Skip to content

Commit 5fc83f4

Browse files
committed
style: apply rustfmt to ownership handler code
Break long method chains across multiple lines to satisfy the project's rustfmt configuration. Signed-off-by: Paolo Dettori <paolo@dettori.dev> Signed-off-by: Paolo Dettori <dettori@us.ibm.com>
1 parent d31d1f1 commit 5fc83f4

3 files changed

Lines changed: 72 additions & 21 deletions

File tree

crates/openshell-server/src/auth/ownership.rs

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -103,9 +103,7 @@ pub fn check_owner(
103103

104104
let caller_value = sanitize_subject(&identity.subject)?;
105105
if caller_value != *owner_value {
106-
return Err(Status::permission_denied(
107-
"you do not own this sandbox",
108-
));
106+
return Err(Status::permission_denied("you do not own this sandbox"));
109107
}
110108

111109
Ok(())
@@ -368,7 +366,8 @@ mod tests {
368366

369367
#[test]
370368
fn owner_selector_anonymous_no_filter() {
371-
let result = owner_selector(Some(&Principal::Anonymous), "env=dev", "openshell-admin").unwrap();
369+
let result =
370+
owner_selector(Some(&Principal::Anonymous), "env=dev", "openshell-admin").unwrap();
372371
assert_eq!(result, "env=dev");
373372
}
374373

crates/openshell-server/src/grpc/sandbox.rs

Lines changed: 57 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -143,7 +143,10 @@ async fn handle_create_sandbox_inner(
143143
state: &Arc<ServerState>,
144144
request: Request<CreateSandboxRequest>,
145145
) -> Result<Response<SandboxResponse>, Status> {
146-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
146+
let principal = request
147+
.extensions()
148+
.get::<crate::auth::principal::Principal>()
149+
.cloned();
147150
let mut request = request.into_inner();
148151
let spec = request
149152
.spec
@@ -260,7 +263,10 @@ pub(super) async fn handle_get_sandbox(
260263
state: &Arc<ServerState>,
261264
request: Request<GetSandboxRequest>,
262265
) -> Result<Response<SandboxResponse>, Status> {
263-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
266+
let principal = request
267+
.extensions()
268+
.get::<crate::auth::principal::Principal>()
269+
.cloned();
264270
let name = request.into_inner().name;
265271
if name.is_empty() {
266272
return Err(Status::invalid_argument("name is required"));
@@ -283,7 +289,10 @@ pub(super) async fn handle_list_sandboxes(
283289
state: &Arc<ServerState>,
284290
request: Request<ListSandboxesRequest>,
285291
) -> Result<Response<ListSandboxesResponse>, Status> {
286-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
292+
let principal = request
293+
.extensions()
294+
.get::<crate::auth::principal::Principal>()
295+
.cloned();
287296
let request = request.into_inner();
288297
let limit = clamp_limit(request.limit, 100, MAX_PAGE_SIZE);
289298

@@ -317,7 +326,10 @@ pub(super) async fn handle_list_sandbox_providers(
317326
state: &Arc<ServerState>,
318327
request: Request<ListSandboxProvidersRequest>,
319328
) -> Result<Response<ListSandboxProvidersResponse>, Status> {
320-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
329+
let principal = request
330+
.extensions()
331+
.get::<crate::auth::principal::Principal>()
332+
.cloned();
321333
let sandbox = sandbox_by_name(state, &request.into_inner().sandbox_name).await?;
322334
check_sandbox_owner(&sandbox, principal.as_ref(), state)?;
323335
let providers = providers_for_sandbox(state, &sandbox).await?;
@@ -328,7 +340,10 @@ pub(super) async fn handle_attach_sandbox_provider(
328340
state: &Arc<ServerState>,
329341
request: Request<AttachSandboxProviderRequest>,
330342
) -> Result<Response<AttachSandboxProviderResponse>, Status> {
331-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
343+
let principal = request
344+
.extensions()
345+
.get::<crate::auth::principal::Principal>()
346+
.cloned();
332347
let request = request.into_inner();
333348
if request.provider_name.is_empty() {
334349
return Err(Status::invalid_argument("provider_name is required"));
@@ -444,7 +459,10 @@ pub(super) async fn handle_detach_sandbox_provider(
444459
state: &Arc<ServerState>,
445460
request: Request<DetachSandboxProviderRequest>,
446461
) -> Result<Response<DetachSandboxProviderResponse>, Status> {
447-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
462+
let principal = request
463+
.extensions()
464+
.get::<crate::auth::principal::Principal>()
465+
.cloned();
448466
let request = request.into_inner();
449467
if request.provider_name.is_empty() {
450468
return Err(Status::invalid_argument("provider_name is required"));
@@ -538,7 +556,10 @@ async fn handle_delete_sandbox_inner(
538556
state: &Arc<ServerState>,
539557
request: Request<DeleteSandboxRequest>,
540558
) -> Result<Response<DeleteSandboxResponse>, Status> {
541-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
559+
let principal = request
560+
.extensions()
561+
.get::<crate::auth::principal::Principal>()
562+
.cloned();
542563
let name = request.into_inner().name;
543564
if name.is_empty() {
544565
return Err(Status::invalid_argument("name is required"));
@@ -623,7 +644,10 @@ pub(super) async fn handle_watch_sandbox(
623644
state: &Arc<ServerState>,
624645
request: Request<WatchSandboxRequest>,
625646
) -> Result<Response<ReceiverStream<Result<SandboxStreamEvent, Status>>>, Status> {
626-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
647+
let principal = request
648+
.extensions()
649+
.get::<crate::auth::principal::Principal>()
650+
.cloned();
627651
let req = request.into_inner();
628652
if req.id.is_empty() {
629653
return Err(Status::invalid_argument("id is required"));
@@ -863,7 +887,10 @@ pub(super) async fn handle_exec_sandbox(
863887
) -> Result<Response<ReceiverStream<Result<ExecSandboxEvent, Status>>>, Status> {
864888
use openshell_core::ObjectId;
865889

866-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
890+
let principal = request
891+
.extensions()
892+
.get::<crate::auth::principal::Principal>()
893+
.cloned();
867894
let req = request.into_inner();
868895
if req.sandbox_id.is_empty() {
869896
return Err(Status::invalid_argument("sandbox_id is required"));
@@ -980,7 +1007,10 @@ pub(super) async fn handle_forward_tcp(
9801007
>,
9811008
Status,
9821009
> {
983-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
1010+
let principal = request
1011+
.extensions()
1012+
.get::<crate::auth::principal::Principal>()
1013+
.cloned();
9841014
let mut inbound = request.into_inner();
9851015
let first = inbound
9861016
.message()
@@ -1315,7 +1345,10 @@ pub(super) async fn handle_exec_sandbox_interactive(
13151345
) -> Result<Response<ReceiverStream<Result<ExecSandboxEvent, Status>>>, Status> {
13161346
use openshell_core::ObjectId;
13171347

1318-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
1348+
let principal = request
1349+
.extensions()
1350+
.get::<crate::auth::principal::Principal>()
1351+
.cloned();
13191352
let mut input_stream = request.into_inner();
13201353

13211354
let first_msg = input_stream
@@ -1394,7 +1427,10 @@ pub(super) async fn handle_create_ssh_session(
13941427
state: &Arc<ServerState>,
13951428
request: Request<CreateSshSessionRequest>,
13961429
) -> Result<Response<CreateSshSessionResponse>, Status> {
1397-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
1430+
let principal = request
1431+
.extensions()
1432+
.get::<crate::auth::principal::Principal>()
1433+
.cloned();
13981434
let req = request.into_inner();
13991435
if req.sandbox_id.is_empty() {
14001436
return Err(Status::invalid_argument("sandbox_id is required"));
@@ -1472,7 +1508,10 @@ pub(super) async fn handle_revoke_ssh_session(
14721508
state: &Arc<ServerState>,
14731509
request: Request<RevokeSshSessionRequest>,
14741510
) -> Result<Response<RevokeSshSessionResponse>, Status> {
1475-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
1511+
let principal = request
1512+
.extensions()
1513+
.get::<crate::auth::principal::Principal>()
1514+
.cloned();
14761515
let token = request.into_inner().token;
14771516
if token.is_empty() {
14781517
return Err(Status::invalid_argument("token is required"));
@@ -1490,7 +1529,11 @@ pub(super) async fn handle_revoke_ssh_session(
14901529

14911530
// Ownership check: look up the sandbox referenced by this session.
14921531
if !session.sandbox_id.is_empty() {
1493-
if let Ok(Some(sandbox)) = state.store.get_message::<Sandbox>(&session.sandbox_id).await {
1532+
if let Ok(Some(sandbox)) = state
1533+
.store
1534+
.get_message::<Sandbox>(&session.sandbox_id)
1535+
.await
1536+
{
14941537
check_sandbox_owner(&sandbox, principal.as_ref(), state)?;
14951538
}
14961539
}

crates/openshell-server/src/grpc/service.rs

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,10 @@ pub(super) async fn handle_expose_service(
2525
state: &Arc<ServerState>,
2626
request: Request<ExposeServiceRequest>,
2727
) -> Result<Response<ServiceEndpointResponse>, Status> {
28-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
28+
let principal = request
29+
.extensions()
30+
.get::<crate::auth::principal::Principal>()
31+
.cloned();
2932
let req = request.into_inner();
3033
validate_endpoint_name("sandbox", &req.sandbox, MAX_SANDBOX_NAME_LEN)?;
3134
validate_optional_endpoint_name("service", &req.service, MAX_SERVICE_NAME_LEN)?;
@@ -130,7 +133,10 @@ pub(super) async fn handle_get_service(
130133
state: &Arc<ServerState>,
131134
request: Request<GetServiceRequest>,
132135
) -> Result<Response<ServiceEndpointResponse>, Status> {
133-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
136+
let principal = request
137+
.extensions()
138+
.get::<crate::auth::principal::Principal>()
139+
.cloned();
134140
let req = request.into_inner();
135141
validate_endpoint_name("sandbox", &req.sandbox, MAX_SANDBOX_NAME_LEN)?;
136142
validate_optional_endpoint_name("service", &req.service, MAX_SERVICE_NAME_LEN)?;
@@ -183,7 +189,10 @@ pub(super) async fn handle_delete_service(
183189
state: &Arc<ServerState>,
184190
request: Request<DeleteServiceRequest>,
185191
) -> Result<Response<DeleteServiceResponse>, Status> {
186-
let principal = request.extensions().get::<crate::auth::principal::Principal>().cloned();
192+
let principal = request
193+
.extensions()
194+
.get::<crate::auth::principal::Principal>()
195+
.cloned();
187196
let req = request.into_inner();
188197
validate_endpoint_name("sandbox", &req.sandbox, MAX_SANDBOX_NAME_LEN)?;
189198
validate_optional_endpoint_name("service", &req.service, MAX_SERVICE_NAME_LEN)?;

0 commit comments

Comments
 (0)