mirror of https://github.com/lldap/lldap.git
server: Add graphQL methods to manage custom LDAP object classes
This commit is contained in:
parent
4955b7fac1
commit
96f5b31e0c
|
@ -18,6 +18,10 @@ type Mutation {
|
||||||
addGroupAttribute(name: String!, attributeType: AttributeType!, isList: Boolean!, isVisible: Boolean!, isEditable: Boolean!): Success!
|
addGroupAttribute(name: String!, attributeType: AttributeType!, isList: Boolean!, isVisible: Boolean!, isEditable: Boolean!): Success!
|
||||||
deleteUserAttribute(name: String!): Success!
|
deleteUserAttribute(name: String!): Success!
|
||||||
deleteGroupAttribute(name: String!): Success!
|
deleteGroupAttribute(name: String!): Success!
|
||||||
|
addUserObjectClass(name: String!): Success!
|
||||||
|
addGroupObjectClass(name: String!): Success!
|
||||||
|
deleteUserObjectClass(name: String!): Success!
|
||||||
|
deleteGroupObjectClass(name: String!): Success!
|
||||||
}
|
}
|
||||||
|
|
||||||
type Group {
|
type Group {
|
||||||
|
|
|
@ -12,7 +12,10 @@ use crate::domain::{
|
||||||
UpdateUserRequest, UserBackendHandler, UserListerBackendHandler, UserRequestFilter,
|
UpdateUserRequest, UserBackendHandler, UserListerBackendHandler, UserRequestFilter,
|
||||||
},
|
},
|
||||||
schema::PublicSchema,
|
schema::PublicSchema,
|
||||||
types::{AttributeName, Group, GroupDetails, GroupId, GroupName, User, UserAndGroups, UserId},
|
types::{
|
||||||
|
AttributeName, Group, GroupDetails, GroupId, GroupName, LdapObjectClass, User,
|
||||||
|
UserAndGroups, UserId,
|
||||||
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
#[derive(Clone, Copy, PartialEq, Eq, Debug)]
|
#[derive(Clone, Copy, PartialEq, Eq, Debug)]
|
||||||
|
@ -112,6 +115,10 @@ pub trait AdminBackendHandler:
|
||||||
async fn add_group_attribute(&self, request: CreateAttributeRequest) -> Result<()>;
|
async fn add_group_attribute(&self, request: CreateAttributeRequest) -> Result<()>;
|
||||||
async fn delete_user_attribute(&self, name: &AttributeName) -> Result<()>;
|
async fn delete_user_attribute(&self, name: &AttributeName) -> Result<()>;
|
||||||
async fn delete_group_attribute(&self, name: &AttributeName) -> Result<()>;
|
async fn delete_group_attribute(&self, name: &AttributeName) -> Result<()>;
|
||||||
|
async fn add_user_object_class(&self, name: &LdapObjectClass) -> Result<()>;
|
||||||
|
async fn add_group_object_class(&self, name: &LdapObjectClass) -> Result<()>;
|
||||||
|
async fn delete_user_object_class(&self, name: &LdapObjectClass) -> Result<()>;
|
||||||
|
async fn delete_group_object_class(&self, name: &LdapObjectClass) -> Result<()>;
|
||||||
}
|
}
|
||||||
|
|
||||||
#[async_trait]
|
#[async_trait]
|
||||||
|
@ -187,6 +194,18 @@ impl<Handler: BackendHandler> AdminBackendHandler for Handler {
|
||||||
async fn delete_group_attribute(&self, name: &AttributeName) -> Result<()> {
|
async fn delete_group_attribute(&self, name: &AttributeName) -> Result<()> {
|
||||||
<Handler as SchemaBackendHandler>::delete_group_attribute(self, name).await
|
<Handler as SchemaBackendHandler>::delete_group_attribute(self, name).await
|
||||||
}
|
}
|
||||||
|
async fn add_user_object_class(&self, name: &LdapObjectClass) -> Result<()> {
|
||||||
|
<Handler as SchemaBackendHandler>::add_user_object_class(self, name).await
|
||||||
|
}
|
||||||
|
async fn add_group_object_class(&self, name: &LdapObjectClass) -> Result<()> {
|
||||||
|
<Handler as SchemaBackendHandler>::add_group_object_class(self, name).await
|
||||||
|
}
|
||||||
|
async fn delete_user_object_class(&self, name: &LdapObjectClass) -> Result<()> {
|
||||||
|
<Handler as SchemaBackendHandler>::delete_user_object_class(self, name).await
|
||||||
|
}
|
||||||
|
async fn delete_group_object_class(&self, name: &LdapObjectClass) -> Result<()> {
|
||||||
|
<Handler as SchemaBackendHandler>::delete_group_object_class(self, name).await
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct AccessControlledBackendHandler<Handler> {
|
pub struct AccessControlledBackendHandler<Handler> {
|
||||||
|
|
|
@ -9,7 +9,7 @@ use crate::{
|
||||||
},
|
},
|
||||||
types::{
|
types::{
|
||||||
AttributeName, AttributeType, AttributeValue as DomainAttributeValue, GroupId,
|
AttributeName, AttributeType, AttributeValue as DomainAttributeValue, GroupId,
|
||||||
JpegPhoto, UserId,
|
JpegPhoto, LdapObjectClass, UserId,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
infra::{
|
infra::{
|
||||||
|
@ -490,6 +490,90 @@ impl<Handler: BackendHandler> Mutation<Handler> {
|
||||||
.await?;
|
.await?;
|
||||||
Ok(Success::new())
|
Ok(Success::new())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async fn add_user_object_class(
|
||||||
|
context: &Context<Handler>,
|
||||||
|
name: String,
|
||||||
|
) -> FieldResult<Success> {
|
||||||
|
let span = debug_span!("[GraphQL mutation] add_user_object_class");
|
||||||
|
span.in_scope(|| {
|
||||||
|
debug!(?name);
|
||||||
|
});
|
||||||
|
let handler = context
|
||||||
|
.get_admin_handler()
|
||||||
|
.ok_or_else(field_error_callback(
|
||||||
|
&span,
|
||||||
|
"Unauthorized object class addition",
|
||||||
|
))?;
|
||||||
|
handler
|
||||||
|
.add_user_object_class(&LdapObjectClass::from(name))
|
||||||
|
.instrument(span)
|
||||||
|
.await?;
|
||||||
|
Ok(Success::new())
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn add_group_object_class(
|
||||||
|
context: &Context<Handler>,
|
||||||
|
name: String,
|
||||||
|
) -> FieldResult<Success> {
|
||||||
|
let span = debug_span!("[GraphQL mutation] add_group_object_class");
|
||||||
|
span.in_scope(|| {
|
||||||
|
debug!(?name);
|
||||||
|
});
|
||||||
|
let handler = context
|
||||||
|
.get_admin_handler()
|
||||||
|
.ok_or_else(field_error_callback(
|
||||||
|
&span,
|
||||||
|
"Unauthorized object class addition",
|
||||||
|
))?;
|
||||||
|
handler
|
||||||
|
.add_group_object_class(&LdapObjectClass::from(name))
|
||||||
|
.instrument(span)
|
||||||
|
.await?;
|
||||||
|
Ok(Success::new())
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn delete_user_object_class(
|
||||||
|
context: &Context<Handler>,
|
||||||
|
name: String,
|
||||||
|
) -> FieldResult<Success> {
|
||||||
|
let span = debug_span!("[GraphQL mutation] delete_user_object_class");
|
||||||
|
span.in_scope(|| {
|
||||||
|
debug!(?name);
|
||||||
|
});
|
||||||
|
let handler = context
|
||||||
|
.get_admin_handler()
|
||||||
|
.ok_or_else(field_error_callback(
|
||||||
|
&span,
|
||||||
|
"Unauthorized object class deletion",
|
||||||
|
))?;
|
||||||
|
handler
|
||||||
|
.delete_user_object_class(&LdapObjectClass::from(name))
|
||||||
|
.instrument(span)
|
||||||
|
.await?;
|
||||||
|
Ok(Success::new())
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn delete_group_object_class(
|
||||||
|
context: &Context<Handler>,
|
||||||
|
name: String,
|
||||||
|
) -> FieldResult<Success> {
|
||||||
|
let span = debug_span!("[GraphQL mutation] delete_group_object_class");
|
||||||
|
span.in_scope(|| {
|
||||||
|
debug!(?name);
|
||||||
|
});
|
||||||
|
let handler = context
|
||||||
|
.get_admin_handler()
|
||||||
|
.ok_or_else(field_error_callback(
|
||||||
|
&span,
|
||||||
|
"Unauthorized object class deletion",
|
||||||
|
))?;
|
||||||
|
handler
|
||||||
|
.delete_group_object_class(&LdapObjectClass::from(name))
|
||||||
|
.instrument(span)
|
||||||
|
.await?;
|
||||||
|
Ok(Success::new())
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn create_group_with_details<Handler: BackendHandler>(
|
async fn create_group_with_details<Handler: BackendHandler>(
|
||||||
|
|
Loading…
Reference in New Issue