mirror/lldap
1
0
Fork 0
mirror of https://github.com/nitnelave/lldap.git synced 2023-04-12 14:25:13 +00:00
Code Issues Projects Releases Wiki Activity

server: rename RequestFilter to UserRequestFilter

Browse Source
This commit is contained in:
Valentin Tolmer 2022-02-11 09:10:28 +01:00 committed by nitnelave
parent d20bd196bc
commit a1fe703bf0
5 changed files with 55 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
server/src/domain/handler.rs
View File

@ -43,10 +43,10 @@ pub struct BindRequest {
} }
#[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)] #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
pub enum RequestFilter { pub enum UserRequestFilter {
And(Vec<RequestFilter>), And(Vec<UserRequestFilter>),
Or(Vec<RequestFilter>), Or(Vec<UserRequestFilter>),
Not(Box<RequestFilter>), Not(Box<UserRequestFilter>),
Equality(String, String), Equality(String, String),
// Check if a user belongs to a group identified by name. // Check if a user belongs to a group identified by name.
MemberOf(String), MemberOf(String),
@ -93,7 +93,7 @@ pub struct GroupIdAndName(pub GroupId, pub String);
#[async_trait] #[async_trait]
pub trait BackendHandler: Clone + Send { pub trait BackendHandler: Clone + Send {
async fn list_users(&self, filters: Option<RequestFilter>) -> Result<Vec<User>>; async fn list_users(&self, filters: Option<UserRequestFilter>) -> Result<Vec<User>>;
async fn list_groups(&self) -> Result<Vec<Group>>; async fn list_groups(&self) -> Result<Vec<Group>>;
async fn get_user_details(&self, user_id: &str) -> Result<User>; async fn get_user_details(&self, user_id: &str) -> Result<User>;
async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>; async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>;
@ -116,7 +116,7 @@ mockall::mock! {
} }
#[async_trait] #[async_trait]
impl BackendHandler for TestBackendHandler { impl BackendHandler for TestBackendHandler {
async fn list_users(&self, filters: Option<RequestFilter>) -> Result<Vec<User>>; async fn list_users(&self, filters: Option<UserRequestFilter>) -> Result<Vec<User>>;
async fn list_groups(&self) -> Result<Vec<Group>>; async fn list_groups(&self) -> Result<Vec<Group>>;
async fn get_user_details(&self, user_id: &str) -> Result<User>; async fn get_user_details(&self, user_id: &str) -> Result<User>;
async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>; async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>;

28
server/src/domain/sql_backend_handler.rs
View File

@ -21,10 +21,10 @@ impl SqlBackendHandler {
struct RequiresGroup(bool); struct RequiresGroup(bool);
// Returns the condition for the SQL query, and whether it requires joining with the groups table. // Returns the condition for the SQL query, and whether it requires joining with the groups table.
fn get_filter_expr(filter: RequestFilter) -> (RequiresGroup, SimpleExpr) { fn get_filter_expr(filter: UserRequestFilter) -> (RequiresGroup, SimpleExpr) {
use RequestFilter::*; use UserRequestFilter::*;
fn get_repeated_filter( fn get_repeated_filter(
fs: Vec<RequestFilter>, fs: Vec<UserRequestFilter>,
field: &dyn Fn(SimpleExpr, SimpleExpr) -> SimpleExpr, field: &dyn Fn(SimpleExpr, SimpleExpr) -> SimpleExpr,
) -> (RequiresGroup, SimpleExpr) { ) -> (RequiresGroup, SimpleExpr) {
let mut requires_group = false; let mut requires_group = false;
@ -74,7 +74,7 @@ fn get_filter_expr(filter: RequestFilter) -> (RequiresGroup, SimpleExpr) {
#[async_trait] #[async_trait]
impl BackendHandler for SqlBackendHandler { impl BackendHandler for SqlBackendHandler {
async fn list_users(&self, filters: Option<RequestFilter>) -> Result<Vec<User>> { async fn list_users(&self, filters: Option<UserRequestFilter>) -> Result<Vec<User>> {
let query = { let query = {
let mut query_builder = Query::select() let mut query_builder = Query::select()
.column((Users::Table, Users::UserId)) .column((Users::Table, Users::UserId))
@ -88,11 +88,15 @@ impl BackendHandler for SqlBackendHandler {
.order_by((Users::Table, Users::UserId), Order::Asc) .order_by((Users::Table, Users::UserId), Order::Asc)
.to_owned(); .to_owned();
if let Some(filter) = filters { if let Some(filter) = filters {
if filter == RequestFilter::Not(Box::new(RequestFilter::And(Vec::new()))) { if filter
== UserRequestFilter::Not(Box::new(
UserRequestFilter::And(Vec::new()),
))
{
return Ok(Vec::new()); return Ok(Vec::new());
} }
if filter != RequestFilter::And(Vec::new()) if filter != UserRequestFilter::And(Vec::new())
&& filter != RequestFilter::Or(Vec::new()) && filter != UserRequestFilter::Or(Vec::new())
{ {
let (RequiresGroup(requires_group), condition) = get_filter_expr(filter); let (RequiresGroup(requires_group), condition) = get_filter_expr(filter);
query_builder.and_where(condition); query_builder.and_where(condition);
@ -516,7 +520,7 @@ mod tests {
} }
{ {
let users = handler let users = handler
.list_users(Some(RequestFilter::Equality( .list_users(Some(UserRequestFilter::Equality(
"user_id".to_string(), "user_id".to_string(),
"bob".to_string(), "bob".to_string(),
))) )))
@ -529,9 +533,9 @@ mod tests {
} }
{ {
let users = handler let users = handler
.list_users(Some(RequestFilter::Or(vec![ .list_users(Some(UserRequestFilter::Or(vec![
RequestFilter::Equality("user_id".to_string(), "bob".to_string()), UserRequestFilter::Equality("user_id".to_string(), "bob".to_string()),
RequestFilter::Equality("user_id".to_string(), "John".to_string()), UserRequestFilter::Equality("user_id".to_string(), "John".to_string()),
]))) ])))
.await .await
.unwrap() .unwrap()
@ -542,7 +546,7 @@ mod tests {
} }
{ {
let users = handler let users = handler
.list_users(Some(RequestFilter::Not(Box::new(RequestFilter::Equality( .list_users(Some(UserRequestFilter::Not(Box::new(UserRequestFilter::Equality(
"user_id".to_string(), "user_id".to_string(),
"bob".to_string(), "bob".to_string(),
))))) )))))

14
server/src/infra/graphql/query.rs
View File

@ -2,7 +2,7 @@ use crate::domain::handler::{BackendHandler, GroupId, GroupIdAndName};
use juniper::{graphql_object, FieldResult, GraphQLInputObject}; use juniper::{graphql_object, FieldResult, GraphQLInputObject};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
type DomainRequestFilter = crate::domain::handler::RequestFilter; type DomainRequestFilter = crate::domain::handler::UserRequestFilter;
type DomainUser = crate::domain::handler::User; type DomainUser = crate::domain::handler::User;
type DomainGroup = crate::domain::handler::Group; type DomainGroup = crate::domain::handler::Group;
use super::api::Context; use super::api::Context;
@ -269,7 +269,10 @@ impl<Handler: BackendHandler> From<DomainGroup> for Group<Handler> {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
use crate::{domain::handler::MockTestBackendHandler, infra::auth_service::ValidationResults}; use crate::{
domain::handler::{MockTestBackendHandler, UserRequestFilter},
infra::auth_service::ValidationResults,
};
use juniper::{ use juniper::{
execute, graphql_value, DefaultScalarValue, EmptyMutation, EmptySubscription, GraphQLType, execute, graphql_value, DefaultScalarValue, EmptyMutation, EmptySubscription, GraphQLType,
RootNode, Variables, RootNode, Variables,
@ -358,11 +361,10 @@ mod tests {
}"#; }"#;
let mut mock = MockTestBackendHandler::new(); let mut mock = MockTestBackendHandler::new();
use crate::domain::handler::RequestFilter;
mock.expect_list_users() mock.expect_list_users()
.with(eq(Some(RequestFilter::Or(vec![ .with(eq(Some(UserRequestFilter::Or(vec![
RequestFilter::Equality("id".to_string(), "bob".to_string()), UserRequestFilter::Equality("id".to_string(), "bob".to_string()),
RequestFilter::Equality("email".to_string(), "robert@bobbers.on".to_string()), UserRequestFilter::Equality("email".to_string(), "robert@bobbers.on".to_string()),
])))) ]))))
.return_once(|_| { .return_once(|_| {
Ok(vec![ Ok(vec![

48
server/src/infra/ldap_handler.rs
View File

@ -1,6 +1,6 @@
use crate::domain::{ use crate::domain::{
handler::{ handler::{
BackendHandler, BindRequest, Group, GroupIdAndName, LoginHandler, RequestFilter, User, BackendHandler, BindRequest, Group, GroupIdAndName, LoginHandler, UserRequestFilter, User,
}, },
opaque_handler::OpaqueHandler, opaque_handler::OpaqueHandler,
}; };
@ -494,7 +494,7 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
g: &GroupIdAndName, g: &GroupIdAndName,
) -> Result<Group> { ) -> Result<Group> {
let users = backend_handler let users = backend_handler
.list_users(Some(RequestFilter::MemberOfId(g.0))) .list_users(Some(UserRequestFilter::MemberOfId(g.0)))
.await?; .await?;
Ok(Group { Ok(Group {
id: g.0, id: g.0,
@ -605,21 +605,21 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
} }
} }
fn convert_user_filter(&self, filter: &LdapFilter) -> Result<RequestFilter> { fn convert_user_filter(&self, filter: &LdapFilter) -> Result<UserRequestFilter> {
match filter { match filter {
LdapFilter::And(filters) => Ok(RequestFilter::And( LdapFilter::And(filters) => Ok(UserRequestFilter::And(
filters filters
.iter() .iter()
.map(|f| self.convert_user_filter(f)) .map(|f| self.convert_user_filter(f))
.collect::<Result<_>>()?, .collect::<Result<_>>()?,
)), )),
LdapFilter::Or(filters) => Ok(RequestFilter::Or( LdapFilter::Or(filters) => Ok(UserRequestFilter::Or(
filters filters
.iter() .iter()
.map(|f| self.convert_user_filter(f)) .map(|f| self.convert_user_filter(f))
.collect::<Result<_>>()?, .collect::<Result<_>>()?,
)), )),
LdapFilter::Not(filter) => Ok(RequestFilter::Not(Box::new( LdapFilter::Not(filter) => Ok(UserRequestFilter::Not(Box::new(
self.convert_user_filter(&*filter)?, self.convert_user_filter(&*filter)?,
))), ))),
LdapFilter::Equality(field, value) => { LdapFilter::Equality(field, value) => {
@ -629,27 +629,27 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
&self.base_dn, &self.base_dn,
&self.base_dn_str, &self.base_dn_str,
)?; )?;
Ok(RequestFilter::MemberOf(group_name)) Ok(UserRequestFilter::MemberOf(group_name))
} else if field.to_lowercase() == "objectclass" { } else if field.to_lowercase() == "objectclass" {
if value == "person" if value == "person"
|| value == "inetOrgPerson" || value == "inetOrgPerson"
|| value == "posixAccount" || value == "posixAccount"
|| value == "mailAccount" || value == "mailAccount"
{ {
Ok(RequestFilter::And(vec![])) Ok(UserRequestFilter::And(vec![]))
} else { } else {
Ok(RequestFilter::Not(Box::new(RequestFilter::And(vec![])))) Ok(UserRequestFilter::Not(Box::new(UserRequestFilter::And(vec![]))))
} }
} else { } else {
Ok(RequestFilter::Equality(map_field(field)?, value.clone())) Ok(UserRequestFilter::Equality(map_field(field)?, value.clone()))
} }
} }
LdapFilter::Present(field) => { LdapFilter::Present(field) => {
// Check that it's a field we support. // Check that it's a field we support.
if field.to_lowercase() == "objectclass" || map_field(field).is_ok() { if field.to_lowercase() == "objectclass" || map_field(field).is_ok() {
Ok(RequestFilter::And(vec![])) Ok(UserRequestFilter::And(vec![]))
} else { } else {
Ok(RequestFilter::Not(Box::new(RequestFilter::And(vec![])))) Ok(UserRequestFilter::Not(Box::new(UserRequestFilter::And(vec![]))))
} }
} }
_ => bail!("Unsupported user filter: {:?}", filter), _ => bail!("Unsupported user filter: {:?}", filter),
@ -678,7 +678,7 @@ mod tests {
} }
#[async_trait] #[async_trait]
impl BackendHandler for TestBackendHandler { impl BackendHandler for TestBackendHandler {
async fn list_users(&self, filters: Option<RequestFilter>) -> Result<Vec<User>>; async fn list_users(&self, filters: Option<UserRequestFilter>) -> Result<Vec<User>>;
async fn list_groups(&self) -> Result<Vec<Group>>; async fn list_groups(&self) -> Result<Vec<Group>>;
async fn get_user_details(&self, user_id: &str) -> Result<User>; async fn get_user_details(&self, user_id: &str) -> Result<User>;
async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>; async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>;
@ -1133,7 +1133,7 @@ mod tests {
Ok(set) Ok(set)
}); });
mock.expect_list_users() mock.expect_list_users()
.with(eq(Some(RequestFilter::MemberOfId(GroupId(1))))) .with(eq(Some(UserRequestFilter::MemberOfId(GroupId(1)))))
.times(1) .times(1)
.return_once(|_| { .return_once(|_| {
Ok(vec![User { Ok(vec![User {
@ -1172,16 +1172,16 @@ mod tests {
async fn test_search_filters() { async fn test_search_filters() {
let mut mock = MockTestBackendHandler::new(); let mut mock = MockTestBackendHandler::new();
mock.expect_list_users() mock.expect_list_users()
.with(eq(Some(RequestFilter::And(vec![RequestFilter::Or(vec![ .with(eq(Some(UserRequestFilter::And(vec![UserRequestFilter::Or(vec![
RequestFilter::Not(Box::new(RequestFilter::Equality( UserRequestFilter::Not(Box::new(UserRequestFilter::Equality(
"user_id".to_string(), "user_id".to_string(),
"bob".to_string(), "bob".to_string(),
))), ))),
RequestFilter::And(vec![]), UserRequestFilter::And(vec![]),
RequestFilter::Not(Box::new(RequestFilter::And(vec![]))), UserRequestFilter::Not(Box::new(UserRequestFilter::And(vec![]))),
RequestFilter::And(vec![]), UserRequestFilter::And(vec![]),
RequestFilter::And(vec![]), UserRequestFilter::And(vec![]),
RequestFilter::Not(Box::new(RequestFilter::And(vec![]))), UserRequestFilter::Not(Box::new(UserRequestFilter::And(vec![]))),
])])))) ])]))))
.times(1) .times(1)
.return_once(|_| Ok(vec![])); .return_once(|_| Ok(vec![]));
@ -1210,7 +1210,7 @@ mod tests {
async fn test_search_member_of() { async fn test_search_member_of() {
let mut mock = MockTestBackendHandler::new(); let mut mock = MockTestBackendHandler::new();
mock.expect_list_users() mock.expect_list_users()
.with(eq(Some(RequestFilter::MemberOf("group_1".to_string())))) .with(eq(Some(UserRequestFilter::MemberOf("group_1".to_string()))))
.times(1) .times(1)
.return_once(|_| Ok(vec![])); .return_once(|_| Ok(vec![]));
let mut ldap_handler = setup_bound_handler(mock).await; let mut ldap_handler = setup_bound_handler(mock).await;
@ -1256,8 +1256,8 @@ mod tests {
async fn test_search_filters_lowercase() { async fn test_search_filters_lowercase() {
let mut mock = MockTestBackendHandler::new(); let mut mock = MockTestBackendHandler::new();
mock.expect_list_users() mock.expect_list_users()
.with(eq(Some(RequestFilter::And(vec![RequestFilter::Or(vec![ .with(eq(Some(UserRequestFilter::And(vec![UserRequestFilter::Or(vec![
RequestFilter::Not(Box::new(RequestFilter::Equality( UserRequestFilter::Not(Box::new(UserRequestFilter::Equality(
"first_name".to_string(), "first_name".to_string(),
"bob".to_string(), "bob".to_string(),
))), ))),

2
server/src/infra/tcp_backend_handler.rs
View File

@ -35,7 +35,7 @@ mockall::mock! {
} }
#[async_trait] #[async_trait]
impl BackendHandler for TestTcpBackendHandler { impl BackendHandler for TestTcpBackendHandler {
async fn list_users(&self, filters: Option<RequestFilter>) -> Result<Vec<User>>; async fn list_users(&self, filters: Option<UserRequestFilter>) -> Result<Vec<User>>;
async fn list_groups(&self) -> Result<Vec<Group>>; async fn list_groups(&self) -> Result<Vec<Group>>;
async fn get_user_details(&self, user_id: &str) -> Result<User>; async fn get_user_details(&self, user_id: &str) -> Result<User>;
async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>; async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>;