pub struct QueryServerWriteTransaction<'a> { /* private fields */ }
Implementations§
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
pub fn consumer_apply_changes( &mut self, ctx: ReplIncrementalContext, ) -> Result<ConsumerState, OperationError>
pub fn consumer_apply_refresh( &mut self, ctx: ReplRefreshContext, ) -> Result<(), OperationError>
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
pub fn supplier_renew_key_cert( &mut self, domain_name: &str, ) -> Result<(), OperationError>
pub fn supplier_get_key_cert( &mut self, domain_name: &str, ) -> Result<(PKey<Private>, X509), OperationError>
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
sourcepub fn batch_modify(
&mut self,
me: &BatchModifyEvent,
) -> Result<(), OperationError>
pub fn batch_modify( &mut self, me: &BatchModifyEvent, ) -> Result<(), OperationError>
This function behaves different to modify. Modify applies the same modification operation en-mass to 1 -> N entries. This takes a set of modifications that define a precise entry to apply a change to and only modifies that.
modify is for all entries matching this condition, do this change.
batch_modify is for entry X apply mod A, for entry Y apply mod B etc. It allows you to do per-entry mods.
The drawback is you need to know ahead of time what uuids you are affecting. This has parallels to scim, so it’s not a significant issue.
Otherwise, we follow the same pattern here as modify, and inside the transform the same modlists are used.
pub fn internal_batch_modify( &mut self, mods_iter: impl Iterator<Item = (Uuid, ModifyList<ModifyInvalid>)>, ) -> Result<(), OperationError>
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
sourcepub fn create(&mut self, ce: &CreateEvent) -> Result<(), OperationError>
pub fn create(&mut self, ce: &CreateEvent) -> Result<(), OperationError>
The create event is a raw, read only representation of the request that was made to us, including information about the identity performing the request.
pub fn internal_create( &mut self, entries: Vec<Entry<EntryInit, EntryNew>>, ) -> Result<(), OperationError>
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
pub fn delete(&mut self, de: &DeleteEvent) -> Result<(), OperationError>
pub fn internal_delete( &mut self, filter: &Filter<FilterInvalid>, ) -> Result<(), OperationError>
pub fn internal_delete_uuid( &mut self, target_uuid: Uuid, ) -> Result<(), OperationError>
pub fn internal_delete_uuid_if_exists( &mut self, target_uuid: Uuid, ) -> Result<(), OperationError>
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
sourcepub fn internal_migrate_or_create(
&mut self,
e: Entry<EntryInit, EntryNew>,
) -> Result<(), OperationError>
pub fn internal_migrate_or_create( &mut self, e: Entry<EntryInit, EntryNew>, ) -> Result<(), OperationError>
- If the thing exists:
- Ensure the set of attributes match and are present (but don’t delete multivalue, or extended attributes in the situation.
- If not:
- Create the entry
This will extra classes an attributes alone!
NOTE: gen_modlist*
IS schema aware and will handle multivalue correctly!
sourcepub fn internal_migrate_or_create_ignore_attrs(
&mut self,
e: Entry<EntryInit, EntryNew>,
attrs: &[Attribute],
) -> Result<(), OperationError>
pub fn internal_migrate_or_create_ignore_attrs( &mut self, e: Entry<EntryInit, EntryNew>, attrs: &[Attribute], ) -> Result<(), OperationError>
This is the same as QueryServerWriteTransaction::internal_migrate_or_create but it will ignore the specified list of attributes, so that if an admin has modified those values then we don’t stomp them.
pub fn initialise_schema_core(&mut self) -> Result<(), OperationError>
pub fn initialise_schema_idm(&mut self) -> Result<(), OperationError>
sourcepub fn initialise_domain_info(&mut self) -> Result<(), OperationError>
pub fn initialise_domain_info(&mut self) -> Result<(), OperationError>
This function is idempotent, runs all the startup functionality and checks
sourcepub fn initialise_idm(&mut self) -> Result<(), OperationError>
pub fn initialise_idm(&mut self) -> Result<(), OperationError>
This function is idempotent, runs all the startup functionality and checks
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
pub fn modify(&mut self, me: &ModifyEvent) -> Result<(), OperationError>
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
pub fn internal_modify( &mut self, filter: &Filter<FilterInvalid>, modlist: &ModifyList<ModifyInvalid>, ) -> Result<(), OperationError>
pub fn internal_modify_uuid( &mut self, target_uuid: Uuid, modlist: &ModifyList<ModifyInvalid>, ) -> Result<(), OperationError>
pub fn impersonate_modify_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, m_valid: ModifyList<ModifyValid>, event: &Identity, ) -> Result<(), OperationError>
pub fn impersonate_modify( &mut self, filter: &Filter<FilterInvalid>, filter_intent: &Filter<FilterInvalid>, modlist: &ModifyList<ModifyInvalid>, event: &Identity, ) -> Result<(), OperationError>
pub fn impersonate_modify_gen_event( &mut self, filter: &Filter<FilterInvalid>, filter_intent: &Filter<FilterInvalid>, modlist: &ModifyList<ModifyInvalid>, event: &Identity, ) -> Result<ModifyEvent, OperationError>
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
pub fn purge_tombstones(&mut self) -> Result<usize, OperationError>
pub fn purge_recycled(&mut self) -> Result<usize, OperationError>
pub fn revive_recycled( &mut self, re: &ReviveRecycledEvent, ) -> Result<(), OperationError>
source§impl QueryServerWriteTransaction<'_>
impl QueryServerWriteTransaction<'_>
sourcepub fn scim_put(
&mut self,
scim_entry_put: ScimEntryPutEvent,
) -> Result<ScimEntryKanidm, OperationError>
pub fn scim_put( &mut self, scim_entry_put: ScimEntryPutEvent, ) -> Result<ScimEntryKanidm, OperationError>
SCIM PUT is the handler where a single entry is updated. In a SCIM PUT request the request defines the state of an attribute in entirety for the update. This means if the caller wants to add one email address, they must PUT all existing addresses in addition to the new one.
source§impl<'a> QueryServerWriteTransaction<'a>
impl<'a> QueryServerWriteTransaction<'a>
pub fn domain_raise(&mut self, level: u32) -> Result<(), OperationError>
pub fn domain_remigrate(&mut self, level: u32) -> Result<(), OperationError>
sourcepub fn set_domain_display_name(
&mut self,
new_domain_name: &str,
) -> Result<(), OperationError>
pub fn set_domain_display_name( &mut self, new_domain_name: &str, ) -> Result<(), OperationError>
Initiate a domain display name change process. This isn’t particularly scary because it’s just a wibbly human-facing thing, not used for secure activities (yet)
sourcepub fn danger_domain_rename(
&mut self,
new_domain_name: &str,
) -> Result<(), OperationError>
pub fn danger_domain_rename( &mut self, new_domain_name: &str, ) -> Result<(), OperationError>
Initiate a domain rename process. This is generally an internal function but it’s exposed to the cli for admins to be able to initiate the process.
§Safety
This is UNSAFE because while it may change the domain name, it doesn’t update the running configured version of the domain name that is resident to the query server.
Currently it’s only used to test what happens if we rename the domain and how that impacts spns, but in the future we may need to reconsider how this is approached, especially if we have a domain re-name replicated to us. It could be that we end up needing to have this as a cow cell or similar?
pub fn reindex(&mut self, immediate: bool) -> Result<(), OperationError>
pub fn clear_cache(&mut self) -> Result<(), OperationError>
pub fn commit(self) -> Result<(), OperationError>
Trait Implementations§
source§impl<'a> QueryServerTransaction<'a> for QueryServerWriteTransaction<'a>
impl<'a> QueryServerTransaction<'a> for QueryServerWriteTransaction<'a>
source§fn get_domain_name(&self) -> &str
fn get_domain_name(&self) -> &str
Gets the in-memory domain_name element
type AccessControlsTransactionType = AccessControlsWriteTransaction<'a>
type BackendTransactionType = BackendWriteTransaction<'a>
type SchemaTransactionType = SchemaWriteTransaction<'a>
type KeyProvidersTransactionType = KeyProvidersWriteTransaction<'a>
fn get_be_txn(&mut self) -> &mut BackendWriteTransaction<'a>
fn get_schema<'b>(&self) -> &'b SchemaWriteTransaction<'a>
fn get_accesscontrols(&self) -> &AccessControlsWriteTransaction<'a>
fn get_key_providers(&self) -> &KeyProvidersWriteTransaction<'a>
fn get_resolve_filter_cache(&mut self) -> &mut ResolveFilterCacheReadTxn<'a>
fn get_resolve_filter_cache_and_be_txn( &mut self, ) -> (&mut BackendWriteTransaction<'a>, &mut ResolveFilterCacheReadTxn<'a>)
fn pw_badlist(&self) -> &HashSet<String>
fn denied_names(&self) -> &HashSet<String>
fn get_domain_version(&self) -> DomainVersion
fn get_domain_patch_level(&self) -> u32
fn get_domain_development_taint(&self) -> bool
fn get_domain_uuid(&self) -> Uuid
fn get_domain_display_name(&self) -> &str
fn get_domain_image_value(&self) -> Option<ImageValue>
source§fn search_ext(
&mut self,
se: &SearchEvent,
) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
fn search_ext( &mut self, se: &SearchEvent, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
SearchEvent
for the internal user, this query will fail. It is invalid for
the access
module to attempt to reduce avas for internal searches, and you
should use fn search
instead.fn search( &mut self, se: &SearchEvent, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn exists(&mut self, ee: &ExistsEvent) -> Result<bool, OperationError>
fn name_to_uuid(&mut self, name: &str) -> Result<Uuid, OperationError>
fn sync_external_id_to_uuid( &mut self, external_id: &str, ) -> Result<Option<Uuid>, OperationError>
fn uuid_to_spn(&mut self, uuid: Uuid) -> Result<Option<Value>, OperationError>
fn uuid_to_rdn(&mut self, uuid: Uuid) -> Result<String, OperationError>
source§fn internal_exists(
&mut self,
filter: Filter<FilterInvalid>,
) -> Result<bool, OperationError>
fn internal_exists( &mut self, filter: Filter<FilterInvalid>, ) -> Result<bool, OperationError>
fn internal_search( &mut self, filter: Filter<FilterInvalid>, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn impersonate_search_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
source§fn impersonate_search_ext_valid(
&mut self,
f_valid: Filter<FilterValid>,
f_intent_valid: Filter<FilterValid>,
event: &Identity,
) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
fn impersonate_search_ext_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
fn impersonate_search( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn impersonate_search_ext( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
source§fn internal_search_uuid(
&mut self,
uuid: Uuid,
) -> Result<Arc<EntrySealedCommitted>, OperationError>
fn internal_search_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError>
source§fn internal_search_all_uuid(
&mut self,
uuid: Uuid,
) -> Result<Arc<EntrySealedCommitted>, OperationError>
fn internal_search_all_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError>
source§fn internal_search_conflict_uuid(
&mut self,
uuid: Uuid,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn internal_search_conflict_uuid( &mut self, uuid: Uuid, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn impersonate_search_ext_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError>
fn impersonate_search_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Arc<EntrySealedCommitted>, OperationError>
source§fn clone_value(
&mut self,
attr: &Attribute,
value: &str,
) -> Result<Value, OperationError>
fn clone_value( &mut self, attr: &Attribute, value: &str, ) -> Result<Value, OperationError>
fn clone_partialvalue( &mut self, attr: &Attribute, value: &str, ) -> Result<PartialValue, OperationError>
fn resolve_scim_interim( &mut self, scim_value_intermediate: ScimValueIntermediate, ) -> Result<Option<ScimValueKanidm>, OperationError>
fn resolve_scim_json_put( &mut self, attr: &Attribute, value: Option<JsonValue>, ) -> Result<Option<ValueSet>, OperationError>
fn resolve_valueset_intermediate( &mut self, vs_inter: ValueSetIntermediate, ) -> Result<ValueSet, OperationError>
fn resolve_valueset( &mut self, value: &ValueSet, ) -> Result<Vec<String>, OperationError>
fn resolve_valueset_ldap( &mut self, value: &ValueSet, basedn: &str, ) -> Result<Vec<Vec<u8>>, OperationError>
fn get_db_domain(&mut self) -> Result<Arc<EntrySealedCommitted>, OperationError>
fn get_domain_key_object_handle( &self, ) -> Result<Arc<Box<dyn KeyObjectT + Send + Sync + 'static>>, OperationError>
fn get_domain_es256_private_key(&mut self) -> Result<Vec<u8>, OperationError>
fn get_domain_ldap_allow_unix_pw_bind(&mut self) -> Result<bool, OperationError>
source§fn get_sc_password_badlist(&mut self) -> Result<HashSet<String>, OperationError>
fn get_sc_password_badlist(&mut self) -> Result<HashSet<String>, OperationError>
source§fn get_sc_denied_names(&mut self) -> Result<HashSet<String>, OperationError>
fn get_sc_denied_names(&mut self) -> Result<HashSet<String>, OperationError>
fn get_oauth2rs_set( &mut self, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn get_applications_set( &mut self, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn consumer_get_state(&mut self) -> Result<ReplRuvRange, OperationError>
Auto Trait Implementations§
impl<'a> !Freeze for QueryServerWriteTransaction<'a>
impl<'a> !RefUnwindSafe for QueryServerWriteTransaction<'a>
impl<'a> !Send for QueryServerWriteTransaction<'a>
impl<'a> !Sync for QueryServerWriteTransaction<'a>
impl<'a> Unpin for QueryServerWriteTransaction<'a>
impl<'a> !UnwindSafe for QueryServerWriteTransaction<'a>
Blanket Implementations§
§impl<'a, T> AsTaggedExplicit<'a> for Twhere
T: 'a,
impl<'a, T> AsTaggedExplicit<'a> for Twhere
T: 'a,
§impl<'a, T> AsTaggedImplicit<'a> for Twhere
T: 'a,
impl<'a, T> AsTaggedImplicit<'a> for Twhere
T: 'a,
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
§impl<T> FutureExt for T
impl<T> FutureExt for T
§fn with_context(self, otel_cx: Context) -> WithContext<Self>
fn with_context(self, otel_cx: Context) -> WithContext<Self>
§fn with_current_context(self) -> WithContext<Self>
fn with_current_context(self) -> WithContext<Self>
§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoEither for T
impl<T> IntoEither for T
source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§impl<T> IntoRequest<T> for T
impl<T> IntoRequest<T> for T
source§fn into_request(self) -> Request<T>
fn into_request(self) -> Request<T>
T
in a tonic::Request