Switch DB layer to Diesel from SeaORM and Fjall #2

Merged
nicole merged 10 commits from pour-diesel-on-it into main 2024-06-02 18:37:16 +00:00
41 changed files with 1392 additions and 3687 deletions
Showing only changes of commit 2f9d2e2617 - Show all commits

1275
Cargo.lock generated

File diff suppressed because it is too large Load diff

View file

@ -12,9 +12,12 @@ argon2 = { version = "0.5.3", features = ["rand", "std"] }
async-trait = "0.1.78" async-trait = "0.1.78"
axum = "0.7.4" axum = "0.7.4"
axum-htmx = { version = "0.5.0", features = ["guards", "serde"] } axum-htmx = { version = "0.5.0", features = ["guards", "serde"] }
axum-login = "0.14.0" axum-login = "0.15"
bincode = "1.3.3" bincode = "1.3.3"
chrono = "0.4.38"
clap = { version = "4.5.3", features = ["derive", "env"] } clap = { version = "4.5.3", features = ["derive", "env"] }
diesel = { version = "2.2.0", features = ["extras", "returning_clauses_for_sqlite_3_35", "sqlite"] }
diesel_migrations = { version = "2.2.0", features = ["sqlite"] }
dotenvy = "0.15.7" dotenvy = "0.15.7"
env_logger = "0.11.3" env_logger = "0.11.3"
fjall = "0.6.5" fjall = "0.6.5"
@ -24,15 +27,14 @@ minijinja-autoreload = "1.0.14"
model_derive = { path = "./model_derive" } model_derive = { path = "./model_derive" }
rand = "0.8.5" rand = "0.8.5"
redb = "2.1.0" redb = "2.1.0"
sea-orm = { version = "0.12.15", features = ["sqlx-sqlite", "macros", "runtime-tokio-rustls"] }
serde = { version = "1.0.197", features = ["derive"] } serde = { version = "1.0.197", features = ["derive"] }
sled = "=1.0.0-alpha.121" sled = "=1.0.0-alpha.121"
thiserror = "1.0.58" thiserror = "1.0.58"
tokio = { version = "1.36.0", features = ["rt", "full"] } tokio = { version = "1.36.0", features = ["rt", "full"] }
tower-http = { version = "0.5.2", features = ["fs", "trace"] } tower-http = { version = "0.5.2", features = ["fs", "trace"] }
tower-sessions = "0.11.1" tower-sessions = "0.12"
tower-sessions-moka-store = "0.11.0" tower-sessions-moka-store = "0.12"
tower-sessions-sqlx-store = { version = "0.11.0", features = ["sqlite"] } tower-sessions-sqlx-store = { version = "0.12", features = ["sqlite"] }
tracing = "0.1.40" tracing = "0.1.40"
tracing-subscriber = { version = "0.3.18", features = ["env-filter"] } tracing-subscriber = { version = "0.3.18", features = ["env-filter"] }
uuid = { version = "1.8.0", features = ["v4", "fast-rng", "v7", "serde"] } uuid = { version = "1.8.0", features = ["v4", "fast-rng", "v7", "serde"] }

View file

@ -34,10 +34,15 @@ We use nightly, and installation and management using [rustup][rustup] is
recommended. recommended.
### SeaORM ### DB (Diesel)
We use SeaORM for database interaction. You'll want the CLI, which you can We use [Diesel](https://diesel.rs/) for database interaction. You'll want the
install with `cargo install sea-orm-cli`. CLI, which you can install with the following command. This will install it for
your user on your system, including support for SQLite.
```bash
cargo install diesel_cli --no-default-features -F sqlite-bundled
```
### Tailwind ### Tailwind

View file

@ -0,0 +1,47 @@
# 4. UUIDs for primary keys
Date: 2024-05-31
## Status
Proposed
## Context
We need primary keys in our database.
I've used integers and UUIDs for this in different contexts. Ultimately, we have
to decide on which one to use.
## Decision
We're going to use UUIDs for our primary keys.
The primary motivation here is that it will give us the ability to generate IDs
before inserting records, and it lets us expose the IDs more easily. Instead of
either leaking information (count of users, etc.) or having a secondary mapping
for URLs, we can easily use the ID in a URL to map to a record for lookup.
## Consequences
There are some drawbacks:
- We lose some type safety, becasue SQLite only supports text/blob types and
it's been a blocker trying to implement custom sql types in Diesel, so this is
going to be done by converting to strings and operating on these IDs as
strings.
- They take up more space
However, we get these benefits:
- We can expose primary keys without leaking information. This makes it so we
do not need secondary IDs (and associated indexes) for looking up specific
records and putting them in URLs, where if we used integers we'd need that or
we would have to accept exposing the number of records we have.
- IDs are unique across tables, so they should give us the ability to find a
particular row even if we don't know the table. This also means we could link
events, like edit events, to any table via UUID.

9
diesel.toml Normal file
View file

@ -0,0 +1,9 @@
# For documentation on how to configure this file,
# see https://diesel.rs/guides/configuring-diesel-cli
[print_schema]
file = "src/schema.rs"
custom_type_derives = ["diesel::query_builder::QueryId", "Clone"]
[migrations_directory]
dir = "/home/nicole/Code/pique/migrations"

2351
migration/Cargo.lock generated

File diff suppressed because it is too large Load diff

View file

@ -1,19 +0,0 @@
[package]
name = "migration"
version = "0.1.0"
edition = "2021"
publish = false
[lib]
name = "migration"
path = "src/lib.rs"
[dependencies]
async-std = { version = "1", features = ["attributes", "tokio1"] }
[dependencies.sea-orm-migration]
version = "0.12.0"
features = [
"runtime-tokio-rustls",
"sqlx-sqlite",
]

View file

@ -1,41 +0,0 @@
# Running Migrator CLI
- Generate a new migration file
```sh
cargo run -- generate MIGRATION_NAME
```
- Apply all pending migrations
```sh
cargo run
```
```sh
cargo run -- up
```
- Apply first 10 pending migrations
```sh
cargo run -- up -n 10
```
- Rollback last applied migrations
```sh
cargo run -- down
```
- Rollback last 10 applied migrations
```sh
cargo run -- down -n 10
```
- Drop all tables from the database, then reapply all migrations
```sh
cargo run -- fresh
```
- Rollback all applied migrations, then reapply all migrations
```sh
cargo run -- refresh
```
- Rollback all applied migrations
```sh
cargo run -- reset
```
- Check the status of all migrations
```sh
cargo run -- status
```

View file

@ -1,14 +0,0 @@
pub use sea_orm_migration::prelude::*;
mod m20240316_155147_create_users_table;
pub struct Migrator;
#[async_trait::async_trait]
impl MigratorTrait for Migrator {
fn migrations() -> Vec<Box<dyn MigrationTrait>> {
vec![
Box::new(m20240316_155147_create_users_table::Migration),
]
}
}

View file

@ -1,69 +0,0 @@
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.create_table(
Table::create()
.table(User::Table)
.if_not_exists()
.col(
ColumnDef::new(User::Id)
.integer()
.not_null()
.auto_increment()
.primary_key(),
)
.col(ColumnDef::new(User::FullName).string_len(100).not_null())
.col(
ColumnDef::new(User::Email)
.string_len(100)
.unique()
.not_null(),
)
.col(
ColumnDef::new(User::Username)
.string_len(32)
.unique()
.not_null(),
)
.col(ColumnDef::new(User::PasswordHash).string().not_null())
.col(
ColumnDef::new(User::Created)
.date_time()
.default(Expr::current_timestamp())
.not_null(),
)
.col(
ColumnDef::new(User::Updated)
.date_time()
.default(Expr::current_timestamp())
.not_null(),
)
.to_owned(),
)
.await
}
async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.drop_table(Table::drop().table(User::Table).to_owned())
.await
}
}
#[derive(DeriveIden)]
enum User {
Table,
Id,
FullName,
Email,
Username,
PasswordHash,
Created,
Updated,
}

View file

@ -1,6 +0,0 @@
use sea_orm_migration::prelude::*;
#[async_std::main]
async fn main() {
cli::run_cli(migration::Migrator).await;
}

0
migrations/.keep Normal file
View file

View file

@ -0,0 +1 @@
DROP TABLE IF EXISTS users;

View file

@ -0,0 +1,9 @@
CREATE TABLE IF NOT EXISTS users (
id UUID_TEXT PRIMARY KEY NOT NULL UNIQUE,
username TEXT NOT NULL UNIQUE CHECK (LENGTH(username) <= 32),
password_hash TEXT NOT NULL,
email TEXT NOT NULL UNIQUE CHECK (LENGTH(email) <= 100),
name TEXT NOT NULL CHECK (LENGTH(name) <= 100),
created TIMESTAMP NOT NULL,
updated TIMESTAMP NOT NULL
);

View file

@ -0,0 +1,3 @@
DROP TABLE IF EXISTS projects;
DROP TABLE IF EXISTS documents;

View file

@ -0,0 +1,24 @@
CREATE TABLE IF NOT EXISTS projects (
id UUID_TEXT PRIMARY KEY NOT NULL UNIQUE,
creator_id UUID_TEXT NOT NULL,
name TEXT NOT NULL,
description TEXT NOT NULL,
key TEXT NOT NULL,
created TIMESTAMP NOT NULL,
updated TIMESTAMP NOT NULL
);
CREATE TABLE IF NOT EXISTS documents (
id UUID_TEXT PRIMARY KEY NOT NULL UNIQUE,
creator_id UUID_TEXT NOT NULL,
project_id UUID_TEXT NOT NULL,
title TEXT NOT NULL,
content TEXT NOT NULL,
created TIMESTAMP NOT NULL,
updated TIMESTAMP NOT NULL
);

View file

@ -0,0 +1,2 @@
DROP TABLE IF EXISTS project_memberships;
DROP TABLE IF EXISTS document_memberships;

View file

@ -0,0 +1,22 @@
CREATE TABLE IF NOT EXISTS project_memberships(
id INTEGER PRIMARY KEY NOT NULL UNIQUE,
user_id UUID_TEXT NOT NULL,
project_id UUID_TEXT NOT NULL,
role TEXT NOT NULL,
created TIMESTAMP NOT NULL,
updated TIMESTAMP NOT NULL
);
CREATE TABLE IF NOT EXISTS document_memberships(
id INTEGER PRIMARY KEY NOT NULL UNIQUE,
user_id UUID_TEXT NOT NULL,
document_id UUID_TEXT NOT NULL,
role TEXT NOT NULL,
created TIMESTAMP NOT NULL,
updated TIMESTAMP NOT NULL
);

View file

@ -1,20 +1,18 @@
use anyhow::Result; use anyhow::Result;
use clap::{Parser, Subcommand}; use clap::{Parser, Subcommand};
use pique::{ use pique::models::users::{self, NewUser};
db::{NewUser, UserQuery}, use pique::db::establish_connection;
prelude::*,
};
use rand::distributions::Alphanumeric; use rand::distributions::Alphanumeric;
use rand::{distributions::DistString, thread_rng}; use rand::{distributions::DistString, thread_rng};
use sea_orm::Database;
#[tokio::main] #[tokio::main]
pub async fn main() -> Result<()> { pub async fn main() -> Result<()> {
dotenvy::dotenv()?; dotenvy::dotenv()?;
let db_url = dotenvy::var("DATABASE_URL")?;
match AdminCli::parse().command { match AdminCli::parse().command {
AdminCommand::CreateUser { AdminCommand::CreateUser {
full_name, name,
email, email,
username, username,
password, password,
@ -29,15 +27,15 @@ pub async fn main() -> Result<()> {
password password
} }
}; };
handle_create_user(NewUser { handle_create_user(&db_url, NewUser::new(
full_name, name,
email,
username, username,
email,
password, password,
}) ))
.await? .await?
} }
AdminCommand::ListUsers => handle_list_users().await?, AdminCommand::ListUsers => handle_list_users(&db_url).await?,
}; };
Ok(()) Ok(())
@ -52,7 +50,7 @@ struct AdminCli {
#[derive(Subcommand, Debug)] #[derive(Subcommand, Debug)]
pub enum AdminCommand { pub enum AdminCommand {
CreateUser { CreateUser {
full_name: String, name: String,
email: String, email: String,
username: String, username: String,
password: Option<String>, password: Option<String>,
@ -61,30 +59,24 @@ pub enum AdminCommand {
ListUsers, ListUsers,
} }
async fn handle_create_user(new_user: NewUser) -> Result<()> { async fn handle_create_user(db_url: &str, new_user: NewUser) -> Result<()> {
let db = connect_to_db().await?; let mut db = establish_connection(&db_url);
let user = UserQuery(&db).insert(new_user).await?; let user = users::Query::new(&mut db).create(new_user)?;
println!("User created successfully with id = {}", user.id.unwrap()); println!("User created successfully with id = {}", user.id);
Ok(()) Ok(())
} }
async fn handle_list_users() -> Result<()> { async fn handle_list_users(db_url: &str) -> Result<()> {
let db = connect_to_db().await?; let mut db = establish_connection(&db_url);
let users = UserQuery(&db).all().await?; let users = users::Query::new(&mut db).all()?;
println!("Found {} users.", users.len()); println!("Found {} users.", users.len());
for user in users { for user in users {
println!(" > {}: {} ({})", user.id, user.username, user.full_name); println!(" > {}: {} ({})", user.id, user.username, user.name);
} }
Ok(()) Ok(())
} }
async fn connect_to_db() -> Result<DatabaseConnection> {
let db_url = dotenvy::var("DATABASE_URL")?;
let db = Database::connect(db_url).await?;
Ok(db)
}

View file

@ -1,21 +1,31 @@
use diesel::{
r2d2::{ConnectionManager, Pool},
SqliteConnection,
};
use std::sync::Arc; use std::sync::Arc;
use minijinja_autoreload::AutoReloader; use minijinja_autoreload::AutoReloader;
use crate::{handler::internal_server_error, kv::KvHandle, prelude::*}; use crate::{handler::internal_server_error, kv::KvHandle, prelude::*};
pub type ConnectionPool = Pool<ConnectionManager<SqliteConnection>>;
#[derive(Clone)] #[derive(Clone)]
pub struct Context { pub struct Context {
pub db: DatabaseConnection, pub db_pool: ConnectionPool,
// TODO: add a design doc explaining why this not relational // TODO: add a design doc explaining why this not relational
pub kv_handles: KvHandle, pub kv_handles: KvHandle,
template_loader: Arc<AutoReloader>, template_loader: Arc<AutoReloader>,
} }
impl Context { impl Context {
pub fn new(db: DatabaseConnection, kv_handles: KvHandle, template_loader: AutoReloader) -> Context { pub fn new(
db: ConnectionPool,
kv_handles: KvHandle,
template_loader: AutoReloader,
) -> Context {
Context { Context {
db, db_pool: db,
kv_handles, kv_handles,
template_loader: Arc::new(template_loader), template_loader: Arc::new(template_loader),
} }

View file

@ -1,7 +1,52 @@
use sea_orm::Set; use diesel::prelude::*;
use diesel::r2d2::ConnectionManager;
use diesel::r2d2::Pool;
use diesel::SqliteConnection;
use diesel_migrations::{embed_migrations, EmbeddedMigrations, MigrationHarness};
pub const MIGRATIONS: EmbeddedMigrations = embed_migrations!();
/// Establishes a connection to the database using the given URL.
///
/// # Arguments
/// * `url` - The database URL to connect to.
///
/// # Panics
/// Panics if the database URL is not set or if the connection cannot be established.
pub fn establish_connection(url: &str) -> SqliteConnection {
SqliteConnection::establish(url).unwrap_or_else(|_| panic!("Error connecting to {}", url))
}
/// Builds a connection pool for the given URL.
///
/// # Arguments
/// * `url` - The database URL to connect to.
///
/// # Panics
/// Panics if the connection pool cannot be created.
pub fn build_connection_pool(url: &str) -> Pool<ConnectionManager<SqliteConnection>> {
let manager = ConnectionManager::<SqliteConnection>::new(url);
Pool::builder()
.build(manager)
.expect("Failed to create connection pool.")
}
/// Runs any pending migrations.
///
/// This function should be called before the application starts.
///
/// # Arguments
/// * `conn` - The database connection to run the migrations on.
///
/// # Panics
/// Panics if there is an error running the migrations.
pub fn migrate(conn: &mut SqliteConnection) {
conn.run_pending_migrations(MIGRATIONS).unwrap();
}
use thiserror::Error; use thiserror::Error;
use crate::{entity::user, password, prelude::*}; use crate::{password, prelude::*};
pub struct NewUser { pub struct NewUser {
pub full_name: String, pub full_name: String,
@ -52,45 +97,3 @@ impl ValidationError {
} }
} }
} }
#[derive(Debug, Error)]
pub enum DbError {
#[error("internal database error")]
Internal(#[from] sea_orm::DbErr),
}
pub struct UserQuery<'a>(pub &'a DatabaseConnection);
impl UserQuery<'_> {
pub async fn insert(&self, new_user: NewUser) -> Result<user::ActiveModel, DbError> {
let password_hash = new_user.hash_password();
let user = user::ActiveModel {
full_name: Set(new_user.full_name),
email: Set(new_user.email),
username: Set(new_user.username),
password_hash: Set(password_hash),
..Default::default()
}
.save(self.0)
.await?;
Ok(user)
}
pub async fn all(&self) -> Result<Vec<user::Model>, DbError> {
let users = User::find().all(self.0).await?;
Ok(users)
}
pub async fn by_id(&self, id: i32) -> Result<Option<user::Model>, DbError> {
let user = User::find_by_id(id).one(self.0).await?;
Ok(user)
}
pub async fn by_username(&self, username: &str) -> Result<Option<user::Model>, DbError> {
let user = User::find()
.filter(user::Column::Username.eq(username))
.one(self.0)
.await?;
Ok(user)
}
}

View file

@ -1,5 +0,0 @@
//! `SeaORM` Entity. Generated by sea-orm-codegen 0.12.15
pub mod prelude;
pub mod user;

View file

@ -1,3 +0,0 @@
//! `SeaORM` Entity. Generated by sea-orm-codegen 0.12.15
pub use super::user::Entity as User;

View file

@ -1,22 +0,0 @@
//! `SeaORM` Entity. Generated by sea-orm-codegen 0.12.15
use sea_orm::entity::prelude::*;
use serde::{Deserialize, Serialize};
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
#[sea_orm(table_name = "user")]
pub struct Model {
#[sea_orm(primary_key)]
pub id: i32,
pub full_name: String,
pub email: String,
pub username: String,
pub password_hash: String,
pub created: String,
pub updated: String,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {}
impl ActiveModelBehavior for ActiveModel {}

View file

@ -7,6 +7,7 @@ use axum::http::StatusCode;
use axum::response::Response; use axum::response::Response;
pub use login::login_page; pub use login::login_page;
pub use login::login_submit; pub use login::login_submit;
use tracing::error;
pub fn internal_server_error() -> Response { pub fn internal_server_error() -> Response {
Response::builder() Response::builder()
@ -14,3 +15,11 @@ pub fn internal_server_error() -> Response {
.body("Internal Server Error".into()) .body("Internal Server Error".into())
.unwrap() .unwrap()
} }
pub fn internal_error<E>(err: E) -> (StatusCode, String)
where
E: std::error::Error,
{
error!(?err, "internal error");
(StatusCode::INTERNAL_SERVER_ERROR, "Internal Server Error".into())
}

View file

@ -1,7 +1,7 @@
use axum::{extract::Path, response::Redirect, Form}; use axum::{extract::Path, response::Redirect, Form};
use axum_login::AuthSession; use axum_login::AuthSession;
use crate::{handler::internal_server_error, models::{Document, ModelPermission, ModelType, Permission}, prelude::*}; use crate::{handler::internal_server_error, models::users::User, prelude::*};
pub async fn documents_page( pub async fn documents_page(
State(ctx): State<Context>, State(ctx): State<Context>,
@ -14,33 +14,35 @@ pub async fn documents_page(
} }
} }
async fn render_documents_page(ctx: Context, user: crate::entity::user::Model) -> Response { async fn render_documents_page(ctx: Context, user: User) -> Response {
let documents = ModelPermission::user_documents(&ctx.kv_handles, user.id).unwrap_or_default(); todo!()
//let documents = ModelPermission::user_documents(&ctx.kv_handles, user.id).unwrap_or_default();
let values = context! { //let values = context! {
user => user, // user => user,
documents => documents, // documents => documents,
}; //};
ctx.render_resp("documents/list_documents.html", values) //ctx.render_resp("documents/list_documents.html", values)
} }
pub async fn create_document_page( pub async fn create_document_page(
State(ctx): State<Context>, State(ctx): State<Context>,
auth_session: AuthSession<Context>, auth_session: AuthSession<Context>,
) -> Response { ) -> Response {
let user = match auth_session.user { todo!()
Some(user) => user, //let user = match auth_session.user {
None => return Redirect::to("/login").into_response(), // Some(user) => user,
}; // None => return Redirect::to("/login").into_response(),
//};
let projects = ModelPermission::user_projects(&ctx.kv_handles, user.id).unwrap_or_default(); //let projects = ModelPermission::user_projects(&ctx.kv_handles, user.id).unwrap_or_default();
let values = context! { //let values = context! {
user => user, // user => user,
projects => projects, // projects => projects,
}; //};
ctx.render_resp("documents/create_document.html", values) //ctx.render_resp("documents/create_document.html", values)
} }
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
@ -54,48 +56,47 @@ pub async fn create_document_submit(
auth_session: AuthSession<Context>, auth_session: AuthSession<Context>,
form: Form<CreateDocumentSubmission>, form: Form<CreateDocumentSubmission>,
) -> Response { ) -> Response {
let user = match auth_session.user { todo!()
Some(user) => user, //let user = match auth_session.user {
None => return Redirect::to("/login").into_response(), // Some(user) => user,
}; // None => return Redirect::to("/login").into_response(),
//};
let project = match ModelPermission::user_project(&ctx.kv_handles, user.id, form.project_id) { //let project = match ModelPermission::user_project(&ctx.kv_handles, user.id, form.project_id) {
Ok(Some(project)) => project, // Ok(Some(project)) => project,
Ok(None) => return Redirect::to("/documents/create").into_response(), // Ok(None) => return Redirect::to("/documents/create").into_response(),
Err(err) => { // Err(err) => {
error!(?err, "failed to access kv store"); // error!(?err, "failed to access kv store");
return Redirect::to("/documents/create").into_response(); // return Redirect::to("/documents/create").into_response();
} // }
}; //};
let document = Document { //let document = Document {
id: Uuid::now_v7(), // id: Uuid::now_v7(),
project_id: project.id, // project_id: project.id,
title: form.title.to_owned(), // title: form.title.to_owned(),
content: "".to_owned(), // content: "".to_owned(),
}; //};
if let Err(err) = document.save(&ctx.kv_handles) { //if let Err(err) = document.save(&ctx.kv_handles) {
error!(?err, "failed to save document"); // error!(?err, "failed to save document");
return internal_server_error(); // return internal_server_error();
} //}
info!(?document, "document created"); //info!(?document, "document created");
let permission = ModelPermission { //let permission = ModelPermission {
user_id: user.id, // user_id: user.id,
model_type: ModelType::Document, // model_type: ModelType::Document,
role: Permission::Admin, // role: Permission::Admin,
model_id: document.id, // model_id: document.id,
}; //};
if let Err(err) = permission.add(&ctx.kv_handles) { //if let Err(err) = permission.add(&ctx.kv_handles) {
error!(?err, "failed to save new project permission"); // error!(?err, "failed to save new project permission");
return internal_server_error(); // return internal_server_error();
} //}
//Redirect::to("/documents").into_response()
Redirect::to("/documents").into_response()
} }
pub async fn edit_document_page( pub async fn edit_document_page(
@ -103,27 +104,28 @@ pub async fn edit_document_page(
auth_session: AuthSession<Context>, auth_session: AuthSession<Context>,
Path((id,)): Path<(Uuid,)>, Path((id,)): Path<(Uuid,)>,
) -> Response { ) -> Response {
let user = match auth_session.user { todo!()
Some(user) => user, //let user = match auth_session.user {
None => return Redirect::to("/login").into_response(), // Some(user) => user,
}; // None => return Redirect::to("/login").into_response(),
//};
let document = match ModelPermission::user_document(&ctx.kv_handles, user.id, id) { //let document = match ModelPermission::user_document(&ctx.kv_handles, user.id, id) {
Ok(Some(document)) => document, // Ok(Some(document)) => document,
Ok(None) => return Redirect::to("/documents").into_response(), // Ok(None) => return Redirect::to("/documents").into_response(),
Err(err) => { // Err(err) => {
error!(?err, "failed to load document"); // error!(?err, "failed to load document");
return internal_server_error(); // return internal_server_error();
} // }
}; //};
dbg!(&document); //dbg!(&document);
let values = context! { //let values = context! {
user => user, // user => user,
document => document, // document => document,
}; //};
ctx.render_resp("documents/edit_document.html", values) //ctx.render_resp("documents/edit_document.html", values)
} }
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
@ -132,39 +134,39 @@ pub struct EditDocumentSubmission {
pub content: String, pub content: String,
} }
pub async fn edit_document_submit( pub async fn edit_document_submit(
State(ctx): State<Context>, State(ctx): State<Context>,
auth_session: AuthSession<Context>, auth_session: AuthSession<Context>,
Path((document_id,)): Path<(Uuid,)>, Path((document_id,)): Path<(Uuid,)>,
form: Form<EditDocumentSubmission>, form: Form<EditDocumentSubmission>,
) -> Response { ) -> Response {
let user = match auth_session.user { todo!()
Some(user) => user, //let user = match auth_session.user {
None => return Redirect::to("/login").into_response(), // Some(user) => user,
}; // None => return Redirect::to("/login").into_response(),
//};
let mut document = match ModelPermission::user_document(&ctx.kv_handles, user.id, document_id) { //let mut document = match ModelPermission::user_document(&ctx.kv_handles, user.id, document_id) {
Ok(Some(document)) => document, // Ok(Some(document)) => document,
Ok(None) => return Redirect::to("/documents").into_response(), // Ok(None) => return Redirect::to("/documents").into_response(),
Err(err) => { // Err(err) => {
error!(?err, "failed to load document"); // error!(?err, "failed to load document");
return internal_server_error(); // return internal_server_error();
} // }
}; //};
let new_document = Document { //let new_document = Document {
id: document.id, // id: document.id,
project_id: document.id, // project_id: document.id,
title: form.title.to_owned(), // title: form.title.to_owned(),
content: form.content.to_owned(), // content: form.content.to_owned(),
}; //};
if let Err(err) = new_document.save(&ctx.kv_handles) { //if let Err(err) = new_document.save(&ctx.kv_handles) {
error!(?err, "failed to save document"); // error!(?err, "failed to save document");
return internal_server_error(); // return internal_server_error();
} //}
info!(?new_document, "document updated"); //info!(?new_document, "document updated");
Redirect::to("/documents").into_response() //Redirect::to("/documents").into_response()
} }

View file

@ -1,11 +1,15 @@
use axum::response::Redirect; use axum::response::Redirect;
use axum_login::AuthSession; use axum_login::AuthSession;
use crate::{models::{ModelPermission, Project}, prelude::*}; use crate::models::projects::Project;
use {crate::permissions, crate::prelude::*};
pub async fn home_page(State(ctx): State<Context>, auth_session: AuthSession<Context>) -> Response { pub async fn home_page(State(ctx): State<Context>, auth_session: AuthSession<Context>) -> Response {
if let Some(user) = auth_session.user { if let Some(user) = auth_session.user {
let projects: Vec<Project> = ModelPermission::user_projects(&ctx.kv_handles, user.id).unwrap_or_default(); let mut db = ctx.db_pool.get().unwrap();
let projects: Vec<Project> =
permissions::query::accessible_projects(&mut db, &user.id).unwrap();
let values = context! { let values = context! {
user => user, user => user,

View file

@ -1,12 +1,19 @@
use axum::{response::Redirect, Form}; use axum::{http::StatusCode, response::Redirect, Form};
use axum_login::AuthSession; use axum_login::AuthSession;
use crate::{ use crate::{
handler::internal_server_error, handler::internal_server_error,
models::{ModelPermission, ModelType, Permission, Project}, models::{
project_memberships::{self, ProjectRole},
projects::{self, NewProject},
users::User,
},
permissions,
prelude::*, prelude::*,
}; };
use super::internal_error;
pub async fn projects_page( pub async fn projects_page(
State(ctx): State<Context>, State(ctx): State<Context>,
auth_session: AuthSession<Context>, auth_session: AuthSession<Context>,
@ -18,8 +25,15 @@ pub async fn projects_page(
} }
} }
async fn render_projects_page(ctx: Context, user: crate::entity::user::Model) -> Response { async fn render_projects_page(ctx: Context, user: User) -> Response {
let projects = ModelPermission::user_projects(&ctx.kv_handles, user.id).unwrap_or_default(); let mut db = match ctx.db_pool.get() {
Ok(db) => db,
Err(err) => {
error!(?err, "failed to get db connection");
return internal_server_error();
}
};
let projects = permissions::query::accessible_projects(&mut db, &user.id).unwrap_or_default();
let values = context! { let values = context! {
user => user, user => user,
@ -47,46 +61,34 @@ pub async fn create_project_page(
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
pub struct CreateProjectSubmission { pub struct CreateProjectSubmission {
pub name: String, pub name: String,
pub key: String,
pub description: String, pub description: String,
pub key: String,
} }
pub async fn create_project_submit( pub async fn create_project_submit(
State(ctx): State<Context>, State(ctx): State<Context>,
auth_session: AuthSession<Context>, auth_session: AuthSession<Context>,
form: Form<CreateProjectSubmission>, form: Form<CreateProjectSubmission>,
) -> Response { ) -> Result<Response, (StatusCode, String)> {
let mut db = ctx.db_pool.get().map_err(internal_error)?;
let user = match auth_session.user { let user = match auth_session.user {
Some(user) => user, Some(user) => user,
None => return Redirect::to("/login").into_response(), None => return Ok(Redirect::to("/login").into_response()),
}; };
let project = Project { let new_project = NewProject::new(
id: Uuid::now_v7(), user.id.clone(),
owner_id: user.id, form.name.clone(),
form.description.clone(),
name: form.name.clone(), form.key.clone(),
key: form.key.clone(), );
description: form.description.clone(),
};
// TODO: validation // TODO: validation
if let Err(err) = project.save(&ctx.kv_handles) { let project = projects::query::create(&mut db, new_project).map_err(internal_error)?;
error!(?err, "failed to save new project");
return internal_server_error();
}
let permission = ModelPermission { let _ = project_memberships::query::create(&mut db, &user.id, &project.id, ProjectRole::Admin)
user_id: user.id, .map_err(internal_error)?;
model_type: ModelType::Project,
role: Permission::Admin,
model_id: project.id,
};
if let Err(err) = permission.add(&ctx.kv_handles) { Ok(Redirect::to("/projects").into_response())
error!(?err, "failed to save new project permission");
return internal_server_error();
}
Redirect::to("/projects").into_response()
} }

View file

@ -1,14 +1,15 @@
pub mod config; pub mod config;
pub mod context; pub mod context;
pub mod db; pub mod db;
pub mod entity;
pub mod handler; pub mod handler;
pub mod logging; pub mod logging;
pub mod models; pub mod models;
pub mod password; pub mod password;
pub mod prelude; pub mod prelude;
pub mod schema;
pub mod serialize; pub mod serialize;
pub mod server; pub mod server;
pub mod session; pub mod session;
pub mod templates; pub mod templates;
pub mod kv; pub mod kv;
pub mod permissions;

View file

@ -1,190 +1,20 @@
use core::fmt::{self, Display}; use thiserror::Error;
use crate::prelude::*;
use anyhow::Result; pub mod users;
use fjall::PartitionHandle; pub mod projects;
use model_derive::Model; pub mod types;
use serde::{Deserialize, Serialize}; pub mod document_memberships;
use uuid::Uuid; pub mod project_memberships;
pub mod documents;
use crate::kv::KvHandle; #[derive(Error, Debug)]
pub enum DbError {
#[error("Diesel error: {0}")]
DieselError(#[from] diesel::result::Error),
pub trait Model: Sized + Serialize + for<'a> Deserialize<'a> { #[error("Diesel connection error: {0}")]
type Id; ConnectionError(#[from] diesel::ConnectionError),
fn id(&self) -> Self::Id; #[error("Connection pool error: {0}")]
fn key(id: Self::Id) -> Vec<u8>; PoolError(#[from] diesel::r2d2::PoolError),
fn partition(kv_handle: &KvHandle) -> &PartitionHandle;
fn save(&self, kv_handle: &KvHandle) -> Result<()> {
let key = Self::key(self.id());
let value = bincode::serialize(self)?;
let partition = Self::partition(kv_handle);
partition.insert(key, value)?;
Ok(())
}
fn load(kv_handle: &KvHandle, id: Self::Id) -> Result<Option<Self>> {
let key = Self::key(id);
let partition = Self::partition(kv_handle);
match partition.get(key.as_slice())? {
Some(bytes) => {
let bytes = bytes.to_vec();
let value: Self = bincode::deserialize(&bytes)?;
Ok(Some(value))
}
None => Ok(None),
}
}
}
#[derive(Debug, Model, Serialize, Deserialize, PartialEq)]
#[model_version(0)]
pub struct Project {
pub id: Uuid,
pub owner_id: i32,
pub name: String,
pub description: String,
// The key is the short code, like BUG, which is used to refer to a project
// quickly and to display it more compactly. This must be unique across the
// projects a user owns.
pub key: String,
}
#[derive(Debug, Model, Serialize, Deserialize, PartialEq)]
#[model_version(0)]
pub struct Document {
pub id: Uuid,
pub project_id: Uuid,
pub title: String,
pub content: String,
}
#[derive(Debug, Serialize, Deserialize, PartialEq)]
#[repr(u8)]
pub enum ModelType {
Project = 0,
Document = 1,
}
impl Display for ModelType {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
ModelType::Project => write!(f, "project"),
ModelType::Document => write!(f, "document"),
}
}
}
#[derive(Debug, Serialize, Deserialize, PartialEq)]
#[repr(u8)]
pub enum Permission {
Admin = 0,
Read = 1,
}
impl Display for Permission {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
Permission::Admin => write!(f, "admin"),
Permission::Read => write!(f, "read"),
}
}
}
#[derive(Debug, Serialize, Deserialize, PartialEq)]
pub struct ModelPermission {
pub user_id: i32,
pub model_type: ModelType,
pub role: Permission,
pub model_id: Uuid,
}
impl ModelPermission {
pub fn add(&self, kv_handle: &KvHandle) -> Result<()> {
let key = format!(
"{}:{}:{}:{}",
self.user_id, self.model_type, self.role, self.model_id
);
let value = bincode::serialize(self)?;
kv_handle.permissions.insert(key, value)?;
Ok(())
}
pub fn user_projects(kv_handle: &KvHandle, user_id: i32) -> Result<Vec<Project>> {
let prefix = format!("{}:{}:", user_id, ModelType::Project);
let mut ids = vec![];
for row in kv_handle.permissions.prefix(prefix).into_iter() {
let (_key, value) = row?;
let permission: ModelPermission = bincode::deserialize(&value)?;
ids.push(permission.model_id);
}
let projects: Vec<Project> = ids
.into_iter()
.filter_map(|id| {
let res = Project::load(kv_handle, id);
res.ok().flatten()
})
.collect();
Ok(projects)
}
pub fn user_project(kv_handle: &KvHandle, user_id: i32, project_id: Uuid) -> Result<Option<Project>> {
let key = format!("{}:{}:{}:{}", user_id, ModelType::Project, Permission::Admin, project_id);
let value = kv_handle.permissions.get(key)?;
match value {
Some(value) => {
let permission: ModelPermission = bincode::deserialize(&value)?;
let project = Project::load(kv_handle, permission.model_id)?;
Ok(project)
}
None => Ok(None),
}
}
pub fn user_documents(kv_handle: &KvHandle, user_id: i32) -> Result<Vec<Document>> {
let prefix = format!("{}:{}:", user_id, ModelType::Document);
let mut ids = vec![];
for row in kv_handle.permissions.prefix(prefix).into_iter() {
let (_key, value) = row?;
let permission: ModelPermission = bincode::deserialize(&value)?;
ids.push(permission.model_id);
}
dbg!(&ids);
let documents: Vec<Document> = ids
.into_iter()
.filter_map(|id| Document::load(kv_handle, id).ok().flatten())
.collect();
dbg!(&documents);
Ok(documents)
}
pub fn user_document(kv_handle: &KvHandle, user_id: i32, document_id: Uuid) -> Result<Option<Document>> {
let key = format!("{}:{}:{}:{}", user_id, ModelType::Document, Permission::Admin, document_id);
let value = kv_handle.permissions.get(key)?;
match value {
Some(value) => {
let permission: ModelPermission = bincode::deserialize(&value)?;
let document = Document::load(kv_handle, permission.model_id)?;
Ok(document)
}
None => Ok(None),
}
}
} }

View file

58
src/models/documents.rs Normal file
View file

@ -0,0 +1,58 @@
use diesel::prelude::*;
use crate::schema::documents::dsl;
use uuid::Uuid;
use super::DbError;
#[derive(Queryable, Selectable, Debug, Clone)]
#[diesel(table_name = crate::schema::documents)]
#[diesel(check_for_backend(diesel::sqlite::Sqlite))]
pub struct Document {
pub id: String,
pub creator_id: String,
pub project_id: String,
pub title: String,
pub content: String,
pub created: chrono::NaiveDateTime,
pub updated: chrono::NaiveDateTime,
}
#[derive(Insertable)]
#[diesel(table_name = crate::schema::documents)]
pub struct NewDocument {
pub id: String,
pub creator_id: String,
pub project_id: String,
pub title: String,
pub content: String,
}
impl NewDocument {
pub fn new(creator_id: Uuid, project_id: Uuid, title: String, content: String) -> Self {
Self {
id: Uuid::new_v4().to_string(),
creator_id: creator_id.to_string(),
project_id: project_id.to_string(),
title,
content,
}
}
}
pub struct Query<'a> {
db: &'a mut SqliteConnection,
}
impl<'a> Query<'a> {
pub fn new(db: &'a mut SqliteConnection) -> Self {
Self { db }
}
pub fn for_user(&mut self, user_id: String) -> Result<Vec<Document>, DbError> {
let documents = dsl::documents
.filter(dsl::creator_id.eq(user_id.to_string()))
.load::<Document>(self.db)?;
Ok(documents)
}
}

View file

@ -0,0 +1,92 @@
use diesel::{expression::AsExpression, prelude::*, sql_types::Text};
use std::fmt;
#[derive(AsExpression, Debug, Clone)]
#[diesel(sql_type = Text)]
pub enum ProjectRole {
Member,
Admin,
}
impl fmt::Display for ProjectRole {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
match self {
ProjectRole::Member => write!(f, "member"),
ProjectRole::Admin => write!(f, "admin"),
}
}
}
impl<S> From<S> for ProjectRole
where
S: AsRef<str>,
String: std::convert::From<S>,
{
fn from(status: S) -> Self {
match status.as_ref() {
"member" => ProjectRole::Member,
"admin" => ProjectRole::Admin,
_ => ProjectRole::Member,
}
}
}
impl From<ProjectRole> for String {
fn from(role: ProjectRole) -> Self {
match role {
ProjectRole::Member => "member".to_string(),
ProjectRole::Admin => "admin".to_string(),
}
}
}
#[derive(Queryable, Selectable, Debug, Clone)]
#[diesel(table_name = crate::schema::project_memberships)]
#[diesel(check_for_backend(diesel::sqlite::Sqlite))]
pub struct ProjectMembership {
pub id: i32,
pub user_id: String,
pub project_id: String,
#[diesel(serialize_as = String, deserialize_as = String)]
pub role: ProjectRole,
pub created: chrono::NaiveDateTime,
pub updated: chrono::NaiveDateTime,
}
#[derive(Insertable)]
#[diesel(table_name = crate::schema::project_memberships)]
pub struct NewProjectMembership {
pub user_id: String,
pub project_id: String,
#[diesel(serialize_as = String, deserialize_as = String)]
pub role: ProjectRole,
}
pub mod query {
use diesel::SqliteConnection;
use super::*;
pub fn create (
db: &mut SqliteConnection,
user_id: &str,
project_id: &str,
role: ProjectRole,
) -> Result<ProjectMembership, diesel::result::Error> {
use crate::schema::project_memberships::dsl as pm;
let new_membership = NewProjectMembership {
user_id: user_id.to_string(),
project_id: project_id.to_string(),
role,
};
let membership = diesel::insert_into(pm::project_memberships)
.values(new_membership)
.get_result(db)?;
Ok(membership)
}
}

68
src/models/projects.rs Normal file
View file

@ -0,0 +1,68 @@
use diesel::prelude::*;
use serde::{Serialize};
use crate::schema::projects::dsl;
use uuid::Uuid;
use super::DbError;
#[derive(Queryable, Selectable, Debug, Clone, Serialize)]
#[diesel(table_name = crate::schema::projects)]
#[diesel(check_for_backend(diesel::sqlite::Sqlite))]
pub struct Project {
pub id: String,
pub creator_id: String,
pub name: String,
pub description: String,
pub key: String,
#[serde(skip)]
pub created: chrono::NaiveDateTime,
#[serde(skip)]
pub updated: chrono::NaiveDateTime,
}
#[derive(Insertable)]
#[diesel(table_name = crate::schema::projects)]
pub struct NewProject {
pub id: String,
pub creator_id: String,
pub name: String,
pub description: String,
pub key: String,
}
impl NewProject {
pub fn new(creator_id: String, name: String, description: String, key: String) -> Self {
Self {
id: Uuid::new_v4().to_string(),
creator_id,
name,
description,
key,
}
}
}
pub mod query {
use super::*;
pub fn for_user(db: &mut SqliteConnection, user_id: String) -> Result<Vec<Project>, DbError> {
let projects = dsl::projects
.filter(dsl::creator_id.eq(user_id.to_string()))
.load::<Project>(db)?;
Ok(projects)
}
pub fn create(
db: &mut SqliteConnection,
new_project: NewProject,
) -> Result<Project, diesel::result::Error> {
use crate::schema::projects::dsl as p;
let project = diesel::insert_into(p::projects)
.values(new_project)
.get_result(db)?;
Ok(project)
}
}

0
src/models/types.rs Normal file
View file

82
src/models/users.rs Normal file
View file

@ -0,0 +1,82 @@
use diesel::prelude::*;
use serde::Serialize;
use crate::schema::users::dsl;
use uuid::Uuid;
use crate::password;
use super::DbError;
#[derive(Queryable, Selectable, Debug, Clone, Serialize)]
#[diesel(table_name = crate::schema::users)]
#[diesel(check_for_backend(diesel::sqlite::Sqlite))]
pub struct User {
pub id: String,
pub username: String,
pub password_hash: String,
pub email: String,
pub name: String,
#[serde(skip)]
pub created: chrono::NaiveDateTime,
#[serde(skip)]
pub updated: chrono::NaiveDateTime,
}
#[derive(Insertable)]
#[diesel(table_name = crate::schema::users)]
pub struct NewUser {
pub id: String,
pub name: String,
pub username: String,
pub email: String,
pub password_hash: String,
}
impl NewUser {
pub fn new(name: String, username: String, email: String, password: String) -> Self {
let password_hash = password::hash(&password);
Self {
id: Uuid::new_v4().to_string(),
name,
username,
email,
password_hash,
}
}
}
pub struct Query<'a> {
db: &'a mut SqliteConnection,
}
impl<'a> Query<'a> {
pub fn new(db: &'a mut SqliteConnection) -> Self {
Self { db }
}
pub fn all(&mut self) -> Result<Vec<User>, DbError> {
let user_list = dsl::users.load::<User>(self.db)?;
Ok(user_list)
}
pub fn by_id(&mut self, id: &str) -> Result<User, DbError> {
let user = dsl::users.filter(dsl::id.eq(id)).first::<User>(self.db)?;
Ok(user)
}
pub fn by_username(&mut self, username: &str) -> Result<User, DbError> {
let user = dsl::users.filter(dsl::username.eq(username)).first::<User>(self.db)?;
Ok(user)
}
pub fn create(&mut self, new_user: NewUser) -> Result<User, DbError> {
let _ = diesel::insert_into(dsl::users)
.values(&new_user)
.execute(self.db)?;
let new_user = dsl::users.filter(dsl::id.eq(&new_user.id)).first::<User>(self.db)?;
Ok(new_user)
}
}

81
src/permissions.rs Normal file
View file

@ -0,0 +1,81 @@
pub mod query {
use diesel::prelude::*;
use crate::models::documents::Document;
use crate::models::projects::Project;
use diesel::SqliteConnection;
/// Users have permissions directly on projects which they are members of.
pub fn accessible_project_ids(
db: &mut SqliteConnection,
user_id: &str,
) -> Result<Vec<String>, diesel::result::Error> {
use crate::schema::project_memberships::dsl as pm;
let project_ids = pm::project_memberships
.filter(pm::user_id.eq(user_id))
.select(pm::project_id)
.load::<String>(db)?;
Ok(project_ids)
}
/// Users have permissions directly on projects which they are members of.
pub fn accessible_projects(
db: &mut SqliteConnection,
user_id: &str,
) -> Result<Vec<Project>, diesel::result::Error> {
use crate::schema::projects::dsl as p;
let project_ids = accessible_project_ids(db, user_id)?;
let projects = p::projects
.filter(p::id.eq_any(project_ids))
.load::<Project>(db)?;
Ok(projects)
}
/// Users can access documents which they are members of or which are in
/// projects they're members of.
pub fn accessible_document_ids(
db: &mut SqliteConnection,
user_id: &str,
) -> Result<Vec<String>, diesel::result::Error> {
use crate::schema::documents::dsl as d;
use crate::schema::project_memberships::dsl as pm;
let project_ids = accessible_project_ids(db, user_id)?;
let direct_documents = pm::project_memberships
.filter(pm::user_id.eq(user_id))
.select(pm::project_id)
.load::<String>(db)?;
let project_documents = d::documents
.filter(d::project_id.eq_any(project_ids))
.select(d::id)
.load::<String>(db)?;
let document_ids = direct_documents
.into_iter()
.chain(project_documents.into_iter())
.collect();
Ok(document_ids)
}
/// Users can access documents which they are members of or which are in
/// projects they're members of.
pub fn accessible_documents(
db: &mut SqliteConnection,
user_id: &str,
) -> Result<Vec<Document>, diesel::result::Error> {
use crate::schema::documents::dsl as d;
let document_ids = accessible_document_ids(db, user_id)?;
let documents = d::documents
.filter(d::id.eq_any(document_ids))
.load::<Document>(db)?;
Ok(documents)
}
}

View file

@ -1,10 +1,7 @@
pub use crate::context::Context; pub use crate::context::Context;
pub use crate::entity::prelude::*;
pub use crate::models::Model;
pub use axum::extract::State; pub use axum::extract::State;
pub use axum::response::{Html, IntoResponse, Response}; pub use axum::response::{Html, IntoResponse, Response};
pub use minijinja::context; pub use minijinja::context;
pub use sea_orm::prelude::*;
pub use sea_orm::{ActiveModelTrait, DatabaseConnection};
pub use serde::{Deserialize, Serialize}; pub use serde::{Deserialize, Serialize};
pub use tracing::{debug, error, info, warn}; pub use tracing::{debug, error, info, warn};
pub use uuid::Uuid;

67
src/schema.rs Normal file
View file

@ -0,0 +1,67 @@
// @generated automatically by Diesel CLI.
diesel::table! {
document_memberships (id) {
id -> Integer,
user_id -> Text,
document_id -> Text,
role -> Text,
created -> Timestamp,
updated -> Timestamp,
}
}
diesel::table! {
documents (id) {
id -> Text,
creator_id -> Text,
project_id -> Text,
title -> Text,
content -> Text,
created -> Timestamp,
updated -> Timestamp,
}
}
diesel::table! {
project_memberships (id) {
id -> Integer,
user_id -> Text,
project_id -> Text,
role -> Text,
created -> Timestamp,
updated -> Timestamp,
}
}
diesel::table! {
projects (id) {
id -> Text,
creator_id -> Text,
name -> Text,
description -> Text,
key -> Text,
created -> Timestamp,
updated -> Timestamp,
}
}
diesel::table! {
users (id) {
id -> Text,
username -> Text,
password_hash -> Text,
email -> Text,
name -> Text,
created -> Timestamp,
updated -> Timestamp,
}
}
diesel::allow_tables_to_appear_in_same_query!(
document_memberships,
documents,
project_memberships,
projects,
users,
);

View file

@ -4,13 +4,15 @@ use anyhow::Result;
use axum::{routing::{get, post}, Router}; use axum::{routing::{get, post}, Router};
use axum_login::AuthManagerLayerBuilder; use axum_login::AuthManagerLayerBuilder;
use clap::Parser; use clap::Parser;
use sea_orm::Database; use diesel_migrations::{embed_migrations, EmbeddedMigrations};
use tower_http::{services::ServeDir, trace::{DefaultOnRequest, DefaultOnResponse, TraceLayer}}; use tower_http::{services::ServeDir, trace::{DefaultOnRequest, DefaultOnResponse, TraceLayer}};
use tower_sessions::SessionManagerLayer; use tower_sessions::SessionManagerLayer;
use tower_sessions_sqlx_store::{sqlx::SqlitePool, SqliteStore}; use tower_sessions_sqlx_store::{sqlx::SqlitePool, SqliteStore};
use tracing::Level; use tracing::Level;
use crate::{config::CommandLineOptions, context::Context, handler::{documents::{create_document_page, create_document_submit, documents_page, edit_document_page, edit_document_submit}, home::home_page, login::logout, login_page, login_submit, projects::{create_project_page, create_project_submit, projects_page}}, kv::KvHandle, logging::setup_logging, templates::make_template_loader}; use crate::{config::CommandLineOptions, context::Context, db, handler::{documents::{create_document_page, create_document_submit, documents_page, edit_document_page, edit_document_submit}, home::home_page, login::logout, login_page, login_submit, projects::{create_project_page, create_project_submit, projects_page}}, kv::KvHandle, logging::setup_logging, templates::make_template_loader};
pub const MIGRATIONS: EmbeddedMigrations = embed_migrations!("./migrations/");
pub async fn run() -> Result<()> { pub async fn run() -> Result<()> {
dotenvy::dotenv()?; dotenvy::dotenv()?;
@ -21,14 +23,17 @@ pub async fn run() -> Result<()> {
let template_loader = make_template_loader(opts.reload_templates); let template_loader = make_template_loader(opts.reload_templates);
let db_url = dotenvy::var("DATABASE_URL")?; let db_url = dotenvy::var("DATABASE_URL")?;
let db = Database::connect(db_url).await?; let mut db_conn = db::establish_connection(&db_url);
db::migrate(&mut db_conn);
let db_pool = db::build_connection_pool(&db_url);
let session_layer = create_session_manager_layer().await?; let session_layer = create_session_manager_layer().await?;
// TODO: better name, also make it an option // TODO: better name, also make it an option
let kv_handles = KvHandle::open("./kvdata/")?; let kv_handles = KvHandle::open("./kvdata/")?;
let context = Context::new(db, kv_handles, template_loader); let context = Context::new(db_pool, kv_handles, template_loader);
let auth_backend = context.clone(); let auth_backend = context.clone();
let auth_layer = AuthManagerLayerBuilder::new(auth_backend, session_layer.clone()).build(); let auth_layer = AuthManagerLayerBuilder::new(auth_backend, session_layer.clone()).build();

View file

@ -1,12 +1,7 @@
use async_trait::async_trait; use async_trait::async_trait;
use axum_login::{AuthUser, AuthnBackend, UserId}; use axum_login::{AuthUser, AuthnBackend, UserId};
use crate::{ use crate::{models::{self, users, DbError}, password, prelude::*};
db::{DbError, UserQuery},
entity::user,
password,
prelude::*,
};
#[derive(Serialize, Deserialize)] #[derive(Serialize, Deserialize)]
pub struct Credentials { pub struct Credentials {
@ -14,11 +9,11 @@ pub struct Credentials {
pub password: String, pub password: String,
} }
impl AuthUser for user::Model { impl AuthUser for models::users::User {
type Id = i32; type Id = String;
fn id(&self) -> Self::Id { fn id(&self) -> Self::Id {
self.id self.id.clone()
} }
fn session_auth_hash(&self) -> &[u8] { fn session_auth_hash(&self) -> &[u8] {
@ -28,7 +23,7 @@ impl AuthUser for user::Model {
#[async_trait] #[async_trait]
impl AuthnBackend for Context { impl AuthnBackend for Context {
type User = user::Model; type User = models::users::User;
type Credentials = Credentials; type Credentials = Credentials;
type Error = DbError; type Error = DbError;
@ -36,14 +31,24 @@ impl AuthnBackend for Context {
&self, &self,
creds: Self::Credentials, creds: Self::Credentials,
) -> Result<Option<Self::User>, Self::Error> { ) -> Result<Option<Self::User>, Self::Error> {
let user = UserQuery(&self.db) let mut db = self.db_pool.get()?;
.by_username(&creds.username) let mut q = users::Query::new(&mut db);
.await?
.filter(|u| password::verify(&u.password_hash, &creds.password)); let user = q.by_username(&creds.username)?;
Ok(user)
if password::verify(&user.password_hash, &creds.password) {
Ok(Some(user))
} else {
Ok(None)
}
} }
async fn get_user(&self, user_id: &UserId<Self>) -> Result<Option<Self::User>, Self::Error> { async fn get_user(&self, user_id: &UserId<Self>) -> Result<Option<Self::User>, Self::Error> {
UserQuery(&self.db).by_id(*user_id).await let mut db = self.db_pool.get()?;
let mut q = users::Query::new(&mut db);
let user = q.by_id(&user_id)?;
Ok(Some(user))
} }
} }