kanidmd_lib::server

Trait QueryServerTransaction

source
pub trait QueryServerTransaction<'a> {
    type BackendTransactionType: BackendTransaction;
    type SchemaTransactionType: SchemaTransaction;
    type AccessControlsTransactionType: AccessControlsTransaction<'a>;
    type KeyProvidersTransactionType: KeyProvidersTransaction;

Show 49 methods // Required methods fn get_be_txn(&mut self) -> &mut Self::BackendTransactionType; fn get_schema<'b>(&self) -> &'b Self::SchemaTransactionType; fn get_accesscontrols(&self) -> &Self::AccessControlsTransactionType; fn get_key_providers(&self) -> &Self::KeyProvidersTransactionType; fn pw_badlist(&self) -> &HashSet<String>; fn denied_names(&self) -> &HashSet<String>; fn get_domain_version(&self) -> DomainVersion; fn get_domain_patch_level(&self) -> u32; fn get_domain_development_taint(&self) -> bool; fn get_domain_uuid(&self) -> Uuid; fn get_domain_name(&self) -> &str; fn get_domain_display_name(&self) -> &str; fn get_domain_image_value(&self) -> Option<ImageValue>; fn get_resolve_filter_cache(&mut self) -> &mut ResolveFilterCacheReadTxn<'a>; fn get_resolve_filter_cache_and_be_txn( &mut self, ) -> (&mut Self::BackendTransactionType, &mut ResolveFilterCacheReadTxn<'a>); // Provided methods fn search_ext( &mut self, se: &SearchEvent, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... } fn search( &mut self, se: &SearchEvent, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... } fn exists(&mut self, ee: &ExistsEvent) -> Result<bool, OperationError> { ... } fn name_to_uuid(&mut self, name: &str) -> Result<Uuid, OperationError> { ... } fn sync_external_id_to_uuid( &mut self, external_id: &str, ) -> Result<Option<Uuid>, OperationError> { ... } fn uuid_to_spn( &mut self, uuid: Uuid, ) -> Result<Option<Value>, OperationError> { ... } fn uuid_to_rdn(&mut self, uuid: Uuid) -> Result<String, OperationError> { ... } fn internal_exists( &mut self, filter: Filter<FilterInvalid>, ) -> Result<bool, OperationError> { ... } fn internal_search( &mut self, filter: Filter<FilterInvalid>, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... } fn impersonate_search_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... } fn impersonate_search_ext_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... } fn impersonate_search( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... } fn impersonate_search_ext( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError> { ... } fn internal_search_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... } fn internal_search_all_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... } fn internal_search_conflict_uuid( &mut self, uuid: Uuid, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... } fn impersonate_search_ext_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError> { ... } fn impersonate_search_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... } fn clone_value( &mut self, attr: &Attribute, value: &str, ) -> Result<Value, OperationError> { ... } fn clone_partialvalue( &mut self, attr: &Attribute, value: &str, ) -> Result<PartialValue, OperationError> { ... } fn resolve_scim_interim( &mut self, scim_value_intermediate: ScimValueIntermediate, ) -> Result<Option<ScimValueKanidm>, OperationError> { ... } fn resolve_scim_json_put( &mut self, attr: &Attribute, value: Option<JsonValue>, ) -> Result<Option<ValueSet>, OperationError> { ... } fn resolve_valueset_intermediate( &mut self, vs_inter: ValueSetIntermediate, ) -> Result<ValueSet, OperationError> { ... } fn resolve_valueset( &mut self, value: &ValueSet, ) -> Result<Vec<String>, OperationError> { ... } fn resolve_valueset_ldap( &mut self, value: &ValueSet, basedn: &str, ) -> Result<Vec<Vec<u8>>, OperationError> { ... } fn get_db_domain( &mut self, ) -> Result<Arc<EntrySealedCommitted>, OperationError> { ... } fn get_domain_key_object_handle( &self, ) -> Result<Arc<Box<dyn KeyObjectT + Send + Sync + 'static>>, OperationError> { ... } fn get_domain_es256_private_key( &mut self, ) -> Result<Vec<u8>, OperationError> { ... } fn get_domain_ldap_allow_unix_pw_bind( &mut self, ) -> Result<bool, OperationError> { ... } fn get_sc_password_badlist( &mut self, ) -> Result<HashSet<String>, OperationError> { ... } fn get_sc_denied_names(&mut self) -> Result<HashSet<String>, OperationError> { ... } fn get_oauth2rs_set( &mut self, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... } fn get_applications_set( &mut self, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError> { ... } fn consumer_get_state(&mut self) -> Result<ReplRuvRange, OperationError> { ... }
}
Expand description

The QueryServerTransaction trait provides a set of common read only operations to be shared between QueryServerReadTransaction and QueryServerWriteTransactions.

These operations tend to be high level constructions, generally different types of searches that are capable of taking different types of parameters and applying access controls or not, impersonating accounts, or bypassing these via internal searches.

Required Associated Types§

Required Methods§

Provided Methods§

source

fn search_ext( &mut self, se: &SearchEvent, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>

Conduct a search and apply access controls to yield a set of entries that have been reduced to the set of user visible avas. Note that if you provide a SearchEvent for the internal user, this query will fail. It is invalid for the access module to attempt to reduce avas for internal searches, and you should use fn search instead.

source

fn search( &mut self, se: &SearchEvent, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

source

fn exists(&mut self, ee: &ExistsEvent) -> Result<bool, OperationError>

source

fn name_to_uuid(&mut self, name: &str) -> Result<Uuid, OperationError>

source

fn sync_external_id_to_uuid( &mut self, external_id: &str, ) -> Result<Option<Uuid>, OperationError>

source

fn uuid_to_spn(&mut self, uuid: Uuid) -> Result<Option<Value>, OperationError>

source

fn uuid_to_rdn(&mut self, uuid: Uuid) -> Result<String, OperationError>

source

fn internal_exists( &mut self, filter: Filter<FilterInvalid>, ) -> Result<bool, OperationError>

From internal, generate an “exists” event and dispatch

source

fn impersonate_search_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

source

fn impersonate_search_ext_valid( &mut self, f_valid: Filter<FilterValid>, f_intent_valid: Filter<FilterValid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>

Applies ACP to filter result entries.

source

fn impersonate_search_ext( &mut self, filter: Filter<FilterInvalid>, filter_intent: Filter<FilterInvalid>, event: &Identity, ) -> Result<Vec<Entry<EntryReduced, EntryCommitted>>, OperationError>

source

fn internal_search_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError>

Get a single entry by its UUID. This is used heavily for internal server operations, especially in login and ACP checks.

source

fn internal_search_all_uuid( &mut self, uuid: Uuid, ) -> Result<Arc<EntrySealedCommitted>, OperationError>

Get a single entry by its UUID, even if the entry in question is in a masked state (recycled, tombstoned).

source

fn internal_search_conflict_uuid( &mut self, uuid: Uuid, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

Get all conflict entries that originated from a source uuid.

source

fn impersonate_search_ext_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Entry<EntryReduced, EntryCommitted>, OperationError>

source

fn impersonate_search_uuid( &mut self, uuid: Uuid, event: &Identity, ) -> Result<Arc<EntrySealedCommitted>, OperationError>

source

fn clone_value( &mut self, attr: &Attribute, value: &str, ) -> Result<Value, OperationError>

Do a schema aware conversion from a String:String to String:Value for modification present.

source

fn clone_partialvalue( &mut self, attr: &Attribute, value: &str, ) -> Result<PartialValue, OperationError>

source

fn resolve_scim_interim( &mut self, scim_value_intermediate: ScimValueIntermediate, ) -> Result<Option<ScimValueKanidm>, OperationError>

source

fn resolve_scim_json_put( &mut self, attr: &Attribute, value: Option<JsonValue>, ) -> Result<Option<ValueSet>, OperationError>

source

fn resolve_valueset_intermediate( &mut self, vs_inter: ValueSetIntermediate, ) -> Result<ValueSet, OperationError>

source

fn resolve_valueset( &mut self, value: &ValueSet, ) -> Result<Vec<String>, OperationError>

source

fn resolve_valueset_ldap( &mut self, value: &ValueSet, basedn: &str, ) -> Result<Vec<Vec<u8>>, OperationError>

source

fn get_db_domain(&mut self) -> Result<Arc<EntrySealedCommitted>, OperationError>

source

fn get_domain_key_object_handle( &self, ) -> Result<Arc<Box<dyn KeyObjectT + Send + Sync + 'static>>, OperationError>

source

fn get_domain_es256_private_key(&mut self) -> Result<Vec<u8>, OperationError>

source

fn get_domain_ldap_allow_unix_pw_bind(&mut self) -> Result<bool, OperationError>

source

fn get_sc_password_badlist(&mut self) -> Result<HashSet<String>, OperationError>

Get the password badlist from the system config. You should not call this directly as this value is cached in the system_config() value.

source

fn get_sc_denied_names(&mut self) -> Result<HashSet<String>, OperationError>

Get the denied name set from the system config. You should not call this directly as this value is cached in the system_config() value.

source

fn get_oauth2rs_set( &mut self, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

source

fn get_applications_set( &mut self, ) -> Result<Vec<Arc<EntrySealedCommitted>>, OperationError>

source

fn consumer_get_state(&mut self) -> Result<ReplRuvRange, OperationError>

Implementors§