pub trait QueryServerTransaction<'a> {
type BackendTransactionType: BackendTransaction;
type SchemaTransactionType: SchemaTransaction;
type AccessControlsTransactionType: AccessControlsTransaction<'a>;
type KeyProvidersTransactionType: KeyProvidersTransaction;
Show 49 methods
// Required methods
fn get_be_txn(&mut self) -> &mut Self::BackendTransactionType;
fn get_schema<'b>(&self) -> &'b Self::SchemaTransactionType;
fn get_accesscontrols(&self) -> &Self::AccessControlsTransactionType;
fn get_key_providers(&self) -> &Self::KeyProvidersTransactionType;
fn pw_badlist(&self) -> &HashSet<String>;
fn denied_names(&self) -> &HashSet<String>;
fn get_domain_version(&self) -> DomainVersion;
fn get_domain_patch_level(&self) -> u32;
fn get_domain_development_taint(&self) -> bool;
fn get_domain_uuid(&self) -> Uuid;
fn get_domain_name(&self) -> &str;
fn get_domain_display_name(&self) -> &str;
fn get_domain_image_value(&self) -> Option<ImageValue>;
fn get_resolve_filter_cache(&mut self) -> &mut ResolveFilterCacheReadTxn<'a>;
fn get_resolve_filter_cache_and_be_txn(
&mut self,
) -> (&mut Self::BackendTransactionType, &mut ResolveFilterCacheReadTxn<'a>);
// Provided methods
fn search_ext(
&mut self,
se: &SearchEvent,
) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
fn search(
&mut self,
se: &SearchEvent,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
fn exists(&mut self, ee: &ExistsEvent) -> Result<bool, OperationError> { ... }
fn name_to_uuid(&mut self, name: &str) -> Result<Uuid, OperationError> { ... }
fn sync_external_id_to_uuid(
&mut self,
external_id: &str,
) -> Result<Option<Uuid>, OperationError> { ... }
fn uuid_to_spn(
&mut self,
uuid: Uuid,
) -> Result<Option<Value>, OperationError> { ... }
fn uuid_to_rdn(&mut self, uuid: Uuid) -> Result<String, OperationError> { ... }
fn internal_exists(
&mut self,
filter: Filter<FilterInvalid>,
) -> Result<bool, OperationError> { ... }
fn internal_search(
&mut self,
filter: Filter<FilterInvalid>,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
fn impersonate_search_valid(
&mut self,
f_valid: Filter<FilterValid>,
f_intent_valid: Filter<FilterValid>,
event: &Identity,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
fn impersonate_search_ext_valid(
&mut self,
f_valid: Filter<FilterValid>,
f_intent_valid: Filter<FilterValid>,
event: &Identity,
) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
fn impersonate_search(
&mut self,
filter: Filter<FilterInvalid>,
filter_intent: Filter<FilterInvalid>,
event: &Identity,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
fn impersonate_search_ext(
&mut self,
filter: Filter<FilterInvalid>,
filter_intent: Filter<FilterInvalid>,
event: &Identity,
) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
fn internal_search_uuid(
&mut self,
uuid: Uuid,
) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
fn internal_search_all_uuid(
&mut self,
uuid: Uuid,
) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
fn internal_search_conflict_uuid(
&mut self,
uuid: Uuid,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
fn impersonate_search_ext_uuid(
&mut self,
uuid: Uuid,
event: &Identity,
) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError> { ... }
fn impersonate_search_uuid(
&mut self,
uuid: Uuid,
event: &Identity,
) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
fn clone_value(
&mut self,
attr: &Attribute,
value: &str,
) -> Result<Value, OperationError> { ... }
fn clone_partialvalue(
&mut self,
attr: &Attribute,
value: &str,
) -> Result<PartialValue, OperationError> { ... }
fn resolve_scim_interim(
&mut self,
scim_value_intermediate: ScimValueIntermediate,
) -> Result<Option<ScimValueKanidm>, OperationError> { ... }
fn resolve_scim_json_put(
&mut self,
attr: &Attribute,
value: Option<JsonValue>,
) -> Result<Option<ValueSet>, OperationError> { ... }
fn resolve_valueset_intermediate(
&mut self,
vs_inter: ValueSetIntermediate,
) -> Result<ValueSet, OperationError> { ... }
fn resolve_valueset(
&mut self,
value: &ValueSet,
) -> Result<Vec<String>, OperationError> { ... }
fn resolve_valueset_ldap(
&mut self,
value: &ValueSet,
basedn: &str,
) -> Result<Vec<Vec<u8>>, OperationError> { ... }
fn get_db_domain(
&mut self,
) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
fn get_domain_key_object_handle(
&self,
) -> Result<Arc<Box<dyn KeyObjectT + Send + Sync + 'static>>, OperationError> { ... }
fn get_domain_es256_private_key(
&mut self,
) -> Result<Vec<u8>, OperationError> { ... }
fn get_domain_ldap_allow_unix_pw_bind(
&mut self,
) -> Result<bool, OperationError> { ... }
fn get_sc_password_badlist(
&mut self,
) -> Result<HashSet<String>, OperationError> { ... }
fn get_sc_denied_names(&mut self) -> Result<HashSet<String>, OperationError> { ... }
fn get_oauth2rs_set(
&mut self,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
fn get_applications_set(
&mut self,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
fn consumer_get_state(&mut self) -> Result<ReplRuvRange, OperationError> { ... }
}
Expand description
The QueryServerTransaction
trait provides a set of common read only operations to be
shared between QueryServerReadTransaction
and QueryServerWriteTransaction
s.
These operations tend to be high level constructions, generally different types of searches that are capable of taking different types of parameters and applying access controls or not, impersonating accounts, or bypassing these via internal searches.
Required Associated Types§
type BackendTransactionType: BackendTransaction
type SchemaTransactionType: SchemaTransaction
type AccessControlsTransactionType: AccessControlsTransaction<'a>
type KeyProvidersTransactionType: KeyProvidersTransaction
Required Methods§
fn get_be_txn(&mut self) -> &mut Self::BackendTransactionType
fn get_schema<'b>(&self) -> &'b Self::SchemaTransactionType
fn get_accesscontrols(&self) -> &Self::AccessControlsTransactionType
fn get_key_providers(&self) -> &Self::KeyProvidersTransactionType
fn pw_badlist(&self) -> &HashSet<String>
fn denied_names(&self) -> &HashSet<String>
fn get_domain_version(&self) -> DomainVersion
fn get_domain_patch_level(&self) -> u32
fn get_domain_development_taint(&self) -> bool
fn get_domain_uuid(&self) -> Uuid
fn get_domain_name(&self) -> &str
fn get_domain_display_name(&self) -> &str
fn get_domain_image_value(&self) -> Option<ImageValue>
fn get_resolve_filter_cache(&mut self) -> &mut ResolveFilterCacheReadTxn<'a>
fn get_resolve_filter_cache_and_be_txn( &mut self, ) -> (&mut Self::BackendTransactionType, &mut ResolveFilterCacheReadTxn<'a>)
Provided Methods§
sourcefn search_ext(
&mut self,
se: &SearchEvent,
) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
fn search_ext( &mut self, se: &SearchEvent, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
Conduct a search and apply access controls to yield a set of entries that
have been reduced to the set of user visible avas. Note that if you provide
a SearchEvent
for the internal user, this query will fail. It is invalid for
the access
module to attempt to reduce avas for internal searches, and you
should use fn search
instead.
fn search( &mut self, se: &SearchEvent, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn exists(&mut self, ee: &ExistsEvent) -> Result<bool, OperationError>
fn name_to_uuid(&mut self, name: &str) -> Result<Uuid, OperationError>
fn sync_external_id_to_uuid( &mut self, external_id: &str, ) -> Result<Option<Uuid>, OperationError>
fn uuid_to_spn(&mut self, uuid: Uuid) -> Result<Option<Value>, OperationError>
fn uuid_to_rdn(&mut self, uuid: Uuid) -> Result<String, OperationError>
sourcefn internal_exists(
&mut self,
filter: Filter<FilterInvalid>,
) -> Result<bool, OperationError>
fn internal_exists( &mut self, filter: Filter<FilterInvalid>, ) -> Result<bool, OperationError>
From internal, generate an “exists” event and dispatch
fn internal_search( &mut self, filter: Filter<FilterInvalid>, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn impersonate_search_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
sourcefn impersonate_search_ext_valid(
&mut self,
f_valid: Filter<FilterValid>,
f_intent_valid: Filter<FilterValid>,
event: &Identity,
) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
fn impersonate_search_ext_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
Applies ACP to filter result entries.
fn impersonate_search( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn impersonate_search_ext( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>
sourcefn internal_search_uuid(
&mut self,
uuid: Uuid,
) -> Result<Arc<EntrySealedCommitted>, OperationError>
fn internal_search_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError>
Get a single entry by its UUID. This is used heavily for internal server operations, especially in login and ACP checks.
sourcefn internal_search_all_uuid(
&mut self,
uuid: Uuid,
) -> Result<Arc<EntrySealedCommitted>, OperationError>
fn internal_search_all_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError>
Get a single entry by its UUID, even if the entry in question is in a masked state (recycled, tombstoned).
sourcefn internal_search_conflict_uuid(
&mut self,
uuid: Uuid,
) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
fn internal_search_conflict_uuid( &mut self, uuid: Uuid, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>
Get all conflict entries that originated from a source uuid.
fn impersonate_search_ext_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError>
fn impersonate_search_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Arc<EntrySealedCommitted>, OperationError>
sourcefn clone_value(
&mut self,
attr: &Attribute,
value: &str,
) -> Result<Value, OperationError>
fn clone_value( &mut self, attr: &Attribute, value: &str, ) -> Result<Value, OperationError>
Do a schema aware conversion from a String:String to String:Value for modification present.
fn clone_partialvalue( &mut self, attr: &Attribute, value: &str, ) -> Result<PartialValue, OperationError>
fn resolve_scim_interim( &mut self, scim_value_intermediate: ScimValueIntermediate, ) -> Result<Option<ScimValueKanidm>, OperationError>
fn resolve_scim_json_put( &mut self, attr: &Attribute, value: Option<JsonValue>, ) -> Result<Option<ValueSet>, OperationError>
fn resolve_valueset_intermediate( &mut self, vs_inter: ValueSetIntermediate, ) -> Result<ValueSet, OperationError>
fn resolve_valueset( &mut self, value: &ValueSet, ) -> Result<Vec<String>, OperationError>
fn resolve_valueset_ldap( &mut self, value: &ValueSet, basedn: &str, ) -> Result<Vec<Vec<u8>>, OperationError>
fn get_db_domain(&mut self) -> Result<Arc<EntrySealedCommitted>, OperationError>
fn get_domain_key_object_handle( &self, ) -> Result<Arc<Box<dyn KeyObjectT + Send + Sync + 'static>>, OperationError>
fn get_domain_es256_private_key(&mut self) -> Result<Vec<u8>, OperationError>
fn get_domain_ldap_allow_unix_pw_bind(&mut self) -> Result<bool, OperationError>
sourcefn get_sc_password_badlist(&mut self) -> Result<HashSet<String>, OperationError>
fn get_sc_password_badlist(&mut self) -> Result<HashSet<String>, OperationError>
Get the password badlist from the system config. You should not call this directly as this value is cached in the system_config() value.
sourcefn get_sc_denied_names(&mut self) -> Result<HashSet<String>, OperationError>
fn get_sc_denied_names(&mut self) -> Result<HashSet<String>, OperationError>
Get the denied name set from the system config. You should not call this directly as this value is cached in the system_config() value.