mirrors/lldap
1
0
Fork 0
mirror of https://github.com/lldap/lldap.git synced 2024-11-25 09:06:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

server: Add a is_readonly attribute to the schema

Browse source
This commit is contained in:
Valentin Tolmer 2024-08-27 22:51:34 +02:00 committed by nitnelave
parent 3ec44a58be
commit b1384818d2
10 changed files with 38 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
schema.graphql generated
View file

@ -78,6 +78,7 @@ type AttributeSchema {
isVisible: Boolean!
isEditable: Boolean!
isHardcoded: Boolean!
isReadonly: Boolean!
}
"The fields that can be updated for a user."

1
server/src/domain/handler.rs
View file

@ -147,6 +147,7 @@ pub struct AttributeSchema {
pub is_visible: bool,
pub is_editable: bool,
pub is_hardcoded: bool,
pub is_readonly: bool,
}
#[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]

1
server/src/domain/model/group_attribute_schema.rs
View file

@ -50,6 +50,7 @@ impl From<Model> for AttributeSchema {
is_visible: value.is_group_visible,
is_editable: value.is_group_editable,
is_hardcoded: value.is_hardcoded,
is_readonly: false,
}
}
}

1
server/src/domain/model/user_attribute_schema.rs
View file

@ -50,6 +50,7 @@ impl From<Model> for AttributeSchema {
is_visible: value.is_user_visible,
is_editable: value.is_user_editable,
is_hardcoded: value.is_hardcoded,
is_readonly: false,
}
}
}

9
server/src/domain/schema.rs
View file

@ -43,6 +43,7 @@ impl From<Schema> for PublicSchema {
is_visible: true,
is_editable: false,
is_hardcoded: true,
is_readonly: true,
},
AttributeSchema {
name: "creation_date".into(),
@ -51,6 +52,7 @@ impl From<Schema> for PublicSchema {
is_visible: true,
is_editable: false,
is_hardcoded: true,
is_readonly: true,
},
AttributeSchema {
name: "mail".into(),
@ -59,6 +61,7 @@ impl From<Schema> for PublicSchema {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
AttributeSchema {
name: "uuid".into(),
@ -67,6 +70,7 @@ impl From<Schema> for PublicSchema {
is_visible: true,
is_editable: false,
is_hardcoded: true,
is_readonly: true,
},
AttributeSchema {
name: "display_name".into(),
@ -75,6 +79,7 @@ impl From<Schema> for PublicSchema {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
]);
schema
@ -89,6 +94,7 @@ impl From<Schema> for PublicSchema {
is_visible: true,
is_editable: false,
is_hardcoded: true,
is_readonly: true,
},
AttributeSchema {
name: "creation_date".into(),
@ -97,6 +103,7 @@ impl From<Schema> for PublicSchema {
is_visible: true,
is_editable: false,
is_hardcoded: true,
is_readonly: true,
},
AttributeSchema {
name: "uuid".into(),
@ -105,6 +112,7 @@ impl From<Schema> for PublicSchema {
is_visible: true,
is_editable: false,
is_hardcoded: true,
is_readonly: true,
},
AttributeSchema {
name: "display_name".into(),
@ -113,6 +121,7 @@ impl From<Schema> for PublicSchema {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
]);
schema

5
server/src/domain/sql_schema_backend_handler.rs
View file

@ -196,6 +196,7 @@ mod tests {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
AttributeSchema {
name: "first_name".into(),
@ -204,6 +205,7 @@ mod tests {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
AttributeSchema {
name: "last_name".into(),
@ -212,6 +214,7 @@ mod tests {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
}
]
},
@ -246,6 +249,7 @@ mod tests {
is_visible: false,
is_editable: false,
is_hardcoded: false,
is_readonly: false,
};
assert!(fixture
.handler
@ -329,6 +333,7 @@ mod tests {
is_visible: true,
is_editable: false,
is_hardcoded: false,
is_readonly: false,
};
assert!(fixture
.handler

7
server/src/infra/graphql/mutation.rs
View file

@ -609,6 +609,13 @@ fn deserialize_attribute(
let attribute_schema = attribute_schema
.get_attribute_schema(&attribute_name)
.ok_or_else(|| anyhow!("Attribute {} is not defined in the schema", attribute.name))?;
if attribute_schema.is_readonly {
return Err(anyhow!(
"Permission denied: Attribute {} is read-only",
attribute.name
)
.into());
}
if !is_admin && !attribute_schema.is_editable {
return Err(anyhow!(
"Permission denied: Attribute {} is not editable by regular users",

9
server/src/infra/graphql/query.rs
View file

@ -498,6 +498,9 @@ impl<Handler: BackendHandler> AttributeSchema<Handler> {
fn is_hardcoded(&self) -> bool {
self.schema.is_hardcoded
}
fn is_readonly(&self) -> bool {
self.schema.is_readonly
}
}
impl<Handler: BackendHandler> Clone for AttributeSchema<Handler> {
@ -745,6 +748,7 @@ mod tests {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
DomainAttributeSchema {
name: "last_name".into(),
@ -753,6 +757,7 @@ mod tests {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
],
},
@ -764,6 +769,7 @@ mod tests {
is_visible: true,
is_editable: true,
is_hardcoded: false,
is_readonly: false,
}],
},
extra_user_object_classes: vec![
@ -1125,13 +1131,14 @@ mod tests {
mock.expect_get_schema().times(1).return_once(|| {
Ok(crate::domain::handler::Schema {
user_attributes: AttributeList {
attributes: vec![crate::domain::handler::AttributeSchema {
attributes: vec![DomainAttributeSchema {
name: "invisible".into(),
attribute_type: AttributeType::JpegPhoto,
is_list: false,
is_visible: false,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
}],
},
group_attributes: AttributeList {

2
server/src/infra/ldap_handler.rs
View file

@ -2884,6 +2884,7 @@ mod tests {
is_visible: true,
is_editable: true,
is_hardcoded: false,
is_readonly: false,
}],
},
group_attributes: AttributeList {
@ -2894,6 +2895,7 @@ mod tests {
is_visible: true,
is_editable: true,
is_hardcoded: false,
is_readonly: false,
}],
},
extra_user_object_classes: vec![

3
server/src/infra/test_utils.rs
View file

@ -84,6 +84,7 @@ pub fn setup_default_schema(mock: &mut MockTestBackendHandler) {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
AttributeSchema {
name: "first_name".into(),
@ -92,6 +93,7 @@ pub fn setup_default_schema(mock: &mut MockTestBackendHandler) {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
AttributeSchema {
name: "last_name".into(),
@ -100,6 +102,7 @@ pub fn setup_default_schema(mock: &mut MockTestBackendHandler) {
is_visible: true,
is_editable: true,
is_hardcoded: true,
is_readonly: false,
},
],
},