From db02b005f39ae9bf48da32474b03eea98ef32461 Mon Sep 17 00:00:00 2001 From: TommyLike Date: Mon, 11 Sep 2023 11:19:51 +0800 Subject: [PATCH] Typo fix for control server --- docker/Dockerfile.openeuler | 2 - .../database/model/datakey/repository.rs | 14 +++---- .../handler/control/datakey_handler.rs | 4 +- .../handler/control/model/datakey/dto.rs | 6 +-- src/util/key.rs | 39 +++++++++++++++++-- 5 files changed, 47 insertions(+), 18 deletions(-) diff --git a/docker/Dockerfile.openeuler b/docker/Dockerfile.openeuler index e996366..07ef793 100644 --- a/docker/Dockerfile.openeuler +++ b/docker/Dockerfile.openeuler @@ -11,6 +11,4 @@ replace-with = "mirror" \n\ registry = "sparse+https://mirrors.tuna.tsinghua.edu.cn/crates.io-index/"' >> /root/.cargo/config ENV PATH="/root/.cargo/bin:$PATH" -ENV RUSTUP_UPDATE_ROOT=https://mirrors.tuna.tsinghua.edu.cn/rustup/rustup -ENV RUSTUP_DIST_SERVER=https://mirrors.tuna.tsinghua.edu.cn/rustup ENTRYPOINT ["/usr/bin/bash"] diff --git a/src/infra/database/model/datakey/repository.rs b/src/infra/database/model/datakey/repository.rs index 0aa8bf8..237c954 100644 --- a/src/infra/database/model/datakey/repository.rs +++ b/src/infra/database/model/datakey/repository.rs @@ -31,8 +31,8 @@ use sea_orm::sea_query::{Alias, IntoCondition, OnConflict}; use crate::infra::database::model::request_delete::dto::RequestType; use crate::util::key::encode_u8_to_hex_string; -const PUBLICKEY_PENDING_THRESHOLD: i32 = 3; -const PRIVATEKEY_PENDING_THRESHOLD: i32 = 1; +const PUBLIC_KEY_PENDING_THRESHOLD: i32 = 3; +const PRIVATE_KEY_PENDING_THRESHOLD: i32 = 1; #[derive(Clone)] pub struct DataKeyRepository<'a> { @@ -62,7 +62,7 @@ impl<'a> DataKeyRepository<'a> { Ok(()) } - async fn delete_pending_operation(&self, user_id: i32, id: i32, request_type: request_dto::RequestType, tx: &mut DatabaseTransaction) -> Result<()> { + async fn delete_pending_operation(&self, user_id: i32, id: i32, request_type: RequestType, tx: &mut DatabaseTransaction) -> Result<()> { let _ = request_dto::Entity::delete_many().filter(Condition::all() .add(request_dto::Column::UserId.eq(user_id)) .add(request_dto::Column::RequestType.eq(request_type.to_string())) @@ -306,9 +306,9 @@ impl<'a> Repository for DataKeyRepository<'a> { warn!("failed to query database {:?}", err); Err(Error::NotFoundError) } - Ok(datakeys) => { + Ok(data_keys) => { let mut results = vec![]; - for dto in datakeys.into_iter() { + for dto in data_keys.into_iter() { results.push(DataKey::try_from(dto)?); } Ok(results) @@ -423,7 +423,7 @@ impl<'a> Repository for DataKeyRepository<'a> { async fn request_delete_key(&self, user_id: i32, user_email: String, id: i32, public_key: bool) -> Result<()> { let mut txn = self.db_connection.begin().await?; - let threshold = if public_key { PUBLICKEY_PENDING_THRESHOLD } else { PRIVATEKEY_PENDING_THRESHOLD }; + let threshold = if public_key { PUBLIC_KEY_PENDING_THRESHOLD } else { PRIVATE_KEY_PENDING_THRESHOLD }; //1. update key state to pending delete if needed. let _ = datakey_dto::Entity::update_many().col_expr( datakey_dto::Column::KeyState, Expr::value(KeyState::PendingDelete.to_string()) @@ -445,7 +445,7 @@ impl<'a> Repository for DataKeyRepository<'a> { async fn request_revoke_key(&self, user_id: i32, user_email: String, id: i32, parent_id: i32, reason: X509RevokeReason, public_key: bool) -> Result<()> { let mut txn = self.db_connection.begin().await?; - let threshold = if public_key { PUBLICKEY_PENDING_THRESHOLD } else { PRIVATEKEY_PENDING_THRESHOLD }; + let threshold = if public_key { PUBLIC_KEY_PENDING_THRESHOLD } else { PRIVATE_KEY_PENDING_THRESHOLD }; //1. update key state to pending delete if needed. let _ = datakey_dto::Entity::update_many().col_expr( datakey_dto::Column::KeyState, Expr::value(KeyState::PendingDelete.to_string()) diff --git a/src/presentation/handler/control/datakey_handler.rs b/src/presentation/handler/control/datakey_handler.rs index 755b053..115c08e 100644 --- a/src/presentation/handler/control/datakey_handler.rs +++ b/src/presentation/handler/control/datakey_handler.rs @@ -467,7 +467,7 @@ async fn disable_data_key(user: UserIdentity, key_service: web::Data, name_exist: web::Query,) -> Result { name_exist.validate()?; let visibility = Visibility::from_parameter(name_exist.visibility.clone())?; - let key_name = get_datakey_full_name(&name_exist.name, &user.email, &visibility); + let key_name = get_datakey_full_name(&name_exist.name, &user.email, &visibility)?; match key_service.into_inner().get_by_name(&key_name).await { Ok(_) => Ok(HttpResponse::Conflict()), Err(_) => Ok(HttpResponse::Ok()), diff --git a/src/presentation/handler/control/model/datakey/dto.rs b/src/presentation/handler/control/model/datakey/dto.rs index 0e90d95..19f85f5 100644 --- a/src/presentation/handler/control/model/datakey/dto.rs +++ b/src/presentation/handler/control/model/datakey/dto.rs @@ -60,7 +60,7 @@ impl TryFrom for CRLContent { #[derive(Deserialize, IntoParams, Validate, ToSchema)] pub struct NameIdenticalQuery { /// Key Name, should be identical, length between 4 and 256, not contains any colon symbol. - #[validate(length(min = 4, max = 256), custom = "validate_invalid_character")] + #[validate(length(min = 4, max = 256))] pub name: String, /// Key Name, should be identical, length between 4 and 20, not contains any colon symbol. #[validate(custom = "validate_key_visibility")] @@ -213,7 +213,7 @@ impl DataKey { combined_attributes.insert("name".to_string(), dto.name.clone()); combined_attributes.insert("create_at".to_string(), now.clone().to_string()); let visibility = Visibility::from_parameter(dto.visibility)?; - let key_name = get_datakey_full_name(&dto.name, &identity.email, &visibility); + let key_name = get_datakey_full_name(&dto.name, &identity.email, &visibility)?; let mut key_state = KeyState::Disabled; if visibility == Visibility::Private { key_state = KeyState::Enabled; @@ -249,7 +249,7 @@ impl DataKey { combined_attributes.insert("create_at".to_string(), now.clone().to_string()); combined_attributes.insert("expire_at".to_string(), dto.expire_at.clone()); let visibility = Visibility::from_parameter(dto.visibility)?; - let key_name = get_datakey_full_name(&dto.name, &identity.email, &visibility); + let key_name = get_datakey_full_name(&dto.name, &identity.email, &visibility)?; let mut key_state = KeyState::Disabled; if visibility == Visibility::Private { key_state = KeyState::Enabled; diff --git a/src/util/key.rs b/src/util/key.rs index 045d849..37f6914 100644 --- a/src/util/key.rs +++ b/src/util/key.rs @@ -22,6 +22,7 @@ use std::collections::{HashMap, BTreeMap}; use std::path::Path; use sha2::{Sha256, Digest}; use crate::domain::datakey::entity::Visibility; +use crate::util::error::{Error, Result as LibraryResult}; pub fn encode_u8_to_hex_string(value: &[u8]) -> String { value @@ -30,11 +31,24 @@ pub fn encode_u8_to_hex_string(value: &[u8]) -> String { .collect::() } -pub fn get_datakey_full_name(name: &str, email: &str, visibility: &Visibility) -> String { - if visibility.to_owned() == Visibility::Private { - return format!("{}:{}", email, name); +pub fn get_datakey_full_name(name: &str, email: &str, visibility: &Visibility) -> LibraryResult { + let names: Vec<_> = name.split(':').collect(); + if visibility.to_owned() == Visibility::Public { + return if names.len() <= 1 { + Ok(name.to_owned()) + } else { + Err(Error::ParameterError("public key name should not contains ':'".to_string())) + } + } else { + if names.len() <= 1 { + return Ok(format!("{}:{}", email, name)); + } else if names.len() > 2 { + return Err(Error::ParameterError("private key should in the format of {email}:{key_name}".to_string())) + } else if names[0] != email { + return Err(Error::ParameterError("private key email prefix not matched':'".to_string())) + } + return Ok(name.to_owned()) } - name.to_string() } pub fn decode_hex_string_to_u8(value: &String) -> Vec { @@ -81,6 +95,23 @@ mod test { use uuid::Uuid; use super::*; + #[test] + fn test_get_datakey_full_name() { + let private = Visibility::Private; + let public = Visibility::Public; + let name_with_prefix = "fake_email@gmail.com:test_key"; + let name_with_prefix2 = "fake_email2@gmail.com:test_key"; + let name_with_prefix3 = "fake_email@gmail.com:fake3_email@gmail.com:test_key"; + let name_without_prefix = "test_key"; + //public key + assert_eq!(get_datakey_full_name(name_without_prefix, "fake_email@gmail.com", &public).unwrap(), name_without_prefix.to_string()); + get_datakey_full_name(name_with_prefix, "fake_email@gmail.com", &public).expect_err("public key name should not contains ':'"); + assert_eq!(get_datakey_full_name(name_without_prefix, "fake_email@gmail.com", &private).unwrap(), name_with_prefix.to_string()); + assert_eq!(get_datakey_full_name(name_with_prefix, "fake_email@gmail.com", &private).unwrap(), name_with_prefix.to_string()); + get_datakey_full_name(name_with_prefix2, "fake_email@gmail.com", &private).expect_err("private key email prefix not matched':'"); + get_datakey_full_name(name_with_prefix3, "fake_email@gmail.com", &private).expect_err("private key should in the format of {email}:{key_name}"); + } + #[test] fn test_generate_random_tokens() { let token_a = generate_api_token(); -- Gitee