start making crud for groups

core/src/actions/group.rs

@@ -0,0 +1,23 @@
+use anyhow::anyhow;
+use types::{traits::Permissioned, Group, PermissionLevel};
+
+use crate::{auth::RequestUser, state::State};
+
+impl State {
+    pub async fn get_group_check_permissions(
+        &self,
+        deployment_id: &str,
+        user: &RequestUser,
+        permission_level: PermissionLevel,
+    ) -> anyhow::Result<Group> {
+        let group = self.db.get_group(deployment_id).await?;
+        let permissions = group.get_user_permissions(&user.id);
+        if user.is_admin || permissions >= permission_level {
+            Ok(group)
+        } else {
+            Err(anyhow!(
+                "user does not have required permissions on this deployment"
+            ))
+        }
+    }
+}

core/src/actions/mod.rs

@@ -5,6 +5,7 @@ use crate::state::State;
 
 mod build;
 mod deployment;
+mod group;
 mod procedure;
 mod server;
 

lib/db_client/src/collections.rs

@@ -1,72 +1,83 @@
-use anyhow::Context;
-use mungos::{Collection, Mungos};
-use types::{Build, Deployment, Procedure, Server, Update, User};
-
-pub async fn users_collection(mungos: &Mungos, db_name: &str) -> anyhow::Result<Collection<User>> {
-    let coll = mungos.collection(db_name, "users");
-    coll.create_unique_index("username")
-        .await
-        .context("failed at creating username index")?;
-    Ok(coll)
-}
-
-pub async fn servers_collection(
-    mungos: &Mungos,
-    db_name: &str,
-) -> anyhow::Result<Collection<Server>> {
-    let coll = mungos.collection(db_name, "servers");
-    coll.create_unique_index("name")
-        .await
-        .context("failed at creating name index")?;
-    Ok(coll)
-}
-
-pub async fn deployments_collection(
-    mungos: &Mungos,
-    db_name: &str,
-) -> anyhow::Result<Collection<Deployment>> {
-    let coll = mungos.collection(db_name, "deployments");
-    coll.create_unique_index("name")
-        .await
-        .context("failed at creating name index")?;
-    Ok(coll)
-}
-
-pub async fn builds_collection(
-    mungos: &Mungos,
-    db_name: &str,
-) -> anyhow::Result<Collection<Build>> {
-    let coll = mungos.collection(db_name, "builds");
-    coll.create_unique_index("name")
-        .await
-        .context("failed at creating name index")?;
-    Ok(coll)
-}
-
-pub async fn updates_collection(
-    mungos: &Mungos,
-    db_name: &str,
-) -> anyhow::Result<Collection<Update>> {
-    let coll = mungos.collection(db_name, "updates");
-    coll.create_index("entity_id")
-        .await
-        .context("failed at creating entity_id index")?;
-    coll.create_index("ts")
-        .await
-        .context("failed at creating ts index")?;
-    coll.create_index("operator")
-        .await
-        .context("failed at creating operator index")?;
-    Ok(coll)
-}
-
-pub async fn procedures_collection(
-    mungos: &Mungos,
-    db_name: &str,
-) -> anyhow::Result<Collection<Procedure>> {
-    let coll = mungos.collection(db_name, "procedures");
-    coll.create_index("name")
-        .await
-        .context("failed at creating entity_id index")?;
-    Ok(coll)
-}
+use anyhow::Context;
+use mungos::{Collection, Mungos};
+use types::{Build, Deployment, Group, Procedure, Server, Update, User};
+
+pub async fn users_collection(mungos: &Mungos, db_name: &str) -> anyhow::Result<Collection<User>> {
+    let coll = mungos.collection(db_name, "users");
+    coll.create_unique_index("username")
+        .await
+        .context("failed at creating username index")?;
+    Ok(coll)
+}
+
+pub async fn servers_collection(
+    mungos: &Mungos,
+    db_name: &str,
+) -> anyhow::Result<Collection<Server>> {
+    let coll = mungos.collection(db_name, "servers");
+    coll.create_unique_index("name")
+        .await
+        .context("failed at creating name index")?;
+    Ok(coll)
+}
+
+pub async fn deployments_collection(
+    mungos: &Mungos,
+    db_name: &str,
+) -> anyhow::Result<Collection<Deployment>> {
+    let coll = mungos.collection(db_name, "deployments");
+    coll.create_unique_index("name")
+        .await
+        .context("failed at creating name index")?;
+    Ok(coll)
+}
+
+pub async fn builds_collection(
+    mungos: &Mungos,
+    db_name: &str,
+) -> anyhow::Result<Collection<Build>> {
+    let coll = mungos.collection(db_name, "builds");
+    coll.create_unique_index("name")
+        .await
+        .context("failed at creating name index")?;
+    Ok(coll)
+}
+
+pub async fn updates_collection(
+    mungos: &Mungos,
+    db_name: &str,
+) -> anyhow::Result<Collection<Update>> {
+    let coll = mungos.collection(db_name, "updates");
+    coll.create_index("entity_id")
+        .await
+        .context("failed at creating entity_id index")?;
+    coll.create_index("ts")
+        .await
+        .context("failed at creating ts index")?;
+    coll.create_index("operator")
+        .await
+        .context("failed at creating operator index")?;
+    Ok(coll)
+}
+
+pub async fn procedures_collection(
+    mungos: &Mungos,
+    db_name: &str,
+) -> anyhow::Result<Collection<Procedure>> {
+    let coll = mungos.collection(db_name, "procedures");
+    coll.create_unique_index("name")
+        .await
+        .context("failed at creating entity_id index")?;
+    Ok(coll)
+}
+
+pub async fn groups_collection(
+    mungos: &Mungos,
+    db_name: &str,
+) -> anyhow::Result<Collection<Group>> {
+    let coll = mungos.collection(db_name, "groups");
+    coll.create_unique_index("name")
+        .await
+        .context("failed at creating name index")?;
+    Ok(coll)
+}

lib/db_client/src/lib.rs

@@ -2,11 +2,13 @@ use std::time::Duration;
 
 use anyhow::{anyhow, Context};
 use collections::{
-    builds_collection, deployments_collection, procedures_collection, servers_collection,
-    updates_collection, users_collection,
+    builds_collection, deployments_collection, groups_collection, procedures_collection,
+    servers_collection, updates_collection, users_collection,
 };
 use mungos::{Collection, Mungos};
-use types::{Build, Deployment, MongoConfig, PermissionLevel, Procedure, Server, Update, User};
+use types::{
+    Build, Deployment, Group, MongoConfig, PermissionLevel, Procedure, Server, Update, User,
+};
 
 mod collections;
 
@@ -16,6 +18,7 @@ pub struct DbClient {
     pub deployments: Collection<Deployment>,
     pub builds: Collection<Build>,
     pub procedures: Collection<Procedure>,
+    pub groups: Collection<Group>,
     pub updates: Collection<Update>,
 }
 
@@ -44,6 +47,9 @@ impl DbClient {
             procedures: procedures_collection(&mungos, db_name)
                 .await
                 .expect("failed to make procedures collection"),
+            groups: groups_collection(&mungos, db_name)
+                .await
+                .expect("failed to make groups collection"),
         }
     }
 
@@ -156,4 +162,28 @@ impl DbClient {
             .unwrap_or_default();
         Ok(permissions)
     }
+
+    pub async fn get_group(&self, group_id: &str) -> anyhow::Result<Group> {
+        let group = self
+            .groups
+            .find_one_by_id(group_id)
+            .await
+            .context(format!("failed at mongo query for group {group_id}"))?
+            .ok_or(anyhow!("group at {group_id} doesn't exist"))?;
+        Ok(group)
+    }
+
+    pub async fn get_user_permission_on_group(
+        &self,
+        user_id: &str,
+        group_id: &str,
+    ) -> anyhow::Result<PermissionLevel> {
+        let permissions = *self
+            .get_group(group_id)
+            .await?
+            .permissions
+            .get(user_id)
+            .unwrap_or_default();
+        Ok(permissions)
+    }
 }

lib/types/src/traits.rs

@@ -1,6 +1,6 @@
 use crate::{
-    Build, BuildActionState, Deployment, DeploymentActionState, PermissionLevel, PermissionsMap,
-    Procedure, Server, ServerActionState,
+    Build, BuildActionState, Deployment, DeploymentActionState, Group, PermissionLevel,
+    PermissionsMap, Procedure, Server, ServerActionState,
 };
 
 pub trait Permissioned {
@@ -35,6 +35,12 @@ impl Permissioned for Procedure {
     }
 }
 
+impl Permissioned for Group {
+    fn permissions_map(&self) -> &PermissionsMap {
+        &self.permissions
+    }
+}
+
 pub trait Busy {
     fn busy(&self) -> bool;
 }