mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
server: Migrate from lldap_readonly to lldap_strict_readonly
This commit is contained in:
parent
6701027002
commit
500a441df7
38
Cargo.lock
generated
38
Cargo.lock
generated
@ -1959,7 +1959,7 @@ checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "lldap"
|
name = "lldap"
|
||||||
version = "0.3.0-rc.1"
|
version = "0.3.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"actix",
|
"actix",
|
||||||
"actix-files",
|
"actix-files",
|
||||||
@ -2022,7 +2022,7 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "lldap_app"
|
name = "lldap_app"
|
||||||
version = "0.3.0-alpha.1"
|
version = "0.3.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"anyhow",
|
"anyhow",
|
||||||
"chrono",
|
"chrono",
|
||||||
@ -2035,7 +2035,7 @@ dependencies = [
|
|||||||
"serde",
|
"serde",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"validator",
|
"validator",
|
||||||
"validator_derive 0.15.0",
|
"validator_derive",
|
||||||
"wasm-bindgen",
|
"wasm-bindgen",
|
||||||
"web-sys",
|
"web-sys",
|
||||||
"yew",
|
"yew",
|
||||||
@ -3973,7 +3973,7 @@ dependencies = [
|
|||||||
"serde_derive",
|
"serde_derive",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"url",
|
"url",
|
||||||
"validator_types 0.14.0",
|
"validator_types",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -3989,23 +3989,7 @@ dependencies = [
|
|||||||
"quote",
|
"quote",
|
||||||
"regex",
|
"regex",
|
||||||
"syn",
|
"syn",
|
||||||
"validator_types 0.14.0",
|
"validator_types",
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "validator_derive"
|
|
||||||
version = "0.15.0"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "ea7ed5e8cf2b6bdd64a6c4ce851da25388a89327b17b88424ceced6bd5017923"
|
|
||||||
dependencies = [
|
|
||||||
"if_chain",
|
|
||||||
"lazy_static",
|
|
||||||
"proc-macro-error",
|
|
||||||
"proc-macro2",
|
|
||||||
"quote",
|
|
||||||
"regex",
|
|
||||||
"syn",
|
|
||||||
"validator_types 0.15.0",
|
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -4018,16 +4002,6 @@ dependencies = [
|
|||||||
"syn",
|
"syn",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "validator_types"
|
|
||||||
version = "0.15.0"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "d2ddf34293296847abfc1493b15c6e2f5d3cd19f57ad7d22673bf4c6278da329"
|
|
||||||
dependencies = [
|
|
||||||
"proc-macro2",
|
|
||||||
"syn",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "valuable"
|
name = "valuable"
|
||||||
version = "0.1.0"
|
version = "0.1.0"
|
||||||
@ -4346,7 +4320,7 @@ version = "0.1.8"
|
|||||||
source = "git+https://github.com/sassman/yew_form/?rev=67050812695b7a8a90b81b0637e347fc6629daed#67050812695b7a8a90b81b0637e347fc6629daed"
|
source = "git+https://github.com/sassman/yew_form/?rev=67050812695b7a8a90b81b0637e347fc6629daed#67050812695b7a8a90b81b0637e347fc6629daed"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"validator",
|
"validator",
|
||||||
"validator_derive 0.14.0",
|
"validator_derive",
|
||||||
"yew",
|
"yew",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
@ -463,24 +463,7 @@ impl BackendHandler for SqlBackendHandler {
|
|||||||
#[instrument(skip_all, level = "debug", ret, err)]
|
#[instrument(skip_all, level = "debug", ret, err)]
|
||||||
async fn create_group(&self, group_name: &str) -> Result<GroupId> {
|
async fn create_group(&self, group_name: &str) -> Result<GroupId> {
|
||||||
debug!(?group_name);
|
debug!(?group_name);
|
||||||
let now = chrono::Utc::now();
|
crate::domain::sql_tables::create_group(group_name, &self.sql_pool).await?;
|
||||||
let (query, values) = Query::insert()
|
|
||||||
.into_table(Groups::Table)
|
|
||||||
.columns(vec![
|
|
||||||
Groups::DisplayName,
|
|
||||||
Groups::CreationDate,
|
|
||||||
Groups::Uuid,
|
|
||||||
])
|
|
||||||
.values_panic(vec![
|
|
||||||
group_name.into(),
|
|
||||||
now.naive_utc().into(),
|
|
||||||
Uuid::from_name_and_date(group_name, &now).into(),
|
|
||||||
])
|
|
||||||
.build_sqlx(DbQueryBuilder {});
|
|
||||||
debug!(%query);
|
|
||||||
query_with(query.as_str(), values)
|
|
||||||
.execute(&self.sql_pool)
|
|
||||||
.await?;
|
|
||||||
let (query, values) = Query::select()
|
let (query, values) = Query::select()
|
||||||
.column(Groups::GroupId)
|
.column(Groups::GroupId)
|
||||||
.from(Groups::Table)
|
.from(Groups::Table)
|
||||||
|
@ -1,7 +1,8 @@
|
|||||||
use super::handler::{GroupId, UserId, Uuid};
|
use super::handler::{GroupId, UserId, Uuid};
|
||||||
use sea_query::*;
|
use sea_query::*;
|
||||||
|
use sea_query_binder::SqlxBinder;
|
||||||
use sqlx::Row;
|
use sqlx::Row;
|
||||||
use tracing::warn;
|
use tracing::{debug, warn};
|
||||||
|
|
||||||
pub type Pool = sqlx::sqlite::SqlitePool;
|
pub type Pool = sqlx::sqlite::SqlitePool;
|
||||||
pub type PoolOptions = sqlx::sqlite::SqlitePoolOptions;
|
pub type PoolOptions = sqlx::sqlite::SqlitePoolOptions;
|
||||||
@ -83,6 +84,28 @@ async fn column_exists(pool: &Pool, table_name: &str, column_name: &str) -> sqlx
|
|||||||
> 0)
|
> 0)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub async fn create_group(group_name: &str, pool: &Pool) -> sqlx::Result<()> {
|
||||||
|
let now = chrono::Utc::now();
|
||||||
|
let (query, values) = Query::insert()
|
||||||
|
.into_table(Groups::Table)
|
||||||
|
.columns(vec![
|
||||||
|
Groups::DisplayName,
|
||||||
|
Groups::CreationDate,
|
||||||
|
Groups::Uuid,
|
||||||
|
])
|
||||||
|
.values_panic(vec![
|
||||||
|
group_name.into(),
|
||||||
|
now.naive_utc().into(),
|
||||||
|
Uuid::from_name_and_date(group_name, &now).into(),
|
||||||
|
])
|
||||||
|
.build_sqlx(DbQueryBuilder {});
|
||||||
|
debug!(%query);
|
||||||
|
sqlx::query_with(query.as_str(), values)
|
||||||
|
.execute(pool)
|
||||||
|
.await
|
||||||
|
.map(|_| ())
|
||||||
|
}
|
||||||
|
|
||||||
pub async fn init_table(pool: &Pool) -> sqlx::Result<()> {
|
pub async fn init_table(pool: &Pool) -> sqlx::Result<()> {
|
||||||
// SQLite needs this pragma to be turned on. Other DB might not understand this, so ignore the
|
// SQLite needs this pragma to be turned on. Other DB might not understand this, so ignore the
|
||||||
// error.
|
// error.
|
||||||
@ -298,6 +321,29 @@ pub async fn init_table(pool: &Pool) -> sqlx::Result<()> {
|
|||||||
.execute(pool)
|
.execute(pool)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
|
if sqlx::query(
|
||||||
|
&Query::select()
|
||||||
|
.from(Groups::Table)
|
||||||
|
.column(Groups::DisplayName)
|
||||||
|
.cond_where(Expr::col(Groups::DisplayName).eq("lldap_readonly"))
|
||||||
|
.to_string(DbQueryBuilder {}),
|
||||||
|
)
|
||||||
|
.fetch_one(pool)
|
||||||
|
.await
|
||||||
|
.is_ok()
|
||||||
|
{
|
||||||
|
sqlx::query(
|
||||||
|
&Query::update()
|
||||||
|
.table(Groups::Table)
|
||||||
|
.values(vec![(Groups::DisplayName, "lldap_password_manager".into())])
|
||||||
|
.cond_where(Expr::col(Groups::DisplayName).eq("lldap_readonly"))
|
||||||
|
.to_string(DbQueryBuilder {}),
|
||||||
|
)
|
||||||
|
.execute(pool)
|
||||||
|
.await?;
|
||||||
|
create_group("lldap_strict_readonly", pool).await?
|
||||||
|
}
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -349,14 +395,21 @@ mod tests {
|
|||||||
.execute(&sql_pool)
|
.execute(&sql_pool)
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
sqlx::query(r#"CREATE TABLE groups ( group_id int, display_name TEXT );"#)
|
sqlx::query(r#"CREATE TABLE groups ( group_id INTEGER PRIMARY KEY, display_name TEXT );"#)
|
||||||
|
.execute(&sql_pool)
|
||||||
|
.await
|
||||||
|
.unwrap();
|
||||||
|
sqlx::query(
|
||||||
|
r#"INSERT INTO groups (display_name)
|
||||||
|
VALUES ("lldap_admin"), ("lldap_readonly")"#,
|
||||||
|
)
|
||||||
.execute(&sql_pool)
|
.execute(&sql_pool)
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
init_table(&sql_pool).await.unwrap();
|
init_table(&sql_pool).await.unwrap();
|
||||||
sqlx::query(
|
sqlx::query(
|
||||||
r#"INSERT INTO groups (group_id, display_name, creation_date, uuid)
|
r#"INSERT INTO groups (display_name, creation_date, uuid)
|
||||||
VALUES (3, "test", "1970-01-01 00:00:00", "abc")"#,
|
VALUES ("test", "1970-01-01 00:00:00", "abc")"#,
|
||||||
)
|
)
|
||||||
.execute(&sql_pool)
|
.execute(&sql_pool)
|
||||||
.await
|
.await
|
||||||
@ -371,5 +424,23 @@ mod tests {
|
|||||||
.collect::<Vec<_>>(),
|
.collect::<Vec<_>>(),
|
||||||
vec![crate::uuid!("a02eaf13-48a7-30f6-a3d4-040ff7c52b04")]
|
vec![crate::uuid!("a02eaf13-48a7-30f6-a3d4-040ff7c52b04")]
|
||||||
);
|
);
|
||||||
|
assert_eq!(
|
||||||
|
sqlx::query(r#"SELECT group_id, display_name FROM groups"#)
|
||||||
|
.fetch_all(&sql_pool)
|
||||||
|
.await
|
||||||
|
.unwrap()
|
||||||
|
.into_iter()
|
||||||
|
.map(|row| (
|
||||||
|
row.get::<GroupId, _>("group_id"),
|
||||||
|
row.get::<String, _>("display_name")
|
||||||
|
))
|
||||||
|
.collect::<Vec<_>>(),
|
||||||
|
vec![
|
||||||
|
(GroupId(1), "lldap_admin".to_string()),
|
||||||
|
(GroupId(2), "lldap_password_manager".to_string()),
|
||||||
|
(GroupId(3), "lldap_strict_readonly".to_string()),
|
||||||
|
(GroupId(4), "test".to_string())
|
||||||
|
]
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -68,14 +68,18 @@ async fn set_up_server(config: Configuration) -> Result<ServerBuilder> {
|
|||||||
}
|
}
|
||||||
if backend_handler
|
if backend_handler
|
||||||
.list_groups(Some(GroupRequestFilter::DisplayName(
|
.list_groups(Some(GroupRequestFilter::DisplayName(
|
||||||
"lldap_readonly".to_string(),
|
"lldap_password_manager".to_string(),
|
||||||
)))
|
)))
|
||||||
.await?
|
.await?
|
||||||
.is_empty()
|
.is_empty()
|
||||||
{
|
{
|
||||||
warn!("Could not find readonly group, trying to create it");
|
warn!("Could not find password_manager group, trying to create it");
|
||||||
backend_handler
|
backend_handler
|
||||||
.create_group("lldap_readonly")
|
.create_group("lldap_password_manager")
|
||||||
|
.await
|
||||||
|
.context("while creating password_manager group")?;
|
||||||
|
backend_handler
|
||||||
|
.create_group("lldap_strict_readonly")
|
||||||
.await
|
.await
|
||||||
.context("while creating readonly group")?;
|
.context("while creating readonly group")?;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user