Trait kanidmd_lib::server::QueryServerTransaction

source · []
pub trait QueryServerTransaction<'a> {
    type BackendTransactionType: BackendTransaction;
    type SchemaTransactionType: SchemaTransaction;
    type AccessControlsTransactionType: AccessControlsTransaction<'a>;


Show 31 methods    fn get_be_txn(&self) -> &Self::BackendTransactionType;
    fn get_schema(&self) -> &Self::SchemaTransactionType;
    fn get_accesscontrols(&self) -> &Self::AccessControlsTransactionType;
    fn get_domain_uuid(&self) -> Uuid;
    fn get_domain_name(&self) -> &str;
    fn get_domain_display_name(&self) -> &str;
    fn get_resolve_filter_cache(
        &self
    ) -> &mut ARCacheReadTxn<'a, (IdentityId, Filter<FilterValid>), Filter<FilterValidResolved>, ()>;

    fn search_ext(
        &self,
        se: &SearchEvent
    ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
    fn search(
        &self,
        se: &SearchEvent
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn exists(&self, ee: &ExistsEvent) -> Result<bool, OperationError> { ... }
    fn name_to_uuid(&self, name: &str) -> Result<Uuid, OperationError> { ... }
    fn uuid_to_spn(&self, uuid: Uuid) -> Result<Option<Value>, OperationError> { ... }
    fn uuid_to_rdn(&self, uuid: Uuid) -> Result<String, OperationError> { ... }
    fn internal_exists(
        &self,
        filter: Filter<FilterInvalid>
    ) -> Result<bool, OperationError> { ... }
    fn internal_search(
        &self,
        filter: Filter<FilterInvalid>
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_valid(
        &self,
        f_valid: Filter<FilterValid>,
        f_intent_valid: Filter<FilterValid>,
        event: &Identity
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_ext_valid(
        &self,
        f_valid: Filter<FilterValid>,
        f_intent_valid: Filter<FilterValid>,
        event: &Identity
    ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
    fn impersonate_search(
        &self,
        filter: Filter<FilterInvalid>,
        filter_intent: Filter<FilterInvalid>,
        event: &Identity
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_ext(
        &self,
        filter: Filter<FilterInvalid>,
        filter_intent: Filter<FilterInvalid>,
        event: &Identity
    ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
    fn internal_search_uuid(
        &self,
        uuid: &Uuid
    ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
    fn impersonate_search_ext_uuid(
        &self,
        uuid: &Uuid,
        event: &Identity
    ) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError> { ... }
    fn impersonate_search_uuid(
        &self,
        uuid: &Uuid,
        event: &Identity
    ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
    fn clone_value(
        &self,
        attr: &str,
        value: &str
    ) -> Result<Value, OperationError> { ... }
    fn clone_partialvalue(
        &self,
        attr: &str,
        value: &str
    ) -> Result<PartialValue, OperationError> { ... }
    fn resolve_valueset(
        &self,
        value: &ValueSet
    ) -> Result<Vec<String>, OperationError> { ... }
    fn resolve_valueset_ldap(
        &self,
        value: &ValueSet,
        basedn: &str
    ) -> Result<Vec<Vec<u8>>, OperationError> { ... }
    fn get_db_domain_name(&self) -> Result<String, OperationError> { ... }
    fn get_domain_fernet_private_key(&self) -> Result<String, OperationError> { ... }
    fn get_domain_es256_private_key(&self) -> Result<Vec<u8>, OperationError> { ... }
    fn get_password_badlist(&self) -> Result<HashSet<String>, OperationError> { ... }
    fn get_oauth2rs_set(
        &self
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }

}
Expand description

The QueryServerTransaction trait provides a set of common read only operations to be shared between QueryServerReadTransaction and QueryServerWriteTransactions.

These operations tend to be high level constructions, generally different types of searches that are capable of taking different types of parameters and applying access controls or not, impersonating accounts, or bypassing these via internal searches.

Required Associated Types

Required Methods

Provided Methods

Conduct a search and apply access controls to yield a set of entries that have been reduced to the set of user visible avas. Note that if you provide a SearchEvent for the internal user, this query will fail. It is invalid for the access module to attempt to reduce avas for internal searches, and you should use fn search instead.

From internal, generate an “exists” event and dispatch

Applies ACP to filter result entries.

Get a single entry by its UUID. This is used heavily for internal server operations, especially in login and ACP checks.

Do a schema aware conversion from a String:String to String:Value for modification present.

Pull the domain name from the database

Implementors