diff options
| author | benj <benj@rse8.com> | 2023-06-19 17:18:21 -0700 |
|---|---|---|
| committer | benj <benj@rse8.com> | 2023-06-19 17:18:21 -0700 |
| commit | ab6d5cefbea1e8ddf41f385dd85918f651958287 (patch) | |
| tree | ac3a6b45b1a0e6a833a627307d07e94a95ba3c23 /crates/secd/src/client/store/sql_db.rs | |
| parent | 3406b370fe290559ff2445097a380d6f48d0f9af (diff) | |
| download | secdiam-ab6d5cefbea1e8ddf41f385dd85918f651958287.tar secdiam-ab6d5cefbea1e8ddf41f385dd85918f651958287.tar.gz secdiam-ab6d5cefbea1e8ddf41f385dd85918f651958287.tar.bz2 secdiam-ab6d5cefbea1e8ddf41f385dd85918f651958287.tar.lz secdiam-ab6d5cefbea1e8ddf41f385dd85918f651958287.tar.xz secdiam-ab6d5cefbea1e8ddf41f385dd85918f651958287.tar.zst secdiam-ab6d5cefbea1e8ddf41f385dd85918f651958287.zip | |
hack to allow impersonator to impersonate target
Diffstat (limited to 'crates/secd/src/client/store/sql_db.rs')
| -rw-r--r-- | crates/secd/src/client/store/sql_db.rs | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/crates/secd/src/client/store/sql_db.rs b/crates/secd/src/client/store/sql_db.rs index 7b3a68e..5777704 100644 --- a/crates/secd/src/client/store/sql_db.rs +++ b/crates/secd/src/client/store/sql_db.rs @@ -1,4 +1,5 @@ use super::{Store, StoreError, StoreType}; +use crate::Impersonator; use crate::{ util::ErrorContext, Address, AddressType, AddressValidation, AddressValidationMethod, Credential, CredentialId, CredentialType, Identity, IdentityId, @@ -26,6 +27,8 @@ const WRITE_CREDENTIAL: &str = "write_credential"; const FIND_CREDENTIAL: &str = "find_credential"; const WRITE_IDENTITY: &str = "write_identity"; const FIND_IDENTITY: &str = "find_identity"; +const WRITE_IMPERSONATOR: &str = "write_impersonator"; +const FIND_IMPERSONATOR: &str = "find_impersonator"; const ERR_MSG_MIGRATION_FAILED: &str = "Failed to apply secd migrations to a sql db. File a bug at https://www.github.com/branchcontrol/secdiam"; @@ -64,6 +67,14 @@ lazy_static! { FIND_CREDENTIAL, include_str!("../../../store/sqlite/sql/find_credential.sql"), ), + ( + WRITE_IMPERSONATOR, + include_str!("../../../store/sqlite/sql/write_impersonator.sql"), + ), + ( + FIND_IMPERSONATOR, + include_str!("../../../store/sqlite/sql/find_impersonator.sql"), + ), ] .iter() .cloned() @@ -102,6 +113,14 @@ lazy_static! { FIND_CREDENTIAL, include_str!("../../../store/pg/sql/find_credential.sql"), ), + ( + WRITE_IMPERSONATOR, + include_str!("../../../store/pg/sql/write_impersonator.sql"), + ), + ( + FIND_IMPERSONATOR, + include_str!("../../../store/pg/sql/find_impersonator.sql"), + ), ] .iter() .cloned() @@ -525,6 +544,57 @@ where Ok(res) } + + pub async fn write_impersonator(&self, i: &Impersonator) -> Result<(), StoreError> { + let sqls = get_sqls(&self.sqls_root, WRITE_IMPERSONATOR); + sqlx::query(&sqls[0]) + .bind(i.impersonator.id) + .bind(i.target.id) + .bind(i.target.new_credentials.get(0).map(|e| &e.id)) + .bind(i.created_at) + .fetch_all(&self.pool) + .await + .extend_err()?; + Ok(()) + } + pub async fn find_impersonator( + &self, + impersonator_id: Option<&Uuid>, + target_id: Option<&Uuid>, + ) -> Result<Vec<Impersonator>, StoreError> { + let sqls = get_sqls(&self.sqls_root, FIND_IMPERSONATOR); + let rs = sqlx::query_as::<_, (Uuid, Uuid, OffsetDateTime)>(&sqls[0]) + .bind(impersonator_id) + .bind(target_id) + .bind(OffsetDateTime::now_utc()) + .fetch_all(&self.pool) + .await + .extend_err()?; + + let mut res = vec![]; + for (impersonator_id, target_id, created_at) in rs.into_iter() { + let impersonator = self + .find_identity(Some(&impersonator_id), None, None) + .await? + .into_iter() + .next() + .ok_or(StoreError::ExpectedEntity)?; + let target = self + .find_identity(Some(&target_id), None, None) + .await? + .into_iter() + .next() + .ok_or(StoreError::ExpectedEntity)?; + + res.push(Impersonator { + impersonator, + target, + created_at, + }) + } + + Ok(res) + } } fn get_sqls(root: &str, file: &str) -> Vec<String> { |