diff --git a/editoast/authz/src/regulator.rs b/editoast/authz/src/regulator.rs index a752f956205..f8a15aa8d86 100644 --- a/editoast/authz/src/regulator.rs +++ b/editoast/authz/src/regulator.rs @@ -49,6 +49,7 @@ pub trait StorageDriver: Clone { user_id: i64, ) -> impl Future, Self::Error>> + Send; + #[deprecated(note = "use editoast_models::Group::retrieve directly")] fn get_group_info( &self, group_id: i64, @@ -103,6 +104,7 @@ impl Regulator { /// Returns whether a group with some id exists #[tracing::instrument(skip_all, fields(group_id = %group_id), ret(level = Level::DEBUG), err)] pub async fn group_exists(&self, group_id: i64) -> Result> { + #[expect(deprecated)] // to be removed soon self.driver .get_group_info(group_id) .await diff --git a/editoast/src/client/group.rs b/editoast/src/client/group.rs index f5ca32e039d..f99918c59f9 100644 --- a/editoast/src/client/group.rs +++ b/editoast/src/client/group.rs @@ -1,21 +1,18 @@ use anyhow::anyhow; use anyhow::bail; +use authz; use authz::Group; +use authz::StorageDriver; +use authz::identity::UserInfo; use authz::v2::Authorizer; use clap::Args; use clap::Subcommand; - -use authz; -use authz::StorageDriver; -use authz::identity::GroupInfo; -use authz::identity::UserInfo; - use database::DbConnectionPoolV2; +use editoast_models::prelude::*; + use std::collections::HashSet; use std::sync::Arc; -use editoast_models::prelude::*; - use crate::authorizers::Rejection; use crate::authorizers::SystemAuthorizer; use crate::authorizers::impossible; @@ -100,20 +97,20 @@ pub async fn group_info( openfga_config: OpenfgaConfig, pool: Arc, ) -> anyhow::Result<()> { - let regulator = openfga_config.into_regulator(pool).await?; + let regulator = openfga_config.into_regulator(pool.clone()).await?; let driver = regulator.driver(); let Some(group_id) = driver.get_group_id(&name).await? else { tracing::error!(name, "No such group"); return Ok(()); }; - let Some(GroupInfo { name }) = driver.get_group_info(group_id).await? else { + let Some(group) = editoast_models::Group::retrieve(pool.get().await?, group_id).await? else { tracing::error!(group.id = group_id, "No such group"); return Ok(()); }; let user_ids = regulator.group_members(&authz::Group(group_id)).await?; println!("id : {group_id}"); - println!("name : {name}"); + println!("name : {}", group.name); println!("members:"); for authz::User(user_id) in user_ids { let Some(UserInfo { identities, name }) = driver.get_user_info(user_id).await? else { diff --git a/editoast/src/client/roles.rs b/editoast/src/client/roles.rs index 607b219831d..19ed10b1c4c 100644 --- a/editoast/src/client/roles.rs +++ b/editoast/src/client/roles.rs @@ -12,7 +12,10 @@ use authz::identity::UserInfo; use authz::v2::Authorizer; use clap::Args; use clap::Subcommand; +use database::DbConnection; use database::DbConnectionPoolV2; +use editoast_models::Group; +use editoast_models::prelude::*; use itertools::Itertools as _; use strum::IntoEnumIterator; use tracing::info; @@ -114,6 +117,7 @@ impl Display for Subject { async fn parse_and_fetch_subject( subject: &String, driver: &PgAuthDriver, + conn: DbConnection, ) -> anyhow::Result { let id = if let Ok(id) = subject.parse::() { id @@ -123,8 +127,8 @@ async fn parse_and_fetch_subject( }; let subject = if let Some(info) = driver.get_user_info(id).await? { Subject::new_user(id, info) - } else if let Some(info) = driver.get_group_info(id).await? { - Subject::new_group(id, info) + } else if let Some(group) = Group::retrieve(conn, id).await? { + Subject::new_group(id, GroupInfo { name: group.name }) } else { bail!("No subject found with ID {id}"); }; @@ -137,8 +141,9 @@ pub async fn list_subject_roles( pool: Arc, openfga_config: OpenfgaConfig, ) -> anyhow::Result<()> { + let conn = pool.get().await?; let regulator = openfga_config.into_regulator(pool).await?; - let roles = match parse_and_fetch_subject(&subject, regulator.driver()).await? { + let roles = match parse_and_fetch_subject(&subject, regulator.driver(), conn).await? { Subject { id, info: SubjectInfo::User(_), @@ -192,7 +197,8 @@ pub async fn add_roles( .collect_vec() .join(", "), ); - let subject = parse_and_fetch_subject(&subject, &PgAuthDriver::new(pool)).await?; + let conn = pool.get().await?; + let subject = parse_and_fetch_subject(&subject, &PgAuthDriver::new(pool), conn).await?; let add_roles = authz::v2::add_roles(subject.into_authz(), roles); match system.authorize(add_roles).await?.access().await? { Ok(()) => Ok(()), @@ -227,7 +233,8 @@ pub async fn remove_roles( .collect_vec() .join(", "), ); - let subject = parse_and_fetch_subject(&subject, &PgAuthDriver::new(pool)).await?; + let conn = pool.get().await?; + let subject = parse_and_fetch_subject(&subject, &PgAuthDriver::new(pool), conn).await?; let remove_roles = authz::v2::remove_roles(subject.into_authz(), roles); match system.authorize(remove_roles).await?.access().await? { Ok(()) => Ok(()), diff --git a/editoast/src/client/user.rs b/editoast/src/client/user.rs index d893ff78234..1b602151b98 100644 --- a/editoast/src/client/user.rs +++ b/editoast/src/client/user.rs @@ -2,11 +2,11 @@ use anyhow::anyhow; use anyhow::bail; use authz; use authz::StorageDriver; -use authz::identity::GroupInfo; use authz::identity::UserInfo; use clap::Args; use clap::Subcommand; use database::DbConnectionPoolV2; +use editoast_models::Group; use editoast_models::PgAuthDriver; use editoast_models::User; use editoast_models::authn::user::AddIdentitiesError; @@ -150,7 +150,7 @@ pub async fn user_info( openfga_config: OpenfgaConfig, pool: Arc, ) -> anyhow::Result<()> { - let regulator = openfga_config.into_regulator(pool).await?; + let regulator = openfga_config.into_regulator(pool.clone()).await?; let driver = regulator.driver(); let uid = if let Ok(id) = user.parse::() { id @@ -163,21 +163,18 @@ pub async fn user_info( return Ok(()); }; let groups = regulator.user_groups(&authz::User(uid)).await?; + let conn = pool.get().await?; println!("id : {uid}"); println!("identities: {}", identities.join(", ")); println!("name : {name}"); println!("groups :"); for authz::Group(group_id) in groups { - let Some(GroupInfo { name }) = driver.get_group_info(group_id).await? else { - tracing::warn!( - group.id = group_id, - group.name = name, - "group not found, skipping it!" - ); + let Some(group) = Group::retrieve(conn.clone(), group_id).await? else { + tracing::warn!(group.id = group_id, "group not found, skipping it!"); continue; }; - println!("- [{group_id}] {name}"); + println!("- [{group_id}] {}", group.name); } Ok(()) } diff --git a/editoast/src/views/timetable.rs b/editoast/src/views/timetable.rs index b026b077e52..6d925845ebb 100644 --- a/editoast/src/views/timetable.rs +++ b/editoast/src/views/timetable.rs @@ -41,10 +41,11 @@ use editoast_models::timetable::Timetable; use editoast_models::timetable::TimetableWithTrains; use itertools::Itertools; use itertools::izip; +use schemas::rolling_stock::EtcsBrakeParams; +use schemas::rolling_stock::LoadingGaugeType; use schemas::rolling_stock::RollingResistance; use schemas::rolling_stock::RollingStock; use schemas::rolling_stock::TowedRollingStock; -use schemas::rolling_stock::{EtcsBrakeParams, LoadingGaugeType}; use schemas::train_schedule::TrainScheduleLike; use serde::Deserialize; use serde::Serialize;