diff --git a/editoast/authz/src/lib.rs b/editoast/authz/src/lib.rs index c26d6aafe1a..38cd6e0244d 100644 --- a/editoast/authz/src/lib.rs +++ b/editoast/authz/src/lib.rs @@ -267,10 +267,6 @@ mod mock_driver { Ok(self.users.lock().unwrap().get(user_identity).copied()) } - async fn get_group_id(&self, group_name: &GroupName) -> Result, Self::Error> { - Ok(self.groups.lock().unwrap().get(group_name).copied()) - } - async fn get_user_info(&self, user_id: i64) -> Result, Self::Error> { let users = self.users.lock().unwrap(); let identities = users diff --git a/editoast/authz/src/regulator.rs b/editoast/authz/src/regulator.rs index a752f956205..c0808d66008 100644 --- a/editoast/authz/src/regulator.rs +++ b/editoast/authz/src/regulator.rs @@ -10,7 +10,6 @@ use crate::Authorization; use crate::Error; use crate::Role; use crate::identity::GroupInfo; -use crate::identity::GroupName; use crate::identity::User as UserSubject; use crate::identity::UserIdentity; use crate::identity::UserInfo; @@ -39,11 +38,6 @@ pub trait StorageDriver: Clone { user_identity: &UserIdentity, ) -> impl Future, Self::Error>> + Send; - fn get_group_id( - &self, - group_name: &GroupName, - ) -> impl Future, Self::Error>> + Send; - fn get_user_info( &self, user_id: i64, diff --git a/editoast/editoast_models/src/auth_driver.rs b/editoast/editoast_models/src/auth_driver.rs index d770cf8131b..5f60d8f7cb7 100644 --- a/editoast/editoast_models/src/auth_driver.rs +++ b/editoast/editoast_models/src/auth_driver.rs @@ -3,7 +3,6 @@ use std::sync::Arc; use authz::StorageDriver; use authz::identity::GroupInfo; -use authz::identity::GroupName; use authz::identity::User; use authz::identity::UserIdentity; use authz::identity::UserInfo; @@ -107,18 +106,6 @@ impl StorageDriver for PgAuthDriver { Ok(id) } - #[tracing::instrument(skip_all, fields(%group_name), ret(level = Level::DEBUG), err)] - async fn get_group_id(&self, group_name: &GroupName) -> Result, Self::Error> { - let conn = self.pool.get().await?; - let id = authn_group::table - .select(authn_group::id) - .filter(authn_group::name.eq(group_name)) - .first::(conn.write().await.deref_mut()) - .await - .optional()?; - Ok(id) - } - #[tracing::instrument(skip_all, fields(%user_id), ret(level = Level::DEBUG), err)] async fn get_user_info(&self, user_id: i64) -> Result, Self::Error> { let info = crate::authn::user::User::get_batch_user_identities( diff --git a/editoast/src/client/group.rs b/editoast/src/client/group.rs index f5ca32e039d..5bfca7e4504 100644 --- a/editoast/src/client/group.rs +++ b/editoast/src/client/group.rs @@ -7,7 +7,6 @@ use clap::Subcommand; use authz; use authz::StorageDriver; -use authz::identity::GroupInfo; use authz::identity::UserInfo; use database::DbConnectionPoolV2; @@ -100,16 +99,14 @@ pub async fn group_info( openfga_config: OpenfgaConfig, pool: Arc, ) -> anyhow::Result<()> { - let regulator = openfga_config.into_regulator(pool).await?; + let regulator = openfga_config.into_regulator(pool.clone()).await?; let driver = regulator.driver(); - let Some(group_id) = driver.get_group_id(&name).await? else { + let Some(editoast_models::Group { id: group_id, name }) = + editoast_models::Group::retrieve(pool.get().await?, name.clone()).await? + else { tracing::error!(name, "No such group"); return Ok(()); }; - let Some(GroupInfo { name }) = driver.get_group_info(group_id).await? else { - tracing::error!(group.id = group_id, "No such group"); - return Ok(()); - }; let user_ids = regulator.group_members(&authz::Group(group_id)).await?; println!("id : {group_id}"); @@ -142,9 +139,10 @@ pub async fn exclude_group( conn: pool.get().await?, }; - let Some(group_id) = driver.get_group_id(&group_name).await? else { - bail!("No such group: '{group_name}'"); - }; + let group_id = editoast_models::Group::retrieve(pool.get().await?, group_name.clone()) + .await? + .ok_or_else(|| anyhow!("No such group: '{group_name}'"))? + .id; let mut authz_users = HashSet::new(); for user in &users { @@ -183,9 +181,10 @@ pub async fn include_group( conn: pool.get().await?, }; - let Some(group_id) = driver.get_group_id(&group_name).await? else { - bail!("No such group: '{group_name}'"); - }; + let group_id = editoast_models::Group::retrieve(pool.get().await?, group_name.clone()) + .await? + .ok_or_else(|| anyhow!("No such group: '{group_name}'"))? + .id; let mut authz_users = HashSet::new(); for user in &users { @@ -213,17 +212,15 @@ pub async fn delete_group( pool: Arc, ) -> anyhow::Result<()> { let regulator = openfga_config.into_regulator(pool.clone()).await?; - let driver = regulator.driver(); let mut conn = pool.get().await?; let system = SystemAuthorizer { openfga: regulator.openfga(), conn: conn.clone(), }; - let group_id = if let Some(id) = driver.get_group_id(&name).await? { - id - } else { - anyhow::bail!("group '{name}' could not be deleted (not found)"); - }; + let group_id = editoast_models::Group::retrieve(pool.get().await?, name.clone()) + .await? + .ok_or_else(|| anyhow!("group '{name}' could not be deleted (not found)"))? + .id; let group = Group(group_id); // Delete the relationships between the group to be deleted and its members