server: Migrate from lldap_readonly to lldap_strict_readonly

Cargo.lock

@@ -1959,7 +1959,7 @@ checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f"
 
 [[package]]
 name = "lldap"
-version = "0.3.0-rc.1"
+version = "0.3.0"
 dependencies = [
  "actix",
  "actix-files",
@@ -2022,7 +2022,7 @@ dependencies = [
 
 [[package]]
 name = "lldap_app"
-version = "0.3.0-alpha.1"
+version = "0.3.0"
 dependencies = [
  "anyhow",
  "chrono",
@@ -2035,7 +2035,7 @@ dependencies = [
  "serde",
  "serde_json",
  "validator",
- "validator_derive 0.15.0",
+ "validator_derive",
  "wasm-bindgen",
  "web-sys",
  "yew",
@@ -3973,7 +3973,7 @@ dependencies = [
  "serde_derive",
  "serde_json",
  "url",
- "validator_types 0.14.0",
+ "validator_types",
 ]
 
 [[package]]
@@ -3989,23 +3989,7 @@ dependencies = [
  "quote",
  "regex",
  "syn",
- "validator_types 0.14.0",
+ "validator_types",
-]
-
-[[package]]
-name = "validator_derive"
-version = "0.15.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ea7ed5e8cf2b6bdd64a6c4ce851da25388a89327b17b88424ceced6bd5017923"
-dependencies = [
- "if_chain",
- "lazy_static",
- "proc-macro-error",
- "proc-macro2",
- "quote",
- "regex",
- "syn",
- "validator_types 0.15.0",
 ]
 
 [[package]]
@@ -4018,16 +4002,6 @@ dependencies = [
  "syn",
 ]
 
-[[package]]
-name = "validator_types"
-version = "0.15.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d2ddf34293296847abfc1493b15c6e2f5d3cd19f57ad7d22673bf4c6278da329"
-dependencies = [
- "proc-macro2",
- "syn",
-]
-
 [[package]]
 name = "valuable"
 version = "0.1.0"
@@ -4346,7 +4320,7 @@ version = "0.1.8"
 source = "git+https://github.com/sassman/yew_form/?rev=67050812695b7a8a90b81b0637e347fc6629daed#67050812695b7a8a90b81b0637e347fc6629daed"
 dependencies = [
  "validator",
- "validator_derive 0.14.0",
+ "validator_derive",
  "yew",
 ]
 

server/src/domain/sql_backend_handler.rs

@@ -463,24 +463,7 @@ impl BackendHandler for SqlBackendHandler {
     #[instrument(skip_all, level = "debug", ret, err)]
     async fn create_group(&self, group_name: &str) -> Result<GroupId> {
         debug!(?group_name);
-        let now = chrono::Utc::now();
+        crate::domain::sql_tables::create_group(group_name, &self.sql_pool).await?;
-        let (query, values) = Query::insert()
-            .into_table(Groups::Table)
-            .columns(vec![
-                Groups::DisplayName,
-                Groups::CreationDate,
-                Groups::Uuid,
-            ])
-            .values_panic(vec![
-                group_name.into(),
-                now.naive_utc().into(),
-                Uuid::from_name_and_date(group_name, &now).into(),
-            ])
-            .build_sqlx(DbQueryBuilder {});
-        debug!(%query);
-        query_with(query.as_str(), values)
-            .execute(&self.sql_pool)
-            .await?;
         let (query, values) = Query::select()
             .column(Groups::GroupId)
             .from(Groups::Table)

server/src/domain/sql_tables.rs

@@ -1,7 +1,8 @@
 use super::handler::{GroupId, UserId, Uuid};
 use sea_query::*;
+use sea_query_binder::SqlxBinder;
 use sqlx::Row;
-use tracing::warn;
+use tracing::{debug, warn};
 
 pub type Pool = sqlx::sqlite::SqlitePool;
 pub type PoolOptions = sqlx::sqlite::SqlitePoolOptions;
@@ -83,6 +84,28 @@ async fn column_exists(pool: &Pool, table_name: &str, column_name: &str) -> sqlx
         > 0)
 }
 
+pub async fn create_group(group_name: &str, pool: &Pool) -> sqlx::Result<()> {
+    let now = chrono::Utc::now();
+    let (query, values) = Query::insert()
+        .into_table(Groups::Table)
+        .columns(vec![
+            Groups::DisplayName,
+            Groups::CreationDate,
+            Groups::Uuid,
+        ])
+        .values_panic(vec![
+            group_name.into(),
+            now.naive_utc().into(),
+            Uuid::from_name_and_date(group_name, &now).into(),
+        ])
+        .build_sqlx(DbQueryBuilder {});
+    debug!(%query);
+    sqlx::query_with(query.as_str(), values)
+        .execute(pool)
+        .await
+        .map(|_| ())
+}
+
 pub async fn init_table(pool: &Pool) -> sqlx::Result<()> {
     // SQLite needs this pragma to be turned on. Other DB might not understand this, so ignore the
     // error.
@@ -298,6 +321,29 @@ pub async fn init_table(pool: &Pool) -> sqlx::Result<()> {
     .execute(pool)
     .await?;
 
+    if sqlx::query(
+        &Query::select()
+            .from(Groups::Table)
+            .column(Groups::DisplayName)
+            .cond_where(Expr::col(Groups::DisplayName).eq("lldap_readonly"))
+            .to_string(DbQueryBuilder {}),
+    )
+    .fetch_one(pool)
+    .await
+    .is_ok()
+    {
+        sqlx::query(
+            &Query::update()
+                .table(Groups::Table)
+                .values(vec![(Groups::DisplayName, "lldap_password_manager".into())])
+                .cond_where(Expr::col(Groups::DisplayName).eq("lldap_readonly"))
+                .to_string(DbQueryBuilder {}),
+        )
+        .execute(pool)
+        .await?;
+        create_group("lldap_strict_readonly", pool).await?
+    }
+
     Ok(())
 }
 
@@ -349,14 +395,21 @@ mod tests {
         .execute(&sql_pool)
         .await
         .unwrap();
-        sqlx::query(r#"CREATE TABLE groups ( group_id int, display_name TEXT );"#)
+        sqlx::query(r#"CREATE TABLE groups ( group_id INTEGER PRIMARY KEY, display_name TEXT );"#)
+            .execute(&sql_pool)
+            .await
+            .unwrap();
+        sqlx::query(
+            r#"INSERT INTO groups (display_name)
+                      VALUES ("lldap_admin"), ("lldap_readonly")"#,
+        )
         .execute(&sql_pool)
         .await
         .unwrap();
         init_table(&sql_pool).await.unwrap();
         sqlx::query(
-            r#"INSERT INTO groups (group_id, display_name, creation_date, uuid)
+            r#"INSERT INTO groups (display_name, creation_date, uuid)
-                      VALUES (3, "test", "1970-01-01 00:00:00", "abc")"#,
+                      VALUES ("test", "1970-01-01 00:00:00", "abc")"#,
         )
         .execute(&sql_pool)
         .await
@@ -371,5 +424,23 @@ mod tests {
                 .collect::<Vec<_>>(),
             vec![crate::uuid!("a02eaf13-48a7-30f6-a3d4-040ff7c52b04")]
         );
+        assert_eq!(
+            sqlx::query(r#"SELECT group_id, display_name FROM groups"#)
+                .fetch_all(&sql_pool)
+                .await
+                .unwrap()
+                .into_iter()
+                .map(|row| (
+                    row.get::<GroupId, _>("group_id"),
+                    row.get::<String, _>("display_name")
+                ))
+                .collect::<Vec<_>>(),
+            vec![
+                (GroupId(1), "lldap_admin".to_string()),
+                (GroupId(2), "lldap_password_manager".to_string()),
+                (GroupId(3), "lldap_strict_readonly".to_string()),
+                (GroupId(4), "test".to_string())
+            ]
+        );
     }
 }

server/src/main.rs

@@ -68,14 +68,18 @@ async fn set_up_server(config: Configuration) -> Result<ServerBuilder> {
     }
     if backend_handler
         .list_groups(Some(GroupRequestFilter::DisplayName(
-            "lldap_readonly".to_string(),
+            "lldap_password_manager".to_string(),
         )))
         .await?
         .is_empty()
     {
-        warn!("Could not find readonly group, trying to create it");
+        warn!("Could not find password_manager group, trying to create it");
         backend_handler
-            .create_group("lldap_readonly")
+            .create_group("lldap_password_manager")
+            .await
+            .context("while creating password_manager group")?;
+        backend_handler
+            .create_group("lldap_strict_readonly")
             .await
             .context("while creating readonly group")?;
     }