fabi/PiCloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

style: cargo fmt across Phase 3.5 changes

Browse Source 
Pure formatting pass — no behavior changes. Catches the line-wrapping
drift across the new authz / api_keys / middleware / handler edits
that piled up during the implementation.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
MechaCat02
2026-05-26 22:21:37 +02:00
parent 063595be31
commit 2aab92af31
14 changed files with 166 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crates/picloud/src/lib.rs
View File

@@ -12,12 +12,12 @@ use picloud_executor_core::{Engine, Limits};
use picloud_manager_core::{
admin_router, admins_router, api_keys_router, apps_api, apps_router, auth_router,
compile_routes, migrations, require_authenticated, route_admin_router, AdminSessionRepository,
AdminState, AdminUserRepository, AdminsState, ApiKeyRepository, ApiKeysState, AppDomainRepository,
AppRepository, AppsState, AuthState, AuthzRepo, PostgresAdminSessionRepository,
PostgresAdminUserRepository, PostgresApiKeyRepository, PostgresAppDomainRepository,
PostgresAppMembersRepository, PostgresAppRepository, PostgresExecutionLogRepository,
PostgresExecutionLogSink, PostgresRouteRepository, PostgresScriptRepository, RepoResolver,
RouteAdminState, RouteRepository, SandboxCeiling,
AdminState, AdminUserRepository, AdminsState, ApiKeyRepository, ApiKeysState,
AppDomainRepository, AppRepository, AppsState, AuthState, AuthzRepo,
PostgresAdminSessionRepository, PostgresAdminUserRepository, PostgresApiKeyRepository,
PostgresAppDomainRepository, PostgresAppMembersRepository, PostgresAppRepository,
PostgresExecutionLogRepository, PostgresExecutionLogSink, PostgresRouteRepository,
PostgresScriptRepository, RepoResolver, RouteAdminState, RouteRepository, SandboxCeiling,
};
use picloud_orchestrator_core::routing::{AppDomainTable, RouteTable};
use picloud_orchestrator_core::{
@@ -164,9 +164,7 @@ pub async fn build_app(pool: PgPool, auth: AuthDeps) -> anyhow::Result<Router> {
keys: auth.keys.clone(),
authz,
};
let api_keys_state = ApiKeysState {
keys: auth.keys,
};
let api_keys_state = ApiKeysState { keys: auth.keys };
// /admin/auth/login + /logout are unguarded by design (login is how
// you get in). /admin/auth/me applies the middleware internally so

5
crates/picloud/src/main.rs
View File

@@ -100,7 +100,10 @@ async fn warn_on_multi_owner_install(users: &dyn AdminUserRepository) {
}
Ok(_) => {}
Err(err) => {
tracing::warn!(?err, "could not count active owners for multi-owner startup check");
tracing::warn!(
?err,
"could not count active owners for multi-owner startup check"
);
}
}
}

71
crates/picloud/tests/authz.rs
View File

@@ -57,7 +57,9 @@ async fn boot(pool: PgPool) -> Seeded {
.await
.expect("seed owner");
let app = picloud::build_app(pool.clone(), auth).await.expect("build_app");
let app = picloud::build_app(pool.clone(), auth)
.await
.expect("build_app");
let server = TestServer::new(app).expect("TestServer");
// Default app id (seeded by migration 0005).
@@ -109,18 +111,33 @@ async fn login_token(server: &TestServer, username: &str, password: &str) -> Str
/// at arbitrary roles. The API enforces "owners only create owners"
/// which is correct production behavior but inconvenient for test
/// fixtures.
async fn seed_user(pool: &PgPool, username: &str, password: &str, role: InstanceRole) -> AdminUserId {
async fn seed_user(
pool: &PgPool,
username: &str,
password: &str,
role: InstanceRole,
) -> AdminUserId {
let repo = PostgresAdminUserRepository::new(pool.clone());
let hash = hash_password(password).expect("hash");
repo.create(username, &hash, role).await.expect("seed user").id
repo.create(username, &hash, role)
.await
.expect("seed user")
.id
}
async fn grant_membership(pool: &PgPool, user: AdminUserId, app: AppId, role: AppRole) {
let repo = PostgresAppMembersRepository::new(pool.clone());
repo.upsert(app, user, role).await.expect("grant membership");
repo.upsert(app, user, role)
.await
.expect("grant membership");
}
async fn create_script_via_api(server: &TestServer, token: &str, app_id: AppId, name: &str) -> Value {
async fn create_script_via_api(
server: &TestServer,
token: &str,
app_id: AppId,
name: &str,
) -> Value {
let r = server
.post("/api/v1/admin/scripts")
.add_header("authorization", format!("Bearer {token}"))
@@ -135,11 +152,7 @@ async fn create_script_via_api(server: &TestServer, token: &str, app_id: AppId,
}
/// Mint an API key for the caller — wraps POST /api-keys.
async fn mint_key(
server: &TestServer,
cred_token: &str,
body: Value,
) -> axum_test::TestResponse {
async fn mint_key(server: &TestServer, cred_token: &str, body: Value) -> axum_test::TestResponse {
server
.post("/api/v1/admin/api-keys")
.add_header("authorization", format!("Bearer {cred_token}"))
@@ -329,7 +342,10 @@ async fn bearer_and_cookie_produce_same_principal(pool: PgPool) {
.await;
via_key.assert_status_ok();
assert_eq!(via_session.json::<Value>()["id"], via_key.json::<Value>()["id"]);
assert_eq!(
via_session.json::<Value>()["id"],
via_key.json::<Value>()["id"]
);
assert_eq!(
via_session.json::<Value>()["username"],
via_key.json::<Value>()["username"]
@@ -352,7 +368,10 @@ async fn read_only_key_cannot_write_scripts(pool: PgPool) {
)
.await;
mint.assert_status(axum::http::StatusCode::CREATED);
let raw = mint.json::<Value>()["raw_token"].as_str().unwrap().to_string();
let raw = mint.json::<Value>()["raw_token"]
.as_str()
.unwrap()
.to_string();
let denied = s
.server
@@ -399,7 +418,10 @@ async fn bound_key_cannot_escape_its_app(pool: PgPool) {
)
.await;
mint.assert_status(axum::http::StatusCode::CREATED);
let raw = mint.json::<Value>()["raw_token"].as_str().unwrap().to_string();
let raw = mint.json::<Value>()["raw_token"]
.as_str()
.unwrap()
.to_string();
// Writing into the bound app: allowed.
let ok = s
@@ -473,7 +495,11 @@ async fn member_list_endpoints_filter_at_sql(pool: PgPool) {
.iter()
.map(|a| a["slug"].as_str().unwrap().to_string())
.collect();
assert_eq!(app_slugs, vec!["default"], "member must see only their apps");
assert_eq!(
app_slugs,
vec!["default"],
"member must see only their apps"
);
let scripts = s
.server
@@ -489,8 +515,7 @@ async fn member_list_endpoints_filter_at_sql(pool: PgPool) {
.map(|s| s["name"].as_str().unwrap().to_string())
.collect();
assert!(
names.iter().any(|n| n == "default-script")
&& !names.iter().any(|n| n == "secret-script"),
names.iter().any(|n| n == "default-script") && !names.iter().any(|n| n == "secret-script"),
"member listing leaked another app's script: {names:?}"
);
}
@@ -515,7 +540,10 @@ async fn deactivating_user_revokes_their_api_keys(pool: PgPool) {
)
.await;
mint.assert_status(axum::http::StatusCode::CREATED);
let raw = mint.json::<Value>()["raw_token"].as_str().unwrap().to_string();
let raw = mint.json::<Value>()["raw_token"]
.as_str()
.unwrap()
.to_string();
// Key works.
let before = s
@@ -549,7 +577,9 @@ async fn deactivating_user_revokes_their_api_keys(pool: PgPool) {
rows.iter().all(|r| r.expires_at.is_some()),
"every key must have an expiry after deactivation"
);
assert!(rows.iter().all(|r| r.expires_at.unwrap() <= chrono::Utc::now()));
assert!(rows
.iter()
.all(|r| r.expires_at.unwrap() <= chrono::Utc::now()));
}
// ----------------------------------------------------------------------------
@@ -571,7 +601,10 @@ async fn bound_key_with_instance_scope_is_rejected(pool: PgPool) {
"app_id": s.default_app.to_string(),
}))
.await;
assert_eq!(r.status_code(), axum::http::StatusCode::UNPROCESSABLE_ENTITY);
assert_eq!(
r.status_code(),
axum::http::StatusCode::UNPROCESSABLE_ENTITY
);
let body: Value = r.json();
assert!(
body["error"].as_str().unwrap().contains("bound"),