< Uuid> ,
all_entities: < span class = "kw-2" > & < / span > HashMap< Uuid, Entity> ,
) -> < span class = "prelude-ty" > Result< / span > < (), ()> {
< span class = "self" > self< / span > .http
.setup_admin_precreate_entities(targets, all_entities)
.< span class = "kw" > await
< / span > }
< span class = "kw" > pub async fn < / span > setup_access_controls(
2022-10-07 11:23:12 +02:00
< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ,
2022-11-04 01:07:22 +01:00
access: < span class = "kw-2" > & < / span > HashMap< Uuid, Vec< EntityType> > ,
all_entities: < span class = "kw-2" > & < / span > HashMap< Uuid, Entity> ,
) -> < span class = "prelude-ty" > Result< / span > < (), ()> {
< span class = "self" > self< / span > .http.setup_access_controls(access, all_entities).< span class = "kw" > await
< / span > }
2022-10-07 11:23:12 +02:00
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > open_user_connection(
2022-10-07 11:23:12 +02:00
< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ,
2022-11-04 01:07:22 +01:00
test_start: Instant,
name: < span class = "kw-2" > & < / span > str,
pw: < span class = "kw-2" > & < / span > str,
) -> < span class = "prelude-ty" > Result< / span > < (Duration, Duration), ()> {
< span class = "self" > self< / span > .ldap.open_user_connection(test_start, name, pw).< span class = "kw" > await
< / span > }
< span class = "kw" > pub async fn < / span > close_connection(< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ) {
< span class = "self" > self< / span > .ldap.close_connection().< span class = "kw" > await< / span > ;
2022-10-07 11:23:12 +02:00
}
2022-11-04 01:07:22 +01:00
< span class = "kw" > pub async fn < / span > search(
2022-10-07 11:23:12 +02:00
< span class = "kw-2" > & < / span > < span class = "self" > self< / span > ,
2022-11-04 01:07:22 +01:00
test_start: Instant,
ids: < span class = "kw-2" > & < / span > [String],
) -> < span class = "prelude-ty" > Result< / span > < (Duration, Duration, usize), ()> {
< span class = "self" > self< / span > .ldap.search_name(test_start, ids).< span class = "kw" > await
< / span > }
2022-10-07 11:23:12 +02:00
}
< / code > < / pre > < / div >
2022-11-04 01:07:22 +01:00
< / section > < / div > < / main > < div id = "rustdoc-vars" data-root-path = "../../" data-current-crate = "orca" data-themes = "ayu,dark,light" data-resource-suffix = "" data-rustdoc-version = "1.65.0 (897e37553 2022-11-02)" > < / div > < / body > < / html >
