server: Improve equality handling in filters

Now the columns are checked and mapped to user columns, to avoid any ambiguity. Fixes #341.
2022-10-19 08:34:00 +02:00
parent 8d19678e39
commit 4c69f917e7
8 changed files with 86 additions and 51 deletions
--- a/server/src/infra/graphql/query.rs
+++ b/server/src/infra/graphql/query.rs
@@ -1,4 +1,8 @@
-use crate::domain::handler::{BackendHandler, GroupDetails, GroupId, UserId};
+use crate::domain::{
+    handler::{BackendHandler, GroupDetails, GroupId, UserId},
+    ldap::utils::map_user_field,
+    sql_tables::UserColumn,
+};
 use juniper::{graphql_object, FieldResult, GraphQLInputObject};
 use serde::{Deserialize, Serialize};
 use tracing::{debug, debug_span, Instrument};
@@ -50,10 +54,14 @@ impl TryInto<DomainRequestFilter> for RequestFilter {
            return Err("Multiple fields specified in request filter".to_string());
        }
        if let Some(e) = self.eq {
-            if e.field.to_lowercase() == "uid" {
-                return Ok(DomainRequestFilter::UserId(UserId::new(&e.value)));
+            if let Some(column) = map_user_field(&e.field) {
+                if column == UserColumn::UserId {
+                    return Ok(DomainRequestFilter::UserId(UserId::new(&e.value)));
+                }
+                return Ok(DomainRequestFilter::Equality(column, e.value));
+            } else {
+                return Err(format!("Unknown request filter: {}", &e.field));
            }
-            return Ok(DomainRequestFilter::Equality(e.field, e.value));
        }
        if let Some(c) = self.any {
            return Ok(DomainRequestFilter::Or(
@@ -451,11 +459,8 @@ mod tests {
        mock.expect_list_users()
            .with(
                eq(Some(UserRequestFilter::Or(vec![
-                    UserRequestFilter::Equality("id".to_string(), "bob".to_string()),
-                    UserRequestFilter::Equality(
-                        "email".to_string(),
-                        "robert@bobbers.on".to_string(),
-                    ),
+                    UserRequestFilter::UserId(UserId::new("bob")),
+                    UserRequestFilter::Equality(UserColumn::Email, "robert@bobbers.on".to_string()),
                ]))),
                eq(false),
            )
--- a/server/src/infra/ldap_handler.rs
+++ b/server/src/infra/ldap_handler.rs
@@ -447,7 +447,7 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
 mod tests {
    use super::*;
    use crate::{
-        domain::{error::Result, handler::*, opaque_handler::*},
+        domain::{error::Result, handler::*, opaque_handler::*, sql_tables::UserColumn},
        uuid,
    };
    use async_trait::async_trait;
@@ -1370,7 +1370,7 @@ mod tests {
            .with(
                eq(Some(UserRequestFilter::And(vec![UserRequestFilter::Or(
                    vec![UserRequestFilter::Not(Box::new(
-                        UserRequestFilter::Equality("first_name".to_string(), "bob".to_string()),
+                        UserRequestFilter::Equality(UserColumn::FirstName, "bob".to_string()),
                    ))],
                )]))),
                eq(false),