diff --git a/examples/unixd b/examples/unixd index de5ffcfe0..66dba4617 100644 --- a/examples/unixd +++ b/examples/unixd @@ -1,4 +1,9 @@ # this should be at /etc/kanidm/unixd, and configures kanidm-unixd -uri = "https://idm.example.com" -verify_ca = true -verify_hostnames = true +# some documentation is here: https://github.com/kanidm/kanidm/blob/master/kanidm_book/src/pam_and_nsswitch.md +# pam_allowed_login_groups = ["posix_group"] +# default_shell = "/bin/bash" +# home_prefix = "/home/" +# home_attr = "uuid" +# home_alias = "spn" +# uid_attr_map = "spn" +# gid_attr_map = "spn" \ No newline at end of file diff --git a/kanidm_client/src/asynchronous.rs b/kanidm_client/src/asynchronous.rs index 604d756d8..3978d7733 100644 --- a/kanidm_client/src/asynchronous.rs +++ b/kanidm_client/src/asynchronous.rs @@ -733,14 +733,13 @@ impl KanidmAsyncClient { ) -> Result { debug!( "{}", - [ + &[ "Asked to remove members ", &members.join(","), " from ", group ] .concat() - .to_string() ); self.perform_delete_request_with_body( ["/v1/group/", group, "/_attr/member"].concat().as_str(), diff --git a/kanidmd/src/lib/be/idl_arc_sqlite.rs b/kanidmd/src/lib/be/idl_arc_sqlite.rs index c4acba243..629bdfd6b 100644 --- a/kanidmd/src/lib/be/idl_arc_sqlite.rs +++ b/kanidmd/src/lib/be/idl_arc_sqlite.rs @@ -3,7 +3,7 @@ use crate::be::idl_sqlite::{ IdlSqlite, IdlSqliteReadTransaction, IdlSqliteTransaction, IdlSqliteWriteTransaction, }; use crate::be::idxkey::{IdlCacheKey, IdlCacheKeyRef, IdlCacheKeyToRef}; -use crate::be::{BackendConfig, IdRawEntry, IDL}; +use crate::be::{BackendConfig, IdList, IdRawEntry}; use crate::entry::{Entry, EntryCommitted, EntrySealed}; use crate::value::IndexType; use crate::value::Value; @@ -77,7 +77,7 @@ macro_rules! get_identry { lperf_trace_segment!($au, "be::idl_arc_sqlite::get_identry", || { let mut result: Vec> = Vec::new(); match $idl { - IDL::Partial(idli) | IDL::PartialThreshold(idli) | IDL::Indexed(idli) => { + IdList::Partial(idli) | IdList::PartialThreshold(idli) | IdList::Indexed(idli) => { let mut nidl = IDLBitRange::new(); idli.into_iter().for_each(|i| { @@ -91,7 +91,7 @@ macro_rules! get_identry { if !nidl.is_empty() { // Now, get anything from nidl that is needed. - let mut db_result = $self.db.get_identry($au, &IDL::Partial(nidl))?; + let mut db_result = $self.db.get_identry($au, &IdList::Partial(nidl))?; // Clone everything from db_result into the cache. if $is_read_op { db_result.iter().for_each(|e| { @@ -102,7 +102,7 @@ macro_rules! get_identry { result.append(&mut db_result); } } - IDL::ALLIDS => { + IdList::AllIds => { // VERY similar to above, but we skip adding the entries to the cache // on miss to prevent scan/invalidation attacks. let idli = (*$self.allids).clone(); @@ -117,7 +117,7 @@ macro_rules! get_identry { if !nidl.is_empty() { // Now, get anything from nidl that is needed. - let mut db_result = $self.db.get_identry($au, &IDL::Partial(nidl))?; + let mut db_result = $self.db.get_identry($au, &IdList::Partial(nidl))?; // Merge the two vecs result.append(&mut db_result); } @@ -309,13 +309,13 @@ pub trait IdlArcSqliteTransaction { fn get_identry( &mut self, au: &mut AuditScope, - idl: &IDL, + idl: &IdList, ) -> Result>, OperationError>; fn get_identry_raw( &self, au: &mut AuditScope, - idl: &IDL, + idl: &IdList, ) -> Result, OperationError>; fn exists_idx( @@ -364,7 +364,7 @@ impl<'a> IdlArcSqliteTransaction for IdlArcSqliteReadTransaction<'a> { fn get_identry( &mut self, au: &mut AuditScope, - idl: &IDL, + idl: &IdList, ) -> Result>, OperationError> { get_identry!(self, au, idl, true) } @@ -372,7 +372,7 @@ impl<'a> IdlArcSqliteTransaction for IdlArcSqliteReadTransaction<'a> { fn get_identry_raw( &self, au: &mut AuditScope, - idl: &IDL, + idl: &IdList, ) -> Result, OperationError> { get_identry_raw!(self, au, idl) } @@ -441,7 +441,7 @@ impl<'a> IdlArcSqliteTransaction for IdlArcSqliteWriteTransaction<'a> { fn get_identry( &mut self, au: &mut AuditScope, - idl: &IDL, + idl: &IdList, ) -> Result>, OperationError> { get_identry!(self, au, idl, false) } @@ -449,7 +449,7 @@ impl<'a> IdlArcSqliteTransaction for IdlArcSqliteWriteTransaction<'a> { fn get_identry_raw( &self, au: &mut AuditScope, - idl: &IDL, + idl: &IdList, ) -> Result, OperationError> { get_identry_raw!(self, au, idl) } @@ -685,8 +685,8 @@ impl<'a> IdlArcSqliteWriteTransaction<'a> { i: itype.clone(), k: idx_key.into(), }; - // On idl == 0 the db will remove this, and synthesise an empty IDL on a miss - // but we can cache this as a new empty IDL instead, so that we can avoid the + // On idl == 0 the db will remove this, and synthesise an empty IdList on a miss + // but we can cache this as a new empty IdList instead, so that we can avoid the // db lookup on this idl. if idl.is_empty() { self.idl_cache diff --git a/kanidmd/src/lib/be/idl_sqlite.rs b/kanidmd/src/lib/be/idl_sqlite.rs index 5dab088e2..e6617261f 100644 --- a/kanidmd/src/lib/be/idl_sqlite.rs +++ b/kanidmd/src/lib/be/idl_sqlite.rs @@ -1,5 +1,5 @@ use crate::audit::AuditScope; -use crate::be::{BackendConfig, IdRawEntry, IDL}; +use crate::be::{BackendConfig, IdList, IdRawEntry}; use crate::entry::{Entry, EntryCommitted, EntrySealed}; use crate::value::{IndexType, Value}; use idlset::v2::IDLBitRange; @@ -22,7 +22,7 @@ const DBV_INDEXV: &str = "indexv"; #[derive(Debug, Copy, Clone)] pub enum FsType { Generic = 4096, - ZFS = 65536, + Zfs = 65536, } #[derive(Debug)] @@ -86,7 +86,7 @@ pub trait IdlSqliteTransaction { fn get_identry( &self, au: &mut AuditScope, - idl: &IDL, + idl: &IdList, ) -> Result>, OperationError> { lperf_trace_segment!(au, "be::idl_sqlite::get_identry", || { self.get_identry_raw(au, idl)? @@ -99,11 +99,11 @@ pub trait IdlSqliteTransaction { fn get_identry_raw( &self, au: &mut AuditScope, - idl: &IDL, + idl: &IdList, ) -> Result, OperationError> { // is the idl allids? match idl { - IDL::ALLIDS => { + IdList::AllIds => { let mut stmt = self .get_conn() .prepare("SELECT id, data FROM id2entry") @@ -135,7 +135,7 @@ pub trait IdlSqliteTransaction { }) .collect() } - IDL::Partial(idli) | IDL::PartialThreshold(idli) | IDL::Indexed(idli) => { + IdList::Partial(idli) | IdList::PartialThreshold(idli) | IdList::Indexed(idli) => { let mut stmt = self .get_conn() .prepare("SELECT id, data FROM id2entry WHERE id = :idl") @@ -756,7 +756,7 @@ impl IdlSqliteWriteTransaction { }) } else { ltrace!(audit, "writing idl -> {}", idl); - // Serialise the IDL to Vec + // Serialise the IdList to Vec let idl_raw = serde_cbor::to_vec(idl).map_err(|e| { ladmin_error!(audit, "Serde CBOR Error -> {:?}", e); OperationError::SerdeCborError diff --git a/kanidmd/src/lib/be/mod.rs b/kanidmd/src/lib/be/mod.rs index 46b83eea1..8c7a213aa 100644 --- a/kanidmd/src/lib/be/mod.rs +++ b/kanidmd/src/lib/be/mod.rs @@ -40,8 +40,8 @@ const FILTER_SEARCH_TEST_THRESHOLD: usize = 2; const FILTER_EXISTS_TEST_THRESHOLD: usize = 0; #[derive(Debug, Clone)] -pub enum IDL { - ALLIDS, +pub enum IdList { + AllIds, PartialThreshold(IDLBitRange), Partial(IDLBitRange), Indexed(IDLBitRange), @@ -134,7 +134,7 @@ pub trait BackendTransaction { fn get_idxmeta_ref(&self) -> &IdxMeta; - /// Recursively apply a filter, transforming into IDL's on the way. This builds a query + /// Recursively apply a filter, transforming into IdList's on the way. This builds a query /// execution log, so that it can be examined how an operation proceeded. #[allow(clippy::cognitive_complexity)] fn filter2idl( @@ -142,7 +142,7 @@ pub trait BackendTransaction { au: &mut AuditScope, filt: &FilterResolved, thres: usize, - ) -> Result<(IDL, FilterPlan), OperationError> { + ) -> Result<(IdList, FilterPlan), OperationError> { Ok(match filt { FilterResolved::Eq(attr, value, idx) => { if *idx { @@ -151,17 +151,17 @@ pub trait BackendTransaction { // Get the idl for this match self .get_idlayer() - .get_idl(au, attr, &IndexType::EQUALITY, &idx_key)? + .get_idl(au, attr, &IndexType::Equality, &idx_key)? { Some(idl) => ( - IDL::Indexed(idl), + IdList::Indexed(idl), FilterPlan::EqIndexed(attr.clone(), idx_key), ), - None => (IDL::ALLIDS, FilterPlan::EqCorrupt(attr.clone())), + None => (IdList::AllIds, FilterPlan::EqCorrupt(attr.clone())), } } else { // Schema believes this is not indexed - (IDL::ALLIDS, FilterPlan::EqUnindexed(attr.clone())) + (IdList::AllIds, FilterPlan::EqUnindexed(attr.clone())) } } FilterResolved::Sub(attr, subvalue, idx) => { @@ -171,17 +171,17 @@ pub trait BackendTransaction { // Get the idl for this match self .get_idlayer() - .get_idl(au, attr, &IndexType::SUBSTRING, &idx_key)? + .get_idl(au, attr, &IndexType::SubString, &idx_key)? { Some(idl) => ( - IDL::Indexed(idl), + IdList::Indexed(idl), FilterPlan::SubIndexed(attr.clone(), idx_key), ), - None => (IDL::ALLIDS, FilterPlan::SubCorrupt(attr.clone())), + None => (IdList::AllIds, FilterPlan::SubCorrupt(attr.clone())), } } else { // Schema believes this is not indexed - (IDL::ALLIDS, FilterPlan::SubUnindexed(attr.clone())) + (IdList::AllIds, FilterPlan::SubUnindexed(attr.clone())) } } FilterResolved::Pres(attr, idx) => { @@ -190,20 +190,20 @@ pub trait BackendTransaction { match self.get_idlayer().get_idl( au, attr, - &IndexType::PRESENCE, + &IndexType::Presence, &"_".to_string(), )? { - Some(idl) => (IDL::Indexed(idl), FilterPlan::PresIndexed(attr.clone())), - None => (IDL::ALLIDS, FilterPlan::PresCorrupt(attr.clone())), + Some(idl) => (IdList::Indexed(idl), FilterPlan::PresIndexed(attr.clone())), + None => (IdList::AllIds, FilterPlan::PresCorrupt(attr.clone())), } } else { // Schema believes this is not indexed - (IDL::ALLIDS, FilterPlan::PresUnindexed(attr.clone())) + (IdList::AllIds, FilterPlan::PresUnindexed(attr.clone())) } } FilterResolved::LessThan(attr, _subvalue, _idx) => { // We have no process for indexing this right now. - (IDL::ALLIDS, FilterPlan::LessThanUnindexed(attr.clone())) + (IdList::AllIds, FilterPlan::LessThanUnindexed(attr.clone())) } FilterResolved::Or(l) => { // Importantly if this has no inner elements, this returns @@ -216,30 +216,30 @@ pub trait BackendTransaction { for f in l.iter() { // get their idls match self.filter2idl(au, f, thres)? { - (IDL::Indexed(idl), fp) => { + (IdList::Indexed(idl), fp) => { plan.push(fp); // now union them (if possible) result = result | idl; } - (IDL::Partial(idl), fp) => { + (IdList::Partial(idl), fp) => { plan.push(fp); // now union them (if possible) result = result | idl; partial = true; } - (IDL::PartialThreshold(idl), fp) => { + (IdList::PartialThreshold(idl), fp) => { plan.push(fp); // now union them (if possible) result = result | idl; partial = true; threshold = true; } - (IDL::ALLIDS, fp) => { + (IdList::AllIds, fp) => { plan.push(fp); // If we find anything unindexed, the whole term is unindexed. - lfilter!(au, "Term {:?} is ALLIDS, shortcut return", f); + lfilter!(au, "Term {:?} is AllIds, shortcut return", f); let setplan = FilterPlan::OrUnindexed(plan); - return Ok((IDL::ALLIDS, setplan)); + return Ok((IdList::AllIds, setplan)); } } } // end or.iter() @@ -247,14 +247,14 @@ pub trait BackendTransaction { if partial { if threshold { let setplan = FilterPlan::OrPartialThreshold(plan); - (IDL::PartialThreshold(result), setplan) + (IdList::PartialThreshold(result), setplan) } else { let setplan = FilterPlan::OrPartial(plan); - (IDL::Partial(result), setplan) + (IdList::Partial(result), setplan) } } else { let setplan = FilterPlan::OrIndexed(plan); - (IDL::Indexed(result), setplan) + (IdList::Indexed(result), setplan) } } FilterResolved::And(l) => { @@ -274,7 +274,7 @@ pub trait BackendTransaction { Some(f) => self.filter2idl(au, f, thres)?, None => { lfilter_error!(au, "WARNING: And filter was empty, or contains only AndNot, can not evaluate."); - return Ok((IDL::Indexed(IDLBitRange::new()), FilterPlan::Invalid)); + return Ok((IdList::Indexed(IDLBitRange::new()), FilterPlan::Invalid)); } }; @@ -288,21 +288,21 @@ pub trait BackendTransaction { plan.push(fp); match &cand_idl { - IDL::Indexed(idl) | IDL::Partial(idl) | IDL::PartialThreshold(idl) => { + IdList::Indexed(idl) | IdList::Partial(idl) | IdList::PartialThreshold(idl) => { // When below thres, we have to return partials to trigger the entry_no_match_filter check. // But we only do this when there are actually multiple elements in the and, // because an and with 1 element now is FULLY resolved. if idl.below_threshold(thres) && f_rem_count > 0 { let setplan = FilterPlan::AndPartialThreshold(plan); - return Ok((IDL::PartialThreshold(idl.clone()), setplan)); + return Ok((IdList::PartialThreshold(idl.clone()), setplan)); } else if idl.is_empty() { // Regardless of the input state, if it's empty, this can never // be satisfied, so return we are indexed and complete. let setplan = FilterPlan::AndEmptyCand(plan); - return Ok((IDL::Indexed(IDLBitRange::new()), setplan)); + return Ok((IdList::Indexed(IDLBitRange::new()), setplan)); } } - IDL::ALLIDS => {} + IdList::AllIds => {} } // Now, for all remaining, @@ -311,54 +311,56 @@ pub trait BackendTransaction { let (inter, fp) = self.filter2idl(au, f, thres)?; plan.push(fp); cand_idl = match (cand_idl, inter) { - (IDL::Indexed(ia), IDL::Indexed(ib)) => { + (IdList::Indexed(ia), IdList::Indexed(ib)) => { let r = ia & ib; if r.below_threshold(thres) && f_rem_count > 0 { // When below thres, we have to return partials to trigger the entry_no_match_filter check. let setplan = FilterPlan::AndPartialThreshold(plan); - return Ok((IDL::PartialThreshold(r), setplan)); + return Ok((IdList::PartialThreshold(r), setplan)); } else if r.is_empty() { // Regardless of the input state, if it's empty, this can never // be satisfied, so return we are indexed and complete. let setplan = FilterPlan::AndEmptyCand(plan); - return Ok((IDL::Indexed(IDLBitRange::new()), setplan)); + return Ok((IdList::Indexed(IDLBitRange::new()), setplan)); } else { - IDL::Indexed(r) + IdList::Indexed(r) } } - (IDL::Indexed(ia), IDL::Partial(ib)) - | (IDL::Partial(ia), IDL::Indexed(ib)) - | (IDL::Partial(ia), IDL::Partial(ib)) => { + (IdList::Indexed(ia), IdList::Partial(ib)) + | (IdList::Partial(ia), IdList::Indexed(ib)) + | (IdList::Partial(ia), IdList::Partial(ib)) => { let r = ia & ib; if r.below_threshold(thres) && f_rem_count > 0 { // When below thres, we have to return partials to trigger the entry_no_match_filter check. let setplan = FilterPlan::AndPartialThreshold(plan); - return Ok((IDL::PartialThreshold(r), setplan)); + return Ok((IdList::PartialThreshold(r), setplan)); } else { - IDL::Partial(r) + IdList::Partial(r) } } - (IDL::Indexed(ia), IDL::PartialThreshold(ib)) - | (IDL::PartialThreshold(ia), IDL::Indexed(ib)) - | (IDL::PartialThreshold(ia), IDL::PartialThreshold(ib)) - | (IDL::PartialThreshold(ia), IDL::Partial(ib)) - | (IDL::Partial(ia), IDL::PartialThreshold(ib)) => { + (IdList::Indexed(ia), IdList::PartialThreshold(ib)) + | (IdList::PartialThreshold(ia), IdList::Indexed(ib)) + | (IdList::PartialThreshold(ia), IdList::PartialThreshold(ib)) + | (IdList::PartialThreshold(ia), IdList::Partial(ib)) + | (IdList::Partial(ia), IdList::PartialThreshold(ib)) => { let r = ia & ib; if r.below_threshold(thres) && f_rem_count > 0 { // When below thres, we have to return partials to trigger the entry_no_match_filter check. let setplan = FilterPlan::AndPartialThreshold(plan); - return Ok((IDL::PartialThreshold(r), setplan)); + return Ok((IdList::PartialThreshold(r), setplan)); } else { - IDL::PartialThreshold(r) + IdList::PartialThreshold(r) } } - (IDL::Indexed(i), IDL::ALLIDS) - | (IDL::ALLIDS, IDL::Indexed(i)) - | (IDL::Partial(i), IDL::ALLIDS) - | (IDL::ALLIDS, IDL::Partial(i)) => IDL::Partial(i), - (IDL::PartialThreshold(i), IDL::ALLIDS) - | (IDL::ALLIDS, IDL::PartialThreshold(i)) => IDL::PartialThreshold(i), - (IDL::ALLIDS, IDL::ALLIDS) => IDL::ALLIDS, + (IdList::Indexed(i), IdList::AllIds) + | (IdList::AllIds, IdList::Indexed(i)) + | (IdList::Partial(i), IdList::AllIds) + | (IdList::AllIds, IdList::Partial(i)) => IdList::Partial(i), + (IdList::PartialThreshold(i), IdList::AllIds) + | (IdList::AllIds, IdList::PartialThreshold(i)) => { + IdList::PartialThreshold(i) + } + (IdList::AllIds, IdList::AllIds) => IdList::AllIds, }; } @@ -380,68 +382,70 @@ pub trait BackendTransaction { // It's an and not, so we need to wrap the plan accordingly. plan.push(FilterPlan::AndNot(Box::new(fp))); cand_idl = match (cand_idl, inter) { - (IDL::Indexed(ia), IDL::Indexed(ib)) => { + (IdList::Indexed(ia), IdList::Indexed(ib)) => { let r = ia.andnot(ib); /* // Don't trigger threshold on and nots if fully indexed. if r.below_threshold(thres) { // When below thres, we have to return partials to trigger the entry_no_match_filter check. - return Ok(IDL::PartialThreshold(r)); + return Ok(IdList::PartialThreshold(r)); } else { - IDL::Indexed(r) + IdList::Indexed(r) } */ - IDL::Indexed(r) + IdList::Indexed(r) } - (IDL::Indexed(ia), IDL::Partial(ib)) - | (IDL::Partial(ia), IDL::Indexed(ib)) - | (IDL::Partial(ia), IDL::Partial(ib)) => { + (IdList::Indexed(ia), IdList::Partial(ib)) + | (IdList::Partial(ia), IdList::Indexed(ib)) + | (IdList::Partial(ia), IdList::Partial(ib)) => { let r = ia.andnot(ib); // DO trigger threshold on partials, because we have to apply the filter // test anyway, so we may as well shortcut at this point. if r.below_threshold(thres) && f_rem_count > 0 { let setplan = FilterPlan::AndPartialThreshold(plan); - return Ok((IDL::PartialThreshold(r), setplan)); + return Ok((IdList::PartialThreshold(r), setplan)); } else { - IDL::Partial(r) + IdList::Partial(r) } } - (IDL::Indexed(ia), IDL::PartialThreshold(ib)) - | (IDL::PartialThreshold(ia), IDL::Indexed(ib)) - | (IDL::PartialThreshold(ia), IDL::PartialThreshold(ib)) - | (IDL::PartialThreshold(ia), IDL::Partial(ib)) - | (IDL::Partial(ia), IDL::PartialThreshold(ib)) => { + (IdList::Indexed(ia), IdList::PartialThreshold(ib)) + | (IdList::PartialThreshold(ia), IdList::Indexed(ib)) + | (IdList::PartialThreshold(ia), IdList::PartialThreshold(ib)) + | (IdList::PartialThreshold(ia), IdList::Partial(ib)) + | (IdList::Partial(ia), IdList::PartialThreshold(ib)) => { let r = ia.andnot(ib); // DO trigger threshold on partials, because we have to apply the filter // test anyway, so we may as well shortcut at this point. if r.below_threshold(thres) && f_rem_count > 0 { let setplan = FilterPlan::AndPartialThreshold(plan); - return Ok((IDL::PartialThreshold(r), setplan)); + return Ok((IdList::PartialThreshold(r), setplan)); } else { - IDL::PartialThreshold(r) + IdList::PartialThreshold(r) } } - (IDL::Indexed(_), IDL::ALLIDS) - | (IDL::ALLIDS, IDL::Indexed(_)) - | (IDL::Partial(_), IDL::ALLIDS) - | (IDL::ALLIDS, IDL::Partial(_)) - | (IDL::PartialThreshold(_), IDL::ALLIDS) - | (IDL::ALLIDS, IDL::PartialThreshold(_)) => { + (IdList::Indexed(_), IdList::AllIds) + | (IdList::AllIds, IdList::Indexed(_)) + | (IdList::Partial(_), IdList::AllIds) + | (IdList::AllIds, IdList::Partial(_)) + | (IdList::PartialThreshold(_), IdList::AllIds) + | (IdList::AllIds, IdList::PartialThreshold(_)) => { // We could actually generate allids here // and then try to reduce the and-not set, but // for now we just return all ids. - IDL::ALLIDS + IdList::AllIds } - (IDL::ALLIDS, IDL::ALLIDS) => IDL::ALLIDS, + (IdList::AllIds, IdList::AllIds) => IdList::AllIds, }; } // What state is the final cand idl in? let setplan = match cand_idl { - IDL::Indexed(_) => FilterPlan::AndIndexed(plan), - IDL::Partial(_) | IDL::PartialThreshold(_) => FilterPlan::AndPartial(plan), - IDL::ALLIDS => FilterPlan::AndUnindexed(plan), + IdList::Indexed(_) => FilterPlan::AndIndexed(plan), + IdList::Partial(_) | IdList::PartialThreshold(_) => { + FilterPlan::AndPartial(plan) + } + IdList::AllIds => FilterPlan::AndUnindexed(plan), }; // Finally, return the result. @@ -460,13 +464,13 @@ pub trait BackendTransaction { for f in l.iter() { // get their idls match self.filter2idl(au, f, thres)? { - (IDL::Indexed(idl), fp) => { + (IdList::Indexed(idl), fp) => { plan.push(fp); if idl.is_empty() { // It's empty, so something is missing. Bail fast. lfilter!(au, "Inclusion is unable to proceed - an empty (missing) item was found!"); let setplan = FilterPlan::InclusionIndexed(plan); - return Ok((IDL::Indexed(IDLBitRange::new()), setplan)); + return Ok((IdList::Indexed(IDLBitRange::new()), setplan)); } else { result = result | idl; } @@ -478,13 +482,13 @@ pub trait BackendTransaction { "Inclusion is unable to proceed - all terms must be fully indexed!" ); let setplan = FilterPlan::InclusionInvalid(plan); - return Ok((IDL::Partial(IDLBitRange::new()), setplan)); + return Ok((IdList::Partial(IDLBitRange::new()), setplan)); } } } // end or.iter() // If we got here, every term must have been indexed let setplan = FilterPlan::InclusionIndexed(plan); - (IDL::Indexed(result), setplan) + (IdList::Indexed(result), setplan) } // So why does this return empty? Normally we actually process an AndNot in the context // of an "AND" query, but if it's used anywhere else IE the root filter, then there is @@ -497,7 +501,7 @@ pub trait BackendTransaction { au, "ERROR: Requested a top level or isolated AndNot, returning empty" ); - (IDL::Indexed(IDLBitRange::new()), FilterPlan::Invalid) + (IdList::Indexed(IDLBitRange::new()), FilterPlan::Invalid) } }) } @@ -520,7 +524,7 @@ pub trait BackendTransaction { */ lfilter!(au, "filter optimised --> {:?}", filt); - // Using the indexes, resolve the IDL here, or ALLIDS. + // Using the indexes, resolve the IdList here, or AllIds. // Also get if the filter was 100% resolved or not. let (idl, fplan) = lperf_trace_segment!(au, "be::search -> filter2idl", || { self.filter2idl(au, filt.to_inner(), FILTER_SEARCH_TEST_THRESHOLD) @@ -528,26 +532,26 @@ pub trait BackendTransaction { lfilter_info!(au, "filter executed plan -> {:?}", fplan); - // Based on the IDL we determine if limits are required at this point. + // Based on the IdList we determine if limits are required at this point. match &idl { - IDL::ALLIDS => { + IdList::AllIds => { if !erl.unindexed_allow { ladmin_error!(au, "filter (search) is fully unindexed, and not allowed by resource limits"); return Err(OperationError::ResourceLimit); } } - IDL::Partial(idl_br) => { + IdList::Partial(idl_br) => { // if idl_br.len() > erl.search_max_filter_test { if !idl_br.below_threshold(erl.search_max_filter_test) { ladmin_error!(au, "filter (search) is partial indexed and greater than search_max_filter_test allowed by resource limits"); return Err(OperationError::ResourceLimit); } } - IDL::PartialThreshold(_) => { + IdList::PartialThreshold(_) => { // Since we opted for this, this is not the fault // of the user and we should not penalise them by limiting on partial. } - IDL::Indexed(idl_br) => { + IdList::Indexed(idl_br) => { // We know this is resolved here, so we can attempt the limit // check. This has to fold the whole index, but you know, class=pres is // indexed ... @@ -565,19 +569,21 @@ pub trait BackendTransaction { })?; let entries_filtered = match idl { - IDL::ALLIDS => lperf_segment!(au, "be::search", || { + IdList::AllIds => lperf_segment!(au, "be::search", || { entries .into_iter() .filter(|e| e.entry_match_no_index(&filt)) .collect() }), - IDL::Partial(_) => lperf_segment!(au, "be::search", || { - entries - .into_iter() - .filter(|e| e.entry_match_no_index(&filt)) - .collect() - }), - IDL::PartialThreshold(_) => { + IdList::Partial(_) => { + lperf_segment!(au, "be::search", || { + entries + .into_iter() + .filter(|e| e.entry_match_no_index(&filt)) + .collect() + }) + } + IdList::PartialThreshold(_) => { lperf_trace_segment!(au, "be::search", || { entries .into_iter() @@ -586,7 +592,7 @@ pub trait BackendTransaction { }) } // Since the index fully resolved, we can shortcut the filter test step here! - IDL::Indexed(_) => { + IdList::Indexed(_) => { lfilter!(au, "filter (search) was fully indexed 👏"); entries } @@ -622,7 +628,7 @@ pub trait BackendTransaction { */ lfilter!(au, "filter optimised --> {:?}", filt); - // Using the indexes, resolve the IDL here, or ALLIDS. + // Using the indexes, resolve the IdList here, or AllIds. // Also get if the filter was 100% resolved or not. let (idl, fplan) = lperf_trace_segment!(au, "be::exists -> filter2idl", || { self.filter2idl(au, filt.to_inner(), FILTER_EXISTS_TEST_THRESHOLD) @@ -630,31 +636,31 @@ pub trait BackendTransaction { lfilter_info!(au, "filter executed plan -> {:?}", fplan); - // Apply limits to the IDL. + // Apply limits to the IdList. match &idl { - IDL::ALLIDS => { + IdList::AllIds => { if !erl.unindexed_allow { ladmin_error!(au, "filter (exists) is fully unindexed, and not allowed by resource limits"); return Err(OperationError::ResourceLimit); } } - IDL::Partial(idl_br) => { + IdList::Partial(idl_br) => { if !idl_br.below_threshold(erl.search_max_filter_test) { ladmin_error!(au, "filter (exists) is partial indexed and greater than search_max_filter_test allowed by resource limits"); return Err(OperationError::ResourceLimit); } } - IDL::PartialThreshold(_) => { + IdList::PartialThreshold(_) => { // Since we opted for this, this is not the fault // of the user and we should not penalise them. } - IDL::Indexed(_) => {} + IdList::Indexed(_) => {} } // Now, check the idl -- if it's fully resolved, we can skip this because the query // was fully indexed. match &idl { - IDL::Indexed(idl) => Ok(!idl.is_empty()), + IdList::Indexed(idl) => Ok(!idl.is_empty()), _ => { let entries = self.get_idlayer().get_identry(au, &idl).map_err(|e| { ladmin_error!(au, "get_identry failed {:?}", e); @@ -759,7 +765,7 @@ pub trait BackendTransaction { } fn verify_indexes(&self, audit: &mut AuditScope) -> Vec> { - let idl = IDL::ALLIDS; + let idl = IdList::AllIds; let entries = match self.get_idlayer().get_identry(audit, &idl) { Ok(s) => s, Err(e) => { @@ -782,7 +788,7 @@ pub trait BackendTransaction { fn backup(&self, audit: &mut AuditScope, dst_path: &str) -> Result<(), OperationError> { // load all entries into RAM, may need to change this later // if the size of the database compared to RAM is an issue - let idl = IDL::ALLIDS; + let idl = IdList::AllIds; let raw_entries: Vec = self.get_idlayer().get_identry_raw(audit, &idl)?; let entries: Result, _> = raw_entries @@ -1252,7 +1258,7 @@ impl<'a> BackendWriteTransaction<'a> { // Now, we need to iterate over everything in id2entry and index them // Future idea: Do this in batches of X amount to limit memory // consumption. - let idl = IDL::ALLIDS; + let idl = IdList::AllIds; let entries = idlayer.get_identry(audit, &idl).map_err(|e| { ladmin_error!(audit, "get_identry failure {:?}", e); e @@ -1365,7 +1371,7 @@ impl<'a> BackendWriteTransaction<'a> { // for debug /* - self.idlayer.get_identry(audit, &IDL::ALLIDS) + self.idlayer.get_identry(audit, &IdList::AllIds) .unwrap() .iter() .for_each(|dbe| { @@ -1559,7 +1565,7 @@ mod tests { use super::super::entry::{Entry, EntryInit, EntryNew}; use super::IdxKey; use super::{ - Backend, BackendConfig, BackendTransaction, BackendWriteTransaction, OperationError, IDL, + Backend, BackendConfig, BackendTransaction, BackendWriteTransaction, IdList, OperationError, }; use crate::event::EventLimits; use crate::value::{IndexType, PartialValue, Value}; @@ -1581,31 +1587,31 @@ mod tests { let mut idxmeta = Set::with_capacity(16); idxmeta.insert(IdxKey { attr: AttrString::from("name"), - itype: IndexType::EQUALITY, + itype: IndexType::Equality, }); idxmeta.insert(IdxKey { attr: AttrString::from("name"), - itype: IndexType::PRESENCE, + itype: IndexType::Presence, }); idxmeta.insert(IdxKey { attr: AttrString::from("name"), - itype: IndexType::SUBSTRING, + itype: IndexType::SubString, }); idxmeta.insert(IdxKey { attr: AttrString::from("uuid"), - itype: IndexType::EQUALITY, + itype: IndexType::Equality, }); idxmeta.insert(IdxKey { attr: AttrString::from("uuid"), - itype: IndexType::PRESENCE, + itype: IndexType::Presence, }); idxmeta.insert(IdxKey { attr: AttrString::from("ta"), - itype: IndexType::EQUALITY, + itype: IndexType::Equality, }); idxmeta.insert(IdxKey { attr: AttrString::from("tb"), - itype: IndexType::EQUALITY, + itype: IndexType::Equality, }); let be = Backend::new(&mut audit, BackendConfig::new_test(), idxmeta, false) @@ -1656,7 +1662,7 @@ mod tests { ($audit:expr, $be:expr, $attr:expr, $itype:expr, $idx_key:expr, $expect:expr) => {{ let t_idl = $be .load_test_idl($audit, &$attr.to_string(), &$itype, &$idx_key.to_string()) - .expect("IDL Load failed"); + .expect("IdList Load failed"); let t = $expect.map(|v: Vec| IDLBitRange::from_iter(v)); assert_eq!(t_idl, t); }}; @@ -1967,7 +1973,7 @@ mod tests { audit, be, "name", - IndexType::EQUALITY, + IndexType::Equality, "william", Some(vec![1]) ); @@ -1976,7 +1982,7 @@ mod tests { audit, be, "name", - IndexType::EQUALITY, + IndexType::Equality, "claire", Some(vec![2]) ); @@ -1985,7 +1991,7 @@ mod tests { audit, be, "name", - IndexType::PRESENCE, + IndexType::Presence, "_", Some(vec![1, 2]) ); @@ -1994,7 +2000,7 @@ mod tests { audit, be, "uuid", - IndexType::EQUALITY, + IndexType::Equality, "db237e8a-0079-4b8c-8a56-593b22aa44d1", Some(vec![1]) ); @@ -2003,7 +2009,7 @@ mod tests { audit, be, "uuid", - IndexType::EQUALITY, + IndexType::Equality, "bd651620-00dd-426b-aaa0-4494f7b7906f", Some(vec![2]) ); @@ -2012,7 +2018,7 @@ mod tests { audit, be, "uuid", - IndexType::PRESENCE, + IndexType::Presence, "_", Some(vec![1, 2]) ); @@ -2023,7 +2029,7 @@ mod tests { audit, be, "name", - IndexType::EQUALITY, + IndexType::Equality, "not-exist", Some(Vec::new()) ); @@ -2032,7 +2038,7 @@ mod tests { audit, be, "uuid", - IndexType::EQUALITY, + IndexType::Equality, "fake-0079-4b8c-8a56-593b22aa44d1", Some(Vec::new()) ); @@ -2041,7 +2047,7 @@ mod tests { .load_test_idl( audit, &"not_indexed".to_string(), - &IndexType::PRESENCE, + &IndexType::Presence, &"_".to_string(), ) .unwrap(); // unwrap the result @@ -2081,23 +2087,23 @@ mod tests { audit, be, "name", - IndexType::EQUALITY, + IndexType::Equality, "william", Some(vec![1]) ); - idl_state!(audit, be, "name", IndexType::PRESENCE, "_", Some(vec![1])); + idl_state!(audit, be, "name", IndexType::Presence, "_", Some(vec![1])); idl_state!( audit, be, "uuid", - IndexType::EQUALITY, + IndexType::Equality, "db237e8a-0079-4b8c-8a56-593b22aa44d1", Some(vec![1]) ); - idl_state!(audit, be, "uuid", IndexType::PRESENCE, "_", Some(vec![1])); + idl_state!(audit, be, "uuid", IndexType::Presence, "_", Some(vec![1])); let william_uuid = Uuid::parse_str("db237e8a-0079-4b8c-8a56-593b22aa44d1").unwrap(); assert!(be.name2uuid(audit, "william") == Ok(Some(william_uuid))); @@ -2111,7 +2117,7 @@ mod tests { audit, be, "name", - IndexType::EQUALITY, + IndexType::Equality, "william", Some(Vec::new()) ); @@ -2120,7 +2126,7 @@ mod tests { audit, be, "name", - IndexType::PRESENCE, + IndexType::Presence, "_", Some(Vec::new()) ); @@ -2129,7 +2135,7 @@ mod tests { audit, be, "uuid", - IndexType::EQUALITY, + IndexType::Equality, "db237e8a-0079-4b8c-8a56-593b22aa44d1", Some(Vec::new()) ); @@ -2138,7 +2144,7 @@ mod tests { audit, be, "uuid", - IndexType::PRESENCE, + IndexType::Presence, "_", Some(Vec::new()) ); @@ -2184,23 +2190,23 @@ mod tests { audit, be, "name", - IndexType::EQUALITY, + IndexType::Equality, "claire", Some(vec![2]) ); - idl_state!(audit, be, "name", IndexType::PRESENCE, "_", Some(vec![2])); + idl_state!(audit, be, "name", IndexType::Presence, "_", Some(vec![2])); idl_state!( audit, be, "uuid", - IndexType::EQUALITY, + IndexType::Equality, "bd651620-00dd-426b-aaa0-4494f7b7906f", Some(vec![2]) ); - idl_state!(audit, be, "uuid", IndexType::PRESENCE, "_", Some(vec![2])); + idl_state!(audit, be, "uuid", IndexType::Presence, "_", Some(vec![2])); let claire_uuid = Uuid::parse_str("bd651620-00dd-426b-aaa0-4494f7b7906f").unwrap(); let william_uuid = Uuid::parse_str("db237e8a-0079-4b8c-8a56-593b22aa44d1").unwrap(); @@ -2253,16 +2259,16 @@ mod tests { audit, be, "name", - IndexType::EQUALITY, + IndexType::Equality, "claire", Some(vec![1]) ); - idl_state!(audit, be, "name", IndexType::PRESENCE, "_", Some(vec![1])); + idl_state!(audit, be, "name", IndexType::Presence, "_", Some(vec![1])); - idl_state!(audit, be, "tb", IndexType::EQUALITY, "test", Some(vec![1])); + idl_state!(audit, be, "tb", IndexType::Equality, "test", Some(vec![1])); - idl_state!(audit, be, "ta", IndexType::EQUALITY, "test", Some(vec![])); + idl_state!(audit, be, "ta", IndexType::Equality, "test", Some(vec![])); // let claire_uuid = Uuid::parse_str("bd651620-00dd-426b-aaa0-4494f7b7906f").unwrap(); let william_uuid = Uuid::parse_str("db237e8a-0079-4b8c-8a56-593b22aa44d1").unwrap(); @@ -2300,7 +2306,7 @@ mod tests { audit, be, "name", - IndexType::EQUALITY, + IndexType::Equality, "claire", Some(vec![1]) ); @@ -2309,19 +2315,19 @@ mod tests { audit, be, "uuid", - IndexType::EQUALITY, + IndexType::Equality, "04091a7a-6ce4-42d2-abf5-c2ce244ac9e8", Some(vec![1]) ); - idl_state!(audit, be, "name", IndexType::PRESENCE, "_", Some(vec![1])); - idl_state!(audit, be, "uuid", IndexType::PRESENCE, "_", Some(vec![1])); + idl_state!(audit, be, "name", IndexType::Presence, "_", Some(vec![1])); + idl_state!(audit, be, "uuid", IndexType::Presence, "_", Some(vec![1])); idl_state!( audit, be, "uuid", - IndexType::EQUALITY, + IndexType::Equality, "db237e8a-0079-4b8c-8a56-593b22aa44d1", Some(Vec::new()) ); @@ -2329,7 +2335,7 @@ mod tests { audit, be, "name", - IndexType::EQUALITY, + IndexType::Equality, "william", Some(Vec::new()) ); @@ -2370,7 +2376,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_un.to_inner(), 0).unwrap(); match r { - IDL::ALLIDS => {} + IdList::AllIds => {} _ => { panic!(""); } @@ -2382,7 +2388,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_eq.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { assert!(idl == IDLBitRange::from_iter(vec![1])); } _ => { @@ -2404,7 +2410,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_in_and.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { assert!(idl == IDLBitRange::from_iter(vec![1])); } _ => { @@ -2429,7 +2435,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_p1.to_inner(), 0).unwrap(); match r { - IDL::Partial(idl) => { + IdList::Partial(idl) => { assert!(idl == IDLBitRange::from_iter(vec![1])); } _ => { @@ -2439,7 +2445,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_p2.to_inner(), 0).unwrap(); match r { - IDL::Partial(idl) => { + IdList::Partial(idl) => { assert!(idl == IDLBitRange::from_iter(vec![1])); } _ => { @@ -2457,7 +2463,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_no_and.to_inner(), 0).unwrap(); match r { - IDL::ALLIDS => {} + IdList::AllIds => {} _ => { panic!(""); } @@ -2470,7 +2476,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_in_or.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { assert!(idl == IDLBitRange::from_iter(vec![1])); } _ => { @@ -2487,7 +2493,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_un_or.to_inner(), 0).unwrap(); match r { - IDL::ALLIDS => {} + IdList::AllIds => {} _ => { panic!(""); } @@ -2500,7 +2506,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_r_andnot.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { assert!(idl == IDLBitRange::from_iter(Vec::new())); } _ => { @@ -2518,7 +2524,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_and_andnot.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { assert!(idl == IDLBitRange::from_iter(Vec::new())); } _ => { @@ -2535,7 +2541,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_or_andnot.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { assert!(idl == IDLBitRange::from_iter(Vec::new())); } _ => { @@ -2553,7 +2559,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_and_andnot.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { debug!("{:?}", idl); assert!(idl == IDLBitRange::from_iter(vec![1])); } @@ -2571,7 +2577,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_and_andnot.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { assert!(idl == IDLBitRange::from_iter(vec![1])); } _ => { @@ -2588,7 +2594,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_and_andnot.to_inner(), 0).unwrap(); match r { - IDL::ALLIDS => {} + IdList::AllIds => {} _ => { panic!(""); } @@ -2603,7 +2609,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_and_andnot.to_inner(), 0).unwrap(); match r { - IDL::ALLIDS => {} + IdList::AllIds => {} _ => { panic!(""); } @@ -2614,7 +2620,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_e_or.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { assert!(idl == IDLBitRange::from_iter(vec![])); } _ => { @@ -2626,7 +2632,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_e_and.to_inner(), 0).unwrap(); match r { - IDL::Indexed(idl) => { + IdList::Indexed(idl) => { assert!(idl == IDLBitRange::from_iter(vec![])); } _ => { @@ -2648,7 +2654,7 @@ mod tests { let (r, _plan) = be.filter2idl(audit, f_eq.to_inner(), 0).unwrap(); match r { - IDL::ALLIDS => {} + IdList::AllIds => {} _ => { panic!(""); } diff --git a/kanidmd/src/lib/core/mod.rs b/kanidmd/src/lib/core/mod.rs index bd700951a..fab851d69 100644 --- a/kanidmd/src/lib/core/mod.rs +++ b/kanidmd/src/lib/core/mod.rs @@ -52,7 +52,7 @@ fn setup_backend_vacuum( .map(|s| s == "zfs") .unwrap_or(false) { - FsType::ZFS + FsType::Zfs } else { FsType::Generic }; diff --git a/kanidmd/src/lib/credential/mod.rs b/kanidmd/src/lib/credential/mod.rs index bd36aa962..48b214087 100644 --- a/kanidmd/src/lib/credential/mod.rs +++ b/kanidmd/src/lib/credential/mod.rs @@ -45,7 +45,7 @@ pub enum Policy { // I don't really feel like adding in so many restrictions, so I'll use // pbkdf2 in openssl because it doesn't have the same limits. #[derive(Clone, Debug)] -enum KDF { +enum Kdf { // cost, salt, hash PBKDF2(usize, Vec, Vec), // salt hash @@ -54,7 +54,7 @@ enum KDF { #[derive(Clone, Debug)] pub struct Password { - material: KDF, + material: Kdf, } impl TryFrom for Password { @@ -63,10 +63,10 @@ impl TryFrom for Password { fn try_from(value: DbPasswordV1) -> Result { match value { DbPasswordV1::PBKDF2(c, s, h) => Ok(Password { - material: KDF::PBKDF2(c, s, h), + material: Kdf::PBKDF2(c, s, h), }), DbPasswordV1::SSHA512(s, h) => Ok(Password { - material: KDF::SSHA512(s, h), + material: Kdf::SSHA512(s, h), }), } } @@ -96,7 +96,7 @@ impl TryFrom<&str> for Password { return Err(()); } return Ok(Password { - material: KDF::PBKDF2(c, s, h), + material: Kdf::PBKDF2(c, s, h), }); } _ => {} @@ -111,7 +111,7 @@ impl TryFrom<&str> for Password { return Err(()); } return Ok(Password { - material: KDF::SSHA512(s.to_vec(), h.to_vec()), + material: Kdf::SSHA512(s.to_vec(), h.to_vec()), }); } @@ -142,7 +142,7 @@ impl Password { end.checked_duration_since(start) } - fn new_pbkdf2(pbkdf2_cost: usize, cleartext: &str) -> Result { + fn new_pbkdf2(pbkdf2_cost: usize, cleartext: &str) -> Result { let mut rng = rand::thread_rng(); let salt: Vec = (0..PBKDF2_SALT_LEN).map(|_| rng.gen()).collect(); // This is 512 bits of output @@ -157,7 +157,7 @@ impl Password { ) .map(|()| { // Turn key to a vec. - KDF::PBKDF2(pbkdf2_cost, salt, key) + Kdf::PBKDF2(pbkdf2_cost, salt, key) }) .map_err(|_| OperationError::CryptographyError) } @@ -168,7 +168,7 @@ impl Password { pub fn verify(&self, cleartext: &str) -> Result { match &self.material { - KDF::PBKDF2(cost, salt, key) => { + Kdf::PBKDF2(cost, salt, key) => { // We have to get the number of bits to derive from our stored hash // as some imported hash types may have variable lengths let key_len = key.len(); @@ -187,7 +187,7 @@ impl Password { &chal_key == key }) } - KDF::SSHA512(salt, key) => { + Kdf::SSHA512(salt, key) => { let mut hasher = Sha512::new(); hasher.update(cleartext.as_bytes()); hasher.update(&salt); @@ -199,15 +199,15 @@ impl Password { pub fn to_dbpasswordv1(&self) -> DbPasswordV1 { match &self.material { - KDF::PBKDF2(cost, salt, hash) => { + Kdf::PBKDF2(cost, salt, hash) => { DbPasswordV1::PBKDF2(*cost, salt.clone(), hash.clone()) } - KDF::SSHA512(salt, hash) => DbPasswordV1::SSHA512(salt.clone(), hash.clone()), + Kdf::SSHA512(salt, hash) => DbPasswordV1::SSHA512(salt.clone(), hash.clone()), } } pub fn requires_upgrade(&self) -> bool { - !matches!(&self.material, KDF::PBKDF2(_, _, _)) + !matches!(&self.material, Kdf::PBKDF2(_, _, _)) } } diff --git a/kanidmd/src/lib/entry.rs b/kanidmd/src/lib/entry.rs index 09fe86748..ac08a9b9c 100644 --- a/kanidmd/src/lib/entry.rs +++ b/kanidmd/src/lib/entry.rs @@ -1090,7 +1090,7 @@ impl Entry { None => Vec::new(), Some(vs) => { let changes: Vec> = match ikey.itype { - IndexType::EQUALITY => { + IndexType::Equality => { vs.flat_map(|v| { // Turn each idx_key to the tuple of // changes. @@ -1100,10 +1100,10 @@ impl Entry { }) .collect() } - IndexType::PRESENCE => { + IndexType::Presence => { vec![Err((&ikey.attr, &ikey.itype, "_".to_string()))] } - IndexType::SUBSTRING => Vec::new(), + IndexType::SubString => Vec::new(), }; changes } @@ -1120,7 +1120,7 @@ impl Entry { None => Vec::new(), Some(vs) => { let changes: Vec> = match ikey.itype { - IndexType::EQUALITY => { + IndexType::Equality => { vs.flat_map(|v| { // Turn each idx_key to the tuple of // changes. @@ -1130,10 +1130,10 @@ impl Entry { }) .collect() } - IndexType::PRESENCE => { + IndexType::Presence => { vec![Ok((&ikey.attr, &ikey.itype, "_".to_string()))] } - IndexType::SUBSTRING => Vec::new(), + IndexType::SubString => Vec::new(), }; // For each value // @@ -1159,7 +1159,7 @@ impl Entry { (Some(pre_vs), None) => { // It existed before, but not anymore let changes: Vec> = match ikey.itype { - IndexType::EQUALITY => { + IndexType::Equality => { pre_vs .iter() .flat_map(|v| { @@ -1173,17 +1173,17 @@ impl Entry { }) .collect() } - IndexType::PRESENCE => { + IndexType::Presence => { vec![Err((&ikey.attr, &ikey.itype, "_".to_string()))] } - IndexType::SUBSTRING => Vec::new(), + IndexType::SubString => Vec::new(), }; changes } (None, Some(post_vs)) => { // It was added now. let changes: Vec> = match ikey.itype { - IndexType::EQUALITY => { + IndexType::Equality => { post_vs .iter() .flat_map(|v| { @@ -1197,10 +1197,10 @@ impl Entry { }) .collect() } - IndexType::PRESENCE => { + IndexType::Presence => { vec![Ok((&ikey.attr, &ikey.itype, "_".to_string()))] } - IndexType::SUBSTRING => Vec::new(), + IndexType::SubString => Vec::new(), }; changes } @@ -1211,7 +1211,7 @@ impl Entry { .map(|pre_v| { // Was in pre, now not in post match ikey.itype { - IndexType::EQUALITY => { + IndexType::Equality => { // Remove the v pre_v .generate_idx_eq_keys() @@ -1221,17 +1221,17 @@ impl Entry { }) .collect() } - IndexType::PRESENCE => { + IndexType::Presence => { // No action - we still are "present", so nothing to do! Vec::new() } - IndexType::SUBSTRING => Vec::new(), + IndexType::SubString => Vec::new(), } }) .chain(post_vs.difference(&pre_vs).map(|post_v| { // is in post, but not in pre (add) match ikey.itype { - IndexType::EQUALITY => { + IndexType::Equality => { // Remove the v post_v .generate_idx_eq_keys() @@ -1241,11 +1241,11 @@ impl Entry { }) .collect() } - IndexType::PRESENCE => { + IndexType::Presence => { // No action - we still are "present", so nothing to do! Vec::new() } - IndexType::SUBSTRING => Vec::new(), + IndexType::SubString => Vec::new(), } })) .flatten() // flatten all the inner vecs @@ -2168,15 +2168,15 @@ mod tests { let mut idxmeta = HashSet::with_capacity(8); idxmeta.insert(IdxKey { attr: AttrString::from("userid"), - itype: IndexType::EQUALITY, + itype: IndexType::Equality, }); idxmeta.insert(IdxKey { attr: AttrString::from("userid"), - itype: IndexType::PRESENCE, + itype: IndexType::Presence, }); idxmeta.insert(IdxKey { attr: AttrString::from("extra"), - itype: IndexType::EQUALITY, + itype: IndexType::Equality, }); // When we do None, None, we get nothing back. @@ -2192,7 +2192,7 @@ mod tests { del_r[0] == Err(( &AttrString::from("userid"), - &IndexType::EQUALITY, + &IndexType::Equality, "william".to_string() )) ); @@ -2200,7 +2200,7 @@ mod tests { del_r[1] == Err(( &AttrString::from("userid"), - &IndexType::PRESENCE, + &IndexType::Presence, "_".to_string() )) ); @@ -2213,7 +2213,7 @@ mod tests { add_r[0] == Ok(( &AttrString::from("userid"), - &IndexType::EQUALITY, + &IndexType::Equality, "william".to_string() )) ); @@ -2221,7 +2221,7 @@ mod tests { add_r[1] == Ok(( &AttrString::from("userid"), - &IndexType::PRESENCE, + &IndexType::Presence, "_".to_string() )) ); @@ -2238,7 +2238,7 @@ mod tests { add_a_r[0] == Ok(( &AttrString::from("extra"), - &IndexType::EQUALITY, + &IndexType::Equality, "test".to_string() )) ); @@ -2249,7 +2249,7 @@ mod tests { del_a_r[0] == Err(( &AttrString::from("extra"), - &IndexType::EQUALITY, + &IndexType::Equality, "test".to_string() )) ); @@ -2262,7 +2262,7 @@ mod tests { chg_r[1] == Err(( &AttrString::from("userid"), - &IndexType::EQUALITY, + &IndexType::Equality, "william".to_string() )) ); @@ -2271,7 +2271,7 @@ mod tests { chg_r[0] == Ok(( &AttrString::from("userid"), - &IndexType::EQUALITY, + &IndexType::Equality, "claire".to_string() )) ); diff --git a/kanidmd/src/lib/filter.rs b/kanidmd/src/lib/filter.rs index 759621c64..aaad5ee26 100644 --- a/kanidmd/src/lib/filter.rs +++ b/kanidmd/src/lib/filter.rs @@ -418,19 +418,19 @@ impl Filter { // some core test idxs faster. This is never used in production, it's JUST for // test case speedups. let idxmeta = vec![ - (AttrString::from("uuid"), IndexType::EQUALITY), - (AttrString::from("uuid"), IndexType::PRESENCE), - (AttrString::from("name"), IndexType::EQUALITY), - (AttrString::from("name"), IndexType::SUBSTRING), - (AttrString::from("name"), IndexType::PRESENCE), - (AttrString::from("class"), IndexType::EQUALITY), - (AttrString::from("class"), IndexType::PRESENCE), - (AttrString::from("member"), IndexType::EQUALITY), - (AttrString::from("member"), IndexType::PRESENCE), - (AttrString::from("memberof"), IndexType::EQUALITY), - (AttrString::from("memberof"), IndexType::PRESENCE), - (AttrString::from("directmemberof"), IndexType::EQUALITY), - (AttrString::from("directmemberof"), IndexType::PRESENCE), + (AttrString::from("uuid"), IndexType::Equality), + (AttrString::from("uuid"), IndexType::Presence), + (AttrString::from("name"), IndexType::Equality), + (AttrString::from("name"), IndexType::SubString), + (AttrString::from("name"), IndexType::Presence), + (AttrString::from("class"), IndexType::Equality), + (AttrString::from("class"), IndexType::Presence), + (AttrString::from("member"), IndexType::Equality), + (AttrString::from("member"), IndexType::Presence), + (AttrString::from("memberof"), IndexType::Equality), + (AttrString::from("memberof"), IndexType::Presence), + (AttrString::from("directmemberof"), IndexType::Equality), + (AttrString::from("directmemberof"), IndexType::Presence), ]; let idxmeta_ref = idxmeta.iter().map(|(attr, itype)| (attr, itype)).collect(); @@ -991,17 +991,17 @@ impl FilterResolved { unsafe fn from_invalid(fc: FilterComp, idxmeta: &HashSet<(&AttrString, &IndexType)>) -> Self { match fc { FilterComp::Eq(a, v) => { - let idx = idxmeta.contains(&(&a, &IndexType::EQUALITY)); + let idx = idxmeta.contains(&(&a, &IndexType::Equality)); FilterResolved::Eq(a, v, idx) } FilterComp::Sub(a, v) => { - // let idx = idxmeta.contains(&(&a, &IndexType::SUBSTRING)); + // let idx = idxmeta.contains(&(&a, &IndexType::SubString)); // TODO: For now, don't emit substring indexes. let idx = false; FilterResolved::Sub(a, v, idx) } FilterComp::Pres(a) => { - let idx = idxmeta.contains(&(&a, &IndexType::PRESENCE)); + let idx = idxmeta.contains(&(&a, &IndexType::Presence)); FilterResolved::Pres(a, idx) } FilterComp::LessThan(a, v) => { @@ -1043,22 +1043,22 @@ impl FilterResolved { fn resolve_idx(fc: FilterComp, ev: &Event, idxmeta: &HashSet) -> Option { match fc { FilterComp::Eq(a, v) => { - let idxkref = IdxKeyRef::new(&a, &IndexType::EQUALITY); + let idxkref = IdxKeyRef::new(&a, &IndexType::Equality); let idx = idxmeta.contains(&idxkref as &dyn IdxKeyToRef); Some(FilterResolved::Eq(a, v, idx)) } FilterComp::Sub(a, v) => { - let idxkref = IdxKeyRef::new(&a, &IndexType::SUBSTRING); + let idxkref = IdxKeyRef::new(&a, &IndexType::SubString); let idx = idxmeta.contains(&idxkref as &dyn IdxKeyToRef); Some(FilterResolved::Sub(a, v, idx)) } FilterComp::Pres(a) => { - let idxkref = IdxKeyRef::new(&a, &IndexType::PRESENCE); + let idxkref = IdxKeyRef::new(&a, &IndexType::Presence); let idx = idxmeta.contains(&idxkref as &dyn IdxKeyToRef); Some(FilterResolved::Pres(a, idx)) } FilterComp::LessThan(a, v) => { - // let idx = idxmeta.contains(&(&a, &IndexType::SUBSTRING)); + // let idx = idxmeta.contains(&(&a, &IndexType::SubString)); let idx = false; Some(FilterResolved::LessThan(a, v, idx)) } @@ -1094,7 +1094,7 @@ impl FilterResolved { } FilterComp::SelfUuid => ev.get_uuid().map(|uuid| { let uuid_s = AttrString::from("uuid"); - let idxkref = IdxKeyRef::new(&uuid_s, &IndexType::EQUALITY); + let idxkref = IdxKeyRef::new(&uuid_s, &IndexType::Equality); let idx = idxmeta.contains(&idxkref as &dyn IdxKeyToRef); FilterResolved::Eq(uuid_s, PartialValue::new_uuid(uuid), idx) }), diff --git a/kanidmd/src/lib/idm/server.rs b/kanidmd/src/lib/idm/server.rs index 638e88e91..3406ad8ef 100644 --- a/kanidmd/src/lib/idm/server.rs +++ b/kanidmd/src/lib/idm/server.rs @@ -16,7 +16,7 @@ use crate::idm::unix::{UnixGroup, UnixUserAccount}; use crate::idm::AuthState; use crate::ldap::LdapBoundToken; use crate::prelude::*; -use crate::utils::{password_from_random, readable_password_from_random, uuid_from_duration, SID}; +use crate::utils::{password_from_random, readable_password_from_random, uuid_from_duration, Sid}; use crate::actors::v1_write::QueryServerWriteV1; use crate::idm::delayed::{ @@ -88,7 +88,7 @@ pub struct IdmServerAuthTransaction<'a> { softlocks: &'a HashMap, pub qs_read: QueryServerReadTransaction<'a>, // thread/server id - sid: SID, + sid: Sid, // For flagging eventual actions. async_tx: Sender, webauthn: &'a Webauthn, @@ -107,7 +107,7 @@ pub struct IdmServerProxyWriteTransaction<'a> { pub qs_write: QueryServerWriteTransaction<'a>, // Associate to an event origin ID, which has a TS and a UUID instead mfareg_sessions: BptreeMapWriteTxn<'a, Uuid, MfaRegSession>, - sid: SID, + sid: Sid, crypto_policy: &'a CryptoPolicy, webauthn: &'a Webauthn, pw_badlist_cache: CowCellWriteTxn<'a, HashSet>, diff --git a/kanidmd/src/lib/schema.rs b/kanidmd/src/lib/schema.rs index 246710e92..bea2e5c58 100644 --- a/kanidmd/src/lib/schema.rs +++ b/kanidmd/src/lib/schema.rs @@ -182,23 +182,23 @@ impl SchemaAttribute { // on that may only use a single tagged attribute for example. pub fn validate_partialvalue(&self, a: &str, v: &PartialValue) -> Result<(), SchemaError> { let r = match self.syntax { - SyntaxType::BOOLEAN => v.is_bool(), + SyntaxType::Boolean => v.is_bool(), SyntaxType::SYNTAX_ID => v.is_syntax(), SyntaxType::INDEX_ID => v.is_index(), - SyntaxType::UUID => v.is_uuid(), + SyntaxType::Uuid => v.is_uuid(), SyntaxType::REFERENCE_UUID => v.is_refer(), - SyntaxType::UTF8STRING_INSENSITIVE => v.is_iutf8(), - SyntaxType::UTF8STRING_INAME => v.is_iname(), + SyntaxType::Utf8StringInsensitive => v.is_iutf8(), + SyntaxType::Utf8StringIname => v.is_iname(), SyntaxType::UTF8STRING => v.is_utf8(), SyntaxType::JSON_FILTER => v.is_json_filter(), - SyntaxType::CREDENTIAL => v.is_credential(), - SyntaxType::RADIUS_UTF8STRING => v.is_radius_string(), - SyntaxType::SSHKEY => v.is_sshkey(), - SyntaxType::SERVICE_PRINCIPLE_NAME => v.is_spn(), + SyntaxType::Credential => v.is_credential(), + SyntaxType::RadiusUtf8String => v.is_radius_string(), + SyntaxType::SshKey => v.is_sshkey(), + SyntaxType::ServicePrincipalName => v.is_spn(), SyntaxType::UINT32 => v.is_uint32(), - SyntaxType::CID => v.is_cid(), - SyntaxType::NSUNIQUEID => v.is_nsuniqueid(), - SyntaxType::DATETIME => v.is_datetime(), + SyntaxType::Cid => v.is_cid(), + SyntaxType::NsUniqueId => v.is_nsuniqueid(), + SyntaxType::DateTime => v.is_datetime(), }; if r { Ok(()) @@ -229,7 +229,7 @@ impl SchemaAttribute { }; // If syntax, check the type is correct match self.syntax { - SyntaxType::BOOLEAN => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::Boolean => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_bool() { Ok(()) @@ -247,7 +247,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::UUID => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::Uuid => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_uuid() { Ok(()) @@ -275,7 +275,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::UTF8STRING_INSENSITIVE => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::Utf8StringInsensitive => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_insensitive_utf8() { Ok(()) @@ -284,7 +284,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::UTF8STRING_INAME => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::Utf8StringIname => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_iname() { Ok(()) @@ -311,7 +311,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::CREDENTIAL => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::Credential => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_credential() { Ok(()) @@ -320,7 +320,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::RADIUS_UTF8STRING => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::RadiusUtf8String => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_radius_string() { Ok(()) @@ -329,7 +329,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::SSHKEY => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::SshKey => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_sshkey() { Ok(()) @@ -338,7 +338,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::SERVICE_PRINCIPLE_NAME => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::ServicePrincipalName => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_spn() { Ok(()) @@ -356,7 +356,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::CID => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::Cid => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_cid() { Ok(()) @@ -365,7 +365,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::NSUNIQUEID => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::NsUniqueId => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_nsuniqueid() { Ok(()) @@ -374,7 +374,7 @@ impl SchemaAttribute { } }) }), - SyntaxType::DATETIME => ava.iter().fold(Ok(()), |acc, v| { + SyntaxType::DateTime => ava.iter().fold(Ok(()), |acc, v| { acc.and_then(|_| { if v.is_datetime() { Ok(()) @@ -655,8 +655,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY, IndexType::PRESENCE], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality, IndexType::Presence], + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -670,8 +670,8 @@ impl<'a> SchemaWriteTransaction<'a> { // needing to check recycled objects too. unique: false, phantom: false, - index: vec![IndexType::EQUALITY, IndexType::PRESENCE], - syntax: SyntaxType::UUID, + index: vec![IndexType::Equality, IndexType::Presence], + syntax: SyntaxType::Uuid, }, ); self.attributes.insert( @@ -686,7 +686,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: false, index: vec![], - syntax: SyntaxType::CID, + syntax: SyntaxType::Cid, }, ); self.attributes.insert( @@ -698,8 +698,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: false, unique: true, phantom: false, - index: vec![IndexType::EQUALITY, IndexType::PRESENCE], - syntax: SyntaxType::UTF8STRING_INAME, + index: vec![IndexType::Equality, IndexType::Presence], + syntax: SyntaxType::Utf8StringIname, }, ); self.attributes.insert( @@ -713,8 +713,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: false, unique: true, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::SERVICE_PRINCIPLE_NAME, + index: vec![IndexType::Equality], + syntax: SyntaxType::ServicePrincipalName, }, ); self.attributes.insert( @@ -726,8 +726,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: false, unique: true, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -739,8 +739,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: false, unique: true, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -764,7 +764,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: false, index: vec![], - syntax: SyntaxType::BOOLEAN, + syntax: SyntaxType::Boolean, }); self.attributes.insert(AttrString::from("phantom"), SchemaAttribute { name: AttrString::from("phantom"), @@ -774,7 +774,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: false, index: vec![], - syntax: SyntaxType::BOOLEAN, + syntax: SyntaxType::Boolean, }); self.attributes.insert(AttrString::from("unique"), SchemaAttribute { name: AttrString::from("unique"), @@ -784,7 +784,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: false, index: vec![], - syntax: SyntaxType::BOOLEAN, + syntax: SyntaxType::Boolean, }); self.attributes.insert( AttrString::from("index"), @@ -812,7 +812,7 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: false, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], + index: vec![IndexType::Equality], syntax: SyntaxType::SYNTAX_ID, }, ); @@ -828,7 +828,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: false, index: vec![], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -843,7 +843,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: false, index: vec![], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -858,7 +858,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: false, index: vec![], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -873,7 +873,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: false, index: vec![], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + syntax: SyntaxType::Utf8StringInsensitive, }, ); // SYSINFO attrs @@ -887,8 +887,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: false, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::BOOLEAN, + index: vec![IndexType::Equality], + syntax: SyntaxType::Boolean, }, ); @@ -903,7 +903,7 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: false, unique: false, phantom: false, - index: vec![IndexType::EQUALITY, IndexType::SUBSTRING], + index: vec![IndexType::Equality, IndexType::SubString], syntax: SyntaxType::JSON_FILTER, }, ); @@ -918,7 +918,7 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: false, unique: false, phantom: false, - index: vec![IndexType::EQUALITY, IndexType::SUBSTRING], + index: vec![IndexType::Equality, IndexType::SubString], syntax: SyntaxType::JSON_FILTER, }, ); @@ -931,8 +931,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -946,8 +946,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -961,8 +961,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringInsensitive, }, ); @@ -975,8 +975,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -988,8 +988,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -1001,8 +1001,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringInsensitive, }, ); // MO/Member @@ -1015,7 +1015,7 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], + index: vec![IndexType::Equality], syntax: SyntaxType::REFERENCE_UUID, }, ); @@ -1028,7 +1028,7 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], + index: vec![IndexType::Equality], syntax: SyntaxType::REFERENCE_UUID, }, ); @@ -1041,7 +1041,7 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], + index: vec![IndexType::Equality], syntax: SyntaxType::REFERENCE_UUID, }, ); @@ -1071,8 +1071,8 @@ impl<'a> SchemaWriteTransaction<'a> { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INAME, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringIname, }, ); self.attributes.insert( @@ -1085,7 +1085,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: true, index: vec![], - syntax: SyntaxType::SERVICE_PRINCIPLE_NAME, + syntax: SyntaxType::ServicePrincipalName, }, ); self.attributes.insert( @@ -1113,7 +1113,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: true, index: vec![], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + syntax: SyntaxType::Utf8StringInsensitive, }, ); self.attributes.insert( @@ -1126,7 +1126,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: true, index: vec![], - syntax: SyntaxType::UUID, + syntax: SyntaxType::Uuid, }, ); self.attributes.insert( @@ -1139,7 +1139,7 @@ impl<'a> SchemaWriteTransaction<'a> { unique: false, phantom: true, index: vec![], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + syntax: SyntaxType::Utf8StringInsensitive, }, ); // end LDAP masking phantoms @@ -1754,8 +1754,8 @@ mod tests { multivalue: false, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::UTF8STRING_INSENSITIVE, + index: vec![IndexType::Equality], + syntax: SyntaxType::Utf8StringInsensitive, }; let r1 = @@ -1783,7 +1783,7 @@ mod tests { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], + index: vec![IndexType::Equality], syntax: SyntaxType::UTF8STRING, }; @@ -1801,8 +1801,8 @@ mod tests { multivalue: true, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], - syntax: SyntaxType::BOOLEAN, + index: vec![IndexType::Equality], + syntax: SyntaxType::Boolean, }; let r3 = multi_value_boolean.validate_ava( @@ -1833,7 +1833,7 @@ mod tests { multivalue: false, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], + index: vec![IndexType::Equality], syntax: SyntaxType::SYNTAX_ID, }; @@ -1858,7 +1858,7 @@ mod tests { multivalue: false, unique: false, phantom: false, - index: vec![IndexType::EQUALITY], + index: vec![IndexType::Equality], syntax: SyntaxType::INDEX_ID, }; // diff --git a/kanidmd/src/lib/server.rs b/kanidmd/src/lib/server.rs index 880a4e992..7df112e4b 100644 --- a/kanidmd/src/lib/server.rs +++ b/kanidmd/src/lib/server.rs @@ -486,15 +486,15 @@ pub trait QueryServerTransaction<'a> { Some(schema_a) => { match schema_a.syntax { SyntaxType::UTF8STRING => Ok(Value::new_utf8(value.to_string())), - SyntaxType::UTF8STRING_INSENSITIVE => Ok(Value::new_iutf8(value)), - SyntaxType::UTF8STRING_INAME => Ok(Value::new_iname(value)), - SyntaxType::BOOLEAN => Value::new_bools(value) + SyntaxType::Utf8StringInsensitive => Ok(Value::new_iutf8(value)), + SyntaxType::Utf8StringIname => Ok(Value::new_iname(value)), + SyntaxType::Boolean => Value::new_bools(value) .ok_or_else(|| OperationError::InvalidAttribute("Invalid boolean syntax".to_string())), SyntaxType::SYNTAX_ID => Value::new_syntaxs(value) .ok_or_else(|| OperationError::InvalidAttribute("Invalid Syntax syntax".to_string())), SyntaxType::INDEX_ID => Value::new_indexs(value) .ok_or_else(|| OperationError::InvalidAttribute("Invalid Index syntax".to_string())), - SyntaxType::UUID => { + SyntaxType::Uuid => { // It's a uuid - we do NOT check for existance, because that // could be revealing or disclosing - it is up to acp to assert // if we can see the value or not, and it's not up to us to @@ -527,15 +527,15 @@ pub trait QueryServerTransaction<'a> { } SyntaxType::JSON_FILTER => Value::new_json_filter(value) .ok_or_else(|| OperationError::InvalidAttribute("Invalid Filter syntax".to_string())), - SyntaxType::CREDENTIAL => Err(OperationError::InvalidAttribute("Credentials can not be supplied through modification - please use the IDM api".to_string())), - SyntaxType::RADIUS_UTF8STRING => Err(OperationError::InvalidAttribute("Radius secrets can not be supplied through modification - please use the IDM api".to_string())), - SyntaxType::SSHKEY => Err(OperationError::InvalidAttribute("SSH public keys can not be supplied through modification - please use the IDM api".to_string())), - SyntaxType::SERVICE_PRINCIPLE_NAME => Err(OperationError::InvalidAttribute("SPNs are generated and not able to be set.".to_string())), + SyntaxType::Credential => Err(OperationError::InvalidAttribute("Credentials can not be supplied through modification - please use the IDM api".to_string())), + SyntaxType::RadiusUtf8String => Err(OperationError::InvalidAttribute("Radius secrets can not be supplied through modification - please use the IDM api".to_string())), + SyntaxType::SshKey => Err(OperationError::InvalidAttribute("SSH public keys can not be supplied through modification - please use the IDM api".to_string())), + SyntaxType::ServicePrincipalName => Err(OperationError::InvalidAttribute("SPNs are generated and not able to be set.".to_string())), SyntaxType::UINT32 => Value::new_uint32_str(value) .ok_or_else(|| OperationError::InvalidAttribute("Invalid uint32 syntax".to_string())), - SyntaxType::CID => Err(OperationError::InvalidAttribute("CIDs are generated and not able to be set.".to_string())), - SyntaxType::NSUNIQUEID => Ok(Value::new_nsuniqueid_s(value)), - SyntaxType::DATETIME => Value::new_datetime_s(value) + SyntaxType::Cid => Err(OperationError::InvalidAttribute("CIDs are generated and not able to be set.".to_string())), + SyntaxType::NsUniqueId => Ok(Value::new_nsuniqueid_s(value)), + SyntaxType::DateTime => Value::new_datetime_s(value) .ok_or_else(|| OperationError::InvalidAttribute("Invalid DateTime (rfc3339) syntax".to_string())), } } @@ -560,9 +560,9 @@ pub trait QueryServerTransaction<'a> { Some(schema_a) => { match schema_a.syntax { SyntaxType::UTF8STRING => Ok(PartialValue::new_utf8(value.to_string())), - SyntaxType::UTF8STRING_INSENSITIVE => Ok(PartialValue::new_iutf8(value)), - SyntaxType::UTF8STRING_INAME => Ok(PartialValue::new_iname(value)), - SyntaxType::BOOLEAN => PartialValue::new_bools(value).ok_or_else(|| { + SyntaxType::Utf8StringInsensitive => Ok(PartialValue::new_iutf8(value)), + SyntaxType::Utf8StringIname => Ok(PartialValue::new_iname(value)), + SyntaxType::Boolean => PartialValue::new_bools(value).ok_or_else(|| { OperationError::InvalidAttribute("Invalid boolean syntax".to_string()) }), SyntaxType::SYNTAX_ID => PartialValue::new_syntaxs(value).ok_or_else(|| { @@ -571,7 +571,7 @@ pub trait QueryServerTransaction<'a> { SyntaxType::INDEX_ID => PartialValue::new_indexs(value).ok_or_else(|| { OperationError::InvalidAttribute("Invalid Index syntax".to_string()) }), - SyntaxType::UUID => { + SyntaxType::Uuid => { PartialValue::new_uuids(value) .or_else(|| { // it's not a uuid, try to resolve it. @@ -609,21 +609,22 @@ pub trait QueryServerTransaction<'a> { OperationError::InvalidAttribute("Invalid Filter syntax".to_string()) }) } - SyntaxType::CREDENTIAL => Ok(PartialValue::new_credential_tag(value)), - SyntaxType::RADIUS_UTF8STRING => Ok(PartialValue::new_radius_string()), - SyntaxType::SSHKEY => Ok(PartialValue::new_sshkey_tag_s(value)), - SyntaxType::SERVICE_PRINCIPLE_NAME => PartialValue::new_spn_s(value) - .ok_or_else(|| { + SyntaxType::Credential => Ok(PartialValue::new_credential_tag(value)), + SyntaxType::RadiusUtf8String => Ok(PartialValue::new_radius_string()), + SyntaxType::SshKey => Ok(PartialValue::new_sshkey_tag_s(value)), + SyntaxType::ServicePrincipalName => { + PartialValue::new_spn_s(value).ok_or_else(|| { OperationError::InvalidAttribute("Invalid spn syntax".to_string()) - }), + }) + } SyntaxType::UINT32 => PartialValue::new_uint32_str(value).ok_or_else(|| { OperationError::InvalidAttribute("Invalid uint32 syntax".to_string()) }), - SyntaxType::CID => PartialValue::new_cid_s(value).ok_or_else(|| { + SyntaxType::Cid => PartialValue::new_cid_s(value).ok_or_else(|| { OperationError::InvalidAttribute("Invalid cid syntax".to_string()) }), - SyntaxType::NSUNIQUEID => Ok(PartialValue::new_nsuniqueid_s(value)), - SyntaxType::DATETIME => PartialValue::new_datetime_s(value).ok_or_else(|| { + SyntaxType::NsUniqueId => Ok(PartialValue::new_nsuniqueid_s(value)), + SyntaxType::DateTime => PartialValue::new_datetime_s(value).ok_or_else(|| { OperationError::InvalidAttribute( "Invalid DateTime (rfc3339) syntax".to_string(), ) diff --git a/kanidmd/src/lib/utils.rs b/kanidmd/src/lib/utils.rs index 1e22ee5d2..d1990202d 100644 --- a/kanidmd/src/lib/utils.rs +++ b/kanidmd/src/lib/utils.rs @@ -7,7 +7,7 @@ use rand::{thread_rng, Rng}; #[derive(Debug)] pub struct DistinctAlpha; -pub type SID = [u8; 4]; +pub type Sid = [u8; 4]; pub fn uuid_to_gid_u32(u: &Uuid) -> u32 { let b_ref = u.as_bytes(); @@ -16,7 +16,7 @@ pub fn uuid_to_gid_u32(u: &Uuid) -> u32 { u32::from_be_bytes(x) } -fn uuid_from_u64_u32(a: u64, b: u32, sid: SID) -> Uuid { +fn uuid_from_u64_u32(a: u64, b: u32, sid: Sid) -> Uuid { let mut v: Vec = Vec::with_capacity(16); v.extend_from_slice(&a.to_be_bytes()); v.extend_from_slice(&b.to_be_bytes()); @@ -28,7 +28,7 @@ fn uuid_from_u64_u32(a: u64, b: u32, sid: SID) -> Uuid { .build() } -pub fn uuid_from_duration(d: Duration, sid: SID) -> Uuid { +pub fn uuid_from_duration(d: Duration, sid: Sid) -> Uuid { uuid_from_u64_u32(d.as_secs(), d.subsec_nanos(), sid) } @@ -69,7 +69,7 @@ pub fn duration_from_epoch_now() -> Duration { /* #[allow(dead_code)] -pub fn uuid_from_now(sid: SID) -> Uuid { +pub fn uuid_from_now(sid: Sid) -> Uuid { let d = SystemTime::now() .duration_since(SystemTime::UNIX_EPOCH) .unwrap(); diff --git a/kanidmd/src/lib/value.rs b/kanidmd/src/lib/value.rs index 81546507d..35bb333ce 100644 --- a/kanidmd/src/lib/value.rs +++ b/kanidmd/src/lib/value.rs @@ -40,9 +40,9 @@ lazy_static! { #[allow(non_camel_case_types)] #[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord, Deserialize, Serialize, Hash)] pub enum IndexType { - EQUALITY, - PRESENCE, - SUBSTRING, + Equality, + Presence, + SubString, } impl TryFrom<&str> for IndexType { @@ -51,9 +51,9 @@ impl TryFrom<&str> for IndexType { fn try_from(value: &str) -> Result { let n_value = value.to_uppercase(); match n_value.as_str() { - "EQUALITY" => Ok(IndexType::EQUALITY), - "PRESENCE" => Ok(IndexType::PRESENCE), - "SUBSTRING" => Ok(IndexType::SUBSTRING), + "EQUALITY" => Ok(IndexType::Equality), + "PRESENCE" => Ok(IndexType::Presence), + "SUBSTRING" => Ok(IndexType::SubString), // UUID map? // UUID rev map? _ => Err(()), @@ -66,9 +66,9 @@ impl TryFrom for IndexType { fn try_from(value: usize) -> Result { match value { - 0 => Ok(IndexType::EQUALITY), - 1 => Ok(IndexType::PRESENCE), - 2 => Ok(IndexType::SUBSTRING), + 0 => Ok(IndexType::Equality), + 1 => Ok(IndexType::Presence), + 2 => Ok(IndexType::SubString), _ => Err(()), } } @@ -77,17 +77,17 @@ impl TryFrom for IndexType { impl IndexType { pub fn as_idx_str(&self) -> &str { match self { - IndexType::EQUALITY => "eq", - IndexType::PRESENCE => "pres", - IndexType::SUBSTRING => "sub", + IndexType::Equality => "eq", + IndexType::Presence => "pres", + IndexType::SubString => "sub", } } pub fn to_usize(&self) -> usize { match self { - IndexType::EQUALITY => 0, - IndexType::PRESENCE => 1, - IndexType::SUBSTRING => 2, + IndexType::Equality => 0, + IndexType::Presence => 1, + IndexType::SubString => 2, } } } @@ -98,9 +98,9 @@ impl fmt::Display for IndexType { f, "{}", match self { - IndexType::EQUALITY => "EQUALITY", - IndexType::PRESENCE => "PRESENCE", - IndexType::SUBSTRING => "SUBSTRING", + IndexType::Equality => "EQUALITY", + IndexType::Presence => "PRESENCE", + IndexType::SubString => "SUBSTRING", } ) } @@ -112,22 +112,22 @@ pub enum SyntaxType { // We need an insensitive string type too ... // We also need to "self host" a syntax type, and index type UTF8STRING, - UTF8STRING_INSENSITIVE, - UTF8STRING_INAME, - UUID, - BOOLEAN, + Utf8StringInsensitive, + Utf8StringIname, + Uuid, + Boolean, SYNTAX_ID, INDEX_ID, REFERENCE_UUID, JSON_FILTER, - CREDENTIAL, - RADIUS_UTF8STRING, - SSHKEY, - SERVICE_PRINCIPLE_NAME, + Credential, + RadiusUtf8String, + SshKey, + ServicePrincipalName, UINT32, - CID, - NSUNIQUEID, - DATETIME, + Cid, + NsUniqueId, + DateTime, } impl TryFrom<&str> for SyntaxType { @@ -137,22 +137,22 @@ impl TryFrom<&str> for SyntaxType { let n_value = value.to_uppercase(); match n_value.as_str() { "UTF8STRING" => Ok(SyntaxType::UTF8STRING), - "UTF8STRING_INSENSITIVE" => Ok(SyntaxType::UTF8STRING_INSENSITIVE), - "UTF8STRING_INAME" => Ok(SyntaxType::UTF8STRING_INAME), - "UUID" => Ok(SyntaxType::UUID), - "BOOLEAN" => Ok(SyntaxType::BOOLEAN), + "UTF8STRING_INSENSITIVE" => Ok(SyntaxType::Utf8StringInsensitive), + "UTF8STRING_INAME" => Ok(SyntaxType::Utf8StringIname), + "UUID" => Ok(SyntaxType::Uuid), + "BOOLEAN" => Ok(SyntaxType::Boolean), "SYNTAX_ID" => Ok(SyntaxType::SYNTAX_ID), "INDEX_ID" => Ok(SyntaxType::INDEX_ID), "REFERENCE_UUID" => Ok(SyntaxType::REFERENCE_UUID), "JSON_FILTER" => Ok(SyntaxType::JSON_FILTER), - "CREDENTIAL" => Ok(SyntaxType::CREDENTIAL), - "RADIUS_UTF8STRING" => Ok(SyntaxType::RADIUS_UTF8STRING), - "SSHKEY" => Ok(SyntaxType::SSHKEY), - "SERVICE_PRINCIPLE_NAME" => Ok(SyntaxType::SERVICE_PRINCIPLE_NAME), + "CREDENTIAL" => Ok(SyntaxType::Credential), + "RADIUS_UTF8STRING" => Ok(SyntaxType::RadiusUtf8String), + "SSHKEY" => Ok(SyntaxType::SshKey), + "SERVICE_PRINCIPLE_NAME" => Ok(SyntaxType::ServicePrincipalName), "UINT32" => Ok(SyntaxType::UINT32), - "CID" => Ok(SyntaxType::CID), - "NSUNIQUEID" => Ok(SyntaxType::NSUNIQUEID), - "DATETIME" => Ok(SyntaxType::DATETIME), + "CID" => Ok(SyntaxType::Cid), + "NSUNIQUEID" => Ok(SyntaxType::NsUniqueId), + "DATETIME" => Ok(SyntaxType::DateTime), _ => Err(()), } } @@ -164,22 +164,22 @@ impl TryFrom for SyntaxType { fn try_from(value: usize) -> Result { match value { 0 => Ok(SyntaxType::UTF8STRING), - 1 => Ok(SyntaxType::UTF8STRING_INSENSITIVE), - 2 => Ok(SyntaxType::UUID), - 3 => Ok(SyntaxType::BOOLEAN), + 1 => Ok(SyntaxType::Utf8StringInsensitive), + 2 => Ok(SyntaxType::Uuid), + 3 => Ok(SyntaxType::Boolean), 4 => Ok(SyntaxType::SYNTAX_ID), 5 => Ok(SyntaxType::INDEX_ID), 6 => Ok(SyntaxType::REFERENCE_UUID), 7 => Ok(SyntaxType::JSON_FILTER), - 8 => Ok(SyntaxType::CREDENTIAL), - 9 => Ok(SyntaxType::RADIUS_UTF8STRING), - 10 => Ok(SyntaxType::SSHKEY), - 11 => Ok(SyntaxType::SERVICE_PRINCIPLE_NAME), + 8 => Ok(SyntaxType::Credential), + 9 => Ok(SyntaxType::RadiusUtf8String), + 10 => Ok(SyntaxType::SshKey), + 11 => Ok(SyntaxType::ServicePrincipalName), 12 => Ok(SyntaxType::UINT32), - 13 => Ok(SyntaxType::CID), - 14 => Ok(SyntaxType::UTF8STRING_INAME), - 15 => Ok(SyntaxType::NSUNIQUEID), - 16 => Ok(SyntaxType::DATETIME), + 13 => Ok(SyntaxType::Cid), + 14 => Ok(SyntaxType::Utf8StringIname), + 15 => Ok(SyntaxType::NsUniqueId), + 16 => Ok(SyntaxType::DateTime), _ => Err(()), } } @@ -189,22 +189,22 @@ impl SyntaxType { pub fn to_usize(&self) -> usize { match self { SyntaxType::UTF8STRING => 0, - SyntaxType::UTF8STRING_INSENSITIVE => 1, - SyntaxType::UUID => 2, - SyntaxType::BOOLEAN => 3, + SyntaxType::Utf8StringInsensitive => 1, + SyntaxType::Uuid => 2, + SyntaxType::Boolean => 3, SyntaxType::SYNTAX_ID => 4, SyntaxType::INDEX_ID => 5, SyntaxType::REFERENCE_UUID => 6, SyntaxType::JSON_FILTER => 7, - SyntaxType::CREDENTIAL => 8, - SyntaxType::RADIUS_UTF8STRING => 9, - SyntaxType::SSHKEY => 10, - SyntaxType::SERVICE_PRINCIPLE_NAME => 11, + SyntaxType::Credential => 8, + SyntaxType::RadiusUtf8String => 9, + SyntaxType::SshKey => 10, + SyntaxType::ServicePrincipalName => 11, SyntaxType::UINT32 => 12, - SyntaxType::CID => 13, - SyntaxType::UTF8STRING_INAME => 14, - SyntaxType::NSUNIQUEID => 15, - SyntaxType::DATETIME => 16, + SyntaxType::Cid => 13, + SyntaxType::Utf8StringIname => 14, + SyntaxType::NsUniqueId => 15, + SyntaxType::DateTime => 16, } } } @@ -216,22 +216,22 @@ impl fmt::Display for SyntaxType { "{}", match self { SyntaxType::UTF8STRING => "UTF8STRING", - SyntaxType::UTF8STRING_INSENSITIVE => "UTF8STRING_INSENSITIVE", - SyntaxType::UTF8STRING_INAME => "UTF8STRING_INAME", - SyntaxType::UUID => "UUID", - SyntaxType::BOOLEAN => "BOOLEAN", + SyntaxType::Utf8StringInsensitive => "UTF8STRING_INSENSITIVE", + SyntaxType::Utf8StringIname => "UTF8STRING_INAME", + SyntaxType::Uuid => "UUID", + SyntaxType::Boolean => "BOOLEAN", SyntaxType::SYNTAX_ID => "SYNTAX_ID", SyntaxType::INDEX_ID => "INDEX_ID", SyntaxType::REFERENCE_UUID => "REFERENCE_UUID", SyntaxType::JSON_FILTER => "JSON_FILTER", - SyntaxType::CREDENTIAL => "CREDENTIAL", - SyntaxType::RADIUS_UTF8STRING => "RADIUS_UTF8STRING", - SyntaxType::SSHKEY => "SSHKEY", - SyntaxType::SERVICE_PRINCIPLE_NAME => "SERVICE_PRINCIPLE_NAME", + SyntaxType::Credential => "CREDENTIAL", + SyntaxType::RadiusUtf8String => "RADIUS_UTF8STRING", + SyntaxType::SshKey => "SSHKEY", + SyntaxType::ServicePrincipalName => "SERVICE_PRINCIPLE_NAME", SyntaxType::UINT32 => "UINT32", - SyntaxType::CID => "CID", - SyntaxType::NSUNIQUEID => "NSUNIQUEID", - SyntaxType::DATETIME => "DATETIME", + SyntaxType::Cid => "CID", + SyntaxType::NsUniqueId => "NSUNIQUEID", + SyntaxType::DateTime => "DATETIME", } ) } @@ -1390,13 +1390,13 @@ mod tests { #[test] fn test_value_index_tryfrom() { let r1 = IndexType::try_from("EQUALITY"); - assert_eq!(r1, Ok(IndexType::EQUALITY)); + assert_eq!(r1, Ok(IndexType::Equality)); let r2 = IndexType::try_from("PRESENCE"); - assert_eq!(r2, Ok(IndexType::PRESENCE)); + assert_eq!(r2, Ok(IndexType::Presence)); let r3 = IndexType::try_from("SUBSTRING"); - assert_eq!(r3, Ok(IndexType::SUBSTRING)); + assert_eq!(r3, Ok(IndexType::SubString)); let r4 = IndexType::try_from("thaoeusaneuh"); assert_eq!(r4, Err(())); @@ -1408,10 +1408,10 @@ mod tests { assert_eq!(r1, Ok(SyntaxType::UTF8STRING)); let r2 = SyntaxType::try_from("UTF8STRING_INSENSITIVE"); - assert_eq!(r2, Ok(SyntaxType::UTF8STRING_INSENSITIVE)); + assert_eq!(r2, Ok(SyntaxType::Utf8StringInsensitive)); let r3 = SyntaxType::try_from("BOOLEAN"); - assert_eq!(r3, Ok(SyntaxType::BOOLEAN)); + assert_eq!(r3, Ok(SyntaxType::Boolean)); let r4 = SyntaxType::try_from("SYNTAX_ID"); assert_eq!(r4, Ok(SyntaxType::SYNTAX_ID)); @@ -1596,7 +1596,7 @@ mod tests { "Who the ACP applies to, constraining or allowing operations.", ), multivalue: false, - index: vec![IndexType::EQUALITY, IndexType::SUBSTRING], + index: vec![IndexType::Equality, IndexType::SubString], syntax: SyntaxType::JSON_FILTER, }; @@ -1629,7 +1629,7 @@ mod tests { uuid: Uuid::parse_str(UUID_SCHEMA_ATTR_UUID).expect("unable to parse const uuid"), description: String::from("The universal unique id of the object"), multivalue: false, - index: vec![IndexType::EQUALITY], + index: vec![IndexType::Equality], syntax: SyntaxType::UUID, }; let u1 = String::from("936DA01F9ABD4d9d80C702AF85C822A8");