Compare commits

...

2 commits

Author SHA1 Message Date
William Brown a20139d6e5 Cleanup 2025-02-22 13:22:20 +10:00
William Brown 97c6efed67 Clippy 2025-02-22 13:10:24 +10:00
5 changed files with 14 additions and 20 deletions
proto/src/scim_v1
server
core/src/https/views/admin
lib/src

View file

@ -4,7 +4,7 @@ use super::ScimSshPublicKey;
use crate::attribute::Attribute;
use crate::internal::UiHint;
use scim_proto::ScimEntryHeader;
use serde::{Deserialize, Serialize};
use serde::Serialize;
use serde_with::{base64, formats, hex::Hex, serde_as, skip_serializing_none};
use std::collections::{BTreeMap, BTreeSet};
use time::format_description::well_known::Rfc3339;
@ -28,7 +28,7 @@ pub struct ScimEntryKanidm {
pub attrs: BTreeMap<Attribute, ScimValueKanidm>,
}
#[derive(Serialize, Deserialize, Debug, Clone, ToSchema)]
#[derive(Serialize, Debug, Clone, ToSchema)]
pub enum ScimAttributeEffectiveAccess {
/// All attributes on the entry have this permission granted
Grant,
@ -49,7 +49,7 @@ impl ScimAttributeEffectiveAccess {
}
}
#[derive(Serialize, Deserialize, Debug, Clone, ToSchema)]
#[derive(Serialize, Debug, Clone, ToSchema)]
#[serde(rename_all = "camelCase")]
pub struct ScimEffectiveAccess {
/// The identity that inherits the effective permission
@ -209,7 +209,7 @@ pub struct ScimOAuth2ClaimMap {
pub values: BTreeSet<String>,
}
#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, ToSchema)]
#[derive(Serialize, Debug, Clone, PartialEq, Eq, ToSchema)]
#[serde(rename_all = "camelCase")]
pub struct ScimReference {
pub uuid: Uuid,
@ -258,7 +258,7 @@ pub enum ScimValueKanidm {
}
#[serde_as]
#[derive(Serialize, Deserialize, Debug, Clone, ToSchema)]
#[derive(Serialize, Debug, Clone, ToSchema)]
pub struct ScimPerson {
pub uuid: Uuid,
pub name: String,

View file

@ -102,7 +102,7 @@ pub(crate) async fn view_persons_get(
VerifiedClientInformation(client_auth_info): VerifiedClientInformation,
) -> axum::response::Result<Response> {
let persons = get_persons_info(state, &kopid, client_auth_info, domain_info.clone()).await?;
let persons_partial = PersonsPartialView { persons: persons };
let persons_partial = PersonsPartialView { persons };
let push_url = HxPushUrl(Uri::from_static("/ui/admin/persons"));
Ok(if is_htmx {

View file

@ -244,15 +244,13 @@ impl SearchEvent {
ident: &Identity,
filter: Filter<FilterValid>,
filter_orig: Filter<FilterValid>,
attrs: Option<BTreeSet<Attribute>>,
effective_access_check: bool,
) -> Self {
SearchEvent {
ident: Identity::from_impersonate(ident),
filter,
filter_orig,
attrs,
effective_access_check,
attrs: None,
effective_access_check: false,
}
}

View file

@ -32,7 +32,7 @@ impl IdmServerProxyReadTransaction<'_> {
// _ext reduces the entries based on access.
let oauth2_related = self
.qs_read
.impersonate_search_ext(f_executed, f_intent, ident, None, false)?;
.impersonate_search_ext(f_executed, f_intent, ident)?;
trace!(?oauth2_related);
// Aggregate results to a Vec of AppLink

View file

@ -493,7 +493,7 @@ pub trait QueryServerTransaction<'a> {
f_intent_valid: Filter<FilterValid>,
event: &Identity,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> {
let se = SearchEvent::new_impersonate(event, f_valid, f_intent_valid, None, false);
let se = SearchEvent::new_impersonate(event, f_valid, f_intent_valid);
self.search(&se)
}
@ -503,10 +503,8 @@ pub trait QueryServerTransaction<'a> {
f_valid: Filter<FilterValid>,
f_intent_valid: Filter<FilterValid>,
event: &Identity,
attrs: Option<BTreeSet<Attribute>>,
acp: bool,
) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> {
let se = SearchEvent::new_impersonate(event, f_valid, f_intent_valid, attrs, acp);
let se = SearchEvent::new_impersonate(event, f_valid, f_intent_valid);
self.search_ext(&se)
}
@ -532,8 +530,6 @@ pub trait QueryServerTransaction<'a> {
filter: Filter<FilterInvalid>,
filter_intent: Filter<FilterInvalid>,
event: &Identity,
attrs: Option<BTreeSet<Attribute>>,
acp: bool,
) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> {
let f_valid = filter
.validate(self.get_schema())
@ -541,7 +537,7 @@ pub trait QueryServerTransaction<'a> {
let f_intent_valid = filter_intent
.validate(self.get_schema())
.map_err(OperationError::SchemaViolation)?;
self.impersonate_search_ext_valid(f_valid, f_intent_valid, event, attrs, acp)
self.impersonate_search_ext_valid(f_valid, f_intent_valid, event)
}
/// Get a single entry by its UUID. This is used heavily for internal
@ -614,7 +610,7 @@ pub trait QueryServerTransaction<'a> {
let filter_intent = filter_all!(f_eq(Attribute::Uuid, PartialValue::Uuid(uuid)));
let filter = filter!(f_eq(Attribute::Uuid, PartialValue::Uuid(uuid)));
let mut vs = self.impersonate_search_ext(filter, filter_intent, event, None, false)?;
let mut vs = self.impersonate_search_ext(filter, filter_intent, event)?;
match vs.pop() {
Some(entry) if vs.is_empty() => Ok(entry),
_ => {
@ -993,7 +989,7 @@ pub trait QueryServerTransaction<'a> {
Ok(PartialValue::Refer(un))
}
_ => return Err(OperationError::InvalidAttribute(attr.to_string())),
_ => Err(OperationError::InvalidAttribute(attr.to_string())),
}
}