Trait kanidmd_lib::server::QueryServerTransaction

source · 
pub trait QueryServerTransaction<'a> {
    type BackendTransactionType: BackendTransaction;
    type SchemaTransactionType: SchemaTransaction;
    type AccessControlsTransactionType: AccessControlsTransaction<'a>;
    type KeyProvidersTransactionType: KeyProvidersTransaction;


Show 47 methods    // Required methods
    fn get_be_txn(&mut self) -> &mut Self::BackendTransactionType;
    fn get_schema<'b>(&self) -> &'b Self::SchemaTransactionType;
    fn get_accesscontrols(&self) -> &Self::AccessControlsTransactionType;
    fn get_key_providers(&self) -> &Self::KeyProvidersTransactionType;
    fn pw_badlist(&self) -> &HashSet<String>;
    fn denied_names(&self) -> &HashSet<String>;
    fn get_domain_version(&self) -> DomainVersion;
    fn get_domain_patch_level(&self) -> u32;
    fn get_domain_development_taint(&self) -> bool;
    fn get_domain_uuid(&self) -> Uuid;
    fn get_domain_name(&self) -> &str;
    fn get_domain_display_name(&self) -> &str;
    fn get_domain_image_value(&self) -> Option<ImageValue>;
    fn get_resolve_filter_cache(&mut self) -> &mut ResolveFilterCacheReadTxn<'a>;
    fn get_resolve_filter_cache_and_be_txn(
        &mut self,
    ) -> (&mut Self::BackendTransactionType, &mut ResolveFilterCacheReadTxn<'a>);

    // Provided methods
    fn search_ext(
        &mut self,
        se: &SearchEvent,
    ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
    fn search(
        &mut self,
        se: &SearchEvent,
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn exists(&mut self, ee: &ExistsEvent) -> Result<bool, OperationError> { ... }
    fn name_to_uuid(&mut self, name: &str) -> Result<Uuid, OperationError> { ... }
    fn sync_external_id_to_uuid(
        &mut self,
        external_id: &str,
    ) -> Result<Option<Uuid>, OperationError> { ... }
    fn uuid_to_spn(
        &mut self,
        uuid: Uuid,
    ) -> Result<Option<Value>, OperationError> { ... }
    fn uuid_to_rdn(&mut self, uuid: Uuid) -> Result<String, OperationError> { ... }
    fn internal_exists(
        &mut self,
        filter: Filter<FilterInvalid>,
    ) -> Result<bool, OperationError> { ... }
    fn internal_search(
        &mut self,
        filter: Filter<FilterInvalid>,
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_valid(
        &mut self,
        f_valid: Filter<FilterValid>,
        f_intent_valid: Filter<FilterValid>,
        event: &Identity,
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_ext_valid(
        &mut self,
        f_valid: Filter<FilterValid>,
        f_intent_valid: Filter<FilterValid>,
        event: &Identity,
    ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
    fn impersonate_search(
        &mut self,
        filter: Filter<FilterInvalid>,
        filter_intent: Filter<FilterInvalid>,
        event: &Identity,
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_ext(
        &mut self,
        filter: Filter<FilterInvalid>,
        filter_intent: Filter<FilterInvalid>,
        event: &Identity,
    ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... }
    fn internal_search_uuid(
        &mut self,
        uuid: Uuid,
    ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
    fn internal_search_all_uuid(
        &mut self,
        uuid: Uuid,
    ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
    fn internal_search_conflict_uuid(
        &mut self,
        uuid: Uuid,
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn impersonate_search_ext_uuid(
        &mut self,
        uuid: Uuid,
        event: &Identity,
    ) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError> { ... }
    fn impersonate_search_uuid(
        &mut self,
        uuid: Uuid,
        event: &Identity,
    ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
    fn clone_value(
        &mut self,
        attr: &Attribute,
        value: &str,
    ) -> Result<Value, OperationError> { ... }
    fn clone_partialvalue(
        &mut self,
        attr: &Attribute,
        value: &str,
    ) -> Result<PartialValue, OperationError> { ... }
    fn resolve_scim_interim(
        &mut self,
        scim_value_intermediate: ScimValueIntermediate,
    ) -> Result<Option<ScimValueKanidm>, OperationError> { ... }
    fn resolve_valueset(
        &mut self,
        value: &ValueSet,
    ) -> Result<Vec<String>, OperationError> { ... }
    fn resolve_valueset_ldap(
        &mut self,
        value: &ValueSet,
        basedn: &str,
    ) -> Result<Vec<Vec<u8>>, OperationError> { ... }
    fn get_db_domain(
        &mut self,
    ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... }
    fn get_domain_key_object_handle(
        &self,
    ) -> Result<Arc<Box<dyn KeyObjectT + Send + Sync + 'static>>, OperationError> { ... }
    fn get_domain_es256_private_key(
        &mut self,
    ) -> Result<Vec<u8>, OperationError> { ... }
    fn get_domain_ldap_allow_unix_pw_bind(
        &mut self,
    ) -> Result<bool, OperationError> { ... }
    fn get_sc_password_badlist(
        &mut self,
    ) -> Result<HashSet<String>, OperationError> { ... }
    fn get_sc_denied_names(&mut self) -> Result<HashSet<String>, OperationError> { ... }
    fn get_oauth2rs_set(
        &mut self,
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn get_applications_set(
        &mut self,
    ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... }
    fn consumer_get_state(&mut self) -> Result<ReplRuvRange, OperationError> { ... }

}
Expand description

The QueryServerTransaction trait provides a set of common read only operations to be shared between QueryServerReadTransaction and QueryServerWriteTransactions.

These operations tend to be high level constructions, generally different types of searches that are capable of taking different types of parameters and applying access controls or not, impersonating accounts, or bypassing these via internal searches.

Required Associated Types§

source

type BackendTransactionType: BackendTransaction

source

type SchemaTransactionType: SchemaTransaction

source

type AccessControlsTransactionType: AccessControlsTransaction<'a>

source

type KeyProvidersTransactionType: KeyProvidersTransaction

Required Methods§

source

fn get_be_txn(&mut self) -> &mut Self::BackendTransactionType

source

fn get_schema<'b>(&self) -> &'b Self::SchemaTransactionType

source

fn get_accesscontrols(&self) -> &Self::AccessControlsTransactionType

source

fn get_key_providers(&self) -> &Self::KeyProvidersTransactionType

source

fn pw_badlist(&self) -> &HashSet<String>

source

fn denied_names(&self) -> &HashSet<String>

source

fn get_domain_version(&self) -> DomainVersion

source

fn get_domain_patch_level(&self) -> u32

source

fn get_domain_development_taint(&self) -> bool

source

fn get_domain_uuid(&self) -> Uuid

source

fn get_domain_name(&self) -> &str

source

fn get_domain_display_name(&self) -> &str

source

fn get_domain_image_value(&self) -> Option<ImageValue>

source

fn get_resolve_filter_cache(&mut self) -> &mut ResolveFilterCacheReadTxn<'a>

source

fn get_resolve_filter_cache_and_be_txn( &mut self, ) -> (&mut Self::BackendTransactionType, &mut ResolveFilterCacheReadTxn<'a>)

Provided Methods§

source

fn search_ext( &mut self, se: &SearchEvent, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>

Conduct a search and apply access controls to yield a set of entries that have been reduced to the set of user visible avas. Note that if you provide a SearchEvent for the internal user, this query will fail. It is invalid for the access module to attempt to reduce avas for internal searches, and you should use fn search instead.

source

fn search( &mut self, se: &SearchEvent, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

source

fn exists(&mut self, ee: &ExistsEvent) -> Result<bool, OperationError>

source

fn name_to_uuid(&mut self, name: &str) -> Result<Uuid, OperationError>

source

fn sync_external_id_to_uuid( &mut self, external_id: &str, ) -> Result<Option<Uuid>, OperationError>

source

fn uuid_to_spn(&mut self, uuid: Uuid) -> Result<Option<Value>, OperationError>

source

fn uuid_to_rdn(&mut self, uuid: Uuid) -> Result<String, OperationError>

source

fn internal_exists( &mut self, filter: Filter<FilterInvalid>, ) -> Result<bool, OperationError>

From internal, generate an “exists” event and dispatch

source

fn impersonate_search_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

source

fn impersonate_search_ext_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>

Applies ACP to filter result entries.

source

fn impersonate_search_ext( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>

source

fn internal_search_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError>

Get a single entry by its UUID. This is used heavily for internal server operations, especially in login and ACP checks.

source

fn internal_search_all_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError>

Get a single entry by its UUID, even if the entry in question is in a masked state (recycled, tombstoned).

source

fn internal_search_conflict_uuid( &mut self, uuid: Uuid, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

Get all conflict entries that originated from a source uuid.

source

fn impersonate_search_ext_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError>

source

fn impersonate_search_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Arc<EntrySealedCommitted>, OperationError>

source

fn clone_value( &mut self, attr: &Attribute, value: &str, ) -> Result<Value, OperationError>

Do a schema aware conversion from a String:String to String:Value for modification present.

source

fn clone_partialvalue( &mut self, attr: &Attribute, value: &str, ) -> Result<PartialValue, OperationError>

source

fn resolve_scim_interim( &mut self, scim_value_intermediate: ScimValueIntermediate, ) -> Result<Option<ScimValueKanidm>, OperationError>

source

fn resolve_valueset( &mut self, value: &ValueSet, ) -> Result<Vec<String>, OperationError>

source

fn resolve_valueset_ldap( &mut self, value: &ValueSet, basedn: &str, ) -> Result<Vec<Vec<u8>>, OperationError>

source

fn get_db_domain(&mut self) -> Result<Arc<EntrySealedCommitted>, OperationError>

source

fn get_domain_key_object_handle( &self, ) -> Result<Arc<Box<dyn KeyObjectT + Send + Sync + 'static>>, OperationError>

source

fn get_domain_es256_private_key(&mut self) -> Result<Vec<u8>, OperationError>

source

fn get_domain_ldap_allow_unix_pw_bind(&mut self) -> Result<bool, OperationError>

source

fn get_sc_password_badlist(&mut self) -> Result<HashSet<String>, OperationError>

Get the password badlist from the system config. You should not call this directly as this value is cached in the system_config() value.

source

fn get_sc_denied_names(&mut self) -> Result<HashSet<String>, OperationError>

Get the denied name set from the system config. You should not call this directly as this value is cached in the system_config() value.

source

fn get_oauth2rs_set( &mut self, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

source

fn get_applications_set( &mut self, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

source

fn consumer_get_state(&mut self) -> Result<ReplRuvRange, OperationError>

Implementors§