Use enum type for clarity & separation of logic

juspay · Dec 16, 2023 · 62a0d69 · 62a0d69
1 parent d8dff29
commit 62a0d69
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 24 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/crates/nix_health/Cargo.toml b/crates/nix_health/Cargo.toml
@@ -32,4 +32,3 @@ anyhow = { version = "1.0.75" }
 colored = { version = "2.0" }
 which = { version = "4.4.2" }
 bytesize.workspace = true
-itertools = "0.12.0"
diff --git a/crates/nix_health/src/check/trusted_users.rs b/crates/nix_health/src/check/trusted_users.rs
@@ -1,6 +1,6 @@
 use std::collections::HashSet;
 
-use itertools::{Either, Itertools};
+use nix_rs::config::TrustedUserValue;
 use serde::{Deserialize, Serialize};
 
 use crate::traits::*;
@@ -52,16 +52,10 @@ fn is_current_user_trusted(nix_info: &nix_rs::info::NixInfo) -> bool {
     let current_user = &nix_info.nix_env.current_user;
     let current_user_groups: HashSet<&String> =
         nix_info.nix_env.current_user_groups.iter().collect();
-    let val = &nix_info.nix_config.trusted_users.value;
-    // In nix.conf, groups are prefixed with '@'. '*' means all users are
-    // trusted.
-    if val.contains(&"*".to_string()) {
-        return true;
-    }
-    let (val_groups, val_users): (Vec<String>, Vec<String>) =
-        val.iter().partition_map(|x| match x.strip_prefix('@') {
-            Some(x) => Either::Left(x.to_string()),
-            None => Either::Right(x.clone()),
-        });
-    val_users.contains(current_user) || val_groups.iter().any(|x| current_user_groups.contains(&x))
+    let trusted_user_values = nix_info.nix_config.get_trusted_users_vals();
+    trusted_user_values.iter().any(|x| match x {
+        TrustedUserValue::Group(x) => current_user_groups.contains(&x),
+        TrustedUserValue::User(x) => x == current_user,
+        TrustedUserValue::All => true,
+    })
 }
diff --git a/crates/nix_rs/src/config.rs b/crates/nix_rs/src/config.rs
@@ -45,6 +45,44 @@ impl NixConfig {
             .await?;
         Ok(v)
     }
+
+    pub fn get_trusted_users_vals(&self) -> Vec<TrustedUserValue> {
+        self.trusted_users
+            .value
+            .iter()
+            .map(|s| TrustedUserValue::from_str(s))
+            .collect()
+    }
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+pub enum TrustedUserValue {
+    /// All users are trusted
+    All,
+    /// A specific user is trusted
+    User(String),
+    /// Users belonging to a specific group are trusted
+    Group(String),
+}
+
+impl TrustedUserValue {
+    fn from_str(s: &str) -> Self {
+        // In nix.conf, groups are prefixed with '@'. '*' means all users are
+        // trusted.
+        if s == "*" {
+            return Self::All;
+        }
+        match s.strip_prefix('@') {
+            Some(s) => Self::Group(s.to_string()),
+            None => Self::User(s.to_string()),
+        }
+    }
+}
+
+impl From<String> for TrustedUserValue {
+    fn from(s: String) -> Self {
+        Self::from_str(&s)
+    }
 }
 
 #[tokio::test]