mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #75 from Firstyear/20190729-warnings-to-error

Browse source 
20190729 warnings to error
This commit is contained in:
Firstyear 2019-07-30 12:41:17 +09:00 committed by GitHub
parent 635270eabe 8a32ecffcb
commit a07e8b2fe3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
19 changed files with 137 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
src/lib/be/mod.rs
View file

@ -8,7 +8,6 @@ use serde_cbor;
use serde_json;
use std::convert::TryFrom;
use std::fs;
// use uuid;
use crate::audit::AuditScope;
use crate::be::dbentry::DbEntry;
@ -616,7 +615,21 @@ impl BackendWriteTransaction {
pub fn setup(&self, audit: &mut AuditScope) -> Result<(), OperationError> {
{
// Enable WAL mode, which is just faster and better.
self.conn.execute("PRAGMA journal_mode=WAL;", NO_PARAMS);
//
// We have to use stmt + prepare because execute can't handle
// the "wal" row on result when this works!
let mut wal_stmt = try_audit!(
audit,
self.conn.prepare("PRAGMA journal_mode=WAL;"),
"sqlite error {:?}",
OperationError::SQLiteError
);
try_audit!(
audit,
wal_stmt.query(NO_PARAMS),
"sqlite error {:?}",
OperationError::SQLiteError
);
// This stores versions of components. For example:
// ----------------------

2
src/lib/config.rs
View file

@ -17,7 +17,7 @@ impl Configuration {
pub fn new() -> Self {
let mut c = Configuration {
address: String::from("127.0.0.1:8080"),
domain: String::from("127.0.0.1"),
domain: String::from("localhost"),
threads: 8,
db_path: String::from(""),
maximum_request: 262144, // 256k

41
src/lib/core.rs
View file

@ -23,6 +23,8 @@ use crate::proto::v1::{
AuthRequest, AuthState, CreateRequest, DeleteRequest, ModifyRequest, SearchRequest,
UserAuthToken,
};
use crate::schema::Schema;
use crate::server::QueryServer;
use uuid::Uuid;
@ -312,6 +314,43 @@ pub fn restore_server_core(config: Configuration, dst_path: &str) {
};
}
pub fn verify_server_core(config: Configuration) {
let mut audit = AuditScope::new("server_verify");
// Setup the be
let be = match setup_backend(&config) {
Ok(be) => be,
Err(e) => {
error!("Failed to setup BE: {:?}", e);
return;
}
};
// setup the qs - without initialise!
let schema_mem = match Schema::new(&mut audit) {
Ok(sc) => sc,
Err(e) => {
error!("Failed to setup in memory schema: {:?}", e);
return;
}
};
let server = QueryServer::new(be, schema_mem);
// Run verifications.
let r = server.verify(&mut audit);
debug!("{}", audit);
if r.len() == 0 {
std::process::exit(0);
} else {
for er in r {
error!("{:?}", er);
}
std::process::exit(1);
}
// Now add IDM server verifications?
}
pub fn create_server_core(config: Configuration) {
// Until this point, we probably want to write to the log macro fns.
@ -350,7 +389,7 @@ pub fn create_server_core(config: Configuration) {
// Copy the max size
let max_size = config.maximum_request;
let secure_cookies = config.secure_cookies;
let domain = config.domain.clone();
// let domain = config.domain.clone();
let cookie_key: [u8; 32] = config.cookie_key.clone();
// start the web server

24
src/lib/entry.rs
View file

@ -315,14 +315,12 @@ impl<STATE> Entry<EntryNormalised, STATE> {
// Now, for each type we do a *full* check of the syntax
// and validity of the ava.
let r = a_schema.validate_ava(avas);
if r.is_err() {
debug!("Failed to validate: {}", attr_name);
return Err(r.unwrap_err());
}
// We have to destructure here to make type checker happy
match r {
Ok(_) => {}
Err(e) => {}
Err(e) => {
debug!("Failed to validate: {}", attr_name);
return Err(e);
}
}
}
None => {
@ -369,14 +367,12 @@ impl<STATE> Entry<EntryNormalised, STATE> {
// Now, for each type we do a *full* check of the syntax
// and validity of the ava.
let r = a_schema.validate_ava(avas);
if r.is_err() {
debug!("Failed to validate: {}", attr_name);
return Err(r.unwrap_err());
}
// We have to destructure here to make type checker happy
match r {
Ok(_) => {}
Err(e) => {}
Err(e) => {
debug!("Failed to validate: {}", attr_name);
return Err(e);
}
}
}
None => {
@ -406,6 +402,8 @@ impl<STATE> Entry<EntryNormalised, STATE> {
}
impl<STATE> Entry<EntryInvalid, STATE> {
// This is only used in tests today, but I don't want to cfg test it.
#[allow(dead_code)]
fn get_uuid(&self) -> Option<&String> {
match self.attrs.get("uuid") {
Some(vs) => vs.first(),
@ -677,7 +675,7 @@ impl Entry<EntryValid, EntryCommitted> {
// Remove all attrs from our tree that are NOT in the allowed set.
let Entry {
valid: s_valid,
valid: _s_valid,
state: s_state,
attrs: s_attrs,
} = self;

14
src/lib/event.rs
View file

@ -4,8 +4,7 @@ use crate::filter::{Filter, FilterValid};
use crate::proto::v1::Entry as ProtoEntry;
use crate::proto::v1::{
AuthCredential, AuthResponse, AuthState, AuthStep, CreateRequest, DeleteRequest, ModifyRequest,
OperationResponse, ReviveRecycledRequest, SearchRequest, SearchResponse, UserAuthToken,
WhoamiResponse,
ReviveRecycledRequest, SearchRequest, SearchResponse, UserAuthToken, WhoamiResponse,
};
// use error::OperationError;
use crate::error::OperationError;
@ -29,15 +28,6 @@ use crate::proto::v1::SearchRecycledRequest;
use actix::prelude::*;
use uuid::Uuid;
#[derive(Debug)]
pub struct OpResult {}
impl OpResult {
pub fn response(self) -> OperationResponse {
OperationResponse {}
}
}
#[derive(Debug)]
pub struct SearchResult {
entries: Vec<ProtoEntry>,
@ -258,6 +248,7 @@ impl SearchEvent {
}
#[cfg(test)]
#[allow(dead_code)]
pub fn from_rec_request(
audit: &mut AuditScope,
request: SearchRecycledRequest,
@ -398,6 +389,7 @@ impl ExistsEvent {
}
#[cfg(test)]
#[allow(dead_code)]
pub unsafe fn new_internal_invalid(filter: Filter<FilterInvalid>) -> Self {
ExistsEvent {
event: Event::from_internal(),

7
src/lib/filter.rs
View file

@ -15,30 +15,37 @@ use std::collections::BTreeSet;
// Default filter is safe, ignores all hidden types!
#[allow(dead_code)]
pub fn f_eq<'a>(a: &'a str, v: &'a str) -> FC<'a> {
FC::Eq(a, v)
}
#[allow(dead_code)]
pub fn f_sub<'a>(a: &'a str, v: &'a str) -> FC<'a> {
FC::Sub(a, v)
}
#[allow(dead_code)]
pub fn f_pres<'a>(a: &'a str) -> FC<'a> {
FC::Pres(a)
}
#[allow(dead_code)]
pub fn f_or<'a>(vs: Vec<FC<'a>>) -> FC<'a> {
FC::Or(vs)
}
#[allow(dead_code)]
pub fn f_and<'a>(vs: Vec<FC<'a>>) -> FC<'a> {
FC::And(vs)
}
#[allow(dead_code)]
pub fn f_andnot<'a>(fc: FC<'a>) -> FC<'a> {
FC::AndNot(Box::new(fc))
}
#[allow(dead_code)]
pub fn f_self<'a>() -> FC<'a> {
FC::SelfUUID
}

5
src/lib/idm/account.rs
View file

@ -6,8 +6,6 @@ use crate::proto::v1::UserAuthToken;
use crate::idm::claim::Claim;
use crate::idm::group::Group;
use std::convert::TryFrom;
#[derive(Debug, Clone)]
pub(crate) struct Account {
// Later these could be &str if we cache entry here too ...
@ -94,9 +92,6 @@ mod tests {
use crate::constants::JSON_ANONYMOUS_V1;
use crate::entry::{Entry, EntryNew, EntryValid};
use crate::idm::account::Account;
use crate::proto::v1::AuthAllowed;
use std::convert::TryFrom;
#[test]
fn test_idm_account_from_anonymous() {

2
src/lib/idm/authsession.rs
View file

@ -183,8 +183,6 @@ mod tests {
use crate::idm::authsession::AuthSession;
use crate::proto::v1::AuthAllowed;
use std::convert::TryFrom;
#[test]
fn test_idm_account_anonymous_auth_mech() {
let anon_account = entry_str_to_account!(JSON_ANONYMOUS_V1);

2
src/lib/idm/claim.rs
View file

@ -6,11 +6,13 @@ pub struct Claim {
}
impl Claim {
/*
pub fn new() -> Self {
Claim {
// Fill this in!
}
}
*/
pub fn into_proto(&self) -> ProtoClaim {
unimplemented!();

2
src/lib/idm/group.rs
View file

@ -7,9 +7,11 @@ pub struct Group {
}
impl Group {
/*
pub fn new() -> Self {
Group {}
}
*/
pub fn into_proto(&self) -> ProtoGroup {
unimplemented!();

22
src/lib/idm/server.rs
View file

@ -8,7 +8,6 @@ use crate::server::{QueryServer, QueryServerTransaction};
use concread::cowcell::{CowCell, CowCellWriteTxn};
use std::collections::BTreeMap;
use std::convert::TryFrom;
use uuid::Uuid;
// use lru::LruCache;
@ -32,11 +31,13 @@ pub struct IdmServerWriteTransaction<'a> {
qs: &'a QueryServer,
}
/*
pub struct IdmServerReadTransaction<'a> {
// This contains read-only methods, like getting users, groups
// and other structured content.
qs: &'a QueryServer,
}
*/
impl IdmServer {
// TODO #59: Make number of authsessions configurable!!!
@ -54,9 +55,11 @@ impl IdmServer {
}
}
/*
pub fn read(&self) -> IdmServerReadTransaction {
IdmServerReadTransaction { qs: &self.qs }
}
*/
}
impl<'a> IdmServerWriteTransaction<'a> {
@ -170,9 +173,11 @@ impl<'a> IdmServerWriteTransaction<'a> {
}
}
/*
impl<'a> IdmServerReadTransaction<'a> {
pub fn whoami() -> () {}
}
*/
// Need tests of the sessions and the auth ...
@ -206,6 +211,9 @@ mod tests {
assert!(m == AuthAllowed::Anonymous);
}
_ => {
error!(
"A critical error has occured! We have a non-continue result!"
);
panic!();
}
};
@ -214,6 +222,7 @@ mod tests {
}
Err(e) => {
// Should not occur!
error!("A critical error has occured! {:?}", e);
panic!();
}
};
@ -235,17 +244,24 @@ mod tests {
match r2 {
Ok(ar) => {
let AuthResult { sessionid, state } = ar;
let AuthResult {
sessionid: _,
state,
} = ar;
match state {
AuthState::Success(uat) => {
AuthState::Success(_uat) => {
// Check the uat.
}
_ => {
error!(
"A critical error has occured! We have a non-succcess result!"
);
panic!();
}
}
}
Err(e) => {
error!("A critical error has occured! {:?}", e);
// Should not occur!
panic!();
}

2
src/lib/lib.rs
View file

@ -1,3 +1,5 @@
#![deny(warnings)]
#[macro_use]
extern crate log;
extern crate serde;

9
src/lib/macros.rs
View file

@ -12,7 +12,14 @@ macro_rules! run_test {
let mut audit = AuditScope::new("run_test");
let be = Backend::new(&mut audit, "", 1).expect("Failed to init be");
let be = match Backend::new(&mut audit, "", 1) {
Ok(be) => be,
Err(e) => {
debug!("{}", audit);
error!("{:?}", e);
panic!()
}
};
let schema_outer = Schema::new(&mut audit).expect("Failed to init schema");
let test_server = QueryServer::new(be, schema_outer);

1
src/lib/plugins/base.rs
View file

@ -1,6 +1,5 @@
use crate::plugins::Plugin;
use std::collections::BTreeSet;
use std::ops::Bound::Included;
use uuid::Uuid;
use crate::audit::AuditScope;

2
src/lib/plugins/protected.rs
View file

@ -7,7 +7,7 @@ use crate::entry::{Entry, EntryCommitted, EntryInvalid, EntryNew, EntryValid};
use crate::error::OperationError;
use crate::event::{CreateEvent, DeleteEvent, ModifyEvent};
use crate::modify::Modify;
use crate::server::{QueryServerTransaction, QueryServerWriteTransaction};
use crate::server::QueryServerWriteTransaction;
use std::collections::HashSet;
pub struct Protected {}

7
src/lib/schema.rs
View file

@ -3,7 +3,6 @@ use crate::constants::*;
use crate::entry::{Entry, EntryCommitted, EntryNew, EntryValid};
use crate::error::{ConsistencyError, OperationError, SchemaError};
use crate::proto::v1::Filter as ProtoFilter;
use crate::server::QueryServerWriteTransaction;
use regex::Regex;
use std::collections::HashMap;
@ -1086,7 +1085,7 @@ impl SchemaInner {
r
}
pub fn validate(&self, audit: &mut AuditScope) -> Vec<Result<(), ConsistencyError>> {
pub fn validate(&self, _audit: &mut AuditScope) -> Vec<Result<(), ConsistencyError>> {
let mut res = Vec::new();
// Does this need to validate anything further at all? The UUID
// will be checked as part of the schema migration on startup, so I think
@ -1936,7 +1935,7 @@ mod tests {
// Check that entries can be normalised and validated sanely
let mut audit = AuditScope::new("test_schema_entry_validate");
let schema_outer = Schema::new(&mut audit).expect("failed to create schema");
let mut schema = schema_outer.write();
let schema = schema_outer.write();
// Check syntax to upper
// check index to upper
@ -1985,7 +1984,7 @@ mod tests {
// Check that entries can be normalised sanely
let mut audit = AuditScope::new("test_schema_entry_normalise");
let schema_outer = Schema::new(&mut audit).expect("failed to create schema");
let mut schema = schema_outer.write();
let schema = schema_outer.write();
// Check that an entry normalises, despite being inconsistent to
// schema.

4
src/lib/server.rs
View file

@ -1561,8 +1561,8 @@ impl<'a> QueryServerWriteTransaction<'a> {
be_txn,
schema,
accesscontrols,
changed_schema,
changed_acp,
changed_schema: _,
changed_acp: _,
} = self;
assert!(!committed);
// Begin an audit.

14
src/server/main.rs
View file

@ -1,3 +1,5 @@
#![deny(warnings)]
extern crate actix;
extern crate env_logger;
@ -7,7 +9,9 @@ extern crate structopt;
extern crate log;
use rsidm::config::Configuration;
use rsidm::core::{backup_server_core, create_server_core, restore_server_core};
use rsidm::core::{
backup_server_core, create_server_core, restore_server_core, verify_server_core,
};
use std::path::PathBuf;
use structopt::StructOpt;
@ -44,6 +48,8 @@ enum Opt {
Backup(BackupOpt),
#[structopt(name = "restore")]
Restore(RestoreOpt),
#[structopt(name = "verify")]
Verify(ServerOpt),
}
fn main() {
@ -97,5 +103,11 @@ fn main() {
};
restore_server_core(config, p);
}
Opt::Verify(vopt) => {
info!("Running in restore mode ...");
config.update_db_path(&vopt.db_path);
verify_server_core(config);
}
}
}

10
tests/proto_v1_test.rs
View file

@ -1,3 +1,8 @@
#![deny(warnings)]
#[macro_use]
extern crate log;
extern crate actix;
use actix::prelude::*;
@ -7,7 +12,7 @@ use rsidm::constants::UUID_ADMIN;
use rsidm::core::create_server_core;
use rsidm::proto::v1::{
AuthCredential, AuthRequest, AuthResponse, AuthState, AuthStep, CreateRequest, Entry,
OperationResponse, WhoamiRequest,
OperationResponse,
};
extern crate reqwest;
@ -139,7 +144,7 @@ fn test_server_whoami_anonymous() {
println!("==> AUTHRESPONSE ==> {:?}", r);
assert!(match &r.state {
AuthState::Continue(all_list) => {
AuthState::Continue(_all_list) => {
// Check anonymous is present? It will fail on next step if not ...
true
}
@ -156,6 +161,7 @@ fn test_server_whoami_anonymous() {
.body(serde_json::to_string(&auth_anon).unwrap())
.send()
.unwrap();
debug!("{}", response.status());
assert!(response.status() == reqwest::StatusCode::OK);
// Check that we got the next step
let r: AuthResponse = serde_json::from_str(response.text().unwrap().as_str()).unwrap();