Trait kanidmd_lib::server::QueryServerTransaction

pub trait QueryServerTransaction<'a> {
    type BackendTransactionType: BackendTransaction;
    type SchemaTransactionType: SchemaTransaction;
    type AccessControlsTransactionType: AccessControlsTransaction<'a>;

    // Required methods
    fn get_be_txn(&mut self) -> &mut Self::BackendTransactionType;
    fn get_schema<'b>(&self) -> &'b Self::SchemaTransactionType;
    fn get_accesscontrols(&self) -> &Self::AccessControlsTransactionType;
    fn get_domain_uuid(&self) -> Uuid;
    fn get_domain_name(&self) -> &str;
    fn get_domain_display_name(&self) -> &str;
    fn get_resolve_filter_cache(&mut self) -> &mut ResolveFilterCacheReadTxn<'a>;
    fn get_resolve_filter_cache_and_be_txn(
        &mut self
    ) -> (&mut Self::BackendTransactionType, &mut ResolveFilterCacheReadTxn<'a>);

    // Provided methods
    fn search_ext(
        &mut self,
        se: &SearchEvent
    ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
    fn search(
        &mut self,
        se: &SearchEvent
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn exists(&mut self, ee: &ExistsEvent) -> Result<bool, OperationError> { ... }
    fn name_to_uuid(&mut self, name: &str) -> Result<Uuid, OperationError> { ... }
    fn sync_external_id_to_uuid(
        &mut self,
        external_id: &str
    ) -> Result<Option<Uuid>, OperationError> { ... }
    fn uuid_to_spn(
        &mut self,
        uuid: Uuid
    ) -> Result<Option<Value>, OperationError> { ... }
    fn uuid_to_rdn(&mut self, uuid: Uuid) -> Result<String, OperationError> { ... }
    fn internal_exists(
        &mut self,
        filter: Filter<FilterInvalid>
    ) -> Result<bool, OperationError> { ... }
    fn internal_search(
        &mut self,
        filter: Filter<FilterInvalid>
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_valid(
        &mut self,
        f_valid: Filter<FilterValid>,
        f_intent_valid: Filter<FilterValid>,
        event: &Identity
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_ext_valid(
        &mut self,
        f_valid: Filter<FilterValid>,
        f_intent_valid: Filter<FilterValid>,
        event: &Identity
    ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
    fn impersonate_search(
        &mut self,
        filter: Filter<FilterInvalid>,
        filter_intent: Filter<FilterInvalid>,
        event: &Identity
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_ext(
        &mut self,
        filter: Filter<FilterInvalid>,
        filter_intent: Filter<FilterInvalid>,
        event: &Identity
    ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
    fn internal_search_uuid(
        &mut self,
        uuid: Uuid
    ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
    fn impersonate_search_ext_uuid(
        &mut self,
        uuid: Uuid,
        event: &Identity
    ) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError> { ... }
    fn impersonate_search_uuid(
        &mut self,
        uuid: Uuid,
        event: &Identity
    ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
    fn clone_value(
        &mut self,
        attr: &str,
        value: &str
    ) -> Result<Value, OperationError> { ... }
    fn clone_partialvalue(
        &mut self,
        attr: &str,
        value: &str
    ) -> Result<PartialValue, OperationError> { ... }
    fn resolve_valueset(
        &mut self,
        value: &ValueSet
    ) -> Result<Vec<String>, OperationError> { ... }
    fn resolve_valueset_ldap(
        &mut self,
        value: &ValueSet,
        basedn: &str
    ) -> Result<Vec<Vec<u8>>, OperationError> { ... }
    fn get_db_domain_name(&mut self) -> Result<String, OperationError> { ... }
    fn get_domain_fernet_private_key(
        &mut self
    ) -> Result<String, OperationError> { ... }
    fn get_domain_es256_private_key(
        &mut self
    ) -> Result<Vec<u8>, OperationError> { ... }
    fn get_domain_cookie_key(&mut self) -> Result<[u8; 32], OperationError> { ... }
    fn get_password_badlist(
        &mut self
    ) -> Result<HashSet<String>, OperationError> { ... }
    fn get_oauth2rs_set(
        &mut self
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
}

The QueryServerTransaction trait provides a set of common read only operations to be shared between QueryServerReadTransaction and QueryServerWriteTransactions.

These operations tend to be high level constructions, generally different types of searches that are capable of taking different types of parameters and applying access controls or not, impersonating accounts, or bypassing these via internal searches.

Required Associated Types

type BackendTransactionType: BackendTransaction

type SchemaTransactionType: SchemaTransaction

type AccessControlsTransactionType: AccessControlsTransaction<'a>

Required Methods

fn get_be_txn(&mut self) -> &mut Self::BackendTransactionType

fn get_schema<'b>(&self) -> &'b Self::SchemaTransactionType

fn get_accesscontrols(&self) -> &Self::AccessControlsTransactionType

fn get_domain_uuid(&self) -> Uuid

fn get_domain_name(&self) -> &str

fn get_domain_display_name(&self) -> &str

fn get_resolve_filter_cache(&mut self) -> &mut ResolveFilterCacheReadTxn<'a>

fn get_resolve_filter_cache_and_be_txn( &mut self ) -> (&mut Self::BackendTransactionType, &mut ResolveFilterCacheReadTxn<'a>)

Provided Methods

fn search_ext( &mut self, se: &SearchEvent ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>

Conduct a search and apply access controls to yield a set of entries that have been reduced to the set of user visible avas. Note that if you provide a SearchEvent for the internal user, this query will fail. It is invalid for the access module to attempt to reduce avas for internal searches, and you should use fn search instead.

fn search( &mut self, se: &SearchEvent ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

fn exists(&mut self, ee: &ExistsEvent) -> Result<bool, OperationError>

fn name_to_uuid(&mut self, name: &str) -> Result<Uuid, OperationError>

fn sync_external_id_to_uuid( &mut self, external_id: &str ) -> Result<Option<Uuid>, OperationError>

fn uuid_to_spn(&mut self, uuid: Uuid) -> Result<Option<Value>, OperationError>

fn uuid_to_rdn(&mut self, uuid: Uuid) -> Result<String, OperationError>

fn internal_exists( &mut self, filter: Filter<FilterInvalid> ) -> Result<bool, OperationError>

From internal, generate an “exists” event and dispatch

fn internal_search( &mut self, filter: Filter<FilterInvalid> ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

fn impersonate_search_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

fn impersonate_search_ext_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>

Applies ACP to filter result entries.

fn impersonate_search( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

fn impersonate_search_ext( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>

fn internal_search_uuid( &mut self, uuid: Uuid ) -> Result<Arc<EntrySealedCommitted>, OperationError>

Get a single entry by its UUID. This is used heavily for internal server operations, especially in login and ACP checks.

fn impersonate_search_ext_uuid( &mut self, uuid: Uuid, event: &Identity ) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError>

fn impersonate_search_uuid( &mut self, uuid: Uuid, event: &Identity ) -> Result<Arc<EntrySealedCommitted>, OperationError>

fn clone_value( &mut self, attr: &str, value: &str ) -> Result<Value, OperationError>

Do a schema aware conversion from a String:String to String:Value for modification present.

fn clone_partialvalue( &mut self, attr: &str, value: &str ) -> Result<PartialValue, OperationError>

fn resolve_valueset( &mut self, value: &ValueSet ) -> Result<Vec<String>, OperationError>

fn resolve_valueset_ldap( &mut self, value: &ValueSet, basedn: &str ) -> Result<Vec<Vec<u8>>, OperationError>

fn get_db_domain_name(&mut self) -> Result<String, OperationError>

Pull the domain name from the database

fn get_domain_fernet_private_key(&mut self) -> Result<String, OperationError>

fn get_domain_es256_private_key(&mut self) -> Result<Vec<u8>, OperationError>

fn get_domain_cookie_key(&mut self) -> Result<[u8; 32], OperationError>

fn get_password_badlist(&mut self) -> Result<HashSet<String>, OperationError>

fn get_oauth2rs_set( &mut self ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

Implementors

impl<'a> QueryServerTransaction<'a> for QueryServerReadTransaction<'a>

type AccessControlsTransactionType = AccessControlsReadTransaction<'a>

type BackendTransactionType = BackendReadTransaction<'a>

type SchemaTransactionType = SchemaReadTransaction

impl<'a> QueryServerTransaction<'a> for QueryServerWriteTransaction<'a>

type AccessControlsTransactionType = AccessControlsWriteTransaction<'a>

type BackendTransactionType = BackendWriteTransaction<'a>

type SchemaTransactionType = SchemaWriteTransaction<'a>