From 95e0e71cb78668578eabb5630f351510be8286ef Mon Sep 17 00:00:00 2001 From: Marc Biedermann Date: Wed, 18 Oct 2023 14:55:52 +0200 Subject: [PATCH] make formatter happy --- lib/guardian.mli | 34 ++++---- lib/guardian_entity.ml | 186 ++++++++++++++++++++--------------------- lib/utils.ml | 2 +- test/article.ml | 10 +-- test/hacker.ml | 2 +- test/main.ml | 113 +++++++++++++------------ test/role.mli | 34 ++++---- test/user.ml | 4 +- 8 files changed, 190 insertions(+), 195 deletions(-) diff --git a/lib/guardian.mli b/lib/guardian.mli index abb1183..29a00ef 100644 --- a/lib/guardian.mli +++ b/lib/guardian.mli @@ -41,10 +41,10 @@ module Contract : sig end module Make : functor - (ActorModel : RoleSig) - (Role : RoleSig) - (TargetModel : RoleSig) - -> sig + (ActorModel : RoleSig) + (Role : RoleSig) + (TargetModel : RoleSig) + -> sig module Uuid = Uuid module Permission = Permission @@ -224,20 +224,20 @@ module Make : functor module type PersistenceSig = Persistence.Contract - with type actor = Actor.t - and type actor_model = ActorModel.t - and type actor_permission = ActorPermission.t - and type actor_role = ActorRole.t - and type permission_on_target = PermissionOnTarget.t - and type role = Role.t - and type role_permission = RolePermission.t - and type target = Target.t - and type target_entity = TargetEntity.t - and type target_model = TargetModel.t - and type validation_set = ValidationSet.t + with type actor = Actor.t + and type actor_model = ActorModel.t + and type actor_permission = ActorPermission.t + and type actor_role = ActorRole.t + and type permission_on_target = PermissionOnTarget.t + and type role = Role.t + and type role_permission = RolePermission.t + and type target = Target.t + and type target_entity = TargetEntity.t + and type target_model = TargetModel.t + and type validation_set = ValidationSet.t module MakePersistence : functor - (Backend : Persistence.Backend + (Backend : Persistence.Backend with type actor = Actor.t and type actor_model = ActorModel.t and type actor_permission = ActorPermission.t @@ -249,5 +249,5 @@ module Make : functor and type target_entity = TargetEntity.t and type target_model = TargetModel.t and type validation_set = ValidationSet.t) - -> PersistenceSig + -> PersistenceSig end [@warning "-67"] diff --git a/lib/guardian_entity.ml b/lib/guardian_entity.ml index b59ba28..0009474 100644 --- a/lib/guardian_entity.ml +++ b/lib/guardian_entity.ml @@ -135,9 +135,9 @@ struct let filter_permission_on_model filter_permission filter_model = CCList.filter (fun { permission; model; _ } -> - Permission.( - equal filter_permission permission || equal Manage permission) - && TargetModel.equal filter_model model) + Permission.( + equal filter_permission permission || equal Manage permission) + && TargetModel.equal filter_model model) ;; let remove_duplicates (perms : t list) : t list = @@ -214,32 +214,32 @@ struct module type PersistenceSig = Persistence.Contract - with type actor = Actor.t - and type actor_model = ActorModel.t - and type actor_role = ActorRole.t - and type actor_permission = ActorPermission.t - and type permission_on_target = PermissionOnTarget.t - and type role = Role.t - and type role_permission = RolePermission.t - and type target = Target.t - and type target_entity = TargetEntity.t - and type target_model = TargetModel.t - and type validation_set = ValidationSet.t + with type actor = Actor.t + and type actor_model = ActorModel.t + and type actor_role = ActorRole.t + and type actor_permission = ActorPermission.t + and type permission_on_target = PermissionOnTarget.t + and type role = Role.t + and type role_permission = RolePermission.t + and type target = Target.t + and type target_entity = TargetEntity.t + and type target_model = TargetModel.t + and type validation_set = ValidationSet.t module MakePersistence (Backend : Persistence.Backend - with type actor = Actor.t - and type actor_model = ActorModel.t - and type actor_role = ActorRole.t - and type actor_permission = ActorPermission.t - and type permission_on_target = PermissionOnTarget.t - and type role = Role.t - and type role_permission = RolePermission.t - and type target = Target.t - and type target_entity = TargetEntity.t - and type target_model = TargetModel.t - and type validation_set = ValidationSet.t) : PersistenceSig = - struct + with type actor = Actor.t + and type actor_model = ActorModel.t + and type actor_role = ActorRole.t + and type actor_permission = ActorPermission.t + and type permission_on_target = PermissionOnTarget.t + and type role = Role.t + and type role_permission = RolePermission.t + and type target = Target.t + and type target_entity = TargetEntity.t + and type target_model = TargetModel.t + and type validation_set = ValidationSet.t) : + PersistenceSig = struct include Backend let clear_cache () = Repo.clear_cache () @@ -282,9 +282,9 @@ struct the authorizable's roles and ownership * are consistent in both spaces. *) let decorate ?ctx (to_actor : 'a -> actor) - : 'a -> (actor, string) Lwt_result.t + : 'a -> (actor, string) Lwt_result.t = - fun x -> + fun x -> let open Lwt_result.Syntax in let ({ Actor.uuid; _ } as entity : actor) = to_actor x in let* mem = mem ?ctx uuid in @@ -293,7 +293,7 @@ struct else let* () = insert ?ctx entity in Lwt.return_ok entity - ;; + ;; end module ActorRole = struct @@ -311,9 +311,9 @@ struct the authorizable's roles and ownership * are consistent in both spaces. *) let decorate ?ctx (to_target : 'a -> target) - : 'a -> (target, string) Lwt_result.t + : 'a -> (target, string) Lwt_result.t = - fun x -> + fun x -> let open Lwt_result.Syntax in let ({ Target.uuid; _ } as entity : target) = to_target x in let* mem = mem ?ctx uuid in @@ -322,18 +322,18 @@ struct else let* () = insert ?ctx entity in Lwt.return_ok entity - ;; + ;; end module PermissionOnTarget = struct include PermissionOnTarget let validate_set - ?any_id - perms - (error : string -> 'etyp) - (validation_set : ValidationSet.t) - actor + ?any_id + perms + (error : string -> 'etyp) + (validation_set : ValidationSet.t) + actor = let open CCFun in let rec find_checker : validation_set -> bool = @@ -341,38 +341,36 @@ struct function | One { PermissionOnTarget.permission; model; target_uuid } -> (match target_uuid with - | Some target_uuid -> - validate - ?any_id - (PermissionOnTarget.create ~target_uuid permission model) - perms - | None -> - validate - ?any_id - (PermissionOnTarget.create permission model) - perms) + | Some target_uuid -> + validate + ?any_id + (PermissionOnTarget.create ~target_uuid permission model) + perms + | None -> + validate + ?any_id + (PermissionOnTarget.create permission model) + perms) | Or (rule :: rules) -> (match find_checker rule with - | true -> true - | false -> - CCList.fold_left - (flip (fun rule -> - function - | true -> true - | false -> find_checker rule)) - false - rules) + | true -> true + | false -> + CCList.fold_left + (flip (fun rule -> function + | true -> true + | false -> find_checker rule)) + false + rules) | And (rule :: rules) -> (match find_checker rule with - | false -> false - | true -> - CCList.fold_left - (flip (fun rule -> - function - | true -> find_checker rule - | false -> false)) - true - rules) + | false -> false + | true -> + CCList.fold_left + (flip (fun rule -> function + | true -> find_checker rule + | false -> false)) + true + rules) | Or [] | And [] -> true in let validate = function @@ -400,12 +398,12 @@ struct [actor] actor object who'd like to perform the action *) let validate - ?ctx - ?any_id - (error : string -> 'etyp) - (validation_set : ValidationSet.t) - actor - : (unit, 'etyp) Lwt_result.t + ?ctx + ?any_id + (error : string -> 'etyp) + (validation_set : ValidationSet.t) + actor + : (unit, 'etyp) Lwt_result.t = let open CCFun in let ( |>> ) = flip Lwt.map in @@ -416,26 +414,24 @@ struct Repo.validate ?ctx ?any_id ?target_uuid ~model permission actor | Or (rule :: rules) -> (match%lwt find_checker rule with - | true -> Lwt.return_true - | false -> - Lwt_list.fold_left_s - (flip (fun rule -> - function - | true -> Lwt.return_true - | false -> find_checker rule)) - false - rules) + | true -> Lwt.return_true + | false -> + Lwt_list.fold_left_s + (flip (fun rule -> function + | true -> Lwt.return_true + | false -> find_checker rule)) + false + rules) | And (rule :: rules) -> (match%lwt find_checker rule with - | false -> Lwt.return_false - | true -> - Lwt_list.fold_left_s - (flip (fun rule -> - function - | true -> find_checker rule - | false -> Lwt.return_false)) - true - rules) + | false -> Lwt.return_false + | true -> + Lwt_list.fold_left_s + (flip (fun rule -> function + | true -> find_checker rule + | false -> Lwt.return_false)) + true + rules) | Or [] | And [] -> Lwt.return_true in let validate = function @@ -458,16 +454,16 @@ struct [validation_set] effect set to check the permissions against *) let wrap_function - ?ctx - (error : string -> 'etyp) - (validation_set : ValidationSet.t) - (fcn : 'param -> ('rval, 'etyp) Lwt_result.t) + ?ctx + (error : string -> 'etyp) + (validation_set : ValidationSet.t) + (fcn : 'param -> ('rval, 'etyp) Lwt_result.t) = let open Lwt_result.Syntax in let can = validate ?ctx error validation_set in Lwt.return_ok (fun actor param -> - let* () = can actor in - fcn param) + let* () = can actor in + fcn param) ;; end end diff --git a/lib/utils.ml b/lib/utils.ml index c672dbe..f82a091 100644 --- a/lib/utils.ml +++ b/lib/utils.ml @@ -16,7 +16,7 @@ let decompose_variant_string s = let fmt = format_of_string "`%s (%s@)" in try Scanf.sscanf s fmt (fun name params -> - lowercase_ascii name, CCList.map trim (split_on_char ',' params)) + lowercase_ascii name, CCList.map trim (split_on_char ',' params)) with | End_of_file -> let fmt = format_of_string "`%s" in diff --git a/test/article.ml b/test/article.ml index 32211cb..1ee212f 100644 --- a/test/article.ml +++ b/test/article.ml @@ -42,11 +42,11 @@ module Make (Backend : Guard.PersistenceSig) = struct ;; let update_author - ?ctx - (actor : Actor.t) - ({ id; _ } as article) - old_author - new_author + ?ctx + (actor : Actor.t) + ({ id; _ } as article) + old_author + new_author = let open Lwt_result.Syntax in let fcn (old_author, new_author) = diff --git a/test/hacker.ml b/test/hacker.ml index 01f7c82..2c11362 100644 --- a/test/hacker.ml +++ b/test/hacker.ml @@ -7,6 +7,6 @@ module Make (Backend : Guard.PersistenceSig) = struct let to_authorizable ?ctx = Backend.Actor.decorate ?ctx (fun (t : t) : Actor.t -> - Actor.create `Hacker (snd t)) + Actor.create `Hacker (snd t)) ;; end diff --git a/test/main.ml b/test/main.ml index 835a289..60e8543 100644 --- a/test/main.ml +++ b/test/main.ml @@ -71,7 +71,7 @@ module Tests (Backend : Guard.PersistenceSig) = struct ; `Author, Update, `Article ] |> CCList.map (fun (role, perm, model) -> - RolePermission.create role perm model) + RolePermission.create role perm model) ;; let ( let* ) = Lwt_result.bind @@ -98,7 +98,7 @@ module Tests (Backend : Guard.PersistenceSig) = struct | [] -> Error (Article.show article - |> Format.asprintf "Couldn't get owner for article %s") + |> Format.asprintf "Couldn't get owner for article %s") | roles -> Ok (CCList.hd roles) in let* chris_art_owner = find_author_role chris_article in @@ -112,8 +112,8 @@ module Tests (Backend : Guard.PersistenceSig) = struct let test_find_authorizable ?ctx (_ : 'a) () = (match%lwt Backend.Actor.find ?ctx (snd aron) with - | Ok _ -> Lwt.return_true - | Error err -> failwith err) + | Ok _ -> Lwt.return_true + | Error err -> failwith err) >|= Alcotest.(check bool) "Fetch an authorizable." true ;; @@ -137,21 +137,21 @@ module Tests (Backend : Guard.PersistenceSig) = struct let test_revoke_roles ?ctx (_ : 'a) () = (let open ActorRoleSet in - let role = ActorRole.create (snd aron) `Editor in - let open Backend in - let find_role () = ActorRole.find_by_actor ?ctx (snd aron) >|= of_list in - let%lwt () = role |> ActorRole.upsert ?ctx in - let* () = - let%lwt roles = find_role () in - if mem role roles - then Lwt.return_ok () - else - Lwt.return_error - "Didn't successfully add the role we intended to remove." - in - let%lwt () = role |> ActorRole.delete ?ctx in - let%lwt roles = find_role () in - Lwt.return_ok (mem role roles)) + let role = ActorRole.create (snd aron) `Editor in + let open Backend in + let find_role () = ActorRole.find_by_actor ?ctx (snd aron) >|= of_list in + let%lwt () = role |> ActorRole.upsert ?ctx in + let* () = + let%lwt roles = find_role () in + if mem role roles + then Lwt.return_ok () + else + Lwt.return_error + "Didn't successfully add the role we intended to remove." + in + let%lwt () = role |> ActorRole.delete ?ctx in + let%lwt roles = find_role () in + Lwt.return_ok (mem role roles)) >|= Alcotest.(check (result bool string)) "Check a user's roles." (Ok false) ;; @@ -197,8 +197,8 @@ module Tests (Backend : Guard.PersistenceSig) = struct else Lwt.return_error (elements diff - |> [%show: ActorPermission.t list] - |> Format.asprintf "Permissions diff: %s.")) + |> [%show: ActorPermission.t list] + |> Format.asprintf "Permissions diff: %s.")) >|= Alcotest.(check (result unit string)) "Read the global permissions we've just pushed." (Ok ()) @@ -206,23 +206,23 @@ module Tests (Backend : Guard.PersistenceSig) = struct let test_drop_rules ?ctx (_ : 'a) () = (let open Backend.RolePermission in - let open RolePermissionSet in - let* () = insert ?ctx bad_role_permission in - let* (_ : t) = - find_all_of_model ?ctx `Note - >|= of_list - >|= fun perms -> - if mem bad_role_permission perms - then Ok perms - else Error "Failed to push bad permission to test perm dropping." - in - let* () = delete ?ctx bad_role_permission in - find_all_of_model ?ctx `Article - >|= of_list - >|= fun perms -> - if mem bad_role_permission perms |> not - then Ok () - else Error "Failed to remove bad permission.") + let open RolePermissionSet in + let* () = insert ?ctx bad_role_permission in + let* (_ : t) = + find_all_of_model ?ctx `Note + >|= of_list + >|= fun perms -> + if mem bad_role_permission perms + then Ok perms + else Error "Failed to push bad permission to test perm dropping." + in + let* () = delete ?ctx bad_role_permission in + find_all_of_model ?ctx `Article + >|= of_list + >|= fun perms -> + if mem bad_role_permission perms |> not + then Ok () + else Error "Failed to remove bad permission.") >|= Alcotest.(check (result unit string)) "Read the global permissions we've just pushed." (Ok ()) @@ -546,12 +546,12 @@ module Tests (Backend : Guard.PersistenceSig) = struct , "update article is allowed with manage rights" ) ] |> CCList.iter (fun (expected, provided, msg) -> - Alcotest.( - check - bool - (Format.asprintf "Check if permission are correct: %s" msg) - expected - provided)) + Alcotest.( + check + bool + (Format.asprintf "Check if permission are correct: %s" msg) + expected + provided)) |> Lwt.return ;; @@ -569,12 +569,12 @@ module Tests (Backend : Guard.PersistenceSig) = struct ; [ update ], remove_duplicates [ update ], "single enty" ] |> CCList.iter (fun (expected, provided, msg) -> - Alcotest.( - check - (list testable_permission_on_target) - (Format.asprintf "Check if permission are correct: %s" msg) - expected - provided)) + Alcotest.( + check + (list testable_permission_on_target) + (Format.asprintf "Check if permission are correct: %s" msg) + expected + provided)) |> Lwt.return ;; @@ -691,11 +691,10 @@ let () = (Make (MariaConfig)) in Lwt_main.run - @@ - let%lwt () = Maria.delete ~ctx () in - let%lwt () = Maria.migrate ~ctx () in - let%lwt () = Maria.clean ~ctx () in - let%lwt () = Maria.start ~ctx () in - make_test_cases ~ctx (module Maria) "MariadDB Backend" - |> Alcotest_lwt.run "Authorization" + @@ let%lwt () = Maria.delete ~ctx () in + let%lwt () = Maria.migrate ~ctx () in + let%lwt () = Maria.clean ~ctx () in + let%lwt () = Maria.start ~ctx () in + make_test_cases ~ctx (module Maria) "MariadDB Backend" + |> Alcotest_lwt.run "Authorization" ;; diff --git a/test/role.mli b/test/role.mli index 9d5c30d..685fd12 100644 --- a/test/role.mli +++ b/test/role.mli @@ -1,31 +1,31 @@ module Actor : sig include Guardian.RoleSig - with type t = - [ `Admin - | `Hacker - | `User - ] + with type t = + [ `Admin + | `Hacker + | `User + ] end module Role : sig include Guardian.RoleSig - with type t = - [ `Admin - | `Author - | `Editor - | `Reader - ] + with type t = + [ `Admin + | `Author + | `Editor + | `Reader + ] end module Target : sig include Guardian.RoleSig - with type t = - [ `Article - | `Note - | `Post - | `User - ] + with type t = + [ `Article + | `Note + | `Post + | `User + ] end diff --git a/test/user.ml b/test/user.ml index fbfb584..722f289 100644 --- a/test/user.ml +++ b/test/user.ml @@ -45,7 +45,7 @@ module MakeTarget (Backend : PersistenceSig) = struct let to_authorizable ?ctx = Backend.Target.decorate ?ctx (fun t -> - let of_actor = Uuid.(snd %> Actor.to_string %> Target.of_string_exn) in - Target.create `User (of_actor t)) + let of_actor = Uuid.(snd %> Actor.to_string %> Target.of_string_exn) in + Target.create `User (of_actor t)) ;; end