diff options
| author | Heiko <heiko@schaefer.name> | 2021-05-02 11:22:16 +0200 |
|---|---|---|
| committer | Heiko <heiko@schaefer.name> | 2021-05-02 11:22:16 +0200 |
| commit | 9a7bfa69124276cf60eb11eb5b753f9d02994da9 (patch) | |
| tree | 06b7f46c372c396b0d96f30f02dc95b94f646a59 | |
| parent | 9db20d088af1d25ce81390dd3af26ce1ae6bf061 (diff) | |
| download | openpgp-ca-9a7bfa69124276cf60eb11eb5b753f9d02994da9.tar.gz | |
Standardize fn naming in OcaDb.
| -rw-r--r-- | src/bridge.rs | 10 | ||||
| -rw-r--r-- | src/ca.rs | 26 | ||||
| -rw-r--r-- | src/ca_secret.rs | 6 | ||||
| -rw-r--r-- | src/cert.rs | 14 | ||||
| -rw-r--r-- | src/db/mod.rs | 97 | ||||
| -rw-r--r-- | src/import.rs | 4 | ||||
| -rw-r--r-- | src/restd/mod.rs | 4 | ||||
| -rw-r--r-- | src/revocation.rs | 14 | ||||
| -rw-r--r-- | tests/test_gpg.rs | 30 | ||||
| -rw-r--r-- | tests/test_oca.rs | 4 |
10 files changed, 100 insertions, 109 deletions
diff --git a/src/bridge.rs b/src/bridge.rs index ef923bb..ddf014a 100644 --- a/src/bridge.rs +++ b/src/bridge.rs @@ -98,7 +98,7 @@ pub fn bridge_new( .bridge_to_remote_ca(remote_ca_cert, vec![regex])?; // store new bridge in DB - let db_cert = oca.db().add_cert( + let db_cert = oca.db().cert_add( &Pgp::cert_to_armored(&bridged)?, &bridged.fingerprint().to_hex(), None, @@ -112,12 +112,12 @@ pub fn bridge_new( cas_id: ca_db.id, }; - Ok((oca.db().insert_bridge(new_bridge)?, bridged.fingerprint())) + Ok((oca.db().bridge_insert(new_bridge)?, bridged.fingerprint())) } pub fn bridge_revoke(oca: &OpenpgpCa, email: &str) -> Result<()> { - if let Some(bridge) = oca.db().search_bridge(email)? { - if let Some(mut db_cert) = oca.db().get_cert_by_id(bridge.cert_id)? { + if let Some(bridge) = oca.db().bridge_by_email(email)? { + if let Some(mut db_cert) = oca.db().cert_by_id(bridge.cert_id)? { let bridge_cert = Pgp::armored_to_cert(&db_cert.pub_cert)?; // Generate revocation for the bridge @@ -134,7 +134,7 @@ pub fn bridge_revoke(oca: &OpenpgpCa, email: &str) -> Result<()> { // Save updated cert (including the revocation) to DB db_cert.pub_cert = Pgp::cert_to_armored(&revoked)?; - oca.db().update_cert(&db_cert) + oca.db().cert_update(&db_cert) } else { Err(anyhow::anyhow!("No cert found for bridge")) } @@ -176,10 +176,10 @@ impl OpenpgpCa { /// Get a list of all User Certs pub fn user_certs_get_all(&self) -> Result<Vec<models::Cert>> { - let users = self.db.get_users_sort_by_name()?; + let users = self.db.users_sorted_by_name()?; let mut user_certs = Vec::new(); for user in users { - user_certs.append(&mut self.db.get_cert_by_user(&user)?); + user_certs.append(&mut self.db.certs_by_user(&user)?); } Ok(user_certs) } @@ -316,7 +316,7 @@ impl OpenpgpCa { &self, fingerprint: &str, ) -> Result<Option<models::Cert>> { - self.db.get_cert(&Pgp::normalize_fp(fingerprint)?) + self.db.cert_by_fp(&Pgp::normalize_fp(fingerprint)?) } /// Get a list of all Certs for one User @@ -324,17 +324,17 @@ impl OpenpgpCa { &self, user: &models::User, ) -> Result<Vec<models::Cert>> { - self.db.get_cert_by_user(&user) + self.db.certs_by_user(&user) } /// Get a list of all Users, ordered by name pub fn users_get_all(&self) -> Result<Vec<models::User>> { - self.db.get_users_sort_by_name() + self.db.users_sorted_by_name() } /// Get a list of the Certs that are associated with `email` pub fn certs_by_email(&self, email: &str) -> Result<Vec<models::Cert>> { - self.db.get_certs_by_email(email) + self.db.certs_by_email(email) } /// Get database User(s) for database Cert @@ -342,7 +342,7 @@ impl OpenpgpCa { &self, cert: &models::Cert, ) -> Result<Option<models::User>> { - self.db.get_user_by_cert(cert) + self.db.user_by_cert(cert) } /// Get the user name that is associated with this Cert. @@ -488,7 +488,7 @@ impl OpenpgpCa { &self, cert: &models::Cert, ) -> Result<Vec<models::Revocation>> { - self.db.get_revocations(cert) + self.db.revocations_by_cert(cert) } /// Add a revocation certificate to the OpenPGP CA database. @@ -516,7 +516,7 @@ impl OpenpgpCa { &self, hash: &str, ) -> Result<models::Revocation> { - if let Some(rev) = self.db.get_revocation_by_hash(hash)? { + if let Some(rev) = self.db.revocation_by_hash(hash)? { Ok(rev) } else { Err(anyhow::anyhow!("No revocation found for {}", hash)) @@ -595,12 +595,12 @@ impl OpenpgpCa { &self, cert: &models::Cert, ) -> Result<Vec<models::CertEmail>> { - self.db.get_emails_by_cert(cert) + self.db.emails_by_cert(cert) } /// Get all Emails pub fn get_emails_all(&self) -> Result<Vec<models::CertEmail>> { - self.db.get_emails_all() + self.db.emails() } // --------- bridges @@ -612,7 +612,7 @@ impl OpenpgpCa { /// Get a specific Bridge pub fn bridges_search(&self, email: &str) -> Result<models::Bridge> { - if let Some(bridge) = self.db.search_bridge(email)? { + if let Some(bridge) = self.db.bridge_by_email(email)? { Ok(bridge) } else { Err(anyhow::anyhow!("Bridge not found")) @@ -681,7 +681,7 @@ impl OpenpgpCa { for bridge in bridges { println!("Bridge to '{}'", bridge.email); - if let Some(db_cert) = self.db.get_cert_by_id(bridge.cert_id)? { + if let Some(db_cert) = self.db.cert_by_id(bridge.cert_id)? { println!("{}", db_cert.pub_cert); } println!(); diff --git a/src/ca_secret.rs b/src/ca_secret.rs index 9bc9206..12fc570 100644 --- a/src/ca_secret.rs +++ b/src/ca_secret.rs @@ -105,7 +105,7 @@ pub trait CaSec { /// private key material for the CA. impl CaSec for DbCa { fn ca_init(&self, domainname: &str, name: Option<&str>) -> Result<()> { - if self.db().check_ca_initialized()? { + if self.db().is_ca_initialized()? { return Err(anyhow::anyhow!("CA has already been initialized",)); } @@ -127,7 +127,7 @@ impl CaSec for DbCa { let ca_key = &Pgp::cert_to_armored_private_key(&cert)?; self.db().transaction(|| { - self.db().insert_ca( + self.db().ca_insert( models::NewCa { domainname }, ca_key, &cert.fingerprint().to_hex(), @@ -272,7 +272,7 @@ adversaries."#; .context("Failed to re-armor CA Cert")?; self.db() - .update_cacert(&cacert) + .cacert_update(&cacert) .context("Update of CA Cert in DB failed") }) } diff --git a/src/cert.rs b/src/cert.rs index 5c037cc..1dee1d8 100644 --- a/src/cert.rs +++ b/src/cert.rs @@ -48,7 +48,7 @@ pub fn user_new( let user_revoc = Pgp::revoc_to_armored(&user_revoc, None)?; oca.db() - .add_user( + .user_add( name, (&user_cert, &user_key.fingerprint().to_hex()), emails, @@ -93,7 +93,7 @@ pub fn cert_import_new( if let Some(_exists) = oca .db() - .get_cert(&fp) + .cert_by_fp(&fp) .context("cert_import_new(): get_cert() check by fingerprint failed")? { // import_new is not intended for certs we already have a version of @@ -126,7 +126,7 @@ pub fn cert_import_new( .context("cert_import_new: Couldn't re-armor key")?; oca.db() - .add_user( + .user_add( name.as_deref(), (&pub_cert, &fp), &emails, @@ -144,7 +144,7 @@ pub fn cert_import_update(oca: &OpenpgpCa, cert: &str) -> Result<()> { let fp = cert_new.fingerprint().to_hex(); - if let Some(mut db_cert) = oca.db().get_cert(&fp).context( + if let Some(mut db_cert) = oca.db().cert_by_fp(&fp).context( "cert_import_update(): get_cert() check by fingerprint failed", )? { // merge existing and new public key @@ -154,7 +154,7 @@ pub fn cert_import_update(oca: &OpenpgpCa, cert: &str) -> Result<()> { let armored = Pgp::cert_to_armored(&updated)?; db_cert.pub_cert = armored; - oca.db().update_cert(&db_cert) + oca.db().cert_update(&db_cert) } else { Err(anyhow::anyhow!( "No cert with this fingerprint found in DB, cannot update" @@ -174,7 +174,7 @@ pub fn certs_refresh_ca_certifications( for db_cert in oca .db() - .get_certs()? + .certs()? .iter() // ignore "inactive" Certs .filter(|c| !c.inactive) @@ -218,7 +218,7 @@ pub fn certs_refresh_ca_certifications( // update cert in db let mut cert_update = db_cert.clone(); cert_update.pub_cert = Pgp::cert_to_armored(&recertified)?; - oca.db().update_cert(&cert_update)?; + oca.db().cert_update(&cert_update)?; } } diff --git a/src/db/mod.rs b/src/db/mod.rs index e4058cb..17d27e3 100644 --- a/src/db/mod.rs +++ b/src/db/mod.rs @@ -27,7 +27,7 @@ impl OcaDb { let conn = SqliteConnection::establish(&db_url) .context(format!("Error connecting to {}", db_url))?; - // enable handling of foreign key constraints in sqlite + // Enable handling of foreign key constraints in sqlite diesel::sql_query("PRAGMA foreign_keys=1;") .execute(&conn) .context("Couldn't set 'PRAGMA foreign_keys=1;'")?; @@ -45,7 +45,7 @@ impl OcaDb { // --- building block functions --- - fn insert_user(&self, user: NewUser) -> Result<User> { + fn user_insert(&self, user: NewUser) -> Result<User> { let inserted_count = diesel::insert_into(users::table) .values(&user) .execute(&self.conn)?; @@ -56,6 +56,7 @@ impl OcaDb { )); } + // retrieve our new row, including the generated id let u: Vec<User> = users::table .order(users::id.desc()) .limit(inserted_count as i64) @@ -71,7 +72,7 @@ impl OcaDb { } } - fn insert_cert(&self, cert: NewCert) -> Result<Cert> { + fn cert_insert(&self, cert: NewCert) -> Result<Cert> { let inserted_count = diesel::insert_into(certs::table) .values(&cert) .execute(&self.conn)?; @@ -82,6 +83,7 @@ impl OcaDb { )); } + // retrieve our new row, including the generated id let c: Vec<Cert> = certs::table .order(certs::id.desc()) .limit(inserted_count as i64) @@ -97,7 +99,7 @@ impl OcaDb { } } - fn insert_revocation(&self, revoc: NewRevocation) -> Result<Revocation> { + fn revocation_insert(&self, revoc: NewRevocation) -> Result<Revocation> { let inserted_count = diesel::insert_into(revocations::table) .values(&revoc) .execute(&self.conn)?; @@ -108,6 +110,7 @@ impl OcaDb { )); } + // retrieve our new row, including the generated id let r: Vec<Revocation> = revocations::table .order(revocations::id.desc()) .limit(inserted_count as i64) @@ -125,7 +128,7 @@ impl OcaDb { } } - fn insert_email(&self, email: NewCertEmail) -> Result<CertEmail> { + fn email_insert(&self, email: NewCertEmail) -> Result<CertEmail> { let inserted_count = diesel::insert_into(certs_emails::table) .values(&email) .execute(&self.conn) @@ -137,6 +140,7 @@ impl OcaDb { )); } + // retrieve our new row, including the generated id let e: Vec<CertEmail> = certs_emails::table .order(certs_emails::id.desc()) .limit(inserted_count as i64) @@ -155,7 +159,7 @@ impl OcaDb { // --- public --- - pub fn check_ca_initialized(&self) -> Result<bool> { + pub fn is_ca_initialized(&self) -> Result<bool> { let cas = cas::table .load::<Ca>(&self.conn) .context("Error loading CAs")?; @@ -185,17 +189,19 @@ impl OcaDb { // FIXME: which cert(s) should be returned? // -> there can be more than one "active" cert, // as well as even more "inactive" certs. - unimplemented!("get_ca: more than one ca_cert in DB"); + Err(anyhow::anyhow!( + "More than one ca_cert in DB, this is not yet implemented." + )) } } } _ => Err(anyhow::anyhow!( - "more than 1 CA in database. this should never happen" + "More than one CA in database, this should never happen." )), } } - pub fn insert_ca( + pub fn ca_insert( &self, ca: NewCa, ca_key: &str, @@ -206,12 +212,13 @@ impl OcaDb { .execute(&self.conn) .context("Error saving new CA")?; + // Retrieve our new row, including the generated id let cas = cas::table .load::<Ca>(&self.conn) .context("Error loading CAs")?; - let ca = cas.first().unwrap(); + // Store Cert for the CA let ca_cert = NewCacert { fingerprint, ca_id: ca.id, @@ -225,7 +232,7 @@ impl OcaDb { Ok(()) } - pub fn update_cacert(&self, cacert: &Cacert) -> Result<()> { + pub fn cacert_update(&self, cacert: &Cacert) -> Result<()> { diesel::update(cacert) .set(cacert) .execute(&self.conn) @@ -234,14 +241,14 @@ impl OcaDb { Ok(()) } - pub fn get_users_sort_by_name(&self) -> Result<Vec<User>> { + pub fn users_sorted_by_name(&self) -> Result<Vec<User>> { users::table .order((users::name, users::id)) .load::<User>(&self.conn) .context("Error loading users") } - pub fn get_user_by_cert(&self, cert: &Cert) -> Result<Option<User>> { + pub fn user_by_cert(&self, cert: &Cert) -> Result<Option<User>> { match cert.user_id { None => Ok(None), Some(search_id) => { @@ -252,15 +259,18 @@ impl OcaDb { match users.len() { 0 => Ok(None), 1 => Ok(Some(users[0].clone())), - _ => Err(anyhow::anyhow!( - "get_user_by_cert: found more than 1 user for a cert. this should be impossible." - )), + _ => { + // This should not be possible + Err(anyhow::anyhow!( + "get_user_by_cert: Found more than one user for cert" + )) + } } } } } - pub fn add_user( + pub fn user_add( &self, name: Option<&str>, (pub_cert, fingerprint): (&str, &str), @@ -279,19 +289,19 @@ impl OcaDb { cacert_db.priv_cert = Pgp::cert_to_armored_private_key(&merged)?; // update new version of CA cert in database - self.update_cacert(&cacert_db)?; + self.cacert_update(&cacert_db)?; } // User let newuser = NewUser { name, ca_id: ca.id }; - let user = self.insert_user(newuser)?; + let user = self.user_insert(newuser)?; - let cert = self.add_cert(pub_cert, fingerprint, Some(user.id))?; + let cert = self.cert_add(pub_cert, fingerprint, Some(user.id))?; // Revocations for revocation in revocation_certs { let hash = &Pgp::revocation_to_hash(revocation)?; - self.insert_revocation(NewRevocation { + self.revocation_insert(NewRevocation { hash, revocation, cert_id: cert.id, @@ -301,7 +311,7 @@ impl OcaDb { // Emails for &addr in emails { - self.insert_email(NewCertEmail { + self.email_insert(NewCertEmail { addr: addr.to_owned(), cert_id: cert.id, })?; @@ -309,7 +319,7 @@ impl OcaDb { Ok(user) } - pub fn update_user(&self, user: &User) -> Result<()> { + pub fn user_update(&self, user: &User) -> Result<()> { diesel::update(user) .set(user) .execute(&self.conn) @@ -318,7 +328,7 @@ impl OcaDb { Ok(()) } - pub fn add_cert( + pub fn cert_add( &self, pub_cert: &str, fingerprint: &str, @@ -331,10 +341,10 @@ impl OcaDb { inactive: false, user_id, }; - self.insert_cert(cert) + self.cert_insert(cert) } - pub fn update_cert(&self, cert: &Cert) -> Result<()> { + pub fn cert_update(&self, cert: &Cert) -> Result<()> { diesel::update(cert) .set(cert) .execute(&self.conn) @@ -343,7 +353,7 @@ impl OcaDb { Ok(()) } - pub fn get_cert_by_id(&self, id: i32) -> Result<Option<Cert>> { + pub fn cert_by_id(&self, id: i32) -> Result<Option<Cert>> { let db: Vec<Cert> = certs::table .filter(certs::id.eq(id)) .load::<Cert>(&self.conn) @@ -352,7 +362,7 @@ impl OcaDb { Ok(db.get(0).cloned()) } - pub fn get_cert(&self, fingerprint: &str) -> Result<Option<Cert>> { + pub fn cert_by_fp(&self, fingerprint: &str) -> Result<Option<Cert>> { let c = certs::table .filter(certs::fingerprint.eq(fingerprint)) .load::<Cert>(&self.conn) @@ -365,7 +375,7 @@ impl OcaDb { } } - pub fn get_certs_by_email(&self, email: &str) -> Result<Vec<Cert>> { + pub fn certs_by_email(&self, email: &str) -> Result<Vec<Cert>> { let cert_ids = certs_emails::table .filter(certs_emails::addr.eq(email)) .select(certs_emails::cert_id); @@ -377,30 +387,31 @@ impl OcaDb { } /// All Certs that belong to `user`, ordered by certs::id - pub fn get_cert_by_user(&self, user: &User) -> Result<Vec<Cert>> { + pub fn certs_by_user(&self, user: &User) -> Result<Vec<Cert>> { Ok(Cert::belonging_to(user) .order(certs::id) .load::<Cert>(&self.conn)?) } - pub fn get_certs(&self) -> Result<Vec<Cert>> { + /// Get all Certs + pub fn certs(&self) -> Result<Vec<Cert>> { certs::table .load::<Cert>(&self.conn) .context("Error loading certs") } - pub fn get_revocations(&self, cert: &Cert) -> Result<Vec<Revocation>> { + pub fn revocations_by_cert(&self, cert: &Cert) -> Result<Vec<Revocation>> { Ok(Revocation::belonging_to(cert).load::<Revocation>(&self.conn)?) } - pub fn add_revocation( + pub fn revocation_add( &self, revocation: &str, cert: &Cert, ) -> Result<Revocation> { let hash = &Pgp::revocation_to_hash(revocation)?; - self.insert_revocation(NewRevocation { + self.revocation_insert(NewRevocation { hash, revocation, cert_id: cert.id, @@ -408,13 +419,13 @@ impl OcaDb { }) } - /// check if this exact revocation (bitwise) already exists in the db - pub fn check_for_revocation(&self, revocation: &str) -> Result<bool> { + /// Check if this exact revocation (bitwise) already exists in the DB + pub fn revocation_exists(&self, revocation: &str) -> Result<bool> { let hash = &Pgp::revocation_to_hash(revocation)?; - Ok(self.get_revocation_by_hash(hash)?.is_some()) + Ok(self.revocation_by_hash(hash)?.is_some()) } - pub fn get_revocation_by_hash( + pub fn revocation_by_hash( &self, hash: &str, ) -> Result<Option<Revocation>> { @@ -431,7 +442,7 @@ impl OcaDb { Ok(db.get(0).cloned()) } - pub fn update_revocation(&self, revocation: &Revocation) -> Result<()> { + pub fn revocation_update(&self, revocation: &Revocation) -> Result<()> { diesel::update(revocation) .set(revocation) .execute(&self.conn) @@ -440,20 +451,20 @@ impl OcaDb { Ok(()) } - pub fn get_emails_by_cert(&self, cert: &Cert) -> Result<Vec<CertEmail>> { + pub fn emails_by_cert(&self, cert: &Cert) -> Result<Vec<CertEmail>> { certs_emails::table .filter(certs_emails::cert_id.eq(cert.id)) .load(&self.conn) .context("could not load emails") } - pub fn get_emails_all(&self) -> Result<Vec<CertEmail>> { + pub fn emails(&self) -> Result<Vec<CertEmail>> { certs_emails::table .load(&self.conn) .context("could not load emails") } - pub fn insert_bridge(&self, bridge: NewBridge) -> Result<Bridge> { + pub fn bridge_insert(&self, bridge: NewBridge) -> Result<Bridge> { let inserted_count = diesel::insert_into(bridges::table) .values(&bridge) .execute(&self.conn) @@ -480,7 +491,7 @@ impl OcaDb { } } - pub fn search_bridge(&self, email: &str) -> Result<Option<Bridge>> { + pub fn bridge_by_email(&self, email: &str) -> Result<Option<Bridge>> { let res = bridges::table .filter(bridges::email.eq(email)) .load::<Bridge>(&self.conn) diff --git a/src/import.rs b/src/import.rs index 5a12754..9568bc0 100644 --- a/src/import.rs +++ b/src/import.rs @@ -48,7 +48,7 @@ pub fn update_from_wkd(oca: &OpenpgpCa, cert: &models::Cert) -> Result<()> { let mut db_update = cert.clone(); db_update.pub_cert = Pgp::cert_to_armored(&merge)?; - oca.db().update_cert(&db_update)?; + oca.db().cert_update(&db_update)?; Ok(()) } @@ -74,7 +74,7 @@ pub fn update_from_hagrid(oca: &OpenpgpCa, cert: &models::Cert) -> Result<()> { let mut db_update = cert.clone(); db_update.pub_cert = Pgp::cert_to_armored(&merged)?; - oca.db().update_cert(&db_update) + oca.db().cert_update(&db_update) } else { // Silently ignore potential errors from merge_public(). Ok(()) diff --git a/src/restd/mod.rs b/src/restd/mod.rs index b674901..abe99f2 100644 --- a/src/restd/mod.rs +++ b/src/restd/mod.rs @@ -251,7 +251,7 @@ fn deactivate_cert(fp: String) -> Result<(), BadRequest<Json<ReturnError>>> { if let Some(mut cert) = cert { cert.inactive = true; - Ok(ca.db().update_cert(&cert).map_err(|e| { + Ok(ca.db().cert_update(&cert).map_err(|e| { ReturnError::new( ReturnStatus::InternalError, format!("deactivate_cert: Error updating Cert '{:?}'", e), @@ -292,7 +292,7 @@ fn delist_cert(fp: String) -> Result<(), BadRequest<Json<ReturnError>>> { if let Some(mut cert) = cert { cert.delisted = true; - ca.db().update_cert(&cert).map_err(|e| { + ca.db().cert_update(&cert).map_err(|e| { ReturnError::new( ReturnStatus::InternalError, format!("delist_cert: Error updating Cert '{:?}'", e), diff --git a/src/revocation.rs b/src/revocation.rs index 45d453c..0fa2d97 100644 --- a/src/revocation.rs +++ b/src/revocation.rs @@ -23,7 +23,7 @@ fn check_for_equivalent_revocation( revocation: &Signature, cert: &models::Cert, ) -> Result<bool> { - for db_rev in oca.db().get_revocations(cert)? { + for db_rev in oca.db().revocations_by_cert(cert)? { let r = Pgp::armored_to_signature(&db_rev.revocation) .context("Couldn't re-armor revocation cert from CA db")?; @@ -41,7 +41,7 @@ fn check_for_equivalent_revocation( /// If no suitable cert is found, an error is returned. pub fn revocation_add(oca: &OpenpgpCa, revocation: &str) -> Result<()> { // Check if this revocation already exists in db - if oca.db().check_for_revocation(revocation)? { + if oca.db().revocation_exists(revocation)? { return Ok(()); // this revocation is already stored -> do nothing } @@ -52,7 +52,7 @@ pub fn revocation_add(oca: &OpenpgpCa, revocation: &str) -> Result<()> { let mut cert = None; // 1) Search by fingerprint, if possible if let Some(issuer_fp) = Pgp::get_revoc_issuer_fp(&revocation)? { - cert = oca.db().get_cert(&issuer_fp.to_hex())?; + cert = oca.db().cert_by_fp(&issuer_fp.to_hex())?; } // 2) If match by fingerprint failed: test revocation for each cert if cert.is_none() { @@ -69,7 +69,7 @@ pub fn revocation_add(oca: &OpenpgpCa, revocation: &str) -> Result<()> { let armored = Pgp::revoc_to_armored(&revocation, None) .context("couldn't armor revocation cert")?; - oca.db().add_revocation(&armored, &cert)?; + oca.db().revocation_add(&armored, &cert)?; } Ok(()) @@ -142,7 +142,7 @@ pub fn revocation_apply( oca: &OpenpgpCa, mut db_revoc: models::Revocation, ) -> Result<()> { - if let Some(mut db_cert) = oca.db().get_cert_by_id(db_revoc.cert_id)? { + if let Some(mut db_cert) = oca.db().cert_by_id(db_revoc.cert_id)? { let sig = Pgp::armored_to_signature(&db_revoc.revocation)?; let c = Pgp::armored_to_cert(&db_cert.pub_cert)?; @@ -154,11 +154,11 @@ pub fn revocation_apply( db_revoc.published = true; oca.db() - .update_cert(&db_cert) + .cert_update(&db_cert) .context("Couldn't update Cert")?; oca.db() - .update_revocation(&db_revoc) + .revocation_update(&db_revoc) .context("Couldn't update Revocation")?; Ok(()) diff --git a/tests/test_gpg.rs b/tests/test_gpg.rs index 59d47ad..1b6b767 100644 --- a/tests/test_gpg.rs +++ b/tests/test_gpg.rs @@ -275,22 +275,14 @@ fn test_bridge() -> Result<()> { let bridges2 = ca2.bridges_get()?; assert_eq!(bridges2.len(), 1); - let ca1_cert = ca2 - .db() - .get_cert_by_id(bridges2[0].cert_id)? - .unwrap() - .pub_cert; + let ca1_cert = ca2.db().cert_by_id(bridges2[0].cert_id)?.unwrap().pub_cert; // get Cert for ca2 from ca1 bridge // (this has the signed version of the ca2 pubkey) let bridges1 = ca1.bridges_get()?; assert_eq!(bridges1.len(), 1); - let ca2_cert = ca1 - .db() - .get_cert_by_id(bridges1[0].cert_id)? - .unwrap() - .pub_cert; + let ca2_cert = ca1.db().cert_by_id(bridges1[0].cert_id)?.unwrap().pub_cert; // import CA keys into GnuPG gnupg::import(&ctx, ca1_cert.as_bytes()); @@ -413,21 +405,13 @@ fn test_multi_bridge() -> Result<()> { // (this has the signed version of the ca2 pubkey) let bridges1 = ca1.bridges_get()?; assert_eq!(bridges1.len(), 1); - let ca2_cert = ca1 - .db() - .get_cert_by_id(bridges1[0].cert_id)? - .unwrap() - .pub_cert; + let ca2_cert = ca1.db().cert_by_id(bridges1[0].cert_id)?.unwrap().pub_cert; // get Cert for ca3 from ca2 bridge // (this has the tsig from ca3) let bridges2 = ca2.bridges_get()?; assert_eq!(bridges2.len(), 1); - let ca3_cert = ca2 - .db() - .get_cert_by_id(bridges2[0].cert_id)? - .unwrap() - .pub_cert; + let ca3_cert = ca2.db().cert_by_id(bridges2[0].cert_id)?.unwrap().pub_cert; // import CA certs into GnuPG gnupg::import(&ctx, ca1_cert.as_bytes()); @@ -548,11 +532,7 @@ fn test_scoping() -> Result<()> { // (this has the signed version of the ca2 pubkey) let bridges1 = ca1.bridges_get()?; assert_eq!(bridges1.len(), 1); - let ca2_cert = ca1 - .db() - .get_cert_by_id(bridges1[0].cert_id)? - .unwrap() - .pub_cert; + let ca2_cert = ca1.db().cert_by_id(bridges1[0].cert_id)?.unwrap().pub_cert; // import CA certs into GnuPG gnupg::import(&ctx, Pgp::cert_to_armored(&ca1_cert)?.as_bytes()); diff --git a/tests/test_oca.rs b/tests/test_oca.rs index 5718094..b21b445 100644 --- a/tests/test_oca.rs +++ b/tests/test_oca.rs @@ -918,7 +918,7 @@ fn test_refresh() -> Result<()> { assert_eq!(cert.len(), 1); let mut dave = cert[0].clone(); dave.inactive = true; - ca.db().update_cert(&dave)?; + ca.db().cert_update(&dave)?; // refresh all CA certifications that are valid for less than 30 days ca.certs_refresh_ca_certifications(30, 365)?; @@ -994,7 +994,7 @@ fn test_wkd_delist() -> Result<()> { assert_eq!(cert.len(), 1); let mut bob = cert[0].clone(); bob.delisted = true; - ca.db().update_cert(&bob)?; + ca.db().cert_update(&bob)?; // export to WKD let wkd_dir = home_path + "/wkd/"; |