Enable key to be restricted to server types

ctrlo · Jul 14, 2024 · b33f91c · b33f91c
1 parent 03d0e02
commit b33f91c
Show file tree

Hide file tree

Showing 16 changed files with 4,694 additions and 7 deletions.
diff --git a/lib/Brass.pm b/lib/Brass.pm
@@ -463,6 +463,7 @@ any ['get', 'post'] => '/config/pwd/?:id?' => require_role 'config' => sub {
             $pwd->publickey(param 'publickey');
             $pwd->last_changed($strp->parse_datetime(param 'last_changed'));
             $pwd->set_uad(param 'uad');
+            $pwd->servertypes([body_parameters->get_all('servertypes')]);
             $pwd->write;
             redirect '/config/pwd';
         }
@@ -473,9 +474,10 @@ any ['get', 'post'] => '/config/pwd/?:id?' => require_role 'config' => sub {
             $pwd->delete;
             redirect '/config/pwd';
         }
-        $params->{pwd}     = $pwd;
-        $params->{uads}    = $uads->all;
-        $params->{servers} = $servers->all;
+        $params->{pwd}         = $pwd;
+        $params->{uads}        = $uads->all;
+        $params->{servers}     = $servers->all;
+        $params->{servertypes} = [$schema->resultset('Servertype')->all];
     }
 
     template 'config/pwd' => $params;

diff --git a/lib/Brass/API.pm b/lib/Brass/API.pm
@@ -302,15 +302,22 @@ get 'api/server/' => sub {
     elsif ($action eq 'sshkeys')
     {
         $server or error __"Please specify server";
+        my $server_rs = $schema->resultset('Server')->by_name($server)
+            or error __"Server not found";
         my ($serv) = $schema->resultset('Server')->search({
-            'me.name'      => $server,
-            'user.deleted' => undef,
+            'me.name'                      => $server,
+            'user.deleted'                 => undef,
+            # Restrict keys to either ones without a servertype restriction, or
+            # ones that match the servertype of this server
+            'pw_servertypes.servertype_id' => [undef, map { $_->servertype_id } $server_rs->server_servertypes],
         },{
             prefetch => {
                 server_servertypes => {
                     servertype => {
                         user_servertypes => {
-                            user => 'pws',
+                            user => {
+                                pws => 'pw_servertypes',
+                            },
                         },
                     },
                 },

diff --git a/lib/Brass/Config/Pwd.pm b/lib/Brass/Config/Pwd.pm
@@ -189,6 +189,17 @@ sub write
             server_id => $s,
         });
     }
+    # Update all the servertypes
+    $self->schema->resultset('PwServertype')->search({
+        pw_id => $self->id,
+    })->delete;
+    foreach my $id (@{$self->servertypes})
+    {
+        $self->schema->resultset('PwServertype')->create({
+            pw_id         => $self->id,
+            servertype_id => $id,
+        });
+    }
     $guard->commit;
 }
 
@@ -241,5 +252,22 @@ sub _build_servers
     \%servers;
 }
 
+sub has_servertype
+{   my ($self, $servertype_id) = @_;
+    !! grep $_ == $servertype_id, @{$self->servertypes};
+}
+
+has servertypes => (
+    is      => 'rw',
+    isa     => ArrayRef,
+    lazy    => 1,
+    builder => 1,
+);
+
+sub _build_servertypes
+{   my $self = shift;
+    [map $_->servertype_id, $self->_rset->pw_servertypes];
+}
+
 1;
 
diff --git a/lib/Brass/Schema.pm b/lib/Brass/Schema.pm
@@ -15,7 +15,7 @@ __PACKAGE__->load_namespaces;
 # Created by DBIx::Class::Schema::Loader v0.07039 @ 2014-10-01 11:03:29
 # DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:GqW9kl7MrcAx0vieFGh+cw
 
-our $VERSION = 40;
+our $VERSION = 41;
 
 # You can replace this text with custom code or comments, and it will be preserved on regeneration
 1;
diff --git a/lib/Brass/Schema/Result/Pw.pm b/lib/Brass/Schema/Result/Pw.pm
@@ -49,6 +49,13 @@ __PACKAGE__->belongs_to(
   },
 );
 
+__PACKAGE__->has_many(
+  "pw_servertypes",
+  "Brass::Schema::Result::PwServertype",
+  { "foreign.pw_id" => "self.id" },
+  { cascade_copy => 0, cascade_delete => 0 },
+);
+
 __PACKAGE__->belongs_to(
   "uad",
   "Brass::Schema::Result::Uad",

diff --git a/lib/Brass/Schema/Result/PwServertype.pm b/lib/Brass/Schema/Result/PwServertype.pm
@@ -0,0 +1,46 @@
+use utf8;
+package Brass::Schema::Result::PwServertype;
+
+use strict;
+use warnings;
+
+use base 'DBIx::Class::Core';
+
+__PACKAGE__->table("pw_servertype");
+
+__PACKAGE__->add_columns(
+  "id",
+  { data_type => "integer", is_auto_increment => 1, is_nullable => 0 },
+  "servertype_id",
+  { data_type => "integer", is_foreign_key => 1, is_nullable => 1 },
+  "pw_id",
+  { data_type => "integer", is_foreign_key => 1, is_nullable => 1 },
+);
+
+__PACKAGE__->set_primary_key("id");
+
+__PACKAGE__->belongs_to(
+  "servertype",
+  "Brass::Schema::Result::Servertype",
+  { id => "servertype_id" },
+  {
+    is_deferrable => 1,
+    join_type     => "LEFT",
+    on_delete     => "NO ACTION",
+    on_update     => "NO ACTION",
+  },
+);
+
+__PACKAGE__->belongs_to(
+  "pw",
+  "Brass::Schema::Result::Pw",
+  { id => "pw_id" },
+  {
+    is_deferrable => 1,
+    join_type     => "LEFT",
+    on_delete     => "NO ACTION",
+    on_update     => "NO ACTION",
+  },
+);
+
+1;
diff --git a/lib/Brass/Schema/ResultSet/Server.pm b/lib/Brass/Schema/ResultSet/Server.pm
@@ -0,0 +1,18 @@
+package Brass::Schema::ResultSet::Server;
+
+use strict;
+use warnings;
+
+use Log::Report;
+
+use base qw(DBIx::Class::ResultSet);
+
+sub by_name
+{   my ($self, $name) = @_;
+
+    $self->search({
+        'me.name' => $name,
+    })->next;
+}
+
+1;
diff --git a/share/fixtures/41/conf/all_tables.json b/share/fixtures/41/conf/all_tables.json
@@ -0,0 +1,165 @@
+{
+   "has_many" : {
+      "fetch" : 0
+   },
+   "sets" : [
+      {
+         "class" : "Comment",
+         "quantity" : "all"
+      },
+      {
+         "class" : "Priority",
+         "quantity" : "all"
+      },
+      {
+         "class" : "Domain",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "EventPerson"
+      },
+      {
+         "class" : "CertLocationUse",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Project"
+      },
+      {
+         "quantity" : "all",
+         "class" : "UserServertype"
+      },
+      {
+         "quantity" : "all",
+         "class" : "User"
+      },
+      {
+         "class" : "App",
+         "quantity" : "all"
+      },
+      {
+         "class" : "CertUse",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "CertLocation"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Issue"
+      },
+      {
+         "class" : "UserTopic",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Pw"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Customer"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Tag"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Uad"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Event"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Site"
+      },
+      {
+         "class" : "IssuePriority",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "ServerServertype"
+      },
+      {
+         "quantity" : "all",
+         "class" : "IssueTag"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Servertype"
+      },
+      {
+         "class" : "Status",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Permission"
+      },
+      {
+         "class" : "ServerPw",
+         "quantity" : "all"
+      },
+      {
+         "class" : "Calendar",
+         "quantity" : "all"
+      },
+      {
+         "class" : "File",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "UserProject"
+      },
+      {
+         "class" : "IssueStatus",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "ServerCert"
+      },
+      {
+         "class" : "Server",
+         "quantity" : "all"
+      },
+      {
+         "class" : "UserPermission",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Eventtype"
+      },
+      {
+         "quantity" : "all",
+         "class" : "Cert"
+      },
+      {
+         "class" : "Docsend",
+         "quantity" : "all"
+      },
+      {
+         "class" : "Issuetype",
+         "quantity" : "all"
+      },
+      {
+         "quantity" : "all",
+         "class" : "PwServertype"
+      }
+   ],
+   "might_have" : {
+      "fetch" : 0
+   },
+   "belongs_to" : {
+      "fetch" : 0
+   }
+}
diff --git a/share/fixtures/41/conf/permission.json b/share/fixtures/41/conf/permission.json
@@ -0,0 +1,17 @@
+{
+   "has_many" : {
+      "fetch" : 0
+   },
+   "sets" : [
+      {
+         "quantity" : "all",
+         "class" : "Permission"
+      }
+   ],
+   "might_have" : {
+      "fetch" : 0
+   },
+   "belongs_to" : {
+      "fetch" : 0
+   }
+}
diff --git a/share/migrations/MySQL/deploy/41/001-auto-__VERSION.sql b/share/migrations/MySQL/deploy/41/001-auto-__VERSION.sql
@@ -0,0 +1,18 @@
+--
+-- Created by SQL::Translator::Producer::MySQL
+-- Created on Sun Jul 14 12:56:37 2024
+--
+;
+SET foreign_key_checks=0;
+--
+-- Table: `dbix_class_deploymenthandler_versions`
+--
+CREATE TABLE `dbix_class_deploymenthandler_versions` (
+  `id` integer NOT NULL auto_increment,
+  `version` varchar(50) NOT NULL,
+  `ddl` text NULL,
+  `upgrade_sql` text NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE `dbix_class_deploymenthandler_versions_version` (`version`)
+);
+SET foreign_key_checks=1;