1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145

use crate::data::TestData;
use crate::ds::DirectoryServer;
use crate::kani::{KaniHttpServer, KaniLdapServer};
use crate::profile::Profile;
use crate::TargetOpt;
use crate::TargetServer;
use std::fs::File;
use std::io::BufReader;
use std::io::Read;
use std::path::{Path, PathBuf};
use uuid::Uuid;

pub(crate) fn config(
    target: &TargetOpt,
    profile_path: &Path,
) -> Result<(TestData, Profile, TargetServer), ()> {
    // read the profile that we are going to be using/testing
    let mut f = File::open(profile_path).map_err(|e| {
        error!("Unable to open profile file [{:?}] 🥺", e);
    })?;

    let mut contents = String::new();
    f.read_to_string(&mut contents)
        .map_err(|e| error!("unable to read profile contents {:?}", e))?;

    let profile: Profile = toml::from_str(contents.as_str())
        .map_err(|e| eprintln!("unable to parse config {:?}", e))?;

    debug!("Profile -> {:?}", profile);

    // Where is our datafile?

    let data_path = if Path::new(&profile.data).is_absolute() {
        PathBuf::from(&profile.data)
    } else if let Some(p) = profile_path.parent() {
        p.join(&profile.data)
    } else {
        error!(
            "Unable to find parent directory of {}",
            profile_path.to_str().unwrap()
        );
        return Err(());
    };

    debug!("Data Path -> {}", data_path.to_str().unwrap());

    // Does our target section exist?
    let server: TargetServer = match target {
        TargetOpt::Ds => {
            if let Some(dsconfig) = profile.ds_config.as_ref() {
                DirectoryServer::new(dsconfig)?
            } else {
                error!("To use ds, you must have the ds_config section in your profile");
                return Err(());
            }
        }
        TargetOpt::KanidmLdap => {
            if let Some(klconfig) = profile.kani_ldap_config.as_ref() {
                KaniLdapServer::new(klconfig)?
            } else {
                error!("To use kanidm_ldap, you must have the kani_ldap_config section in your profile");
                return Err(());
            }
        }
        TargetOpt::Kanidm => {
            if let Some(khconfig) = profile.kani_http_config.as_ref() {
                KaniHttpServer::new(khconfig)?
            } else {
                error!("To use kanidm, you must have the kani_http_config section in your profile");
                return Err(());
            }
        }
    };

    debug!("Target server info -> {}", server.info());

    // load the related data (if any) or generate it if that is what we have.
    let data_file = File::open(data_path).map_err(|e| {
        error!("Unable to open data file [{:?}] 🥺", e);
    })?;

    let data_reader = BufReader::new(data_file);

    let data: TestData = serde_json::from_reader(data_reader).map_err(|e| {
        error!(
            "Unable to process data file. You may need to preprocess it again: {:?}",
            e
        );
    })?;

    Ok((data, profile, server))
}

pub(crate) async fn doit(target: &TargetOpt, profile_path: &Path) -> Result<(), ()> {
    info!(
        "Performing setup of {:?} from {}",
        target,
        profile_path.to_str().unwrap(),
    );

    let (data, _profile, server) = config(target, profile_path)?;

    // ensure that things we will "add" won't be there.
    // delete anything that is modded, so that it will be reset.

    let mut remove: Vec<Uuid> = data
        .connections
        .iter()
        .flat_map(|conn| conn.ops.iter())
        .filter_map(|op| op.require_reset())
        .flatten()
        /*
        // Do we need to recreate all groups? If they were modded, we already reset them ...
        .chain(
            Box::new(
            data.precreate.iter().filter(|e| e.is_group()).map(|e| e.get_uuid()) )
        )
        */
        .collect();

    remove.sort_unstable();
    remove.dedup();

    debug!("Will remove IDS -> {:?}", remove);

    server.open_admin_connection().await?;

    // Delete everything that needs to be removed.
    server.setup_admin_delete_uuids(remove.as_slice()).await?;

    // ensure that all items we need to precreate are!
    server
        .setup_admin_precreate_entities(&data.precreate, &data.all_entities)
        .await?;

    // Setup access controls - if something modifies something that IS NOT
    // itself, we grant them extra privs.
    server
        .setup_access_controls(&data.access, &data.all_entities)
        .await?;

    // Done!

    Ok(())
}