mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-24 04:57:00 +01:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

Fix my delusion that ldap filters are parseable. They are not.

Browse source
This commit is contained in:
William Brown 2019-01-21 15:08:56 +13:00
parent bfbb07ec28
commit cda4868533
3 changed files with 105 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/lib/entry.rs
View file

@ -360,4 +360,5 @@ mod tests {
assert!(!e.attribute_equality("userid", "test")); assert!(!e.attribute_equality("userid", "test"));
assert!(!e.attribute_equality("nonexist", "william")); assert!(!e.attribute_equality("nonexist", "william"));
} }
} }

112
src/lib/filter.rs
View file

@ -4,6 +4,7 @@
use super::entry::Entry; use super::entry::Entry;
use std::cmp::{Ordering, PartialOrd}; use std::cmp::{Ordering, PartialOrd};
use regex::Regex;
// Perhaps make these json serialisable. Certainly would make parsing // Perhaps make these json serialisable. Certainly would make parsing
// simpler ... // simpler ...
@ -38,14 +39,6 @@ impl Filter {
self.clone() self.clone()
} }
// This is probably not safe, so it's for internal test cases
// only because I'm familiar with the syntax ... you have been warned.
fn from_ldap_string(_ldap_string: String) -> Result<Self, ()> {
unimplemented!()
// For now return an empty filters
// Ok(Filter::And(Vec::new()))
}
// What other parse types do we need? // What other parse types do we need?
// FIXME: This check should be in ENTRY not here, because it's up to others // FIXME: This check should be in ENTRY not here, because it's up to others
@ -62,7 +55,7 @@ impl Filter {
// Given attr, is is present in the entry? // Given attr, is is present in the entry?
e.attribute_pres(attr.as_str()) e.attribute_pres(attr.as_str())
} }
Filter::Or(_) => { Filter::Or(l) => {
unimplemented!(); unimplemented!();
} }
Filter::And(_) => { Filter::And(_) => {
@ -134,6 +127,7 @@ impl PartialOrd for Filter {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::Filter; use super::Filter;
use entry::Entry;
use serde_json; use serde_json;
use std::cmp::{Ordering, PartialOrd}; use std::cmp::{Ordering, PartialOrd};
@ -227,4 +221,104 @@ mod tests {
assert_eq!(f_t2a == f_t2b, true); assert_eq!(f_t2a == f_t2b, true);
assert_eq!(f_t2a == f_t2c, false); assert_eq!(f_t2a == f_t2c, false);
} }
#[test]
fn test_or_entry_filter() {
let e: Entry = serde_json::from_str(r#"{
"attrs": {
"userid": ["william"],
"uidNumber": ["1000"]
}
}"#).unwrap();
let f_t1a = Filter::Or(vec![
Filter::Eq(String::from("userid"), String::from("william")),
Filter::Eq(String::from("uidNumber"), String::from("1000")),
]);
assert!(f_t1a.entry_match_no_index(&e));
let f_t2a = Filter::Or(vec![
Filter::Eq(String::from("userid"), String::from("william")),
Filter::Eq(String::from("uidNumber"), String::from("1001")),
]);
assert!(f_t2a.entry_match_no_index(&e));
let f_t3a = Filter::Or(vec![
Filter::Eq(String::from("userid"), String::from("alice")),
Filter::Eq(String::from("uidNumber"), String::from("1000")),
]);
assert!(f_t3a.entry_match_no_index(&e));
let f_t4a = Filter::Or(vec![
Filter::Eq(String::from("userid"), String::from("alice")),
Filter::Eq(String::from("uidNumber"), String::from("1001")),
]);
assert!(f_t4a.entry_match_no_index(&e));
}
#[test]
fn test_and_entry_filter() {
let e: Entry = serde_json::from_str(r#"{
"attrs": {
"userid": ["william"],
"uidNumber": ["1000"]
}
}"#).unwrap();
let f_t1a = Filter::And(vec![
Filter::Eq(String::from("userid"), String::from("william")),
Filter::Eq(String::from("uidNumber"), String::from("1000")),
]);
assert!(f_t1a.entry_match_no_index(&e));
let f_t2a = Filter::And(vec![
Filter::Eq(String::from("userid"), String::from("william")),
Filter::Eq(String::from("uidNumber"), String::from("1001")),
]);
assert!(f_t2a.entry_match_no_index(&e));
let f_t3a = Filter::And(vec![
Filter::Eq(String::from("userid"), String::from("alice")),
Filter::Eq(String::from("uidNumber"), String::from("1000")),
]);
assert!(f_t3a.entry_match_no_index(&e));
let f_t4a = Filter::And(vec![
Filter::Eq(String::from("userid"), String::from("alice")),
Filter::Eq(String::from("uidNumber"), String::from("1001")),
]);
assert!(f_t4a.entry_match_no_index(&e));
}
#[test]
fn test_not_entry_filter() {
let e1: Entry = serde_json::from_str(r#"{
"attrs": {
"userid": ["william"],
"uidNumber": ["1000"]
}
}"#).unwrap();
assert!(false);
}
#[test]
fn test_nested_entry_filter() {
let e1: Entry = serde_json::from_str(r#"{
"attrs": {
"userid": ["william"],
"uidNumber": ["1000"]
}
}"#).unwrap();
let f_t1a = Filter::And(vec![
Filter::Eq(String::from("class"), String::from("person")),
Filter::And(vec![
Filter::Eq(String::from("uidNumber"), String::from("1001")),
Filter::Eq(String::from("uidNumber"), String::from("1000")),
]),
]);
println!("{:?}", f_t1a);
assert!(false);
}
} }

2
src/lib/server.rs
View file

@ -9,6 +9,7 @@ use be::{
Backend, BackendError, BackendReadTransaction, BackendTransaction, BackendWriteTransaction, Backend, BackendError, BackendReadTransaction, BackendTransaction, BackendWriteTransaction,
}; };
use constants::{JSON_ANONYMOUS_V1, JSON_SYSTEM_INFO_V1};
use entry::Entry; use entry::Entry;
use error::OperationError; use error::OperationError;
use event::{CreateEvent, ExistsEvent, OpResult, SearchEvent, SearchResult}; use event::{CreateEvent, ExistsEvent, OpResult, SearchEvent, SearchResult};
@ -16,7 +17,6 @@ use filter::Filter;
use log::EventLog; use log::EventLog;
use plugins::Plugins; use plugins::Plugins;
use schema::{Schema, SchemaTransaction, SchemaWriteTransaction}; use schema::{Schema, SchemaTransaction, SchemaWriteTransaction};
use constants::{JSON_ANONYMOUS_V1, JSON_SYSTEM_INFO_V1};
pub fn start(log: actix::Addr<EventLog>, path: &str, threads: usize) -> actix::Addr<QueryServer> { pub fn start(log: actix::Addr<EventLog>, path: &str, threads: usize) -> actix::Addr<QueryServer> {
let mut audit = AuditScope::new("server_start"); let mut audit = AuditScope::new("server_start");