mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

20230125 pre rel cleanup (#1348)

Browse source
This commit is contained in:
Firstyear 2023-01-28 13:52:44 +10:00 committed by GitHub
parent 3894dd43df
commit 6f7afc0a72
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
47 changed files with 420 additions and 435 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
kanidm_unix_int/src/daemon.rs
View file

@ -51,7 +51,7 @@ impl Decoder for ClientCodec {
type Item = ClientRequest;
fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
match serde_json::from_slice::<ClientRequest>(&src) {
match serde_json::from_slice::<ClientRequest>(src) {
Ok(msg) => {
// Clear the buffer for the next message.
src.clear();
@ -89,7 +89,7 @@ impl Decoder for TaskCodec {
type Item = TaskResponse;
fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
match serde_json::from_slice::<TaskResponse>(&src) {
match serde_json::from_slice::<TaskResponse>(src) {
Ok(msg) => {
// Clear the buffer for the next message.
src.clear();
@ -419,11 +419,9 @@ async fn main() {
if clap_args.get_flag("skip-root-check") {
warn!("Skipping root user check, if you're running this for testing, ensure you clean up temporary files.")
// TODO: this wording is not great m'kay.
} else {
if cuid == 0 || ceuid == 0 || cgid == 0 || cegid == 0 {
error!("Refusing to run - this process must not operate as root.");
return;
}
} else if cuid == 0 || ceuid == 0 || cgid == 0 || cegid == 0 {
error!("Refusing to run - this process must not operate as root.");
return;
};
if clap_args.get_flag("debug") {
std::env::set_var("RUST_LOG", "debug");
@ -542,7 +540,7 @@ async fn main() {
// Check the db path will be okay.
if cfg.db_path != "" {
if !cfg.db_path.is_empty() {
let db_path = PathBuf::from(cfg.db_path.as_str());
// We only need to check the parent folder path permissions as the db itself may not exist yet.
if let Some(db_parent_path) = db_path.parent() {
@ -551,7 +549,7 @@ async fn main() {
"Refusing to run, DB folder {} does not exist",
db_parent_path
.to_str()
.unwrap_or_else(|| "<db_parent_path invalid>")
.unwrap_or("<db_parent_path invalid>")
);
return
}
@ -565,7 +563,7 @@ async fn main() {
"Unable to read metadata for {} - {:?}",
db_par_path_buf
.to_str()
.unwrap_or_else(|| "<db_par_path_buf invalid>"),
.unwrap_or("<db_par_path_buf invalid>"),
e
);
return
@ -577,19 +575,19 @@ async fn main() {
"Refusing to run - DB folder {} may not be a directory",
db_par_path_buf
.to_str()
.unwrap_or_else(|| "<db_par_path_buf invalid>")
.unwrap_or("<db_par_path_buf invalid>")
);
return
}
if !file_permissions_readonly(&i_meta) {
warn!("WARNING: DB folder permissions on {} indicate it may not be RW. This could cause the server start up to fail!", db_par_path_buf.to_str()
.unwrap_or_else(|| "<db_par_path_buf invalid>")
.unwrap_or("<db_par_path_buf invalid>")
);
}
if i_meta.mode() & 0o007 != 0 {
warn!("WARNING: DB folder {} has 'everyone' permission bits in the mode. This could be a security risk ...", db_par_path_buf.to_str()
.unwrap_or_else(|| "<db_par_path_buf invalid>")
.unwrap_or("<db_par_path_buf invalid>")
);
}
}
@ -599,7 +597,7 @@ async fn main() {
if !db_path.is_file() {
error!(
"Refusing to run - DB path {} already exists and is not a file.",
db_path.to_str().unwrap_or_else(|| "<db_path invalid>")
db_path.to_str().unwrap_or("<db_path invalid>")
);
return
};
@ -609,7 +607,7 @@ async fn main() {
Err(e) => {
error!(
"Unable to read metadata for {} - {:?}",
db_path.to_str().unwrap_or_else(|| "<db_path invalid>"),
db_path.to_str().unwrap_or("<db_path invalid>"),
e
);
return

16
kanidm_unix_int/src/db.rs
View file

@ -738,7 +738,7 @@ mod tests {
#[tokio::test]
async fn test_cache_db_account_basic() {
let _ = sketching::test_init();
sketching::test_init();
let db = Db::new("").expect("failed to create.");
let dbtxn = db.write().await;
assert!(dbtxn.migrate().is_ok());
@ -822,7 +822,7 @@ mod tests {
#[tokio::test]
async fn test_cache_db_group_basic() {
let _ = sketching::test_init();
sketching::test_init();
let db = Db::new("").expect("failed to create.");
let dbtxn = db.write().await;
assert!(dbtxn.migrate().is_ok());
@ -897,7 +897,7 @@ mod tests {
#[tokio::test]
async fn test_cache_db_account_group_update() {
let _ = sketching::test_init();
sketching::test_init();
let db = Db::new("").expect("failed to create.");
let dbtxn = db.write().await;
assert!(dbtxn.migrate().is_ok());
@ -930,7 +930,7 @@ mod tests {
// First, add the groups.
ut1.groups.iter().for_each(|g| {
dbtxn.update_group(&g, 0).unwrap();
dbtxn.update_group(g, 0).unwrap();
});
// The add the account
@ -958,14 +958,14 @@ mod tests {
.get_group_members("b500be97-8552-42a5-aca0-668bc5625705")
.unwrap();
assert!(m1[0].name == "testuser");
assert!(m2.len() == 0);
assert!(m2.is_empty());
assert!(dbtxn.commit().is_ok());
}
#[tokio::test]
async fn test_cache_db_account_password() {
let _ = sketching::test_init();
sketching::test_init();
let db = Db::new("").expect("failed to create.");
let dbtxn = db.write().await;
assert!(dbtxn.migrate().is_ok());
@ -1014,7 +1014,7 @@ mod tests {
#[tokio::test]
async fn test_cache_db_group_rename_duplicate() {
let _ = sketching::test_init();
sketching::test_init();
let db = Db::new("").expect("failed to create.");
let dbtxn = db.write().await;
assert!(dbtxn.migrate().is_ok());
@ -1069,7 +1069,7 @@ mod tests {
#[tokio::test]
async fn test_cache_db_account_rename_duplicate() {
let _ = sketching::test_init();
sketching::test_init();
let db = Db::new("").expect("failed to create.");
let dbtxn = db.write().await;
assert!(dbtxn.migrate().is_ok());

8
kanidm_unix_int/src/tasks_daemon.rs
View file

@ -39,7 +39,7 @@ impl Decoder for TaskCodec {
type Item = TaskRequest;
fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
match serde_json::from_slice::<TaskRequest>(&src) {
match serde_json::from_slice::<TaskRequest>(src) {
Ok(msg) => {
// Clear the buffer for the next message.
src.clear();
@ -90,8 +90,7 @@ fn create_home_directory(
let name = info
.name
.trim_start_matches('.')
.replace("/", "")
.replace("\\", "");
.replace(['/', '\\'], "");
let home_prefix_path = Path::new(home_prefix);
@ -154,8 +153,7 @@ fn create_home_directory(
// let alias = alias.replace(".", "").replace("/", "").replace("\\", "");
let alias = alias
.trim_start_matches('.')
.replace("/", "")
.replace("\\", "");
.replace(['/', '\\'], "");
let alias_path_raw = format!("{}{}", home_prefix, alias);
let alias_path = Path::new(&alias_path_raw);

2
kanidm_unix_int/src/test_auth.rs
View file

@ -29,7 +29,7 @@ async fn main() {
let cfg = KanidmUnixdConfig::new()
.read_options_from_optional_config(DEFAULT_CONFIG_PATH)
.expect(&format!("Failed to parse {}", DEFAULT_CONFIG_PATH));
.unwrap_or_else(|_| panic!("Failed to parse {}", DEFAULT_CONFIG_PATH));
let password = rpassword::prompt_password("Enter Unix password: ").unwrap();

22
kanidm_unix_int/tests/cache_layer_test.rs
View file

@ -40,7 +40,7 @@ where
}
async fn setup_test(fix_fn: Fixture) -> (CacheLayer, KanidmClient) {
let _ = sketching::test_init();
sketching::test_init();
let mut counter = 0;
let port = loop {
@ -183,7 +183,7 @@ async fn test_cache_sshkey() {
.get_sshkeys("testaccount1")
.await
.expect("Failed to get from cache.");
assert!(sk.len() == 0);
assert!(sk.is_empty());
// Bring ourselves online.
cachelayer.attempt_online().await;
@ -228,7 +228,7 @@ async fn test_cache_account() {
assert!(ut.is_some());
// #392: Check that a `shell=None` is set to `default_shell`.
assert!(ut.unwrap().shell == DEFAULT_SHELL.to_string());
assert!(ut.unwrap().shell == *DEFAULT_SHELL);
// go offline
cachelayer.mark_offline().await;
@ -277,7 +277,7 @@ async fn test_cache_group() {
assert!(gt.is_some());
// And check we have no members in the group. Members are an artifact of
// user lookups!
assert!(gt.unwrap().members.len() == 0);
assert!(gt.unwrap().members.is_empty());
// clear cache, go online
assert!(cachelayer.invalidate().await.is_ok());
@ -465,7 +465,7 @@ async fn test_cache_account_password() {
.pam_account_authenticate("testaccount1", TESTACCOUNT1_PASSWORD_B)
.await
.expect("failed to authenticate");
assert!(a7 == None);
assert!(a7.is_none());
// go online
cachelayer.attempt_online().await;
@ -520,13 +520,13 @@ async fn test_cache_account_pam_nonexist() {
.pam_account_allowed("NO_SUCH_ACCOUNT")
.await
.expect("failed to authenticate");
assert!(a1 == None);
assert!(a1.is_none());
let a2 = cachelayer
.pam_account_authenticate("NO_SUCH_ACCOUNT", TESTACCOUNT1_PASSWORD_B)
.await
.expect("failed to authenticate");
assert!(a2 == None);
assert!(a2.is_none());
cachelayer.mark_offline().await;
@ -534,13 +534,13 @@ async fn test_cache_account_pam_nonexist() {
.pam_account_allowed("NO_SUCH_ACCOUNT")
.await
.expect("failed to authenticate");
assert!(a1 == None);
assert!(a1.is_none());
let a2 = cachelayer
.pam_account_authenticate("NO_SUCH_ACCOUNT", TESTACCOUNT1_PASSWORD_B)
.await
.expect("failed to authenticate");
assert!(a2 == None);
assert!(a2.is_none());
}
#[tokio::test]
@ -579,7 +579,7 @@ async fn test_cache_account_expiry() {
.get_sshkeys("testaccount1")
.await
.expect("Failed to get from cache.");
assert!(sk.len() == 0);
assert!(sk.is_empty());
// Pam account allowed should be denied.
let a3 = cachelayer
@ -603,7 +603,7 @@ async fn test_cache_account_expiry() {
.get_sshkeys("testaccount1")
.await
.expect("Failed to get from cache.");
assert!(sk.len() == 0);
assert!(sk.is_empty());
// Pam account allowed should be denied.
let a5 = cachelayer

2
kanidmd/core/src/https/manifest.rs
View file

@ -128,7 +128,7 @@ pub async fn manifest(req: tide::Request<AppState>) -> tide::Result {
];
let start_url = match req.host() {
Some(value) => format!("https://{}/", value).clone(),
Some(value) => format!("https://{}/", value),
None => String::from("/"),
};

9
kanidmd/core/src/https/middleware.rs
View file

@ -110,13 +110,10 @@ impl<State: Clone + Send + Sync + 'static> tide::Middleware<State> for StrictRes
Ok(response)
}
}
#[derive(Default)]
struct StrictRequestMiddleware;
impl Default for StrictRequestMiddleware {
fn default() -> Self {
StrictRequestMiddleware {}
}
}
#[async_trait::async_trait]
impl<State: Clone + Send + Sync + 'static> tide::Middleware<State> for StrictRequestMiddleware {
@ -157,7 +154,7 @@ pub struct UIContentSecurityPolicyResponseMiddleware {
}
impl UIContentSecurityPolicyResponseMiddleware {
pub fn new(hashes: Vec<JavaScriptFile>) -> Self {
return Self { hashes };
Self { hashes }
}
}

6
kanidmd/core/src/https/mod.rs
View file

@ -344,7 +344,8 @@ pub fn create_https_server(
if !matches!(role, ServerRole::WriteReplicaNoUI) {
// let's set up the list of js module hashes
for filepath in ["wasmloader.js"] {
{
let filepath = "wasmloader.js";
js_files.push(JavaScriptFile {
filepath,
hash: generate_integrity_hash(format!(
@ -357,7 +358,8 @@ pub fn create_https_server(
});
}
// let's set up the list of non-module hashes
for filepath in ["external/bootstrap.bundle.min.js"] {
{
let filepath = "external/bootstrap.bundle.min.js";
js_files.push(JavaScriptFile {
filepath,
hash: generate_integrity_hash(format!(

9
kanidmd/core/src/https/routemaps.rs
View file

@ -77,17 +77,12 @@ pub struct RouteInfo {
}
#[derive(Clone, Debug, Deserialize, Serialize)]
#[derive(Default)]
pub struct RouteMap {
pub routelist: Vec<RouteInfo>,
}
impl Default for RouteMap {
fn default() -> Self {
RouteMap {
routelist: Vec::new(),
}
}
}
impl RouteMap {
// Serializes the object out to a pretty JSON blob

6
kanidmd/core/src/https/v1.rs
View file

@ -584,7 +584,7 @@ pub async fn account_get_id_credential_update_intent(req: tide::Request<AppState
})
.ok()
})
.map(|s| Duration::from_secs(s));
.map(Duration::from_secs);
let (eventid, hvalue) = req.new_eventid();
@ -1115,7 +1115,7 @@ pub async fn auth(mut req: tide::Request<AppState>) -> tide::Result {
let jws = Jws::new(SessionId { sessionid });
// Get the header token ready.
jws.sign(&kref)
jws.sign(kref)
.map(|jwss| {
auth_session_id_tok = Some(jwss.to_string());
})
@ -1141,7 +1141,7 @@ pub async fn auth(mut req: tide::Request<AppState>) -> tide::Result {
let kref = &req.state().jws_signer;
// Get the header token ready.
let jws = Jws::new(SessionId { sessionid });
jws.sign(&kref)
jws.sign(kref)
.map(|jwss| {
auth_session_id_tok = Some(jwss.to_string());
})

20
kanidmd/daemon/src/main.rs
View file

@ -53,7 +53,7 @@ impl KanidmdOpt {
}
| KanidmdOpt::DbScan {
commands: DbScanOpt::ListIndexAnalysis(sopt),
} => &sopt,
} => sopt,
KanidmdOpt::Database {
commands: DbCommands::Backup(bopt),
} => &bopt.commonopts,
@ -70,18 +70,18 @@ impl KanidmdOpt {
} => &dopt.commonopts,
KanidmdOpt::DomainSettings {
commands: DomainSettingsCmds::DomainChange(sopt),
} => &sopt,
} => sopt,
KanidmdOpt::Database {
commands: DbCommands::Verify(sopt),
}
| KanidmdOpt::Database {
commands: DbCommands::Reindex(sopt),
} => &sopt,
} => sopt,
KanidmdOpt::Database {
commands: DbCommands::Vacuum(copt),
} => &copt,
} => copt,
KanidmdOpt::HealthCheck(hcopt) => &hcopt.commonopts,
KanidmdOpt::Version(copt) => &copt,
KanidmdOpt::Version(copt) => copt,
}
}
}
@ -231,10 +231,10 @@ async fn main() {
}
}
config.update_db_path(&sconfig.db_path.as_str());
config.update_db_path(sconfig.db_path.as_str());
config.update_db_fs_type(&sconfig.db_fs_type);
config.update_origin(&sconfig.origin.as_str());
config.update_domain(&sconfig.domain.as_str());
config.update_origin(sconfig.origin.as_str());
config.update_domain(sconfig.domain.as_str());
config.update_db_arc_size(sconfig.db_arc_size);
config.update_role(sconfig.role);
config.update_output_mode(opt.commands.commonopt().output_mode.to_owned().into());
@ -493,7 +493,7 @@ async fn main() {
if error.is_timeout() {
format!("Timeout connecting to url={healthcheck_url}")
} else if error.is_connect() {
format!("Connection failed: {}", error.to_string())
format!("Connection failed: {}", error)
} else {
format!("Failed to complete healthcheck: {:?}", error)
}
@ -506,7 +506,7 @@ async fn main() {
println!("OK")
}
KanidmdOpt::Version(_) => {
return
}
}
})

2
kanidmd/lib/benches/scaling_10k.rs
View file

@ -3,7 +3,7 @@ use std::time::{Duration, Instant};
use criterion::{
criterion_group, criterion_main, BenchmarkId, Criterion, SamplingMode, Throughput,
};
use kanidmd_lib;
use kanidmd_lib::entry::{Entry, EntryInit, EntryNew};
use kanidmd_lib::entry_init;
use kanidmd_lib::utils::duration_from_epoch_now;

4
kanidmd/lib/src/be/idl_sqlite.rs
View file

@ -1579,11 +1579,11 @@ mod tests {
#[test]
fn test_idl_sqlite_verify() {
let _ = sketching::test_init();
sketching::test_init();
let cfg = BackendConfig::new_test("main");
let be = IdlSqlite::new(&cfg, false).unwrap();
let be_w = be.write();
let r = be_w.verify();
assert!(r.len() == 0);
assert!(r.is_empty());
}
}

62
kanidmd/lib/src/be/mod.rs
View file

@ -1923,7 +1923,7 @@ mod tests {
e.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
let e = unsafe { e.into_sealed_new() };
let single_result = be.create(&CID_ZERO, vec![e.clone()]);
let single_result = be.create(&CID_ZERO, vec![e]);
assert!(single_result.is_ok());
// Test a simple EQ search
@ -1981,10 +1981,10 @@ mod tests {
// However, with some unsafe ....
let ue1 = unsafe { e1.clone().into_sealed_committed() };
assert!(be
.modify(&CID_ZERO, &vec![Arc::new(ue1.clone())], &vec![ue1])
.modify(&CID_ZERO, &[Arc::new(ue1.clone())], &[ue1])
.is_err());
// Modify none
assert!(be.modify(&CID_ZERO, &vec![], &vec![]).is_err());
assert!(be.modify(&CID_ZERO, &[], &[]).is_err());
// Make some changes to r1, r2.
let pre1 = unsafe { Arc::new(r1.clone().into_sealed_committed()) };
@ -1999,7 +1999,7 @@ mod tests {
// Modify single
assert!(be
.modify(&CID_ZERO, &vec![pre1.clone()], &vec![vr1.clone()])
.modify(&CID_ZERO, &[pre1], &[vr1.clone()])
.is_ok());
// Assert no other changes
assert!(entry_attr_pres!(be, vr1, "desc"));
@ -2009,8 +2009,8 @@ mod tests {
assert!(be
.modify(
&CID_ZERO,
&vec![Arc::new(vr1.clone()), pre2.clone()],
&vec![vr1.clone(), vr2.clone()]
&[Arc::new(vr1.clone()), pre2],
&[vr1.clone(), vr2.clone()]
)
.is_ok());
@ -2065,7 +2065,7 @@ mod tests {
let r1_ts = unsafe { r1.to_tombstone(CID_ONE.clone()).into_sealed_committed() };
assert!(be
.modify(&CID_ONE, &vec![r1.clone(),], &vec![r1_ts.clone()])
.modify(&CID_ONE, &[r1], &[r1_ts.clone()])
.is_ok());
let r2_ts = unsafe { r2.to_tombstone(CID_TWO.clone()).into_sealed_committed() };
@ -2074,8 +2074,8 @@ mod tests {
assert!(be
.modify(
&CID_TWO,
&vec![r2.clone(), r3.clone()],
&vec![r2_ts.clone(), r3_ts.clone()]
&[r2, r3],
&[r2_ts.clone(), r3_ts.clone()]
)
.is_ok());
@ -2166,7 +2166,7 @@ mod tests {
be.backup(&db_backup_file_name).expect("Backup failed!");
be.restore(&db_backup_file_name).expect("Restore failed!");
assert!(be.verify().len() == 0);
assert!(be.verify().is_empty());
});
}
@ -2244,7 +2244,7 @@ mod tests {
be.restore(&db_backup_file_name).expect("Restore failed!");
assert!(be.verify().len() == 0);
assert!(be.verify().is_empty());
});
}
@ -2288,7 +2288,7 @@ mod tests {
e2.add_ava("uuid", Value::from("bd651620-00dd-426b-aaa0-4494f7b7906f"));
let e2 = unsafe { e2.into_sealed_new() };
be.create(&CID_ZERO, vec![e1.clone(), e2.clone()]).unwrap();
be.create(&CID_ZERO, vec![e1, e2]).unwrap();
// purge indexes
be.purge_idxs().unwrap();
@ -2380,7 +2380,7 @@ mod tests {
e1.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
let e1 = unsafe { e1.into_sealed_new() };
let rset = be.create(&CID_ZERO, vec![e1.clone()]).unwrap();
let rset = be.create(&CID_ZERO, vec![e1]).unwrap();
let mut rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
let e1 = rset.pop().unwrap();
@ -2406,7 +2406,7 @@ mod tests {
// == Now we reap_tombstones, and assert we removed the items.
let e1_ts = unsafe { e1.to_tombstone(CID_ONE.clone()).into_sealed_committed() };
assert!(be
.modify(&CID_ONE, &vec![e1.clone()], &vec![e1_ts.clone()])
.modify(&CID_ONE, &[e1], &[e1_ts])
.is_ok());
be.reap_tombstones(&CID_TWO).unwrap();
@ -2454,7 +2454,7 @@ mod tests {
let e3 = unsafe { e3.into_sealed_new() };
let mut rset = be
.create(&CID_ZERO, vec![e1.clone(), e2.clone(), e3.clone()])
.create(&CID_ZERO, vec![e1, e2, e3])
.unwrap();
rset.remove(1);
let mut rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
@ -2467,8 +2467,8 @@ mod tests {
assert!(be
.modify(
&CID_ONE,
&vec![e1.clone(), e3.clone()],
&vec![e1_ts.clone(), e3_ts.clone()]
&[e1, e3],
&[e1_ts, e3_ts]
)
.is_ok());
be.reap_tombstones(&CID_TWO).unwrap();
@ -2520,7 +2520,7 @@ mod tests {
e1.add_ava("ta", Value::from("test"));
let e1 = unsafe { e1.into_sealed_new() };
let rset = be.create(&CID_ZERO, vec![e1.clone()]).unwrap();
let rset = be.create(&CID_ZERO, vec![e1]).unwrap();
let rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
// Now, alter the new entry.
let mut ce1 = unsafe { rset[0].as_ref().clone().into_invalid() };
@ -2534,7 +2534,7 @@ mod tests {
let ce1 = unsafe { ce1.into_sealed_committed() };
be.modify(&CID_ZERO, &rset, &vec![ce1]).unwrap();
be.modify(&CID_ZERO, &rset, &[ce1]).unwrap();
// Now check the idls
idl_state!(be, "name", IndexType::Equality, "claire", Some(vec![1]));
@ -2565,7 +2565,7 @@ mod tests {
e1.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
let e1 = unsafe { e1.into_sealed_new() };
let rset = be.create(&CID_ZERO, vec![e1.clone()]).unwrap();
let rset = be.create(&CID_ZERO, vec![e1]).unwrap();
let rset: Vec<_> = rset.into_iter().map(Arc::new).collect();
// Now, alter the new entry.
let mut ce1 = unsafe { rset[0].as_ref().clone().into_invalid() };
@ -2575,7 +2575,7 @@ mod tests {
ce1.add_ava("uuid", Value::from("04091a7a-6ce4-42d2-abf5-c2ce244ac9e8"));
let ce1 = unsafe { ce1.into_sealed_committed() };
be.modify(&CID_ZERO, &rset, &vec![ce1]).unwrap();
be.modify(&CID_ZERO, &rset, &[ce1]).unwrap();
idl_state!(be, "name", IndexType::Equality, "claire", Some(vec![1]));
@ -2628,7 +2628,7 @@ mod tests {
e2.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d2"));
let e2 = unsafe { e2.into_sealed_new() };
let _rset = be.create(&CID_ZERO, vec![e1.clone(), e2.clone()]).unwrap();
let _rset = be.create(&CID_ZERO, vec![e1, e2]).unwrap();
// Test fully unindexed
let f_un =
unsafe { filter_resolved!(f_eq("no-index", PartialValue::new_utf8s("william"))) };
@ -2946,7 +2946,7 @@ mod tests {
let e3 = unsafe { e3.into_sealed_new() };
let _rset = be
.create(&CID_ZERO, vec![e1.clone(), e2.clone(), e3.clone()])
.create(&CID_ZERO, vec![e1, e2, e3])
.unwrap();
// If the slopes haven't been generated yet, there are some hardcoded values
@ -3035,7 +3035,7 @@ mod tests {
assert!(single_result.is_ok());
let filt = unsafe {
e.filter_from_attrs(&vec![AttrString::from("nonexist")])
e.filter_from_attrs(&[AttrString::from("nonexist")])
.expect("failed to generate filter")
.into_valid_resolved()
};
@ -3071,7 +3071,7 @@ mod tests {
assert!(single_result.is_ok());
let filt = unsafe {
e.filter_from_attrs(&vec![AttrString::from("nonexist")])
e.filter_from_attrs(&[AttrString::from("nonexist")])
.expect("failed to generate filter")
.into_valid_resolved()
};
@ -3125,7 +3125,7 @@ mod tests {
e.add_ava("nonexist", Value::from("x"));
e.add_ava("nonexist", Value::from("y"));
let e = unsafe { e.into_sealed_new() };
let single_result = be.create(&CID_ZERO, vec![e.clone()]);
let single_result = be.create(&CID_ZERO, vec![e]);
assert!(single_result.is_ok());
// Reindex so we have things in place for our query
@ -3170,7 +3170,7 @@ mod tests {
#[test]
fn test_be_mulitple_create() {
let _ = sketching::test_init();
sketching::test_init();
// This is a demo idxmeta, purely for testing.
let idxmeta = vec![IdxKey {
@ -3195,7 +3195,7 @@ mod tests {
e.add_ava("uuid", Value::from("db237e8a-0079-4b8c-8a56-593b22aa44d1"));
let e = unsafe { e.into_sealed_new() };
let single_result = be_a_txn.create(&CID_ZERO, vec![e.clone()]);
let single_result = be_a_txn.create(&CID_ZERO, vec![e]);
assert!(single_result.is_ok());
@ -3208,7 +3208,7 @@ mod tests {
assert!(r.expect("Search failed!").len() == 1);
let r = be_b_txn.search(&lims, &filt);
assert!(r.expect("Search failed!").len() == 0);
assert!(r.expect("Search failed!").is_empty());
// Create into B
let mut e: Entry<EntryInit, EntryNew> = Entry::new();
@ -3216,7 +3216,7 @@ mod tests {
e.add_ava("uuid", Value::from("0c680959-0944-47d6-9dea-53304d124266"));
let e = unsafe { e.into_sealed_new() };
let single_result = be_b_txn.create(&CID_ZERO, vec![e.clone()]);
let single_result = be_b_txn.create(&CID_ZERO, vec![e]);
assert!(single_result.is_ok());
@ -3226,7 +3226,7 @@ mod tests {
let lims = Limits::unlimited();
let r = be_a_txn.search(&lims, &filt);
assert!(r.expect("Search failed!").len() == 0);
assert!(r.expect("Search failed!").is_empty());
let r = be_b_txn.search(&lims, &filt);
assert!(r.expect("Search failed!").len() == 1);

4
kanidmd/lib/src/credential/mod.rs
View file

@ -1283,7 +1283,7 @@ mod tests {
#[test]
fn test_password_from_ipa_nt_hash() {
let _ = sketching::test_init();
sketching::test_init();
// Base64 no pad
let im_pw = "ipaNTHash: iEb36u6PsRetBr3YMLdYbA";
let password = "password";
@ -1304,7 +1304,7 @@ mod tests {
#[test]
fn test_password_from_samba_nt_hash() {
let _ = sketching::test_init();
sketching::test_init();
// Base64 no pad
let im_pw = "sambaNTPassword: 8846F7EAEE8FB117AD06BDD830B7586C";
let password = "password";

2
kanidmd/lib/src/credential/policy.rs
View file

@ -11,7 +11,7 @@ impl CryptoPolicy {
#[cfg(test)]
pub(crate) fn minimum() -> Self {
CryptoPolicy {
pbkdf2_cost: PBKDF2_MIN_NIST_COST as usize,
pbkdf2_cost: PBKDF2_MIN_NIST_COST,
}
}

2
kanidmd/lib/src/credential/totp.rs
View file

@ -368,7 +368,7 @@ mod tests {
let key = vec![0x00, 0xaa, 0xbb, 0xcc];
let secs = 1585369780;
let otp = Totp::new(
key.clone(),
key,
TOTP_DEFAULT_STEP,
TotpAlgo::Sha512,
TotpDigits::Six,

50
kanidmd/lib/src/entry.rs
View file

@ -438,7 +438,7 @@ impl Entry<EntryInit, EntryNew> {
}
"displayname" | "description" | "domain_display_name" => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_utf8(v))
vs.into_iter().map(Value::new_utf8)
)
}
"spn" => {
@ -476,7 +476,7 @@ impl Entry<EntryInit, EntryNew> {
ia => {
warn!("WARNING: Allowing invalid attribute {} to be interpreted as UTF8 string. YOU MAY ENCOUNTER ODD BEHAVIOUR!!!", ia);
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_utf8(v))
vs.into_iter().map(Value::new_utf8)
)
}
}
@ -547,7 +547,7 @@ impl Entry<EntryInit, EntryNew> {
valid: EntryValid {
cid,
eclog,
uuid: self.get_uuid().expect("Invalid uuid").clone(),
uuid: self.get_uuid().expect("Invalid uuid"),
},
state: EntryNew,
attrs: self.attrs,
@ -561,8 +561,7 @@ impl Entry<EntryInit, EntryNew> {
let eclog = EntryChangelog::new_without_schema(cid, self.attrs.clone());
let uuid = self
.get_uuid()
.and_then(|u| Some(u.clone()))
.unwrap_or_else(|| Uuid::new_v4());
.unwrap_or_else(Uuid::new_v4);
Entry {
valid: EntrySealed { uuid, eclog },
state: EntryCommitted { id: 0 },
@ -578,7 +577,7 @@ impl Entry<EntryInit, EntryNew> {
Entry {
valid: EntrySealed {
uuid: self.get_uuid().expect("Invalid uuid").clone(),
uuid: self.get_uuid().expect("Invalid uuid"),
eclog,
},
state: EntryNew,
@ -890,7 +889,7 @@ where
impl Entry<EntryInvalid, EntryCommitted> {
#[cfg(test)]
pub unsafe fn into_valid_new(self) -> Entry<EntryValid, EntryNew> {
let uuid = self.get_uuid().expect("Invalid uuid").clone();
let uuid = self.get_uuid().expect("Invalid uuid");
Entry {
valid: EntryValid {
cid: self.valid.cid,
@ -937,7 +936,7 @@ impl Entry<EntryInvalid, EntryCommitted> {
impl Entry<EntryInvalid, EntryNew> {
#[cfg(test)]
pub unsafe fn into_valid_new(self) -> Entry<EntryValid, EntryNew> {
let uuid = self.get_uuid().expect("Invalid uuid").clone();
let uuid = self.get_uuid().expect("Invalid uuid");
Entry {
valid: EntryValid {
cid: self.valid.cid,
@ -953,8 +952,7 @@ impl Entry<EntryInvalid, EntryNew> {
pub unsafe fn into_sealed_committed(self) -> Entry<EntrySealed, EntryCommitted> {
let uuid = self
.get_uuid()
.and_then(|u| Some(u.clone()))
.unwrap_or_else(|| Uuid::new_v4());
.unwrap_or_else(Uuid::new_v4);
Entry {
valid: EntrySealed {
uuid,
@ -987,8 +985,7 @@ impl Entry<EntryInvalid, EntryNew> {
pub unsafe fn into_valid_committed(self) -> Entry<EntryValid, EntryCommitted> {
let uuid = self
.get_uuid()
.and_then(|u| Some(u.clone()))
.unwrap_or_else(|| Uuid::new_v4());
.unwrap_or_else(Uuid::new_v4);
Entry {
valid: EntryValid {
cid: self.valid.cid,
@ -1006,8 +1003,7 @@ impl Entry<EntryInvalid, EntryCommitted> {
pub unsafe fn into_sealed_committed(self) -> Entry<EntrySealed, EntryCommitted> {
let uuid = self
.get_uuid()
.and_then(|u| Some(u.clone()))
.unwrap_or_else(|| Uuid::new_v4());
.unwrap_or_else(Uuid::new_v4);
Entry {
valid: EntrySealed {
uuid,
@ -2654,17 +2650,17 @@ mod tests {
e1.add_ava("a", Value::new_uint32(10));
assert!(e1.attribute_lessthan("a", &pv2) == false);
assert!(e1.attribute_lessthan("a", &pv8) == false);
assert!(e1.attribute_lessthan("a", &pv10) == false);
assert!(e1.attribute_lessthan("a", &pv15) == true);
assert!(!e1.attribute_lessthan("a", &pv2));
assert!(!e1.attribute_lessthan("a", &pv8));
assert!(!e1.attribute_lessthan("a", &pv10));
assert!(e1.attribute_lessthan("a", &pv15));
e1.add_ava("a", Value::new_uint32(8));
assert!(e1.attribute_lessthan("a", &pv2) == false);
assert!(e1.attribute_lessthan("a", &pv8) == false);
assert!(e1.attribute_lessthan("a", &pv10) == true);
assert!(e1.attribute_lessthan("a", &pv15) == true);
assert!(!e1.attribute_lessthan("a", &pv2));
assert!(!e1.attribute_lessthan("a", &pv8));
assert!(e1.attribute_lessthan("a", &pv10));
assert!(e1.attribute_lessthan("a", &pv15));
}
#[test]
@ -2827,7 +2823,7 @@ mod tests {
// Check no changes
let no_r = Entry::idx_diff(&idxmeta, Some(&e1), Some(&e1));
assert!(no_r.len() == 0);
assert!(no_r.is_empty());
// Check "adding" an attribute.
let add_a_r = Entry::idx_diff(&idxmeta, Some(&e1), Some(&e1_mod));
@ -3003,7 +2999,7 @@ mod tests {
#[test]
fn test_entry_idx_uuid2spn_diff() {
assert!(Entry::idx_uuid2spn_diff(None, None) == None);
assert!(Entry::idx_uuid2spn_diff(None, None).is_none());
let mut e1: Entry<EntryInit, EntryNew> = Entry::new();
e1.add_ava("spn", Value::new_spn_str("testperson", "example.com"));
@ -3018,7 +3014,7 @@ mod tests {
== Some(Ok(Value::new_spn_str("testperson", "example.com")))
);
assert!(Entry::idx_uuid2spn_diff(Some(&e1), None) == Some(Err(())));
assert!(Entry::idx_uuid2spn_diff(Some(&e1), Some(&e1)) == None);
assert!(Entry::idx_uuid2spn_diff(Some(&e1), Some(&e1)).is_none());
assert!(
Entry::idx_uuid2spn_diff(Some(&e1), Some(&e2))
== Some(Ok(Value::new_spn_str("renameperson", "example.com")))
@ -3027,7 +3023,7 @@ mod tests {
#[test]
fn test_entry_idx_uuid2rdn_diff() {
assert!(Entry::idx_uuid2rdn_diff(None, None) == None);
assert!(Entry::idx_uuid2rdn_diff(None, None).is_none());
let mut e1: Entry<EntryInit, EntryNew> = Entry::new();
e1.add_ava("spn", Value::new_spn_str("testperson", "example.com"));
@ -3042,7 +3038,7 @@ mod tests {
== Some(Ok("spn=testperson@example.com".to_string()))
);
assert!(Entry::idx_uuid2rdn_diff(Some(&e1), None) == Some(Err(())));
assert!(Entry::idx_uuid2rdn_diff(Some(&e1), Some(&e1)) == None);
assert!(Entry::idx_uuid2rdn_diff(Some(&e1), Some(&e1)).is_none());
assert!(
Entry::idx_uuid2rdn_diff(Some(&e1), Some(&e2))
== Some(Ok("spn=renameperson@example.com".to_string()))

8
kanidmd/lib/src/filter.rs
View file

@ -1391,7 +1391,7 @@ mod tests {
#[test]
fn test_filter_optimise() {
let _ = sketching::test_init();
sketching::test_init();
// Given sets of "optimisable" filters, optimise them.
filter_optimise_assert!(
f_and(vec![f_and(vec![f_eq(
@ -1573,13 +1573,13 @@ mod tests {
};
let f_t1a = unsafe { filter_resolved!(f_lt("gidnumber", PartialValue::new_uint32(500))) };
assert!(e.entry_match_no_index(&f_t1a) == false);
assert!(!e.entry_match_no_index(&f_t1a));
let f_t1b = unsafe { filter_resolved!(f_lt("gidnumber", PartialValue::new_uint32(1000))) };
assert!(e.entry_match_no_index(&f_t1b) == false);
assert!(!e.entry_match_no_index(&f_t1b));
let f_t1c = unsafe { filter_resolved!(f_lt("gidnumber", PartialValue::new_uint32(1001))) };
assert!(e.entry_match_no_index(&f_t1c) == true);
assert!(e.entry_match_no_index(&f_t1c));
}
#[test]

2
kanidmd/lib/src/idm/account.rs
View file

@ -697,7 +697,7 @@ mod tests {
idms: &IdmServer,
_idms_delayed: &mut IdmServerDelayed| {
let ct = duration_from_epoch_now();
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
let target_uuid = Uuid::new_v4();

4
kanidmd/lib/src/idm/applinks.rs
View file

@ -84,7 +84,7 @@ mod tests {
idms: &IdmServer,
_idms_delayed: &mut IdmServerDelayed| {
let ct = duration_from_epoch_now();
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
// Create an RS, the user and a group..
let usr_uuid = Uuid::new_v4();
@ -150,7 +150,7 @@ mod tests {
drop(idms_prox_read);
// Add them to the group.
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
let me_inv_m = unsafe {
ModifyEvent::new_internal_invalid(
filter!(f_eq("uuid", PartialValue::Refer(grp_uuid))),

24
kanidmd/lib/src/idm/authsession.rs
View file

@ -929,7 +929,7 @@ mod tests {
fn create_pw_badlist_cache() -> HashSet<String> {
let mut s = HashSet::new();
s.insert((&"list@no3IBTyqHu$bad").to_lowercase());
s.insert("list@no3IBTyqHu$bad".to_lowercase());
s
}
@ -948,7 +948,7 @@ mod tests {
#[test]
fn test_idm_authsession_anonymous_auth_mech() {
let _ = sketching::test_init();
sketching::test_init();
let webauthn = create_webauthn();
@ -1019,7 +1019,7 @@ mod tests {
#[test]
fn test_idm_authsession_simple_password_mech() {
let _ = sketching::test_init();
sketching::test_init();
let webauthn = create_webauthn();
// create the ent
let mut account = entry_str_to_account!(JSON_ADMIN_V1);
@ -1077,7 +1077,7 @@ mod tests {
#[test]
fn test_idm_authsession_simple_password_badlist() {
let _ = sketching::test_init();
sketching::test_init();
let jws_signer = create_jwt_signer();
let webauthn = create_webauthn();
// create the ent
@ -1169,7 +1169,7 @@ mod tests {
#[test]
fn test_idm_authsession_totp_password_mech() {
let _ = sketching::test_init();
sketching::test_init();
let webauthn = create_webauthn();
let jws_signer = create_jwt_signer();
// create the ent
@ -1329,7 +1329,7 @@ mod tests {
#[test]
fn test_idm_authsession_password_mfa_badlist() {
let _ = sketching::test_init();
sketching::test_init();
let webauthn = create_webauthn();
let jws_signer = create_jwt_signer();
// create the ent
@ -1493,7 +1493,7 @@ mod tests {
#[test]
fn test_idm_authsession_webauthn_only_mech() {
let _ = sketching::test_init();
sketching::test_init();
let (async_tx, mut async_rx) = unbounded();
let ts = duration_from_epoch_now();
// create the ent
@ -1631,7 +1631,7 @@ mod tests {
#[test]
fn test_idm_authsession_webauthn_password_mech() {
let _ = sketching::test_init();
sketching::test_init();
let (async_tx, mut async_rx) = unbounded();
let ts = duration_from_epoch_now();
// create the ent
@ -1808,7 +1808,7 @@ mod tests {
#[test]
fn test_idm_authsession_webauthn_password_totp_mech() {
let _ = sketching::test_init();
sketching::test_init();
let (async_tx, mut async_rx) = unbounded();
let ts = duration_from_epoch_now();
// create the ent
@ -2057,7 +2057,7 @@ mod tests {
#[test]
fn test_idm_authsession_backup_code_mech() {
let _ = sketching::test_init();
sketching::test_init();
let jws_signer = create_jwt_signer();
let webauthn = create_webauthn();
// create the ent
@ -2175,7 +2175,7 @@ mod tests {
start_password_mfa_session!(account, &webauthn);
match session.validate_creds(
&AuthCredential::BackupCode(backup_code_good.clone()),
&AuthCredential::BackupCode(backup_code_good),
&ts,
&async_tx,
&webauthn,
@ -2254,7 +2254,7 @@ mod tests {
fn test_idm_authsession_multiple_totp_password_mech() {
// Slightly different to the other TOTP test, this
// checks handling when multiple TOTP's are registered.
let _ = sketching::test_init();
sketching::test_init();
let webauthn = create_webauthn();
let jws_signer = create_jwt_signer();
// create the ent

4
kanidmd/lib/src/idm/ldap.rs
View file

@ -614,7 +614,7 @@ mod tests {
use crate::idm::event::UnixPasswordChangeEvent;
use crate::idm::serviceaccount::GenerateApiTokenEvent;
const TEST_PASSWORD: &'static str = "ntaoeuntnaoeuhraohuercahu😍";
const TEST_PASSWORD: &str = "ntaoeuntnaoeuhraohuercahu😍";
#[test]
fn test_ldap_simple_bind() {
@ -1076,7 +1076,7 @@ mod tests {
let sa_lbt = task::block_on(ldaps.do_bind(idms, "", &apitoken))
.unwrap()
.unwrap();
assert!(sa_lbt.effective_session == LdapSession::ApiToken(apitoken_inner.clone()));
assert!(sa_lbt.effective_session == LdapSession::ApiToken(apitoken_inner));
// Search and retrieve mail that's now accessible.
let r1 = task::block_on(ldaps.do_search(idms, &sr, &sa_lbt)).unwrap();

14
kanidmd/lib/src/idm/oauth2.rs
View file

@ -1883,7 +1883,7 @@ mod tests {
let (_code_verifier, code_challenge) = create_code_verifier!("Whar Garble");
let pkce_request = Some(PkceRequest {
code_challenge: Base64UrlSafeData(code_challenge.clone()),
code_challenge: Base64UrlSafeData(code_challenge),
code_challenge_method: CodeChallengeMethod::S256,
});
@ -2012,7 +2012,7 @@ mod tests {
response_type: "code".to_string(),
client_id: "test_resource_server".to_string(),
state: "123".to_string(),
pkce_request: pkce_request.clone(),
pkce_request,
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
scope: "read openid".to_string(),
nonce: None,
@ -2341,7 +2341,7 @@ mod tests {
let token_req = AccessTokenRequest {
grant_type: "authorization_code".to_string(),
code: permit_success.code.clone(),
code: permit_success.code,
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
client_id: None,
client_secret: None,
@ -2359,7 +2359,7 @@ mod tests {
// Okay, now we have the token, we can check it works with introspect.
let intr_request = AccessTokenIntrospectRequest {
token: oauth2_token.access_token.clone(),
token: oauth2_token.access_token,
token_type_hint: None,
};
let intr_response = idms_prox_read
@ -2456,7 +2456,7 @@ mod tests {
let token_req = AccessTokenRequest {
grant_type: "authorization_code".to_string(),
code: permit_success.code.clone(),
code: permit_success.code,
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
client_id: None,
client_secret: None,
@ -2581,7 +2581,7 @@ mod tests {
// A second invalidation of the token "does nothing".
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
let revoke_request = TokenRevokeRequest {
token: oauth2_token.access_token.clone(),
token: oauth2_token.access_token,
token_type_hint: None,
};
assert!(idms_prox_write
@ -2637,7 +2637,7 @@ mod tests {
let token_req = AccessTokenRequest {
grant_type: "authorization_code".to_string(),
code: permit_success.code.clone(),
code: permit_success.code,
redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(),
client_id: None,
client_secret: None,

16
kanidmd/lib/src/idm/scim.rs
View file

@ -1576,7 +1576,7 @@ mod tests {
let (token_id, issued_at) = sync_tokens
.iter()
.next()
.map(|(k, v)| (*k, v.issued_at.clone()))
.map(|(k, v)| (*k, v.issued_at))
.expect("No sync tokens present");
let purpose = ApiTokenPurpose::ReadWrite;
@ -1690,7 +1690,7 @@ mod tests {
.scim_sync_apply_phase_1(&sse, &changes)
.expect("Failed to run phase 1");
let _ = idms_prox_write
idms_prox_write
.scim_sync_apply_phase_2(&change_entries, sync_uuid)
.expect("Failed to run phase 2");
@ -2246,7 +2246,7 @@ mod tests {
testgroup.get_ava_single_iutf8("sync_external_id")
== Some("cn=testgroup,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au")
);
assert!(testgroup.get_ava_single_uint32("gidnumber") == None);
assert!(testgroup.get_ava_single_uint32("gidnumber").is_none());
let testposix = get_single_entry("testposix", &mut idms_prox_write);
assert!(
@ -2262,7 +2262,7 @@ mod tests {
"cn=testexternal,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au"
)
);
assert!(testexternal.get_ava_single_uint32("gidnumber") == None);
assert!(testexternal.get_ava_single_uint32("gidnumber").is_none());
let testuser = get_single_entry("testuser", &mut idms_prox_write);
assert!(
@ -2320,7 +2320,7 @@ mod tests {
"cn=testexternal2,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au"
)
);
assert!(testexternal.get_ava_single_uint32("gidnumber") == None);
assert!(testexternal.get_ava_single_uint32("gidnumber").is_none());
let testuser = get_single_entry("testuser", &mut idms_prox_write);
@ -2366,7 +2366,7 @@ mod tests {
testgroup.get_ava_single_iutf8("sync_external_id")
== Some("cn=testgroup,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au")
);
assert!(testgroup.get_ava_single_uint32("gidnumber") == None);
assert!(testgroup.get_ava_single_uint32("gidnumber").is_none());
let testposix = get_single_entry("testposix", &mut idms_prox_write);
assert!(
@ -2382,7 +2382,7 @@ mod tests {
"cn=testexternal,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au"
)
);
assert!(testexternal.get_ava_single_uint32("gidnumber") == None);
assert!(testexternal.get_ava_single_uint32("gidnumber").is_none());
let testuser = get_single_entry("testuser", &mut idms_prox_write);
assert!(
@ -2431,7 +2431,7 @@ mod tests {
testgroup.get_ava_single_iutf8("sync_external_id")
== Some("cn=testgroup,cn=groups,cn=accounts,dc=dev,dc=blackhats,dc=net,dc=au")
);
assert!(testgroup.get_ava_single_uint32("gidnumber") == None);
assert!(testgroup.get_ava_single_uint32("gidnumber").is_none());
let testuser = get_single_entry("testuser", &mut idms_prox_write);
assert!(

40
kanidmd/lib/src/idm/server.rs
View file

@ -2254,8 +2254,8 @@ mod tests {
use crate::prelude::*;
use crate::utils::duration_from_epoch_now;
const TEST_PASSWORD: &'static str = "ntaoeuntnaoeuhraohuercahu😍";
const TEST_PASSWORD_INC: &'static str = "ntaoentu nkrcgaeunhibwmwmqj;k wqjbkx ";
const TEST_PASSWORD: &str = "ntaoeuntnaoeuhraohuercahu😍";
const TEST_PASSWORD_INC: &str = "ntaoentu nkrcgaeunhibwmwmqj;k wqjbkx ";
const TEST_CURRENT_TIME: u64 = 6000;
#[test]
@ -2697,7 +2697,7 @@ mod tests {
|_qs: &QueryServer, idms: &IdmServer, _idms_delayed: &IdmServerDelayed| {
let mut idms_prox_write =
task::block_on(idms.proxy_write(duration_from_epoch_now()));
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN.clone());
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN);
// Generates a new credential when none exists
let r1 = idms_prox_write
@ -2718,7 +2718,7 @@ mod tests {
|_qs: &QueryServer, idms: &IdmServer, _idms_delayed: &IdmServerDelayed| {
let mut idms_prox_write =
task::block_on(idms.proxy_write(duration_from_epoch_now()));
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN.clone());
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN);
let r1 = idms_prox_write
.regenerate_radius_secret(&rrse)
@ -2744,14 +2744,14 @@ mod tests {
|_qs: &QueryServer, idms: &IdmServer, _idms_delayed: &IdmServerDelayed| {
let mut idms_prox_write =
task::block_on(idms.proxy_write(duration_from_epoch_now()));
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN.clone());
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN);
let r1 = idms_prox_write
.regenerate_radius_secret(&rrse)
.expect("Failed to reset radius credential 1");
idms_prox_write.commit().expect("failed to commit");
let mut idms_prox_read = task::block_on(idms.proxy_read());
let rate = RadiusAuthTokenEvent::new_internal(UUID_ADMIN.clone());
let rate = RadiusAuthTokenEvent::new_internal(UUID_ADMIN);
let tok_r = idms_prox_read
.get_radiusauthtoken(&rate, duration_from_epoch_now())
.expect("Failed to generate radius auth token");
@ -2851,7 +2851,7 @@ mod tests {
)
);
let ce = CreateEvent::new_internal(vec![e.clone()]);
let ce = CreateEvent::new_internal(vec![e]);
assert!(idms_prox_write.qs_write.create(&ce).is_ok());
@ -2869,7 +2869,7 @@ mod tests {
assert!(tok_g.name == "testgroup");
assert!(tok_g.spn == "testgroup@example.com");
let uute = UnixUserTokenEvent::new_internal(UUID_ADMIN.clone());
let uute = UnixUserTokenEvent::new_internal(UUID_ADMIN);
let tok_r = idms_prox_read
.get_unixusertoken(&uute, duration_from_epoch_now())
.expect("Failed to generate unix user token");
@ -2879,7 +2879,7 @@ mod tests {
assert!(tok_r.groups.len() == 2);
assert!(tok_r.groups[0].name == "admin");
assert!(tok_r.groups[1].name == "testgroup");
assert!(tok_r.valid == true);
assert!(tok_r.valid);
// Show we can get the admin as a unix group token too
let ugte = UnixGroupTokenEvent::new_internal(uuid!(
@ -3231,21 +3231,21 @@ mod tests {
idms_auth.commit().expect("Must not fail");
// Also check the generated unix tokens are invalid.
let mut idms_prox_read = task::block_on(idms.proxy_read());
let uute = UnixUserTokenEvent::new_internal(UUID_ADMIN.clone());
let uute = UnixUserTokenEvent::new_internal(UUID_ADMIN);
let tok_r = idms_prox_read
.get_unixusertoken(&uute, time_low)
.expect("Failed to generate unix user token");
assert!(tok_r.name == "admin");
assert!(tok_r.valid == false);
assert!(!tok_r.valid);
let tok_r = idms_prox_read
.get_unixusertoken(&uute, time_high)
.expect("Failed to generate unix user token");
assert!(tok_r.name == "admin");
assert!(tok_r.valid == false);
assert!(!tok_r.valid);
}
)
}
@ -3265,17 +3265,17 @@ mod tests {
let mut idms_prox_write =
task::block_on(idms.proxy_write(duration_from_epoch_now()));
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN.clone());
let rrse = RegenerateRadiusSecretEvent::new_internal(UUID_ADMIN);
let _r1 = idms_prox_write
.regenerate_radius_secret(&rrse)
.expect("Failed to reset radius credential 1");
idms_prox_write.commit().expect("failed to commit");
let mut idms_prox_read = task::block_on(idms.proxy_read());
let rate = RadiusAuthTokenEvent::new_internal(UUID_ADMIN.clone());
let rate = RadiusAuthTokenEvent::new_internal(UUID_ADMIN);
let tok_r = idms_prox_read.get_radiusauthtoken(&rate, time_low);
if let Err(_) = tok_r {
if tok_r.is_err() {
// Ok?
} else {
assert!(false);
@ -3283,7 +3283,7 @@ mod tests {
let tok_r = idms_prox_read.get_radiusauthtoken(&rate, time_high);
if let Err(_) = tok_r {
if tok_r.is_err() {
// Ok?
} else {
assert!(false);
@ -3779,7 +3779,7 @@ mod tests {
drop(idms_prox_read);
// Mark the session as invalid now.
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
let dte =
DestroySessionTokenEvent::new_internal(uat_inner.uuid, uat_inner.session_id);
assert!(idms_prox_write.account_destroy_session_token(&dte).is_ok());
@ -3810,7 +3810,7 @@ mod tests {
idms: &IdmServer,
_idms_delayed: &mut IdmServerDelayed| {
let ct = Duration::from_secs(TEST_CURRENT_TIME);
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
// get an account.
let account = idms_prox_write
@ -3937,7 +3937,7 @@ mod tests {
//
// fernet_private_key_str
// es256_private_key_der
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
let me_reset_tokens = unsafe {
ModifyEvent::new_internal_invalid(
filter!(f_eq("uuid", PartialValue::Uuid(UUID_DOMAIN_INFO))),
@ -3976,7 +3976,7 @@ mod tests {
idms: &IdmServer,
_idms_delayed: &mut IdmServerDelayed| {
let ct = Duration::from_secs(TEST_CURRENT_TIME);
let mut idms_prox_write = task::block_on(idms.proxy_write(ct.clone()));
let mut idms_prox_write = task::block_on(idms.proxy_write(ct));
let ident = Identity::from_internal();
let target_uuid = Uuid::new_v4();

12
kanidmd/lib/src/plugins/base.rs
View file

@ -352,7 +352,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
run_create_test!(
Err(OperationError::InvalidAttribute("uuid".to_string())),
@ -413,7 +413,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
run_create_test!(
Ok(()),
@ -449,7 +449,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
run_create_test!(
Err(OperationError::Plugin(PluginError::Base(
@ -647,7 +647,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
run_create_test!(
Err(OperationError::Plugin(PluginError::Base(
@ -679,7 +679,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
run_create_test!(
Err(OperationError::Plugin(PluginError::Base(
@ -709,7 +709,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
run_create_test!(
Err(OperationError::Plugin(PluginError::Base(

6
kanidmd/lib/src/plugins/cred_import.rs
View file

@ -132,7 +132,7 @@ mod tests {
use crate::prelude::*;
use kanidm_proto::v1::PluginError;
const IMPORT_HASH: &'static str =
const IMPORT_HASH: &str =
"pbkdf2_sha256$36000$xIEozuZVAoYm$uW1b35DUKyhvQAf1mBqMvoBDcqSD06juzyO/nmyV0+w=";
// const IMPORT_PASSWORD: &'static str = "eicieY7ahchaoCh0eeTa";
@ -153,7 +153,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
run_create_test!(Ok(()), preload, create, None, |_| {});
}
@ -361,7 +361,7 @@ mod tests {
filter!(f_eq("name", PartialValue::new_iutf8("testperson"))),
ModifyList::new_list(vec![Modify::Present(
AttrString::from("totp_import"),
Value::TotpSecret("a".to_string(), totp_a.clone())
Value::TotpSecret("a".to_string(), totp_a)
)]),
None,
|_| {},

10
kanidmd/lib/src/plugins/gidnumber.rs
View file

@ -118,7 +118,7 @@ mod tests {
("displayname", Value::new_utf8s("testperson"))
);
let create = vec![e.clone()];
let create = vec![e];
let preload = Vec::new();
run_create_test!(
@ -150,7 +150,7 @@ mod tests {
("displayname", Value::new_utf8s("testperson"))
);
let create = vec![e.clone()];
let create = vec![e];
let preload = Vec::new();
run_create_test!(
@ -279,7 +279,7 @@ mod tests {
("displayname", Value::new_utf8s("testperson"))
);
let create = vec![e.clone()];
let create = vec![e];
let preload = Vec::new();
run_create_test!(
@ -304,7 +304,7 @@ mod tests {
("displayname", Value::new_utf8s("testperson"))
);
let create = vec![e.clone()];
let create = vec![e];
let preload = Vec::new();
run_create_test!(
@ -329,7 +329,7 @@ mod tests {
("displayname", Value::new_utf8s("testperson"))
);
let create = vec![e.clone()];
let create = vec![e];
let preload = Vec::new();
run_create_test!(

284
kanidmd/lib/src/plugins/memberof.rs
View file

@ -422,12 +422,12 @@ impl MemberOf {
mod tests {
use crate::prelude::*;
const UUID_A: &'static str = "aaaaaaaa-f82e-4484-a407-181aa03bda5c";
const UUID_B: &'static str = "bbbbbbbb-2438-4384-9891-48f4c8172e9b";
const UUID_C: &'static str = "cccccccc-9b01-423f-9ba6-51aa4bbd5dd2";
const UUID_D: &'static str = "dddddddd-2ab3-48e3-938d-1b4754cd2984";
const UUID_A: &str = "aaaaaaaa-f82e-4484-a407-181aa03bda5c";
const UUID_B: &str = "bbbbbbbb-2438-4384-9891-48f4c8172e9b";
const UUID_C: &str = "cccccccc-9b01-423f-9ba6-51aa4bbd5dd2";
const UUID_D: &str = "dddddddd-2ab3-48e3-938d-1b4754cd2984";
const EA: &'static str = r#"{
const EA: &str = r#"{
"attrs": {
"class": ["group", "memberof"],
"name": ["testgroup_a"],
@ -435,7 +435,7 @@ mod tests {
}
}"#;
const EB: &'static str = r#"{
const EB: &str = r#"{
"attrs": {
"class": ["group", "memberof"],
"name": ["testgroup_b"],
@ -443,7 +443,7 @@ mod tests {
}
}"#;
const EC: &'static str = r#"{
const EC: &str = r#"{
"attrs": {
"class": ["group", "memberof"],
"name": ["testgroup_c"],
@ -451,7 +451,7 @@ mod tests {
}
}"#;
const ED: &'static str = r#"{
const ED: &str = r#"{
"attrs": {
"class": ["group", "memberof"],
"name": ["testgroup_d"],
@ -524,7 +524,7 @@ mod tests {
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
let preload = Vec::new();
let create = vec![ea, eb];
@ -554,8 +554,8 @@ mod tests {
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
let preload = Vec::new();
let create = vec![ea, eb, ec];
@ -605,9 +605,9 @@ mod tests {
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
let preload = Vec::new();
let create = vec![ea, eb, ec];
@ -659,13 +659,13 @@ mod tests {
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_D).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_D).unwrap());
ed.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
ed.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
let preload = Vec::new();
let create = vec![ea, eb, ec, ed];
@ -733,10 +733,10 @@ mod tests {
run_modify_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
ModifyList::new_list(vec![Modify::Present(
AttrString::from("member"),
Value::new_refer_s(&UUID_B).unwrap()
Value::new_refer_s(UUID_B).unwrap()
)]),
None,
|_| {},
@ -763,16 +763,16 @@ mod tests {
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
let preload = vec![ea, eb, ec];
run_modify_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
ModifyList::new_list(vec![Modify::Present(
AttrString::from("member"),
Value::new_refer_s(&UUID_B).unwrap()
Value::new_refer_s(UUID_B).unwrap()
)]),
None,
|_| {},
@ -817,16 +817,16 @@ mod tests {
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
let preload = vec![ea, eb, ec];
run_modify_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_B).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_B).unwrap())),
ModifyList::new_list(vec![Modify::Present(
AttrString::from("member"),
Value::new_refer_s(&UUID_C).unwrap()
Value::new_refer_s(UUID_C).unwrap()
)]),
None,
|_| {},
@ -873,17 +873,17 @@ mod tests {
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
let preload = vec![ea, eb, ec];
run_modify_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_C).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_C).unwrap())),
ModifyList::new_list(vec![Modify::Present(
AttrString::from("member"),
Value::new_refer_s(&UUID_A).unwrap()
Value::new_refer_s(UUID_A).unwrap()
)]),
None,
|_| {},
@ -936,21 +936,21 @@ mod tests {
let ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_D).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_D).unwrap());
let preload = vec![ea, eb, ec, ed];
run_modify_test!(
Ok(()),
preload,
filter!(f_or!([
f_eq("uuid", PartialValue::new_uuid_s(&UUID_C).unwrap()),
f_eq("uuid", PartialValue::new_uuid_s(&UUID_D).unwrap()),
f_eq("uuid", PartialValue::new_uuid_s(UUID_C).unwrap()),
f_eq("uuid", PartialValue::new_uuid_s(UUID_D).unwrap()),
])),
ModifyList::new_list(vec![Modify::Present(
AttrString::from("member"),
Value::new_refer_s(&UUID_A).unwrap()
Value::new_refer_s(UUID_A).unwrap()
)]),
None,
|_| {},
@ -1009,17 +1009,17 @@ mod tests {
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
let preload = vec![ea, eb];
run_modify_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
ModifyList::new_list(vec![Modify::Removed(
AttrString::from("member"),
PartialValue::new_refer_s(&UUID_B).unwrap()
PartialValue::new_refer_s(UUID_B).unwrap()
)]),
None,
|_| {},
@ -1046,19 +1046,19 @@ mod tests {
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
let preload = vec![ea, eb, ec];
run_modify_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
ModifyList::new_list(vec![Modify::Removed(
AttrString::from("member"),
PartialValue::new_refer_s(&UUID_B).unwrap()
PartialValue::new_refer_s(UUID_B).unwrap()
)]),
None,
|_| {},
@ -1103,20 +1103,20 @@ mod tests {
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
let preload = vec![ea, eb, ec];
run_modify_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_B).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_B).unwrap())),
ModifyList::new_list(vec![Modify::Removed(
AttrString::from("member"),
PartialValue::new_refer_s(&UUID_C).unwrap()
PartialValue::new_refer_s(UUID_C).unwrap()
)]),
None,
|_| {},
@ -1162,29 +1162,29 @@ mod tests {
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
let preload = vec![ea, eb, ec];
run_modify_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_C).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_C).unwrap())),
ModifyList::new_list(vec![Modify::Removed(
AttrString::from("member"),
PartialValue::new_refer_s(&UUID_A).unwrap()
PartialValue::new_refer_s(UUID_A).unwrap()
)]),
None,
|_| {},
@ -1238,44 +1238,44 @@ mod tests {
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_D).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_D).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ed.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
ed.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
ed.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ed.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ed.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ed.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
ed.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
ed.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
ed.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ed.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
let preload = vec![ea, eb, ec, ed];
run_modify_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_C).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_C).unwrap())),
ModifyList::new_list(vec![
Modify::Removed(
AttrString::from("member"),
PartialValue::new_refer_s(&UUID_A).unwrap()
PartialValue::new_refer_s(UUID_A).unwrap()
),
Modify::Removed(
AttrString::from("member"),
PartialValue::new_refer_s(&UUID_D).unwrap()
PartialValue::new_refer_s(UUID_D).unwrap()
),
]),
None,
@ -1333,14 +1333,14 @@ mod tests {
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
let preload = vec![ea, eb];
run_delete_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
None,
|qs: &mut QueryServerWriteTransaction| {
// V-- this uuid is
@ -1363,18 +1363,18 @@ mod tests {
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
let preload = vec![ea, eb, ec];
run_delete_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
None,
|qs: &mut QueryServerWriteTransaction| {
// V-- this uuid is
@ -1407,18 +1407,18 @@ mod tests {
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
let preload = vec![ea, eb, ec];
run_delete_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_B).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_B).unwrap())),
None,
|qs: &mut QueryServerWriteTransaction| {
// V-- this uuid is
@ -1452,26 +1452,26 @@ mod tests {
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
let preload = vec![ea, eb, ec];
run_delete_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_A).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_A).unwrap())),
None,
|qs: &mut QueryServerWriteTransaction| {
// V-- this uuid is
@ -1508,36 +1508,36 @@ mod tests {
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
ea.add_ava("member", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ea.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
ea.add_ava("member", Value::new_refer_s(UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
ea.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
eb.add_ava("member", Value::new_refer_s(&UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
eb.add_ava("member", Value::new_refer_s(UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
eb.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(&UUID_D).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("member", Value::new_refer_s(UUID_D).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
ec.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
ed.add_ava("member", Value::new_refer_s(&UUID_A).unwrap());
ed.add_ava("memberof", Value::new_refer_s(&UUID_A).unwrap());
ed.add_ava("memberof", Value::new_refer_s(&UUID_B).unwrap());
ed.add_ava("memberof", Value::new_refer_s(&UUID_C).unwrap());
ed.add_ava("memberof", Value::new_refer_s(&UUID_D).unwrap());
ed.add_ava("member", Value::new_refer_s(UUID_A).unwrap());
ed.add_ava("memberof", Value::new_refer_s(UUID_A).unwrap());
ed.add_ava("memberof", Value::new_refer_s(UUID_B).unwrap());
ed.add_ava("memberof", Value::new_refer_s(UUID_C).unwrap());
ed.add_ava("memberof", Value::new_refer_s(UUID_D).unwrap());
let preload = vec![ea, eb, ec, ed];
run_delete_test!(
Ok(()),
preload,
filter!(f_eq("uuid", PartialValue::new_uuid_s(&UUID_B).unwrap())),
filter!(f_eq("uuid", PartialValue::new_uuid_s(UUID_B).unwrap())),
None,
|qs: &mut QueryServerWriteTransaction| {
// V-- this uuid is

12
kanidmd/lib/src/plugins/protected.rs
View file

@ -381,7 +381,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
let preload = PRELOAD.clone();
run_create_test!(
@ -408,7 +408,7 @@ mod tests {
);
let mut preload = PRELOAD.clone();
preload.push(e.clone());
preload.push(e);
run_modify_test!(
Err(OperationError::SystemProtectedObject),
@ -439,7 +439,7 @@ mod tests {
);
let mut preload = PRELOAD.clone();
preload.push(e.clone());
preload.push(e);
run_modify_test!(
Ok(()),
@ -470,7 +470,7 @@ mod tests {
);
let mut preload = PRELOAD.clone();
preload.push(e.clone());
preload.push(e);
run_delete_test!(
Err(OperationError::SystemProtectedObject),
@ -504,7 +504,7 @@ mod tests {
);
let mut preload = PRELOAD.clone();
preload.push(e.clone());
preload.push(e);
run_modify_test!(
Ok(()),
@ -578,7 +578,7 @@ mod tests {
);
let mut preload = PRELOAD.clone();
preload.push(e.clone());
preload.push(e);
run_delete_test!(
Err(OperationError::SystemProtectedObject),

2
kanidmd/lib/src/plugins/refint.rs
View file

@ -270,7 +270,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
let preload = Vec::new();
run_create_test!(
Err(OperationError::Plugin(PluginError::ReferentialIntegrity(

4
kanidmd/lib/src/plugins/spn.rs
View file

@ -220,7 +220,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
let preload = Vec::new();
run_create_test!(
@ -275,7 +275,7 @@ mod tests {
}"#,
);
let create = vec![e.clone()];
let create = vec![e];
let preload = Vec::new();
run_create_test!(

6
kanidmd/lib/src/repl/cid.rs
View file

@ -132,7 +132,7 @@ mod tests {
#[test]
fn test_cid_lamport() {
let d_uuid = uuid!("00000000-0000-0000-0000-000000000001");
let s_uuid = d_uuid.clone();
let s_uuid = d_uuid;
let ts5 = Duration::new(5, 0);
let ts10 = Duration::new(10, 0);
@ -140,9 +140,9 @@ mod tests {
let cid_z = unsafe { Cid::new_zero() };
let cid_a = Cid::new_lamport(d_uuid, s_uuid, ts5.clone(), &ts5);
let cid_a = Cid::new_lamport(d_uuid, s_uuid, ts5, &ts5);
assert!(cid_a.cmp(&cid_z) == Ordering::Greater);
let cid_b = Cid::new_lamport(d_uuid, s_uuid, ts15.clone(), &ts10);
let cid_b = Cid::new_lamport(d_uuid, s_uuid, ts15, &ts10);
assert!(cid_b.cmp(&cid_a) == Ordering::Greater);
// Even with an older ts, we should still step forward.
let cid_c = Cid::new_lamport(d_uuid, s_uuid, ts10, &ts15);

8
kanidmd/lib/src/schema.rs
View file

@ -2214,7 +2214,7 @@ mod tests {
#[test]
fn test_schema_entries() {
let _ = sketching::test_init();
sketching::test_init();
// Given an entry, assert it's schema is valid
// We do
let schema_outer = Schema::new().expect("failed to create schema");
@ -2531,7 +2531,7 @@ mod tests {
let schema_outer = Schema::new().expect("failed to create schema");
let mut schema = schema_outer.write_blocking();
assert!(schema.validate().len() == 0);
assert!(schema.validate().is_empty());
// Attempt to create a class with a phantom attribute, should be refused.
let class = SchemaClass {
@ -2549,12 +2549,12 @@ mod tests {
#[test]
fn test_schema_class_exclusion_requires() {
let _ = sketching::test_init();
sketching::test_init();
let schema_outer = Schema::new().expect("failed to create schema");
let mut schema = schema_outer.write_blocking();
assert!(schema.validate().len() == 0);
assert!(schema.validate().is_empty());
// We setup some classes that have requires and excludes and check that they
// are enforced correctly.

58
kanidmd/lib/src/server/access/mod.rs
View file

@ -1583,7 +1583,7 @@ mod tests {
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
let ev2 = unsafe { E_TESTPERSON_2.clone().into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone()), Arc::new(ev2.clone())];
let r_set = vec![Arc::new(ev1.clone()), Arc::new(ev2)];
let se_a = unsafe {
SearchEvent::new_impersonate_entry(
@ -1591,7 +1591,7 @@ mod tests {
filter_all!(f_pres("name")),
)
};
let ex_a = vec![Arc::new(ev1.clone())];
let ex_a = vec![Arc::new(ev1)];
let se_b = unsafe {
SearchEvent::new_impersonate_entry(
@ -1624,7 +1624,7 @@ mod tests {
#[test]
fn test_access_enforce_scope_search() {
let _ = sketching::test_init();
sketching::test_init();
// Test that identities are bound by their access scope.
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
@ -1673,7 +1673,7 @@ mod tests {
test_acp_search!(&se_ro, vec![acp.clone()], r_set.clone(), ex_some);
test_acp_search!(&se_rw, vec![acp.clone()], r_set.clone(), ex_some);
test_acp_search!(&se_rw, vec![acp], r_set, ex_some);
}
#[test]
@ -1682,11 +1682,11 @@ mod tests {
// "nothing to do" based on search_filter_entries, but we do the "right thing" anyway.
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone())];
let r_set = vec![Arc::new(ev1)];
let exv1 = unsafe { E_TESTPERSON_1_REDUCED.clone().into_sealed_committed() };
let ex_anon_some = vec![exv1.clone()];
let ex_anon_some = vec![exv1];
let ex_anon_none: Vec<EntrySealedCommitted> = vec![];
let se_anon_io = unsafe {
@ -1734,10 +1734,10 @@ mod tests {
// In this case, we test that a user can only see "name" despite the
// class and uuid being present.
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone())];
let r_set = vec![Arc::new(ev1)];
let exv1 = unsafe { E_TESTPERSON_1_REDUCED.clone().into_sealed_committed() };
let ex_anon = vec![exv1.clone()];
let ex_anon = vec![exv1];
let se_anon = unsafe {
SearchEvent::new_impersonate_entry(
@ -1771,10 +1771,10 @@ mod tests {
// class and uuid being present.
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone())];
let r_set = vec![Arc::new(ev1)];
let exv1 = unsafe { E_TESTPERSON_1_REDUCED.clone().into_sealed_committed() };
let ex_anon = vec![exv1.clone()];
let ex_anon = vec![exv1];
let mut se_anon = unsafe {
SearchEvent::new_impersonate_entry(
@ -1829,7 +1829,7 @@ mod tests {
#[test]
fn test_access_enforce_modify() {
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone())];
let r_set = vec![Arc::new(ev1)];
// Name present
let me_pres = unsafe {
@ -1952,22 +1952,22 @@ mod tests {
// test allowed rem class
test_acp_modify!(&me_rem_class, vec![acp_allow.clone()], &r_set, true);
// test reject purge-class even if class present in allowed remattrs
test_acp_modify!(&me_purge_class, vec![acp_allow.clone()], &r_set, false);
test_acp_modify!(&me_purge_class, vec![acp_allow], &r_set, false);
// Test reject pres class, but class not in classes
test_acp_modify!(&me_pres_class, vec![acp_no_class.clone()], &r_set, false);
// Test reject pres class, class in classes but not in pres attrs
test_acp_modify!(&me_pres_class, vec![acp_deny.clone()], &r_set, false);
// test reject rem class, but class not in classes
test_acp_modify!(&me_rem_class, vec![acp_no_class.clone()], &r_set, false);
test_acp_modify!(&me_rem_class, vec![acp_no_class], &r_set, false);
// test reject rem class, class in classes but not in pres attrs
test_acp_modify!(&me_rem_class, vec![acp_deny.clone()], &r_set, false);
test_acp_modify!(&me_rem_class, vec![acp_deny], &r_set, false);
}
#[test]
fn test_access_enforce_scope_modify() {
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone())];
let r_set = vec![Arc::new(ev1)];
// Name present
let me_pres_io = unsafe {
@ -2017,7 +2017,7 @@ mod tests {
test_acp_modify!(&me_pres_ro, vec![acp_allow.clone()], &r_set, false);
test_acp_modify!(&me_pres_rw, vec![acp_allow.clone()], &r_set, true);
test_acp_modify!(&me_pres_rw, vec![acp_allow], &r_set, true);
}
macro_rules! test_acp_create {
@ -2050,7 +2050,7 @@ mod tests {
("name", Value::new_iname("testperson1")),
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
);
let r1_set = vec![ev1.clone()];
let r1_set = vec![ev1];
let ev2 = entry_init!(
("class", Value::new_class("account")),
@ -2059,7 +2059,7 @@ mod tests {
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
);
let r2_set = vec![ev2.clone()];
let r2_set = vec![ev2];
let ev3 = entry_init!(
("class", Value::new_class("account")),
@ -2067,7 +2067,7 @@ mod tests {
("name", Value::new_iname("testperson1")),
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
);
let r3_set = vec![ev3.clone()];
let r3_set = vec![ev3];
let ev4 = entry_init!(
("class", Value::new_class("account")),
@ -2075,7 +2075,7 @@ mod tests {
("name", Value::new_iname("testperson1")),
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
);
let r4_set = vec![ev4.clone()];
let r4_set = vec![ev4];
// In this case, we can make the create event with an empty entry
// set because we only reference the entries in r_set in the test.
@ -2136,7 +2136,7 @@ mod tests {
("name", Value::new_iname("testperson1")),
("uuid", Value::Uuid(UUID_TEST_ACCOUNT_1))
);
let r1_set = vec![ev1.clone()];
let r1_set = vec![ev1];
let admin = E_TEST_ACCOUNT_1.clone();
@ -2151,7 +2151,7 @@ mod tests {
);
let ce_admin_rw = CreateEvent::new_impersonate_identity(
Identity::from_impersonate_entry_readwrite(admin.clone()),
Identity::from_impersonate_entry_readwrite(admin),
vec![],
);
@ -2204,7 +2204,7 @@ mod tests {
#[test]
fn test_access_enforce_delete() {
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone())];
let r_set = vec![Arc::new(ev1)];
let de_admin = unsafe {
DeleteEvent::new_impersonate_entry(
@ -2240,7 +2240,7 @@ mod tests {
#[test]
fn test_access_enforce_scope_delete() {
let ev1 = unsafe { E_TESTPERSON_1.clone().into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone())];
let r_set = vec![Arc::new(ev1)];
let admin = E_TEST_ACCOUNT_1.clone();
@ -2255,7 +2255,7 @@ mod tests {
);
let de_admin_rw = DeleteEvent::new_impersonate_identity(
Identity::from_impersonate_entry_readwrite(admin.clone()),
Identity::from_impersonate_entry_readwrite(admin),
filter_all!(f_eq("name", PartialValue::new_iname("testperson1"))),
);
@ -2307,14 +2307,14 @@ mod tests {
#[test]
fn test_access_effective_permission_check_1() {
let _ = sketching::test_init();
sketching::test_init();
let admin = Identity::from_impersonate_entry_readwrite(E_TEST_ACCOUNT_1.clone());
let e1: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(JSON_TESTPERSON1);
let ev1 = unsafe { e1.into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone())];
let r_set = vec![Arc::new(ev1)];
test_acp_effective_permissions!(
&admin,
@ -2346,14 +2346,14 @@ mod tests {
#[test]
fn test_access_effective_permission_check_2() {
let _ = sketching::test_init();
sketching::test_init();
let admin = Identity::from_impersonate_entry_readwrite(E_TEST_ACCOUNT_1.clone());
let e1: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(JSON_TESTPERSON1);
let ev1 = unsafe { e1.into_sealed_committed() };
let r_set = vec![Arc::new(ev1.clone())];
let r_set = vec![Arc::new(ev1)];
test_acp_effective_permissions!(
&admin,

8
kanidmd/lib/src/server/access/profiles.rs
View file

@ -58,7 +58,7 @@ impl AccessControlSearch {
},
attrs: attrs
.split_whitespace()
.map(|s| AttrString::from(s))
.map(AttrString::from)
.collect(),
}
}
@ -224,15 +224,15 @@ impl AccessControlModify {
},
classes: classes
.split_whitespace()
.map(|s| AttrString::from(s))
.map(AttrString::from)
.collect(),
presattrs: presattrs
.split_whitespace()
.map(|s| AttrString::from(s))
.map(AttrString::from)
.collect(),
remattrs: remattrs
.split_whitespace()
.map(|s| AttrString::from(s))
.map(AttrString::from)
.collect(),
}
}

2
kanidmd/lib/src/server/create.rs
View file

@ -246,7 +246,7 @@ mod tests {
let r2 = server_b_txn.search(&se_b).expect("search failure");
assert!(r2.is_empty());
let cr = server_b_txn.internal_create(vec![e.clone()]);
let cr = server_b_txn.internal_create(vec![e]);
assert!(cr.is_ok());
// Now is present

2
kanidmd/lib/src/server/delete.rs
View file

@ -203,7 +203,7 @@ mod tests {
("displayname", Value::new_utf8s("testperson3"))
);
let ce = CreateEvent::new_internal(vec![e1.clone(), e2.clone(), e3.clone()]);
let ce = CreateEvent::new_internal(vec![e1, e2, e3]);
let cr = server_txn.create(&ce);
assert!(cr.is_ok());

10
kanidmd/lib/src/server/mod.rs
View file

@ -1569,25 +1569,25 @@ mod tests {
assert!(cr.is_ok());
// test attr not exist
let r1 = server_txn.clone_value(&"tausau".to_string(), &"naoeutnhaou".to_string());
let r1 = server_txn.clone_value("tausau", "naoeutnhaou");
assert!(r1.is_err());
// test attr not-normalised (error)
// test attr not-reference
let r2 = server_txn.clone_value(&"NaMe".to_string(), &"NaMe".to_string());
let r2 = server_txn.clone_value("NaMe", "NaMe");
assert!(r2.is_err());
// test attr reference
let r3 = server_txn.clone_value(&"member".to_string(), &"testperson1".to_string());
let r3 = server_txn.clone_value("member", "testperson1");
assert!(r3 == Ok(Value::Refer(uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))));
// test attr reference already resolved.
let r4 = server_txn.clone_value(
&"member".to_string(),
&"cc8e95b4-c24f-4d68-ba54-8bed76f63930".to_string(),
"member",
"cc8e95b4-c24f-4d68-ba54-8bed76f63930",
);
debug!("{:?}", r4);

4
kanidmd/lib/src/server/modify.rs
View file

@ -490,7 +490,7 @@ mod tests {
("displayname", Value::new_utf8s("testperson2"))
);
let ce = CreateEvent::new_internal(vec![e1.clone(), e2.clone()]);
let ce = CreateEvent::new_internal(vec![e1, e2]);
let cr = server_txn.create(&ce);
assert!(cr.is_ok());
@ -638,7 +638,7 @@ mod tests {
("displayname", Value::new_utf8s("testperson1"))
);
let ce = CreateEvent::new_internal(vec![e1.clone()]);
let ce = CreateEvent::new_internal(vec![e1]);
let cr = server_txn.create(&ce);
assert!(cr.is_ok());

14
kanidmd/lib/src/server/recycle.rs
View file

@ -477,7 +477,7 @@ mod tests {
assert!(server_txn.delete(&de_sin).is_ok());
// Can in be seen by special search? (external recycle search)
let filt_rc = filter_all!(f_eq("class", PartialValue::new_class("recycled")));
let sre_rc = unsafe { SearchEvent::new_rec_impersonate_entry(admin, filt_rc.clone()) };
let sre_rc = unsafe { SearchEvent::new_rec_impersonate_entry(admin, filt_rc) };
let r2 = server_txn.search(&sre_rc).expect("search failed");
assert!(r2.len() == 1);
@ -812,11 +812,11 @@ mod tests {
};
assert!(server_txn.revive_recycled(&rev3).is_ok());
assert!(
check_entry_has_mo(
!check_entry_has_mo(
&mut server_txn,
"u3",
"36048117-e479-45ed-aeb5-611e8d83d5b1"
) == false
)
);
// Revive u4, should NOT have the MO.
@ -828,11 +828,11 @@ mod tests {
};
assert!(server_txn.revive_recycled(&rev4a).is_ok());
assert!(
check_entry_has_mo(
!check_entry_has_mo(
&mut server_txn,
"u4",
"d5c59ac6-c533-4b00-989f-d0e183f07bab"
) == false
)
);
// Now revive g4, should allow MO onto u4.
@ -844,11 +844,11 @@ mod tests {
};
assert!(server_txn.revive_recycled(&rev4b).is_ok());
assert!(
check_entry_has_mo(
!check_entry_has_mo(
&mut server_txn,
"u4",
"d5c59ac6-c533-4b00-989f-d0e183f07bab"
) == false
)
);
assert!(server_txn.commit().is_ok());

2
kanidmd/lib/src/value.rs
View file

@ -899,7 +899,7 @@ impl From<&str> for Value {
#[cfg(test)]
impl From<&Uuid> for Value {
fn from(u: &Uuid) -> Self {
Value::Uuid(u.clone())
Value::Uuid(*u)
}
}

2
kanidmd/testkit/src/lib.rs
View file

@ -37,7 +37,7 @@ pub fn is_free_port(port: u16) -> bool {
// allowed because the use of this function is behind a test gate
#[allow(dead_code)]
pub async fn setup_async_test() -> (KanidmClient, CoreHandle) {
let _ = sketching::test_init();
sketching::test_init();
let mut counter = 0;
let port = loop {

38
kanidmd/testkit/tests/default_entries.rs
View file

@ -55,16 +55,16 @@ static DEFAULT_HP_GROUP_NAMES: [&str; 24] = [
static DEFAULT_NOT_HP_GROUP_NAMES: [&str; 2] =
["idm_account_unix_extend_priv", "idm_group_unix_extend_priv"];
async fn create_user(rsclient: &KanidmClient, id: &str, group_name: &str) -> () {
async fn create_user(rsclient: &KanidmClient, id: &str, group_name: &str) {
rsclient.idm_person_account_create(id, id).await.unwrap();
// Create group and add to user to test read attr: member_of
if rsclient.idm_group_get(&group_name).await.unwrap().is_none() {
rsclient.idm_group_create(&group_name).await.unwrap();
if rsclient.idm_group_get(group_name).await.unwrap().is_none() {
rsclient.idm_group_create(group_name).await.unwrap();
}
rsclient
.idm_group_add_members(&group_name, &[id])
.idm_group_add_members(group_name, &[id])
.await
.unwrap();
}
@ -137,27 +137,27 @@ async fn add_all_attrs(
) {
// Extend with posix attrs to test read attr: gidnumber and loginshell
rsclient
.idm_person_account_unix_extend(id, None, Some(&"/bin/sh"))
.idm_person_account_unix_extend(id, None, Some("/bin/sh"))
.await
.unwrap();
rsclient
.idm_group_unix_extend(&group_name, None)
.idm_group_unix_extend(group_name, None)
.await
.unwrap();
for attr in ["ssh_publickey", "mail"].iter() {
assert!(is_attr_writable(&rsclient, id, attr).await.unwrap());
assert!(is_attr_writable(rsclient, id, attr).await.unwrap());
}
if let Some(legalname) = legalname {
assert!(is_attr_writable(&rsclient, legalname, "legalname")
assert!(is_attr_writable(rsclient, legalname, "legalname")
.await
.unwrap());
}
// Write radius credentials
if id != "anonymous" {
login_account(&rsclient, id).await;
login_account(rsclient, id).await;
let _ = rsclient
.idm_account_radius_credential_regenerate(id)
.await
@ -173,15 +173,15 @@ async fn create_user_with_all_attrs(
rsclient: &KanidmClient,
id: &str,
optional_group: Option<&str>,
) -> () {
) {
let group_format = format!("{}_group", id);
let group_name = optional_group.unwrap_or(&group_format);
create_user(&rsclient, id, group_name).await;
add_all_attrs(&rsclient, id, group_name, Some(id)).await;
create_user(rsclient, id, group_name).await;
add_all_attrs(rsclient, id, group_name, Some(id)).await;
}
async fn login_account(rsclient: &KanidmClient, id: &str) -> () {
async fn login_account(rsclient: &KanidmClient, id: &str) {
rsclient
.idm_group_add_members(
"idm_people_account_password_import_priv",
@ -210,7 +210,7 @@ async fn login_account(rsclient: &KanidmClient, id: &str) -> () {
// Login to the given account, but first login with default admin credentials.
// This is necessary when switching between unprivileged accounts, but adds extra calls which
// create extra debugging noise, so should be avoided when unnecessary.
async fn login_account_via_admin(rsclient: &KanidmClient, id: &str) -> () {
async fn login_account_via_admin(rsclient: &KanidmClient, id: &str) {
let _ = rsclient.logout();
rsclient
.auth_simple_password(ADMIN_TEST_USER, ADMIN_TEST_PASSWORD)
@ -224,7 +224,7 @@ async fn test_read_attrs(
id: &str,
attrs: &[&str],
is_readable: bool,
) -> () {
) {
println!("Test read to {}, is readable: {}", id, is_readable);
let rset = rsclient
.search(Filter::Eq("name".to_string(), id.to_string()))
@ -251,11 +251,11 @@ async fn test_write_attrs(
id: &str,
attrs: &[&str],
is_writeable: bool,
) -> () {
) {
println!("Test write to {}, is writeable: {}", id, is_writeable);
for attr in attrs.iter() {
println!("Writing to {}", attr);
let is_ok = is_attr_writable(&rsclient, id, attr).await.unwrap();
let is_ok = is_attr_writable(rsclient, id, attr).await.unwrap();
assert!(is_ok == is_writeable)
}
}
@ -264,12 +264,12 @@ async fn test_modify_group(
rsclient: &KanidmClient,
group_names: &[&str],
is_modificable: bool,
) -> () {
) {
// need user test created to be added as test part
for group in group_names.iter() {
println!("Testing group: {}", group);
for attr in ["description", "name"].iter() {
assert!(is_attr_writable(&rsclient, group, attr).await.unwrap() == is_modificable)
assert!(is_attr_writable(rsclient, group, attr).await.unwrap() == is_modificable)
}
assert!(
rsclient

3
kanidmd/testkit/tests/oauth2_test.rs
View file

@ -257,8 +257,7 @@ async fn test_oauth2_openid_basic_flow(rsclient: KanidmClient) {
let redir_str = response
.headers()
.get("Location")
.map(|hv| hv.to_str().ok().map(str::to_string))
.flatten()
.and_then(|hv| hv.to_str().ok().map(str::to_string))
.expect("Invalid redirect url");
// Now check it's content

2
kanidmd/testkit/tests/proto_v1_test.rs
View file

@ -212,7 +212,7 @@ async fn test_server_rest_group_lifecycle(rsclient: KanidmClient) {
.await
.unwrap();
let members = rsclient.idm_group_get_members("demo_group").await.unwrap();
assert!(members == None);
assert!(members.is_none());
// Delete the group
rsclient.idm_group_delete("demo_group").await.unwrap();