diff --git a/src/lib/be/mod.rs b/src/lib/be/mod.rs index acdc6a81e..3bc7ae7ff 100644 --- a/src/lib/be/mod.rs +++ b/src/lib/be/mod.rs @@ -8,7 +8,6 @@ use serde_cbor; use serde_json; use std::convert::TryFrom; use std::fs; -// use uuid; use crate::audit::AuditScope; use crate::be::dbentry::DbEntry; @@ -616,7 +615,21 @@ impl BackendWriteTransaction { pub fn setup(&self, audit: &mut AuditScope) -> Result<(), OperationError> { { // Enable WAL mode, which is just faster and better. - self.conn.execute("PRAGMA journal_mode=WAL;", NO_PARAMS); + // + // We have to use stmt + prepare because execute can't handle + // the "wal" row on result when this works! + let mut wal_stmt = try_audit!( + audit, + self.conn.prepare("PRAGMA journal_mode=WAL;"), + "sqlite error {:?}", + OperationError::SQLiteError + ); + try_audit!( + audit, + wal_stmt.query(NO_PARAMS), + "sqlite error {:?}", + OperationError::SQLiteError + ); // This stores versions of components. For example: // ---------------------- diff --git a/src/lib/config.rs b/src/lib/config.rs index b7bbca557..a4bbdf312 100644 --- a/src/lib/config.rs +++ b/src/lib/config.rs @@ -17,7 +17,7 @@ impl Configuration { pub fn new() -> Self { let mut c = Configuration { address: String::from("127.0.0.1:8080"), - domain: String::from("127.0.0.1"), + domain: String::from("localhost"), threads: 8, db_path: String::from(""), maximum_request: 262144, // 256k diff --git a/src/lib/core.rs b/src/lib/core.rs index 2822febc8..2fffec58c 100644 --- a/src/lib/core.rs +++ b/src/lib/core.rs @@ -23,6 +23,8 @@ use crate::proto::v1::{ AuthRequest, AuthState, CreateRequest, DeleteRequest, ModifyRequest, SearchRequest, UserAuthToken, }; +use crate::schema::Schema; +use crate::server::QueryServer; use uuid::Uuid; @@ -312,6 +314,43 @@ pub fn restore_server_core(config: Configuration, dst_path: &str) { }; } +pub fn verify_server_core(config: Configuration) { + let mut audit = AuditScope::new("server_verify"); + // Setup the be + let be = match setup_backend(&config) { + Ok(be) => be, + Err(e) => { + error!("Failed to setup BE: {:?}", e); + return; + } + }; + // setup the qs - without initialise! + let schema_mem = match Schema::new(&mut audit) { + Ok(sc) => sc, + Err(e) => { + error!("Failed to setup in memory schema: {:?}", e); + return; + } + }; + let server = QueryServer::new(be, schema_mem); + + // Run verifications. + let r = server.verify(&mut audit); + + debug!("{}", audit); + + if r.len() == 0 { + std::process::exit(0); + } else { + for er in r { + error!("{:?}", er); + } + std::process::exit(1); + } + + // Now add IDM server verifications? +} + pub fn create_server_core(config: Configuration) { // Until this point, we probably want to write to the log macro fns. @@ -350,7 +389,7 @@ pub fn create_server_core(config: Configuration) { // Copy the max size let max_size = config.maximum_request; let secure_cookies = config.secure_cookies; - let domain = config.domain.clone(); + // let domain = config.domain.clone(); let cookie_key: [u8; 32] = config.cookie_key.clone(); // start the web server diff --git a/src/lib/entry.rs b/src/lib/entry.rs index 87dd823db..b83982c02 100644 --- a/src/lib/entry.rs +++ b/src/lib/entry.rs @@ -315,14 +315,12 @@ impl Entry { // Now, for each type we do a *full* check of the syntax // and validity of the ava. let r = a_schema.validate_ava(avas); - if r.is_err() { - debug!("Failed to validate: {}", attr_name); - return Err(r.unwrap_err()); - } - // We have to destructure here to make type checker happy match r { Ok(_) => {} - Err(e) => {} + Err(e) => { + debug!("Failed to validate: {}", attr_name); + return Err(e); + } } } None => { @@ -369,14 +367,12 @@ impl Entry { // Now, for each type we do a *full* check of the syntax // and validity of the ava. let r = a_schema.validate_ava(avas); - if r.is_err() { - debug!("Failed to validate: {}", attr_name); - return Err(r.unwrap_err()); - } - // We have to destructure here to make type checker happy match r { Ok(_) => {} - Err(e) => {} + Err(e) => { + debug!("Failed to validate: {}", attr_name); + return Err(e); + } } } None => { @@ -406,6 +402,8 @@ impl Entry { } impl Entry { + // This is only used in tests today, but I don't want to cfg test it. + #[allow(dead_code)] fn get_uuid(&self) -> Option<&String> { match self.attrs.get("uuid") { Some(vs) => vs.first(), @@ -677,7 +675,7 @@ impl Entry { // Remove all attrs from our tree that are NOT in the allowed set. let Entry { - valid: s_valid, + valid: _s_valid, state: s_state, attrs: s_attrs, } = self; diff --git a/src/lib/event.rs b/src/lib/event.rs index 2b65d0d51..2dd9df6cf 100644 --- a/src/lib/event.rs +++ b/src/lib/event.rs @@ -4,8 +4,7 @@ use crate::filter::{Filter, FilterValid}; use crate::proto::v1::Entry as ProtoEntry; use crate::proto::v1::{ AuthCredential, AuthResponse, AuthState, AuthStep, CreateRequest, DeleteRequest, ModifyRequest, - OperationResponse, ReviveRecycledRequest, SearchRequest, SearchResponse, UserAuthToken, - WhoamiResponse, + ReviveRecycledRequest, SearchRequest, SearchResponse, UserAuthToken, WhoamiResponse, }; // use error::OperationError; use crate::error::OperationError; @@ -29,15 +28,6 @@ use crate::proto::v1::SearchRecycledRequest; use actix::prelude::*; use uuid::Uuid; -#[derive(Debug)] -pub struct OpResult {} - -impl OpResult { - pub fn response(self) -> OperationResponse { - OperationResponse {} - } -} - #[derive(Debug)] pub struct SearchResult { entries: Vec, @@ -258,6 +248,7 @@ impl SearchEvent { } #[cfg(test)] + #[allow(dead_code)] pub fn from_rec_request( audit: &mut AuditScope, request: SearchRecycledRequest, @@ -398,6 +389,7 @@ impl ExistsEvent { } #[cfg(test)] + #[allow(dead_code)] pub unsafe fn new_internal_invalid(filter: Filter) -> Self { ExistsEvent { event: Event::from_internal(), diff --git a/src/lib/filter.rs b/src/lib/filter.rs index 3b47048c3..b39667e47 100644 --- a/src/lib/filter.rs +++ b/src/lib/filter.rs @@ -15,30 +15,37 @@ use std::collections::BTreeSet; // Default filter is safe, ignores all hidden types! +#[allow(dead_code)] pub fn f_eq<'a>(a: &'a str, v: &'a str) -> FC<'a> { FC::Eq(a, v) } +#[allow(dead_code)] pub fn f_sub<'a>(a: &'a str, v: &'a str) -> FC<'a> { FC::Sub(a, v) } +#[allow(dead_code)] pub fn f_pres<'a>(a: &'a str) -> FC<'a> { FC::Pres(a) } +#[allow(dead_code)] pub fn f_or<'a>(vs: Vec>) -> FC<'a> { FC::Or(vs) } +#[allow(dead_code)] pub fn f_and<'a>(vs: Vec>) -> FC<'a> { FC::And(vs) } +#[allow(dead_code)] pub fn f_andnot<'a>(fc: FC<'a>) -> FC<'a> { FC::AndNot(Box::new(fc)) } +#[allow(dead_code)] pub fn f_self<'a>() -> FC<'a> { FC::SelfUUID } diff --git a/src/lib/idm/account.rs b/src/lib/idm/account.rs index 2c78143cf..072eabdbe 100644 --- a/src/lib/idm/account.rs +++ b/src/lib/idm/account.rs @@ -6,8 +6,6 @@ use crate::proto::v1::UserAuthToken; use crate::idm::claim::Claim; use crate::idm::group::Group; -use std::convert::TryFrom; - #[derive(Debug, Clone)] pub(crate) struct Account { // Later these could be &str if we cache entry here too ... @@ -94,9 +92,6 @@ mod tests { use crate::constants::JSON_ANONYMOUS_V1; use crate::entry::{Entry, EntryNew, EntryValid}; use crate::idm::account::Account; - use crate::proto::v1::AuthAllowed; - - use std::convert::TryFrom; #[test] fn test_idm_account_from_anonymous() { diff --git a/src/lib/idm/authsession.rs b/src/lib/idm/authsession.rs index 3b24ec728..efd716b22 100644 --- a/src/lib/idm/authsession.rs +++ b/src/lib/idm/authsession.rs @@ -183,8 +183,6 @@ mod tests { use crate::idm::authsession::AuthSession; use crate::proto::v1::AuthAllowed; - use std::convert::TryFrom; - #[test] fn test_idm_account_anonymous_auth_mech() { let anon_account = entry_str_to_account!(JSON_ANONYMOUS_V1); diff --git a/src/lib/idm/claim.rs b/src/lib/idm/claim.rs index 49d92983b..f456b684d 100644 --- a/src/lib/idm/claim.rs +++ b/src/lib/idm/claim.rs @@ -6,11 +6,13 @@ pub struct Claim { } impl Claim { + /* pub fn new() -> Self { Claim { // Fill this in! } } + */ pub fn into_proto(&self) -> ProtoClaim { unimplemented!(); diff --git a/src/lib/idm/group.rs b/src/lib/idm/group.rs index 26dfffd63..4820805e7 100644 --- a/src/lib/idm/group.rs +++ b/src/lib/idm/group.rs @@ -7,9 +7,11 @@ pub struct Group { } impl Group { + /* pub fn new() -> Self { Group {} } + */ pub fn into_proto(&self) -> ProtoGroup { unimplemented!(); diff --git a/src/lib/idm/server.rs b/src/lib/idm/server.rs index 830a7bdc9..8316df914 100644 --- a/src/lib/idm/server.rs +++ b/src/lib/idm/server.rs @@ -8,7 +8,6 @@ use crate::server::{QueryServer, QueryServerTransaction}; use concread::cowcell::{CowCell, CowCellWriteTxn}; use std::collections::BTreeMap; -use std::convert::TryFrom; use uuid::Uuid; // use lru::LruCache; @@ -32,11 +31,13 @@ pub struct IdmServerWriteTransaction<'a> { qs: &'a QueryServer, } +/* pub struct IdmServerReadTransaction<'a> { // This contains read-only methods, like getting users, groups // and other structured content. qs: &'a QueryServer, } +*/ impl IdmServer { // TODO #59: Make number of authsessions configurable!!! @@ -54,9 +55,11 @@ impl IdmServer { } } + /* pub fn read(&self) -> IdmServerReadTransaction { IdmServerReadTransaction { qs: &self.qs } } + */ } impl<'a> IdmServerWriteTransaction<'a> { @@ -170,9 +173,11 @@ impl<'a> IdmServerWriteTransaction<'a> { } } +/* impl<'a> IdmServerReadTransaction<'a> { pub fn whoami() -> () {} } +*/ // Need tests of the sessions and the auth ... @@ -206,6 +211,9 @@ mod tests { assert!(m == AuthAllowed::Anonymous); } _ => { + error!( + "A critical error has occured! We have a non-continue result!" + ); panic!(); } }; @@ -214,6 +222,7 @@ mod tests { } Err(e) => { // Should not occur! + error!("A critical error has occured! {:?}", e); panic!(); } }; @@ -235,17 +244,24 @@ mod tests { match r2 { Ok(ar) => { - let AuthResult { sessionid, state } = ar; + let AuthResult { + sessionid: _, + state, + } = ar; match state { - AuthState::Success(uat) => { + AuthState::Success(_uat) => { // Check the uat. } _ => { + error!( + "A critical error has occured! We have a non-succcess result!" + ); panic!(); } } } Err(e) => { + error!("A critical error has occured! {:?}", e); // Should not occur! panic!(); } diff --git a/src/lib/lib.rs b/src/lib/lib.rs index ea1417ab0..3bf2d18c6 100644 --- a/src/lib/lib.rs +++ b/src/lib/lib.rs @@ -1,3 +1,5 @@ +#![deny(warnings)] + #[macro_use] extern crate log; extern crate serde; diff --git a/src/lib/macros.rs b/src/lib/macros.rs index 1ed20d0ed..a1719f806 100644 --- a/src/lib/macros.rs +++ b/src/lib/macros.rs @@ -12,7 +12,14 @@ macro_rules! run_test { let mut audit = AuditScope::new("run_test"); - let be = Backend::new(&mut audit, "", 1).expect("Failed to init be"); + let be = match Backend::new(&mut audit, "", 1) { + Ok(be) => be, + Err(e) => { + debug!("{}", audit); + error!("{:?}", e); + panic!() + } + }; let schema_outer = Schema::new(&mut audit).expect("Failed to init schema"); let test_server = QueryServer::new(be, schema_outer); diff --git a/src/lib/plugins/base.rs b/src/lib/plugins/base.rs index f3d22bce2..596d0c98f 100644 --- a/src/lib/plugins/base.rs +++ b/src/lib/plugins/base.rs @@ -1,6 +1,5 @@ use crate::plugins::Plugin; use std::collections::BTreeSet; -use std::ops::Bound::Included; use uuid::Uuid; use crate::audit::AuditScope; diff --git a/src/lib/plugins/protected.rs b/src/lib/plugins/protected.rs index 454c7c9bc..586fd3178 100644 --- a/src/lib/plugins/protected.rs +++ b/src/lib/plugins/protected.rs @@ -7,7 +7,7 @@ use crate::entry::{Entry, EntryCommitted, EntryInvalid, EntryNew, EntryValid}; use crate::error::OperationError; use crate::event::{CreateEvent, DeleteEvent, ModifyEvent}; use crate::modify::Modify; -use crate::server::{QueryServerTransaction, QueryServerWriteTransaction}; +use crate::server::QueryServerWriteTransaction; use std::collections::HashSet; pub struct Protected {} diff --git a/src/lib/schema.rs b/src/lib/schema.rs index bcb39893f..480bfb953 100644 --- a/src/lib/schema.rs +++ b/src/lib/schema.rs @@ -3,7 +3,6 @@ use crate::constants::*; use crate::entry::{Entry, EntryCommitted, EntryNew, EntryValid}; use crate::error::{ConsistencyError, OperationError, SchemaError}; use crate::proto::v1::Filter as ProtoFilter; -use crate::server::QueryServerWriteTransaction; use regex::Regex; use std::collections::HashMap; @@ -1086,7 +1085,7 @@ impl SchemaInner { r } - pub fn validate(&self, audit: &mut AuditScope) -> Vec> { + pub fn validate(&self, _audit: &mut AuditScope) -> Vec> { let mut res = Vec::new(); // Does this need to validate anything further at all? The UUID // will be checked as part of the schema migration on startup, so I think @@ -1936,7 +1935,7 @@ mod tests { // Check that entries can be normalised and validated sanely let mut audit = AuditScope::new("test_schema_entry_validate"); let schema_outer = Schema::new(&mut audit).expect("failed to create schema"); - let mut schema = schema_outer.write(); + let schema = schema_outer.write(); // Check syntax to upper // check index to upper @@ -1985,7 +1984,7 @@ mod tests { // Check that entries can be normalised sanely let mut audit = AuditScope::new("test_schema_entry_normalise"); let schema_outer = Schema::new(&mut audit).expect("failed to create schema"); - let mut schema = schema_outer.write(); + let schema = schema_outer.write(); // Check that an entry normalises, despite being inconsistent to // schema. diff --git a/src/lib/server.rs b/src/lib/server.rs index 33f54bad9..0a6c6035f 100644 --- a/src/lib/server.rs +++ b/src/lib/server.rs @@ -1561,8 +1561,8 @@ impl<'a> QueryServerWriteTransaction<'a> { be_txn, schema, accesscontrols, - changed_schema, - changed_acp, + changed_schema: _, + changed_acp: _, } = self; assert!(!committed); // Begin an audit. diff --git a/src/server/main.rs b/src/server/main.rs index 5730569f0..b30210d0f 100644 --- a/src/server/main.rs +++ b/src/server/main.rs @@ -1,3 +1,5 @@ +#![deny(warnings)] + extern crate actix; extern crate env_logger; @@ -7,7 +9,9 @@ extern crate structopt; extern crate log; use rsidm::config::Configuration; -use rsidm::core::{backup_server_core, create_server_core, restore_server_core}; +use rsidm::core::{ + backup_server_core, create_server_core, restore_server_core, verify_server_core, +}; use std::path::PathBuf; use structopt::StructOpt; @@ -44,6 +48,8 @@ enum Opt { Backup(BackupOpt), #[structopt(name = "restore")] Restore(RestoreOpt), + #[structopt(name = "verify")] + Verify(ServerOpt), } fn main() { @@ -97,5 +103,11 @@ fn main() { }; restore_server_core(config, p); } + Opt::Verify(vopt) => { + info!("Running in restore mode ..."); + + config.update_db_path(&vopt.db_path); + verify_server_core(config); + } } } diff --git a/tests/proto_v1_test.rs b/tests/proto_v1_test.rs index d88c14054..151bb4de0 100644 --- a/tests/proto_v1_test.rs +++ b/tests/proto_v1_test.rs @@ -1,3 +1,8 @@ +#![deny(warnings)] + +#[macro_use] +extern crate log; + extern crate actix; use actix::prelude::*; @@ -7,7 +12,7 @@ use rsidm::constants::UUID_ADMIN; use rsidm::core::create_server_core; use rsidm::proto::v1::{ AuthCredential, AuthRequest, AuthResponse, AuthState, AuthStep, CreateRequest, Entry, - OperationResponse, WhoamiRequest, + OperationResponse, }; extern crate reqwest; @@ -139,7 +144,7 @@ fn test_server_whoami_anonymous() { println!("==> AUTHRESPONSE ==> {:?}", r); assert!(match &r.state { - AuthState::Continue(all_list) => { + AuthState::Continue(_all_list) => { // Check anonymous is present? It will fail on next step if not ... true } @@ -156,6 +161,7 @@ fn test_server_whoami_anonymous() { .body(serde_json::to_string(&auth_anon).unwrap()) .send() .unwrap(); + debug!("{}", response.status()); assert!(response.status() == reqwest::StatusCode::OK); // Check that we got the next step let r: AuthResponse = serde_json::from_str(response.text().unwrap().as_str()).unwrap();