Skip to content

Commit be5913f

Browse files
azasypkinazasypkin
committed
chore(api): improve security domain test coverage and refactor legacy api extensions
1 parent 64a261b commit be5913f

11 files changed

Lines changed: 1119 additions & 1058 deletions

File tree

src/security/api_ext.rs

Lines changed: 402 additions & 2 deletions
Large diffs are not rendered by default.

src/server/handlers/certificate_templates.rs

Lines changed: 17 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,8 @@ pub async fn certificate_templates_list(
4242
) -> Result<HttpResponse, Error> {
4343
let templates = state
4444
.api
45-
.certificates()
46-
.get_certificate_templates(user.id)
45+
.certificates(&user)
46+
.get_certificate_templates()
4747
.await?;
4848
Ok(HttpResponse::Ok().json(templates))
4949
}
@@ -77,9 +77,9 @@ pub async fn certificate_templates_get(
7777
)
7878
.await?;
7979

80-
let certificates = state.api.certificates();
80+
let certificates = state.api.certificates(&user);
8181
let Some(template) = certificates
82-
.get_certificate_template(user.id, path.template_id)
82+
.get_certificate_template(path.template_id)
8383
.await?
8484
else {
8585
return Err(Error::not_found("Certificate template not found."));
@@ -119,8 +119,8 @@ pub async fn certificate_templates_create(
119119
) -> Result<HttpResponse, Error> {
120120
let template = state
121121
.api
122-
.certificates()
123-
.create_certificate_template(user.id, body.into_inner())
122+
.certificates(&user)
123+
.create_certificate_template(body.into_inner())
124124
.await?;
125125
Ok(HttpResponse::Created().json(template))
126126
}
@@ -145,8 +145,8 @@ pub async fn certificate_templates_update(
145145
) -> Result<HttpResponse, Error> {
146146
state
147147
.api
148-
.certificates()
149-
.update_certificate_template(user.id, path.template_id, body.into_inner())
148+
.certificates(&user)
149+
.update_certificate_template(path.template_id, body.into_inner())
150150
.await?;
151151
Ok(HttpResponse::NoContent().finish())
152152
}
@@ -169,8 +169,8 @@ pub async fn certificate_templates_delete(
169169
) -> Result<HttpResponse, Error> {
170170
state
171171
.api
172-
.certificates()
173-
.remove_certificate_template(user.id, path.template_id)
172+
.certificates(&user)
173+
.remove_certificate_template(path.template_id)
174174
.await?;
175175
Ok(HttpResponse::NoContent().finish())
176176
}
@@ -206,8 +206,8 @@ pub async fn certificate_templates_generate(
206206

207207
let data = state
208208
.api
209-
.certificates()
210-
.generate_self_signed_certificate(user.id, path.template_id, body.into_inner())
209+
.certificates(&user)
210+
.generate_self_signed_certificate(path.template_id, body.into_inner())
211211
.await?;
212212
Ok(HttpResponse::Ok().json(data))
213213
}
@@ -230,8 +230,8 @@ pub async fn certificate_templates_share(
230230
) -> Result<HttpResponse, Error> {
231231
let user_share = state
232232
.api
233-
.certificates()
234-
.share_certificate_template(user.id, path.template_id)
233+
.certificates(&user)
234+
.share_certificate_template(path.template_id)
235235
.await
236236
.map(ClientUserShare::from)?;
237237
Ok(HttpResponse::Ok().json(user_share))
@@ -254,8 +254,8 @@ pub async fn certificate_templates_unshare(
254254
) -> Result<HttpResponse, Error> {
255255
state
256256
.api
257-
.certificates()
258-
.unshare_certificate_template(user.id, path.template_id)
257+
.certificates(&user)
258+
.unshare_certificate_template(path.template_id)
259259
.await?;
260260
Ok(HttpResponse::NoContent().finish())
261261
}
@@ -276,10 +276,9 @@ pub async fn certificates_fetch(
276276
user: User,
277277
body: web::Json<TemplatesFetchCertificatesParams>,
278278
) -> Result<HttpResponse, Error> {
279-
let _ = user; // authenticated but not used for this operation
280279
let certs = state
281280
.api
282-
.certificates()
281+
.certificates(&user)
283282
.get_peer_certificates(&body.url)
284283
.await?;
285284
Ok(HttpResponse::Ok().json(certs))

src/server/handlers/content_security_policies.rs

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -39,8 +39,8 @@ pub struct ContentSecurityPolicyGetResponse {
3939
pub async fn csp_list(state: web::Data<AppState>, user: User) -> Result<HttpResponse, Error> {
4040
let policies = state
4141
.api
42-
.web_security()
43-
.get_content_security_policies(user.id)
42+
.web_security(&user)
43+
.get_content_security_policies()
4444
.await?;
4545
Ok(HttpResponse::Ok().json(policies))
4646
}
@@ -74,9 +74,9 @@ pub async fn csp_get(
7474
)
7575
.await?;
7676

77-
let web_security = state.api.web_security();
77+
let web_security = state.api.web_security(&user);
7878
let Some(policy) = web_security
79-
.get_content_security_policy(user.id, path.policy_id)
79+
.get_content_security_policy(path.policy_id)
8080
.await?
8181
else {
8282
return Err(Error::not_found("Content security policy not found."));
@@ -113,8 +113,8 @@ pub async fn csp_create(
113113
) -> Result<HttpResponse, Error> {
114114
let policy = state
115115
.api
116-
.web_security()
117-
.create_content_security_policy(user.id, body.into_inner())
116+
.web_security(&user)
117+
.create_content_security_policy(body.into_inner())
118118
.await?;
119119
Ok(HttpResponse::Created().json(policy))
120120
}
@@ -139,8 +139,8 @@ pub async fn csp_update(
139139
) -> Result<HttpResponse, Error> {
140140
state
141141
.api
142-
.web_security()
143-
.update_content_security_policy(user.id, path.policy_id, body.into_inner())
142+
.web_security(&user)
143+
.update_content_security_policy(path.policy_id, body.into_inner())
144144
.await?;
145145
Ok(HttpResponse::NoContent().finish())
146146
}
@@ -163,8 +163,8 @@ pub async fn csp_delete(
163163
) -> Result<HttpResponse, Error> {
164164
state
165165
.api
166-
.web_security()
167-
.remove_content_security_policy(user.id, path.policy_id)
166+
.web_security(&user)
167+
.remove_content_security_policy(path.policy_id)
168168
.await?;
169169
Ok(HttpResponse::NoContent().finish())
170170
}
@@ -200,8 +200,8 @@ pub async fn csp_serialize(
200200

201201
let data = state
202202
.api
203-
.web_security()
204-
.serialize_content_security_policy(user.id, path.policy_id, body.into_inner())
203+
.web_security(&user)
204+
.serialize_content_security_policy(path.policy_id, body.into_inner())
205205
.await?;
206206
Ok(HttpResponse::Ok().json(data))
207207
}
@@ -224,8 +224,8 @@ pub async fn csp_share(
224224
) -> Result<HttpResponse, Error> {
225225
let user_share = state
226226
.api
227-
.web_security()
228-
.share_content_security_policy(user.id, path.policy_id)
227+
.web_security(&user)
228+
.share_content_security_policy(path.policy_id)
229229
.await
230230
.map(ClientUserShare::from)?;
231231
Ok(HttpResponse::Ok().json(user_share))
@@ -248,8 +248,8 @@ pub async fn csp_unshare(
248248
) -> Result<HttpResponse, Error> {
249249
state
250250
.api
251-
.web_security()
252-
.unshare_content_security_policy(user.id, path.policy_id)
251+
.web_security(&user)
252+
.unshare_content_security_policy(path.policy_id)
253253
.await?;
254254
Ok(HttpResponse::NoContent().finish())
255255
}

src/server/handlers/private_keys.rs

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ pub async fn private_keys_list(
2828
state: web::Data<AppState>,
2929
user: User,
3030
) -> Result<HttpResponse, Error> {
31-
let keys = state.api.certificates().get_private_keys(user.id).await?;
31+
let keys = state.api.certificates(&user).get_private_keys().await?;
3232
Ok(HttpResponse::Ok().json(keys))
3333
}
3434

@@ -50,8 +50,8 @@ pub async fn private_keys_get(
5050
) -> Result<HttpResponse, Error> {
5151
let Some(key) = state
5252
.api
53-
.certificates()
54-
.get_private_key(user.id, path.key_id)
53+
.certificates(&user)
54+
.get_private_key(path.key_id)
5555
.await?
5656
else {
5757
return Err(Error::not_found("Private key not found."));
@@ -78,8 +78,8 @@ pub async fn private_keys_create(
7878
) -> Result<HttpResponse, Error> {
7979
let key = state
8080
.api
81-
.certificates()
82-
.create_private_key(user.id, body.into_inner())
81+
.certificates(&user)
82+
.create_private_key(body.into_inner())
8383
.await?;
8484
Ok(HttpResponse::Created().json(key))
8585
}
@@ -104,8 +104,8 @@ pub async fn private_keys_update(
104104
) -> Result<HttpResponse, Error> {
105105
state
106106
.api
107-
.certificates()
108-
.update_private_key(user.id, path.key_id, body.into_inner())
107+
.certificates(&user)
108+
.update_private_key(path.key_id, body.into_inner())
109109
.await?;
110110
Ok(HttpResponse::NoContent().finish())
111111
}
@@ -128,8 +128,8 @@ pub async fn private_keys_delete(
128128
) -> Result<HttpResponse, Error> {
129129
state
130130
.api
131-
.certificates()
132-
.remove_private_key(user.id, path.key_id)
131+
.certificates(&user)
132+
.remove_private_key(path.key_id)
133133
.await?;
134134
Ok(HttpResponse::NoContent().finish())
135135
}
@@ -154,8 +154,8 @@ pub async fn private_keys_export(
154154
) -> Result<HttpResponse, Error> {
155155
let data = state
156156
.api
157-
.certificates()
158-
.export_private_key(user.id, path.key_id, body.into_inner())
157+
.certificates(&user)
158+
.export_private_key(path.key_id, body.into_inner())
159159
.await?;
160160
Ok(HttpResponse::Ok().json(data))
161161
}

0 commit comments

Comments
 (0)