feat: implement grant/revoke from snapshot

032b3b1f · Georgy Moshkin · 5d74aa1e · 032b3b1f · 032b3b1f
Commit 032b3b1f authored 1 year ago by Georgy Moshkin
--- a/src/schema.rs
+++ b/src/schema.rs
@@ -211,7 +211,7 @@ impl UserDef {
 ////////////////////////////////////////////////////////////////////////////////

 /// Privilege definition.
-#[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq)]
+#[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq, Hash)]
 pub struct PrivilegeDef {
    pub user_id: UserId,
    pub object_type: String,

--- a/src/storage.rs
+++ b/src/storage.rs
@@ -584,6 +584,7 @@ impl Clusterwide {
        // These need to be saved before we truncate the corresponding spaces.
        let mut old_space_versions = HashMap::new();
        let mut old_user_versions = HashMap::new();
+        let mut old_priv_versions = HashMap::new();

        for def in self.spaces.iter()? {
            old_space_versions.insert(def.id, def.schema_version);
@@ -591,6 +592,10 @@ impl Clusterwide {
        for def in self.users.iter()? {
            old_user_versions.insert(def.id, def.schema_version);
        }
+        for def in self.privileges.iter()? {
+            let schema_version = def.schema_version;
+            old_priv_versions.insert(def, schema_version);
+        }

        let mut dont_exist_yet = Vec::new();
        for space_dump in &data.space_dumps {
@@ -612,6 +617,7 @@ impl Clusterwide {
            self.apply_schema_changes_on_master(self.spaces.iter()?, &old_space_versions)?;
            // TODO: secondary indexes
            self.apply_schema_changes_on_master(self.users.iter()?, &old_user_versions)?;
+            self.apply_schema_changes_on_master(self.privileges.iter()?, &old_priv_versions)?;
            set_local_schema_version(data.schema_version)?;
        }

@@ -2140,6 +2146,34 @@ impl SchemaDef for UserDef {
    }
 }

+impl SchemaDef for PrivilegeDef {
+    type Key = Self;
+
+    #[inline(always)]
+    fn key(&self) -> Self {
+        self.clone()
+    }
+
+    #[inline(always)]
+    fn schema_version(&self) -> u64 {
+        self.schema_version
+    }
+
+    #[inline(always)]
+    fn on_insert(&self, storage: &Clusterwide) -> traft::Result<()> {
+        _ = storage;
+        acl_grant_privilege_on_master(self)?;
+        Ok(())
+    }
+
+    #[inline(always)]
+    fn on_delete(this: &Self, storage: &Clusterwide) -> traft::Result<()> {
+        _ = storage;
+        acl_revoke_privilege_on_master(this)?;
+        Ok(())
+    }
+}
+
 ////////////////////////////////////////////////////////////////////////////////
 // acl global
 ////////////////////////////////////////////////////////////////////////////////