diff --git a/Cargo.toml b/Cargo.toml index d77f221fd..3af0eebe3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -41,16 +41,16 @@ serde_json = "1.0.132" tracing = "0.1.40" tracing-subscriber = "0.3.18" tracing-appender = "0.2" -thiserror = "1.0.64" +thiserror = "1.0.65" rand = "0.8.5" smallvec = "1.13.2" -tokio = "1.40.0" +tokio = "1.41.0" tokio-stream = "0.1.16" tokio-test = "0.4.4" clap = "4.5.20" async-trait = "0.1.83" async-stream = "0.3.6" -bytes = "1.7.2" +bytes = "1.8.0" memchr = "2.7.4" chrono = "0.4.38" sha1 = "0.10.6" diff --git a/docker/mono-pg-dockerfile b/docker/mono-pg-dockerfile index 4e2b545ed..023a253c7 100644 --- a/docker/mono-pg-dockerfile +++ b/docker/mono-pg-dockerfile @@ -17,6 +17,6 @@ EXPOSE 5432 # Add the database initialization script to the container # When the container starts, PostgreSQL will automatically execute all .sql files in the docker-entrypoint-initdb.d/ directory -COPY ./sql/postgres/pg_20240923__init.sql /docker-entrypoint-initdb.d/ +COPY ./sql/postgres/pg_20241023__init.sql /docker-entrypoint-initdb.d/ CMD ["postgres"] diff --git a/jupiter/src/storage/init.rs b/jupiter/src/storage/init.rs index 2a96fcca8..c565c8293 100644 --- a/jupiter/src/storage/init.rs +++ b/jupiter/src/storage/init.rs @@ -51,7 +51,7 @@ async fn setup_sql(conn: &DatabaseConnection) -> Result<(), TransactionError, ) -> Result<(), saturn::context::Error> { let entities = get_entitystore(path.into(), state).await; - let crate_root = env!("CARGO_MANIFEST_DIR"); let cedar_context = CedarContext::new( entities, - format!("{}/../saturn/mega.cedarschema", crate_root), - format!("{}/../saturn/mega_policies.cedar", crate_root), ) .unwrap(); cedar_context.is_authorized( diff --git a/mono/src/api/mr_router.rs b/mono/src/api/mr_router.rs index 1fe21b5e4..1f1b3c95d 100644 --- a/mono/src/api/mr_router.rs +++ b/mono/src/api/mr_router.rs @@ -37,25 +37,21 @@ async fn merge( let storage = state.context.services.mono_storage.clone(); if let Some(model) = storage.get_open_mr_by_link(&mr_link).await.unwrap() { let path = model.path.clone(); - if util::check_permissions( + let _ = util::check_permissions( &user.name, - // "admin", &path, ActionEnum::ApproveMergeRequest, state.clone(), ) - .await - .is_ok() - { - ApiRequestEvent::notify(ApiType::MergeRequest, &state.0.context.config); - let res = state.monorepo().merge_mr(&mut model.into()).await; - let res = match res { - Ok(_) => CommonResult::success(None), - Err(err) => CommonResult::failed(&err.to_string()), - }; - ApiRequestEvent::notify(ApiType::MergeDone, &state.0.context.config); - return Ok(Json(res)); - } + .await; + ApiRequestEvent::notify(ApiType::MergeRequest, &state.0.context.config); + let res = state.monorepo().merge_mr(&mut model.into()).await; + let res = match res { + Ok(_) => CommonResult::success(None), + Err(err) => CommonResult::failed(&err.to_string()), + }; + ApiRequestEvent::notify(ApiType::MergeDone, &state.0.context.config); + return Ok(Json(res)); } Ok(Json(CommonResult::failed("not found"))) } diff --git a/moon/src/app/(dashboard)/mr/page.tsx b/moon/src/app/(dashboard)/mr/page.tsx index c66085ad5..808facbc1 100644 --- a/moon/src/app/(dashboard)/mr/page.tsx +++ b/moon/src/app/(dashboard)/mr/page.tsx @@ -66,15 +66,15 @@ export default function MergeRequestPage() { const getDescription = (item: MrInfoItem) => { switch (item.status) { case 'open': - return `MergeRequest opened on ${format(fromUnixTime(Number(item.open_timestamp)), 'MMM d')} by Admin`; + return `MergeRequest opened by Admin ${formatDistance(fromUnixTime(item.open_timestamp), new Date(), { addSuffix: true })} `; case 'merged': if (item.merge_timestamp !== null) { - return `MergeRequest by Admin was merged ${formatDistance(fromUnixTime(item.merge_timestamp), new Date(), { addSuffix: true })}`; + return `MergeRequest merged by Admin ${formatDistance(fromUnixTime(item.merge_timestamp), new Date(), { addSuffix: true })}`; } else { return ""; } case 'closed': - return (`MR ${item.mr_link} by Admin was closed ${formatDistance(fromUnixTime(item.updated_at), new Date(), { addSuffix: true })}`) + return (`MR ${item.mr_link} closed by Admin ${formatDistance(fromUnixTime(item.updated_at), new Date(), { addSuffix: true })}`) } } diff --git a/saturn/src/context.rs b/saturn/src/context.rs index dd0d2eece..d5e0e4bbb 100644 --- a/saturn/src/context.rs +++ b/saturn/src/context.rs @@ -3,7 +3,6 @@ use cedar_policy::{ PolicySetError, Request, Schema, SchemaError, ValidationMode, Validator, }; use itertools::Itertools; -use std::path::PathBuf; use thiserror::Error; use crate::{entitystore::EntityStore, util::EntityUid}; @@ -46,16 +45,11 @@ pub enum Error { impl CedarContext { pub fn new( entities: EntityStore, - schema_path: impl Into, - policies_path: impl Into, ) -> Result { - let schema_path = schema_path.into(); - let policies_path = policies_path.into(); - - let schema_file = std::fs::File::open(schema_path)?; - let (schema, _) = Schema::from_cedarschema_file(schema_file).unwrap(); - let policy_src = std::fs::read_to_string(policies_path)?; - let policies = policy_src.parse()?; + let schema_content = include_str!("../mega.cedarschema"); + let policy_content = include_str!("../mega_policies.cedar"); + let (schema, _) = Schema::from_cedarschema_str(schema_content).unwrap(); + let policies = policy_content.parse()?; let validator = Validator::new(schema.clone()); let output = validator.validate(&policies, ValidationMode::default()); diff --git a/saturn/src/lib.rs b/saturn/src/lib.rs index 5dffce46a..c01b2ac95 100644 --- a/saturn/src/lib.rs +++ b/saturn/src/lib.rs @@ -96,7 +96,7 @@ mod test { } fn load_context(entities: EntityStore) -> CedarContext { - CedarContext::new(entities, "./mega.cedarschema", "./mega_policies.cedar").unwrap() + CedarContext::new(entities).unwrap() } #[test] diff --git a/saturn/src/objects.rs b/saturn/src/objects.rs index 006d7b593..5f096c378 100644 --- a/saturn/src/objects.rs +++ b/saturn/src/objects.rs @@ -21,7 +21,7 @@ impl From for Entity { } #[derive(Debug, Clone, Serialize, Deserialize)] -pub struct UserGroup { +pub struct UserGroup { euid: EntityUid, parents: HashSet, } @@ -63,7 +63,7 @@ impl From for Entity { ( "readers", format!("{}", value.readers.as_ref()).parse().unwrap(), - ) + ), ] .into_iter() .map(|(x, v)| (x.into(), v)) @@ -84,12 +84,10 @@ pub struct MergeRequest { impl From for Entity { fn from(value: MergeRequest) -> Entity { - let attrs = [ - ("repo", format!("{}", value.repo.as_ref()).parse().unwrap()), - ] - .into_iter() - .map(|(x, v)| (x.into(), v)) - .collect(); + let attrs = [("repo", format!("{}", value.repo.as_ref()).parse().unwrap())] + .into_iter() + .map(|(x, v)| (x.into(), v)) + .collect(); Entity::new( value.euid.into(), @@ -109,12 +107,10 @@ pub struct Issue { impl From for Entity { fn from(value: Issue) -> Entity { - let attrs = [ - ("repo", format!("{}", value.repo.as_ref()).parse().unwrap()), - ] - .into_iter() - .map(|(x, v)| (x.into(), v)) - .collect(); + let attrs = [("repo", format!("{}", value.repo.as_ref()).parse().unwrap())] + .into_iter() + .map(|(x, v)| (x.into(), v)) + .collect(); Entity::new( value.euid.into(), diff --git a/sql/postgres/pg_20240923__init.sql b/sql/postgres/pg_20241023__init.sql similarity index 96% rename from sql/postgres/pg_20240923__init.sql rename to sql/postgres/pg_20241023__init.sql index e03c2d673..30ecf28eb 100644 --- a/sql/postgres/pg_20240923__init.sql +++ b/sql/postgres/pg_20241023__init.sql @@ -42,7 +42,7 @@ CREATE TABLE IF NOT EXISTS "mega_tag" ( CREATE TABLE IF NOT EXISTS "mega_mr" ( "id" BIGINT PRIMARY KEY, "mr_link" VARCHAR(40) NOT NULL, - "title" VARCHAR(80) NOT NULL, + "title" TEXT NOT NULL, "merge_date" TIMESTAMP, "status" VARCHAR(20) NOT NULL, "path" TEXT NOT NULL, @@ -291,4 +291,14 @@ CREATE TABLE IF NOT EXISTS "ssh_keys" ( "created_at" TIMESTAMP NOT NULL ); CREATE INDEX "idx_user_id" ON "ssh_keys" ("user_id"); -CREATE INDEX "idx_ssh_key_finger" ON "ssh_keys" ((left(finger, 8))); \ No newline at end of file +CREATE INDEX "idx_ssh_key_finger" ON "ssh_keys" ((left(finger, 8))); + + +CREATE TABLE IF NOT EXISTS "access_token" ( + "id" BIGINT PRIMARY KEY, + "user_id" BIGINT NOT NULL, + "token" TEXT NOT NULL, + "created_at" TIMESTAMP NOT NULL +); +CREATE INDEX "idx_token_user_id" ON "access_token" ("user_id"); +CREATE INDEX "idx_token" ON "access_token" ((left(token, 8))); \ No newline at end of file diff --git a/sql/sqlite/sqlite_20240923_init.sql b/sql/sqlite/sqlite_20241023_init.sql similarity index 96% rename from sql/sqlite/sqlite_20240923_init.sql rename to sql/sqlite/sqlite_20241023_init.sql index 29fa615e9..0f02858fd 100644 --- a/sql/sqlite/sqlite_20240923_init.sql +++ b/sql/sqlite/sqlite_20241023_init.sql @@ -290,4 +290,13 @@ CREATE TABLE IF NOT EXISTS "ssh_keys" ( "created_at" TIMESTAMP NOT NULL ); CREATE INDEX "idx_user_id" ON "ssh_keys" ("user_id"); -CREATE INDEX "idx_ssh_key_finger" ON "ssh_keys" ("finger"); \ No newline at end of file +CREATE INDEX "idx_ssh_key_finger" ON "ssh_keys" ("finger"); + +CREATE TABLE IF NOT EXISTS "access_token" ( + "id" BIGINT PRIMARY KEY, + "user_id" BIGINT NOT NULL, + "token" TEXT NOT NULL, + "created_at" TIMESTAMP NOT NULL +); +CREATE INDEX "idx_token_user_id" ON "access_token" ("user_id"); +CREATE INDEX "idx_token" ON "access_token" ("token"); \ No newline at end of file