From 62a0d69234d2b0a33c7b9c91cba065ceae42a0c6 Mon Sep 17 00:00:00 2001 From: Sridhar Ratnakumar Date: Sat, 16 Dec 2023 13:58:14 -0500 Subject: [PATCH] Use enum type for clarity & separation of logic --- Cargo.lock | 10 ------ crates/nix_health/Cargo.toml | 1 - crates/nix_health/src/check/trusted_users.rs | 20 ++++------- crates/nix_rs/src/config.rs | 38 ++++++++++++++++++++ 4 files changed, 45 insertions(+), 24 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 0383f8a5..7d2ef061 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2060,15 +2060,6 @@ dependencies = [ "libc", ] -[[package]] -name = "itertools" -version = "0.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25db6b064527c5d482d0423354fcd07a89a2dfe07b67892e62411946db7f07b0" -dependencies = [ - "either", -] - [[package]] name = "itoa" version = "0.4.8" @@ -2383,7 +2374,6 @@ dependencies = [ "clap", "colored", "human-panic", - "itertools", "nix_rs", "regex", "serde", diff --git a/crates/nix_health/Cargo.toml b/crates/nix_health/Cargo.toml index 6fe67e62..0e3ec8da 100644 --- a/crates/nix_health/Cargo.toml +++ b/crates/nix_health/Cargo.toml @@ -32,4 +32,3 @@ anyhow = { version = "1.0.75" } colored = { version = "2.0" } which = { version = "4.4.2" } bytesize.workspace = true -itertools = "0.12.0" diff --git a/crates/nix_health/src/check/trusted_users.rs b/crates/nix_health/src/check/trusted_users.rs index 9d2c39fd..9ae302a2 100644 --- a/crates/nix_health/src/check/trusted_users.rs +++ b/crates/nix_health/src/check/trusted_users.rs @@ -1,6 +1,6 @@ use std::collections::HashSet; -use itertools::{Either, Itertools}; +use nix_rs::config::TrustedUserValue; use serde::{Deserialize, Serialize}; use crate::traits::*; @@ -52,16 +52,10 @@ fn is_current_user_trusted(nix_info: &nix_rs::info::NixInfo) -> bool { let current_user = &nix_info.nix_env.current_user; let current_user_groups: HashSet<&String> = nix_info.nix_env.current_user_groups.iter().collect(); - let val = &nix_info.nix_config.trusted_users.value; - // In nix.conf, groups are prefixed with '@'. '*' means all users are - // trusted. - if val.contains(&"*".to_string()) { - return true; - } - let (val_groups, val_users): (Vec, Vec) = - val.iter().partition_map(|x| match x.strip_prefix('@') { - Some(x) => Either::Left(x.to_string()), - None => Either::Right(x.clone()), - }); - val_users.contains(current_user) || val_groups.iter().any(|x| current_user_groups.contains(&x)) + let trusted_user_values = nix_info.nix_config.get_trusted_users_vals(); + trusted_user_values.iter().any(|x| match x { + TrustedUserValue::Group(x) => current_user_groups.contains(&x), + TrustedUserValue::User(x) => x == current_user, + TrustedUserValue::All => true, + }) } diff --git a/crates/nix_rs/src/config.rs b/crates/nix_rs/src/config.rs index dbb3a8be..7dcf6153 100644 --- a/crates/nix_rs/src/config.rs +++ b/crates/nix_rs/src/config.rs @@ -45,6 +45,44 @@ impl NixConfig { .await?; Ok(v) } + + pub fn get_trusted_users_vals(&self) -> Vec { + self.trusted_users + .value + .iter() + .map(|s| TrustedUserValue::from_str(s)) + .collect() + } +} + +#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] +pub enum TrustedUserValue { + /// All users are trusted + All, + /// A specific user is trusted + User(String), + /// Users belonging to a specific group are trusted + Group(String), +} + +impl TrustedUserValue { + fn from_str(s: &str) -> Self { + // In nix.conf, groups are prefixed with '@'. '*' means all users are + // trusted. + if s == "*" { + return Self::All; + } + match s.strip_prefix('@') { + Some(s) => Self::Group(s.to_string()), + None => Self::User(s.to_string()), + } + } +} + +impl From for TrustedUserValue { + fn from(s: String) -> Self { + Self::from_str(&s) + } } #[tokio::test]