Shifty/shifty-backend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Wrap Context with Autentication enum

Browse source 
Context should contain information which is required to get
the information if the service call is authenticated.  Context
could be the username for example.  But services call other
services internally and for this, authentication must not be
checked.  In this case, they can now pass Authentication::Full
which always successfully authenticates.
This commit is contained in:
Simon Goller 2024-05-09 14:58:19 +02:00
parent bf94ec33de
commit b0000c0117
18 changed files with 252 additions and 217 deletions
Download patch file Download diff file Expand all files Collapse all files

44
service/src/permission.rs
View file

@ -1,4 +1,5 @@
use std::sync::Arc;
use std::fmt::Debug;
use async_trait::async_trait;
use mockall::automock;
@ -41,63 +42,74 @@ impl From<&dao::PrivilegeEntity> for Privilege {
}
}
#[derive(Clone, Debug, PartialEq, Eq)]
pub enum Authentication<Context: Clone + PartialEq + Eq + Send + Sync + Debug + 'static>{
Full,
Context(Context),
}
impl<Context: Clone + Debug + PartialEq + Eq + Send + Sync + 'static> From<Context> for Authentication<Context> {
fn from(context: Context) -> Self {
Self::Context(context)
}
}
#[automock(type Context=();)]
#[async_trait]
pub trait PermissionService {
type Context: Clone + Send + Sync + 'static;
type Context: Clone + PartialEq + Eq + Debug + Send + Sync + 'static;
async fn check_permission(
&self,
privilege: &str,
context: Self::Context,
context: Authentication<Self::Context>,
) -> Result<(), ServiceError>;
async fn create_user(&self, user: &str, context: Self::Context) -> Result<(), ServiceError>;
async fn user_exists(&self, user: &str, context: Self::Context) -> Result<bool, ServiceError>;
async fn delete_user(&self, user: &str, context: Self::Context) -> Result<(), ServiceError>;
async fn get_all_users(&self, context: Self::Context) -> Result<Arc<[User]>, ServiceError>;
async fn create_user(&self, user: &str, context: Authentication<Self::Context>) -> Result<(), ServiceError>;
async fn user_exists(&self, user: &str, context: Authentication<Self::Context>) -> Result<bool, ServiceError>;
async fn delete_user(&self, user: &str, context: Authentication<Self::Context>) -> Result<(), ServiceError>;
async fn get_all_users(&self, context: Authentication<Self::Context>) -> Result<Arc<[User]>, ServiceError>;
async fn create_role(&self, role: &str, context: Self::Context) -> Result<(), ServiceError>;
async fn delete_role(&self, role: &str, context: Self::Context) -> Result<(), ServiceError>;
async fn get_all_roles(&self, context: Self::Context) -> Result<Arc<[Role]>, ServiceError>;
async fn create_role(&self, role: &str, context: Authentication<Self::Context>) -> Result<(), ServiceError>;
async fn delete_role(&self, role: &str, context: Authentication<Self::Context>) -> Result<(), ServiceError>;
async fn get_all_roles(&self, context: Authentication<Self::Context>) -> Result<Arc<[Role]>, ServiceError>;
async fn create_privilege(
&self,
privilege: &str,
context: Self::Context,
context: Authentication<Self::Context>,
) -> Result<(), ServiceError>;
async fn delete_privilege(
&self,
privilege: &str,
context: Self::Context,
context: Authentication<Self::Context>,
) -> Result<(), ServiceError>;
async fn get_all_privileges(
&self,
context: Self::Context,
context: Authentication<Self::Context>,
) -> Result<Arc<[Privilege]>, ServiceError>;
async fn add_user_role(
&self,
user: &str,
role: &str,
context: Self::Context,
context: Authentication<Self::Context>,
) -> Result<(), ServiceError>;
async fn add_role_privilege(
&self,
role: &str,
privilege: &str,
context: Self::Context,
context: Authentication<Self::Context>,
) -> Result<(), ServiceError>;
async fn delete_role_privilege(
&self,
role: &str,
privilege: &str,
context: Self::Context,
context: Authentication<Self::Context>,
) -> Result<(), ServiceError>;
async fn delete_user_role(
&self,
user: &str,
role: &str,
context: Self::Context,
context: Authentication<Self::Context>,
) -> Result<(), ServiceError>;
}