Merge branch 'main' into v5

biscuit-auth · Jul 26, 2024 · 22bd667 · 22bd667
2 parents 525c278 + c2618db
commit 22bd667
Show file tree

Hide file tree

Showing 12 changed files with 43 additions and 58 deletions.
diff --git a/biscuit-auth/examples/verifying_printer.rs b/biscuit-auth/examples/verifying_printer.rs
@@ -16,7 +16,7 @@ fn main() {
  &hex::decode("acdd6d5b53bfee478bf689f8e012fe7988bf755e3d7c5152947abc149bc20189").unwrap(),
  )
  .unwrap();
- let token = biscuit_auth::Biscuit::from(&data[..], &root).unwrap();
+ let token = biscuit_auth::Biscuit::from(&data[..], root).unwrap();
 
  println!("Token content:");
  for i in 0..token.block_count() {

diff --git a/biscuit-auth/src/crypto/mod.rs b/biscuit-auth/src/crypto/mod.rs
@@ -201,7 +201,7 @@ impl FromStr for PublicKey {
 
 impl Display for PublicKey {
  fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
- write!(f, "ed25519/{}", hex::encode(&self.to_bytes()))
+ write!(f, "ed25519/{}", hex::encode(self.to_bytes()))
  }
 }
 

diff --git a/biscuit-auth/src/datalog/mod.rs b/biscuit-auth/src/datalog/mod.rs
@@ -137,12 +137,12 @@ impl Rule {
 
  CombineIt::new(variables, &self.body, facts, symbols)
  .map(move |(origin, variables)| {
- let mut temporary_symbols = TemporarySymbolTable::new(&symbols);
+ let mut temporary_symbols = TemporarySymbolTable::new(symbols);
  for e in self.expressions.iter() {
  match e.evaluate(&variables, &mut temporary_symbols) {
  Ok(Term::Bool(true)) => {}
  Ok(Term::Bool(false)) => return Ok((origin, variables, false)),
- Ok(_) => return Err(error::Expression::InvalidType.into()),
+ Ok(_) => return Err(error::Expression::InvalidType),
  Err(e) => {
  //println!("expr returned {:?}", res);
  return Err(e);
@@ -209,7 +209,7 @@ impl Rule {
  for (_, variables) in CombineIt::new(variables, &self.body, fact_it, symbols) {
  found = true;
 
- let mut temporary_symbols = TemporarySymbolTable::new(&symbols);
+ let mut temporary_symbols = TemporarySymbolTable::new(symbols);
  for e in self.expressions.iter() {
  match e.evaluate(&variables, &mut temporary_symbols) {
  Ok(Term::Bool(true)) => {}
@@ -780,7 +780,7 @@ impl FactSet {
  .flatten()
  }
 
- pub fn iter_all<'a>(&'a self) -> impl Iterator<Item = (&Origin, &Fact)> + Clone {
+ pub fn iter_all(&self) -> impl Iterator<Item = (&Origin, &Fact)> + Clone {
  self.inner
  .iter()
  .flat_map(move |(ids, facts)| facts.iter().map(move |fact| (ids, fact)))
@@ -834,7 +834,7 @@ impl RuleSet {
  }
  }
 
- pub fn iter_all<'a>(&'a self) -> impl Iterator<Item = (&TrustedOrigins, &Rule)> + Clone {
+ pub fn iter_all(&self) -> impl Iterator<Item = (&TrustedOrigins, &Rule)> + Clone {
  self.inner
  .iter()
  .flat_map(move |(ids, rules)| rules.iter().map(move |(_, rule)| (ids, rule)))
@@ -958,7 +958,7 @@ pub fn contains_v4_op(expressions: &[Expression]) -> bool {
  _ => return false,
  }
  }
- return false;
+ false
  })
  })
 }
@@ -1668,7 +1668,7 @@ mod tests {
  println!("\t{}", syms.print_fact(fact));
  }
 
- assert!(res.len() == 0);
+ assert!(res.is_empty());
 
  let res = w
  .query_rule(
@@ -1691,7 +1691,7 @@ mod tests {
  println!("\t{}", syms.print_fact(fact));
  }
 
- assert!(res.len() == 0);
+ assert!(res.is_empty());
  }
 
  #[test]
@@ -1787,6 +1787,6 @@ mod tests {
  for (_, fact) in res.iter_all() {
  println!("\t{}", syms.print_fact(fact));
  }
- assert!(res.len() == 0);
+ assert!(res.is_empty());
  }
 }
diff --git a/biscuit-auth/src/datalog/symbol.rs b/biscuit-auth/src/datalog/symbol.rs
@@ -184,7 +184,7 @@ impl SymbolTable {
  match term {
  Term::Variable(i) => format!("${}", self.print_symbol_default(*i as u64)),
  Term::Integer(i) => i.to_string(),
- Term::Str(index) => format!("\"{}\"", self.print_symbol_default(*index as u64)),
+ Term::Str(index) => format!("\"{}\"", self.print_symbol_default(*index)),
  Term::Date(d) => OffsetDateTime::from_unix_timestamp(*d as i64)
  .ok()
  .and_then(|t| t.format(&Rfc3339).ok())
@@ -330,7 +330,7 @@ impl<'a> TemporarySymbolTable<'a> {
 
  pub fn insert(&mut self, s: &str) -> SymbolIndex {
  if let Some(index) = self.base.get(s) {
- return index as u64;
+ return index;
  }
 
  match self.symbols.iter().position(|sym| sym.as_str() == s) {

diff --git a/biscuit-auth/src/format/convert.rs b/biscuit-auth/src/format/convert.rs
@@ -198,7 +198,7 @@ pub fn proto_snapshot_block_to_token_block(
 
  let external_key = match &input.external_key {
  None => None,
- Some(key) => Some(PublicKey::from_proto(&key)?),
+ Some(key) => Some(PublicKey::from_proto(key)?),
  };
 
  Ok(Block {

diff --git a/biscuit-auth/src/token/authorizer.rs b/biscuit-auth/src/token/authorizer.rs
@@ -184,26 +184,11 @@ impl Authorizer {
  /// you can use this to save a set of policies and load them quickly before
  /// verification. This will not store data obtained or generated from a token.
  pub fn save(&self) -> Result<AuthorizerPolicies, error::Token> {
- let facts = self
- .authorizer_block_builder
- .facts
- .iter()
- .cloned()
- .collect();
+ let facts = self.authorizer_block_builder.facts.to_vec();
 
- let rules = self
- .authorizer_block_builder
- .rules
- .iter()
- .cloned()
- .collect();
+ let rules = self.authorizer_block_builder.rules.to_vec();
 
- let checks = self
- .authorizer_block_builder
- .checks
- .iter()
- .cloned()
- .collect();
+ let checks = self.authorizer_block_builder.checks.to_vec();
 
  Ok(AuthorizerPolicies {
  version: crate::token::MAX_SCHEMA_VERSION,
@@ -841,7 +826,7 @@ impl Authorizer {
  errors.push(error::FailedCheck::Block(error::FailedBlockCheck {
  block_id: 0u32,
  check_id: j as u32,
- rule: self.symbols.print_check(&check),
+ rule: self.symbols.print_check(check),
  }));
  }
  }
@@ -880,7 +865,7 @@ impl Authorizer {
  }
 
  if let Some(blocks) = self.blocks.as_ref() {
- for (i, block) in (&blocks[1..]).iter().enumerate() {
+ for (i, block) in (blocks[1..]).iter().enumerate() {
  let block_trusted_origins = TrustedOrigins::from_scopes(
  &block.scopes,
  &TrustedOrigins::default(),
@@ -940,7 +925,7 @@ impl Authorizer {
  errors.push(error::FailedCheck::Block(error::FailedBlockCheck {
  block_id: (i + 1) as u32,
  check_id: j as u32,
- rule: self.symbols.print_check(&check),
+ rule: self.symbols.print_check(check),
  }));
  }
  }
@@ -1010,21 +995,21 @@ impl Authorizer {
  let _ = writeln!(f, "{fact};");
  }
  if !facts.is_empty() {
- let _ = writeln!(f, "");
+ let _ = writeln!(f);
  }
 
  for rule in &rules {
  let _ = writeln!(f, "{rule};");
  }
  if !rules.is_empty() {
- let _ = writeln!(f, "");
+ let _ = writeln!(f);
  }
 
  for check in &checks {
  let _ = writeln!(f, "{check};");
  }
  if !checks.is_empty() {
- let _ = writeln!(f, "");
+ let _ = writeln!(f);
  }
 
  for policy in &policies {

diff --git a/biscuit-auth/src/token/authorizer/snapshot.rs b/biscuit-auth/src/token/authorizer/snapshot.rs
@@ -61,7 +61,7 @@ impl super::Authorizer {
  let policies = world
  .authorizer_policies
  .iter()
- .map(|policy| proto_policy_to_policy(&policy, &symbols, version))
+ .map(|policy| proto_policy_to_policy(policy, &symbols, version))
  .collect::<Result<Vec<Policy>, error::Format>>()?;
 
  let mut authorizer = super::Authorizer::new();

diff --git a/biscuit-auth/src/token/block.rs b/biscuit-auth/src/token/block.rs
@@ -98,8 +98,8 @@ impl Block {
  })
  .collect::<Result<Vec<Check>, error::Format>>()?,
  context: self.context.clone(),
- version: self.version.clone(),
- external_key: self.external_key.clone(),
+ version: self.version,
+ external_key: self.external_key,
  public_keys: self.public_keys.clone(),
  scopes: self
  .scopes

diff --git a/biscuit-auth/src/token/builder.rs b/biscuit-auth/src/token/builder.rs
@@ -231,22 +231,22 @@ impl BlockBuilder {
  facts: block
  .facts
  .iter()
- .map(|f| Fact::convert_from(f, &symbols))
+ .map(|f| Fact::convert_from(f, symbols))
  .collect::<Result<Vec<Fact>, error::Format>>()?,
  rules: block
  .rules
  .iter()
- .map(|r| Rule::convert_from(r, &symbols))
+ .map(|r| Rule::convert_from(r, symbols))
  .collect::<Result<Vec<Rule>, error::Format>>()?,
  checks: block
  .checks
  .iter()
- .map(|c| Check::convert_from(c, &symbols))
+ .map(|c| Check::convert_from(c, symbols))
  .collect::<Result<Vec<Check>, error::Format>>()?,
  scopes: block
  .scopes
  .iter()
- .map(|s| Scope::convert_from(s, &symbols))
+ .map(|s| Scope::convert_from(s, symbols))
  .collect::<Result<Vec<Scope>, error::Format>>()?,
  context: block.context.clone(),
  })
@@ -1913,7 +1913,7 @@ impl From<i64> for Term {
 #[cfg(feature = "datalog-macro")]
 impl ToAnyParam for i64 {
  fn to_any_param(&self) -> AnyParam {
- AnyParam::Term((*self as i64).into())
+ AnyParam::Term((*self).into())
  }
 }
 
@@ -1939,7 +1939,7 @@ impl From<bool> for Term {
 #[cfg(feature = "datalog-macro")]
 impl ToAnyParam for bool {
  fn to_any_param(&self) -> AnyParam {
- AnyParam::Term((*self as bool).into())
+ AnyParam::Term((*self).into())
  }
 }
 

diff --git a/biscuit-auth/src/token/mod.rs b/biscuit-auth/src/token/mod.rs
@@ -634,7 +634,7 @@ fn print_block(symbols: &SymbolTable, block: &Block) -> String {
  block.symbols.strings(),
  block.version,
  block.context.as_deref().unwrap_or(""),
- block.external_key.as_ref().map(|k| hex::encode(k.to_bytes())).unwrap_or_else(String::new),
+ block.external_key.as_ref().map(|k| hex::encode(k.to_bytes())).unwrap_or_default(),
  block.public_keys.keys.iter().map(|k | hex::encode(k.to_bytes())).collect::<Vec<_>>(),
  block.scopes,
  facts,
@@ -763,7 +763,7 @@ mod tests {
  */
 
  let serialized2 = {
- let biscuit1_deser = Biscuit::from(&serialized1, &root.public()).unwrap();
+ let biscuit1_deser = Biscuit::from(&serialized1, root.public()).unwrap();
 
  // new check: can only have read access1
  let mut block2 = BlockBuilder::new();
@@ -819,7 +819,7 @@ mod tests {
  println!("generated biscuit token 3: {} bytes", serialized3.len());
  //panic!();
 
- let final_token = Biscuit::from(&serialized3, &root.public()).unwrap();
+ let final_token = Biscuit::from(&serialized3, root.public()).unwrap();
  println!("final token:\n{}", final_token);
  {
  let mut authorizer = final_token.authorizer().unwrap();
@@ -1062,7 +1062,7 @@ mod tests {
  let sealed = biscuit2.seal().unwrap().to_vec().unwrap();
  //println!("biscuit2 sealed ({} bytes):\n{}", sealed.len(), sealed.to_hex(16));
 
- let biscuit3 = Biscuit::from(&sealed, &root.public()).unwrap();
+ let biscuit3 = Biscuit::from(sealed, root.public()).unwrap();
 
  {
  let mut authorizer = biscuit3.authorizer().unwrap();
@@ -1429,7 +1429,7 @@ mod tests {
  //println!("generated biscuit token 2: {} bytes\n{}", serialized2.len(), serialized2.to_hex(16));
  println!("generated biscuit token 2: {} bytes", serialized2.len());
 
- let final_token = Biscuit::from(&serialized2, &root.public()).unwrap();
+ let final_token = Biscuit::from(&serialized2, root.public()).unwrap();
  println!("final token:\n{}", final_token);
 
  let mut authorizer = final_token.authorizer().unwrap();

diff --git a/biscuit-parser/src/parser.rs b/biscuit-parser/src/parser.rs
@@ -372,7 +372,7 @@ fn scope(i: &str) -> IResult<&str, builder::Scope, Error> {
  alt((
  map(tag("authority"), |_| builder::Scope::Authority),
  map(tag("previous"), |_| builder::Scope::Previous),
- map(public_key, |bytes| builder::Scope::PublicKey(bytes)),
+ map(public_key, builder::Scope::PublicKey),
  map(delimited(char('{'), name, char('}')), |n| {
  builder::Scope::Parameter(n.to_string())
  }),
@@ -785,7 +785,7 @@ fn parse_hex(i: &str) -> IResult<&str, Vec<u8>, Error> {
  map_res(
  take_while1(|c| {
  let c = c as u8;
- (b'0'..=b'9').contains(&c) || (b'a'..=b'f').contains(&c) || (b'A'..=b'F').contains(&c)
+ c.is_ascii_digit() || (b'a'..=b'f').contains(&c) || (b'A'..=b'F').contains(&c)
  }),
  hex::decode,
  )(i)

diff --git a/biscuit-quote/src/lib.rs b/biscuit-quote/src/lib.rs
@@ -511,7 +511,7 @@ pub fn rule(input: proc_macro::TokenStream) -> proc_macro::TokenStream {
  // here. The block management happens only at compile-time, so it won't
  // affect runtime performance.
  let ty = syn::parse_quote!(::biscuit_auth::builder::BlockBuilder);
- let builder = Builder::block_source(ty, None, &datalog, parameters)
+ let builder = Builder::block_source(ty, None, datalog, parameters)
  .unwrap_or_else(|e| abort_call_site!(e.to_string()));
 
  let mut rule_item = if let Some(r) = builder.rules.first() {
@@ -579,7 +579,7 @@ pub fn fact(input: proc_macro::TokenStream) -> proc_macro::TokenStream {
  // here. The block management happens only at compile-time, so it won't
  // affect runtime performance.
  let ty = syn::parse_quote!(::biscuit_auth::builder::BlockBuilder);
- let builder = Builder::block_source(ty, None, &datalog, parameters)
+ let builder = Builder::block_source(ty, None, datalog, parameters)
  .unwrap_or_else(|e| abort_call_site!(e.to_string()));
 
  let mut fact_item = if let Some(f) = builder.facts.first() {
@@ -647,7 +647,7 @@ pub fn check(input: proc_macro::TokenStream) -> proc_macro::TokenStream {
  // here. The block management happens only at compile-time, so it won't
  // affect runtime performance.
  let ty = syn::parse_quote!(::biscuit_auth::builder::BlockBuilder);
- let builder = Builder::block_source(ty, None, &datalog, parameters)
+ let builder = Builder::block_source(ty, None, datalog, parameters)
  .unwrap_or_else(|e| abort_call_site!(e.to_string()));
 
  let mut check_item = if let Some(c) = builder.checks.first() {
@@ -715,7 +715,7 @@ pub fn policy(input: proc_macro::TokenStream) -> proc_macro::TokenStream {
  // here. The block management happens only at compile-time, so it won't
  // affect runtime performance.
  let ty = syn::parse_quote!(::biscuit_auth::Authorizer);
- let builder = Builder::source(ty, None, &datalog, parameters)
+ let builder = Builder::source(ty, None, datalog, parameters)
  .unwrap_or_else(|e| abort_call_site!(e.to_string()));
 
  let mut policy_item = if let Some(p) = builder.policies.first() {