mirror of
https://github.com/kanidm/kanidm.git
synced 2025-02-23 20:47:01 +01:00
20230125 pre rel cleanup (#1348)
This commit is contained in:
Firstyear
GitHub
parent
3894dd43df
commit
6f7afc0a72
|
|
@ -51,7 +51,7 @@ impl Decoder for ClientCodec {
|
||||||
type Item = ClientRequest;
|
type Item = ClientRequest;
|
||||||
|
|
||||||
fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
|
fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
|
||||||
match serde_json::from_slice::<ClientRequest>(&src) {
|
match serde_json::from_slice::<ClientRequest>(src) {
|
||||||
Ok(msg) => {
|
Ok(msg) => {
|
||||||
// Clear the buffer for the next message.
|
// Clear the buffer for the next message.
|
||||||
src.clear();
|
src.clear();
|
||||||
|
|
@ -89,7 +89,7 @@ impl Decoder for TaskCodec {
|
||||||
type Item = TaskResponse;
|
type Item = TaskResponse;
|
||||||
|
|
||||||
fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
|
fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
|
||||||
match serde_json::from_slice::<TaskResponse>(&src) {
|
match serde_json::from_slice::<TaskResponse>(src) {
|
||||||
Ok(msg) => {
|
Ok(msg) => {
|
||||||
// Clear the buffer for the next message.
|
// Clear the buffer for the next message.
|
||||||
src.clear();
|
src.clear();
|
||||||
|
|
@ -419,11 +419,9 @@ async fn main() {
|
||||||
if clap_args.get_flag("skip-root-check") {
|
if clap_args.get_flag("skip-root-check") {
|
||||||
warn!("Skipping root user check, if you're running this for testing, ensure you clean up temporary files.")
|
warn!("Skipping root user check, if you're running this for testing, ensure you clean up temporary files.")
|
||||||
// TODO: this wording is not great m'kay.
|
// TODO: this wording is not great m'kay.
|
||||||
} else {
|
} else if cuid == 0 || ceuid == 0 || cgid == 0 || cegid == 0 {
|
||||||
if cuid == 0 || ceuid == 0 || cgid == 0 || cegid == 0 {
|
error!("Refusing to run - this process must not operate as root.");
|
||||||
error!("Refusing to run - this process must not operate as root.");
|
return;
|
||||||
return;
|
|
||||||
}
|
|
||||||
};
|
};
|
||||||
if clap_args.get_flag("debug") {
|
if clap_args.get_flag("debug") {
|
||||||
std::env::set_var("RUST_LOG", "debug");
|
std::env::set_var("RUST_LOG", "debug");
|
||||||
|
|
@ -542,7 +540,7 @@ async fn main() {
|
||||||
|
|
||||||
|
|
||||||
// Check the db path will be okay.
|
// Check the db path will be okay.
|
||||||
if cfg.db_path != "" {
|
if !cfg.db_path.is_empty() {
|
||||||
let db_path = PathBuf::from(cfg.db_path.as_str());
|
let db_path = PathBuf::from(cfg.db_path.as_str());
|
||||||
// We only need to check the parent folder path permissions as the db itself may not exist yet.
|
// We only need to check the parent folder path permissions as the db itself may not exist yet.
|
||||||
if let Some(db_parent_path) = db_path.parent() {
|
if let Some(db_parent_path) = db_path.parent() {
|
||||||
|
|
@ -551,7 +549,7 @@ async fn main() {
|
||||||
"Refusing to run, DB folder {} does not exist",
|
"Refusing to run, DB folder {} does not exist",
|
||||||
db_parent_path
|
db_parent_path
|
||||||
.to_str()
|
.to_str()
|
||||||
.unwrap_or_else(|| "<db_parent_path invalid>")
|
.unwrap_or("<db_parent_path invalid>")
|
||||||
);
|
);
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -565,7 +563,7 @@ async fn main() {
|
||||||
"Unable to read metadata for {} - {:?}",
|
"Unable to read metadata for {} - {:?}",
|
||||||
db_par_path_buf
|
db_par_path_buf
|
||||||
.to_str()
|
.to_str()
|
||||||
.unwrap_or_else(|| "<db_par_path_buf invalid>"),
|
.unwrap_or("<db_par_path_buf invalid>"),
|
||||||
e
|
e
|
||||||
);
|
);
|
||||||
return
|
return
|
||||||
|
|
@ -577,19 +575,19 @@ async fn main() {
|
||||||
"Refusing to run - DB folder {} may not be a directory",
|
"Refusing to run - DB folder {} may not be a directory",
|
||||||
db_par_path_buf
|
db_par_path_buf
|
||||||
.to_str()
|
.to_str()
|
||||||
.unwrap_or_else(|| "<db_par_path_buf invalid>")
|
.unwrap_or("<db_par_path_buf invalid>")
|
||||||
);
|
);
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !file_permissions_readonly(&i_meta) {
|
if !file_permissions_readonly(&i_meta) {
|
||||||
warn!("WARNING: DB folder permissions on {} indicate it may not be RW. This could cause the server start up to fail!", db_par_path_buf.to_str()
|
warn!("WARNING: DB folder permissions on {} indicate it may not be RW. This could cause the server start up to fail!", db_par_path_buf.to_str()
|
||||||
.unwrap_or_else(|| "<db_par_path_buf invalid>")
|
.unwrap_or("<db_par_path_buf invalid>")
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if i_meta.mode() & 0o007 != 0 {
|
if i_meta.mode() & 0o007 != 0 {
|
||||||
warn!("WARNING: DB folder {} has 'everyone' permission bits in the mode. This could be a security risk ...", db_par_path_buf.to_str()
|
warn!("WARNING: DB folder {} has 'everyone' permission bits in the mode. This could be a security risk ...", db_par_path_buf.to_str()
|
||||||
.unwrap_or_else(|| "<db_par_path_buf invalid>")
|
.unwrap_or("<db_par_path_buf invalid>")
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -599,7 +597,7 @@ async fn main() {
|
||||||
if !db_path.is_file() {
|
if !db_path.is_file() {
|
||||||
error!(
|
error!(
|
||||||
"Refusing to run - DB path {} already exists and is not a file.",
|
"Refusing to run - DB path {} already exists and is not a file.",
|
||||||
db_path.to_str().unwrap_or_else(|| "<db_path invalid>")
|
db_path.to_str().unwrap_or("<db_path invalid>")
|
||||||
);
|
);
|
||||||
return
|
return
|
||||||
};
|
};
|
||||||
|
|
@ -609,7 +607,7 @@ async fn main() {
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
error!(
|
error!(
|
||||||
"Unable to read metadata for {} - {:?}",
|
"Unable to read metadata for {} - {:?}",
|
||||||
db_path.to_str().unwrap_or_else(|| "<db_path invalid>"),
|
db_path.to_str().unwrap_or("<db_path invalid>"),
|
||||||
e
|
e
|
||||||
);
|
);
|
||||||
return
|
return
|
||||||
|
|
|
||||||
|
|
@ -738,7 +738,7 @@ mod tests {
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
async fn test_cache_db_account_basic() {
|
async fn test_cache_db_account_basic() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let db = Db::new("").expect("failed to create.");
|
let db = Db::new("").expect("failed to create.");
|
||||||
let dbtxn = db.write().await;
|
let dbtxn = db.write().await;
|
||||||
assert!(dbtxn.migrate().is_ok());
|
assert!(dbtxn.migrate().is_ok());
|
||||||
|
|
@ -822,7 +822,7 @@ mod tests {
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
async fn test_cache_db_group_basic() {
|
async fn test_cache_db_group_basic() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let db = Db::new("").expect("failed to create.");
|
let db = Db::new("").expect("failed to create.");
|
||||||
let dbtxn = db.write().await;
|
let dbtxn = db.write().await;
|
||||||
assert!(dbtxn.migrate().is_ok());
|
assert!(dbtxn.migrate().is_ok());
|
||||||
|
|
@ -897,7 +897,7 @@ mod tests {
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
async fn test_cache_db_account_group_update() {
|
async fn test_cache_db_account_group_update() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let db = Db::new("").expect("failed to create.");
|
let db = Db::new("").expect("failed to create.");
|
||||||
let dbtxn = db.write().await;
|
let dbtxn = db.write().await;
|
||||||
assert!(dbtxn.migrate().is_ok());
|
assert!(dbtxn.migrate().is_ok());
|
||||||
|
|
@ -930,7 +930,7 @@ mod tests {
|
||||||
|
|
||||||
// First, add the groups.
|
// First, add the groups.
|
||||||
ut1.groups.iter().for_each(|g| {
|
ut1.groups.iter().for_each(|g| {
|
||||||
dbtxn.update_group(&g, 0).unwrap();
|
dbtxn.update_group(g, 0).unwrap();
|
||||||
});
|
});
|
||||||
|
|
||||||
// The add the account
|
// The add the account
|
||||||
|
|
@ -958,14 +958,14 @@ mod tests {
|
||||||
.get_group_members("b500be97-8552-42a5-aca0-668bc5625705")
|
.get_group_members("b500be97-8552-42a5-aca0-668bc5625705")
|
||||||
.unwrap();
|
.unwrap();
|
||||||
assert!(m1[0].name == "testuser");
|
assert!(m1[0].name == "testuser");
|
||||||
assert!(m2.len() == 0);
|
assert!(m2.is_empty());
|
||||||
|
|
||||||
assert!(dbtxn.commit().is_ok());
|
assert!(dbtxn.commit().is_ok());
|
||||||
}
|
}
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
async fn test_cache_db_account_password() {
|
async fn test_cache_db_account_password() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let db = Db::new("").expect("failed to create.");
|
let db = Db::new("").expect("failed to create.");
|
||||||
let dbtxn = db.write().await;
|
let dbtxn = db.write().await;
|
||||||
assert!(dbtxn.migrate().is_ok());
|
assert!(dbtxn.migrate().is_ok());
|
||||||
|
|
@ -1014,7 +1014,7 @@ mod tests {
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
async fn test_cache_db_group_rename_duplicate() {
|
async fn test_cache_db_group_rename_duplicate() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let db = Db::new("").expect("failed to create.");
|
let db = Db::new("").expect("failed to create.");
|
||||||
let dbtxn = db.write().await;
|
let dbtxn = db.write().await;
|
||||||
assert!(dbtxn.migrate().is_ok());
|
assert!(dbtxn.migrate().is_ok());
|
||||||
|
|
@ -1069,7 +1069,7 @@ mod tests {
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
async fn test_cache_db_account_rename_duplicate() {
|
async fn test_cache_db_account_rename_duplicate() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let db = Db::new("").expect("failed to create.");
|
let db = Db::new("").expect("failed to create.");
|
||||||
let dbtxn = db.write().await;
|
let dbtxn = db.write().await;
|
||||||
assert!(dbtxn.migrate().is_ok());
|
assert!(dbtxn.migrate().is_ok());
|
||||||
|
|
|
||||||
|
|
@ -39,7 +39,7 @@ impl Decoder for TaskCodec {
|
||||||
type Item = TaskRequest;
|
type Item = TaskRequest;
|
||||||
|
|
||||||
fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
|
fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
|
||||||
match serde_json::from_slice::<TaskRequest>(&src) {
|
match serde_json::from_slice::<TaskRequest>(src) {
|
||||||
Ok(msg) => {
|
Ok(msg) => {
|
||||||
// Clear the buffer for the next message.
|
// Clear the buffer for the next message.
|
||||||
src.clear();
|
src.clear();
|
||||||
|
|
@ -90,8 +90,7 @@ fn create_home_directory(
|
||||||
let name = info
|
let name = info
|
||||||
.name
|
.name
|
||||||
.trim_start_matches('.')
|
.trim_start_matches('.')
|
||||||
.replace("/", "")
|
.replace(['/', '\\'], "");
|
||||||
.replace("\\", "");
|
|
||||||
|
|
||||||
let home_prefix_path = Path::new(home_prefix);
|
let home_prefix_path = Path::new(home_prefix);
|
||||||
|
|
||||||
|
|
@ -154,8 +153,7 @@ fn create_home_directory(
|
||||||
// let alias = alias.replace(".", "").replace("/", "").replace("\\", "");
|
// let alias = alias.replace(".", "").replace("/", "").replace("\\", "");
|
||||||
let alias = alias
|
let alias = alias
|
||||||
.trim_start_matches('.')
|
.trim_start_matches('.')
|
||||||
.replace("/", "")
|
.replace(['/', '\\'], "");
|
||||||
.replace("\\", "");
|
|
||||||
let alias_path_raw = format!("{}{}", home_prefix, alias);
|
let alias_path_raw = format!("{}{}", home_prefix, alias);
|
||||||
let alias_path = Path::new(&alias_path_raw);
|
let alias_path = Path::new(&alias_path_raw);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ async fn main() {
|
||||||
|
|
||||||
let cfg = KanidmUnixdConfig::new()
|
let cfg = KanidmUnixdConfig::new()
|
||||||
.read_options_from_optional_config(DEFAULT_CONFIG_PATH)
|
.read_options_from_optional_config(DEFAULT_CONFIG_PATH)
|
||||||
.expect(&format!("Failed to parse {}", DEFAULT_CONFIG_PATH));
|
.unwrap_or_else(|_| panic!("Failed to parse {}", DEFAULT_CONFIG_PATH));
|
||||||
|
|
||||||
let password = rpassword::prompt_password("Enter Unix password: ").unwrap();
|
let password = rpassword::prompt_password("Enter Unix password: ").unwrap();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -40,7 +40,7 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn setup_test(fix_fn: Fixture) -> (CacheLayer, KanidmClient) {
|
async fn setup_test(fix_fn: Fixture) -> (CacheLayer, KanidmClient) {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
|
|
||||||
let mut counter = 0;
|
let mut counter = 0;
|
||||||
let port = loop {
|
let port = loop {
|
||||||
|
|
@ -183,7 +183,7 @@ async fn test_cache_sshkey() {
|
||||||
.get_sshkeys("testaccount1")
|
.get_sshkeys("testaccount1")
|
||||||
.await
|
.await
|
||||||
.expect("Failed to get from cache.");
|
.expect("Failed to get from cache.");
|
||||||
assert!(sk.len() == 0);
|
assert!(sk.is_empty());
|
||||||
|
|
||||||
// Bring ourselves online.
|
// Bring ourselves online.
|
||||||
cachelayer.attempt_online().await;
|
cachelayer.attempt_online().await;
|
||||||
|
|
@ -228,7 +228,7 @@ async fn test_cache_account() {
|
||||||
assert!(ut.is_some());
|
assert!(ut.is_some());
|
||||||
|
|
||||||
// #392: Check that a `shell=None` is set to `default_shell`.
|
// #392: Check that a `shell=None` is set to `default_shell`.
|
||||||
assert!(ut.unwrap().shell == DEFAULT_SHELL.to_string());
|
assert!(ut.unwrap().shell == *DEFAULT_SHELL);
|
||||||
|
|
||||||
// go offline
|
// go offline
|
||||||
cachelayer.mark_offline().await;
|
cachelayer.mark_offline().await;
|
||||||
|
|
@ -277,7 +277,7 @@ async fn test_cache_group() {
|
||||||
assert!(gt.is_some());
|
assert!(gt.is_some());
|
||||||
// And check we have no members in the group. Members are an artifact of
|
// And check we have no members in the group. Members are an artifact of
|
||||||
// user lookups!
|
// user lookups!
|
||||||
assert!(gt.unwrap().members.len() == 0);
|
assert!(gt.unwrap().members.is_empty());
|
||||||
|
|
||||||
// clear cache, go online
|
// clear cache, go online
|
||||||
assert!(cachelayer.invalidate().await.is_ok());
|
assert!(cachelayer.invalidate().await.is_ok());
|
||||||
|
|
@ -465,7 +465,7 @@ async fn test_cache_account_password() {
|
||||||
.pam_account_authenticate("testaccount1", TESTACCOUNT1_PASSWORD_B)
|
.pam_account_authenticate("testaccount1", TESTACCOUNT1_PASSWORD_B)
|
||||||
.await
|
.await
|
||||||
.expect("failed to authenticate");
|
.expect("failed to authenticate");
|
||||||
assert!(a7 == None);
|
assert!(a7.is_none());
|
||||||
|
|
||||||
// go online
|
// go online
|
||||||
cachelayer.attempt_online().await;
|
cachelayer.attempt_online().await;
|
||||||
|
|
@ -520,13 +520,13 @@ async fn test_cache_account_pam_nonexist() {
|
||||||
.pam_account_allowed("NO_SUCH_ACCOUNT")
|
.pam_account_allowed("NO_SUCH_ACCOUNT")
|
||||||
.await
|
.await
|
||||||
.expect("failed to authenticate");
|
.expect("failed to authenticate");
|
||||||
assert!(a1 == None);
|
assert!(a1.is_none());
|
||||||
|
|
||||||
let a2 = cachelayer
|
let a2 = cachelayer
|
||||||
.pam_account_authenticate("NO_SUCH_ACCOUNT", TESTACCOUNT1_PASSWORD_B)
|
.pam_account_authenticate("NO_SUCH_ACCOUNT", TESTACCOUNT1_PASSWORD_B)
|
||||||
.await
|
.await
|
||||||
.expect("failed to authenticate");
|
.expect("failed to authenticate");
|
||||||
assert!(a2 == None);
|
assert!(a2.is_none());
|
||||||
|
|
||||||
cachelayer.mark_offline().await;
|
cachelayer.mark_offline().await;
|
||||||
|
|
||||||
|
|
@ -534,13 +534,13 @@ async fn test_cache_account_pam_nonexist() {
|
||||||
.pam_account_allowed("NO_SUCH_ACCOUNT")
|
.pam_account_allowed("NO_SUCH_ACCOUNT")
|
||||||
.await
|
.await
|
||||||
.expect("failed to authenticate");
|
.expect("failed to authenticate");
|
||||||
assert!(a1 == None);
|
assert!(a1.is_none());
|
||||||
|
|
||||||
let a2 = cachelayer
|
let a2 = cachelayer
|
||||||
.pam_account_authenticate("NO_SUCH_ACCOUNT", TESTACCOUNT1_PASSWORD_B)
|
.pam_account_authenticate("NO_SUCH_ACCOUNT", TESTACCOUNT1_PASSWORD_B)
|
||||||
.await
|
.await
|
||||||
.expect("failed to authenticate");
|
.expect("failed to authenticate");
|
||||||
assert!(a2 == None);
|
assert!(a2.is_none());
|
||||||
}
|
}
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
|
|
@ -579,7 +579,7 @@ async fn test_cache_account_expiry() {
|
||||||
.get_sshkeys("testaccount1")
|
.get_sshkeys("testaccount1")
|
||||||
.await
|
.await
|
||||||
.expect("Failed to get from cache.");
|
.expect("Failed to get from cache.");
|
||||||
assert!(sk.len() == 0);
|
assert!(sk.is_empty());
|
||||||
|
|
||||||
// Pam account allowed should be denied.
|
// Pam account allowed should be denied.
|
||||||
let a3 = cachelayer
|
let a3 = cachelayer
|
||||||
|
|
@ -603,7 +603,7 @@ async fn test_cache_account_expiry() {
|
||||||
.get_sshkeys("testaccount1")
|
.get_sshkeys("testaccount1")
|
||||||
.await
|
.await
|
||||||
.expect("Failed to get from cache.");
|
.expect("Failed to get from cache.");
|
||||||
assert!(sk.len() == 0);
|
assert!(sk.is_empty());
|
||||||
|
|
||||||
// Pam account allowed should be denied.
|
// Pam account allowed should be denied.
|
||||||
let a5 = cachelayer
|
let a5 = cachelayer
|
||||||
|
|
|
||||||
|
|
@ -128,7 +128,7 @@ pub async fn manifest(req: tide::Request<AppState>) -> tide::Result {
|
||||||
];
|
];
|
||||||
|
|
||||||
let start_url = match req.host() {
|
let start_url = match req.host() {
|
||||||
Some(value) => format!("https://{}/", value).clone(),
|
Some(value) => format!("https://{}/", value),
|
||||||
None => String::from("/"),
|
None => String::from("/"),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -110,13 +110,10 @@ impl<State: Clone + Send + Sync + 'static> tide::Middleware<State> for StrictRes
|
||||||
Ok(response)
|
Ok(response)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#[derive(Default)]
|
||||||
struct StrictRequestMiddleware;
|
struct StrictRequestMiddleware;
|
||||||
|
|
||||||
impl Default for StrictRequestMiddleware {
|
|
||||||
fn default() -> Self {
|
|
||||||
StrictRequestMiddleware {}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[async_trait::async_trait]
|
#[async_trait::async_trait]
|
||||||
impl<State: Clone + Send + Sync + 'static> tide::Middleware<State> for StrictRequestMiddleware {
|
impl<State: Clone + Send + Sync + 'static> tide::Middleware<State> for StrictRequestMiddleware {
|
||||||
|
|
@ -157,7 +154,7 @@ pub struct UIContentSecurityPolicyResponseMiddleware {
|
||||||
}
|
}
|
||||||
impl UIContentSecurityPolicyResponseMiddleware {
|
impl UIContentSecurityPolicyResponseMiddleware {
|
||||||
pub fn new(hashes: Vec<JavaScriptFile>) -> Self {
|
pub fn new(hashes: Vec<JavaScriptFile>) -> Self {
|
||||||
return Self { hashes };
|
Self { hashes }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -344,7 +344,8 @@ pub fn create_https_server(
|
||||||
|
|
||||||
if !matches!(role, ServerRole::WriteReplicaNoUI) {
|
if !matches!(role, ServerRole::WriteReplicaNoUI) {
|
||||||
// let's set up the list of js module hashes
|
// let's set up the list of js module hashes
|
||||||
for filepath in ["wasmloader.js"] {
|
{
|
||||||
|
let filepath = "wasmloader.js";
|
||||||
js_files.push(JavaScriptFile {
|
js_files.push(JavaScriptFile {
|
||||||
filepath,
|
filepath,
|
||||||
hash: generate_integrity_hash(format!(
|
hash: generate_integrity_hash(format!(
|
||||||
|
|
@ -357,7 +358,8 @@ pub fn create_https_server(
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
// let's set up the list of non-module hashes
|
// let's set up the list of non-module hashes
|
||||||
for filepath in ["external/bootstrap.bundle.min.js"] {
|
{
|
||||||
|
let filepath = "external/bootstrap.bundle.min.js";
|
||||||
js_files.push(JavaScriptFile {
|
js_files.push(JavaScriptFile {
|
||||||
filepath,
|
filepath,
|
||||||
hash: generate_integrity_hash(format!(
|
hash: generate_integrity_hash(format!(
|
||||||
|
|
|
||||||
|
|
@ -77,17 +77,12 @@ pub struct RouteInfo {
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Clone, Debug, Deserialize, Serialize)]
|
#[derive(Clone, Debug, Deserialize, Serialize)]
|
||||||
|
#[derive(Default)]
|
||||||
pub struct RouteMap {
|
pub struct RouteMap {
|
||||||
pub routelist: Vec<RouteInfo>,
|
pub routelist: Vec<RouteInfo>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Default for RouteMap {
|
|
||||||
fn default() -> Self {
|
|
||||||
RouteMap {
|
|
||||||
routelist: Vec::new(),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl RouteMap {
|
impl RouteMap {
|
||||||
// Serializes the object out to a pretty JSON blob
|
// Serializes the object out to a pretty JSON blob
|
||||||
|
|
|
||||||
|
|
@ -584,7 +584,7 @@ pub async fn account_get_id_credential_update_intent(req: tide::Request<AppState
|
||||||
})
|
})
|
||||||
.ok()
|
.ok()
|
||||||
})
|
})
|
||||||
.map(|s| Duration::from_secs(s));
|
.map(Duration::from_secs);
|
||||||
|
|
||||||
let (eventid, hvalue) = req.new_eventid();
|
let (eventid, hvalue) = req.new_eventid();
|
||||||
|
|
||||||
|
|
@ -1115,7 +1115,7 @@ pub async fn auth(mut req: tide::Request<AppState>) -> tide::Result {
|
||||||
|
|
||||||
let jws = Jws::new(SessionId { sessionid });
|
let jws = Jws::new(SessionId { sessionid });
|
||||||
// Get the header token ready.
|
// Get the header token ready.
|
||||||
jws.sign(&kref)
|
jws.sign(kref)
|
||||||
.map(|jwss| {
|
.map(|jwss| {
|
||||||
auth_session_id_tok = Some(jwss.to_string());
|
auth_session_id_tok = Some(jwss.to_string());
|
||||||
})
|
})
|
||||||
|
|
@ -1141,7 +1141,7 @@ pub async fn auth(mut req: tide::Request<AppState>) -> tide::Result {
|
||||||
let kref = &req.state().jws_signer;
|
let kref = &req.state().jws_signer;
|
||||||
// Get the header token ready.
|
// Get the header token ready.
|
||||||
let jws = Jws::new(SessionId { sessionid });
|
let jws = Jws::new(SessionId { sessionid });
|
||||||
jws.sign(&kref)
|
jws.sign(kref)
|
||||||
.map(|jwss| {
|
.map(|jwss| {
|
||||||
auth_session_id_tok = Some(jwss.to_string());
|
auth_session_id_tok = Some(jwss.to_string());
|
||||||
})
|
})
|
||||||
|
|
|
||||||
|
|
@ -53,7 +53,7 @@ impl KanidmdOpt {
|
||||||
}
|
}
|
||||||
| KanidmdOpt::DbScan {
|
| KanidmdOpt::DbScan {
|
||||||
commands: DbScanOpt::ListIndexAnalysis(sopt),
|
commands: DbScanOpt::ListIndexAnalysis(sopt),
|
||||||
} => &sopt,
|
} => sopt,
|
||||||
KanidmdOpt::Database {
|
KanidmdOpt::Database {
|
||||||
commands: DbCommands::Backup(bopt),
|
commands: DbCommands::Backup(bopt),
|
||||||
} => &bopt.commonopts,
|
} => &bopt.commonopts,
|
||||||
|
|
@ -70,18 +70,18 @@ impl KanidmdOpt {
|
||||||
} => &dopt.commonopts,
|
} => &dopt.commonopts,
|
||||||
KanidmdOpt::DomainSettings {
|
KanidmdOpt::DomainSettings {
|
||||||
commands: DomainSettingsCmds::DomainChange(sopt),
|
commands: DomainSettingsCmds::DomainChange(sopt),
|
||||||
} => &sopt,
|
} => sopt,
|
||||||
KanidmdOpt::Database {
|
KanidmdOpt::Database {
|
||||||
commands: DbCommands::Verify(sopt),
|
commands: DbCommands::Verify(sopt),
|
||||||
}
|
}
|
||||||
| KanidmdOpt::Database {
|
| KanidmdOpt::Database {
|
||||||
commands: DbCommands::Reindex(sopt),
|
commands: DbCommands::Reindex(sopt),
|
||||||
} => &sopt,
|
} => sopt,
|
||||||
KanidmdOpt::Database {
|
KanidmdOpt::Database {
|
||||||
commands: DbCommands::Vacuum(copt),
|
commands: DbCommands::Vacuum(copt),
|
||||||
} => &copt,
|
} => copt,
|
||||||
KanidmdOpt::HealthCheck(hcopt) => &hcopt.commonopts,
|
KanidmdOpt::HealthCheck(hcopt) => &hcopt.commonopts,
|
||||||
KanidmdOpt::Version(copt) => &copt,
|
KanidmdOpt::Version(copt) => copt,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -231,10 +231,10 @@ async fn main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
config.update_db_path(&sconfig.db_path.as_str());
|
config.update_db_path(sconfig.db_path.as_str());
|
||||||
config.update_db_fs_type(&sconfig.db_fs_type);
|
config.update_db_fs_type(&sconfig.db_fs_type);
|
||||||
config.update_origin(&sconfig.origin.as_str());
|
config.update_origin(sconfig.origin.as_str());
|
||||||
config.update_domain(&sconfig.domain.as_str());
|
config.update_domain(sconfig.domain.as_str());
|
||||||
config.update_db_arc_size(sconfig.db_arc_size);
|
config.update_db_arc_size(sconfig.db_arc_size);
|
||||||
config.update_role(sconfig.role);
|
config.update_role(sconfig.role);
|
||||||
config.update_output_mode(opt.commands.commonopt().output_mode.to_owned().into());
|
config.update_output_mode(opt.commands.commonopt().output_mode.to_owned().into());
|
||||||
|
|
@ -493,7 +493,7 @@ async fn main() {
|
||||||
if error.is_timeout() {
|
if error.is_timeout() {
|
||||||
format!("Timeout connecting to url={healthcheck_url}")
|
format!("Timeout connecting to url={healthcheck_url}")
|
||||||
} else if error.is_connect() {
|
} else if error.is_connect() {
|
||||||
format!("Connection failed: {}", error.to_string())
|
format!("Connection failed: {}", error)
|
||||||
} else {
|
} else {
|
||||||
format!("Failed to complete healthcheck: {:?}", error)
|
format!("Failed to complete healthcheck: {:?}", error)
|
||||||
}
|
}
|
||||||
|
|
@ -506,7 +506,7 @@ async fn main() {
|
||||||
println!("OK")
|
println!("OK")
|
||||||
}
|
}
|
||||||
KanidmdOpt::Version(_) => {
|
KanidmdOpt::Version(_) => {
|
||||||
return
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ use std::time::{Duration, Instant};
|
||||||
use criterion::{
|
use criterion::{
|
||||||
criterion_group, criterion_main, BenchmarkId, Criterion, SamplingMode, Throughput,
|
criterion_group, criterion_main, BenchmarkId, Criterion, SamplingMode, Throughput,
|
||||||
};
|
};
|
||||||
use kanidmd_lib;
|
|
||||||
use kanidmd_lib::entry::{Entry, EntryInit, EntryNew};
|
use kanidmd_lib::entry::{Entry, EntryInit, EntryNew};
|
||||||
use kanidmd_lib::entry_init;
|
use kanidmd_lib::entry_init;
|
||||||
use kanidmd_lib::utils::duration_from_epoch_now;
|
use kanidmd_lib::utils::duration_from_epoch_now;
|
||||||
|
|
|
||||||
|
|
@ -1579,11 +1579,11 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idl_sqlite_verify() {
|
fn test_idl_sqlite_verify() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let cfg = BackendConfig::new_test("main");
|
let cfg = BackendConfig::new_test("main");
|
||||||
let be = IdlSqlite::new(&cfg, false).unwrap();
|
let be = IdlSqlite::new(&cfg, false).unwrap();
|
||||||
let be_w = be.write();
|
let be_w = be.write();
|
||||||
let r = be_w.verify();
|
let r = be_w.verify();
|
||||||
assert!(r.len() == 0);
|
assert!(r.is_empty());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1923,7 +1923,7 @@ mod tests {
|
||||||
e.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
|
e.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
|
||||||
let e = unsafe { e.into_sealed_new() };
|
let e = unsafe { e.into_sealed_new() };
|
||||||
|
|
||||||
let single_result = be.create(&CID_ZERO, vec![e.clone()]);
|
let single_result = be.create(&CID_ZERO, vec![e]);
|
||||||
assert!(single_result.is_ok());
|
assert!(single_result.is_ok());
|
||||||
// Test a simple EQ search
|
// Test a simple EQ search
|
||||||
|
|
||||||
|
|
@ -1981,10 +1981,10 @@ mod tests {
|
||||||
// However, with some unsafe ....
|
// However, with some unsafe ....
|
||||||
let ue1 = unsafe { e1.clone().into_sealed_committed() };
|
let ue1 = unsafe { e1.clone().into_sealed_committed() };
|
||||||
assert!(be
|
assert!(be
|
||||||
.modify(&CID_ZERO, &vec![Arc::new(ue1.clone())], &vec![ue1])
|
.modify(&CID_ZERO, &[Arc::new(ue1.clone())], &[ue1])
|
||||||
.is_err());
|
.is_err());
|
||||||
// Modify none
|
// Modify none
|
||||||
assert!(be.modify(&CID_ZERO, &vec![], &vec![]).is_err());
|
assert!(be.modify(&CID_ZERO, &[], &[]).is_err());
|
||||||
|
|
||||||
// Make some changes to r1, r2.
|
// Make some changes to r1, r2.
|
||||||
let pre1 = unsafe { Arc::new(r1.clone().into_sealed_committed()) };
|
let pre1 = unsafe { Arc::new(r1.clone().into_sealed_committed()) };
|
||||||
|
|
@ -1999,7 +1999,7 @@ mod tests {
|
||||||
|
|
||||||
// Modify single
|
// Modify single
|
||||||
assert!(be
|
assert!(be
|
||||||
.modify(&CID_ZERO, &vec![pre1.clone()], &vec![vr1.clone()])
|
.modify(&CID_ZERO, &[pre1], &[vr1.clone()])
|
||||||
.is_ok());
|
.is_ok());
|
||||||
// Assert no other changes
|
// Assert no other changes
|
||||||
assert!(entry_attr_pres!(be, vr1, "desc"));
|
assert!(entry_attr_pres!(be, vr1, "desc"));
|
||||||
|
|
@ -2009,8 +2009,8 @@ mod tests {
|
||||||
assert!(be
|
assert!(be
|
||||||
.modify(
|
.modify(
|
||||||
&CID_ZERO,
|
&CID_ZERO,
|
||||||
&vec![Arc::new(vr1.clone()), pre2.clone()],
|
&[Arc::new(vr1.clone()), pre2],
|
||||||
&vec![vr1.clone(), vr2.clone()]
|
&[vr1.clone(), vr2.clone()]
|
||||||
)
|
)
|
||||||
.is_ok());
|
.is_ok());
|
||||||
|
|
||||||
|
|
@ -2065,7 +2065,7 @@ mod tests {
|
||||||
let r1_ts = unsafe { r1.to_tombstone(CID_ONE.clone()).into_sealed_committed() };
|
let r1_ts = unsafe { r1.to_tombstone(CID_ONE.clone()).into_sealed_committed() };
|
||||||
|
|
||||||
assert!(be
|
assert!(be
|
||||||
.modify(&CID_ONE, &vec![r1.clone(),], &vec![r1_ts.clone()])
|
.modify(&CID_ONE, &[r1], &[r1_ts.clone()])
|
||||||
.is_ok());
|
.is_ok());
|
||||||
|
|
||||||
let r2_ts = unsafe { r2.to_tombstone(CID_TWO.clone()).into_sealed_committed() };
|
let r2_ts = unsafe { r2.to_tombstone(CID_TWO.clone()).into_sealed_committed() };
|
||||||
|
|
@ -2074,8 +2074,8 @@ mod tests {
|
||||||
assert!(be
|
assert!(be
|
||||||
.modify(
|
.modify(
|
||||||
&CID_TWO,
|
&CID_TWO,
|
||||||
&vec![r2.clone(), r3.clone()],
|
&[r2, r3],
|
||||||
&vec![r2_ts.clone(), r3_ts.clone()]
|
&[r2_ts.clone(), r3_ts.clone()]
|
||||||
)
|
)
|
||||||
.is_ok());
|
.is_ok());
|
||||||
|
|
||||||
|
|
@ -2166,7 +2166,7 @@ mod tests {
|
||||||
be.backup(&db_backup_file_name).expect("Backup failed!");
|
be.backup(&db_backup_file_name).expect("Backup failed!");
|
||||||
be.restore(&db_backup_file_name).expect("Restore failed!");
|
be.restore(&db_backup_file_name).expect("Restore failed!");
|
||||||
|
|
||||||
assert!(be.verify().len() == 0);
|
assert!(be.verify().is_empty());
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -2244,7 +2244,7 @@ mod tests {
|
||||||
|
|
||||||
be.restore(&db_backup_file_name).expect("Restore failed!");
|
be.restore(&db_backup_file_name).expect("Restore failed!");
|
||||||
|
|
||||||
assert!(be.verify().len() == 0);
|
assert!(be.verify().is_empty());
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -2288,7 +2288,7 @@ mod tests {
|
||||||
e2.add_ava("uuid", Value::from("bd651620-00dd-426b-aaa0-4494f7b7906f"));
|
e2.add_ava("uuid", Value::from("bd651620-00dd-426b-aaa0-4494f7b7906f"));
|
||||||
let e2 = unsafe { e2.into_sealed_new() };
|
let e2 = unsafe { e2.into_sealed_new() };
|
||||||
|
|
||||||
be.create(&CID_ZERO, vec![e1.clone(), e2.clone()]).unwrap();
|
be.create(&CID_ZERO, vec![e1, e2]).unwrap();
|
||||||
|
|
||||||
// purge indexes
|
// purge indexes
|
||||||
be.purge_idxs().unwrap();
|
be.purge_idxs().unwrap();
|
||||||
|
|
@ -2380,7 +2380,7 @@ mod tests {
|
||||||
e1.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
|
e1.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
|
||||||
let e1 = unsafe { e1.into_sealed_new() };
|
let e1 = unsafe { e1.into_sealed_new() };
|
||||||
|
|
||||||
let rset = be.create(&CID_ZERO, vec![e1.clone()]).unwrap();
|
let rset = be.create(&CID_ZERO, vec![e1]).unwrap();
|
||||||
let mut rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
|
let mut rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
|
||||||
let e1 = rset.pop().unwrap();
|
let e1 = rset.pop().unwrap();
|
||||||
|
|
||||||
|
|
@ -2406,7 +2406,7 @@ mod tests {
|
||||||
// == Now we reap_tombstones, and assert we removed the items.
|
// == Now we reap_tombstones, and assert we removed the items.
|
||||||
let e1_ts = unsafe { e1.to_tombstone(CID_ONE.clone()).into_sealed_committed() };
|
let e1_ts = unsafe { e1.to_tombstone(CID_ONE.clone()).into_sealed_committed() };
|
||||||
assert!(be
|
assert!(be
|
||||||
.modify(&CID_ONE, &vec![e1.clone()], &vec![e1_ts.clone()])
|
.modify(&CID_ONE, &[e1], &[e1_ts])
|
||||||
.is_ok());
|
.is_ok());
|
||||||
be.reap_tombstones(&CID_TWO).unwrap();
|
be.reap_tombstones(&CID_TWO).unwrap();
|
||||||
|
|
||||||
|
|
@ -2454,7 +2454,7 @@ mod tests {
|
||||||
let e3 = unsafe { e3.into_sealed_new() };
|
let e3 = unsafe { e3.into_sealed_new() };
|
||||||
|
|
||||||
let mut rset = be
|
let mut rset = be
|
||||||
.create(&CID_ZERO, vec![e1.clone(), e2.clone(), e3.clone()])
|
.create(&CID_ZERO, vec![e1, e2, e3])
|
||||||
.unwrap();
|
.unwrap();
|
||||||
rset.remove(1);
|
rset.remove(1);
|
||||||
let mut rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
|
let mut rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
|
||||||
|
|
@ -2467,8 +2467,8 @@ mod tests {
|
||||||
assert!(be
|
assert!(be
|
||||||
.modify(
|
.modify(
|
||||||
&CID_ONE,
|
&CID_ONE,
|
||||||
&vec![e1.clone(), e3.clone()],
|
&[e1, e3],
|
||||||
&vec![e1_ts.clone(), e3_ts.clone()]
|
&[e1_ts, e3_ts]
|
||||||
)
|
)
|
||||||
.is_ok());
|
.is_ok());
|
||||||
be.reap_tombstones(&CID_TWO).unwrap();
|
be.reap_tombstones(&CID_TWO).unwrap();
|
||||||
|
|
@ -2520,7 +2520,7 @@ mod tests {
|
||||||
e1.add_ava("ta", Value::from("test"));
|
e1.add_ava("ta", Value::from("test"));
|
||||||
let e1 = unsafe { e1.into_sealed_new() };
|
let e1 = unsafe { e1.into_sealed_new() };
|
||||||
|
|
||||||
let rset = be.create(&CID_ZERO, vec![e1.clone()]).unwrap();
|
let rset = be.create(&CID_ZERO, vec![e1]).unwrap();
|
||||||
let rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
|
let rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
|
||||||
// Now, alter the new entry.
|
// Now, alter the new entry.
|
||||||
let mut ce1 = unsafe { rset[0].as_ref().clone().into_invalid() };
|
let mut ce1 = unsafe { rset[0].as_ref().clone().into_invalid() };
|
||||||
|
|
@ -2534,7 +2534,7 @@ mod tests {
|
||||||
|
|
||||||
let ce1 = unsafe { ce1.into_sealed_committed() };
|
let ce1 = unsafe { ce1.into_sealed_committed() };
|
||||||
|
|
||||||
be.modify(&CID_ZERO, &rset, &vec![ce1]).unwrap();
|
be.modify(&CID_ZERO, &rset, &[ce1]).unwrap();
|
||||||
|
|
||||||
// Now check the idls
|
// Now check the idls
|
||||||
idl_state!(be, "name", IndexType::Equality, "claire", Some(vec![1]));
|
idl_state!(be, "name", IndexType::Equality, "claire", Some(vec![1]));
|
||||||
|
|
@ -2565,7 +2565,7 @@ mod tests {
|
||||||
e1.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
|
e1.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
|
||||||
let e1 = unsafe { e1.into_sealed_new() };
|
let e1 = unsafe { e1.into_sealed_new() };
|
||||||
|
|
||||||
let rset = be.create(&CID_ZERO, vec![e1.clone()]).unwrap();
|
let rset = be.create(&CID_ZERO, vec![e1]).unwrap();
|
||||||
let rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
|
let rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
|
||||||
// Now, alter the new entry.
|
// Now, alter the new entry.
|
||||||
let mut ce1 = unsafe { rset[0].as_ref().clone().into_invalid() };
|
let mut ce1 = unsafe { rset[0].as_ref().clone().into_invalid() };
|
||||||
|
|
@ -2575,7 +2575,7 @@ mod tests {
|
||||||
ce1.add_ava("uuid", Value::from("04091a7a-6ce4-42d2-abf5-c2ce244ac9e8"));
|
ce1.add_ava("uuid", Value::from("04091a7a-6ce4-42d2-abf5-c2ce244ac9e8"));
|
||||||
let ce1 = unsafe { ce1.into_sealed_committed() };
|
let ce1 = unsafe { ce1.into_sealed_committed() };
|
||||||
|
|
||||||
be.modify(&CID_ZERO, &rset, &vec![ce1]).unwrap();
|
be.modify(&CID_ZERO, &rset, &[ce1]).unwrap();
|
||||||
|
|
||||||
idl_state!(be, "name", IndexType::Equality, "claire", Some(vec![1]));
|
idl_state!(be, "name", IndexType::Equality, "claire", Some(vec![1]));
|
||||||
|
|
||||||
|
|
@ -2628,7 +2628,7 @@ mod tests {
|
||||||
e2.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d2"));
|
e2.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d2"));
|
||||||
let e2 = unsafe { e2.into_sealed_new() };
|
let e2 = unsafe { e2.into_sealed_new() };
|
||||||
|
|
||||||
let _rset = be.create(&CID_ZERO, vec![e1.clone(), e2.clone()]).unwrap();
|
let _rset = be.create(&CID_ZERO, vec![e1, e2]).unwrap();
|
||||||
// Test fully unindexed
|
// Test fully unindexed
|
||||||
let f_un =
|
let f_un =
|
||||||
unsafe { filter_resolved!(f_eq("no-index", PartialValue::new_utf8s("william"))) };
|
unsafe { filter_resolved!(f_eq("no-index", PartialValue::new_utf8s("william"))) };
|
||||||
|
|
@ -2946,7 +2946,7 @@ mod tests {
|
||||||
let e3 = unsafe { e3.into_sealed_new() };
|
let e3 = unsafe { e3.into_sealed_new() };
|
||||||
|
|
||||||
let _rset = be
|
let _rset = be
|
||||||
.create(&CID_ZERO, vec![e1.clone(), e2.clone(), e3.clone()])
|
.create(&CID_ZERO, vec![e1, e2, e3])
|
||||||
.unwrap();
|
.unwrap();
|
||||||
|
|
||||||
// If the slopes haven't been generated yet, there are some hardcoded values
|
// If the slopes haven't been generated yet, there are some hardcoded values
|
||||||
|
|
@ -3035,7 +3035,7 @@ mod tests {
|
||||||
|
|
||||||
assert!(single_result.is_ok());
|
assert!(single_result.is_ok());
|
||||||
let filt = unsafe {
|
let filt = unsafe {
|
||||||
e.filter_from_attrs(&vec![AttrString::from("nonexist")])
|
e.filter_from_attrs(&[AttrString::from("nonexist")])
|
||||||
.expect("failed to generate filter")
|
.expect("failed to generate filter")
|
||||||
.into_valid_resolved()
|
.into_valid_resolved()
|
||||||
};
|
};
|
||||||
|
|
@ -3071,7 +3071,7 @@ mod tests {
|
||||||
assert!(single_result.is_ok());
|
assert!(single_result.is_ok());
|
||||||
|
|
||||||
let filt = unsafe {
|
let filt = unsafe {
|
||||||
e.filter_from_attrs(&vec![AttrString::from("nonexist")])
|
e.filter_from_attrs(&[AttrString::from("nonexist")])
|
||||||
.expect("failed to generate filter")
|
.expect("failed to generate filter")
|
||||||
.into_valid_resolved()
|
.into_valid_resolved()
|
||||||
};
|
};
|
||||||
|
|
@ -3125,7 +3125,7 @@ mod tests {
|
||||||
e.add_ava("nonexist", Value::from("x"));
|
e.add_ava("nonexist", Value::from("x"));
|
||||||
e.add_ava("nonexist", Value::from("y"));
|
e.add_ava("nonexist", Value::from("y"));
|
||||||
let e = unsafe { e.into_sealed_new() };
|
let e = unsafe { e.into_sealed_new() };
|
||||||
let single_result = be.create(&CID_ZERO, vec![e.clone()]);
|
let single_result = be.create(&CID_ZERO, vec![e]);
|
||||||
assert!(single_result.is_ok());
|
assert!(single_result.is_ok());
|
||||||
|
|
||||||
// Reindex so we have things in place for our query
|
// Reindex so we have things in place for our query
|
||||||
|
|
@ -3170,7 +3170,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_be_mulitple_create() {
|
fn test_be_mulitple_create() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
|
|
||||||
// This is a demo idxmeta, purely for testing.
|
// This is a demo idxmeta, purely for testing.
|
||||||
let idxmeta = vec![IdxKey {
|
let idxmeta = vec![IdxKey {
|
||||||
|
|
@ -3195,7 +3195,7 @@ mod tests {
|
||||||
e.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
|
e.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
|
||||||
let e = unsafe { e.into_sealed_new() };
|
let e = unsafe { e.into_sealed_new() };
|
||||||
|
|
||||||
let single_result = be_a_txn.create(&CID_ZERO, vec![e.clone()]);
|
let single_result = be_a_txn.create(&CID_ZERO, vec![e]);
|
||||||
|
|
||||||
assert!(single_result.is_ok());
|
assert!(single_result.is_ok());
|
||||||
|
|
||||||
|
|
@ -3208,7 +3208,7 @@ mod tests {
|
||||||
assert!(r.expect("Search failed!").len() == 1);
|
assert!(r.expect("Search failed!").len() == 1);
|
||||||
|
|
||||||
let r = be_b_txn.search(&lims, &filt);
|
let r = be_b_txn.search(&lims, &filt);
|
||||||
assert!(r.expect("Search failed!").len() == 0);
|
assert!(r.expect("Search failed!").is_empty());
|
||||||
|
|
||||||
// Create into B
|
// Create into B
|
||||||
let mut e: Entry<EntryInit, EntryNew> = Entry::new();
|
let mut e: Entry<EntryInit, EntryNew> = Entry::new();
|
||||||
|
|
@ -3216,7 +3216,7 @@ mod tests {
|
||||||
e.add_ava("uuid", Value::from("0c680959-0944-47d6-9dea-53304d124266"));
|
e.add_ava("uuid", Value::from("0c680959-0944-47d6-9dea-53304d124266"));
|
||||||
let e = unsafe { e.into_sealed_new() };
|
let e = unsafe { e.into_sealed_new() };
|
||||||
|
|
||||||
let single_result = be_b_txn.create(&CID_ZERO, vec![e.clone()]);
|
let single_result = be_b_txn.create(&CID_ZERO, vec![e]);
|
||||||
|
|
||||||
assert!(single_result.is_ok());
|
assert!(single_result.is_ok());
|
||||||
|
|
||||||
|
|
@ -3226,7 +3226,7 @@ mod tests {
|
||||||
let lims = Limits::unlimited();
|
let lims = Limits::unlimited();
|
||||||
|
|
||||||
let r = be_a_txn.search(&lims, &filt);
|
let r = be_a_txn.search(&lims, &filt);
|
||||||
assert!(r.expect("Search failed!").len() == 0);
|
assert!(r.expect("Search failed!").is_empty());
|
||||||
|
|
||||||
let r = be_b_txn.search(&lims, &filt);
|
let r = be_b_txn.search(&lims, &filt);
|
||||||
assert!(r.expect("Search failed!").len() == 1);
|
assert!(r.expect("Search failed!").len() == 1);
|
||||||
|
|
|
||||||
|
|
@ -1283,7 +1283,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_password_from_ipa_nt_hash() {
|
fn test_password_from_ipa_nt_hash() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
// Base64 no pad
|
// Base64 no pad
|
||||||
let im_pw = "ipaNTHash: iEb36u6PsRetBr3YMLdYbA";
|
let im_pw = "ipaNTHash: iEb36u6PsRetBr3YMLdYbA";
|
||||||
let password = "password";
|
let password = "password";
|
||||||
|
|
@ -1304,7 +1304,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_password_from_samba_nt_hash() {
|
fn test_password_from_samba_nt_hash() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
// Base64 no pad
|
// Base64 no pad
|
||||||
let im_pw = "sambaNTPassword: 8846F7EAEE8FB117AD06BDD830B7586C";
|
let im_pw = "sambaNTPassword: 8846F7EAEE8FB117AD06BDD830B7586C";
|
||||||
let password = "password";
|
let password = "password";
|
||||||
|
|
|
||||||
|
|
@ -11,7 +11,7 @@ impl CryptoPolicy {
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
pub(crate) fn minimum() -> Self {
|
pub(crate) fn minimum() -> Self {
|
||||||
CryptoPolicy {
|
CryptoPolicy {
|
||||||
pbkdf2_cost: PBKDF2_MIN_NIST_COST as usize,
|
pbkdf2_cost: PBKDF2_MIN_NIST_COST,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -368,7 +368,7 @@ mod tests {
|
||||||
let key = vec![0x00, 0xaa, 0xbb, 0xcc];
|
let key = vec![0x00, 0xaa, 0xbb, 0xcc];
|
||||||
let secs = 1585369780;
|
let secs = 1585369780;
|
||||||
let otp = Totp::new(
|
let otp = Totp::new(
|
||||||
key.clone(),
|
key,
|
||||||
TOTP_DEFAULT_STEP,
|
TOTP_DEFAULT_STEP,
|
||||||
TotpAlgo::Sha512,
|
TotpAlgo::Sha512,
|
||||||
TotpDigits::Six,
|
TotpDigits::Six,
|
||||||
|
|
|
||||||
|
|
@ -438,7 +438,7 @@ impl Entry<EntryInit, EntryNew> {
|
||||||
}
|
}
|
||||||
"displayname" | "description" | "domain_display_name" => {
|
"displayname" | "description" | "domain_display_name" => {
|
||||||
valueset::from_value_iter(
|
valueset::from_value_iter(
|
||||||
vs.into_iter().map(|v| Value::new_utf8(v))
|
vs.into_iter().map(Value::new_utf8)
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
"spn" => {
|
"spn" => {
|
||||||
|
|
@ -476,7 +476,7 @@ impl Entry<EntryInit, EntryNew> {
|
||||||
ia => {
|
ia => {
|
||||||
warn!("WARNING: Allowing invalid attribute {} to be interpreted as UTF8 string. YOU MAY ENCOUNTER ODD BEHAVIOUR!!!", ia);
|
warn!("WARNING: Allowing invalid attribute {} to be interpreted as UTF8 string. YOU MAY ENCOUNTER ODD BEHAVIOUR!!!", ia);
|
||||||
valueset::from_value_iter(
|
valueset::from_value_iter(
|
||||||
vs.into_iter().map(|v| Value::new_utf8(v))
|
vs.into_iter().map(Value::new_utf8)
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -547,7 +547,7 @@ impl Entry<EntryInit, EntryNew> {
|
||||||
valid: EntryValid {
|
valid: EntryValid {
|
||||||
cid,
|
cid,
|
||||||
eclog,
|
eclog,
|
||||||
uuid: self.get_uuid().expect("Invalid uuid").clone(),
|
uuid: self.get_uuid().expect("Invalid uuid"),
|
||||||
},
|
},
|
||||||
state: EntryNew,
|
state: EntryNew,
|
||||||
attrs: self.attrs,
|
attrs: self.attrs,
|
||||||
|
|
@ -561,8 +561,7 @@ impl Entry<EntryInit, EntryNew> {
|
||||||
let eclog = EntryChangelog::new_without_schema(cid, self.attrs.clone());
|
let eclog = EntryChangelog::new_without_schema(cid, self.attrs.clone());
|
||||||
let uuid = self
|
let uuid = self
|
||||||
.get_uuid()
|
.get_uuid()
|
||||||
.and_then(|u| Some(u.clone()))
|
.unwrap_or_else(Uuid::new_v4);
|
||||||
.unwrap_or_else(|| Uuid::new_v4());
|
|
||||||
Entry {
|
Entry {
|
||||||
valid: EntrySealed { uuid, eclog },
|
valid: EntrySealed { uuid, eclog },
|
||||||
state: EntryCommitted { id: 0 },
|
state: EntryCommitted { id: 0 },
|
||||||
|
|
@ -578,7 +577,7 @@ impl Entry<EntryInit, EntryNew> {
|
||||||
|
|
||||||
Entry {
|
Entry {
|
||||||
valid: EntrySealed {
|
valid: EntrySealed {
|
||||||
uuid: self.get_uuid().expect("Invalid uuid").clone(),
|
uuid: self.get_uuid().expect("Invalid uuid"),
|
||||||
eclog,
|
eclog,
|
||||||
},
|
},
|
||||||
state: EntryNew,
|
state: EntryNew,
|
||||||
|
|
@ -890,7 +889,7 @@ where
|
||||||
impl Entry<EntryInvalid, EntryCommitted> {
|
impl Entry<EntryInvalid, EntryCommitted> {
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
pub unsafe fn into_valid_new(self) -> Entry<EntryValid, EntryNew> {
|
pub unsafe fn into_valid_new(self) -> Entry<EntryValid, EntryNew> {
|
||||||
let uuid = self.get_uuid().expect("Invalid uuid").clone();
|
let uuid = self.get_uuid().expect("Invalid uuid");
|
||||||
Entry {
|
Entry {
|
||||||
valid: EntryValid {
|
valid: EntryValid {
|
||||||
cid: self.valid.cid,
|
cid: self.valid.cid,
|
||||||
|
|
@ -937,7 +936,7 @@ impl Entry<EntryInvalid, EntryCommitted> {
|
||||||
impl Entry<EntryInvalid, EntryNew> {
|
impl Entry<EntryInvalid, EntryNew> {
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
pub unsafe fn into_valid_new(self) -> Entry<EntryValid, EntryNew> {
|
pub unsafe fn into_valid_new(self) -> Entry<EntryValid, EntryNew> {
|
||||||
let uuid = self.get_uuid().expect("Invalid uuid").clone();
|
let uuid = self.get_uuid().expect("Invalid uuid");
|
||||||
Entry {
|
Entry {
|
||||||
valid: EntryValid {
|
valid: EntryValid {
|
||||||
cid: self.valid.cid,
|
cid: self.valid.cid,
|
||||||
|
|
@ -953,8 +952,7 @@ impl Entry<EntryInvalid, EntryNew> {
|
||||||
pub unsafe fn into_sealed_committed(self) -> Entry<EntrySealed, EntryCommitted> {
|
pub unsafe fn into_sealed_committed(self) -> Entry<EntrySealed, EntryCommitted> {
|
||||||
let uuid = self
|
let uuid = self
|
||||||
.get_uuid()
|
.get_uuid()
|
||||||
.and_then(|u| Some(u.clone()))
|
.unwrap_or_else(Uuid::new_v4);
|
||||||
.unwrap_or_else(|| Uuid::new_v4());
|
|
||||||
Entry {
|
Entry {
|
||||||
valid: EntrySealed {
|
valid: EntrySealed {
|
||||||
uuid,
|
uuid,
|
||||||
|
|
@ -987,8 +985,7 @@ impl Entry<EntryInvalid, EntryNew> {
|
||||||
pub unsafe fn into_valid_committed(self) -> Entry<EntryValid, EntryCommitted> {
|
pub unsafe fn into_valid_committed(self) -> Entry<EntryValid, EntryCommitted> {
|
||||||
let uuid = self
|
let uuid = self
|
||||||
.get_uuid()
|
.get_uuid()
|
||||||
.and_then(|u| Some(u.clone()))
|
.unwrap_or_else(Uuid::new_v4);
|
||||||
.unwrap_or_else(|| Uuid::new_v4());
|
|
||||||
Entry {
|
Entry {
|
||||||
valid: EntryValid {
|
valid: EntryValid {
|
||||||
cid: self.valid.cid,
|
cid: self.valid.cid,
|
||||||
|
|
@ -1006,8 +1003,7 @@ impl Entry<EntryInvalid, EntryCommitted> {
|
||||||
pub unsafe fn into_sealed_committed(self) -> Entry<EntrySealed, EntryCommitted> {
|
pub unsafe fn into_sealed_committed(self) -> Entry<EntrySealed, EntryCommitted> {
|
||||||
let uuid = self
|
let uuid = self
|
||||||
.get_uuid()
|
.get_uuid()
|
||||||
.and_then(|u| Some(u.clone()))
|
.unwrap_or_else(Uuid::new_v4);
|
||||||
.unwrap_or_else(|| Uuid::new_v4());
|
|
||||||
Entry {
|
Entry {
|
||||||
valid: EntrySealed {
|
valid: EntrySealed {
|
||||||
uuid,
|
uuid,
|
||||||
|
|
@ -2654,17 +2650,17 @@ mod tests {
|
||||||
|
|
||||||
e1.add_ava("a", Value::new_uint32(10));
|
e1.add_ava("a", Value::new_uint32(10));
|
||||||
|
|
||||||
assert!(e1.attribute_lessthan("a", &pv2) == false);
|
assert!(!e1.attribute_lessthan("a", &pv2));
|
||||||
assert!(e1.attribute_lessthan("a", &pv8) == false);
|
assert!(!e1.attribute_lessthan("a", &pv8));
|
||||||
assert!(e1.attribute_lessthan("a", &pv10) == false);
|
assert!(!e1.attribute_lessthan("a", &pv10));
|
||||||
assert!(e1.attribute_lessthan("a", &pv15) == true);
|
assert!(e1.attribute_lessthan("a", &pv15));
|
||||||
|
|
||||||
e1.add_ava("a", Value::new_uint32(8));
|
e1.add_ava("a", Value::new_uint32(8));
|
||||||
|
|
||||||
assert!(e1.attribute_lessthan("a", &pv2) == false);
|
assert!(!e1.attribute_lessthan("a", &pv2));
|
||||||
assert!(e1.attribute_lessthan("a", &pv8) == false);
|
assert!(!e1.attribute_lessthan("a", &pv8));
|
||||||
assert!(e1.attribute_lessthan("a", &pv10) == true);
|
assert!(e1.attribute_lessthan("a", &pv10));
|
||||||
assert!(e1.attribute_lessthan("a", &pv15) == true);
|
assert!(e1.attribute_lessthan("a", &pv15));
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
@ -2827,7 +2823,7 @@ mod tests {
|
||||||
|
|
||||||
// Check no changes
|
// Check no changes
|
||||||
let no_r = Entry::idx_diff(&idxmeta, Some(&e1), Some(&e1));
|
let no_r = Entry::idx_diff(&idxmeta, Some(&e1), Some(&e1));
|
||||||
assert!(no_r.len() == 0);
|
assert!(no_r.is_empty());
|
||||||
|
|
||||||
// Check "adding" an attribute.
|
// Check "adding" an attribute.
|
||||||
let add_a_r = Entry::idx_diff(&idxmeta, Some(&e1), Some(&e1_mod));
|
let add_a_r = Entry::idx_diff(&idxmeta, Some(&e1), Some(&e1_mod));
|
||||||
|
|
@ -3003,7 +2999,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_entry_idx_uuid2spn_diff() {
|
fn test_entry_idx_uuid2spn_diff() {
|
||||||
assert!(Entry::idx_uuid2spn_diff(None, None) == None);
|
assert!(Entry::idx_uuid2spn_diff(None, None).is_none());
|
||||||
|
|
||||||
let mut e1: Entry<EntryInit, EntryNew> = Entry::new();
|
let mut e1: Entry<EntryInit, EntryNew> = Entry::new();
|
||||||
e1.add_ava("spn", Value::new_spn_str("testperson", "example.com"));
|
e1.add_ava("spn", Value::new_spn_str("testperson", "example.com"));
|
||||||
|
|
@ -3018,7 +3014,7 @@ mod tests {
|
||||||
== Some(Ok(Value::new_spn_str("testperson", "example.com")))
|
== Some(Ok(Value::new_spn_str("testperson", "example.com")))
|
||||||
);
|
);
|
||||||
assert!(Entry::idx_uuid2spn_diff(Some(&e1), None) == Some(Err(())));
|
assert!(Entry::idx_uuid2spn_diff(Some(&e1), None) == Some(Err(())));
|
||||||
assert!(Entry::idx_uuid2spn_diff(Some(&e1), Some(&e1)) == None);
|
assert!(Entry::idx_uuid2spn_diff(Some(&e1), Some(&e1)).is_none());
|
||||||
assert!(
|
assert!(
|
||||||
Entry::idx_uuid2spn_diff(Some(&e1), Some(&e2))
|
Entry::idx_uuid2spn_diff(Some(&e1), Some(&e2))
|
||||||
== Some(Ok(Value::new_spn_str("renameperson", "example.com")))
|
== Some(Ok(Value::new_spn_str("renameperson", "example.com")))
|
||||||
|
|
@ -3027,7 +3023,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_entry_idx_uuid2rdn_diff() {
|
fn test_entry_idx_uuid2rdn_diff() {
|
||||||
assert!(Entry::idx_uuid2rdn_diff(None, None) == None);
|
assert!(Entry::idx_uuid2rdn_diff(None, None).is_none());
|
||||||
|
|
||||||
let mut e1: Entry<EntryInit, EntryNew> = Entry::new();
|
let mut e1: Entry<EntryInit, EntryNew> = Entry::new();
|
||||||
e1.add_ava("spn", Value::new_spn_str("testperson", "example.com"));
|
e1.add_ava("spn", Value::new_spn_str("testperson", "example.com"));
|
||||||
|
|
@ -3042,7 +3038,7 @@ mod tests {
|
||||||
== Some(Ok("spn=testperson@example.com".to_string()))
|
== Some(Ok("spn=testperson@example.com".to_string()))
|
||||||
);
|
);
|
||||||
assert!(Entry::idx_uuid2rdn_diff(Some(&e1), None) == Some(Err(())));
|
assert!(Entry::idx_uuid2rdn_diff(Some(&e1), None) == Some(Err(())));
|
||||||
assert!(Entry::idx_uuid2rdn_diff(Some(&e1), Some(&e1)) == None);
|
assert!(Entry::idx_uuid2rdn_diff(Some(&e1), Some(&e1)).is_none());
|
||||||
assert!(
|
assert!(
|
||||||
Entry::idx_uuid2rdn_diff(Some(&e1), Some(&e2))
|
Entry::idx_uuid2rdn_diff(Some(&e1), Some(&e2))
|
||||||
== Some(Ok("spn=renameperson@example.com".to_string()))
|
== Some(Ok("spn=renameperson@example.com".to_string()))
|
||||||
|
|
|
||||||
|
|
@ -1391,7 +1391,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_filter_optimise() {
|
fn test_filter_optimise() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
// Given sets of "optimisable" filters, optimise them.
|
// Given sets of "optimisable" filters, optimise them.
|
||||||
filter_optimise_assert!(
|
filter_optimise_assert!(
|
||||||
f_and(vec![f_and(vec![f_eq(
|
f_and(vec![f_and(vec![f_eq(
|
||||||
|
|
@ -1573,13 +1573,13 @@ mod tests {
|
||||||
};
|
};
|
||||||
|
|
||||||
let f_t1a = unsafe { filter_resolved!(f_lt("gidnumber", PartialValue::new_uint32(500))) };
|
let f_t1a = unsafe { filter_resolved!(f_lt("gidnumber", PartialValue::new_uint32(500))) };
|
||||||
assert!(e.entry_match_no_index(&f_t1a) == false);
|
assert!(!e.entry_match_no_index(&f_t1a));
|
||||||
|
|
||||||
let f_t1b = unsafe { filter_resolved!(f_lt("gidnumber", PartialValue::new_uint32(1000))) };
|
let f_t1b = unsafe { filter_resolved!(f_lt("gidnumber", PartialValue::new_uint32(1000))) };
|
||||||
assert!(e.entry_match_no_index(&f_t1b) == false);
|
assert!(!e.entry_match_no_index(&f_t1b));
|
||||||
|
|
||||||
let f_t1c = unsafe { filter_resolved!(f_lt("gidnumber", PartialValue::new_uint32(1001))) };
|
let f_t1c = unsafe { filter_resolved!(f_lt("gidnumber", PartialValue::new_uint32(1001))) };
|
||||||
assert!(e.entry_match_no_index(&f_t1c) == true);
|
assert!(e.entry_match_no_index(&f_t1c));
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
|
||||||
|
|
@ -697,7 +697,7 @@ mod tests {
|
||||||
idms: &IdmServer,
|
idms: &IdmServer,
|
||||||
_idms_delayed: &mut IdmServerDelayed| {
|
_idms_delayed: &mut IdmServerDelayed| {
|
||||||
let ct = duration_from_epoch_now();
|
let ct = duration_from_epoch_now();
|
||||||
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
|
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
|
||||||
|
|
||||||
let target_uuid = Uuid::new_v4();
|
let target_uuid = Uuid::new_v4();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -84,7 +84,7 @@ mod tests {
|
||||||
idms: &IdmServer,
|
idms: &IdmServer,
|
||||||
_idms_delayed: &mut IdmServerDelayed| {
|
_idms_delayed: &mut IdmServerDelayed| {
|
||||||
let ct = duration_from_epoch_now();
|
let ct = duration_from_epoch_now();
|
||||||
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
|
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
|
||||||
|
|
||||||
// Create an RS, the user and a group..
|
// Create an RS, the user and a group..
|
||||||
let usr_uuid = Uuid::new_v4();
|
let usr_uuid = Uuid::new_v4();
|
||||||
|
|
@ -150,7 +150,7 @@ mod tests {
|
||||||
drop(idms_prox_read);
|
drop(idms_prox_read);
|
||||||
|
|
||||||
// Add them to the group.
|
// Add them to the group.
|
||||||
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
|
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
|
||||||
let me_inv_m = unsafe {
|
let me_inv_m = unsafe {
|
||||||
ModifyEvent::new_internal_invalid(
|
ModifyEvent::new_internal_invalid(
|
||||||
filter!(f_eq("uuid", PartialValue::Refer(grp_uuid))),
|
filter!(f_eq("uuid", PartialValue::Refer(grp_uuid))),
|
||||||
|
|
|
||||||
|
|
@ -929,7 +929,7 @@ mod tests {
|
||||||
|
|
||||||
fn create_pw_badlist_cache() -> HashSet<String> {
|
fn create_pw_badlist_cache() -> HashSet<String> {
|
||||||
let mut s = HashSet::new();
|
let mut s = HashSet::new();
|
||||||
s.insert((&"list@no3IBTyqHu$bad").to_lowercase());
|
s.insert("list@no3IBTyqHu$bad".to_lowercase());
|
||||||
s
|
s
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -948,7 +948,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idm_authsession_anonymous_auth_mech() {
|
fn test_idm_authsession_anonymous_auth_mech() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
|
|
||||||
let webauthn = create_webauthn();
|
let webauthn = create_webauthn();
|
||||||
|
|
||||||
|
|
@ -1019,7 +1019,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idm_authsession_simple_password_mech() {
|
fn test_idm_authsession_simple_password_mech() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let webauthn = create_webauthn();
|
let webauthn = create_webauthn();
|
||||||
// create the ent
|
// create the ent
|
||||||
let mut account = entry_str_to_account!(JSON_ADMIN_V1);
|
let mut account = entry_str_to_account!(JSON_ADMIN_V1);
|
||||||
|
|
@ -1077,7 +1077,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idm_authsession_simple_password_badlist() {
|
fn test_idm_authsession_simple_password_badlist() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let jws_signer = create_jwt_signer();
|
let jws_signer = create_jwt_signer();
|
||||||
let webauthn = create_webauthn();
|
let webauthn = create_webauthn();
|
||||||
// create the ent
|
// create the ent
|
||||||
|
|
@ -1169,7 +1169,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idm_authsession_totp_password_mech() {
|
fn test_idm_authsession_totp_password_mech() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let webauthn = create_webauthn();
|
let webauthn = create_webauthn();
|
||||||
let jws_signer = create_jwt_signer();
|
let jws_signer = create_jwt_signer();
|
||||||
// create the ent
|
// create the ent
|
||||||
|
|
@ -1329,7 +1329,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idm_authsession_password_mfa_badlist() {
|
fn test_idm_authsession_password_mfa_badlist() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let webauthn = create_webauthn();
|
let webauthn = create_webauthn();
|
||||||
let jws_signer = create_jwt_signer();
|
let jws_signer = create_jwt_signer();
|
||||||
// create the ent
|
// create the ent
|
||||||
|
|
@ -1493,7 +1493,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idm_authsession_webauthn_only_mech() {
|
fn test_idm_authsession_webauthn_only_mech() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let (async_tx, mut async_rx) = unbounded();
|
let (async_tx, mut async_rx) = unbounded();
|
||||||
let ts = duration_from_epoch_now();
|
let ts = duration_from_epoch_now();
|
||||||
// create the ent
|
// create the ent
|
||||||
|
|
@ -1631,7 +1631,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idm_authsession_webauthn_password_mech() {
|
fn test_idm_authsession_webauthn_password_mech() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let (async_tx, mut async_rx) = unbounded();
|
let (async_tx, mut async_rx) = unbounded();
|
||||||
let ts = duration_from_epoch_now();
|
let ts = duration_from_epoch_now();
|
||||||
// create the ent
|
// create the ent
|
||||||
|
|
@ -1808,7 +1808,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idm_authsession_webauthn_password_totp_mech() {
|
fn test_idm_authsession_webauthn_password_totp_mech() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let (async_tx, mut async_rx) = unbounded();
|
let (async_tx, mut async_rx) = unbounded();
|
||||||
let ts = duration_from_epoch_now();
|
let ts = duration_from_epoch_now();
|
||||||
// create the ent
|
// create the ent
|
||||||
|
|
@ -2057,7 +2057,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_idm_authsession_backup_code_mech() {
|
fn test_idm_authsession_backup_code_mech() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let jws_signer = create_jwt_signer();
|
let jws_signer = create_jwt_signer();
|
||||||
let webauthn = create_webauthn();
|
let webauthn = create_webauthn();
|
||||||
// create the ent
|
// create the ent
|
||||||
|
|
@ -2175,7 +2175,7 @@ mod tests {
|
||||||
start_password_mfa_session!(account, &webauthn);
|
start_password_mfa_session!(account, &webauthn);
|
||||||
|
|
||||||
match session.validate_creds(
|
match session.validate_creds(
|
||||||
&AuthCredential::BackupCode(backup_code_good.clone()),
|
&AuthCredential::BackupCode(backup_code_good),
|
||||||
&ts,
|
&ts,
|
||||||
&async_tx,
|
&async_tx,
|
||||||
&webauthn,
|
&webauthn,
|
||||||
|
|
@ -2254,7 +2254,7 @@ mod tests {
|
||||||
fn test_idm_authsession_multiple_totp_password_mech() {
|
fn test_idm_authsession_multiple_totp_password_mech() {
|
||||||
// Slightly different to the other TOTP test, this
|
// Slightly different to the other TOTP test, this
|
||||||
// checks handling when multiple TOTP's are registered.
|
// checks handling when multiple TOTP's are registered.
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
let webauthn = create_webauthn();
|
let webauthn = create_webauthn();
|
||||||
let jws_signer = create_jwt_signer();
|
let jws_signer = create_jwt_signer();
|
||||||
// create the ent
|
// create the ent
|
||||||
|
|
|
||||||
|
|
@ -614,7 +614,7 @@ mod tests {
|
||||||
use crate::idm::event::UnixPasswordChangeEvent;
|
use crate::idm::event::UnixPasswordChangeEvent;
|
||||||
use crate::idm::serviceaccount::GenerateApiTokenEvent;
|
use crate::idm::serviceaccount::GenerateApiTokenEvent;
|
||||||
|
|
||||||
const TEST_PASSWORD: &'static str = "ntaoeuntnaoeuhraohuercahu😍";
|
const TEST_PASSWORD: &str = "ntaoeuntnaoeuhraohuercahu😍";
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_ldap_simple_bind() {
|
fn test_ldap_simple_bind() {
|
||||||
|
|
@ -1076,7 +1076,7 @@ mod tests {
|
||||||
let sa_lbt = task::block_on(ldaps.do_bind(idms, "", &apitoken))
|
let sa_lbt = task::block_on(ldaps.do_bind(idms, "", &apitoken))
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.unwrap();
|
.unwrap();
|
||||||
assert!(sa_lbt.effective_session == LdapSession::ApiToken(apitoken_inner.clone()));
|
assert!(sa_lbt.effective_session == LdapSession::ApiToken(apitoken_inner));
|
||||||
|
|
||||||
// Search and retrieve mail that's now accessible.
|
// Search and retrieve mail that's now accessible.
|
||||||
let r1 = task::block_on(ldaps.do_search(idms, &sr, &sa_lbt)).unwrap();
|
let r1 = task::block_on(ldaps.do_search(idms, &sr, &sa_lbt)).unwrap();
|
||||||
|
|
|
||||||
|
|
@ -1883,7 +1883,7 @@ mod tests {
|
||||||
let (_code_verifier, code_challenge) = create_code_verifier!("Whar Garble");
|
let (_code_verifier, code_challenge) = create_code_verifier!("Whar Garble");
|
||||||
|
|
||||||
let pkce_request = Some(PkceRequest {
|
let pkce_request = Some(PkceRequest {
|
||||||
code_challenge: Base64UrlSafeData(code_challenge.clone()),
|
code_challenge: Base64UrlSafeData(code_challenge),
|
||||||
code_challenge_method: CodeChallengeMethod::S256,
|
code_challenge_method: CodeChallengeMethod::S256,
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -2012,7 +2012,7 @@ mod tests {
|
||||||
response_type: "code".to_string(),
|
response_type: "code".to_string(),
|
||||||
client_id: "test_resource_server".to_string(),
|
client_id: "test_resource_server".to_string(),
|
||||||
state: "123".to_string(),
|
state: "123".to_string(),
|
||||||
pkce_request: pkce_request.clone(),
|
pkce_request,
|
||||||
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
|
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
|
||||||
scope: "read openid".to_string(),
|
scope: "read openid".to_string(),
|
||||||
nonce: None,
|
nonce: None,
|
||||||
|
|
@ -2341,7 +2341,7 @@ mod tests {
|
||||||
|
|
||||||
let token_req = AccessTokenRequest {
|
let token_req = AccessTokenRequest {
|
||||||
grant_type: "authorization_code".to_string(),
|
grant_type: "authorization_code".to_string(),
|
||||||
code: permit_success.code.clone(),
|
code: permit_success.code,
|
||||||
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
|
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
|
||||||
client_id: None,
|
client_id: None,
|
||||||
client_secret: None,
|
client_secret: None,
|
||||||
|
|
@ -2359,7 +2359,7 @@ mod tests {
|
||||||
|
|
||||||
// Okay, now we have the token, we can check it works with introspect.
|
// Okay, now we have the token, we can check it works with introspect.
|
||||||
let intr_request = AccessTokenIntrospectRequest {
|
let intr_request = AccessTokenIntrospectRequest {
|
||||||
token: oauth2_token.access_token.clone(),
|
token: oauth2_token.access_token,
|
||||||
token_type_hint: None,
|
token_type_hint: None,
|
||||||
};
|
};
|
||||||
let intr_response = idms_prox_read
|
let intr_response = idms_prox_read
|
||||||
|
|
@ -2456,7 +2456,7 @@ mod tests {
|
||||||
|
|
||||||
let token_req = AccessTokenRequest {
|
let token_req = AccessTokenRequest {
|
||||||
grant_type: "authorization_code".to_string(),
|
grant_type: "authorization_code".to_string(),
|
||||||
code: permit_success.code.clone(),
|
code: permit_success.code,
|
||||||
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
|
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
|
||||||
client_id: None,
|
client_id: None,
|
||||||
client_secret: None,
|
client_secret: None,
|
||||||
|
|
@ -2581,7 +2581,7 @@ mod tests {
|
||||||
// A second invalidation of the token "does nothing".
|
// A second invalidation of the token "does nothing".
|
||||||
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
|
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
|
||||||
let revoke_request = TokenRevokeRequest {
|
let revoke_request = TokenRevokeRequest {
|
||||||
token: oauth2_token.access_token.clone(),
|
token: oauth2_token.access_token,
|
||||||
token_type_hint: None,
|
token_type_hint: None,
|
||||||
};
|
};
|
||||||
assert!(idms_prox_write
|
assert!(idms_prox_write
|
||||||
|
|
@ -2637,7 +2637,7 @@ mod tests {
|
||||||
|
|
||||||
let token_req = AccessTokenRequest {
|
let token_req = AccessTokenRequest {
|
||||||
grant_type: "authorization_code".to_string(),
|
grant_type: "authorization_code".to_string(),
|
||||||
code: permit_success.code.clone(),
|
code: permit_success.code,
|
||||||
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
|
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
|
||||||
client_id: None,
|
client_id: None,
|
||||||
client_secret: None,
|
client_secret: None,
|
||||||
|
|
|
||||||
|
|
@ -1576,7 +1576,7 @@ mod tests {
|
||||||
let (token_id, issued_at) = sync_tokens
|
let (token_id, issued_at) = sync_tokens
|
||||||
.iter()
|
.iter()
|
||||||
.next()
|
.next()
|
||||||
.map(|(k, v)| (*k, v.issued_at.clone()))
|
.map(|(k, v)| (*k, v.issued_at))
|
||||||
.expect("No sync tokens present");
|
.expect("No sync tokens present");
|
||||||
|
|
||||||
let purpose = ApiTokenPurpose::ReadWrite;
|
let purpose = ApiTokenPurpose::ReadWrite;
|
||||||
|
|
@ -1690,7 +1690,7 @@ mod tests {
|
||||||
.scim_sync_apply_phase_1(&sse, &changes)
|
.scim_sync_apply_phase_1(&sse, &changes)
|
||||||
.expect("Failed to run phase 1");
|
.expect("Failed to run phase 1");
|
||||||
|
|
||||||
let _ = idms_prox_write
|
idms_prox_write
|
||||||
.scim_sync_apply_phase_2(&change_entries, sync_uuid)
|
.scim_sync_apply_phase_2(&change_entries, sync_uuid)
|
||||||
.expect("Failed to run phase 2");
|
.expect("Failed to run phase 2");
|
||||||
|
|
||||||
|
|
@ -2246,7 +2246,7 @@ mod tests {
|
||||||
testgroup.get_ava_single_iutf8("sync_external_id")
|
testgroup.get_ava_single_iutf8("sync_external_id")
|
||||||
== Some("cn=testgroup,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au")
|
== Some("cn=testgroup,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au")
|
||||||
);
|
);
|
||||||
assert!(testgroup.get_ava_single_uint32("gidnumber") == None);
|
assert!(testgroup.get_ava_single_uint32("gidnumber").is_none());
|
||||||
|
|
||||||
let testposix = get_single_entry("testposix", &mut idms_prox_write);
|
let testposix = get_single_entry("testposix", &mut idms_prox_write);
|
||||||
assert!(
|
assert!(
|
||||||
|
|
@ -2262,7 +2262,7 @@ mod tests {
|
||||||
"cn=testexternal,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au"
|
"cn=testexternal,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au"
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
assert!(testexternal.get_ava_single_uint32("gidnumber") == None);
|
assert!(testexternal.get_ava_single_uint32("gidnumber").is_none());
|
||||||
|
|
||||||
let testuser = get_single_entry("testuser", &mut idms_prox_write);
|
let testuser = get_single_entry("testuser", &mut idms_prox_write);
|
||||||
assert!(
|
assert!(
|
||||||
|
|
@ -2320,7 +2320,7 @@ mod tests {
|
||||||
"cn=testexternal2,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au"
|
"cn=testexternal2,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au"
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
assert!(testexternal.get_ava_single_uint32("gidnumber") == None);
|
assert!(testexternal.get_ava_single_uint32("gidnumber").is_none());
|
||||||
|
|
||||||
let testuser = get_single_entry("testuser", &mut idms_prox_write);
|
let testuser = get_single_entry("testuser", &mut idms_prox_write);
|
||||||
|
|
||||||
|
|
@ -2366,7 +2366,7 @@ mod tests {
|
||||||
testgroup.get_ava_single_iutf8("sync_external_id")
|
testgroup.get_ava_single_iutf8("sync_external_id")
|
||||||
== Some("cn=testgroup,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au")
|
== Some("cn=testgroup,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au")
|
||||||
);
|
);
|
||||||
assert!(testgroup.get_ava_single_uint32("gidnumber") == None);
|
assert!(testgroup.get_ava_single_uint32("gidnumber").is_none());
|
||||||
|
|
||||||
let testposix = get_single_entry("testposix", &mut idms_prox_write);
|
let testposix = get_single_entry("testposix", &mut idms_prox_write);
|
||||||
assert!(
|
assert!(
|
||||||
|
|
@ -2382,7 +2382,7 @@ mod tests {
|
||||||
"cn=testexternal,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au"
|
"cn=testexternal,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au"
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
assert!(testexternal.get_ava_single_uint32("gidnumber") == None);
|
assert!(testexternal.get_ava_single_uint32("gidnumber").is_none());
|
||||||
|
|
||||||
let testuser = get_single_entry("testuser", &mut idms_prox_write);
|
let testuser = get_single_entry("testuser", &mut idms_prox_write);
|
||||||
assert!(
|
assert!(
|
||||||
|
|
@ -2431,7 +2431,7 @@ mod tests {
|
||||||
testgroup.get_ava_single_iutf8("sync_external_id")
|
testgroup.get_ava_single_iutf8("sync_external_id")
|
||||||
== Some("cn=testgroup,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au")
|
== Some("cn=testgroup,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au")
|
||||||
);
|
);
|
||||||
assert!(testgroup.get_ava_single_uint32("gidnumber") == None);
|
assert!(testgroup.get_ava_single_uint32("gidnumber").is_none());
|
||||||
|
|
||||||
let testuser = get_single_entry("testuser", &mut idms_prox_write);
|
let testuser = get_single_entry("testuser", &mut idms_prox_write);
|
||||||
assert!(
|
assert!(
|
||||||
|
|
|
||||||
|
|
@ -2254,8 +2254,8 @@ mod tests {
|
||||||
use crate::prelude::*;
|
use crate::prelude::*;
|
||||||
use crate::utils::duration_from_epoch_now;
|
use crate::utils::duration_from_epoch_now;
|
||||||
|
|
||||||
const TEST_PASSWORD: &'static str = "ntaoeuntnaoeuhraohuercahu😍";
|
const TEST_PASSWORD: &str = "ntaoeuntnaoeuhraohuercahu😍";
|
||||||
const TEST_PASSWORD_INC: &'static str = "ntaoentu nkrcgaeunhibwmwmqj;k wqjbkx ";
|
const TEST_PASSWORD_INC: &str = "ntaoentu nkrcgaeunhibwmwmqj;k wqjbkx ";
|
||||||
const TEST_CURRENT_TIME: u64 = 6000;
|
const TEST_CURRENT_TIME: u64 = 6000;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
@ -2697,7 +2697,7 @@ mod tests {
|
||||||
|_qs: &QueryServer, idms: &IdmServer, _idms_delayed: &IdmServerDelayed| {
|
|_qs: &QueryServer, idms: &IdmServer, _idms_delayed: &IdmServerDelayed| {
|
||||||
let mut idms_prox_write =
|
let mut idms_prox_write =
|
||||||
task::block_on(idms.proxy_write(duration_from_epoch_now()));
|
task::block_on(idms.proxy_write(duration_from_epoch_now()));
|
||||||
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN.clone());
|
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN);
|
||||||
|
|
||||||
// Generates a new credential when none exists
|
// Generates a new credential when none exists
|
||||||
let r1 = idms_prox_write
|
let r1 = idms_prox_write
|
||||||
|
|
@ -2718,7 +2718,7 @@ mod tests {
|
||||||
|_qs: &QueryServer, idms: &IdmServer, _idms_delayed: &IdmServerDelayed| {
|
|_qs: &QueryServer, idms: &IdmServer, _idms_delayed: &IdmServerDelayed| {
|
||||||
let mut idms_prox_write =
|
let mut idms_prox_write =
|
||||||
task::block_on(idms.proxy_write(duration_from_epoch_now()));
|
task::block_on(idms.proxy_write(duration_from_epoch_now()));
|
||||||
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN.clone());
|
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN);
|
||||||
|
|
||||||
let r1 = idms_prox_write
|
let r1 = idms_prox_write
|
||||||
.regenerate_radius_secret(&rrse)
|
.regenerate_radius_secret(&rrse)
|
||||||
|
|
@ -2744,14 +2744,14 @@ mod tests {
|
||||||
|_qs: &QueryServer, idms: &IdmServer, _idms_delayed: &IdmServerDelayed| {
|
|_qs: &QueryServer, idms: &IdmServer, _idms_delayed: &IdmServerDelayed| {
|
||||||
let mut idms_prox_write =
|
let mut idms_prox_write =
|
||||||
task::block_on(idms.proxy_write(duration_from_epoch_now()));
|
task::block_on(idms.proxy_write(duration_from_epoch_now()));
|
||||||
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN.clone());
|
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN);
|
||||||
let r1 = idms_prox_write
|
let r1 = idms_prox_write
|
||||||
.regenerate_radius_secret(&rrse)
|
.regenerate_radius_secret(&rrse)
|
||||||
.expect("Failed to reset radius credential 1");
|
.expect("Failed to reset radius credential 1");
|
||||||
idms_prox_write.commit().expect("failed to commit");
|
idms_prox_write.commit().expect("failed to commit");
|
||||||
|
|
||||||
let mut idms_prox_read = task::block_on(idms.proxy_read());
|
let mut idms_prox_read = task::block_on(idms.proxy_read());
|
||||||
let rate = RadiusAuthTokenEvent::new_internal(UUID_ADMIN.clone());
|
let rate = RadiusAuthTokenEvent::new_internal(UUID_ADMIN);
|
||||||
let tok_r = idms_prox_read
|
let tok_r = idms_prox_read
|
||||||
.get_radiusauthtoken(&rate, duration_from_epoch_now())
|
.get_radiusauthtoken(&rate, duration_from_epoch_now())
|
||||||
.expect("Failed to generate radius auth token");
|
.expect("Failed to generate radius auth token");
|
||||||
|
|
@ -2851,7 +2851,7 @@ mod tests {
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
let ce = CreateEvent::new_internal(vec![e.clone()]);
|
let ce = CreateEvent::new_internal(vec![e]);
|
||||||
|
|
||||||
assert!(idms_prox_write.qs_write.create(&ce).is_ok());
|
assert!(idms_prox_write.qs_write.create(&ce).is_ok());
|
||||||
|
|
||||||
|
|
@ -2869,7 +2869,7 @@ mod tests {
|
||||||
assert!(tok_g.name == "testgroup");
|
assert!(tok_g.name == "testgroup");
|
||||||
assert!(tok_g.spn == "testgroup@example.com");
|
assert!(tok_g.spn == "testgroup@example.com");
|
||||||
|
|
||||||
let uute = UnixUserTokenEvent::new_internal(UUID_ADMIN.clone());
|
let uute = UnixUserTokenEvent::new_internal(UUID_ADMIN);
|
||||||
let tok_r = idms_prox_read
|
let tok_r = idms_prox_read
|
||||||
.get_unixusertoken(&uute, duration_from_epoch_now())
|
.get_unixusertoken(&uute, duration_from_epoch_now())
|
||||||
.expect("Failed to generate unix user token");
|
.expect("Failed to generate unix user token");
|
||||||
|
|
@ -2879,7 +2879,7 @@ mod tests {
|
||||||
assert!(tok_r.groups.len() == 2);
|
assert!(tok_r.groups.len() == 2);
|
||||||
assert!(tok_r.groups[0].name == "admin");
|
assert!(tok_r.groups[0].name == "admin");
|
||||||
assert!(tok_r.groups[1].name == "testgroup");
|
assert!(tok_r.groups[1].name == "testgroup");
|
||||||
assert!(tok_r.valid == true);
|
assert!(tok_r.valid);
|
||||||
|
|
||||||
// Show we can get the admin as a unix group token too
|
// Show we can get the admin as a unix group token too
|
||||||
let ugte = UnixGroupTokenEvent::new_internal(uuid!(
|
let ugte = UnixGroupTokenEvent::new_internal(uuid!(
|
||||||
|
|
@ -3231,21 +3231,21 @@ mod tests {
|
||||||
idms_auth.commit().expect("Must not fail");
|
idms_auth.commit().expect("Must not fail");
|
||||||
// Also check the generated unix tokens are invalid.
|
// Also check the generated unix tokens are invalid.
|
||||||
let mut idms_prox_read = task::block_on(idms.proxy_read());
|
let mut idms_prox_read = task::block_on(idms.proxy_read());
|
||||||
let uute = UnixUserTokenEvent::new_internal(UUID_ADMIN.clone());
|
let uute = UnixUserTokenEvent::new_internal(UUID_ADMIN);
|
||||||
|
|
||||||
let tok_r = idms_prox_read
|
let tok_r = idms_prox_read
|
||||||
.get_unixusertoken(&uute, time_low)
|
.get_unixusertoken(&uute, time_low)
|
||||||
.expect("Failed to generate unix user token");
|
.expect("Failed to generate unix user token");
|
||||||
|
|
||||||
assert!(tok_r.name == "admin");
|
assert!(tok_r.name == "admin");
|
||||||
assert!(tok_r.valid == false);
|
assert!(!tok_r.valid);
|
||||||
|
|
||||||
let tok_r = idms_prox_read
|
let tok_r = idms_prox_read
|
||||||
.get_unixusertoken(&uute, time_high)
|
.get_unixusertoken(&uute, time_high)
|
||||||
.expect("Failed to generate unix user token");
|
.expect("Failed to generate unix user token");
|
||||||
|
|
||||||
assert!(tok_r.name == "admin");
|
assert!(tok_r.name == "admin");
|
||||||
assert!(tok_r.valid == false);
|
assert!(!tok_r.valid);
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
@ -3265,17 +3265,17 @@ mod tests {
|
||||||
|
|
||||||
let mut idms_prox_write =
|
let mut idms_prox_write =
|
||||||
task::block_on(idms.proxy_write(duration_from_epoch_now()));
|
task::block_on(idms.proxy_write(duration_from_epoch_now()));
|
||||||
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN.clone());
|
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN);
|
||||||
let _r1 = idms_prox_write
|
let _r1 = idms_prox_write
|
||||||
.regenerate_radius_secret(&rrse)
|
.regenerate_radius_secret(&rrse)
|
||||||
.expect("Failed to reset radius credential 1");
|
.expect("Failed to reset radius credential 1");
|
||||||
idms_prox_write.commit().expect("failed to commit");
|
idms_prox_write.commit().expect("failed to commit");
|
||||||
|
|
||||||
let mut idms_prox_read = task::block_on(idms.proxy_read());
|
let mut idms_prox_read = task::block_on(idms.proxy_read());
|
||||||
let rate = RadiusAuthTokenEvent::new_internal(UUID_ADMIN.clone());
|
let rate = RadiusAuthTokenEvent::new_internal(UUID_ADMIN);
|
||||||
let tok_r = idms_prox_read.get_radiusauthtoken(&rate, time_low);
|
let tok_r = idms_prox_read.get_radiusauthtoken(&rate, time_low);
|
||||||
|
|
||||||
if let Err(_) = tok_r {
|
if tok_r.is_err() {
|
||||||
// Ok?
|
// Ok?
|
||||||
} else {
|
} else {
|
||||||
assert!(false);
|
assert!(false);
|
||||||
|
|
@ -3283,7 +3283,7 @@ mod tests {
|
||||||
|
|
||||||
let tok_r = idms_prox_read.get_radiusauthtoken(&rate, time_high);
|
let tok_r = idms_prox_read.get_radiusauthtoken(&rate, time_high);
|
||||||
|
|
||||||
if let Err(_) = tok_r {
|
if tok_r.is_err() {
|
||||||
// Ok?
|
// Ok?
|
||||||
} else {
|
} else {
|
||||||
assert!(false);
|
assert!(false);
|
||||||
|
|
@ -3779,7 +3779,7 @@ mod tests {
|
||||||
drop(idms_prox_read);
|
drop(idms_prox_read);
|
||||||
|
|
||||||
// Mark the session as invalid now.
|
// Mark the session as invalid now.
|
||||||
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
|
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
|
||||||
let dte =
|
let dte =
|
||||||
DestroySessionTokenEvent::new_internal(uat_inner.uuid, uat_inner.session_id);
|
DestroySessionTokenEvent::new_internal(uat_inner.uuid, uat_inner.session_id);
|
||||||
assert!(idms_prox_write.account_destroy_session_token(&dte).is_ok());
|
assert!(idms_prox_write.account_destroy_session_token(&dte).is_ok());
|
||||||
|
|
@ -3810,7 +3810,7 @@ mod tests {
|
||||||
idms: &IdmServer,
|
idms: &IdmServer,
|
||||||
_idms_delayed: &mut IdmServerDelayed| {
|
_idms_delayed: &mut IdmServerDelayed| {
|
||||||
let ct = Duration::from_secs(TEST_CURRENT_TIME);
|
let ct = Duration::from_secs(TEST_CURRENT_TIME);
|
||||||
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
|
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
|
||||||
|
|
||||||
// get an account.
|
// get an account.
|
||||||
let account = idms_prox_write
|
let account = idms_prox_write
|
||||||
|
|
@ -3937,7 +3937,7 @@ mod tests {
|
||||||
//
|
//
|
||||||
// fernet_private_key_str
|
// fernet_private_key_str
|
||||||
// es256_private_key_der
|
// es256_private_key_der
|
||||||
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
|
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
|
||||||
let me_reset_tokens = unsafe {
|
let me_reset_tokens = unsafe {
|
||||||
ModifyEvent::new_internal_invalid(
|
ModifyEvent::new_internal_invalid(
|
||||||
filter!(f_eq("uuid", PartialValue::Uuid(UUID_DOMAIN_INFO))),
|
filter!(f_eq("uuid", PartialValue::Uuid(UUID_DOMAIN_INFO))),
|
||||||
|
|
@ -3976,7 +3976,7 @@ mod tests {
|
||||||
idms: &IdmServer,
|
idms: &IdmServer,
|
||||||
_idms_delayed: &mut IdmServerDelayed| {
|
_idms_delayed: &mut IdmServerDelayed| {
|
||||||
let ct = Duration::from_secs(TEST_CURRENT_TIME);
|
let ct = Duration::from_secs(TEST_CURRENT_TIME);
|
||||||
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
|
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
|
||||||
|
|
||||||
let ident = Identity::from_internal();
|
let ident = Identity::from_internal();
|
||||||
let target_uuid = Uuid::new_v4();
|
let target_uuid = Uuid::new_v4();
|
||||||
|
|
|
||||||
|
|
@ -352,7 +352,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
Err(OperationError::InvalidAttribute("uuid".to_string())),
|
Err(OperationError::InvalidAttribute("uuid".to_string())),
|
||||||
|
|
@ -413,7 +413,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
|
|
@ -449,7 +449,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
Err(OperationError::Plugin(PluginError::Base(
|
Err(OperationError::Plugin(PluginError::Base(
|
||||||
|
|
@ -647,7 +647,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
Err(OperationError::Plugin(PluginError::Base(
|
Err(OperationError::Plugin(PluginError::Base(
|
||||||
|
|
@ -679,7 +679,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
Err(OperationError::Plugin(PluginError::Base(
|
Err(OperationError::Plugin(PluginError::Base(
|
||||||
|
|
@ -709,7 +709,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
Err(OperationError::Plugin(PluginError::Base(
|
Err(OperationError::Plugin(PluginError::Base(
|
||||||
|
|
|
||||||
|
|
@ -132,7 +132,7 @@ mod tests {
|
||||||
use crate::prelude::*;
|
use crate::prelude::*;
|
||||||
use kanidm_proto::v1::PluginError;
|
use kanidm_proto::v1::PluginError;
|
||||||
|
|
||||||
const IMPORT_HASH: &'static str =
|
const IMPORT_HASH: &str =
|
||||||
"pbkdf2_sha256$36000$xIEozuZVAoYm$uW1b35DUKyhvQAf1mBqMvoBDcqSD06juzyO/nmyV0+w=";
|
"pbkdf2_sha256$36000$xIEozuZVAoYm$uW1b35DUKyhvQAf1mBqMvoBDcqSD06juzyO/nmyV0+w=";
|
||||||
// const IMPORT_PASSWORD: &'static str = "eicieY7ahchaoCh0eeTa";
|
// const IMPORT_PASSWORD: &'static str = "eicieY7ahchaoCh0eeTa";
|
||||||
|
|
||||||
|
|
@ -153,7 +153,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
|
|
||||||
run_create_test!(Ok(()), preload, create, None, |_| {});
|
run_create_test!(Ok(()), preload, create, None, |_| {});
|
||||||
}
|
}
|
||||||
|
|
@ -361,7 +361,7 @@ mod tests {
|
||||||
filter!(f_eq("name", PartialValue::new_iutf8("testperson"))),
|
filter!(f_eq("name", PartialValue::new_iutf8("testperson"))),
|
||||||
ModifyList::new_list(vec![Modify::Present(
|
ModifyList::new_list(vec![Modify::Present(
|
||||||
AttrString::from("totp_import"),
|
AttrString::from("totp_import"),
|
||||||
Value::TotpSecret("a".to_string(), totp_a.clone())
|
Value::TotpSecret("a".to_string(), totp_a)
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
|
||||||
|
|
@ -118,7 +118,7 @@ mod tests {
|
||||||
("displayname", Value::new_utf8s("testperson"))
|
("displayname", Value::new_utf8s("testperson"))
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
|
|
@ -150,7 +150,7 @@ mod tests {
|
||||||
("displayname", Value::new_utf8s("testperson"))
|
("displayname", Value::new_utf8s("testperson"))
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
|
|
@ -279,7 +279,7 @@ mod tests {
|
||||||
("displayname", Value::new_utf8s("testperson"))
|
("displayname", Value::new_utf8s("testperson"))
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
|
|
@ -304,7 +304,7 @@ mod tests {
|
||||||
("displayname", Value::new_utf8s("testperson"))
|
("displayname", Value::new_utf8s("testperson"))
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
|
|
@ -329,7 +329,7 @@ mod tests {
|
||||||
("displayname", Value::new_utf8s("testperson"))
|
("displayname", Value::new_utf8s("testperson"))
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
|
|
|
||||||
|
|
@ -422,12 +422,12 @@ impl MemberOf {
|
||||||
mod tests {
|
mod tests {
|
||||||
use crate::prelude::*;
|
use crate::prelude::*;
|
||||||
|
|
||||||
const UUID_A: &'static str = "aaaaaaaa-f82e-4484-a407-181aa03bda5c";
|
const UUID_A: &str = "aaaaaaaa-f82e-4484-a407-181aa03bda5c";
|
||||||
const UUID_B: &'static str = "bbbbbbbb-2438-4384-9891-48f4c8172e9b";
|
const UUID_B: &str = "bbbbbbbb-2438-4384-9891-48f4c8172e9b";
|
||||||
const UUID_C: &'static str = "cccccccc-9b01-423f-9ba6-51aa4bbd5dd2";
|
const UUID_C: &str = "cccccccc-9b01-423f-9ba6-51aa4bbd5dd2";
|
||||||
const UUID_D: &'static str = "dddddddd-2ab3-48e3-938d-1b4754cd2984";
|
const UUID_D: &str = "dddddddd-2ab3-48e3-938d-1b4754cd2984";
|
||||||
|
|
||||||
const EA: &'static str = r#"{
|
const EA: &str = r#"{
|
||||||
"attrs": {
|
"attrs": {
|
||||||
"class": ["group", "memberof"],
|
"class": ["group", "memberof"],
|
||||||
"name": ["testgroup_a"],
|
"name": ["testgroup_a"],
|
||||||
|
|
@ -435,7 +435,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
}"#;
|
}"#;
|
||||||
|
|
||||||
const EB: &'static str = r#"{
|
const EB: &str = r#"{
|
||||||
"attrs": {
|
"attrs": {
|
||||||
"class": ["group", "memberof"],
|
"class": ["group", "memberof"],
|
||||||
"name": ["testgroup_b"],
|
"name": ["testgroup_b"],
|
||||||
|
|
@ -443,7 +443,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
}"#;
|
}"#;
|
||||||
|
|
||||||
const EC: &'static str = r#"{
|
const EC: &str = r#"{
|
||||||
"attrs": {
|
"attrs": {
|
||||||
"class": ["group", "memberof"],
|
"class": ["group", "memberof"],
|
||||||
"name": ["testgroup_c"],
|
"name": ["testgroup_c"],
|
||||||
|
|
@ -451,7 +451,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
}"#;
|
}"#;
|
||||||
|
|
||||||
const ED: &'static str = r#"{
|
const ED: &str = r#"{
|
||||||
"attrs": {
|
"attrs": {
|
||||||
"class": ["group", "memberof"],
|
"class": ["group", "memberof"],
|
||||||
"name": ["testgroup_d"],
|
"name": ["testgroup_d"],
|
||||||
|
|
@ -524,7 +524,7 @@ mod tests {
|
||||||
|
|
||||||
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
|
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
|
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
let create = vec![ea, eb];
|
let create = vec![ea, eb];
|
||||||
|
|
@ -554,8 +554,8 @@ mod tests {
|
||||||
|
|
||||||
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
|
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
let create = vec![ea, eb, ec];
|
let create = vec![ea, eb, ec];
|
||||||
|
|
@ -605,9 +605,9 @@ mod tests {
|
||||||
|
|
||||||
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
let create = vec![ea, eb, ec];
|
let create = vec![ea, eb, ec];
|
||||||
|
|
@ -659,13 +659,13 @@ mod tests {
|
||||||
|
|
||||||
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
|
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
|
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_D).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_D).unwrap());
|
||||||
|
|
||||||
ed.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
|
ed.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
let create = vec![ea, eb, ec, ed];
|
let create = vec![ea, eb, ec, ed];
|
||||||
|
|
@ -733,10 +733,10 @@ mod tests {
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
|
||||||
ModifyList::new_list(vec![Modify::Present(
|
ModifyList::new_list(vec![Modify::Present(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
Value::new_refer_s(&UUID_B).unwrap()
|
Value::new_refer_s(UUID_B).unwrap()
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
@ -763,16 +763,16 @@ mod tests {
|
||||||
|
|
||||||
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec];
|
let preload = vec![ea, eb, ec];
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
|
||||||
ModifyList::new_list(vec![Modify::Present(
|
ModifyList::new_list(vec![Modify::Present(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
Value::new_refer_s(&UUID_B).unwrap()
|
Value::new_refer_s(UUID_B).unwrap()
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
@ -817,16 +817,16 @@ mod tests {
|
||||||
|
|
||||||
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec];
|
let preload = vec![ea, eb, ec];
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_B).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_B).unwrap())),
|
||||||
ModifyList::new_list(vec![Modify::Present(
|
ModifyList::new_list(vec![Modify::Present(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
Value::new_refer_s(&UUID_C).unwrap()
|
Value::new_refer_s(UUID_C).unwrap()
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
@ -873,17 +873,17 @@ mod tests {
|
||||||
|
|
||||||
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec];
|
let preload = vec![ea, eb, ec];
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_C).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_C).unwrap())),
|
||||||
ModifyList::new_list(vec![Modify::Present(
|
ModifyList::new_list(vec![Modify::Present(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
Value::new_refer_s(&UUID_A).unwrap()
|
Value::new_refer_s(UUID_A).unwrap()
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
@ -936,21 +936,21 @@ mod tests {
|
||||||
|
|
||||||
let ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
|
let ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_D).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_D).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec, ed];
|
let preload = vec![ea, eb, ec, ed];
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_or!([
|
filter!(f_or!([
|
||||||
f_eq("uuid", PartialValue::new_uuid_s(&UUID_C).unwrap()),
|
f_eq("uuid", PartialValue::new_uuid_s(UUID_C).unwrap()),
|
||||||
f_eq("uuid", PartialValue::new_uuid_s(&UUID_D).unwrap()),
|
f_eq("uuid", PartialValue::new_uuid_s(UUID_D).unwrap()),
|
||||||
])),
|
])),
|
||||||
ModifyList::new_list(vec![Modify::Present(
|
ModifyList::new_list(vec![Modify::Present(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
Value::new_refer_s(&UUID_A).unwrap()
|
Value::new_refer_s(UUID_A).unwrap()
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
@ -1009,17 +1009,17 @@ mod tests {
|
||||||
|
|
||||||
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
|
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb];
|
let preload = vec![ea, eb];
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
|
||||||
ModifyList::new_list(vec![Modify::Removed(
|
ModifyList::new_list(vec![Modify::Removed(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
PartialValue::new_refer_s(&UUID_B).unwrap()
|
PartialValue::new_refer_s(UUID_B).unwrap()
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
@ -1046,19 +1046,19 @@ mod tests {
|
||||||
|
|
||||||
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec];
|
let preload = vec![ea, eb, ec];
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
|
||||||
ModifyList::new_list(vec![Modify::Removed(
|
ModifyList::new_list(vec![Modify::Removed(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
PartialValue::new_refer_s(&UUID_B).unwrap()
|
PartialValue::new_refer_s(UUID_B).unwrap()
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
@ -1103,20 +1103,20 @@ mod tests {
|
||||||
|
|
||||||
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec];
|
let preload = vec![ea, eb, ec];
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_B).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_B).unwrap())),
|
||||||
ModifyList::new_list(vec![Modify::Removed(
|
ModifyList::new_list(vec![Modify::Removed(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
PartialValue::new_refer_s(&UUID_C).unwrap()
|
PartialValue::new_refer_s(UUID_C).unwrap()
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
@ -1162,29 +1162,29 @@ mod tests {
|
||||||
|
|
||||||
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec];
|
let preload = vec![ea, eb, ec];
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_C).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_C).unwrap())),
|
||||||
ModifyList::new_list(vec![Modify::Removed(
|
ModifyList::new_list(vec![Modify::Removed(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
PartialValue::new_refer_s(&UUID_A).unwrap()
|
PartialValue::new_refer_s(UUID_A).unwrap()
|
||||||
)]),
|
)]),
|
||||||
None,
|
None,
|
||||||
|_| {},
|
|_| {},
|
||||||
|
|
@ -1238,44 +1238,44 @@ mod tests {
|
||||||
|
|
||||||
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
|
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_D).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_D).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
ed.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
|
ed.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ed.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
|
ed.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
|
||||||
ed.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ed.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ed.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ed.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ed.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ed.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec, ed];
|
let preload = vec![ea, eb, ec, ed];
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_C).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_C).unwrap())),
|
||||||
ModifyList::new_list(vec![
|
ModifyList::new_list(vec![
|
||||||
Modify::Removed(
|
Modify::Removed(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
PartialValue::new_refer_s(&UUID_A).unwrap()
|
PartialValue::new_refer_s(UUID_A).unwrap()
|
||||||
),
|
),
|
||||||
Modify::Removed(
|
Modify::Removed(
|
||||||
AttrString::from("member"),
|
AttrString::from("member"),
|
||||||
PartialValue::new_refer_s(&UUID_D).unwrap()
|
PartialValue::new_refer_s(UUID_D).unwrap()
|
||||||
),
|
),
|
||||||
]),
|
]),
|
||||||
None,
|
None,
|
||||||
|
|
@ -1333,14 +1333,14 @@ mod tests {
|
||||||
|
|
||||||
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
|
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb];
|
let preload = vec![ea, eb];
|
||||||
run_delete_test!(
|
run_delete_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
|
||||||
None,
|
None,
|
||||||
|qs: &mut QueryServerWriteTransaction| {
|
|qs: &mut QueryServerWriteTransaction| {
|
||||||
// V-- this uuid is
|
// V-- this uuid is
|
||||||
|
|
@ -1363,18 +1363,18 @@ mod tests {
|
||||||
|
|
||||||
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec];
|
let preload = vec![ea, eb, ec];
|
||||||
run_delete_test!(
|
run_delete_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
|
||||||
None,
|
None,
|
||||||
|qs: &mut QueryServerWriteTransaction| {
|
|qs: &mut QueryServerWriteTransaction| {
|
||||||
// V-- this uuid is
|
// V-- this uuid is
|
||||||
|
|
@ -1407,18 +1407,18 @@ mod tests {
|
||||||
|
|
||||||
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
|
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec];
|
let preload = vec![ea, eb, ec];
|
||||||
run_delete_test!(
|
run_delete_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_B).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_B).unwrap())),
|
||||||
None,
|
None,
|
||||||
|qs: &mut QueryServerWriteTransaction| {
|
|qs: &mut QueryServerWriteTransaction| {
|
||||||
// V-- this uuid is
|
// V-- this uuid is
|
||||||
|
|
@ -1452,26 +1452,26 @@ mod tests {
|
||||||
|
|
||||||
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
|
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
|
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec];
|
let preload = vec![ea, eb, ec];
|
||||||
run_delete_test!(
|
run_delete_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
|
||||||
None,
|
None,
|
||||||
|qs: &mut QueryServerWriteTransaction| {
|
|qs: &mut QueryServerWriteTransaction| {
|
||||||
// V-- this uuid is
|
// V-- this uuid is
|
||||||
|
|
@ -1508,36 +1508,36 @@ mod tests {
|
||||||
|
|
||||||
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
|
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
|
||||||
|
|
||||||
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ea.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
|
ea.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
|
||||||
|
|
||||||
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
eb.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
|
eb.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
|
||||||
|
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ec.add_ava("member", Value::new_refer_s(&UUID_D).unwrap());
|
ec.add_ava("member", Value::new_refer_s(UUID_D).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ec.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
|
ec.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
|
||||||
|
|
||||||
ed.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
|
ed.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ed.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
|
ed.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
|
||||||
ed.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
|
ed.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
|
||||||
ed.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
|
ed.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
|
||||||
ed.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
|
ed.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
|
||||||
|
|
||||||
let preload = vec![ea, eb, ec, ed];
|
let preload = vec![ea, eb, ec, ed];
|
||||||
run_delete_test!(
|
run_delete_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
preload,
|
preload,
|
||||||
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_B).unwrap())),
|
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_B).unwrap())),
|
||||||
None,
|
None,
|
||||||
|qs: &mut QueryServerWriteTransaction| {
|
|qs: &mut QueryServerWriteTransaction| {
|
||||||
// V-- this uuid is
|
// V-- this uuid is
|
||||||
|
|
|
||||||
|
|
@ -381,7 +381,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
let preload = PRELOAD.clone();
|
let preload = PRELOAD.clone();
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
|
|
@ -408,7 +408,7 @@ mod tests {
|
||||||
);
|
);
|
||||||
|
|
||||||
let mut preload = PRELOAD.clone();
|
let mut preload = PRELOAD.clone();
|
||||||
preload.push(e.clone());
|
preload.push(e);
|
||||||
|
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Err(OperationError::SystemProtectedObject),
|
Err(OperationError::SystemProtectedObject),
|
||||||
|
|
@ -439,7 +439,7 @@ mod tests {
|
||||||
);
|
);
|
||||||
|
|
||||||
let mut preload = PRELOAD.clone();
|
let mut preload = PRELOAD.clone();
|
||||||
preload.push(e.clone());
|
preload.push(e);
|
||||||
|
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
|
|
@ -470,7 +470,7 @@ mod tests {
|
||||||
);
|
);
|
||||||
|
|
||||||
let mut preload = PRELOAD.clone();
|
let mut preload = PRELOAD.clone();
|
||||||
preload.push(e.clone());
|
preload.push(e);
|
||||||
|
|
||||||
run_delete_test!(
|
run_delete_test!(
|
||||||
Err(OperationError::SystemProtectedObject),
|
Err(OperationError::SystemProtectedObject),
|
||||||
|
|
@ -504,7 +504,7 @@ mod tests {
|
||||||
);
|
);
|
||||||
|
|
||||||
let mut preload = PRELOAD.clone();
|
let mut preload = PRELOAD.clone();
|
||||||
preload.push(e.clone());
|
preload.push(e);
|
||||||
|
|
||||||
run_modify_test!(
|
run_modify_test!(
|
||||||
Ok(()),
|
Ok(()),
|
||||||
|
|
@ -578,7 +578,7 @@ mod tests {
|
||||||
);
|
);
|
||||||
|
|
||||||
let mut preload = PRELOAD.clone();
|
let mut preload = PRELOAD.clone();
|
||||||
preload.push(e.clone());
|
preload.push(e);
|
||||||
|
|
||||||
run_delete_test!(
|
run_delete_test!(
|
||||||
Err(OperationError::SystemProtectedObject),
|
Err(OperationError::SystemProtectedObject),
|
||||||
|
|
|
||||||
|
|
@ -270,7 +270,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
Err(OperationError::Plugin(PluginError::ReferentialIntegrity(
|
Err(OperationError::Plugin(PluginError::ReferentialIntegrity(
|
||||||
|
|
|
||||||
|
|
@ -220,7 +220,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
|
|
@ -275,7 +275,7 @@ mod tests {
|
||||||
}"#,
|
}"#,
|
||||||
);
|
);
|
||||||
|
|
||||||
let create = vec![e.clone()];
|
let create = vec![e];
|
||||||
let preload = Vec::new();
|
let preload = Vec::new();
|
||||||
|
|
||||||
run_create_test!(
|
run_create_test!(
|
||||||
|
|
|
||||||
|
|
@ -132,7 +132,7 @@ mod tests {
|
||||||
#[test]
|
#[test]
|
||||||
fn test_cid_lamport() {
|
fn test_cid_lamport() {
|
||||||
let d_uuid = uuid!("00000000-0000-0000-0000-000000000001");
|
let d_uuid = uuid!("00000000-0000-0000-0000-000000000001");
|
||||||
let s_uuid = d_uuid.clone();
|
let s_uuid = d_uuid;
|
||||||
|
|
||||||
let ts5 = Duration::new(5, 0);
|
let ts5 = Duration::new(5, 0);
|
||||||
let ts10 = Duration::new(10, 0);
|
let ts10 = Duration::new(10, 0);
|
||||||
|
|
@ -140,9 +140,9 @@ mod tests {
|
||||||
|
|
||||||
let cid_z = unsafe { Cid::new_zero() };
|
let cid_z = unsafe { Cid::new_zero() };
|
||||||
|
|
||||||
let cid_a = Cid::new_lamport(d_uuid, s_uuid, ts5.clone(), &ts5);
|
let cid_a = Cid::new_lamport(d_uuid, s_uuid, ts5, &ts5);
|
||||||
assert!(cid_a.cmp(&cid_z) == Ordering::Greater);
|
assert!(cid_a.cmp(&cid_z) == Ordering::Greater);
|
||||||
let cid_b = Cid::new_lamport(d_uuid, s_uuid, ts15.clone(), &ts10);
|
let cid_b = Cid::new_lamport(d_uuid, s_uuid, ts15, &ts10);
|
||||||
assert!(cid_b.cmp(&cid_a) == Ordering::Greater);
|
assert!(cid_b.cmp(&cid_a) == Ordering::Greater);
|
||||||
// Even with an older ts, we should still step forward.
|
// Even with an older ts, we should still step forward.
|
||||||
let cid_c = Cid::new_lamport(d_uuid, s_uuid, ts10, &ts15);
|
let cid_c = Cid::new_lamport(d_uuid, s_uuid, ts10, &ts15);
|
||||||
|
|
|
||||||
|
|
@ -2214,7 +2214,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_schema_entries() {
|
fn test_schema_entries() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
// Given an entry, assert it's schema is valid
|
// Given an entry, assert it's schema is valid
|
||||||
// We do
|
// We do
|
||||||
let schema_outer = Schema::new().expect("failed to create schema");
|
let schema_outer = Schema::new().expect("failed to create schema");
|
||||||
|
|
@ -2531,7 +2531,7 @@ mod tests {
|
||||||
let schema_outer = Schema::new().expect("failed to create schema");
|
let schema_outer = Schema::new().expect("failed to create schema");
|
||||||
let mut schema = schema_outer.write_blocking();
|
let mut schema = schema_outer.write_blocking();
|
||||||
|
|
||||||
assert!(schema.validate().len() == 0);
|
assert!(schema.validate().is_empty());
|
||||||
|
|
||||||
// Attempt to create a class with a phantom attribute, should be refused.
|
// Attempt to create a class with a phantom attribute, should be refused.
|
||||||
let class = SchemaClass {
|
let class = SchemaClass {
|
||||||
|
|
@ -2549,12 +2549,12 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_schema_class_exclusion_requires() {
|
fn test_schema_class_exclusion_requires() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
|
|
||||||
let schema_outer = Schema::new().expect("failed to create schema");
|
let schema_outer = Schema::new().expect("failed to create schema");
|
||||||
let mut schema = schema_outer.write_blocking();
|
let mut schema = schema_outer.write_blocking();
|
||||||
|
|
||||||
assert!(schema.validate().len() == 0);
|
assert!(schema.validate().is_empty());
|
||||||
|
|
||||||
// We setup some classes that have requires and excludes and check that they
|
// We setup some classes that have requires and excludes and check that they
|
||||||
// are enforced correctly.
|
// are enforced correctly.
|
||||||
|
|
|
||||||
|
|
@ -1583,7 +1583,7 @@ mod tests {
|
||||||
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
||||||
let ev2 = unsafe { E_TESTPERSON_2.clone().into_sealed_committed() };
|
let ev2 = unsafe { E_TESTPERSON_2.clone().into_sealed_committed() };
|
||||||
|
|
||||||
let r_set = vec![Arc::new(ev1.clone()), Arc::new(ev2.clone())];
|
let r_set = vec![Arc::new(ev1.clone()), Arc::new(ev2)];
|
||||||
|
|
||||||
let se_a = unsafe {
|
let se_a = unsafe {
|
||||||
SearchEvent::new_impersonate_entry(
|
SearchEvent::new_impersonate_entry(
|
||||||
|
|
@ -1591,7 +1591,7 @@ mod tests {
|
||||||
filter_all!(f_pres("name")),
|
filter_all!(f_pres("name")),
|
||||||
)
|
)
|
||||||
};
|
};
|
||||||
let ex_a = vec![Arc::new(ev1.clone())];
|
let ex_a = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
let se_b = unsafe {
|
let se_b = unsafe {
|
||||||
SearchEvent::new_impersonate_entry(
|
SearchEvent::new_impersonate_entry(
|
||||||
|
|
@ -1624,7 +1624,7 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_access_enforce_scope_search() {
|
fn test_access_enforce_scope_search() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
// Test that identities are bound by their access scope.
|
// Test that identities are bound by their access scope.
|
||||||
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
||||||
|
|
||||||
|
|
@ -1673,7 +1673,7 @@ mod tests {
|
||||||
|
|
||||||
test_acp_search!(&se_ro, vec![acp.clone()], r_set.clone(), ex_some);
|
test_acp_search!(&se_ro, vec![acp.clone()], r_set.clone(), ex_some);
|
||||||
|
|
||||||
test_acp_search!(&se_rw, vec![acp.clone()], r_set.clone(), ex_some);
|
test_acp_search!(&se_rw, vec![acp], r_set, ex_some);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
@ -1682,11 +1682,11 @@ mod tests {
|
||||||
// "nothing to do" based on search_filter_entries, but we do the "right thing" anyway.
|
// "nothing to do" based on search_filter_entries, but we do the "right thing" anyway.
|
||||||
|
|
||||||
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
||||||
let r_set = vec![Arc::new(ev1.clone())];
|
let r_set = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
let exv1 = unsafe { E_TESTPERSON_1_REDUCED.clone().into_sealed_committed() };
|
let exv1 = unsafe { E_TESTPERSON_1_REDUCED.clone().into_sealed_committed() };
|
||||||
|
|
||||||
let ex_anon_some = vec![exv1.clone()];
|
let ex_anon_some = vec![exv1];
|
||||||
let ex_anon_none: Vec<EntrySealedCommitted> = vec![];
|
let ex_anon_none: Vec<EntrySealedCommitted> = vec![];
|
||||||
|
|
||||||
let se_anon_io = unsafe {
|
let se_anon_io = unsafe {
|
||||||
|
|
@ -1734,10 +1734,10 @@ mod tests {
|
||||||
// In this case, we test that a user can only see "name" despite the
|
// In this case, we test that a user can only see "name" despite the
|
||||||
// class and uuid being present.
|
// class and uuid being present.
|
||||||
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
||||||
let r_set = vec![Arc::new(ev1.clone())];
|
let r_set = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
let exv1 = unsafe { E_TESTPERSON_1_REDUCED.clone().into_sealed_committed() };
|
let exv1 = unsafe { E_TESTPERSON_1_REDUCED.clone().into_sealed_committed() };
|
||||||
let ex_anon = vec![exv1.clone()];
|
let ex_anon = vec![exv1];
|
||||||
|
|
||||||
let se_anon = unsafe {
|
let se_anon = unsafe {
|
||||||
SearchEvent::new_impersonate_entry(
|
SearchEvent::new_impersonate_entry(
|
||||||
|
|
@ -1771,10 +1771,10 @@ mod tests {
|
||||||
// class and uuid being present.
|
// class and uuid being present.
|
||||||
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
||||||
|
|
||||||
let r_set = vec![Arc::new(ev1.clone())];
|
let r_set = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
let exv1 = unsafe { E_TESTPERSON_1_REDUCED.clone().into_sealed_committed() };
|
let exv1 = unsafe { E_TESTPERSON_1_REDUCED.clone().into_sealed_committed() };
|
||||||
let ex_anon = vec![exv1.clone()];
|
let ex_anon = vec![exv1];
|
||||||
|
|
||||||
let mut se_anon = unsafe {
|
let mut se_anon = unsafe {
|
||||||
SearchEvent::new_impersonate_entry(
|
SearchEvent::new_impersonate_entry(
|
||||||
|
|
@ -1829,7 +1829,7 @@ mod tests {
|
||||||
#[test]
|
#[test]
|
||||||
fn test_access_enforce_modify() {
|
fn test_access_enforce_modify() {
|
||||||
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
||||||
let r_set = vec![Arc::new(ev1.clone())];
|
let r_set = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
// Name present
|
// Name present
|
||||||
let me_pres = unsafe {
|
let me_pres = unsafe {
|
||||||
|
|
@ -1952,22 +1952,22 @@ mod tests {
|
||||||
// test allowed rem class
|
// test allowed rem class
|
||||||
test_acp_modify!(&me_rem_class, vec![acp_allow.clone()], &r_set, true);
|
test_acp_modify!(&me_rem_class, vec![acp_allow.clone()], &r_set, true);
|
||||||
// test reject purge-class even if class present in allowed remattrs
|
// test reject purge-class even if class present in allowed remattrs
|
||||||
test_acp_modify!(&me_purge_class, vec![acp_allow.clone()], &r_set, false);
|
test_acp_modify!(&me_purge_class, vec![acp_allow], &r_set, false);
|
||||||
|
|
||||||
// Test reject pres class, but class not in classes
|
// Test reject pres class, but class not in classes
|
||||||
test_acp_modify!(&me_pres_class, vec![acp_no_class.clone()], &r_set, false);
|
test_acp_modify!(&me_pres_class, vec![acp_no_class.clone()], &r_set, false);
|
||||||
// Test reject pres class, class in classes but not in pres attrs
|
// Test reject pres class, class in classes but not in pres attrs
|
||||||
test_acp_modify!(&me_pres_class, vec![acp_deny.clone()], &r_set, false);
|
test_acp_modify!(&me_pres_class, vec![acp_deny.clone()], &r_set, false);
|
||||||
// test reject rem class, but class not in classes
|
// test reject rem class, but class not in classes
|
||||||
test_acp_modify!(&me_rem_class, vec![acp_no_class.clone()], &r_set, false);
|
test_acp_modify!(&me_rem_class, vec![acp_no_class], &r_set, false);
|
||||||
// test reject rem class, class in classes but not in pres attrs
|
// test reject rem class, class in classes but not in pres attrs
|
||||||
test_acp_modify!(&me_rem_class, vec![acp_deny.clone()], &r_set, false);
|
test_acp_modify!(&me_rem_class, vec![acp_deny], &r_set, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_access_enforce_scope_modify() {
|
fn test_access_enforce_scope_modify() {
|
||||||
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
||||||
let r_set = vec![Arc::new(ev1.clone())];
|
let r_set = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
// Name present
|
// Name present
|
||||||
let me_pres_io = unsafe {
|
let me_pres_io = unsafe {
|
||||||
|
|
@ -2017,7 +2017,7 @@ mod tests {
|
||||||
|
|
||||||
test_acp_modify!(&me_pres_ro, vec![acp_allow.clone()], &r_set, false);
|
test_acp_modify!(&me_pres_ro, vec![acp_allow.clone()], &r_set, false);
|
||||||
|
|
||||||
test_acp_modify!(&me_pres_rw, vec![acp_allow.clone()], &r_set, true);
|
test_acp_modify!(&me_pres_rw, vec![acp_allow], &r_set, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
macro_rules! test_acp_create {
|
macro_rules! test_acp_create {
|
||||||
|
|
@ -2050,7 +2050,7 @@ mod tests {
|
||||||
("name", Value::new_iname("testperson1")),
|
("name", Value::new_iname("testperson1")),
|
||||||
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
||||||
);
|
);
|
||||||
let r1_set = vec![ev1.clone()];
|
let r1_set = vec![ev1];
|
||||||
|
|
||||||
let ev2 = entry_init!(
|
let ev2 = entry_init!(
|
||||||
("class", Value::new_class("account")),
|
("class", Value::new_class("account")),
|
||||||
|
|
@ -2059,7 +2059,7 @@ mod tests {
|
||||||
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
||||||
);
|
);
|
||||||
|
|
||||||
let r2_set = vec![ev2.clone()];
|
let r2_set = vec![ev2];
|
||||||
|
|
||||||
let ev3 = entry_init!(
|
let ev3 = entry_init!(
|
||||||
("class", Value::new_class("account")),
|
("class", Value::new_class("account")),
|
||||||
|
|
@ -2067,7 +2067,7 @@ mod tests {
|
||||||
("name", Value::new_iname("testperson1")),
|
("name", Value::new_iname("testperson1")),
|
||||||
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
||||||
);
|
);
|
||||||
let r3_set = vec![ev3.clone()];
|
let r3_set = vec![ev3];
|
||||||
|
|
||||||
let ev4 = entry_init!(
|
let ev4 = entry_init!(
|
||||||
("class", Value::new_class("account")),
|
("class", Value::new_class("account")),
|
||||||
|
|
@ -2075,7 +2075,7 @@ mod tests {
|
||||||
("name", Value::new_iname("testperson1")),
|
("name", Value::new_iname("testperson1")),
|
||||||
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
||||||
);
|
);
|
||||||
let r4_set = vec![ev4.clone()];
|
let r4_set = vec![ev4];
|
||||||
|
|
||||||
// In this case, we can make the create event with an empty entry
|
// In this case, we can make the create event with an empty entry
|
||||||
// set because we only reference the entries in r_set in the test.
|
// set because we only reference the entries in r_set in the test.
|
||||||
|
|
@ -2136,7 +2136,7 @@ mod tests {
|
||||||
("name", Value::new_iname("testperson1")),
|
("name", Value::new_iname("testperson1")),
|
||||||
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
|
||||||
);
|
);
|
||||||
let r1_set = vec![ev1.clone()];
|
let r1_set = vec![ev1];
|
||||||
|
|
||||||
let admin = E_TEST_ACCOUNT_1.clone();
|
let admin = E_TEST_ACCOUNT_1.clone();
|
||||||
|
|
||||||
|
|
@ -2151,7 +2151,7 @@ mod tests {
|
||||||
);
|
);
|
||||||
|
|
||||||
let ce_admin_rw = CreateEvent::new_impersonate_identity(
|
let ce_admin_rw = CreateEvent::new_impersonate_identity(
|
||||||
Identity::from_impersonate_entry_readwrite(admin.clone()),
|
Identity::from_impersonate_entry_readwrite(admin),
|
||||||
vec![],
|
vec![],
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
@ -2204,7 +2204,7 @@ mod tests {
|
||||||
#[test]
|
#[test]
|
||||||
fn test_access_enforce_delete() {
|
fn test_access_enforce_delete() {
|
||||||
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
||||||
let r_set = vec![Arc::new(ev1.clone())];
|
let r_set = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
let de_admin = unsafe {
|
let de_admin = unsafe {
|
||||||
DeleteEvent::new_impersonate_entry(
|
DeleteEvent::new_impersonate_entry(
|
||||||
|
|
@ -2240,7 +2240,7 @@ mod tests {
|
||||||
#[test]
|
#[test]
|
||||||
fn test_access_enforce_scope_delete() {
|
fn test_access_enforce_scope_delete() {
|
||||||
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
|
||||||
let r_set = vec![Arc::new(ev1.clone())];
|
let r_set = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
let admin = E_TEST_ACCOUNT_1.clone();
|
let admin = E_TEST_ACCOUNT_1.clone();
|
||||||
|
|
||||||
|
|
@ -2255,7 +2255,7 @@ mod tests {
|
||||||
);
|
);
|
||||||
|
|
||||||
let de_admin_rw = DeleteEvent::new_impersonate_identity(
|
let de_admin_rw = DeleteEvent::new_impersonate_identity(
|
||||||
Identity::from_impersonate_entry_readwrite(admin.clone()),
|
Identity::from_impersonate_entry_readwrite(admin),
|
||||||
filter_all!(f_eq("name", PartialValue::new_iname("testperson1"))),
|
filter_all!(f_eq("name", PartialValue::new_iname("testperson1"))),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
@ -2307,14 +2307,14 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_access_effective_permission_check_1() {
|
fn test_access_effective_permission_check_1() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
|
|
||||||
let admin = Identity::from_impersonate_entry_readwrite(E_TEST_ACCOUNT_1.clone());
|
let admin = Identity::from_impersonate_entry_readwrite(E_TEST_ACCOUNT_1.clone());
|
||||||
|
|
||||||
let e1: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(JSON_TESTPERSON1);
|
let e1: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(JSON_TESTPERSON1);
|
||||||
let ev1 = unsafe { e1.into_sealed_committed() };
|
let ev1 = unsafe { e1.into_sealed_committed() };
|
||||||
|
|
||||||
let r_set = vec![Arc::new(ev1.clone())];
|
let r_set = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
test_acp_effective_permissions!(
|
test_acp_effective_permissions!(
|
||||||
&admin,
|
&admin,
|
||||||
|
|
@ -2346,14 +2346,14 @@ mod tests {
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_access_effective_permission_check_2() {
|
fn test_access_effective_permission_check_2() {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
|
|
||||||
let admin = Identity::from_impersonate_entry_readwrite(E_TEST_ACCOUNT_1.clone());
|
let admin = Identity::from_impersonate_entry_readwrite(E_TEST_ACCOUNT_1.clone());
|
||||||
|
|
||||||
let e1: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(JSON_TESTPERSON1);
|
let e1: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(JSON_TESTPERSON1);
|
||||||
let ev1 = unsafe { e1.into_sealed_committed() };
|
let ev1 = unsafe { e1.into_sealed_committed() };
|
||||||
|
|
||||||
let r_set = vec![Arc::new(ev1.clone())];
|
let r_set = vec![Arc::new(ev1)];
|
||||||
|
|
||||||
test_acp_effective_permissions!(
|
test_acp_effective_permissions!(
|
||||||
&admin,
|
&admin,
|
||||||
|
|
|
||||||
|
|
@ -58,7 +58,7 @@ impl AccessControlSearch {
|
||||||
},
|
},
|
||||||
attrs: attrs
|
attrs: attrs
|
||||||
.split_whitespace()
|
.split_whitespace()
|
||||||
.map(|s| AttrString::from(s))
|
.map(AttrString::from)
|
||||||
.collect(),
|
.collect(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -224,15 +224,15 @@ impl AccessControlModify {
|
||||||
},
|
},
|
||||||
classes: classes
|
classes: classes
|
||||||
.split_whitespace()
|
.split_whitespace()
|
||||||
.map(|s| AttrString::from(s))
|
.map(AttrString::from)
|
||||||
.collect(),
|
.collect(),
|
||||||
presattrs: presattrs
|
presattrs: presattrs
|
||||||
.split_whitespace()
|
.split_whitespace()
|
||||||
.map(|s| AttrString::from(s))
|
.map(AttrString::from)
|
||||||
.collect(),
|
.collect(),
|
||||||
remattrs: remattrs
|
remattrs: remattrs
|
||||||
.split_whitespace()
|
.split_whitespace()
|
||||||
.map(|s| AttrString::from(s))
|
.map(AttrString::from)
|
||||||
.collect(),
|
.collect(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -246,7 +246,7 @@ mod tests {
|
||||||
let r2 = server_b_txn.search(&se_b).expect("search failure");
|
let r2 = server_b_txn.search(&se_b).expect("search failure");
|
||||||
assert!(r2.is_empty());
|
assert!(r2.is_empty());
|
||||||
|
|
||||||
let cr = server_b_txn.internal_create(vec![e.clone()]);
|
let cr = server_b_txn.internal_create(vec![e]);
|
||||||
assert!(cr.is_ok());
|
assert!(cr.is_ok());
|
||||||
|
|
||||||
// Now is present
|
// Now is present
|
||||||
|
|
|
||||||
|
|
@ -203,7 +203,7 @@ mod tests {
|
||||||
("displayname", Value::new_utf8s("testperson3"))
|
("displayname", Value::new_utf8s("testperson3"))
|
||||||
);
|
);
|
||||||
|
|
||||||
let ce = CreateEvent::new_internal(vec![e1.clone(), e2.clone(), e3.clone()]);
|
let ce = CreateEvent::new_internal(vec![e1, e2, e3]);
|
||||||
|
|
||||||
let cr = server_txn.create(&ce);
|
let cr = server_txn.create(&ce);
|
||||||
assert!(cr.is_ok());
|
assert!(cr.is_ok());
|
||||||
|
|
|
||||||
|
|
@ -1569,25 +1569,25 @@ mod tests {
|
||||||
assert!(cr.is_ok());
|
assert!(cr.is_ok());
|
||||||
|
|
||||||
// test attr not exist
|
// test attr not exist
|
||||||
let r1 = server_txn.clone_value(&"tausau".to_string(), &"naoeutnhaou".to_string());
|
let r1 = server_txn.clone_value("tausau", "naoeutnhaou");
|
||||||
|
|
||||||
assert!(r1.is_err());
|
assert!(r1.is_err());
|
||||||
|
|
||||||
// test attr not-normalised (error)
|
// test attr not-normalised (error)
|
||||||
// test attr not-reference
|
// test attr not-reference
|
||||||
let r2 = server_txn.clone_value(&"NaMe".to_string(), &"NaMe".to_string());
|
let r2 = server_txn.clone_value("NaMe", "NaMe");
|
||||||
|
|
||||||
assert!(r2.is_err());
|
assert!(r2.is_err());
|
||||||
|
|
||||||
// test attr reference
|
// test attr reference
|
||||||
let r3 = server_txn.clone_value(&"member".to_string(), &"testperson1".to_string());
|
let r3 = server_txn.clone_value("member", "testperson1");
|
||||||
|
|
||||||
assert!(r3 == Ok(Value::Refer(uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))));
|
assert!(r3 == Ok(Value::Refer(uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))));
|
||||||
|
|
||||||
// test attr reference already resolved.
|
// test attr reference already resolved.
|
||||||
let r4 = server_txn.clone_value(
|
let r4 = server_txn.clone_value(
|
||||||
&"member".to_string(),
|
"member",
|
||||||
&"cc8e95b4-c24f-4d68-ba54-8bed76f63930".to_string(),
|
"cc8e95b4-c24f-4d68-ba54-8bed76f63930",
|
||||||
);
|
);
|
||||||
|
|
||||||
debug!("{:?}", r4);
|
debug!("{:?}", r4);
|
||||||
|
|
|
||||||
|
|
@ -490,7 +490,7 @@ mod tests {
|
||||||
("displayname", Value::new_utf8s("testperson2"))
|
("displayname", Value::new_utf8s("testperson2"))
|
||||||
);
|
);
|
||||||
|
|
||||||
let ce = CreateEvent::new_internal(vec![e1.clone(), e2.clone()]);
|
let ce = CreateEvent::new_internal(vec![e1, e2]);
|
||||||
|
|
||||||
let cr = server_txn.create(&ce);
|
let cr = server_txn.create(&ce);
|
||||||
assert!(cr.is_ok());
|
assert!(cr.is_ok());
|
||||||
|
|
@ -638,7 +638,7 @@ mod tests {
|
||||||
("displayname", Value::new_utf8s("testperson1"))
|
("displayname", Value::new_utf8s("testperson1"))
|
||||||
);
|
);
|
||||||
|
|
||||||
let ce = CreateEvent::new_internal(vec![e1.clone()]);
|
let ce = CreateEvent::new_internal(vec![e1]);
|
||||||
|
|
||||||
let cr = server_txn.create(&ce);
|
let cr = server_txn.create(&ce);
|
||||||
assert!(cr.is_ok());
|
assert!(cr.is_ok());
|
||||||
|
|
|
||||||
|
|
@ -477,7 +477,7 @@ mod tests {
|
||||||
assert!(server_txn.delete(&de_sin).is_ok());
|
assert!(server_txn.delete(&de_sin).is_ok());
|
||||||
// Can in be seen by special search? (external recycle search)
|
// Can in be seen by special search? (external recycle search)
|
||||||
let filt_rc = filter_all!(f_eq("class", PartialValue::new_class("recycled")));
|
let filt_rc = filter_all!(f_eq("class", PartialValue::new_class("recycled")));
|
||||||
let sre_rc = unsafe { SearchEvent::new_rec_impersonate_entry(admin, filt_rc.clone()) };
|
let sre_rc = unsafe { SearchEvent::new_rec_impersonate_entry(admin, filt_rc) };
|
||||||
let r2 = server_txn.search(&sre_rc).expect("search failed");
|
let r2 = server_txn.search(&sre_rc).expect("search failed");
|
||||||
assert!(r2.len() == 1);
|
assert!(r2.len() == 1);
|
||||||
|
|
||||||
|
|
@ -812,11 +812,11 @@ mod tests {
|
||||||
};
|
};
|
||||||
assert!(server_txn.revive_recycled(&rev3).is_ok());
|
assert!(server_txn.revive_recycled(&rev3).is_ok());
|
||||||
assert!(
|
assert!(
|
||||||
check_entry_has_mo(
|
!check_entry_has_mo(
|
||||||
&mut server_txn,
|
&mut server_txn,
|
||||||
"u3",
|
"u3",
|
||||||
"36048117-e479-45ed-aeb5-611e8d83d5b1"
|
"36048117-e479-45ed-aeb5-611e8d83d5b1"
|
||||||
) == false
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
// Revive u4, should NOT have the MO.
|
// Revive u4, should NOT have the MO.
|
||||||
|
|
@ -828,11 +828,11 @@ mod tests {
|
||||||
};
|
};
|
||||||
assert!(server_txn.revive_recycled(&rev4a).is_ok());
|
assert!(server_txn.revive_recycled(&rev4a).is_ok());
|
||||||
assert!(
|
assert!(
|
||||||
check_entry_has_mo(
|
!check_entry_has_mo(
|
||||||
&mut server_txn,
|
&mut server_txn,
|
||||||
"u4",
|
"u4",
|
||||||
"d5c59ac6-c533-4b00-989f-d0e183f07bab"
|
"d5c59ac6-c533-4b00-989f-d0e183f07bab"
|
||||||
) == false
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
// Now revive g4, should allow MO onto u4.
|
// Now revive g4, should allow MO onto u4.
|
||||||
|
|
@ -844,11 +844,11 @@ mod tests {
|
||||||
};
|
};
|
||||||
assert!(server_txn.revive_recycled(&rev4b).is_ok());
|
assert!(server_txn.revive_recycled(&rev4b).is_ok());
|
||||||
assert!(
|
assert!(
|
||||||
check_entry_has_mo(
|
!check_entry_has_mo(
|
||||||
&mut server_txn,
|
&mut server_txn,
|
||||||
"u4",
|
"u4",
|
||||||
"d5c59ac6-c533-4b00-989f-d0e183f07bab"
|
"d5c59ac6-c533-4b00-989f-d0e183f07bab"
|
||||||
) == false
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
assert!(server_txn.commit().is_ok());
|
assert!(server_txn.commit().is_ok());
|
||||||
|
|
|
||||||
|
|
@ -899,7 +899,7 @@ impl From<&str> for Value {
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
impl From<&Uuid> for Value {
|
impl From<&Uuid> for Value {
|
||||||
fn from(u: &Uuid) -> Self {
|
fn from(u: &Uuid) -> Self {
|
||||||
Value::Uuid(u.clone())
|
Value::Uuid(*u)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -37,7 +37,7 @@ pub fn is_free_port(port: u16) -> bool {
|
||||||
// allowed because the use of this function is behind a test gate
|
// allowed because the use of this function is behind a test gate
|
||||||
#[allow(dead_code)]
|
#[allow(dead_code)]
|
||||||
pub async fn setup_async_test() -> (KanidmClient, CoreHandle) {
|
pub async fn setup_async_test() -> (KanidmClient, CoreHandle) {
|
||||||
let _ = sketching::test_init();
|
sketching::test_init();
|
||||||
|
|
||||||
let mut counter = 0;
|
let mut counter = 0;
|
||||||
let port = loop {
|
let port = loop {
|
||||||
|
|
|
||||||
|
|
@ -55,16 +55,16 @@ static DEFAULT_HP_GROUP_NAMES: [&str; 24] = [
|
||||||
static DEFAULT_NOT_HP_GROUP_NAMES: [&str; 2] =
|
static DEFAULT_NOT_HP_GROUP_NAMES: [&str; 2] =
|
||||||
["idm_account_unix_extend_priv", "idm_group_unix_extend_priv"];
|
["idm_account_unix_extend_priv", "idm_group_unix_extend_priv"];
|
||||||
|
|
||||||
async fn create_user(rsclient: &KanidmClient, id: &str, group_name: &str) -> () {
|
async fn create_user(rsclient: &KanidmClient, id: &str, group_name: &str) {
|
||||||
rsclient.idm_person_account_create(id, id).await.unwrap();
|
rsclient.idm_person_account_create(id, id).await.unwrap();
|
||||||
|
|
||||||
// Create group and add to user to test read attr: member_of
|
// Create group and add to user to test read attr: member_of
|
||||||
if rsclient.idm_group_get(&group_name).await.unwrap().is_none() {
|
if rsclient.idm_group_get(group_name).await.unwrap().is_none() {
|
||||||
rsclient.idm_group_create(&group_name).await.unwrap();
|
rsclient.idm_group_create(group_name).await.unwrap();
|
||||||
}
|
}
|
||||||
|
|
||||||
rsclient
|
rsclient
|
||||||
.idm_group_add_members(&group_name, &[id])
|
.idm_group_add_members(group_name, &[id])
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
}
|
}
|
||||||
|
|
@ -137,27 +137,27 @@ async fn add_all_attrs(
|
||||||
) {
|
) {
|
||||||
// Extend with posix attrs to test read attr: gidnumber and loginshell
|
// Extend with posix attrs to test read attr: gidnumber and loginshell
|
||||||
rsclient
|
rsclient
|
||||||
.idm_person_account_unix_extend(id, None, Some(&"/bin/sh"))
|
.idm_person_account_unix_extend(id, None, Some("/bin/sh"))
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
rsclient
|
rsclient
|
||||||
.idm_group_unix_extend(&group_name, None)
|
.idm_group_unix_extend(group_name, None)
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
|
|
||||||
for attr in ["ssh_publickey", "mail"].iter() {
|
for attr in ["ssh_publickey", "mail"].iter() {
|
||||||
assert!(is_attr_writable(&rsclient, id, attr).await.unwrap());
|
assert!(is_attr_writable(rsclient, id, attr).await.unwrap());
|
||||||
}
|
}
|
||||||
|
|
||||||
if let Some(legalname) = legalname {
|
if let Some(legalname) = legalname {
|
||||||
assert!(is_attr_writable(&rsclient, legalname, "legalname")
|
assert!(is_attr_writable(rsclient, legalname, "legalname")
|
||||||
.await
|
.await
|
||||||
.unwrap());
|
.unwrap());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Write radius credentials
|
// Write radius credentials
|
||||||
if id != "anonymous" {
|
if id != "anonymous" {
|
||||||
login_account(&rsclient, id).await;
|
login_account(rsclient, id).await;
|
||||||
let _ = rsclient
|
let _ = rsclient
|
||||||
.idm_account_radius_credential_regenerate(id)
|
.idm_account_radius_credential_regenerate(id)
|
||||||
.await
|
.await
|
||||||
|
|
@ -173,15 +173,15 @@ async fn create_user_with_all_attrs(
|
||||||
rsclient: &KanidmClient,
|
rsclient: &KanidmClient,
|
||||||
id: &str,
|
id: &str,
|
||||||
optional_group: Option<&str>,
|
optional_group: Option<&str>,
|
||||||
) -> () {
|
) {
|
||||||
let group_format = format!("{}_group", id);
|
let group_format = format!("{}_group", id);
|
||||||
let group_name = optional_group.unwrap_or(&group_format);
|
let group_name = optional_group.unwrap_or(&group_format);
|
||||||
|
|
||||||
create_user(&rsclient, id, group_name).await;
|
create_user(rsclient, id, group_name).await;
|
||||||
add_all_attrs(&rsclient, id, group_name, Some(id)).await;
|
add_all_attrs(rsclient, id, group_name, Some(id)).await;
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn login_account(rsclient: &KanidmClient, id: &str) -> () {
|
async fn login_account(rsclient: &KanidmClient, id: &str) {
|
||||||
rsclient
|
rsclient
|
||||||
.idm_group_add_members(
|
.idm_group_add_members(
|
||||||
"idm_people_account_password_import_priv",
|
"idm_people_account_password_import_priv",
|
||||||
|
|
@ -210,7 +210,7 @@ async fn login_account(rsclient: &KanidmClient, id: &str) -> () {
|
||||||
// Login to the given account, but first login with default admin credentials.
|
// Login to the given account, but first login with default admin credentials.
|
||||||
// This is necessary when switching between unprivileged accounts, but adds extra calls which
|
// This is necessary when switching between unprivileged accounts, but adds extra calls which
|
||||||
// create extra debugging noise, so should be avoided when unnecessary.
|
// create extra debugging noise, so should be avoided when unnecessary.
|
||||||
async fn login_account_via_admin(rsclient: &KanidmClient, id: &str) -> () {
|
async fn login_account_via_admin(rsclient: &KanidmClient, id: &str) {
|
||||||
let _ = rsclient.logout();
|
let _ = rsclient.logout();
|
||||||
rsclient
|
rsclient
|
||||||
.auth_simple_password(ADMIN_TEST_USER, ADMIN_TEST_PASSWORD)
|
.auth_simple_password(ADMIN_TEST_USER, ADMIN_TEST_PASSWORD)
|
||||||
|
|
@ -224,7 +224,7 @@ async fn test_read_attrs(
|
||||||
id: &str,
|
id: &str,
|
||||||
attrs: &[&str],
|
attrs: &[&str],
|
||||||
is_readable: bool,
|
is_readable: bool,
|
||||||
) -> () {
|
) {
|
||||||
println!("Test read to {}, is readable: {}", id, is_readable);
|
println!("Test read to {}, is readable: {}", id, is_readable);
|
||||||
let rset = rsclient
|
let rset = rsclient
|
||||||
.search(Filter::Eq("name".to_string(), id.to_string()))
|
.search(Filter::Eq("name".to_string(), id.to_string()))
|
||||||
|
|
@ -251,11 +251,11 @@ async fn test_write_attrs(
|
||||||
id: &str,
|
id: &str,
|
||||||
attrs: &[&str],
|
attrs: &[&str],
|
||||||
is_writeable: bool,
|
is_writeable: bool,
|
||||||
) -> () {
|
) {
|
||||||
println!("Test write to {}, is writeable: {}", id, is_writeable);
|
println!("Test write to {}, is writeable: {}", id, is_writeable);
|
||||||
for attr in attrs.iter() {
|
for attr in attrs.iter() {
|
||||||
println!("Writing to {}", attr);
|
println!("Writing to {}", attr);
|
||||||
let is_ok = is_attr_writable(&rsclient, id, attr).await.unwrap();
|
let is_ok = is_attr_writable(rsclient, id, attr).await.unwrap();
|
||||||
assert!(is_ok == is_writeable)
|
assert!(is_ok == is_writeable)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -264,12 +264,12 @@ async fn test_modify_group(
|
||||||
rsclient: &KanidmClient,
|
rsclient: &KanidmClient,
|
||||||
group_names: &[&str],
|
group_names: &[&str],
|
||||||
is_modificable: bool,
|
is_modificable: bool,
|
||||||
) -> () {
|
) {
|
||||||
// need user test created to be added as test part
|
// need user test created to be added as test part
|
||||||
for group in group_names.iter() {
|
for group in group_names.iter() {
|
||||||
println!("Testing group: {}", group);
|
println!("Testing group: {}", group);
|
||||||
for attr in ["description", "name"].iter() {
|
for attr in ["description", "name"].iter() {
|
||||||
assert!(is_attr_writable(&rsclient, group, attr).await.unwrap() == is_modificable)
|
assert!(is_attr_writable(rsclient, group, attr).await.unwrap() == is_modificable)
|
||||||
}
|
}
|
||||||
assert!(
|
assert!(
|
||||||
rsclient
|
rsclient
|
||||||
|
|
|
||||||
|
|
@ -257,8 +257,7 @@ async fn test_oauth2_openid_basic_flow(rsclient: KanidmClient) {
|
||||||
let redir_str = response
|
let redir_str = response
|
||||||
.headers()
|
.headers()
|
||||||
.get("Location")
|
.get("Location")
|
||||||
.map(|hv| hv.to_str().ok().map(str::to_string))
|
.and_then(|hv| hv.to_str().ok().map(str::to_string))
|
||||||
.flatten()
|
|
||||||
.expect("Invalid redirect url");
|
.expect("Invalid redirect url");
|
||||||
|
|
||||||
// Now check it's content
|
// Now check it's content
|
||||||
|
|
|
||||||
|
|
@ -212,7 +212,7 @@ async fn test_server_rest_group_lifecycle(rsclient: KanidmClient) {
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
let members = rsclient.idm_group_get_members("demo_group").await.unwrap();
|
let members = rsclient.idm_group_get_members("demo_group").await.unwrap();
|
||||||
assert!(members == None);
|
assert!(members.is_none());
|
||||||
|
|
||||||
// Delete the group
|
// Delete the group
|
||||||
rsclient.idm_group_delete("demo_group").await.unwrap();
|
rsclient.idm_group_delete("demo_group").await.unwrap();
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue