stalwartlabs/mail-server
1
1
Fork 0
mirror of https://github.com/stalwartlabs/mail-server.git synced 2025-10-04 17:54:20 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add pre-deploy HTTP endpoint

Browse source
This commit is contained in:
mdecimus 2025-06-15 20:02:57 +02:00
parent 2b5e397b73
commit 55e62a6830
1 changed files with 19 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
crates/http/src/management/principal.rs
View file

@ -64,7 +64,7 @@ pub trait PrincipalManager: Sync + Send {
body: Option<Vec<u8>>, body: Option<Vec<u8>>,
) -> impl Future<Output = trc::Result<HttpResponse>> + Send; ) -> impl Future<Output = trc::Result<HttpResponse>> + Send;
fn assert_supported_directory(&self) -> trc::Result<()>; fn assert_supported_directory(&self, override_: bool) -> trc::Result<()>;
} }
impl PrincipalManager for Server { impl PrincipalManager for Server {
@ -75,8 +75,8 @@ impl PrincipalManager for Server {
body: Option<Vec<u8>>, body: Option<Vec<u8>>,
access_token: &AccessToken, access_token: &AccessToken,
) -> trc::Result<HttpResponse> { ) -> trc::Result<HttpResponse> {
match (path.get(1), req.method()) { match (path.get(1).copied(), req.method()) {
(None, &Method::POST) => { (None | Some("deploy"), &Method::POST) => {
// Parse principal // Parse principal
let principal = let principal =
serde_json::from_slice::<PrincipalSet>(body.as_deref().unwrap_or_default()) serde_json::from_slice::<PrincipalSet>(body.as_deref().unwrap_or_default())
@ -114,7 +114,7 @@ impl PrincipalManager for Server {
// Make sure the current directory supports updates // Make sure the current directory supports updates
if matches!(principal.typ(), Type::Individual) { if matches!(principal.typ(), Type::Individual) {
self.assert_supported_directory()?; self.assert_supported_directory(path.get(1).copied() == Some("deploy"))?;
} }
// Validate roles // Validate roles
@ -575,7 +575,7 @@ impl PrincipalManager for Server {
for change in &changes { for change in &changes {
match change.field { match change.field {
PrincipalField::Secrets => { PrincipalField::Secrets => {
self.assert_supported_directory()?; self.assert_supported_directory(false)?;
} }
PrincipalField::Name PrincipalField::Name
| PrincipalField::Emails | PrincipalField::Emails
@ -793,7 +793,7 @@ impl PrincipalManager for Server {
} }
// Make sure the current directory supports updates // Make sure the current directory supports updates
self.assert_supported_directory()?; self.assert_supported_directory(false)?;
// Build actions // Build actions
let mut actions = Vec::with_capacity(requests.len()); let mut actions = Vec::with_capacity(requests.len());
@ -850,7 +850,7 @@ impl PrincipalManager for Server {
.into_http_response()) .into_http_response())
} }
fn assert_supported_directory(&self) -> trc::Result<()> { fn assert_supported_directory(&self, override_: bool) -> trc::Result<()> {
let class = match &self.core.storage.directory.store { let class = match &self.core.storage.directory.store {
DirectoryInner::Internal(_) => return Ok(()), DirectoryInner::Internal(_) => return Ok(()),
DirectoryInner::Ldap(_) => "LDAP", DirectoryInner::Ldap(_) => "LDAP",
@ -861,13 +861,17 @@ impl PrincipalManager for Server {
DirectoryInner::OpenId(_) => "OpenID", DirectoryInner::OpenId(_) => "OpenID",
}; };
Err(manage::unsupported(format!( if !override_ {
concat!( Err(manage::unsupported(format!(
"{} directory cannot be managed. ", concat!(
"Only internal directories support inserts ", "{} directory cannot be managed. ",
"and update operations." "Only internal directories support inserts ",
), "and update operations."
class ),
))) class
)))
} else {
Ok(())
}
} }
} }