Add command check-auth

2025-11-29 19:25:33 +09:00
parent 03ddf0ac8a
commit 865b24884e
8 changed files with 215 additions and 13 deletions
--- a/src/core/protocol/commands.rs
+++ b/src/core/protocol/commands.rs
@@ -1,3 +1,4 @@
+mod check_authorization;
 mod create_databases;
 mod create_users;
 mod drop_databases;
@@ -13,6 +14,7 @@ mod modify_privileges;
 mod passwd_user;
 mod unlock_users;

+pub use check_authorization::*;
 pub use create_databases::*;
 pub use create_users::*;
 pub use drop_databases::*;
@@ -60,6 +62,8 @@ pub fn create_client_to_server_message_stream(socket: UnixStream) -> ClientToSer
 #[non_exhaustive]
 #[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
 pub enum Request {
+    CheckAuthorization(CheckAuthorizationRequest),
+
    CreateDatabases(CreateDatabasesRequest),
    DropDatabases(DropDatabasesRequest),
    ListDatabases(ListDatabasesRequest),
@@ -82,6 +86,8 @@ pub enum Request {
 #[non_exhaustive]
 #[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
 pub enum Response {
+    CheckAuthorization(CheckAuthorizationResponse),
+
    // Specific data for specific commands
    CreateDatabases(CreateDatabasesResponse),
    DropDatabases(DropDatabasesResponse),
--- a/src/core/protocol/commands/check_authorization.rs
+++ b/src/core/protocol/commands/check_authorization.rs
@@ -0,0 +1,80 @@
+use std::collections::BTreeMap;
+
+use serde::{Deserialize, Serialize};
+use serde_json::json;
+
+use crate::core::{
+    protocol::request_validation::{NameValidationError, OwnerValidationError},
+    types::DbOrUser,
+};
+
+pub type CheckAuthorizationRequest = Vec<DbOrUser>;
+
+pub type CheckAuthorizationResponse = BTreeMap<DbOrUser, Result<(), CheckAuthorizationError>>;
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub enum CheckAuthorizationError {
+    SanitizationError(NameValidationError),
+    OwnershipError(OwnerValidationError),
+    // AuthorizationHandlerError(String),
+}
+
+pub fn print_check_authorization_output_status(output: &CheckAuthorizationResponse) {
+    for (db_or_user, result) in output {
+        match result {
+            Ok(()) => {
+                println!("'{}': OK", db_or_user.name());
+            }
+            Err(err) => {
+                println!(
+                    "'{}': {}",
+                    db_or_user.name(),
+                    err.to_error_message(db_or_user)
+                );
+            }
+        }
+    }
+}
+
+pub fn print_check_authorization_output_status_json(output: &CheckAuthorizationResponse) {
+    let value = output
+        .iter()
+        .map(|(db_or_user, result)| match result {
+            Ok(()) => (
+                db_or_user.name().to_string(),
+                json!({ "status": "success" }),
+            ),
+            Err(err) => (
+                db_or_user.name().to_string(),
+                json!({
+                  "status": "error",
+                  "error": err.to_error_message(db_or_user),
+                }),
+            ),
+        })
+        .collect::<serde_json::Map<_, _>>();
+    println!(
+        "{}",
+        serde_json::to_string_pretty(&value)
+            .unwrap_or("Failed to serialize result to JSON".to_string())
+    );
+}
+
+impl CheckAuthorizationError {
+    pub fn to_error_message(&self, db_or_user: &DbOrUser) -> String {
+        match self {
+            CheckAuthorizationError::SanitizationError(err) => {
+                err.to_error_message(db_or_user.clone())
+            }
+            CheckAuthorizationError::OwnershipError(err) => {
+                err.to_error_message(db_or_user.clone())
+            } // CheckAuthorizationError::AuthorizationHandlerError(msg) => {
+              //     format!(
+              //         "Authorization handler error for '{}': {}",
+              //         db_or_user.name(),
+              //         msg
+              //     )
+              // }
+        }
+    }
+}