uidc/src/group_management.rs

use crate::{schema, UIDCError};
use microrm::prelude::*;

pub fn create_group(
    qi: &microrm::QueryInterface,
    realm_id: schema::RealmID,
    name: &str,
) -> Result<(), UIDCError> {
    qi.add(&schema::Group {
        realm: realm_id,
        shortname: name.into(),
    })?;
    Ok(())
}

pub fn list_groups(
    qi: &microrm::QueryInterface,
    realm_id: schema::RealmID,
) -> Result<(), UIDCError> {
    for group in qi.get().by(schema::Group::Realm, &realm_id).all()? {
        println!("{}", group.shortname);
    }
    Ok(())
}

pub fn list_members(
    qi: &microrm::QueryInterface,
    realm_id: schema::RealmID,
    name: &str,
) -> Result<(), UIDCError> {
    let group_id = qi
        .get()
        .only_ids()
        .by(schema::Group::Realm, &realm_id)
        .by(schema::Group::Shortname, name)
        .one_id()?
        .ok_or(UIDCError::Abort("no such group"))?;

    for member in qi
        .get()
        .by(schema::GroupMembership::Group, &group_id)
        .all()?
    {
        let user = qi
            .get()
            .by_id(&member.user)
            .one()?
            .ok_or(UIDCError::Abort("no user matching GroupMembership"))?;
        println!("{}", user.username);
    }
    Ok(())
}

pub fn list_roles(
    qi: &microrm::QueryInterface,
    realm_id: schema::RealmID,
    name: &str,
) -> Result<(), UIDCError> {
    let group_id = qi
        .get()
        .only_ids()
        .by(schema::Group::Realm, &realm_id)
        .by(schema::Group::Shortname, name)
        .one_id()?
        .ok_or(UIDCError::Abort("no such group"))?;

    for member in qi.get().by(schema::GroupRole::Group, &group_id).all()? {
        let role = qi
            .get()
            .by_id(&member.role)
            .one()?
            .ok_or(UIDCError::Abort("no role matching GroupRole"))?;
        println!("{}", role.shortname);
    }
    Ok(())
}

pub fn attach_user(
    qi: &microrm::QueryInterface,
    realm_id: schema::RealmID,
    group_name: &str,
    username: &str,
) -> Result<(), UIDCError> {
    let group = qi
        .get()
        .by(schema::Group::Realm, &realm_id)
        .by(schema::Group::Shortname, group_name)
        .one()?;
    let user = qi
        .get()
        .by(schema::User::Realm, &realm_id)
        .by(schema::User::Username, username)
        .one()?;

    match (group, user) {
        (None, _) => Err(UIDCError::Abort("no such group")),
        (_, None) => Err(UIDCError::Abort("no such user")),
        (Some(group), Some(user)) => {
            qi.add(&schema::GroupMembership {
                group: group.id(),
                user: user.id(),
            })?;
            Ok(())
        }
    }
}

pub fn detach_user(
    qi: &microrm::QueryInterface,
    realm_id: schema::RealmID,
    group_name: &str,
    username: &str,
) -> Result<(), UIDCError> {
    todo!()
}

pub fn attach_role(
    qi: &microrm::QueryInterface,
    realm_id: schema::RealmID,
    group_name: &str,
    role_name: &str,
) -> Result<(), UIDCError> {
    let group = qi
        .get()
        .by(schema::Group::Realm, &realm_id)
        .by(schema::Group::Shortname, group_name)
        .one()?;
    let role = qi
        .get()
        .by(schema::Role::Realm, &realm_id)
        .by(schema::Role::Shortname, role_name)
        .one()?;

    match (group, role) {
        (None, _) => Err(UIDCError::Abort("no such group")),
        (_, None) => Err(UIDCError::Abort("no such role")),
        (Some(group), Some(role)) => {
            qi.add(&schema::GroupRole {
                group: group.id(),
                role: role.id(),
            })?;
            Ok(())
        }
    }
}

pub fn detach_role(
    qi: &microrm::QueryInterface,
    realm_id: schema::RealmID,
    group_name: &str,
    role: &str,
) -> Result<(), UIDCError> {
    todo!()
}