JavaScript is disabled, refresh for a better experience. ambee/giterated

ambee/giterated

Git repository hosting, collaboration, and discovery for the Fediverse.

Borrow RepositoryVisibility instead of taking ownership

Type: Fix

erremilia - ⁨2⁩ years ago

parent: tbd commit: ⁨1a1fb79

⁨giterated-models/src/instance/operations.rs⁩ - ⁨5475⁩ bytes
Raw
1 use secrecy::Secret;
2 use serde::{Deserialize, Serialize};
3
4 use crate::{
5 authenticated::UserAuthenticationToken,
6 error::{InstanceError, OperationError},
7 object::Object,
8 object_backend::ObjectBackend,
9 operation::GiteratedOperation,
10 repository::{Repository, RepositoryVisibility},
11 user::{Password, User},
12 };
13
14 use super::Instance;
15
16 /// An account registration request.
17 ///
18 /// # Authentication
19 /// - Instance Authentication
20 /// - **ONLY ACCEPTED WHEN SAME-INSTANCE**
21 #[derive(Clone, Debug, Serialize, Deserialize)]
22 pub struct RegisterAccountRequest {
23 pub username: String,
24 pub email: Option<String>,
25 pub password: Secret<Password>,
26 }
27
28 impl GiteratedOperation<Instance> for RegisterAccountRequest {
29 type Success = UserAuthenticationToken;
30 type Failure = InstanceError;
31 }
32
33 #[derive(Clone, Debug, Serialize, Deserialize)]
34 pub struct RegisterAccountResponse {
35 pub token: String,
36 }
37
38 /// An authentication token request.
39 ///
40 /// AKA Login Request
41 ///
42 /// # Authentication
43 /// - Instance Authentication
44 /// - Identifies the Instance to issue the token for
45 /// # Authorization
46 /// - Credentials ([`crate::backend::AuthBackend`]-based)
47 /// - Identifies the User account to issue a token for
48 /// - Decrypts user private key to issue to
49 #[derive(Clone, Debug, Serialize, Deserialize)]
50 pub struct AuthenticationTokenRequest {
51 pub instance: Instance,
52 pub username: String,
53 pub password: Secret<Password>,
54 }
55
56 impl GiteratedOperation<Instance> for AuthenticationTokenRequest {
57 type Success = UserAuthenticationToken;
58 type Failure = InstanceError;
59 }
60
61 /// An authentication token extension request.
62 ///
63 /// # Authentication
64 /// - Instance Authentication
65 /// - Identifies the Instance to issue the token for
66 /// - User Authentication
67 /// - Authenticates the validity of the token
68 /// # Authorization
69 /// - Token-based
70 /// - Validates authorization using token's authenticity
71 #[derive(Clone, Debug, Serialize, Deserialize)]
72 pub struct TokenExtensionRequest {
73 pub token: UserAuthenticationToken,
74 }
75
76 impl GiteratedOperation<Instance> for TokenExtensionRequest {
77 type Success = Option<UserAuthenticationToken>;
78 type Failure = InstanceError;
79 }
80
81 /// A request to create a repository.
82 ///
83 /// # Authentication
84 /// - Instance Authentication
85 /// - Used to validate User token `issued_for`
86 /// - User Authentication
87 /// - Used to source owning user
88 /// - Used to authorize user token against user's instance
89 /// # Authorization
90 /// - Instance Authorization
91 /// - Used to authorize action using User token requiring a correct `issued_for` and valid issuance from user's instance
92 /// - User Authorization
93 /// - Potential User permissions checks
94 #[derive(Clone, Debug, Serialize, Deserialize)]
95 pub struct RepositoryCreateRequest {
96 pub instance: Option<Instance>,
97 pub name: String,
98 pub description: Option<String>,
99 pub visibility: RepositoryVisibility,
100 pub default_branch: String,
101 pub owner: User,
102 }
103
104 impl GiteratedOperation<Instance> for RepositoryCreateRequest {
105 type Success = Repository;
106 type Failure = InstanceError;
107 }
108
109 impl<B: ObjectBackend + std::fmt::Debug> Object<'_, Instance, B> {
110 pub async fn register_account(
111 &mut self,
112 email: Option<&str>,
113 username: &str,
114 password: &Secret<Password>,
115 ) -> Result<UserAuthenticationToken, OperationError<InstanceError>> {
116 self.request::<RegisterAccountRequest>(RegisterAccountRequest {
117 username: username.to_string(),
118 email: email.map(|s| s.to_string()),
119 password: password.clone(),
120 })
121 .await
122 }
123
124 pub async fn authentication_token(
125 &mut self,
126 username: &str,
127 password: &Secret<Password>,
128 ) -> Result<UserAuthenticationToken, OperationError<InstanceError>> {
129 self.request::<AuthenticationTokenRequest>(AuthenticationTokenRequest {
130 instance: self.inner.clone(),
131 username: username.to_string(),
132 password: password.clone(),
133 })
134 .await
135 }
136
137 pub async fn authentication_token_for(
138 &mut self,
139 instance: &Instance,
140 username: &str,
141 password: &Secret<Password>,
142 ) -> Result<UserAuthenticationToken, OperationError<InstanceError>> {
143 self.request::<AuthenticationTokenRequest>(AuthenticationTokenRequest {
144 instance: instance.clone(),
145 username: username.to_string(),
146 password: password.clone(),
147 })
148 .await
149 }
150
151 pub async fn token_extension(
152 &mut self,
153 token: &UserAuthenticationToken,
154 ) -> Result<Option<UserAuthenticationToken>, OperationError<InstanceError>> {
155 self.request::<TokenExtensionRequest>(TokenExtensionRequest {
156 token: token.clone(),
157 })
158 .await
159 }
160
161 pub async fn create_repository(
162 &mut self,
163 instance: &Instance,
164 name: &str,
165 visibility: &RepositoryVisibility,
166 default_branch: &str,
167 owner: &User,
168 ) -> Result<Repository, OperationError<InstanceError>> {
169 self.request::<RepositoryCreateRequest>(RepositoryCreateRequest {
170 instance: Some(instance.clone()),
171 name: name.to_string(),
172 description: None,
173 visibility: visibility.clone(),
174 default_branch: default_branch.to_string(),
175 owner: owner.clone(),
176 })
177 .await
178 }
179 }
180