mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Working UNSAFE search interface

Browse source
This commit is contained in:
William Brown 2018-11-18 17:25:49 +10:00
parent a5ebac54c7
commit 76d481bd44
2 changed files with 38 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/event.rs
View file

@ -3,7 +3,9 @@ use actix::prelude::*;
use entry::Entry; use entry::Entry;
// Should the event Result have the log items? // Should the event Result have the log items?
#[derive(Debug)] // FIXME: Remove seralising here - each type should
// have it's own result type!
#[derive(Serialize, Deserialize, Debug)]
pub enum EventResult { pub enum EventResult {
Search { entries: Vec<Entry> }, Search { entries: Vec<Entry> },
Modify, Modify,

38
src/main.rs
View file

@ -12,7 +12,7 @@ extern crate uuid;
// use actix::prelude::*; // use actix::prelude::*;
use actix_web::{ use actix_web::{
error, http, middleware, App, AsyncResponder, Error, FutureResponse, HttpMessage, HttpRequest, error, http, middleware, App, AsyncResponder, Error, FutureResponse, HttpMessage, HttpRequest,
HttpResponse, Path, State, HttpResponse, Json, Path, State,
}; };
use bytes::BytesMut; use bytes::BytesMut;
@ -71,8 +71,30 @@ fn class_list((_name, state): (Path<String>, State<AppState>)) -> FutureResponse
.responder() .responder()
} }
fn search(
(item, req): (Json<SearchRequest>, HttpRequest<AppState>),
) -> Box<Future<Item = HttpResponse, Error = Error>> {
Box::new(
req.state()
.qe
.send(
// FIXME: Item is BORROWED, so we have to .clone it.
// We should treat this as immutable and let the caller
// clone when mutation is required ...
// however, that involves lifetime complexities.
event::SearchEvent::new(item.filter.clone()),
)
.from_err()
.and_then(|res| match res {
// FIXME: entries should not be EventResult type
Ok(entries) => Ok(HttpResponse::Ok().json(entries)),
Err(_) => Ok(HttpResponse::InternalServerError().into()),
}),
)
}
// Based on actix web example json // Based on actix web example json
fn search(req: &HttpRequest<AppState>) -> Box<Future<Item = HttpResponse, Error = Error>> { fn search2(req: &HttpRequest<AppState>) -> Box<Future<Item = HttpResponse, Error = Error>> {
println!("{:?}", req); println!("{:?}", req);
// HttpRequest::payload() is stream of Bytes objects // HttpRequest::payload() is stream of Bytes objects
req.payload() req.payload()
@ -139,7 +161,17 @@ fn main() {
// Connect all our end points here. // Connect all our end points here.
.middleware(middleware::Logger::default()) .middleware(middleware::Logger::default())
.resource("/", |r| r.f(index)) .resource("/", |r| r.f(index))
.resource("/search", |r| r.method(http::Method::POST).a(search)) // curl --header "Content-Type: application/json" --request POST --data '{ "filter" : { "Eq": ["class", "user"] }}' http://127.0.0.1:8080/search
.resource("/search", |r| {
r.method(http::Method::POST)
/*
.with_config(extract_item_limit, |cfg| {
cfg.0.limit(4096); // <- limit size of the payload
})
*/
.with(search)
})
.resource("/search2", |r| r.method(http::Method::POST).a(search2))
// Add an ldap compat search function type? // Add an ldap compat search function type?
.resource("/list/{class_list}", |r| { .resource("/list/{class_list}", |r| {
r.method(http::Method::GET).with(class_list) r.method(http::Method::GET).with(class_list)