mirror of
https://github.com/stalwartlabs/mail-server.git
synced 2025-10-10 20:45:48 +08:00
Renamed principal revision to token revision
This commit is contained in:
mdecimus
parent
61e63d1ead
commit
69bb04d1e6
8 changed files with 21 additions and 24 deletions
|
|
@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file. This projec
|
||||||
|
|
||||||
## [0.11.2] - 2025-01-17
|
## [0.11.2] - 2025-01-17
|
||||||
|
|
||||||
To upgrade update the webadmin and then replace the `stalwart-mail` binary.
|
To upgrade replace the `stalwart-mail` binary and then upgrade to the latest web-admin.
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
- Automatic revoking of access tokens when secrets, permissions, ACLs or group memberships change (#649).
|
- Automatic revoking of access tokens when secrets, permissions, ACLs or group memberships change (#649).
|
||||||
|
|
@ -19,7 +19,7 @@ To upgrade update the webadmin and then replace the `stalwart-mail` binary.
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- Distributed locking issues in non-Redis stores (#1066).
|
- Distributed locking issues in non-Redis stores (#1066).
|
||||||
- S3 incorrect backoff wait time.
|
- S3 incorrect backoff wait time after failures.
|
||||||
- Panic parsing broken HTMLs.
|
- Panic parsing broken HTMLs.
|
||||||
- Update CLI response serializer to v0.11.x (#1082).
|
- Update CLI response serializer to v0.11.x (#1082).
|
||||||
- Histogram bucket counts (#1079).
|
- Histogram bucket counts (#1079).
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@ use utils::map::{
|
||||||
vec_map::VecMap,
|
vec_map::VecMap,
|
||||||
};
|
};
|
||||||
|
|
||||||
use crate::{Server, KV_PRINCIPAL_REVISION};
|
use crate::{Server, KV_TOKEN_REVISION};
|
||||||
|
|
||||||
use super::{roles::RolePermissions, AccessToken, ResourceToken, TenantInfo};
|
use super::{roles::RolePermissions, AccessToken, ResourceToken, TenantInfo};
|
||||||
|
|
||||||
|
|
@ -201,7 +201,7 @@ impl Server {
|
||||||
|
|
||||||
// Obtain current revision
|
// Obtain current revision
|
||||||
let principal_id = principal.id();
|
let principal_id = principal.id();
|
||||||
let revision = self.fetch_principal_revision(principal_id).await;
|
let revision = self.fetch_token_revision(principal_id).await;
|
||||||
|
|
||||||
match self
|
match self
|
||||||
.inner
|
.inner
|
||||||
|
|
@ -252,7 +252,7 @@ impl Server {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn increment_principal_revision(&self, changed_principals: ChangedPrincipals) {
|
pub async fn increment_token_revision(&self, changed_principals: ChangedPrincipals) {
|
||||||
let mut nested_principals = Vec::new();
|
let mut nested_principals = Vec::new();
|
||||||
|
|
||||||
for (id, changed_principal) in changed_principals.iter() {
|
for (id, changed_principal) in changed_principals.iter() {
|
||||||
|
|
@ -335,8 +335,7 @@ impl Server {
|
||||||
if let Err(err) = self
|
if let Err(err) = self
|
||||||
.in_memory_store()
|
.in_memory_store()
|
||||||
.counter_incr(
|
.counter_incr(
|
||||||
KeyValue::with_prefix(KV_PRINCIPAL_REVISION, id.to_be_bytes(), 1)
|
KeyValue::with_prefix(KV_TOKEN_REVISION, id.to_be_bytes(), 1).expires(30 * 86400),
|
||||||
.expires(30 * 86400),
|
|
||||||
false,
|
false,
|
||||||
)
|
)
|
||||||
.await
|
.await
|
||||||
|
|
@ -347,11 +346,11 @@ impl Server {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn fetch_principal_revision(&self, id: u32) -> Option<u64> {
|
pub async fn fetch_token_revision(&self, id: u32) -> Option<u64> {
|
||||||
match self
|
match self
|
||||||
.in_memory_store()
|
.in_memory_store()
|
||||||
.counter_get(KeyValue::<()>::build_key(
|
.counter_get(KeyValue::<()>::build_key(
|
||||||
KV_PRINCIPAL_REVISION,
|
KV_TOKEN_REVISION,
|
||||||
id.to_be_bytes(),
|
id.to_be_bytes(),
|
||||||
))
|
))
|
||||||
.await
|
.await
|
||||||
|
|
|
||||||
|
|
@ -35,7 +35,7 @@ impl Server {
|
||||||
ROLE_ADMIN => Ok(ADMIN_PERMISSIONS.clone()),
|
ROLE_ADMIN => Ok(ADMIN_PERMISSIONS.clone()),
|
||||||
ROLE_TENANT_ADMIN => Ok(TENANT_ADMIN_PERMISSIONS.clone()),
|
ROLE_TENANT_ADMIN => Ok(TENANT_ADMIN_PERMISSIONS.clone()),
|
||||||
role_id => {
|
role_id => {
|
||||||
let revision = self.fetch_principal_revision(role_id).await;
|
let revision = self.fetch_token_revision(role_id).await;
|
||||||
|
|
||||||
match self
|
match self
|
||||||
.inner
|
.inner
|
||||||
|
|
@ -118,7 +118,7 @@ impl Server {
|
||||||
}
|
}
|
||||||
role_id => {
|
role_id => {
|
||||||
// Try with the cache
|
// Try with the cache
|
||||||
let revision = self.fetch_principal_revision(role_id).await;
|
let revision = self.fetch_token_revision(role_id).await;
|
||||||
if let Some(role_permissions) = self
|
if let Some(role_permissions) = self
|
||||||
.inner
|
.inner
|
||||||
.cache
|
.cache
|
||||||
|
|
|
||||||
|
|
@ -82,7 +82,7 @@ pub const KV_RATE_LIMIT_CONTACT: u8 = 7;
|
||||||
pub const KV_RATE_LIMIT_HTTP_AUTHENTICATED: u8 = 8;
|
pub const KV_RATE_LIMIT_HTTP_AUTHENTICATED: u8 = 8;
|
||||||
pub const KV_RATE_LIMIT_HTTP_ANONYMOUS: u8 = 9;
|
pub const KV_RATE_LIMIT_HTTP_ANONYMOUS: u8 = 9;
|
||||||
pub const KV_RATE_LIMIT_IMAP: u8 = 10;
|
pub const KV_RATE_LIMIT_IMAP: u8 = 10;
|
||||||
pub const KV_PRINCIPAL_REVISION: u8 = 11;
|
pub const KV_TOKEN_REVISION: u8 = 11;
|
||||||
pub const KV_REPUTATION_IP: u8 = 12;
|
pub const KV_REPUTATION_IP: u8 = 12;
|
||||||
pub const KV_REPUTATION_FROM: u8 = 13;
|
pub const KV_REPUTATION_FROM: u8 = 13;
|
||||||
pub const KV_REPUTATION_DOMAIN: u8 = 14;
|
pub const KV_REPUTATION_DOMAIN: u8 = 14;
|
||||||
|
|
|
||||||
|
|
@ -371,7 +371,7 @@ impl<T: SessionStream> Session<T> {
|
||||||
|
|
||||||
// Invalidate ACLs
|
// Invalidate ACLs
|
||||||
data.server
|
data.server
|
||||||
.increment_principal_revision(ChangedPrincipals::from_change(
|
.increment_token_revision(ChangedPrincipals::from_change(
|
||||||
acl_account_id,
|
acl_account_id,
|
||||||
Type::Individual,
|
Type::Individual,
|
||||||
PrincipalField::EnabledPermissions,
|
PrincipalField::EnabledPermissions,
|
||||||
|
|
|
||||||
|
|
@ -183,7 +183,7 @@ impl PrincipalManager for Server {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Increment revision
|
// Increment revision
|
||||||
self.increment_principal_revision(result.changed_principals)
|
self.increment_token_revision(result.changed_principals)
|
||||||
.await;
|
.await;
|
||||||
|
|
||||||
Ok(JsonResponse::new(json!({
|
Ok(JsonResponse::new(json!({
|
||||||
|
|
@ -372,9 +372,7 @@ impl PrincipalManager for Server {
|
||||||
{
|
{
|
||||||
Ok(changed_principals) => {
|
Ok(changed_principals) => {
|
||||||
// Increment revision
|
// Increment revision
|
||||||
server
|
server.increment_token_revision(changed_principals).await;
|
||||||
.increment_principal_revision(changed_principals)
|
|
||||||
.await;
|
|
||||||
}
|
}
|
||||||
Err(err) => {
|
Err(err) => {
|
||||||
trc::error!(err.details("Failed to delete principal"));
|
trc::error!(err.details("Failed to delete principal"));
|
||||||
|
|
@ -524,7 +522,7 @@ impl PrincipalManager for Server {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Increment revision
|
// Increment revision
|
||||||
self.increment_principal_revision(changed_principals).await;
|
self.increment_token_revision(changed_principals).await;
|
||||||
|
|
||||||
Ok(JsonResponse::new(json!({
|
Ok(JsonResponse::new(json!({
|
||||||
"data": (),
|
"data": (),
|
||||||
|
|
@ -653,7 +651,7 @@ impl PrincipalManager for Server {
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
// Increment revision
|
// Increment revision
|
||||||
self.increment_principal_revision(changed_principals).await;
|
self.increment_token_revision(changed_principals).await;
|
||||||
|
|
||||||
Ok(JsonResponse::new(json!({
|
Ok(JsonResponse::new(json!({
|
||||||
"data": (),
|
"data": (),
|
||||||
|
|
@ -753,7 +751,7 @@ impl PrincipalManager for Server {
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
// Increment revision
|
// Increment revision
|
||||||
self.increment_principal_revision(ChangedPrincipals::from_change(
|
self.increment_token_revision(ChangedPrincipals::from_change(
|
||||||
access_token.primary_id(),
|
access_token.primary_id(),
|
||||||
Type::Individual,
|
Type::Individual,
|
||||||
PrincipalField::Secrets,
|
PrincipalField::Secrets,
|
||||||
|
|
@ -824,7 +822,7 @@ impl PrincipalManager for Server {
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
// Increment revision
|
// Increment revision
|
||||||
self.increment_principal_revision(changed_principals).await;
|
self.increment_token_revision(changed_principals).await;
|
||||||
|
|
||||||
Ok(JsonResponse::new(json!({
|
Ok(JsonResponse::new(json!({
|
||||||
"data": (),
|
"data": (),
|
||||||
|
|
|
||||||
|
|
@ -415,7 +415,7 @@ impl AclMethods for Server {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
self.increment_principal_revision(changed_principals).await;
|
self.increment_token_revision(changed_principals).await;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -664,7 +664,7 @@ pub async fn test(params: &mut JMAPTest) {
|
||||||
// Add John and Jane to the Sales group
|
// Add John and Jane to the Sales group
|
||||||
for name in ["jdoe@example.com", "jane.smith@example.com"] {
|
for name in ["jdoe@example.com", "jane.smith@example.com"] {
|
||||||
server
|
server
|
||||||
.increment_principal_revision(
|
.increment_token_revision(
|
||||||
server
|
server
|
||||||
.core
|
.core
|
||||||
.storage
|
.storage
|
||||||
|
|
@ -768,7 +768,7 @@ pub async fn test(params: &mut JMAPTest) {
|
||||||
|
|
||||||
// Remove John from the sales group
|
// Remove John from the sales group
|
||||||
server
|
server
|
||||||
.increment_principal_revision(
|
.increment_token_revision(
|
||||||
server
|
server
|
||||||
.core
|
.core
|
||||||
.storage
|
.storage
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue