eightequal/AstralRinth
1
0
Fork 0
forked from didirus/AstralRinth
Code Pull Requests Activity

Commonize and distinguish a lot of struct names in labrinth::database::models (#3691)

Browse Source
This commit is contained in:
Josiah Glosson
2025-05-24 04:38:43 -05:00
committed by GitHub
parent 9c1bdf16e4
commit 4e4a7be7ef
78 changed files with 1075 additions and 1009 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
apps/labrinth/src/auth/checks.rs
View File

@@ -1,9 +1,9 @@
use crate::database;
use crate::database::models::Collection;
use crate::database::models::project_item::QueryProject;
use crate::database::models::version_item::QueryVersion;
use crate::database::models::DBCollection;
use crate::database::models::project_item::ProjectQueryResult;
use crate::database::models::version_item::VersionQueryResult;
use crate::database::redis::RedisPool;
use crate::database::{Project, Version, models};
use crate::database::{DBProject, DBVersion, models};
use crate::models::users::User;
use crate::routes::ApiError;
use itertools::Itertools;
@@ -38,7 +38,7 @@ where
}
pub async fn is_visible_project(
project_data: &Project,
project_data: &DBProject,
user_option: &Option<User>,
pool: &PgPool,
hide_unlisted: bool,
@@ -54,7 +54,7 @@ pub async fn is_visible_project(
}
pub async fn is_team_member_project(
project_data: &Project,
project_data: &DBProject,
user_option: &Option<User>,
pool: &PgPool,
) -> Result<bool, ApiError> {
@@ -64,7 +64,7 @@ pub async fn is_team_member_project(
}
pub async fn filter_visible_projects(
mut projects: Vec<QueryProject>,
mut projects: Vec<ProjectQueryResult>,
user_option: &Option<User>,
pool: &PgPool,
hide_unlisted: bool,
@@ -86,7 +86,7 @@ pub async fn filter_visible_projects(
// - the user is a mod
// This is essentially whether you can know of the project's existence
pub async fn filter_visible_project_ids(
projects: Vec<&Project>,
projects: Vec<&DBProject>,
user_option: &Option<User>,
pool: &PgPool,
hide_unlisted: bool,
@@ -126,7 +126,7 @@ pub async fn filter_visible_project_ids(
// These are projects we have internal access to and can potentially see even if they are hidden
// This is useful for getting visibility of versions, or seeing analytics or sensitive team-restricted data of a project
pub async fn filter_enlisted_projects_ids(
projects: Vec<&Project>,
projects: Vec<&DBProject>,
user_option: &Option<User>,
pool: &PgPool,
) -> Result<Vec<crate::database::models::DBProjectId>, ApiError> {
@@ -173,7 +173,7 @@ pub async fn filter_enlisted_projects_ids(
}
pub async fn is_visible_version(
version_data: &Version,
version_data: &DBVersion,
user_option: &Option<User>,
pool: &PgPool,
redis: &RedisPool,
@@ -184,7 +184,7 @@ pub async fn is_visible_version(
}
pub async fn is_team_member_version(
version_data: &Version,
version_data: &DBVersion,
user_option: &Option<User>,
pool: &PgPool,
redis: &RedisPool,
@@ -195,7 +195,7 @@ pub async fn is_team_member_version(
}
pub async fn filter_visible_versions(
mut versions: Vec<QueryVersion>,
mut versions: Vec<VersionQueryResult>,
user_option: &Option<User>,
pool: &PgPool,
redis: &RedisPool,
@@ -211,7 +211,7 @@ pub async fn filter_visible_versions(
Ok(versions.into_iter().map(|x| x.into()).collect())
}
impl ValidateAuthorized for models::OAuthClient {
impl ValidateAuthorized for models::DBOAuthClient {
fn validate_authorized(
&self,
user_option: Option<&User>,
@@ -232,7 +232,7 @@ impl ValidateAuthorized for models::OAuthClient {
}
pub async fn filter_visible_version_ids(
versions: Vec<&Version>,
versions: Vec<&DBVersion>,
user_option: &Option<User>,
pool: &PgPool,
redis: &RedisPool,
@@ -247,7 +247,7 @@ pub async fn filter_visible_version_ids(
// Get visible projects- ones we are allowed to see public versions for.
let visible_project_ids = filter_visible_project_ids(
Project::get_many_ids(&project_ids, pool, redis)
DBProject::get_many_ids(&project_ids, pool, redis)
.await?
.iter()
.map(|x| &x.inner)
@@ -287,7 +287,7 @@ pub async fn filter_visible_version_ids(
}
pub async fn filter_enlisted_version_ids(
versions: Vec<&Version>,
versions: Vec<&DBVersion>,
user_option: &Option<User>,
pool: &PgPool,
redis: &RedisPool,
@@ -299,7 +299,7 @@ pub async fn filter_enlisted_version_ids(
// Get enlisted projects- ones we are allowed to see hidden versions for.
let authorized_project_ids = filter_enlisted_projects_ids(
Project::get_many_ids(&project_ids, pool, redis)
DBProject::get_many_ids(&project_ids, pool, redis)
.await?
.iter()
.map(|x| &x.inner)
@@ -325,7 +325,7 @@ pub async fn filter_enlisted_version_ids(
}
pub async fn is_visible_collection(
collection_data: &Collection,
collection_data: &DBCollection,
user_option: &Option<User>,
) -> Result<bool, ApiError> {
let mut authorized = !collection_data.status.is_hidden()
@@ -341,7 +341,7 @@ pub async fn is_visible_collection(
}
pub async fn filter_visible_collections(
collections: Vec<Collection>,
collections: Vec<DBCollection>,
user_option: &Option<User>,
) -> Result<Vec<crate::models::collections::Collection>, ApiError> {
let mut return_collections = Vec::new();

32
apps/labrinth/src/auth/oauth/mod.rs
View File

@@ -1,10 +1,10 @@
use crate::auth::get_user_from_headers;
use crate::auth::oauth::uris::{OAuthRedirectUris, ValidatedRedirectUri};
use crate::auth::validate::extract_authorization_header;
use crate::database::models::flow_item::Flow;
use crate::database::models::oauth_client_authorization_item::OAuthClientAuthorization;
use crate::database::models::oauth_client_item::OAuthClient as DBOAuthClient;
use crate::database::models::oauth_token_item::OAuthAccessToken;
use crate::database::models::flow_item::DBFlow;
use crate::database::models::oauth_client_authorization_item::DBOAuthClientAuthorization;
use crate::database::models::oauth_client_item::DBOAuthClient;
use crate::database::models::oauth_token_item::DBOAuthAccessToken;
use crate::database::models::{
DBOAuthClientAuthorizationId, generate_oauth_access_token_id,
generate_oauth_client_authorization_id,
@@ -106,7 +106,7 @@ pub async fn init_oauth(
}
let existing_authorization =
OAuthClientAuthorization::get(client.id, user.id.into(), &**pool)
DBOAuthClientAuthorization::get(client.id, user.id.into(), &**pool)
.await
.map_err(|e| {
OAuthError::redirect(e, &oauth_info.state, &redirect_uri)
@@ -131,7 +131,7 @@ pub async fn init_oauth(
.await
}
_ => {
let flow_id = Flow::InitOAuthAppApproval {
let flow_id = DBFlow::InitOAuthAppApproval {
user_id: user.id.into(),
client_id: client.id,
existing_authorization_id: existing_authorization
@@ -231,13 +231,13 @@ pub async fn request_token(
// Ensure auth code is single use
// per IETF RFC6749 Section 10.5 (https://datatracker.ietf.org/doc/html/rfc6749#section-10.5)
let flow = Flow::take_if(
let flow = DBFlow::take_if(
&req_params.code,
|f| matches!(f, Flow::OAuthAuthorizationCodeSupplied { .. }),
|f| matches!(f, DBFlow::OAuthAuthorizationCodeSupplied { .. }),
&redis,
)
.await?;
if let Some(Flow::OAuthAuthorizationCodeSupplied {
if let Some(DBFlow::OAuthAuthorizationCodeSupplied {
user_id,
client_id,
authorization_id,
@@ -274,8 +274,8 @@ pub async fn request_token(
let token_id =
generate_oauth_access_token_id(&mut transaction).await?;
let token = generate_access_token();
let token_hash = OAuthAccessToken::hash_token(&token);
let time_until_expiration = OAuthAccessToken {
let token_hash = DBOAuthAccessToken::hash_token(&token);
let time_until_expiration = DBOAuthAccessToken {
id: token_id,
authorization_id,
token_hash,
@@ -328,13 +328,13 @@ pub async fn accept_or_reject_client_scopes(
.await?
.1;
let flow = Flow::take_if(
let flow = DBFlow::take_if(
&body.flow,
|f| matches!(f, Flow::InitOAuthAppApproval { .. }),
|f| matches!(f, DBFlow::InitOAuthAppApproval { .. }),
&redis,
)
.await?;
if let Some(Flow::InitOAuthAppApproval {
if let Some(DBFlow::InitOAuthAppApproval {
user_id,
client_id,
existing_authorization_id,
@@ -359,7 +359,7 @@ pub async fn accept_or_reject_client_scopes(
.await?
}
};
OAuthClientAuthorization::upsert(
DBOAuthClientAuthorization::upsert(
auth_id,
client_id,
user_id,
@@ -425,7 +425,7 @@ async fn init_oauth_code_flow(
state: Option<String>,
redis: &RedisPool,
) -> Result<HttpResponse, OAuthError> {
let code = Flow::OAuthAuthorizationCodeSupplied {
let code = DBFlow::OAuthAuthorizationCodeSupplied {
user_id,
client_id: client_id.into(),
authorization_id,

36
apps/labrinth/src/auth/validate.rs
View File

@@ -50,7 +50,7 @@ pub async fn get_user_record_from_bearer_token<'a, 'b, E>(
executor: E,
redis: &RedisPool,
session_queue: &AuthQueue,
) -> Result<Option<(Scopes, user_item::User)>, AuthenticationError>
) -> Result<Option<(Scopes, user_item::DBUser)>, AuthenticationError>
where
E: sqlx::Executor<'a, Database = sqlx::Postgres> + Copy,
{
@@ -63,7 +63,7 @@ where
let possible_user = match token.split_once('_') {
Some(("mrp", _)) => {
let pat =
crate::database::models::pat_item::PersonalAccessToken::get(
crate::database::models::pat_item::DBPersonalAccessToken::get(
token, executor, redis,
)
.await?
@@ -74,25 +74,26 @@ where
}
let user =
user_item::User::get_id(pat.user_id, executor, redis).await?;
user_item::DBUser::get_id(pat.user_id, executor, redis).await?;
session_queue.add_pat(pat.id).await;
user.map(|x| (pat.scopes, x))
}
Some(("mra", _)) => {
let session = crate::database::models::session_item::Session::get(
token, executor, redis,
)
.await?
.ok_or_else(|| AuthenticationError::InvalidCredentials)?;
let session =
crate::database::models::session_item::DBSession::get(
token, executor, redis,
)
.await?
.ok_or_else(|| AuthenticationError::InvalidCredentials)?;
if session.expires < Utc::now() {
return Err(AuthenticationError::InvalidCredentials);
}
let user =
user_item::User::get_id(session.user_id, executor, redis)
user_item::DBUser::get_id(session.user_id, executor, redis)
.await?;
let rate_limit_ignore = dotenvy::var("RATE_LIMIT_IGNORE_KEY")?;
@@ -110,11 +111,11 @@ where
user.map(|x| (Scopes::all(), x))
}
Some(("mro", _)) => {
use crate::database::models::oauth_token_item::OAuthAccessToken;
use crate::database::models::oauth_token_item::DBOAuthAccessToken;
let hash = OAuthAccessToken::hash_token(token);
let hash = DBOAuthAccessToken::hash_token(token);
let access_token =
crate::database::models::oauth_token_item::OAuthAccessToken::get(hash, executor)
crate::database::models::oauth_token_item::DBOAuthAccessToken::get(hash, executor)
.await?
.ok_or(AuthenticationError::InvalidCredentials)?;
@@ -122,9 +123,12 @@ where
return Err(AuthenticationError::InvalidCredentials);
}
let user =
user_item::User::get_id(access_token.user_id, executor, redis)
.await?;
let user = user_item::DBUser::get_id(
access_token.user_id,
executor,
redis,
)
.await?;
session_queue.add_oauth_access_token(access_token.id).await;
@@ -135,7 +139,7 @@ where
let id =
AuthProvider::GitHub.get_user_id(&user.id, executor).await?;
let user = user_item::User::get_id(
let user = user_item::DBUser::get_id(
id.ok_or_else(|| AuthenticationError::InvalidCredentials)?,
executor,
redis,