| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 |
- use crate::{schema, UIDCError};
- use microrm::prelude::*;
- pub fn create_scope(realm: µrm::Stored<schema::Realm>, name: &str) -> Result<(), UIDCError> {
- realm.scopes.insert(schema::Scope {
- realm: realm.id(),
- shortname: name.into(),
- roles: Default::default(),
- })?;
- Ok(())
- }
- pub fn list_scopes(realm: &schema::Realm) -> Result<(), UIDCError> {
- for scope in realm.scopes.get()? {
- println!("{}", scope.shortname);
- }
- Ok(())
- }
- pub fn inspect_scope(
- realm: µrm::Stored<schema::Realm>,
- scope_name: &str,
- ) -> Result<(), UIDCError> {
- let scope = realm
- .scopes
- .keyed((realm.id(), scope_name))
- .get()?
- .ok_or(UIDCError::Abort("no such scope"))?;
- println!("scope name: {}", scope.shortname);
- println!("attached roles:");
- for role in scope.roles.get()? {
- println!(" - {}", role.shortname);
- }
- Ok(())
- }
- pub fn attach_role(
- realm: µrm::Stored<schema::Realm>,
- scope_name: &str,
- role_name: &str,
- ) -> Result<(), UIDCError> {
- let scope = realm.scopes.keyed((realm.id(), scope_name)).get()?;
- let role = realm.roles.keyed((realm.id(), role_name)).get()?;
- match (scope, role) {
- (None, _) => Err(UIDCError::Abort("no such scope")),
- (_, None) => Err(UIDCError::Abort("no such role")),
- (Some(scope), Some(role)) => {
- scope.roles.connect_to(role.id())?;
- Ok(())
- }
- }
- }
- pub fn detach_role(
- realm: µrm::Stored<schema::Realm>,
- scope_name: &str,
- role_name: &str,
- ) -> Result<(), UIDCError> {
- let scope = realm.scopes.keyed((realm.id(), scope_name)).get()?;
- let role = realm.roles.keyed((realm.id(), role_name)).get()?;
- if let Some((scope, role)) = scope.as_ref().zip(role) {
- scope.roles.disconnect_from(role.id())?;
- } else if scope.is_none() {
- println!("No such scope!");
- } else {
- println!("No such role!");
- }
- Ok(())
- }
|
