Projects/muscl
12
4
Fork 0
Code Issues 69 Pull Requests Actions Packages Releases Activity

core/protocol: use thiserror, use common authorization error struct

Browse Source
This commit is contained in:
Oystein Kristoffer Tveit
2025-12-15 14:25:22 +09:00
parent 1991e7bfd8
commit bf6027f507
23 changed files with 367 additions and 317 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
src/server/sql/database_privilege_operations.rs
View File

@@ -31,14 +31,14 @@ use crate::{
DiffDoesNotApplyError, GetAllDatabasesPrivilegeDataError,
GetDatabasesPrivilegeDataError, ListAllPrivilegesResponse, ListPrivilegesResponse,
ModifyDatabasePrivilegesError, ModifyPrivilegesResponse,
request_validation::AuthorizationError,
},
types::{MySQLDatabase, MySQLUser},
},
server::{
common::{create_user_group_matching_regex, try_get_with_binary_fallback},
input_sanitization::{quote_identifier, validate_name, validate_ownership_by_unix_user},
sql::database_operations::unsafe_database_exists,
sql::user_operations::unsafe_user_exists,
sql::{database_operations::unsafe_database_exists, user_operations::unsafe_user_exists},
},
};
@@ -145,19 +145,19 @@ pub async fn get_databases_privilege_data(
let mut results = BTreeMap::new();
for database_name in database_names.iter() {
if let Err(err) = validate_name(database_name) {
results.insert(
database_name.to_owned(),
Err(GetDatabasesPrivilegeDataError::SanitizationError(err)),
);
if let Err(err) = validate_name(database_name)
.map_err(AuthorizationError::SanitizationError)
.map_err(GetDatabasesPrivilegeDataError::AuthorizationError)
{
results.insert(database_name.to_owned(), Err(err));
continue;
}
if let Err(err) = validate_ownership_by_unix_user(database_name, unix_user) {
results.insert(
database_name.to_owned(),
Err(GetDatabasesPrivilegeDataError::OwnershipError(err)),
);
if let Err(err) = validate_ownership_by_unix_user(database_name, unix_user)
.map_err(AuthorizationError::OwnershipError)
.map_err(GetDatabasesPrivilegeDataError::AuthorizationError)
{
results.insert(database_name.to_owned(), Err(err));
continue;
}
@@ -411,37 +411,35 @@ pub async fn apply_privilege_diffs(
diff.get_database_name().to_owned(),
diff.get_user_name().to_owned(),
);
if let Err(err) = validate_name(diff.get_database_name()) {
results.insert(
key,
Err(ModifyDatabasePrivilegesError::DatabaseSanitizationError(
err,
)),
);
if let Err(err) = validate_name(diff.get_database_name())
.map_err(AuthorizationError::SanitizationError)
.map_err(ModifyDatabasePrivilegesError::DatabaseAuthorizationError)
{
results.insert(key, Err(err));
continue;
}
if let Err(err) = validate_ownership_by_unix_user(diff.get_database_name(), unix_user) {
results.insert(
key,
Err(ModifyDatabasePrivilegesError::DatabaseOwnershipError(err)),
);
if let Err(err) = validate_ownership_by_unix_user(diff.get_database_name(), unix_user)
.map_err(AuthorizationError::OwnershipError)
.map_err(ModifyDatabasePrivilegesError::DatabaseAuthorizationError)
{
results.insert(key, Err(err));
continue;
}
if let Err(err) = validate_name(diff.get_user_name()) {
results.insert(
key,
Err(ModifyDatabasePrivilegesError::UserSanitizationError(err)),
);
if let Err(err) = validate_name(diff.get_user_name())
.map_err(AuthorizationError::SanitizationError)
.map_err(ModifyDatabasePrivilegesError::UserAuthorizationError)
{
results.insert(key, Err(err));
continue;
}
if let Err(err) = validate_ownership_by_unix_user(diff.get_user_name(), unix_user) {
results.insert(
key,
Err(ModifyDatabasePrivilegesError::UserOwnershipError(err)),
);
if let Err(err) = validate_ownership_by_unix_user(diff.get_user_name(), unix_user)
.map_err(AuthorizationError::OwnershipError)
.map_err(ModifyDatabasePrivilegesError::UserAuthorizationError)
{
results.insert(key, Err(err));
continue;
}