1 files changed, 70 insertions, 0 deletions

diff --git a/crates/secd/src/client/store/sql_db.rs b/crates/secd/src/client/store/sql_db.rs
index 7b3a68e..5777704 100644
--- a/crates/secd/src/client/store/sql_db.rs
+++ b/crates/secd/src/client/store/sql_db.rs
@@ -1,4 +1,5 @@
 use super::{Store, StoreError, StoreType};
+use crate::Impersonator;
 use crate::{
     util::ErrorContext, Address, AddressType, AddressValidation, AddressValidationMethod,
     Credential, CredentialId, CredentialType, Identity, IdentityId,
@@ -26,6 +27,8 @@ const WRITE_CREDENTIAL: &str = "write_credential";
 const FIND_CREDENTIAL: &str = "find_credential";
 const WRITE_IDENTITY: &str = "write_identity";
 const FIND_IDENTITY: &str = "find_identity";
+const WRITE_IMPERSONATOR: &str = "write_impersonator";
+const FIND_IMPERSONATOR: &str = "find_impersonator";
 
 const ERR_MSG_MIGRATION_FAILED: &str = "Failed to apply secd migrations to a sql db. File a bug at https://www.github.com/branchcontrol/secdiam";
 
@@ -64,6 +67,14 @@ lazy_static! {
                 FIND_CREDENTIAL,
                 include_str!("../../../store/sqlite/sql/find_credential.sql"),
             ),
+            (
+                WRITE_IMPERSONATOR,
+                include_str!("../../../store/sqlite/sql/write_impersonator.sql"),
+            ),
+            (
+                FIND_IMPERSONATOR,
+                include_str!("../../../store/sqlite/sql/find_impersonator.sql"),
+            ),
         ]
         .iter()
         .cloned()
@@ -102,6 +113,14 @@ lazy_static! {
                 FIND_CREDENTIAL,
                 include_str!("../../../store/pg/sql/find_credential.sql"),
             ),
+            (
+                WRITE_IMPERSONATOR,
+                include_str!("../../../store/pg/sql/write_impersonator.sql"),
+            ),
+            (
+                FIND_IMPERSONATOR,
+                include_str!("../../../store/pg/sql/find_impersonator.sql"),
+            ),
         ]
         .iter()
         .cloned()
@@ -525,6 +544,57 @@ where
 
         Ok(res)
     }
+
+    pub async fn write_impersonator(&self, i: &Impersonator) -> Result<(), StoreError> {
+        let sqls = get_sqls(&self.sqls_root, WRITE_IMPERSONATOR);
+        sqlx::query(&sqls[0])
+            .bind(i.impersonator.id)
+            .bind(i.target.id)
+            .bind(i.target.new_credentials.get(0).map(|e| &e.id))
+            .bind(i.created_at)
+            .fetch_all(&self.pool)
+            .await
+            .extend_err()?;
+        Ok(())
+    }
+    pub async fn find_impersonator(
+        &self,
+        impersonator_id: Option<&Uuid>,
+        target_id: Option<&Uuid>,
+    ) -> Result<Vec<Impersonator>, StoreError> {
+        let sqls = get_sqls(&self.sqls_root, FIND_IMPERSONATOR);
+        let rs = sqlx::query_as::<_, (Uuid, Uuid, OffsetDateTime)>(&sqls[0])
+            .bind(impersonator_id)
+            .bind(target_id)
+            .bind(OffsetDateTime::now_utc())
+            .fetch_all(&self.pool)
+            .await
+            .extend_err()?;
+
+        let mut res = vec![];
+        for (impersonator_id, target_id, created_at) in rs.into_iter() {
+            let impersonator = self
+                .find_identity(Some(&impersonator_id), None, None)
+                .await?
+                .into_iter()
+                .next()
+                .ok_or(StoreError::ExpectedEntity)?;
+            let target = self
+                .find_identity(Some(&target_id), None, None)
+                .await?
+                .into_iter()
+                .next()
+                .ok_or(StoreError::ExpectedEntity)?;
+
+            res.push(Impersonator {
+                impersonator,
+                target,
+                created_at,
+            })
+        }
+
+        Ok(res)
+    }
 }
 
 fn get_sqls(root: &str, file: &str) -> Vec<String> {