Struct kanidmd_lib::filter::Filter
source · pub struct Filter<STATE> { /* private fields */ }
Expand description
A Filter
is a logical set of assertions about the state of an Entry
and
it’s avas. Filter
s are built from a set of possible assertions.
Pres
ence. An ava of that attribute’s name exists, with any value on theEntry
.Eq
uality. An ava of the attribute exists and contains this matching value.Sub
string. An ava of the attribute exists and has a substring containing the requested value.Or
. Contains multiple filters and asserts at least one is true.And
. Contains multiple filters and asserts all of them are true.AndNot
. This is different to a “logical not” operation. This asserts that a condition is not true in the current candidate set. A search ofAndNot
alone will yield not results, but anAndNot
in anAnd
query will assert that a condition can not hold.
Filter
s for security reasons are validated by the schema to assert all requested attributes
are valid and exist in the schema so that they can have their indexes correctly used. This avoids
a denial of service attack that may lead to full-table scans.
This Filter
validation state is in the STATE
attribute and will be either FilterInvalid
or FilterValid
. The Filter
must be checked by the schema to move to FilterValid
. This
helps to prevent errors at compile time to assert Filters
are secuerly. checked
Implementations§
source§impl Filter<FilterValidResolved>
impl Filter<FilterValidResolved>
pub fn to_inner(&self) -> &FilterResolved
source§impl Filter<FilterValid>
impl Filter<FilterValid>
pub fn invalidate(self) -> Filter<FilterInvalid>
pub fn resolve( &self, ev: &Identity, idxmeta: Option<&IdxMeta>, rsv_cache: Option<&mut ARCacheReadTxn<'_, (IdentityId, Filter<FilterValid>), Filter<FilterValidResolved>, ()>> ) -> Result<Filter<FilterValidResolved>, OperationError>
pub fn get_attr_set(&self) -> BTreeSet<&str>
pub fn into_recycled(self) -> Self
source§impl Filter<FilterInvalid>
impl Filter<FilterInvalid>
pub fn new(inner: FC<'_>) -> Self
pub fn new_recycled(inner: FC<'_>) -> Self
pub fn join_parts_and(a: Self, b: Self) -> Self
pub fn validate( &self, schema: &dyn SchemaTransaction ) -> Result<Filter<FilterValid>, SchemaError>
pub fn from_ro( ev: &Identity, f: &ProtoFilter, qs: &mut QueryServerReadTransaction<'_> ) -> Result<Self, OperationError>
pub fn from_rw( ev: &Identity, f: &ProtoFilter, qs: &mut QueryServerWriteTransaction<'_> ) -> Result<Self, OperationError>
pub fn from_ldap_ro( ev: &Identity, f: &LdapFilter, qs: &mut QueryServerReadTransaction<'_> ) -> Result<Self, OperationError>
Trait Implementations§
source§impl<STATE: Ord> Ord for Filter<STATE>
impl<STATE: Ord> Ord for Filter<STATE>
1.21.0 · source§fn max(self, other: Self) -> Selfwhere
Self: Sized,
fn max(self, other: Self) -> Selfwhere Self: Sized,
Compares and returns the maximum of two values. Read more
source§impl<STATE: PartialEq> PartialEq<Filter<STATE>> for Filter<STATE>
impl<STATE: PartialEq> PartialEq<Filter<STATE>> for Filter<STATE>
source§impl<STATE: PartialOrd> PartialOrd<Filter<STATE>> for Filter<STATE>
impl<STATE: PartialOrd> PartialOrd<Filter<STATE>> for Filter<STATE>
1.0.0 · source§fn le(&self, other: &Rhs) -> bool
fn le(&self, other: &Rhs) -> bool
This method tests less than or equal to (for
self
and other
) and is used by the <=
operator. Read more