From 33f0034b80990112289534c9b7e8f72df511ac2e Mon Sep 17 00:00:00 2001 From: Firstyear Date: Wed, 26 Apr 2023 21:55:42 +1000 Subject: [PATCH] 20230424 clippppppppppppyyyyyyyy (#1574) * Resolve a lot of clips --- proto/src/messages.rs | 9 +- server/core/src/config.rs | 9 +- server/core/src/https/mod.rs | 10 +- server/lib/benches/scaling_10k.rs | 1 - server/lib/src/constants/acp.rs | 122 ++++++++++++++++--------- server/lib/src/credential/mod.rs | 27 ++++-- server/lib/src/filter.rs | 28 +++--- server/lib/src/idm/authsession.rs | 6 +- server/lib/src/idm/ldap.rs | 2 +- server/lib/src/idm/oauth2.rs | 21 +++-- server/lib/src/repl/entry.rs | 2 +- server/lib/src/schema.rs | 3 +- server/lib/src/server/access/create.rs | 2 +- server/lib/src/server/access/delete.rs | 2 +- server/lib/src/server/access/search.rs | 37 ++++---- server/lib/src/utils.rs | 5 +- server/lib/src/valueset/cred.rs | 12 +-- server/lib/src/valueset/session.rs | 7 +- server/testkit/tests/proto_v1_test.rs | 4 +- server/web_ui/src/views/security.rs | 2 +- tools/cli/src/cli/domain.rs | 2 +- tools/cli/src/cli/group.rs | 11 ++- tools/cli/src/cli/serviceaccount.rs | 2 +- unix_integration/build.rs | 2 +- unix_integration/src/cache.rs | 4 +- 25 files changed, 182 insertions(+), 150 deletions(-) diff --git a/proto/src/messages.rs b/proto/src/messages.rs index be7637f5e..e172b8d67 100644 --- a/proto/src/messages.rs +++ b/proto/src/messages.rs @@ -7,19 +7,14 @@ use serde::{Deserialize, Serialize}; /// This is used in user-facing CLIs to set the formatting for output, /// and defaults to text. -#[derive(Debug, Serialize, Deserialize, Clone, Copy, PartialEq, Eq)] +#[derive(Debug, Serialize, Deserialize, Clone, Copy, PartialEq, Eq, Default)] #[serde(rename_all = "lowercase")] pub enum ConsoleOutputMode { + #[default] Text, JSON, } -impl Default for ConsoleOutputMode { - fn default() -> Self { - ConsoleOutputMode::Text - } -} - impl FromStr for ConsoleOutputMode { type Err = &'static str; diff --git a/server/core/src/config.rs b/server/core/src/config.rs index f2c852ec4..7cd29803f 100644 --- a/server/core/src/config.rs +++ b/server/core/src/config.rs @@ -75,19 +75,14 @@ impl ServerConfig { } } -#[derive(Debug, Serialize, Deserialize, Clone, Copy)] +#[derive(Debug, Serialize, Deserialize, Clone, Copy, Default)] pub enum ServerRole { + #[default] WriteReplica, WriteReplicaNoUI, ReadOnlyReplica, } -impl Default for ServerRole { - fn default() -> Self { - ServerRole::WriteReplica - } -} - impl ToString for ServerRole { fn to_string(&self) -> String { match self { diff --git a/server/core/src/https/mod.rs b/server/core/src/https/mod.rs index 166d598e8..7637caa38 100644 --- a/server/core/src/https/mod.rs +++ b/server/core/src/https/mod.rs @@ -294,12 +294,10 @@ async fn index_view(req: tide::Request) -> tide::Result { pub fn generate_integrity_hash(filename: String) -> Result { let wasm_filepath = PathBuf::from(filename); match wasm_filepath.exists() { - false => { - return Err(format!( - "Can't find {:?} to generate file hash", - &wasm_filepath - )); - } + false => Err(format!( + "Can't find {:?} to generate file hash", + &wasm_filepath + )), true => { let filecontents = match std::fs::read(&wasm_filepath) { Ok(value) => value, diff --git a/server/lib/benches/scaling_10k.rs b/server/lib/benches/scaling_10k.rs index fab9ab052..0742960b1 100644 --- a/server/lib/benches/scaling_10k.rs +++ b/server/lib/benches/scaling_10k.rs @@ -77,7 +77,6 @@ pub fn scaling_user_create_batched(c: &mut Criterion) { println!("iters, size -> {iters:?}, {size:?}"); let data: Vec<_> = (0..size) - .into_iter() .map(|i| { let name = format!("testperson_{i}"); entry_init!( diff --git a/server/lib/src/constants/acp.rs b/server/lib/src/constants/acp.rs index cf709b743..05d48a01c 100644 --- a/server/lib/src/constants/acp.rs +++ b/server/lib/src/constants/acp.rs @@ -1,3 +1,5 @@ +#![allow(clippy::expect_used)] + use crate::constants::uuids::*; ///! Constant Entries for the IDM use crate::constants::values::*; @@ -18,7 +20,8 @@ lazy_static! { ("acp_receiver_group", Value::Refer(UUID_SYSTEM_ADMINS)), ( "acp_targetscope", - Value::new_json_filter_s("{\"eq\": [\"class\", \"recycled\"]}").unwrap() + Value::new_json_filter_s("{\"eq\": [\"class\", \"recycled\"]}") + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("class")), @@ -41,7 +44,8 @@ lazy_static! { ("acp_receiver_group", Value::Refer(UUID_SYSTEM_ADMINS)), ( "acp_targetscope", - Value::new_json_filter_s("{\"eq\":[\"class\",\"recycled\"]}").unwrap() + Value::new_json_filter_s("{\"eq\":[\"class\",\"recycled\"]}") + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("class")), ("acp_modify_class", Value::new_iutf8("recycled")) @@ -64,7 +68,7 @@ lazy_static! { ("acp_receiver_group", Value::Refer(UUID_IDM_ALL_ACCOUNTS)), ( "acp_targetscope", - Value::new_json_filter_s("\"self\"").unwrap() + Value::new_json_filter_s("\"self\"").expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("spn")), @@ -108,7 +112,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"person\"]}, {\"eq\": [\"class\",\"account\"]}, \"self\"]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("name")), ("acp_modify_removedattr", Value::new_iutf8("displayname")), @@ -152,7 +157,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"person\"]}, {\"eq\": [\"class\",\"account\"]}, \"self\"]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("mail")), ("acp_modify_presentattr", Value::new_iutf8("mail")) @@ -178,7 +184,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"pres\": \"class\"}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("spn")), @@ -212,7 +219,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"person\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("displayname")), @@ -240,7 +248,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"person\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("name")), ("acp_modify_removedattr", Value::new_iutf8("displayname")), @@ -274,7 +283,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"eq\": [\"class\",\"person\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_create_attr", Value::new_iutf8("class")), ("acp_create_attr", Value::new_iutf8("name")), @@ -316,7 +326,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"person\"]}, {\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("password_import")), ("acp_modify_presentattr", Value::new_iutf8("password_import")) @@ -342,7 +353,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("name")), ("acp_modify_removedattr", Value::new_iutf8("displayname")), @@ -376,7 +388,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"person\"]}, {\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("displayname")), @@ -410,8 +423,8 @@ lazy_static! { ), ( "acp_targetscope", - #[allow(clippy::expect_used)] - Value::new_json_filter_s("{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}").expect("filter") + Value::new_json_filter_s("{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}") + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("mail")) ); @@ -436,7 +449,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"person\"]}, {\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("name")), ("acp_modify_removedattr", Value::new_iutf8("displayname")), @@ -468,7 +482,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("name")), ("acp_modify_removedattr", Value::new_iutf8("displayname")), @@ -505,7 +520,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"group\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("uuid")), @@ -541,7 +557,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("name")), @@ -581,7 +598,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("name")), ("acp_modify_removedattr", Value::new_iutf8("displayname")), @@ -628,7 +646,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_create_attr", Value::new_iutf8("class")), ("acp_create_attr", Value::new_iutf8("name")), @@ -670,7 +689,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("radius_secret")) ); @@ -695,7 +715,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("radius_secret")), ("acp_modify_presentattr", Value::new_iutf8("radius_secret")) @@ -722,7 +743,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"pres\": \"class\"}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("spn")), @@ -750,7 +772,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("name")), @@ -788,7 +811,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_modify_removedattr", Value::new_iutf8("name")), ("acp_modify_removedattr", Value::new_iutf8("displayname")), @@ -833,7 +857,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"group\"]}, {\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("uuid")), @@ -871,7 +896,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"attributetype\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("description")), @@ -930,7 +956,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"access_control_profile\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("name")), @@ -1020,7 +1047,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"classtype\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("classname")), @@ -1071,7 +1099,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"group\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_create_attr", Value::new_iutf8("class")), ("acp_create_attr", Value::new_iutf8("name")), @@ -1102,7 +1131,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_create_attr", Value::new_iutf8("class")), ("acp_create_attr", Value::new_iutf8("name")), @@ -1140,7 +1170,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"group\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_create_attr", Value::new_iutf8("class")), ("acp_create_attr", Value::new_iutf8("name")), @@ -1171,7 +1202,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"uuid\",\"00000000-0000-0000-0000-ffffff000025\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("uuid")), @@ -1215,7 +1247,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"uuid\",\"00000000-0000-0000-0000-ffffff000027\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("name")), ("acp_search_attr", Value::new_iutf8("uuid")), @@ -1246,7 +1279,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("name")), @@ -1287,7 +1321,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"group\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("name")), @@ -1323,7 +1358,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("name")), @@ -1364,7 +1400,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"group\"]}, {\"eq\": [\"memberof\",\"00000000-0000-0000-0000-000000001000\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("name")), @@ -1402,7 +1439,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"oauth2_resource_server\"]},{\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("description")), @@ -1486,7 +1524,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"account\"]}, {\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("name")), @@ -1520,7 +1559,8 @@ lazy_static! { "acp_targetscope", Value::new_json_filter_s( "{\"and\": [{\"eq\": [\"class\",\"sync_account\"]},{\"andnot\": {\"or\": [{\"eq\": [\"class\", \"tombstone\"]}, {\"eq\": [\"class\", \"recycled\"]}]}}]}" - ).unwrap() + ) + .expect("Invalid JSON filter") ), ("acp_search_attr", Value::new_iutf8("class")), ("acp_search_attr", Value::new_iutf8("name")), diff --git a/server/lib/src/credential/mod.rs b/server/lib/src/credential/mod.rs index 4ed218564..4ad09566d 100644 --- a/server/lib/src/credential/mod.rs +++ b/server/lib/src/credential/mod.rs @@ -369,7 +369,7 @@ impl TryFrom for Credential { } impl Credential { - pub fn try_from_repl_v1(rc: &ReplCredV1) -> Result<(String, Self), ()> { + pub fn try_from_repl_v1(rc: &ReplCredV1) -> Result<(String, Self), OperationError> { match rc { ReplCredV1::TmpWn { tag, set } => { let m_uuid: Option = set.get(0).map(|v| v.uuid); @@ -382,7 +382,7 @@ impl Credential { match (m_uuid, type_.is_valid()) { (Some(uuid), true) => Ok((tag.clone(), Credential { type_, uuid })), - _ => Err(()), + _ => Err(OperationError::InvalidValueState), } } ReplCredV1::Password { @@ -390,12 +390,13 @@ impl Credential { password, uuid, } => { - let v_password = Password::try_from(password)?; + let v_password = + Password::try_from(password).map_err(|()| OperationError::InvalidValueState)?; let type_ = CredentialType::Password(v_password); if type_.is_valid() { Ok((tag.clone(), Credential { type_, uuid: *uuid })) } else { - Err(()) + Err(OperationError::InvalidValueState) } } ReplCredV1::GenPassword { @@ -403,12 +404,13 @@ impl Credential { password, uuid, } => { - let v_password = Password::try_from(password)?; + let v_password = + Password::try_from(password).map_err(|()| OperationError::InvalidValueState)?; let type_ = CredentialType::GeneratedPassword(v_password); if type_.is_valid() { Ok((tag.clone(), Credential { type_, uuid: *uuid })) } else { - Err(()) + Err(OperationError::InvalidValueState) } } ReplCredV1::PasswordMfa { @@ -419,15 +421,20 @@ impl Credential { webauthn, uuid, } => { - let v_password = Password::try_from(password)?; + let v_password = + Password::try_from(password).map_err(|()| OperationError::InvalidValueState)?; let v_totp = totp .iter() .map(|(l, dbt)| Totp::try_from(dbt).map(|t| (l.clone(), t))) - .collect::, _>>()?; + .collect::, _>>() + .map_err(|()| OperationError::InvalidValueState)?; let v_backup_code = match backup_code { - Some(rbc) => Some(BackupCodes::try_from(rbc)?), + Some(rbc) => Some( + BackupCodes::try_from(rbc) + .map_err(|()| OperationError::InvalidValueState)?, + ), None => None, }; @@ -442,7 +449,7 @@ impl Credential { if type_.is_valid() { Ok((tag.clone(), Credential { type_, uuid: *uuid })) } else { - Err(()) + Err(OperationError::InvalidValueState) } } } diff --git a/server/lib/src/filter.rs b/server/lib/src/filter.rs index 637540b31..78fff4a1c 100644 --- a/server/lib/src/filter.rs +++ b/server/lib/src/filter.rs @@ -279,13 +279,13 @@ impl Filter { } } - pub fn resolve<'a>( + pub fn resolve( &self, ev: &Identity, idxmeta: Option<&IdxMeta>, mut rsv_cache: Option< &mut ARCacheReadTxn< - 'a, + '_, (IdentityId, Filter), Filter, (), @@ -1493,19 +1493,19 @@ mod tests { let f_t1b = filter!(f_pres("userid")); let f_t1c = filter!(f_pres("zzzz")); - assert_eq!(f_t1a == f_t1b, true); - assert_eq!(f_t1a == f_t1c, false); - assert_eq!(f_t1b == f_t1c, false); + assert!(f_t1a == f_t1b); + assert!(f_t1a != f_t1c); + assert!(f_t1b != f_t1c); let f_t2a = filter!(f_and!([f_pres("userid")])); let f_t2b = filter!(f_and!([f_pres("userid")])); let f_t2c = filter!(f_and!([f_pres("zzzz")])); - assert_eq!(f_t2a == f_t2b, true); - assert_eq!(f_t2a == f_t2c, false); - assert_eq!(f_t2b == f_t2c, false); + assert!(f_t2a == f_t2b); + assert!(f_t2a != f_t2c); + assert!(f_t2b != f_t2c); - assert_eq!(f_t2c == f_t1a, false); - assert_eq!(f_t2c == f_t1c, false); + assert!(f_t2c != f_t1a); + assert!(f_t2c != f_t1c); } #[test] @@ -1547,15 +1547,15 @@ mod tests { let f_t1b = f_t1a.clone(); let f_t1c = unsafe { filter_resolved!(f_pres("zzzz")) }; - assert_eq!(f_t1a == f_t1b, true); - assert_eq!(f_t1a == f_t1c, false); + assert!(f_t1a == f_t1b); + assert!(f_t1a != f_t1c); let f_t2a = unsafe { filter_resolved!(f_and!([f_pres("userid")])) }; let f_t2b = f_t2a.clone(); let f_t2c = unsafe { filter_resolved!(f_and!([f_pres("zzzz")])) }; - assert_eq!(f_t2a == f_t2b, true); - assert_eq!(f_t2a == f_t2c, false); + assert!(f_t2a == f_t2b); + assert!(f_t2a != f_t2c); } #[test] diff --git a/server/lib/src/idm/authsession.rs b/server/lib/src/idm/authsession.rs index 1a73bb4c3..27f013ef5 100644 --- a/server/lib/src/idm/authsession.rs +++ b/server/lib/src/idm/authsession.rs @@ -891,7 +891,7 @@ impl AuthSession { issue, intent: AuthIntent::Reauth { session_id, - session_expiry: session.expiry.clone(), + session_expiry: session.expiry, }, }; @@ -1016,7 +1016,7 @@ impl AuthSession { ) { CredState::Success { auth_type, cred_id } => { // Issue the uat based on a set of factors. - let uat = self.issue_uat(auth_type, time, async_tx, cred_id)?; + let uat = self.issue_uat(&auth_type, time, async_tx, cred_id)?; let jwt = Jws::new(uat); // Now encrypt and prepare the token for return to the client. @@ -1072,7 +1072,7 @@ impl AuthSession { fn issue_uat( &mut self, - auth_type: AuthType, + auth_type: &AuthType, time: Duration, async_tx: &Sender, cred_id: Uuid, diff --git a/server/lib/src/idm/ldap.rs b/server/lib/src/idm/ldap.rs index 0861f74db..d3b24e94b 100644 --- a/server/lib/src/idm/ldap.rs +++ b/server/lib/src/idm/ldap.rs @@ -73,7 +73,7 @@ impl LdapServer { .or_else(|| { domain_entry .get_ava_single_iname("domain_name") - .map(|domain_name| ldap_domain_to_dc(domain_name)) + .map(ldap_domain_to_dc) }) .ok_or(OperationError::InvalidEntryState)?; diff --git a/server/lib/src/idm/oauth2.rs b/server/lib/src/idm/oauth2.rs index f0b7e9739..de0ff5b70 100644 --- a/server/lib/src/idm/oauth2.rs +++ b/server/lib/src/idm/oauth2.rs @@ -596,15 +596,15 @@ impl<'a> IdmServerProxyWriteTransaction<'a> { code_verifier, } => self.check_oauth2_token_exchange_authorization_code( o2rs, - &code, - &redirect_uri, + code, + redirect_uri, code_verifier.as_deref(), ct, ), GrantTypeReq::RefreshToken { refresh_token, scope, - } => self.check_oauth2_token_refresh(o2rs, &refresh_token, scope.as_ref(), ct), + } => self.check_oauth2_token_refresh(o2rs, refresh_token, scope.as_ref(), ct), } } @@ -730,7 +730,6 @@ impl<'a> IdmServerProxyWriteTransaction<'a> { if let Some(code_challenge) = code_xchg.code_challenge { // Validate the code_verifier let code_verifier = token_req_code_verifier - .as_deref() .ok_or_else(|| { security_info!("PKCE code verification failed - code challenge is present, but no verifier was provided"); Oauth2Error::InvalidRequest @@ -804,7 +803,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> { // Validate the refresh token decrypts and it's expiry is within the valid window. let token: Oauth2TokenType = o2rs .token_fernet - .decrypt(&refresh_token) + .decrypt(refresh_token) .map_err(|_| { admin_error!("Failed to decrypt refresh token request"); Oauth2Error::InvalidRequest @@ -951,7 +950,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> { let expiry = odt_ct + Duration::from_secs(OAUTH2_ACCESS_TOKEN_EXPIRY as u64); let expires_in = OAUTH2_ACCESS_TOKEN_EXPIRY; - let refresh_expiry = odt_ct + Duration::from_secs(OAUTH_REFRESH_TOKEN_EXPIRY as u64); + let refresh_expiry = odt_ct + Duration::from_secs(OAUTH_REFRESH_TOKEN_EXPIRY); let scope = if scopes.is_empty() { None @@ -1053,7 +1052,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> { .encrypt_at_time(&access_token_data, ct.as_secs()); let refresh_token_raw = Oauth2TokenType::Refresh { - scopes: scopes, + scopes, parent_session_id, session_id, expiry: refresh_expiry, @@ -1877,7 +1876,7 @@ fn str_join(set: &BTreeSet) -> String { let alloc_len = set.iter().fold(0, |acc, s| acc + s.len() + 1); let mut buf = String::with_capacity(alloc_len); set.iter().for_each(|s| { - buf.push_str(&s); + buf.push_str(s); buf.push(' '); }); @@ -3250,7 +3249,7 @@ mod tests { assert!(oidc.nonce == Some("abcdef".to_string())); assert!(oidc.at_hash.is_none()); assert!(oidc.acr.is_none()); - assert!(oidc.amr == None); + assert!(oidc.amr.is_none()); assert!(oidc.azp == Some("test_resource_server".to_string())); assert!(oidc.jti.is_none()); assert!(oidc.s_claims.name == Some("System Administrator".to_string())); @@ -4286,7 +4285,9 @@ mod tests { let (access_token_response_1, mut client_authz) = setup_refresh_token(idms, idms_delayed, ct).await; - client_authz.as_mut().map(|s| s.push_str("invalid")); + if let Some(s) = client_authz.as_mut() { + s.push_str("invalid") + } // ============================================ // Refresh with invalid client authz diff --git a/server/lib/src/repl/entry.rs b/server/lib/src/repl/entry.rs index 74f9857c5..8dab8f1d7 100644 --- a/server/lib/src/repl/entry.rs +++ b/server/lib/src/repl/entry.rs @@ -68,7 +68,7 @@ impl EntryChangeState { } } State::Tombstone { .. } => { - assert!(false) + unreachable!(); } } } diff --git a/server/lib/src/schema.rs b/server/lib/src/schema.rs index 95ae49b5a..0db931017 100644 --- a/server/lib/src/schema.rs +++ b/server/lib/src/schema.rs @@ -499,7 +499,8 @@ pub trait SchemaTransaction { match self.get_attributes().get(attr) { Some(a_schema) => { // We'll likely add more conditions here later. - !(a_schema.phantom || !a_schema.replicated) + // Allow items that are replicated and not phantoms + a_schema.replicated && !a_schema.phantom } None => { warn!( diff --git a/server/lib/src/server/access/create.rs b/server/lib/src/server/access/create.rs index b69840f49..8767ae174 100644 --- a/server/lib/src/server/access/create.rs +++ b/server/lib/src/server/access/create.rs @@ -143,7 +143,7 @@ fn create_filter_entry<'a>( } } -fn protected_filter_entry<'a>(ident: &Identity, entry: &'a Entry) -> IResult { +fn protected_filter_entry(ident: &Identity, entry: &Entry) -> IResult { match &ident.origin { IdentType::Internal => { trace!("Internal operation, protected rules do not apply."); diff --git a/server/lib/src/server/access/delete.rs b/server/lib/src/server/access/delete.rs index 3eb02134b..3f163eb97 100644 --- a/server/lib/src/server/access/delete.rs +++ b/server/lib/src/server/access/delete.rs @@ -101,7 +101,7 @@ fn delete_filter_entry<'a>( } } -fn protected_filter_entry<'a>(ident: &Identity, entry: &'a Arc) -> IResult { +fn protected_filter_entry(ident: &Identity, entry: &Arc) -> IResult { match &ident.origin { IdentType::Internal => { trace!("Internal operation, protected rules do not apply."); diff --git a/server/lib/src/server/access/search.rs b/server/lib/src/server/access/search.rs index 9bfcae9db..134ec50c2 100644 --- a/server/lib/src/server/access/search.rs +++ b/server/lib/src/server/access/search.rs @@ -118,31 +118,30 @@ fn search_oauth2_filter_entry<'a>( match &ident.origin { IdentType::Internal | IdentType::Synch(_) => AccessResult::Ignore, IdentType::User(iuser) => { - if entry + let contains_o2_rs = entry .get_ava_as_iutf8("class") .map(|set| { trace!(?set); set.contains("oauth2_resource_server") }) - .unwrap_or(false) - { - if entry - .get_ava_as_oauthscopemaps("oauth2_rs_scope_map") - .and_then(|maps| ident.get_memberof().map(|mo| (maps, mo))) - .map(|(maps, mo)| maps.keys().any(|k| mo.contains(k))) - .unwrap_or(false) - { - security_access!(entry = ?entry.get_uuid(), ident = ?iuser.entry.get_uuid2rdn(), "ident is a memberof a group granted an oauth2 scope by this entry"); + .unwrap_or(false); + let contains_o2_scope_member = entry + .get_ava_as_oauthscopemaps("oauth2_rs_scope_map") + .and_then(|maps| ident.get_memberof().map(|mo| (maps, mo))) + .map(|(maps, mo)| maps.keys().any(|k| mo.contains(k))) + .unwrap_or(false); - return AccessResult::Allow(btreeset!( - "class", - "displayname", - "uuid", - "oauth2_rs_name", - "oauth2_rs_origin", - "oauth2_rs_origin_landing" - )); - } + if contains_o2_rs && contains_o2_scope_member { + security_access!(entry = ?entry.get_uuid(), ident = ?iuser.entry.get_uuid2rdn(), "ident is a memberof a group granted an oauth2 scope by this entry"); + + return AccessResult::Allow(btreeset!( + "class", + "displayname", + "uuid", + "oauth2_rs_name", + "oauth2_rs_origin", + "oauth2_rs_origin_landing" + )); } AccessResult::Ignore } diff --git a/server/lib/src/utils.rs b/server/lib/src/utils.rs index 616fe4139..af91ad5e5 100644 --- a/server/lib/src/utils.rs +++ b/server/lib/src/utils.rs @@ -52,10 +52,7 @@ pub fn password_from_random() -> String { } pub fn backup_code_from_random() -> HashSet { - (0..8) - .into_iter() - .map(|_| readable_password_from_random()) - .collect() + (0..8).map(|_| readable_password_from_random()).collect() } pub fn readable_password_from_random() -> String { diff --git a/server/lib/src/valueset/cred.rs b/server/lib/src/valueset/cred.rs index 3ccbe8a7b..ee5c53677 100644 --- a/server/lib/src/valueset/cred.rs +++ b/server/lib/src/valueset/cred.rs @@ -46,9 +46,7 @@ impl ValueSetCredential { pub fn from_repl_v1(data: &[ReplCredV1]) -> Result { let map = data .iter() - .map(|dc| { - Credential::try_from_repl_v1(dc).map_err(|()| OperationError::InvalidValueState) - }) + .map(Credential::try_from_repl_v1) .collect::>()?; Ok(Box::new(ValueSetCredential { map })) } @@ -468,9 +466,7 @@ impl ValueSetPasskey { let map = data .iter() .cloned() - .map(|k| match k { - ReplPasskeyV4V1 { uuid, tag, key } => Ok((uuid, (tag, key))), - }) + .map(|ReplPasskeyV4V1 { uuid, tag, key }| Ok((uuid, (tag, key)))) .collect::>()?; Ok(Box::new(ValueSetPasskey { map })) } @@ -654,9 +650,7 @@ impl ValueSetDeviceKey { let map = data .iter() .cloned() - .map(|k| match k { - ReplDeviceKeyV4V1 { uuid, tag, key } => Ok((uuid, (tag, key))), - }) + .map(|ReplDeviceKeyV4V1 { uuid, tag, key }| Ok((uuid, (tag, key)))) .collect::>()?; Ok(Box::new(ValueSetDeviceKey { map })) } diff --git a/server/lib/src/valueset/session.rs b/server/lib/src/valueset/session.rs index 51ecb1fb7..e8034f00a 100644 --- a/server/lib/src/valueset/session.rs +++ b/server/lib/src/valueset/session.rs @@ -455,8 +455,7 @@ impl ValueSetT for ValueSetSession { let map = self .as_session_map() .iter() - .map(|m| m.iter()) - .flatten() + .flat_map(|m| m.iter()) .map( |( u, @@ -473,8 +472,8 @@ impl ValueSetT for ValueSetSession { *u, ApiToken { label: label.clone(), - expiry: expiry.clone(), - issued_at: issued_at.clone(), + expiry: *expiry, + issued_at: *issued_at, issued_by: issued_by.clone(), scope: match scope { SessionScope::Synchronise => ApiTokenScope::Synchronise, diff --git a/server/testkit/tests/proto_v1_test.rs b/server/testkit/tests/proto_v1_test.rs index 13fda57c4..cf3697967 100644 --- a/server/testkit/tests/proto_v1_test.rs +++ b/server/testkit/tests/proto_v1_test.rs @@ -1371,7 +1371,7 @@ async fn test_server_user_auth_reauthentication(rsclient: KanidmClient) { .expect("Unable to open up token."); let now = time::OffsetDateTime::now_utc(); - assert!(uat.purpose_readwrite_active(now) == false); + assert!(!uat.purpose_readwrite_active(now)); // The auth is done, now we have to setup to re-auth for our session. // Should we bother looking at the internals of the token here to assert @@ -1407,5 +1407,5 @@ async fn test_server_user_auth_reauthentication(rsclient: KanidmClient) { let now = time::OffsetDateTime::now_utc(); eprintln!("{:?} {:?}", now, uat.purpose); - assert!(uat.purpose_readwrite_active(now) == true); + assert!(uat.purpose_readwrite_active(now)); } diff --git a/server/web_ui/src/views/security.rs b/server/web_ui/src/views/security.rs index b5ba37597..678eed3b7 100644 --- a/server/web_ui/src/views/security.rs +++ b/server/web_ui/src/views/security.rs @@ -130,7 +130,7 @@ impl Component for SecurityApp { let isotime: String = jsdate.to_iso_string().into(); // TODO: Actually check the time of expiry on the uat and have a timer set that // re-locks things nicely. - let time = time::OffsetDateTime::parse(&isotime, time::Format::Rfc3339) + let time = time::OffsetDateTime::parse(isotime, time::Format::Rfc3339) .map(|odt| odt + time::Duration::new(60, 0)) .expect_throw("Unable to process time stamp"); diff --git a/tools/cli/src/cli/domain.rs b/tools/cli/src/cli/domain.rs index bef2de279..24a25f498 100644 --- a/tools/cli/src/cli/domain.rs +++ b/tools/cli/src/cli/domain.rs @@ -32,7 +32,7 @@ impl DomainOpt { new_basedn ); let client = copt.to_client(OpType::Write).await; - match client.idm_domain_set_ldap_basedn(&new_basedn).await { + match client.idm_domain_set_ldap_basedn(new_basedn).await { Ok(_) => println!("Success"), Err(e) => eprintln!("{:?}", e), } diff --git a/tools/cli/src/cli/group.rs b/tools/cli/src/cli/group.rs index 499b98f3b..2f7a2c8d3 100644 --- a/tools/cli/src/cli/group.rs +++ b/tools/cli/src/cli/group.rs @@ -27,7 +27,11 @@ impl GroupOpt { match client.idm_group_list().await { Ok(r) => r.iter().for_each(|ent| match copt.output_mode.as_str() { "json" => { - println!("{}", serde_json::to_string(&ent.attrs).unwrap()); + println!( + "{}", + serde_json::to_string(&ent.attrs) + .expect("Failed to serialise json") + ); } _ => println!("{}", ent), }), @@ -40,7 +44,10 @@ impl GroupOpt { match client.idm_group_get(gcopt.name.as_str()).await { Ok(Some(e)) => match gcopt.copt.output_mode.as_str() { "json" => { - println!("{}", serde_json::to_string(&e.attrs).unwrap()); + println!( + "{}", + serde_json::to_string(&e.attrs).expect("Failed to serialise json") + ); } _ => println!("{}", e), }, diff --git a/tools/cli/src/cli/serviceaccount.rs b/tools/cli/src/cli/serviceaccount.rs index a82b52897..5b615a9ad 100644 --- a/tools/cli/src/cli/serviceaccount.rs +++ b/tools/cli/src/cli/serviceaccount.rs @@ -148,7 +148,7 @@ impl ServiceAccountOpt { src_user: copt.username.clone().unwrap(), dest_user: aopts.account_id.clone(), }; - println!("{}", message.to_string()); + println!("{}", message); } _ => { println!("Success: This token will only be displayed ONCE"); diff --git a/unix_integration/build.rs b/unix_integration/build.rs index f361c8d3b..ea0a55434 100644 --- a/unix_integration/build.rs +++ b/unix_integration/build.rs @@ -52,7 +52,7 @@ fn main() { Shell::Bash, &mut KanidmUnixParser::command(), "kanidm_unix", - comp_dir.clone(), + comp_dir, ) .ok(); } diff --git a/unix_integration/src/cache.rs b/unix_integration/src/cache.rs index 9e5cd8337..d2d442ab8 100644 --- a/unix_integration/src/cache.rs +++ b/unix_integration/src/cache.rs @@ -15,7 +15,7 @@ use crate::db::Db; use crate::unix_config::{HomeAttr, UidAttr}; use crate::unix_proto::{HomeDirectoryInfo, NssGroup, NssUser}; -const NXCACHE_SIZE: usize = 2048; +const NXCACHE_SIZE: NonZeroUsize = unsafe { NonZeroUsize::new_unchecked(2048) }; #[derive(Debug, Clone, PartialEq, Eq, Hash)] pub enum Id { @@ -100,7 +100,7 @@ impl CacheLayer { home_alias, uid_attr_map, gid_attr_map, - nxcache: Mutex::new(LruCache::new(NonZeroUsize::new(NXCACHE_SIZE).unwrap())), + nxcache: Mutex::new(LruCache::new(NXCACHE_SIZE)), }) }