mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

20240530 nightly warnings (#2806)

Browse source 
* Cleaneup
* Lots of ram saving
This commit is contained in:
Firstyear 2024-05-30 20:22:19 +10:00 committed by GitHub
parent 1e7b94b7cf
commit 2c0ff46a32
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
44 changed files with 148 additions and 135 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
Cargo.lock generated
View file

@ -904,9 +904,9 @@ dependencies = [
[[package]] [[package]]
name = "concread" name = "concread"
version = "0.5.0" version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4539869aeea73afd414cc1750eceada0d042764f2d28873d74fbbd81610bffe" checksum = "23bef63c371d1b3da7e61e7b72e5757f070131a399f2eb60edc2d8bb8102249a"
dependencies = [ dependencies = [
"ahash 0.8.11", "ahash 0.8.11",
"arc-swap", "arc-swap",
@ -1181,8 +1181,6 @@ dependencies = [
"kanidm_utils_users", "kanidm_utils_users",
"kanidmd_core", "kanidmd_core",
"mimalloc", "mimalloc",
"opentelemetry",
"opentelemetry_api",
"prctl", "prctl",
"reqwest 0.12.4", "reqwest 0.12.4",
"sd-notify", "sd-notify",
@ -2832,9 +2830,9 @@ checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39"
[[package]] [[package]]
name = "idlset" name = "idlset"
version = "0.2.4" version = "0.2.5"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "340756d15be4b22d5e501bad90a9f68fcdc6b9b7d2f6d6afe350645e9839dac6" checksum = "ef858150272c6cce9db3710a171edf5d3e8844d38680d7657e9b1698efe8d97b"
dependencies = [ dependencies = [
"serde", "serde",
"serde_derive", "serde_derive",
@ -3319,6 +3317,7 @@ dependencies = [
"ldap3_proto", "ldap3_proto",
"libc", "libc",
"openssl", "openssl",
"opentelemetry",
"rand", "rand",
"regex", "regex",
"serde", "serde",
@ -3371,6 +3370,7 @@ dependencies = [
"libc", "libc",
"libsqlite3-sys", "libsqlite3-sys",
"lodepng", "lodepng",
"mimalloc",
"nonempty", "nonempty",
"num_enum", "num_enum",
"openssl", "openssl",

4
Cargo.toml
View file

@ -109,7 +109,7 @@ clap_complete = "^4.5.1"
# Forced by saffron/cron # Forced by saffron/cron
chrono = "^0.4.35" chrono = "^0.4.35"
compact_jwt = { version = "^0.4.1", default-features = false } compact_jwt = { version = "^0.4.1", default-features = false }
concread = "^0.5.0" concread = "^0.5.1"
cron = "0.12.1" cron = "0.12.1"
crossbeam = "0.8.4" crossbeam = "0.8.4"
criterion = "^0.5.1" criterion = "^0.5.1"
@ -131,7 +131,7 @@ http = "1.1.0"
hyper = { version = "1.3.1", features = ["server", "client"] } hyper = { version = "1.3.1", features = ["server", "client"] }
hyper-util = { version = "0.1.5", features = ["server", "tokio"] } hyper-util = { version = "0.1.5", features = ["server", "tokio"] }
hyper-tls = "0.6.0" hyper-tls = "0.6.0"
idlset = "^0.2.4" idlset = "^0.2.5"
image = { version = "0.24.9", default-features = false, features = [ image = { version = "0.24.9", default-features = false, features = [
"gif", "gif",
"jpeg", "jpeg",

3
libs/crypto/build.rs
View file

@ -1,8 +1,11 @@
use std::env; use std::env;
fn main() { fn main() {
// Allows openssl3 as a cfg flag
println!("cargo::rustc-check-cfg=cfg(openssl3)");
println!("cargo:rerun-if-changed=build.rs"); println!("cargo:rerun-if-changed=build.rs");
println!("cargo:rerun-if-env-changed=DEP_OPENSSL_VERSION_NUMBER"); println!("cargo:rerun-if-env-changed=DEP_OPENSSL_VERSION_NUMBER");
if let Ok(v) = env::var("DEP_OPENSSL_VERSION_NUMBER") { if let Ok(v) = env::var("DEP_OPENSSL_VERSION_NUMBER") {
let version = u64::from_str_radix(&v, 16).unwrap(); let version = u64::from_str_radix(&v, 16).unwrap();

10
libs/crypto/src/lib.rs
View file

@ -346,14 +346,8 @@ impl CryptoPolicy {
.checked_sub(ARGON2_TCOST_RAM_ITER_KIB) .checked_sub(ARGON2_TCOST_RAM_ITER_KIB)
.unwrap_or(ARGON2_MIN_RAM_KIB); .unwrap_or(ARGON2_MIN_RAM_KIB);
// Floor and Ceil // Clamp the value
m_cost = if m_adjust > ARGON2_MAX_RAM_KIB { m_cost = m_adjust.clamp(ARGON2_MIN_RAM_KIB, ARGON2_MAX_RAM_KIB);
ARGON2_MAX_RAM_KIB
} else if m_adjust < ARGON2_MIN_RAM_KIB {
ARGON2_MIN_RAM_KIB
} else {
m_adjust
};
continue; continue;
} else { } else {
// Unable to proceed, parameters are maxed out. // Unable to proceed, parameters are maxed out.

3
libs/users/src/unix.rs
View file

@ -25,9 +25,6 @@ pub fn get_user_name_by_uid(uid: uid_t) -> Option<OsString> {
let mut buf = vec![0; 2048]; let mut buf = vec![0; 2048];
let mut result = ptr::null_mut::<c_passwd>(); let mut result = ptr::null_mut::<c_passwd>();
#[cfg(feature = "logging")]
trace!("Running getpwuid_r for user #{}", uid);
loop { loop {
let r = let r =
unsafe { libc::getpwuid_r(uid, &mut passwd, buf.as_mut_ptr(), buf.len(), &mut result) }; unsafe { libc::getpwuid_r(uid, &mut passwd, buf.as_mut_ptr(), buf.len(), &mut result) };

2
server/core/Cargo.toml
View file

@ -41,6 +41,8 @@ kanidm_lib_file_permissions = { workspace = true }
ldap3_proto = { workspace = true } ldap3_proto = { workspace = true }
libc = { workspace = true } libc = { workspace = true }
openssl = { workspace = true } openssl = { workspace = true }
opentelemetry = { workspace = true, features = ["logs"] }
# opentelemetry_api = { workspace = true, features = ["logs"] }
rand = { workspace = true } rand = { workspace = true }
regex = { workspace = true } regex = { workspace = true }
serde = { workspace = true, features = ["derive"] } serde = { workspace = true, features = ["derive"] }

3
server/core/src/https/mod.rs
View file

@ -388,8 +388,9 @@ pub async fn create_https_server(
}; };
#[cfg(feature = "otel")]
opentelemetry::global::shutdown_tracer_provider(); opentelemetry::global::shutdown_tracer_provider();
info!("Stopped {}", super::TaskName::HttpsServer); info!("Stopped {}", super::TaskName::HttpsServer);
})) }))
} }

1
server/core/src/lib.rs
View file

@ -10,6 +10,7 @@
#![deny(warnings)] #![deny(warnings)]
#![warn(unused_extern_crates)] #![warn(unused_extern_crates)]
#![warn(unused_imports)]
#![deny(clippy::todo)] #![deny(clippy::todo)]
#![deny(clippy::unimplemented)] #![deny(clippy::unimplemented)]
#![deny(clippy::unwrap_used)] #![deny(clippy::unwrap_used)]

2
server/daemon/Cargo.toml
View file

@ -34,8 +34,6 @@ serde = { workspace = true, features = ["derive"] }
tokio = { workspace = true, features = ["rt-multi-thread", "macros", "signal"] } tokio = { workspace = true, features = ["rt-multi-thread", "macros", "signal"] }
tokio-util = { workspace = true, features = ["codec"] } tokio-util = { workspace = true, features = ["codec"] }
toml = { workspace = true } toml = { workspace = true }
opentelemetry = { workspace = true, features = ["logs"] }
opentelemetry_api = { workspace = true, features = ["logs"] }
tempfile = { workspace = true } tempfile = { workspace = true }
tracing = { workspace = true, features = [ tracing = { workspace = true, features = [
"max_level_trace", "max_level_trace",

1
server/daemon/src/main.rs
View file

@ -10,7 +10,6 @@
#![deny(clippy::needless_pass_by_value)] #![deny(clippy::needless_pass_by_value)]
#![deny(clippy::trivially_copy_pass_by_ref)] #![deny(clippy::trivially_copy_pass_by_ref)]
#[cfg(not(target_family = "windows"))]
#[global_allocator] #[global_allocator]
static GLOBAL: mimalloc::MiMalloc = mimalloc::MiMalloc; static GLOBAL: mimalloc::MiMalloc = mimalloc::MiMalloc;

7
server/lib/Cargo.toml
View file

@ -102,13 +102,12 @@ whoami = { workspace = true }
# default = [ "libsqlite3-sys/bundled", "openssl/vendored" ] # default = [ "libsqlite3-sys/bundled", "openssl/vendored" ]
[dev-dependencies] [dev-dependencies]
compact_jwt = { workspace = true, features = ["openssl", "hsm-crypto", "unsafe_release_without_verify"] }
criterion = { workspace = true, features = ["html_reports"] } criterion = { workspace = true, features = ["html_reports"] }
webauthn-authenticator-rs = { workspace = true }
futures = { workspace = true } futures = { workspace = true }
kanidmd_lib_macros = { workspace = true } kanidmd_lib_macros = { workspace = true }
mimalloc = { workspace = true }
compact_jwt = { workspace = true, features = ["openssl", "hsm-crypto", "unsafe_release_without_verify"] } webauthn-authenticator-rs = { workspace = true }
[build-dependencies] [build-dependencies]
hashbrown = { workspace = true } hashbrown = { workspace = true }

2
server/lib/src/be/idl_arc_sqlite.rs
View file

@ -86,7 +86,7 @@ macro_rules! get_identry {
$idl:expr, $idl:expr,
$is_read_op:expr $is_read_op:expr
) => {{ ) => {{
let mut result: Vec<Arc<EntrySealedCommitted>> = Vec::new(); let mut result: Vec<Arc<EntrySealedCommitted>> = Vec::with_capacity(0);
match $idl { match $idl {
IdList::Partial(idli) | IdList::PartialThreshold(idli) | IdList::Indexed(idli) => { IdList::Partial(idli) | IdList::PartialThreshold(idli) | IdList::Indexed(idli) => {
let mut nidl = IDLBitRange::new(); let mut nidl = IDLBitRange::new();

2
server/lib/src/be/idl_sqlite.rs
View file

@ -631,7 +631,7 @@ pub(crate) trait IdlSqliteTransaction {
Ok(Some(v)) => { Ok(Some(v)) => {
let r: Result<String, _> = v.get(0); let r: Result<String, _> = v.get(0);
match r { match r {
Ok(t) if t == "ok" => Vec::new(), Ok(t) if t == "ok" => Vec::with_capacity(0),
_ => vec![Err(ConsistencyError::SqliteIntegrityFailure)], _ => vec![Err(ConsistencyError::SqliteIntegrityFailure)],
} }
} }

35
server/lib/src/be/mod.rs
View file

@ -290,7 +290,7 @@ pub trait BackendTransaction {
FilterResolved::Or(l, _) => { FilterResolved::Or(l, _) => {
// Importantly if this has no inner elements, this returns // Importantly if this has no inner elements, this returns
// an empty list. // an empty list.
let mut plan = Vec::new(); let mut plan = Vec::with_capacity(0);
let mut result = IDLBitRange::new(); let mut result = IDLBitRange::new();
let mut partial = false; let mut partial = false;
let mut threshold = false; let mut threshold = false;
@ -535,7 +535,7 @@ pub trait BackendTransaction {
// for fully indexed existence queries, such as from refint. // for fully indexed existence queries, such as from refint.
// This has a lot in common with an And and Or but not really quite either. // This has a lot in common with an And and Or but not really quite either.
let mut plan = Vec::new(); let mut plan = Vec::with_capacity(0);
let mut result = IDLBitRange::new(); let mut result = IDLBitRange::new();
// For each filter in l // For each filter in l
for f in l.iter() { for f in l.iter() {
@ -632,7 +632,7 @@ pub trait BackendTransaction {
e e
})?; })?;
let entries_filtered = match idl { let mut entries_filtered = match idl {
IdList::AllIds => trace_span!("be::search<entry::ftest::allids>").in_scope(|| { IdList::AllIds => trace_span!("be::search<entry::ftest::allids>").in_scope(|| {
entries entries
.into_iter() .into_iter()
@ -666,6 +666,9 @@ pub trait BackendTransaction {
return Err(OperationError::ResourceLimit); return Err(OperationError::ResourceLimit);
} }
// Trim any excess capacity if needed
entries_filtered.shrink_to_fit();
Ok(entries_filtered) Ok(entries_filtered)
} }
@ -851,7 +854,7 @@ pub trait BackendTransaction {
if r.is_err() { if r.is_err() {
vec![r] vec![r]
} else { } else {
Vec::new() Vec::with_capacity(0)
} }
} }
@ -2258,7 +2261,7 @@ mod tests {
run_test!(|be: &mut BackendWriteTransaction| { run_test!(|be: &mut BackendWriteTransaction| {
trace!("Simple Create"); trace!("Simple Create");
let empty_result = be.create(&CID_ZERO, Vec::new()); let empty_result = be.create(&CID_ZERO, Vec::with_capacity(0));
trace!("{:?}", empty_result); trace!("{:?}", empty_result);
assert_eq!(empty_result, Err(OperationError::EmptyRequest)); assert_eq!(empty_result, Err(OperationError::EmptyRequest));
@ -2759,7 +2762,7 @@ mod tests {
Attribute::Name.as_ref(), Attribute::Name.as_ref(),
IndexType::Equality, IndexType::Equality,
"not-exist", "not-exist",
Some(Vec::new()) Some(Vec::with_capacity(0))
); );
idl_state!( idl_state!(
@ -2767,7 +2770,7 @@ mod tests {
Attribute::Uuid.as_ref(), Attribute::Uuid.as_ref(),
IndexType::Equality, IndexType::Equality,
"fake-0079-4b8c-8a56-593b22aa44d1", "fake-0079-4b8c-8a56-593b22aa44d1",
Some(Vec::new()) Some(Vec::with_capacity(0))
); );
let uuid_p_idl = be let uuid_p_idl = be
@ -2861,7 +2864,7 @@ mod tests {
Attribute::Name.as_ref(), Attribute::Name.as_ref(),
IndexType::Equality, IndexType::Equality,
"william", "william",
Some(Vec::new()) Some(Vec::with_capacity(0))
); );
idl_state!( idl_state!(
@ -2869,7 +2872,7 @@ mod tests {
Attribute::Name.as_ref(), Attribute::Name.as_ref(),
IndexType::Presence, IndexType::Presence,
"_", "_",
Some(Vec::new()) Some(Vec::with_capacity(0))
); );
idl_state!( idl_state!(
@ -2877,7 +2880,7 @@ mod tests {
Attribute::Uuid.as_ref(), Attribute::Uuid.as_ref(),
IndexType::Equality, IndexType::Equality,
"db237e8a-0079-4b8c-8a56-593b22aa44d1", "db237e8a-0079-4b8c-8a56-593b22aa44d1",
Some(Vec::new()) Some(Vec::with_capacity(0))
); );
idl_state!( idl_state!(
@ -2885,7 +2888,7 @@ mod tests {
Attribute::Uuid.as_ref(), Attribute::Uuid.as_ref(),
IndexType::Presence, IndexType::Presence,
"_", "_",
Some(Vec::new()) Some(Vec::with_capacity(0))
); );
assert!(be.name2uuid("william") == Ok(None)); assert!(be.name2uuid("william") == Ok(None));
@ -3129,14 +3132,14 @@ mod tests {
Attribute::Uuid.as_ref(), Attribute::Uuid.as_ref(),
IndexType::Equality, IndexType::Equality,
"db237e8a-0079-4b8c-8a56-593b22aa44d1", "db237e8a-0079-4b8c-8a56-593b22aa44d1",
Some(Vec::new()) Some(Vec::with_capacity(0))
); );
idl_state!( idl_state!(
be, be,
Attribute::Name.as_ref(), Attribute::Name.as_ref(),
IndexType::Equality, IndexType::Equality,
"william", "william",
Some(Vec::new()) Some(Vec::with_capacity(0))
); );
let claire_uuid = uuid!("04091a7a-6ce4-42d2-abf5-c2ce244ac9e8"); let claire_uuid = uuid!("04091a7a-6ce4-42d2-abf5-c2ce244ac9e8");
@ -3303,7 +3306,7 @@ mod tests {
let (r, _plan) = be.filter2idl(f_r_andnot.to_inner(), 0).unwrap(); let (r, _plan) = be.filter2idl(f_r_andnot.to_inner(), 0).unwrap();
match r { match r {
IdList::Indexed(idl) => { IdList::Indexed(idl) => {
assert!(idl == IDLBitRange::from_iter(Vec::new())); assert!(idl == IDLBitRange::from_iter(Vec::with_capacity(0)));
} }
_ => { _ => {
panic!(""); panic!("");
@ -3319,7 +3322,7 @@ mod tests {
let (r, _plan) = be.filter2idl(f_and_andnot.to_inner(), 0).unwrap(); let (r, _plan) = be.filter2idl(f_and_andnot.to_inner(), 0).unwrap();
match r { match r {
IdList::Indexed(idl) => { IdList::Indexed(idl) => {
assert!(idl == IDLBitRange::from_iter(Vec::new())); assert!(idl == IDLBitRange::from_iter(Vec::with_capacity(0)));
} }
_ => { _ => {
panic!(""); panic!("");
@ -3334,7 +3337,7 @@ mod tests {
let (r, _plan) = be.filter2idl(f_or_andnot.to_inner(), 0).unwrap(); let (r, _plan) = be.filter2idl(f_or_andnot.to_inner(), 0).unwrap();
match r { match r {
IdList::Indexed(idl) => { IdList::Indexed(idl) => {
assert!(idl == IDLBitRange::from_iter(Vec::new())); assert!(idl == IDLBitRange::from_iter(Vec::with_capacity(0)));
} }
_ => { _ => {
panic!(""); panic!("");

2
server/lib/src/constants/entries.rs
View file

@ -858,7 +858,7 @@ impl From<BuiltinAccount> for Account {
displayname: value.displayname.to_string(), displayname: value.displayname.to_string(),
spn: format!("{}@example.com", value.name), spn: format!("{}@example.com", value.name),
mail_primary: None, mail_primary: None,
mail: Vec::new(), mail: Vec::with_capacity(0),
..Default::default() ..Default::default()
} }
} }

8
server/lib/src/constants/groups.rs
View file

@ -263,7 +263,7 @@ lazy_static! {
name: "idm_people_self_write_mail", name: "idm_people_self_write_mail",
description: "Builtin IDM Group for people accounts to update their own mail.", description: "Builtin IDM Group for people accounts to update their own mail.",
uuid: UUID_IDM_PEOPLE_SELF_MAIL_WRITE, uuid: UUID_IDM_PEOPLE_SELF_MAIL_WRITE,
members: Vec::new(), members: Vec::with_capacity(0),
..Default::default() ..Default::default()
}; };
@ -272,7 +272,7 @@ lazy_static! {
name: "idm_people_self_mail_write", name: "idm_people_self_mail_write",
description: "Builtin IDM Group for people accounts to update their own mail.", description: "Builtin IDM Group for people accounts to update their own mail.",
uuid: UUID_IDM_PEOPLE_SELF_MAIL_WRITE, uuid: UUID_IDM_PEOPLE_SELF_MAIL_WRITE,
members: Vec::new(), members: Vec::with_capacity(0),
..Default::default() ..Default::default()
}; };
} }
@ -283,7 +283,7 @@ lazy_static! {
name: "idm_all_persons", name: "idm_all_persons",
description: "Builtin IDM dynamic group containing all persons.", description: "Builtin IDM dynamic group containing all persons.",
uuid: UUID_IDM_ALL_PERSONS, uuid: UUID_IDM_ALL_PERSONS,
members: Vec::new(), members: Vec::with_capacity(0),
dyngroup: true, dyngroup: true,
dyngroup_filter: Some( dyngroup_filter: Some(
Filter::And(vec![ Filter::And(vec![
@ -304,7 +304,7 @@ lazy_static! {
name: "idm_all_accounts", name: "idm_all_accounts",
description: "Builtin IDM dynamic group containing all entries that can authenticate.", description: "Builtin IDM dynamic group containing all entries that can authenticate.",
uuid: UUID_IDM_ALL_ACCOUNTS, uuid: UUID_IDM_ALL_ACCOUNTS,
members: Vec::new(), members: Vec::with_capacity(0),
dyngroup: true, dyngroup: true,
dyngroup_filter: Some( dyngroup_filter: Some(
Filter::Eq(Attribute::Class.to_string(), EntryClass::Account.to_string()), Filter::Eq(Attribute::Class.to_string(), EntryClass::Account.to_string()),

27
server/lib/src/entry.rs
View file

@ -891,6 +891,7 @@ impl Entry<EntryIncremental, EntryNew> {
// To shortcut this we dedup the attr set and then iterate. // To shortcut this we dedup the attr set and then iterate.
let mut attr_set: Vec<_> = let mut attr_set: Vec<_> =
changes_left.keys().chain(changes_right.keys()).collect(); changes_left.keys().chain(changes_right.keys()).collect();
attr_set.shrink_to_fit();
attr_set.sort_unstable(); attr_set.sort_unstable();
attr_set.dedup(); attr_set.dedup();
@ -1604,7 +1605,7 @@ impl Entry<EntrySealed, EntryCommitted> {
match (pre, post) { match (pre, post) {
(None, None) => { (None, None) => {
// if both are none, yield empty list. // if both are none, yield empty list.
Vec::new() Vec::with_capacity(0)
} }
(Some(pre_e), None) => { (Some(pre_e), None) => {
// If we are none (?), yield our pre-state as removals. // If we are none (?), yield our pre-state as removals.
@ -1619,11 +1620,11 @@ impl Entry<EntrySealed, EntryCommitted> {
ikey.attr, ikey.attr,
err err
); );
return Vec::new(); return Vec::with_capacity(0);
} }
}; };
match pre_e.get_ava_set(attr) { match pre_e.get_ava_set(attr) {
None => Vec::new(), None => Vec::with_capacity(0),
Some(vs) => { Some(vs) => {
let changes: Vec<Result<_, _>> = match ikey.itype { let changes: Vec<Result<_, _>> = match ikey.itype {
IndexType::Equality => { IndexType::Equality => {
@ -1636,7 +1637,7 @@ impl Entry<EntrySealed, EntryCommitted> {
IndexType::Presence => { IndexType::Presence => {
vec![Err((&ikey.attr, ikey.itype, "_".to_string()))] vec![Err((&ikey.attr, ikey.itype, "_".to_string()))]
} }
IndexType::SubString => Vec::new(), IndexType::SubString => Vec::with_capacity(0),
}; };
changes changes
} }
@ -1657,11 +1658,11 @@ impl Entry<EntrySealed, EntryCommitted> {
ikey.attr, ikey.attr,
err err
); );
return Vec::new(); return Vec::with_capacity(0);
} }
}; };
match post_e.get_ava_set(attr) { match post_e.get_ava_set(attr) {
None => Vec::new(), None => Vec::with_capacity(0),
Some(vs) => { Some(vs) => {
let changes: Vec<Result<_, _>> = match ikey.itype { let changes: Vec<Result<_, _>> = match ikey.itype {
IndexType::Equality => vs IndexType::Equality => vs
@ -1672,7 +1673,7 @@ impl Entry<EntrySealed, EntryCommitted> {
IndexType::Presence => { IndexType::Presence => {
vec![Ok((&ikey.attr, ikey.itype, "_".to_string()))] vec![Ok((&ikey.attr, ikey.itype, "_".to_string()))]
} }
IndexType::SubString => Vec::new(), IndexType::SubString => Vec::with_capacity(0),
}; };
// For each value // For each value
// //
@ -1695,13 +1696,13 @@ impl Entry<EntrySealed, EntryCommitted> {
ikey.attr, ikey.attr,
err err
); );
return Vec::new(); return Vec::with_capacity(0);
} }
}; };
match (pre_e.get_ava_set(attr), post_e.get_ava_set(attr)) { match (pre_e.get_ava_set(attr), post_e.get_ava_set(attr)) {
(None, None) => { (None, None) => {
// Neither have it, do nothing. // Neither have it, do nothing.
Vec::new() Vec::with_capacity(0)
} }
(Some(pre_vs), None) => { (Some(pre_vs), None) => {
// It existed before, but not anymore // It existed before, but not anymore
@ -1718,7 +1719,7 @@ impl Entry<EntrySealed, EntryCommitted> {
IndexType::Presence => { IndexType::Presence => {
vec![Err((&ikey.attr, ikey.itype, "_".to_string()))] vec![Err((&ikey.attr, ikey.itype, "_".to_string()))]
} }
IndexType::SubString => Vec::new(), IndexType::SubString => Vec::with_capacity(0),
}; };
changes changes
} }
@ -1737,7 +1738,7 @@ impl Entry<EntrySealed, EntryCommitted> {
IndexType::Presence => { IndexType::Presence => {
vec![Ok((&ikey.attr, ikey.itype, "_".to_string()))] vec![Ok((&ikey.attr, ikey.itype, "_".to_string()))]
} }
IndexType::SubString => Vec::new(), IndexType::SubString => Vec::with_capacity(0),
}; };
changes changes
} }
@ -3050,7 +3051,7 @@ impl<VALID, STATE> Entry<VALID, STATE> {
// Take name: (a, b), name: (c, d) -> (name, a), (name, b), (name, c), (name, d) // Take name: (a, b), name: (c, d) -> (name, a), (name, b), (name, c), (name, d)
let mut pairs: Vec<(&str, PartialValue)> = Vec::new(); let mut pairs: Vec<(&str, PartialValue)> = Vec::with_capacity(0);
for attr in attrs { for attr in attrs {
match self.attrs.get(attr) { match self.attrs.get(attr) {
@ -3689,7 +3690,7 @@ mod tests {
// When we do None, None, we get nothing back. // When we do None, None, we get nothing back.
let r1 = Entry::idx_diff(&idxmeta, None, None); let r1 = Entry::idx_diff(&idxmeta, None, None);
eprintln!("{r1:?}"); eprintln!("{r1:?}");
assert!(r1 == Vec::new()); assert!(r1 == Vec::with_capacity(0));
// Check generating a delete diff // Check generating a delete diff
let mut del_r = Entry::idx_diff(&idxmeta, Some(&e1), None); let mut del_r = Entry::idx_diff(&idxmeta, Some(&e1), None);

2
server/lib/src/idm/account.rs
View file

@ -912,7 +912,7 @@ impl<'a> IdmServerProxyReadTransaction<'a> {
}) })
.unwrap_or_else(|| { .unwrap_or_else(|| {
// No matching entry? Return none. // No matching entry? Return none.
Ok(Vec::new()) Ok(Vec::with_capacity(0))
}) })
} }
Err(e) => Err(e), Err(e) => Err(e),

30
server/lib/src/idm/authsession.rs
View file

@ -12,7 +12,7 @@ use compact_jwt::Jws;
use hashbrown::HashSet; use hashbrown::HashSet;
use kanidm_proto::internal::UserAuthToken; use kanidm_proto::internal::UserAuthToken;
use kanidm_proto::v1::{AuthAllowed, AuthCredential, AuthIssueSession, AuthMech}; use kanidm_proto::v1::{AuthAllowed, AuthCredential, AuthIssueSession, AuthMech};
use nonempty::{nonempty, NonEmpty}; use nonempty::NonEmpty;
use tokio::sync::mpsc::UnboundedSender as Sender; use tokio::sync::mpsc::UnboundedSender as Sender;
use uuid::Uuid; use uuid::Uuid;
use webauthn_rs::prelude::{ use webauthn_rs::prelude::{
@ -88,7 +88,7 @@ enum AuthIntent {
/// A response type to indicate the progress and potential result of an authentication attempt. /// A response type to indicate the progress and potential result of an authentication attempt.
enum CredState { enum CredState {
Success { auth_type: AuthType, cred_id: Uuid }, Success { auth_type: AuthType, cred_id: Uuid },
Continue(NonEmpty<AuthAllowed>), Continue(Box<NonEmpty<AuthAllowed>>),
Denied(&'static str), Denied(&'static str),
} }
@ -496,7 +496,10 @@ impl CredHandler {
admin_warn!("unable to queue delayed webauthn property update, continuing ... "); admin_warn!("unable to queue delayed webauthn property update, continuing ... ");
}; };
}; };
CredState::Continue(nonempty![AuthAllowed::Password]) CredState::Continue(Box::new(NonEmpty {
head: AuthAllowed::Password,
tail: Vec::with_capacity(0),
}))
} }
Err(e) => { Err(e) => {
pw_mfa.mfa_state = CredVerifyState::Fail; pw_mfa.mfa_state = CredVerifyState::Fail;
@ -523,7 +526,10 @@ impl CredHandler {
security_info!( security_info!(
"Handler::PasswordMfa -> Result::Continue - TOTP ({}) OK, password -", label "Handler::PasswordMfa -> Result::Continue - TOTP ({}) OK, password -", label
); );
CredState::Continue(nonempty![AuthAllowed::Password]) CredState::Continue(Box::new(NonEmpty {
head: AuthAllowed::Password,
tail: Vec::with_capacity(0),
}))
} else { } else {
pw_mfa.mfa_state = CredVerifyState::Fail; pw_mfa.mfa_state = CredVerifyState::Fail;
security_error!( security_error!(
@ -546,7 +552,10 @@ impl CredHandler {
}; };
pw_mfa.mfa_state = CredVerifyState::Success; pw_mfa.mfa_state = CredVerifyState::Success;
security_info!("Handler::PasswordMfa -> Result::Continue - BackupCode OK, password -"); security_info!("Handler::PasswordMfa -> Result::Continue - BackupCode OK, password -");
CredState::Continue(nonempty![AuthAllowed::Password]) CredState::Continue(Box::new(NonEmpty {
head: AuthAllowed::Password,
tail: Vec::with_capacity(0),
}))
} else { } else {
pw_mfa.mfa_state = CredVerifyState::Fail; pw_mfa.mfa_state = CredVerifyState::Fail;
security_error!("Handler::PasswordMfa -> Result::Denied - BackupCode Fail, password -"); security_error!("Handler::PasswordMfa -> Result::Denied - BackupCode Fail, password -");
@ -940,12 +949,15 @@ impl AuthSession {
// based on the anonymous ... in theory this could be cleaner // based on the anonymous ... in theory this could be cleaner
// and interact with the account more? // and interact with the account more?
if asd.account.is_anonymous() { if asd.account.is_anonymous() {
AuthSessionState::Init(nonempty![CredHandler::Anonymous { AuthSessionState::Init(NonEmpty {
head: CredHandler::Anonymous {
cred_id: asd.account.uuid, cred_id: asd.account.uuid,
}]) },
tail: Vec::with_capacity(0),
})
} else { } else {
// What's valid to use in this context? // What's valid to use in this context?
let mut handlers = Vec::new(); let mut handlers = Vec::with_capacity(0);
// TODO: We can't yet fully enforce account policy on auth, there is a bit of work // TODO: We can't yet fully enforce account policy on auth, there is a bit of work
// to do to be able to check for pw / mfa etc. // to do to be able to check for pw / mfa etc.
@ -1469,7 +1481,7 @@ impl AuthSession {
match &self.state { match &self.state {
AuthSessionState::Success AuthSessionState::Success
| AuthSessionState::Denied(_) | AuthSessionState::Denied(_)
| AuthSessionState::InProgress(_) => Vec::new(), | AuthSessionState::InProgress(_) => Vec::with_capacity(0),
AuthSessionState::Init(handlers) => { AuthSessionState::Init(handlers) => {
// Iterate over the handlers into what mechs they are // Iterate over the handlers into what mechs they are
// and filter to unique? // and filter to unique?

12
server/lib/src/idm/scim.rs
View file

@ -1177,7 +1177,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> {
// Get all the classes. // Get all the classes.
debug!("Schemas valid - Proceeding with entry {}", scim_ent.id); debug!("Schemas valid - Proceeding with entry {}", scim_ent.id);
let mut mods = Vec::new(); let mut mods = Vec::with_capacity(0);
mods.push(Modify::Assert( mods.push(Modify::Assert(
Attribute::SyncParentUuid, Attribute::SyncParentUuid,
@ -1912,7 +1912,7 @@ mod tests {
cookie: vec![1, 2, 3, 4].into(), cookie: vec![1, 2, 3, 4].into(),
}, },
to_state: ScimSyncState::Refresh, to_state: ScimSyncState::Refresh,
entries: Vec::default(), entries: Vec::with_capacity(0),
retain: ScimSyncRetentionMode::Ignore, retain: ScimSyncRetentionMode::Ignore,
}; };
@ -2319,7 +2319,7 @@ mod tests {
cookie: vec![1, 2, 3, 4].into(), cookie: vec![1, 2, 3, 4].into(),
}, },
// Doesn't exist. If it does, then bless rng. // Doesn't exist. If it does, then bless rng.
entries: Vec::default(), entries: Vec::with_capacity(0),
retain: ScimSyncRetentionMode::Delete(vec![Uuid::new_v4()]), retain: ScimSyncRetentionMode::Delete(vec![Uuid::new_v4()]),
}; };
@ -2358,7 +2358,7 @@ mod tests {
cookie: vec![1, 2, 3, 4].into(), cookie: vec![1, 2, 3, 4].into(),
}, },
// Doesn't exist. If it does, then bless rng. // Doesn't exist. If it does, then bless rng.
entries: Vec::default(), entries: Vec::with_capacity(0),
retain: ScimSyncRetentionMode::Delete(vec![user_sync_uuid]), retain: ScimSyncRetentionMode::Delete(vec![user_sync_uuid]),
}; };
@ -2400,7 +2400,7 @@ mod tests {
cookie: vec![1, 2, 3, 4].into(), cookie: vec![1, 2, 3, 4].into(),
}, },
// Doesn't exist. If it does, then bless rng. // Doesn't exist. If it does, then bless rng.
entries: Vec::default(), entries: Vec::with_capacity(0),
retain: ScimSyncRetentionMode::Delete(vec![user_sync_uuid]), retain: ScimSyncRetentionMode::Delete(vec![user_sync_uuid]),
}; };
@ -2678,7 +2678,7 @@ mod tests {
to_state: ScimSyncState::Active { to_state: ScimSyncState::Active {
cookie: vec![1, 2, 3, 4].into(), cookie: vec![1, 2, 3, 4].into(),
}, },
entries: Vec::default(), entries: Vec::with_capacity(0),
retain: ScimSyncRetentionMode::Ignore, retain: ScimSyncRetentionMode::Ignore,
}; };

2
server/lib/src/idm/serviceaccount.rs
View file

@ -411,7 +411,7 @@ impl<'a> IdmServerProxyReadTransaction<'a> {
}) })
.unwrap_or_else(|| { .unwrap_or_else(|| {
// No matching entry? Return none. // No matching entry? Return none.
Ok(Vec::new()) Ok(Vec::with_capacity(0))
}) })
} }
Err(e) => Err(e), Err(e) => Err(e),

4
server/lib/src/lib.rs
View file

@ -21,9 +21,9 @@
#![deny(clippy::manual_let_else)] #![deny(clippy::manual_let_else)]
#![allow(clippy::unreachable)] #![allow(clippy::unreachable)]
#[cfg(all(jemallocator, test, not(target_family = "windows")))] #[cfg(test)]
#[global_allocator] #[global_allocator]
static ALLOC: jemallocator::Jemalloc = jemallocator::Jemalloc; static GLOBAL: mimalloc::MiMalloc = mimalloc::MiMalloc;
#[macro_use] #[macro_use]
extern crate rusqlite; extern crate rusqlite;

4
server/lib/src/modify.rs
View file

@ -87,7 +87,7 @@ impl ModifyList<ModifyInvalid> {
pub fn new() -> Self { pub fn new() -> Self {
ModifyList { ModifyList {
valid: ModifyInvalid, valid: ModifyInvalid,
mods: Vec::new(), mods: Vec::with_capacity(0),
} }
} }
@ -137,7 +137,7 @@ impl ModifyList<ModifyInvalid> {
pe: &ProtoEntry, pe: &ProtoEntry,
qs: &mut QueryServerWriteTransaction, qs: &mut QueryServerWriteTransaction,
) -> Result<Self, OperationError> { ) -> Result<Self, OperationError> {
let mut mods = Vec::new(); let mut mods = Vec::with_capacity(0);
pe.attrs.iter().try_for_each(|(attr, vals)| { pe.attrs.iter().try_for_each(|(attr, vals)| {
// Issue a purge to the attr. // Issue a purge to the attr.

6
server/lib/src/plugins/attrunique.rs
View file

@ -115,7 +115,7 @@ fn enforce_unique<VALID, STATE>(
} }
// Now do an internal search on name and !uuid for each // Now do an internal search on name and !uuid for each
let mut cand_filters = Vec::new(); let mut cand_filters = Vec::with_capacity(0);
for ((attr, v), uuid) in cand_attr.iter() { for ((attr, v), uuid) in cand_attr.iter() {
// and[ attr eq k, andnot [ uuid eq v ]] // and[ attr eq k, andnot [ uuid eq v ]]
// Basically this says where name but also not self. // Basically this says where name but also not self.
@ -476,7 +476,7 @@ impl Plugin for AttrUnique {
schema.get_attributes_unique() schema.get_attributes_unique()
}; };
let mut res: Vec<Result<(), ConsistencyError>> = Vec::new(); let mut res: Vec<Result<(), ConsistencyError>> = Vec::with_capacity(0);
if get_cand_attr_set(&all_cand, uniqueattrs).is_err() { if get_cand_attr_set(&all_cand, uniqueattrs).is_err() {
res.push(Err(ConsistencyError::DuplicateUniqueAttribute)) res.push(Err(ConsistencyError::DuplicateUniqueAttribute))
@ -529,7 +529,7 @@ mod tests {
); );
let create = vec![e.clone(), e]; let create = vec![e.clone(), e];
let preload = Vec::new(); let preload = Vec::with_capacity(0);
run_create_test!( run_create_test!(
Err(OperationError::Plugin(PluginError::AttrUnique( Err(OperationError::Plugin(PluginError::AttrUnique(

14
server/lib/src/plugins/base.rs
View file

@ -330,7 +330,7 @@ mod tests {
// check create where no uuid // check create where no uuid
#[test] #[test]
fn test_pre_create_no_uuid() { fn test_pre_create_no_uuid() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str( let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{ r#"{
@ -366,7 +366,7 @@ mod tests {
// check unparsable uuid // check unparsable uuid
#[test] #[test]
fn test_pre_create_uuid_invalid() { fn test_pre_create_uuid_invalid() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str( let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{ r#"{
@ -396,7 +396,7 @@ mod tests {
// check entry where uuid is empty list // check entry where uuid is empty list
#[test] #[test]
fn test_pre_create_uuid_empty() { fn test_pre_create_uuid_empty() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let mut e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str( let mut e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{ r#"{
@ -429,7 +429,7 @@ mod tests {
// check create where provided uuid is valid. It should be unchanged. // check create where provided uuid is valid. It should be unchanged.
#[test] #[test]
fn test_pre_create_uuid_valid() { fn test_pre_create_uuid_valid() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str( let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{ r#"{
@ -468,7 +468,7 @@ mod tests {
#[test] #[test]
fn test_pre_create_uuid_valid_multi() { fn test_pre_create_uuid_valid_multi() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str( let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{ r#"{
@ -534,7 +534,7 @@ mod tests {
#[test] #[test]
fn test_pre_create_double_uuid() { fn test_pre_create_double_uuid() {
// Test adding two entries with the same uuid // Test adding two entries with the same uuid
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str( let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{ r#"{
@ -737,7 +737,7 @@ mod tests {
#[test] #[test]
fn test_protected_uuid_does_not_exist() { fn test_protected_uuid_does_not_exist() {
// Test that internal create of "does not exist" will fail. // Test that internal create of "does not exist" will fail.
let preload = Vec::new(); let preload = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str( let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{ r#"{

2
server/lib/src/plugins/cred_import.rs
View file

@ -176,7 +176,7 @@ mod tests {
#[test] #[test]
fn test_pre_create_password_import_1() { fn test_pre_create_password_import_1() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e = entry_init!( let e = entry_init!(
(Attribute::Class, EntryClass::Account.to_value()), (Attribute::Class, EntryClass::Account.to_value()),

2
server/lib/src/plugins/eckeygen.rs
View file

@ -104,7 +104,7 @@ mod tests {
(Attribute::Description, Value::new_utf8s("testperson")), (Attribute::Description, Value::new_utf8s("testperson")),
(Attribute::DisplayName, Value::new_utf8s("Test Person")) (Attribute::DisplayName, Value::new_utf8s("Test Person"))
); );
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let create = vec![ea]; let create = vec![ea];
run_create_test!( run_create_test!(

2
server/lib/src/plugins/jwskeygen.rs
View file

@ -113,7 +113,7 @@ mod tests {
#[test] #[test]
fn test_pre_create_oauth2_secrets() { fn test_pre_create_oauth2_secrets() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let uuid = Uuid::new_v4(); let uuid = Uuid::new_v4();
let e: Entry<EntryInit, EntryNew> = entry_init!( let e: Entry<EntryInit, EntryNew> = entry_init!(

9
server/lib/src/plugins/keyobject.rs
View file

@ -216,9 +216,12 @@ impl KeyObjectManagement {
// Turn that object into it's entry template to create. I think we need to make this // Turn that object into it's entry template to create. I think we need to make this
// some kind of merge_vs? // some kind of merge_vs?
key_object.into_valuesets()?.into_iter().try_for_each( key_object
|(attribute, valueset)| entry.merge_ava_set(attribute, valueset), .as_valuesets()?
)?; .into_iter()
.try_for_each(|(attribute, valueset)| {
entry.merge_ava_set(attribute, valueset)
})?;
Ok(()) Ok(())
}) })

10
server/lib/src/plugins/memberof.rs
View file

@ -337,7 +337,7 @@ impl Plugin for MemberOf {
#[instrument(level = "debug", name = "memberof::verify", skip_all)] #[instrument(level = "debug", name = "memberof::verify", skip_all)]
fn verify(qs: &mut QueryServerReadTransaction) -> Vec<Result<(), ConsistencyError>> { fn verify(qs: &mut QueryServerReadTransaction) -> Vec<Result<(), ConsistencyError>> {
let mut r = Vec::new(); let mut r = Vec::with_capacity(0);
let filt_in = filter!(f_pres(Attribute::Class)); let filt_in = filter!(f_pres(Attribute::Class));
@ -620,7 +620,7 @@ mod tests {
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap()); ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
let preload = Vec::new(); let preload = Vec::with_capacity(0);
let create = vec![ea, eb]; let create = vec![ea, eb];
run_create_test!( run_create_test!(
Ok(()), Ok(()),
@ -651,7 +651,7 @@ mod tests {
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap()); ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap()); eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap());
let preload = Vec::new(); let preload = Vec::with_capacity(0);
let create = vec![ea, eb, ec]; let create = vec![ea, eb, ec];
run_create_test!( run_create_test!(
Ok(()), Ok(()),
@ -703,7 +703,7 @@ mod tests {
eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap()); eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap());
ec.add_ava(Attribute::Member, Value::new_refer_s(UUID_A).unwrap()); ec.add_ava(Attribute::Member, Value::new_refer_s(UUID_A).unwrap());
let preload = Vec::new(); let preload = Vec::with_capacity(0);
let create = vec![ea, eb, ec]; let create = vec![ea, eb, ec];
run_create_test!( run_create_test!(
Ok(()), Ok(()),
@ -761,7 +761,7 @@ mod tests {
ed.add_ava(Attribute::Member, Value::new_refer_s(UUID_A).unwrap()); ed.add_ava(Attribute::Member, Value::new_refer_s(UUID_A).unwrap());
let preload = Vec::new(); let preload = Vec::with_capacity(0);
let create = vec![ea, eb, ec, ed]; let create = vec![ea, eb, ec, ed];
run_create_test!( run_create_test!(
Ok(()), Ok(()),

4
server/lib/src/plugins/namehistory.rs
View file

@ -200,7 +200,7 @@ mod tests {
(Attribute::Description, Value::new_utf8s("testperson")), (Attribute::Description, Value::new_utf8s("testperson")),
(Attribute::DisplayName, Value::new_utf8s("old name person")) (Attribute::DisplayName, Value::new_utf8s("old name person"))
); );
let preload = Vec::new(); let preload = Vec::with_capacity(0);
let create = vec![ea]; let create = vec![ea];
run_create_test!( run_create_test!(
Ok(()), Ok(()),
@ -223,7 +223,7 @@ mod tests {
#[test] #[test]
fn name_purge_and_set_with_filled_history() { fn name_purge_and_set_with_filled_history() {
let mut cids: Vec<Cid> = Vec::new(); let mut cids: Vec<Cid> = Vec::with_capacity(0);
for i in 1..AUDIT_LOG_STRING_CAPACITY { for i in 1..AUDIT_LOG_STRING_CAPACITY {
cids.push(Cid::new( cids.push(Cid::new(
uuid!("d2b496bd-8493-47b7-8142-f568b5cf47e1"), uuid!("d2b496bd-8493-47b7-8142-f568b5cf47e1"),

6
server/lib/src/plugins/refint.rs
View file

@ -317,7 +317,7 @@ impl Plugin for ReferentialIntegrity {
let schema = qs.get_schema(); let schema = qs.get_schema();
let ref_types = schema.get_reference_types(); let ref_types = schema.get_reference_types();
let mut res = Vec::new(); let mut res = Vec::with_capacity(0);
// For all cands // For all cands
for c in &all_cand { for c in &all_cand {
// For all reference in each cand. // For all reference in each cand.
@ -473,7 +473,7 @@ mod tests {
); );
let create = vec![e]; let create = vec![e];
let preload = Vec::new(); let preload = Vec::with_capacity(0);
run_create_test!( run_create_test!(
Err(OperationError::Plugin(PluginError::ReferentialIntegrity( Err(OperationError::Plugin(PluginError::ReferentialIntegrity(
"Uuid referenced not found in database".to_string() "Uuid referenced not found in database".to_string()
@ -530,7 +530,7 @@ mod tests {
// The create references itself - allow // The create references itself - allow
#[test] #[test]
fn test_create_uuid_reference_self() { fn test_create_uuid_reference_self() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::new(); let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str( let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{ r#"{

6
server/lib/src/plugins/spn.rs
View file

@ -103,7 +103,7 @@ impl Plugin for Spn {
Err(e) => return vec![e], Err(e) => return vec![e],
}; };
let mut r = Vec::new(); let mut r = Vec::with_capacity(0);
for e in all_cand { for e in all_cand {
let Some(g_spn) = e.generate_spn(&domain_name) else { let Some(g_spn) = e.generate_spn(&domain_name) else {
@ -233,7 +233,7 @@ mod tests {
); );
let create = vec![e]; let create = vec![e];
let preload = Vec::new(); let preload = Vec::with_capacity(0);
run_create_test!( run_create_test!(
Ok(()), Ok(()),
@ -286,7 +286,7 @@ mod tests {
); );
let create = vec![e]; let create = vec![e];
let preload = Vec::new(); let preload = Vec::with_capacity(0);
run_create_test!( run_create_test!(
Ok(()), Ok(()),

2
server/lib/src/plugins/valuedeny.rs
View file

@ -61,7 +61,7 @@ impl Plugin for ValueDeny {
fn verify(qs: &mut QueryServerReadTransaction) -> Vec<Result<(), ConsistencyError>> { fn verify(qs: &mut QueryServerReadTransaction) -> Vec<Result<(), ConsistencyError>> {
let denied_names = qs.denied_names().clone(); let denied_names = qs.denied_names().clone();
let mut results = Vec::new(); let mut results = Vec::with_capacity(0);
for denied_name in denied_names { for denied_name in denied_names {
let filt = filter!(f_eq(Attribute::Name, PartialValue::new_iname(&denied_name))); let filt = filter!(f_eq(Attribute::Name, PartialValue::new_iname(&denied_name)));

2
server/lib/src/repl/ruv.rs
View file

@ -907,7 +907,7 @@ impl<'a> ReplicationUpdateVectorWriteTransaction<'a> {
pub fn trim_up_to(&mut self, cid: &Cid) -> Result<IDLBitRange, OperationError> { pub fn trim_up_to(&mut self, cid: &Cid) -> Result<IDLBitRange, OperationError> {
trace!(trim_up_to_cid = ?cid); trace!(trim_up_to_cid = ?cid);
let mut idl = IDLBitRange::new(); let mut idl = IDLBitRange::new();
let mut remove_suuid = Vec::default(); let mut remove_suuid = Vec::with_capacity(0);
// Here we can use the for_each here to be trimming the // Here we can use the for_each here to be trimming the
// range set since that is not ordered by time, we need // range set since that is not ordered by time, we need

4
server/lib/src/schema.rs
View file

@ -593,7 +593,7 @@ pub trait SchemaTransaction {
fn get_reference_types(&self) -> &HashMap<AttrString, SchemaAttribute>; fn get_reference_types(&self) -> &HashMap<AttrString, SchemaAttribute>;
fn validate(&self) -> Vec<Result<(), ConsistencyError>> { fn validate(&self) -> Vec<Result<(), ConsistencyError>> {
let mut res = Vec::new(); let mut res = Vec::with_capacity(0);
let class_snapshot = self.get_classes(); let class_snapshot = self.get_classes();
let attribute_snapshot = self.get_attributes(); let attribute_snapshot = self.get_attributes();
@ -2227,7 +2227,7 @@ impl Schema {
let s = Schema { let s = Schema {
classes: CowCell::new(HashMap::with_capacity(128)), classes: CowCell::new(HashMap::with_capacity(128)),
attributes: CowCell::new(HashMap::with_capacity(128)), attributes: CowCell::new(HashMap::with_capacity(128)),
unique_cache: CowCell::new(Vec::new()), unique_cache: CowCell::new(Vec::with_capacity(0)),
ref_cache: CowCell::new(HashMap::with_capacity(64)), ref_cache: CowCell::new(HashMap::with_capacity(64)),
}; };
// let mut sw = task::block_on(s.write()); // let mut sw = task::block_on(s.write());

8
server/lib/src/server/access/mod.rs
View file

@ -1029,10 +1029,10 @@ impl Default for AccessControls {
fn default() -> Self { fn default() -> Self {
AccessControls { AccessControls {
inner: CowCell::new(AccessControlsInner { inner: CowCell::new(AccessControlsInner {
acps_search: Vec::new(), acps_search: Vec::with_capacity(0),
acps_create: Vec::new(), acps_create: Vec::with_capacity(0),
acps_modify: Vec::new(), acps_modify: Vec::with_capacity(0),
acps_delete: Vec::new(), acps_delete: Vec::with_capacity(0),
sync_agreements: HashMap::default(), sync_agreements: HashMap::default(),
}), }),
// Allow the expect, if this fails it represents a programming/development // Allow the expect, if this fails it represents a programming/development

2
server/lib/src/server/keys/internal.rs
View file

@ -924,7 +924,7 @@ impl KeyObjectT for KeyObjectInternal {
Ok(None) Ok(None)
} }
fn into_valuesets(&self) -> Result<Vec<(Attribute, ValueSet)>, OperationError> { fn as_valuesets(&self) -> Result<Vec<(Attribute, ValueSet)>, OperationError> {
let key_iter = self let key_iter = self
.jws_es256 .jws_es256
.iter() .iter()

2
server/lib/src/server/keys/object.rs
View file

@ -44,7 +44,7 @@ pub trait KeyObjectT {
fn jwe_decrypt(&self, jwec: &JweCompact) -> Result<Jwe, OperationError>; fn jwe_decrypt(&self, jwec: &JweCompact) -> Result<Jwe, OperationError>;
fn into_valuesets(&self) -> Result<Vec<(Attribute, ValueSet)>, OperationError>; fn as_valuesets(&self) -> Result<Vec<(Attribute, ValueSet)>, OperationError>;
fn duplicate(&self) -> KeyObject; fn duplicate(&self) -> KeyObject;

4
server/lib/src/server/mod.rs
View file

@ -824,7 +824,7 @@ pub trait QueryServerTransaction<'a> {
.collect(); .collect();
v v
} else if let Some(r_map) = value.as_oauthclaim_map() { } else if let Some(r_map) = value.as_oauthclaim_map() {
let mut v = Vec::new(); let mut v = Vec::with_capacity(0);
for (claim_name, mapping) in r_map.iter() { for (claim_name, mapping) in r_map.iter() {
for (group_ref, claims) in mapping.values() { for (group_ref, claims) in mapping.values() {
let join_char = mapping.join().to_str(); let join_char = mapping.join().to_str();
@ -1133,7 +1133,7 @@ impl<'a> QueryServerReadTransaction<'a> {
// If anything error to this point we can't trust the verifications below. From // If anything error to this point we can't trust the verifications below. From
// here we can just amass results. // here we can just amass results.
let mut results = Vec::new(); let mut results = Vec::with_capacity(0);
// Verify all our entries. Weird flex I know, but it's needed for verifying // Verify all our entries. Weird flex I know, but it's needed for verifying
// the entry changelogs are consistent to their entries. // the entry changelogs are consistent to their entries.

10
server/lib/src/valueset/key_internal.rs
View file

@ -395,7 +395,7 @@ mod tests {
let valid_from = 0; let valid_from = 0;
let status = KeyStatus::Valid; let status = KeyStatus::Valid;
let status_cid = Cid::new_zero(); let status_cid = Cid::new_zero();
let der = Vec::default(); let der = Vec::with_capacity(0);
let mut vs_a: ValueSet = let mut vs_a: ValueSet =
ValueSetKeyInternal::new(kid.clone(), usage, valid_from, status, status_cid, der); ValueSetKeyInternal::new(kid.clone(), usage, valid_from, status, status_cid, der);
@ -430,7 +430,7 @@ mod tests {
let valid_from = 0; let valid_from = 0;
let status = KeyStatus::Valid; let status = KeyStatus::Valid;
let status_cid = Cid::new_zero(); let status_cid = Cid::new_zero();
let der = Vec::default(); let der = Vec::with_capacity(0);
let mut vs_a: ValueSet = ValueSetKeyInternal::new( let mut vs_a: ValueSet = ValueSetKeyInternal::new(
kid.clone(), kid.clone(),
@ -464,7 +464,7 @@ mod tests {
let valid_from = 0; let valid_from = 0;
let status = KeyStatus::Valid; let status = KeyStatus::Valid;
let status_cid = Cid::new_zero(); let status_cid = Cid::new_zero();
let der = Vec::default(); let der = Vec::with_capacity(0);
let vs_a: ValueSet = ValueSetKeyInternal::new( let vs_a: ValueSet = ValueSetKeyInternal::new(
kid.clone(), kid.clone(),
@ -501,7 +501,7 @@ mod tests {
let zero_cid = Cid::new_zero(); let zero_cid = Cid::new_zero();
let one_cid = Cid::new_count(1); let one_cid = Cid::new_count(1);
let two_cid = Cid::new_count(2); let two_cid = Cid::new_count(2);
let der = Vec::default(); let der = Vec::with_capacity(0);
let kid_2 = "key_2".to_string(); let kid_2 = "key_2".to_string();
@ -564,7 +564,7 @@ mod tests {
let zero_cid = Cid::new_zero(); let zero_cid = Cid::new_zero();
let one_cid = Cid::new_count(1); let one_cid = Cid::new_count(1);
let two_cid = Cid::new_count(2); let two_cid = Cid::new_count(2);
let der = Vec::default(); let der = Vec::with_capacity(0);
let kid_2 = "key_2".to_string(); let kid_2 = "key_2".to_string();

2
tools/orca/src/main.rs
View file

@ -1,4 +1,4 @@
#![deny(warnings)] // #![deny(warnings)]
#![warn(unused_extern_crates)] #![warn(unused_extern_crates)]
#![allow(clippy::panic)] #![allow(clippy::panic)]
#![deny(clippy::unreachable)] #![deny(clippy::unreachable)]