From 0f0479ca53ff2456b84c91edcaea4e438f949014 Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Sun, 30 May 2021 20:34:08 +0100 Subject: [PATCH] authproofs: Rename methods with proof obligation to "promise" Signed-off-by: Ian Jackson --- daemon/cmdlistener.rs | 42 +++++++++++++++++++++--------------------- daemon/main.rs | 2 +- src/accounts.rs | 2 +- src/asseturl.rs | 2 +- src/authproofs.rs | 10 +++++----- src/bundles.rs | 6 +++--- src/global.rs | 6 +++--- src/sshkeys.rs | 2 +- 8 files changed, 36 insertions(+), 36 deletions(-) diff --git a/daemon/cmdlistener.rs b/daemon/cmdlistener.rs index 650a1705..76f5e43d 100644 --- a/daemon/cmdlistener.rs +++ b/daemon/cmdlistener.rs @@ -161,7 +161,7 @@ fn execute_and_respond(cs: &mut CommandStreamData, cmd: MgmtCommand, } else { let ag = AccountsGuard::lock(); let auth = authorise_scope_direct(cs, &ag, &AccountScope::Server)?; - let auth = auth.therefore_ok(); + let auth = auth.so_promise(); cs.authstate = AuthState::Superuser { euid: preserve_euid, auth }; } Fine @@ -170,7 +170,7 @@ fn execute_and_respond(cs: &mut CommandStreamData, cmd: MgmtCommand, let good_uid = Some(config().ssh_proxy_uid); let auth = cs.authorised_uid(good_uid, Some("SetRestrictedScope")) .map_err(|_| ME::AuthorisationError)?; - let auth = auth.therefore_ok(); + let auth = auth.so_promise(); cs.authstate = AuthState::Ssh { key, auth }; Fine }, @@ -229,7 +229,7 @@ fn execute_and_respond(cs: &mut CommandStreamData, cmd: MgmtCommand, cs.account = Some(AccountSpecified { cooked: wanted_account.to_string(), notional_account: wanted_account, - auth: auth.therefore_ok(), + auth: auth.so_promise(), }); Fine } @@ -278,7 +278,7 @@ fn execute_and_respond(cs: &mut CommandStreamData, cmd: MgmtCommand, execute_for_game(cs, &mut ag, &mut ig, insns, MgmtGameUpdateMode::Bulk) .map_err(|e|{ - let ig = ig.by(Authorisation::authorise_any()); + let ig = ig.by(Authorisation::promise_any()); let name = ig.name.clone(); let InstanceGuard { c, .. } = ig; Instance::destroy_game(&mut games, c, auth) @@ -352,7 +352,7 @@ fn execute_and_respond(cs: &mut CommandStreamData, cmd: MgmtCommand, MC::ListGames { all } => { let ag = AccountsGuard::lock(); let names = Instance::list_names( - None, Authorisation::authorise_any()); + None, Authorisation::promise_any()); let auth_all = if all == Some(true) { let auth = cs.superuser().ok_or(ME::AuthorisationError)?.into(); Some(auth) @@ -722,7 +722,7 @@ fn execute_game_insn<'cs, 'igr, 'ig: 'igr>( let (player, update, logentry) = ig.player_new(gpl, ipl, arecord.account.clone(), logentry)?; - let atr = ig.player_access_reset(ag, player, auth.therefore_ok())?; + let atr = ig.player_access_reset(ag, player, auth.so_promise())?; (U{ pcs: vec![], log: vec![ logentry ], @@ -1220,7 +1220,7 @@ fn execute_for_game<'cs, 'igr, 'ig: 'igr>( let who = if_chain! { let account = &cs.current_account()?.notional_account; - let ig = igu.by_ref(Authorisation::authorise_any()); + let ig = igu.by_ref(Authorisation::promise_any()); if let Ok((_, acctid)) = ag.lookup(account); if let Some((player,_)) = ig.iplayers.iter() .filter(|(_,ipr)| ipr.ipl.acctid == acctid) @@ -1286,7 +1286,7 @@ fn execute_for_game<'cs, 'igr, 'ig: 'igr>( execute_game_insn(cs, ag, igu, insn, &who, &mut to_permute)?; let st = uh_auth.get_or_insert_with(||{ - let auth = Authorisation::authorised(&*ig.name); + let auth = Authorisation::promise_for(&*ig.name); let uh = UpdateHandler::from_how(how); St { uh, auth, have_deleted: false } }); @@ -1323,7 +1323,7 @@ fn execute_for_game<'cs, 'igr, 'ig: 'igr>( })(); (r, { - let ig = igu.by_mut(Authorisation::authorise_any()); + let ig = igu.by_mut(Authorisation::promise_any()); let g = &mut **ig; let gs = &mut g.gs; to_permute.implement(&mut gs.players, @@ -1334,7 +1334,7 @@ fn execute_for_game<'cs, 'igr, 'ig: 'igr>( }); if let Some(uu) = uu { - let mut ig = igu.by_mut(Authorisation::authorise_any()); + let mut ig = igu.by_mut(Authorisation::promise_any()); let mut prepub = PrepareUpdatesBuffer::new(&mut ig, None); uu(&mut prepub); prepub.finish(); @@ -1572,7 +1572,7 @@ impl CommandStreamData<'_> { client_euid == server_uid || Some(client_euid) == wanted { - return Authorisation::authorised(&client_euid); + return Authorisation::promise_for(&client_euid); } throw!(anyhow!("{}: euid mismatch: client={:?} server={:?} wanted={:?}{}", &self.desc, client_euid, server_uid, wanted, @@ -1609,7 +1609,7 @@ impl CommandStreamData<'_> { Authorisation) { let ipl_unauth = { - let ig = ig.by_ref(Authorisation::authorise_any()); + let ig = ig.by_ref(Authorisation::promise_any()); ig.iplayers.byid(player)? }; let how = PCH::InstanceOrOnlyAffectedAccount(ipl_unauth.ipl.acctid); @@ -1660,7 +1660,7 @@ impl CommandStreamData<'_> { let subject_is = |object_acctid: AccountId|{ if subject_acctid == object_acctid { let auth: Authorisation - = Authorisation::authorise_any(); + = Authorisation::promise_any(); return Some(auth); } return None; @@ -1673,7 +1673,7 @@ impl CommandStreamData<'_> { PCH::InstanceOrOnlyAffectedPlayer(object_player) => { if_chain!{ if let Some(object_ipr) = - ig.by_ref(Authorisation::authorise_any()).iplayers + ig.by_ref(Authorisation::promise_any()).iplayers .get(object_player); then { subject_is(object_ipr.ipl.acctid) } else { None } @@ -1687,7 +1687,7 @@ impl CommandStreamData<'_> { let auth = { let subject = ¤t_account.cooked; let (acl, owner) = { - let ig = ig.by_ref(Authorisation::authorise_any()); + let ig = ig.by_ref(Authorisation::promise_any()); (&ig.acl, &ig.name.account) }; let owner_account = owner.to_string(); @@ -1736,7 +1736,7 @@ fn authorise_by_account(cs: &CommandStreamData, ag: &AccountsGuard, ag.check(¤t.notional_account)?; if let Some(y) = cs.superuser() { - return y.therefore_ok(); + return y.so_promise(); } if ¤t.notional_account == &wanted.account { @@ -1796,7 +1796,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard, let y: Authorisation = { cs.authorised_uid(None,None)? }; - y.therefore_ok() + y.so_promise() } AccountScope::Ssh{..} => { @@ -1815,7 +1815,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard, const SERVER_ONLY: (AuthorisedIf, Authorisation) = ( AuthorisedIf { authorised_for: None }, - Authorisation::authorised(&InUserList), + Authorisation::promise_for(&InUserList), ); let pwent = Passwd::from_name(&wanted) @@ -1828,7 +1828,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard, "requested username {:?} not found", &wanted )) )?; - let pwent_ok = Authorisation::authorised(&pwent); + let pwent_ok = Authorisation::promise_for(&pwent); let ((uid, in_userlist_ok), xinfo) = (||{ >::Ok({ let allowed = BufReader::new(match File::open(USERLIST) { @@ -1849,7 +1849,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard, (AuthorisedIf{ authorised_for: Some( Uid::from_raw(pwent.uid) )}, - Authorisation::authorised(&InUserList), + Authorisation::promise_for(&InUserList), ), None )) @@ -1872,7 +1872,7 @@ fn do_authorise_scope(cs: &CommandStreamData, ag: &AccountsGuard, (pwent_ok, uid_ok, in_userlist_ok).combine() }; - y.therefore_ok() + y.so_promise() }, } diff --git a/daemon/main.rs b/daemon/main.rs index 995078fb..0b997e51 100644 --- a/daemon/main.rs +++ b/daemon/main.rs @@ -251,7 +251,7 @@ fn bundle<'r>(instance: Parse, .map_err(|_| BadAssetUrlToken)?; let ig = gref.lock().map_err(|_| BadAssetUrlToken)?; let auth = { - let ig = ig.by_ref(Authorisation::authorise_any()); + let ig = ig.by_ref(Authorisation::promise_any()); ig.asset_url_key.check("bundle", &(instance, id), &token)? }.map(|(_,id)| id); let path = id.path(&ig, auth); diff --git a/src/accounts.rs b/src/accounts.rs index 25708d78..43518200 100644 --- a/src/accounts.rs +++ b/src/accounts.rs @@ -559,7 +559,7 @@ pub mod loaded_acl { } { continue } if needed & deny != 0 { break } if allow != 0 { needed &= !(allow | test_existence) } - if needed == 0 { return Authorisation::authorise_any() } + if needed == 0 { return Authorisation::promise_any() } } Err(if needed & test_existence != 0 { P::NOT_FOUND diff --git a/src/asseturl.rs b/src/asseturl.rs index 321dfe12..33bbabdc 100644 --- a/src/asseturl.rs +++ b/src/asseturl.rs @@ -50,7 +50,7 @@ impl AssetUrlKey { &exp.0[..], &got.0[..], )) { throw!(BadAssetUrlToken) } - else { Authorisation::authorised(v) } + else { Authorisation::promise_for(v) } } } diff --git a/src/authproofs.rs b/src/authproofs.rs index 1d9b5041..541c485a 100644 --- a/src/authproofs.rs +++ b/src/authproofs.rs @@ -35,22 +35,22 @@ pub type AuthorisationSuperuser = Authorisation; impl Authorisation { /// Proof obligation: access to this `T` has been authorised. #[inline] - pub const fn authorised(_v: &T) -> Authorisation { + pub const fn promise_for(_v: &T) -> Authorisation { Authorisation(PhantomData) } #[inline] pub fn map(self, _f: F) -> Authorisation where F: Fn(&T) -> &U { - self.therefore_ok() + self.so_promise() } /// Minor proof obligation: in this case, authorised access to `T` /// implies authorised access to `U`. #[inline] - pub fn therefore_ok(self) -> Authorisation { + pub fn so_promise(self) -> Authorisation { Authorisation(PhantomData) } /// Proof obligation: access to `T` has been authorised. #[inline] - pub const fn authorise_any() -> Authorisation { + pub const fn promise_any() -> Authorisation { Authorisation(PhantomData) } } @@ -59,7 +59,7 @@ impl From> for Authorisation { // ^ we need a bound not met by Global or we conflict with From for T #[inline] fn from(global: Authorisation) -> Self { - global.therefore_ok() + global.so_promise() } } diff --git a/src/bundles.rs b/src/bundles.rs index 48506837..0afce323 100644 --- a/src/bundles.rs +++ b/src/bundles.rs @@ -265,7 +265,7 @@ impl Id { pub fn path(&self, instance: &Unauthorised, InstanceName>, auth: Authorisation) -> String { - self.path_(&instance.by_ref(auth.therefore_ok()).name) + self.path_(&instance.by_ref(auth.so_promise()).name) } #[throws(IE)] @@ -284,7 +284,7 @@ impl Id { #[throws(IE)] pub fn open(&self, instance: &Instance) -> Option { let name = &*instance.name; - let auth = Authorisation::authorised(name).bundles(); + let auth = Authorisation::promise_for(name).bundles(); self.open_by_name(name, auth)? } @@ -296,7 +296,7 @@ impl Id { //---------- displaing/presenting/authorising ---------- impl Authorisation { - pub fn bundles(self) -> Authorisation { self.therefore_ok() } + pub fn bundles(self) -> Authorisation { self.so_promise() } } impl Display for State { diff --git a/src/global.rs b/src/global.rs index b15ac5fa..354ef4ae 100644 --- a/src/global.rs +++ b/src/global.rs @@ -313,12 +313,12 @@ impl InstanceWeakRef { impl Unauthorised { #[throws(GameBeingDestroyed)] pub fn lock<'r>(&'r self) -> Unauthorised, A> { - let must_not_escape = self.by_ref(Authorisation::authorise_any()); + let must_not_escape = self.by_ref(Authorisation::promise_any()); Unauthorised::of(must_not_escape.lock()?) } pub fn lock_even_destroying<'r>(&'r self) -> Unauthorised, A> { - let must_not_escape = self.by_ref(Authorisation::authorise_any()); + let must_not_escape = self.by_ref(Authorisation::promise_any()); Unauthorised::of(InstanceGuard { c: must_not_escape.lock_even_destroying(), gref: must_not_escape.clone(), @@ -326,7 +326,7 @@ impl Unauthorised { } pub fn lock_bundles<'r>(&'r self) -> Unauthorised, A> { - let must_not_escape = self.by_ref(Authorisation::authorise_any()); + let must_not_escape = self.by_ref(Authorisation::promise_any()); Unauthorised::of(must_not_escape.lock_bundles()) } } diff --git a/src/sshkeys.rs b/src/sshkeys.rs index e1eaca02..f432d7fd 100644 --- a/src/sshkeys.rs +++ b/src/sshkeys.rs @@ -167,7 +167,7 @@ impl PerScope { if &want_key.nonce == &authed_key.nonce; then { // We have checked id and nonce, against those allowed - let auth = auth_in.therefore_ok(); + let auth = auth_in.so_promise(); return Some(auth); } } -- 2.30.2