Struct kanidmd_lib::server::QueryServerWriteTransaction

source · []
pub struct QueryServerWriteTransaction<'a> { /* private fields */ }

Implementations

This function behaves different to modify. Modify applies the same modification operation en-mass to 1 -> N entries. This takes a set of modifications that define a precise entry to apply a change to and only modifies that.

modify is for all entries matching this condition, do this change.

batch_modify is for entry X apply mod A, for entry Y apply mod B etc. It allows you to do per-entry mods.

The drawback is you need to know ahead of time what uuids you are affecting. This has parallels to scim, so it’s not a significant issue.

Otherwise, we follow the same pattern here as modify, and inside the transform the same modlists are used.

Migrate 2 to 3 changes the name, domain_name types from iutf8 to iname.

Migrate 3 to 4 - this triggers a regen of the domains security token as we previously did not have it in the entry.

Migrate 4 to 5 - this triggers a regen of all oauth2 RS es256 der keys as we previously did not generate them on entry creation.

Migrate 5 to 6 - This updates the domain info item to reset the token keys based on the new encryption types.

Migrate 6 to 7

Modify accounts that are not persons, to be service accounts so that the extension rules remain valid.

Migrate 7 to 8

Touch all service accounts to trigger a regen of their es256 jws keys for api tokens

Migrate 8 to 9

This migration updates properties of oauth2 relying server properties. First, it changes the former basic value to a secret utf8string.

The second change improves the current scope system to remove the implicit scope type.

Initiate a domain display name change process. This isn’t particularly scary because it’s just a wibbly human-facing thing, not used for secure activities (yet)

Initiate a domain rename process. This is generally an internal function but it’s exposed to the cli for admins to be able to initiate the process.

Trait Implementations

Gets the in-memory domain_name element

Conduct a search and apply access controls to yield a set of entries that have been reduced to the set of user visible avas. Note that if you provide a SearchEvent for the internal user, this query will fail. It is invalid for the access module to attempt to reduce avas for internal searches, and you should use fn search instead. Read more
From internal, generate an “exists” event and dispatch
Applies ACP to filter result entries.
Get a single entry by its UUID. This is used heavily for internal server operations, especially in login and ACP checks. Read more
Do a schema aware conversion from a String:String to String:Value for modification present. Read more
Pull the domain name from the database

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

The alignment of pointer.
The type for initializers.
Initializes a with the given initializer. Read more
Dereferences the given pointer. Read more
Mutably dereferences the given pointer. Read more
Drops the object pointed to by the given pointer. Read more
Should always be Self
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more