mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-24 04:57:00 +01:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

Update schema check to be cleaner

Browse source
This commit is contained in:
William Brown 2019-02-25 15:48:37 +10:00
parent 62ec6dd603
commit 9c0aaa072a
8 changed files with 76 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/lib/be/mod.rs
View file

@ -9,8 +9,8 @@ use serde_json;
use audit::AuditScope; use audit::AuditScope;
use entry::{Entry, EntryCommitted, EntryNew, EntryValid}; use entry::{Entry, EntryCommitted, EntryNew, EntryValid};
use filter::{Filter, FilterValid};
use error::OperationError; use error::OperationError;
use filter::{Filter, FilterValid};
mod idl; mod idl;
mod mem_be; mod mem_be;
@ -384,12 +384,12 @@ impl BackendWriteTransaction {
Ok(()) Ok(())
} }
pub fn backup() -> Result<(), BackendError> { pub fn backup(&self) -> Result<(), BackendError> {
unimplemented!() unimplemented!()
} }
// Should this be offline only? // Should this be offline only?
pub fn restore() -> Result<(), BackendError> { pub fn restore(&self) -> Result<(), BackendError> {
unimplemented!() unimplemented!()
} }
@ -763,5 +763,5 @@ mod tests {
be.restore(); be.restore();
be.backup(); be.backup();
}); });
) }
} }

7
src/lib/core.rs
View file

@ -2,8 +2,7 @@
use actix::Actor; use actix::Actor;
use actix_web::middleware::session::{self, RequestSession}; use actix_web::middleware::session::{self, RequestSession};
use actix_web::{ use actix_web::{
error, http, middleware, App, Error, HttpMessage, HttpRequest, error, http, middleware, App, Error, HttpMessage, HttpRequest, HttpResponse, Result, State,
HttpResponse, Result, State,
}; };
use bytes::BytesMut; use bytes::BytesMut;
@ -15,9 +14,7 @@ use super::config::Configuration;
use super::event::{AuthEvent, CreateEvent, DeleteEvent, ModifyEvent, SearchEvent}; use super::event::{AuthEvent, CreateEvent, DeleteEvent, ModifyEvent, SearchEvent};
use super::interval::IntervalActor; use super::interval::IntervalActor;
use super::log; use super::log;
use super::proto_v1::{ use super::proto_v1::{AuthRequest, CreateRequest, DeleteRequest, ModifyRequest, SearchRequest};
AuthRequest, CreateRequest, DeleteRequest, ModifyRequest, SearchRequest,
};
use super::server; use super::server;
struct AppState { struct AppState {

3
src/lib/entry.rs
View file

@ -140,7 +140,7 @@ pub struct Entry<VALID, STATE> {
} }
impl Entry<EntryInvalid, EntryNew> { impl Entry<EntryInvalid, EntryNew> {
/* #[cfg(test)]
pub fn new() -> Self { pub fn new() -> Self {
Entry { Entry {
// This means NEVER COMMITED // This means NEVER COMMITED
@ -150,7 +150,6 @@ impl Entry<EntryInvalid, EntryNew> {
attrs: BTreeMap::new(), attrs: BTreeMap::new(),
} }
} }
*/
// FIXME: Can we consume protoentry? // FIXME: Can we consume protoentry?
pub fn from(e: &ProtoEntry) -> Self { pub fn from(e: &ProtoEntry) -> Self {

2
src/lib/filter.rs
View file

@ -4,7 +4,7 @@
use error::SchemaError; use error::SchemaError;
use proto_v1::Filter as ProtoFilter; use proto_v1::Filter as ProtoFilter;
use schema::{SchemaReadTransaction}; use schema::SchemaReadTransaction;
use std::cmp::{Ordering, PartialOrd}; use std::cmp::{Ordering, PartialOrd};
use std::marker::PhantomData; use std::marker::PhantomData;

2
src/lib/plugins/base.rs
View file

@ -7,7 +7,7 @@ use entry::{Entry, EntryInvalid, EntryNew};
use error::OperationError; use error::OperationError;
use event::CreateEvent; use event::CreateEvent;
use filter::Filter; use filter::Filter;
use schema::{SchemaWriteTransaction}; use schema::SchemaWriteTransaction;
// TO FINISH // TO FINISH
/* /*

4
src/lib/plugins/mod.rs
View file

@ -1,9 +1,9 @@
use audit::AuditScope; use audit::AuditScope;
use be::{BackendWriteTransaction}; use be::BackendWriteTransaction;
use entry::{Entry, EntryInvalid, EntryNew}; use entry::{Entry, EntryInvalid, EntryNew};
use error::OperationError; use error::OperationError;
use event::CreateEvent; use event::CreateEvent;
use schema::{SchemaWriteTransaction}; use schema::SchemaWriteTransaction;
mod base; mod base;
mod protected; mod protected;

2
src/lib/schema.rs
View file

@ -1,7 +1,7 @@
use super::audit::AuditScope; use super::audit::AuditScope;
use super::constants::*; use super::constants::*;
// use super::entry::Entry; // use super::entry::Entry;
use super::error::{SchemaError, OperationError}; use super::error::{OperationError, SchemaError};
// use super::filter::Filter; // use super::filter::Filter;
use std::collections::HashMap; use std::collections::HashMap;
// Apparently this is nightly only? // Apparently this is nightly only?

97
src/lib/server.rs
View file

@ -319,6 +319,7 @@ impl<'a> QueryServerWriteTransaction<'a> {
} }
// TODO: Rework this to be better. // TODO: Rework this to be better.
/*
let (norm_cand, invalid_cand): ( let (norm_cand, invalid_cand): (
Vec<Result<Entry<EntryValid, EntryNew>, _>>, Vec<Result<Entry<EntryValid, EntryNew>, _>>,
Vec<Result<_, SchemaError>>, Vec<Result<_, SchemaError>>,
@ -342,6 +343,17 @@ impl<'a> QueryServerWriteTransaction<'a> {
Err(_) => panic!("Invalid data set state!!!"), Err(_) => panic!("Invalid data set state!!!"),
}) })
.collect(); .collect();
*/
let res: Result<Vec<Entry<EntryValid, EntryNew>>, SchemaError> = candidates
.into_iter()
.map(|e| e.validate(&self.schema))
.collect();
let norm_cand: Vec<Entry<EntryValid, EntryNew>> = match res {
Ok(v) => v,
Err(e) => return Err(OperationError::SchemaViolation(e)),
};
let mut audit_be = AuditScope::new("backend_create"); let mut audit_be = AuditScope::new("backend_create");
// We may change from ce.entries later to something else? // We may change from ce.entries later to something else?
@ -417,6 +429,8 @@ impl<'a> QueryServerWriteTransaction<'a> {
// FIXME: This normalisation COPIES everything, which may be // FIXME: This normalisation COPIES everything, which may be
// slow. // slow.
/*
let (norm_cand, invalid_cand): ( let (norm_cand, invalid_cand): (
Vec<Result<Entry<EntryValid, EntryCommitted>, _>>, Vec<Result<Entry<EntryValid, EntryCommitted>, _>>,
Vec<Result<_, SchemaError>>, Vec<Result<_, SchemaError>>,
@ -445,6 +459,18 @@ impl<'a> QueryServerWriteTransaction<'a> {
}) })
.collect(); .collect();
*/
let res: Result<Vec<Entry<EntryValid, EntryCommitted>>, SchemaError> = candidates
.into_iter()
.map(|e| e.validate(&self.schema))
.collect();
let del_cand: Vec<Entry<_, _>> = match res {
Ok(v) => v,
Err(e) => return Err(OperationError::SchemaViolation(e)),
};
let mut audit_be = AuditScope::new("backend_modify"); let mut audit_be = AuditScope::new("backend_modify");
let res = self let res = self
@ -622,6 +648,7 @@ impl<'a> QueryServerWriteTransaction<'a> {
// FIXME: This normalisation COPIES everything, which may be // FIXME: This normalisation COPIES everything, which may be
// slow. // slow.
/*
let (norm_cand, invalid_cand): ( let (norm_cand, invalid_cand): (
Vec<Result<Entry<EntryValid, EntryCommitted>, _>>, Vec<Result<Entry<EntryValid, EntryCommitted>, _>>,
Vec<Result<_, SchemaError>>, Vec<Result<_, SchemaError>>,
@ -646,6 +673,17 @@ impl<'a> QueryServerWriteTransaction<'a> {
Err(_) => panic!("Invalid data set state!!!"), Err(_) => panic!("Invalid data set state!!!"),
}) })
.collect(); .collect();
*/
let res: Result<Vec<Entry<EntryValid, EntryCommitted>>, SchemaError> = candidates
.into_iter()
.map(|e| e.validate(&self.schema))
.collect();
let norm_cand: Vec<Entry<_, _>> = match res {
Ok(v) => v,
Err(e) => return Err(OperationError::SchemaViolation(e)),
};
// Now map out the Oks? // Now map out the Oks?
@ -887,8 +925,7 @@ impl<'a> QueryServerWriteTransaction<'a> {
// costly. // costly.
.and_then(|_| { .and_then(|_| {
// Backend Commit // Backend Commit
be_txn.commit() be_txn.commit().and_then(|_| {
.and_then(|_| {
// Schema commit: Since validate passed and be is good, this // Schema commit: Since validate passed and be is good, this
// must now also be good. // must now also be good.
schema.commit() schema.commit()
@ -952,13 +989,9 @@ impl Handler<CreateEvent> for QueryServer {
let qs_write = self.write(); let qs_write = self.write();
qs_write.create(&mut audit, &msg) qs_write
.and_then(|_| { .create(&mut audit, &msg)
qs_write.commit(&mut audit) .and_then(|_| qs_write.commit(&mut audit).map(|_| OpResult {}))
.map(|_| {
OpResult {}
})
})
}); });
// At the end of the event we send it for logging. // At the end of the event we send it for logging.
self.log.do_send(audit); self.log.do_send(audit);
@ -976,13 +1009,9 @@ impl Handler<ModifyEvent> for QueryServer {
let qs_write = self.write(); let qs_write = self.write();
qs_write.modify(&mut audit, &msg) qs_write
.and_then(|_| { .modify(&mut audit, &msg)
qs_write.commit(&mut audit) .and_then(|_| qs_write.commit(&mut audit).map(|_| OpResult {}))
.map(|_| {
OpResult {}
})
})
}); });
self.log.do_send(audit); self.log.do_send(audit);
res res
@ -999,13 +1028,9 @@ impl Handler<DeleteEvent> for QueryServer {
let qs_write = self.write(); let qs_write = self.write();
qs_write.delete(&mut audit, &msg) qs_write
.and_then(|_| { .delete(&mut audit, &msg)
qs_write.commit(&mut audit) .and_then(|_| qs_write.commit(&mut audit).map(|_| OpResult {}))
.map(|_| {
OpResult {}
})
})
}); });
self.log.do_send(audit); self.log.do_send(audit);
res res
@ -1036,13 +1061,9 @@ impl Handler<PurgeEvent> for QueryServer {
audit_log!(audit, "Begin purge tombstone event {:?}", msg); audit_log!(audit, "Begin purge tombstone event {:?}", msg);
let qs_write = self.write(); let qs_write = self.write();
let res = qs_write.purge_tombstones(&mut audit) let res = qs_write
.map(|_| { .purge_tombstones(&mut audit)
qs_write.commit(&mut audit) .map(|_| qs_write.commit(&mut audit).map(|_| OpResult {}));
.map(|_| {
OpResult {}
})
});
audit_log!(audit, "Purge tombstones result: {:?}", res); audit_log!(audit, "Purge tombstones result: {:?}", res);
res.expect("Invalid Server State"); res.expect("Invalid Server State");
}); });
@ -1069,7 +1090,7 @@ mod tests {
use super::super::audit::AuditScope; use super::super::audit::AuditScope;
use super::super::be::{Backend, BackendTransaction}; use super::super::be::{Backend, BackendTransaction};
use super::super::entry::{Entry, EntryCommitted, EntryInvalid, EntryNew, EntryValid}; use super::super::entry::{Entry, EntryCommitted, EntryInvalid, EntryNew, EntryValid};
use super::super::error::OperationError; use super::super::error::{OperationError, SchemaError};
use super::super::event::{ use super::super::event::{
CreateEvent, DeleteEvent, ModifyEvent, ReviveRecycledEvent, SearchEvent, CreateEvent, DeleteEvent, ModifyEvent, ReviveRecycledEvent, SearchEvent,
}; };
@ -1260,7 +1281,12 @@ mod tests {
String::from("anusaosu"), String::from("anusaosu"),
)]), )]),
); );
assert!(server_txn.modify(audit, &me_inv_f) == Err(OperationError::SchemaViolation)); assert!(
server_txn.modify(audit, &me_inv_f)
== Err(OperationError::SchemaViolation(
SchemaError::InvalidAttribute
))
);
// Mod is invalid to schema // Mod is invalid to schema
let me_inv_m = ModifyEvent::from_filter( let me_inv_m = ModifyEvent::from_filter(
@ -1270,7 +1296,12 @@ mod tests {
String::from("anusaosu"), String::from("anusaosu"),
)]), )]),
); );
assert!(server_txn.modify(audit, &me_inv_m) == Err(OperationError::SchemaViolation)); assert!(
server_txn.modify(audit, &me_inv_m)
== Err(OperationError::SchemaViolation(
SchemaError::InvalidAttribute
))
);
// Mod single object // Mod single object
let me_sin = ModifyEvent::from_filter( let me_sin = ModifyEvent::from_filter(