diff --git a/src/cmd/check.rs b/src/cmd/check.rs index 632bff8..927f62d 100644 --- a/src/cmd/check.rs +++ b/src/cmd/check.rs @@ -14,8 +14,7 @@ impl Profile { self.settings.host_pubkey.as_str(), ) .inner() - .into_values() - .map(|p| { + .into_values().try_for_each(|p| { debug!("checking in-store path: {}", p.path.display()); if !p.path.exists() { error!("path not found: {}", p.path.display()); @@ -25,6 +24,5 @@ impl Profile { } Ok(()) }) - .collect() } } diff --git a/src/cmd/deploy.rs b/src/cmd/deploy.rs index 72fbe9e..189a1c4 100644 --- a/src/cmd/deploy.rs +++ b/src/cmd/deploy.rs @@ -50,7 +50,11 @@ fn deploy_to_fs( .map_err(|e| eyre!("parse octal permission err: {}", e))?; let permissions = Permissions::from_mode(mode); - let file = OpenOptions::new().create(true).write(true).open(p)?; + let file = OpenOptions::new() + .create(true) + .truncate(true) + .write(true) + .open(p)?; file.set_permissions(permissions)?; @@ -120,7 +124,7 @@ impl Profile { let res = match self.read_decrypted_mount_point() { Err(e) if e.kind() == ErrorKind::NotFound => { let support_ramfs = - SupportedFilesystems::new().and_then(|fss| Ok(fss.is_supported("ramfs"))); + SupportedFilesystems::new().map(|fss| fss.is_supported("ramfs")); if !support_ramfs? { let err = "ramfs not supported! Refusing extract secret since it will write to disk"; @@ -203,10 +207,10 @@ impl Profile { .wrap_err(eyre!( "cannot create target extract dir with generation number" )) - .and_then(|p| { - let _ = fs::set_permissions(&p, Permissions::from_mode(0o751)) - .wrap_err(eyre!("set permission")); - Ok(p) + .inspect(|p| { + fs::set_permissions(p, Permissions::from_mode(0o751)) + .wrap_err(eyre!("set permission")) + .expect("set permission"); })? }; @@ -222,7 +226,7 @@ impl Profile { .expect("err"); }); - if self.templates.len() != 0 { + if !self.templates.is_empty() { info!("start deploy templates"); use sha2::{Digest, Sha256}; @@ -236,7 +240,7 @@ impl Profile { let hashstr_ctx_map: HashMap, &Vec> = plain_map .inner_ref() .iter() - .map(|(k, v)| (get_hashed_id(*k), v)) + .map(|(k, v)| (get_hashed_id(k), v)) .collect(); self.templates.clone().iter().for_each(|(_, t)| { @@ -285,10 +289,8 @@ mod tests { fn parse_ssh_host_pub_key() { // all 0x01 let cipher_str = "age1qyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqs3290gq"; - if let Ok(_) = age::ssh::Recipient::from_str(&cipher_str) { - assert!(true) - } else { - let _ = age::x25519::Recipient::from_str(&cipher_str).unwrap(); + if age::ssh::Recipient::from_str(cipher_str).is_err() { + let _ = age::x25519::Recipient::from_str(cipher_str).unwrap(); } } } diff --git a/src/cmd/renc.rs b/src/cmd/renc.rs index b8ab96a..2d23232 100644 --- a/src/cmd/renc.rs +++ b/src/cmd/renc.rs @@ -27,7 +27,7 @@ impl Profile { ); // check if flake root - if !fs::read_dir(&flake_root)?.into_iter().any(|e| { + if !fs::read_dir(&flake_root)?.any(|e| { e.is_ok_and(|ie| { ie.file_name() .into_string() @@ -44,7 +44,8 @@ impl Profile { let renc_path = { let mut p = flake_root.clone(); p.push(self.settings.storage_location.clone()); - if let Err(_) = p.canonicalize() { + // pretend err is not found + if p.canonicalize().is_err() { fs::create_dir_all(&p).wrap_err_with(|| eyre!("create storageLocation error"))? }; p.canonicalize()?; @@ -67,7 +68,7 @@ impl Profile { let key = key_pair.get_identity(); let recip = self.get_host_recip()?; - if let Err(e) = data.map.makeup(vec![recip], &**key) { + if let Err(e) = data.map.makeup(vec![recip], key) { return Err(eyre!("makeup error: {}", e)); } else { let o = add_to_store(renc_path)?; diff --git a/src/helper/callback.rs b/src/helper/callback.rs index b5aefff..662cc7e 100644 --- a/src/helper/callback.rs +++ b/src/helper/callback.rs @@ -73,9 +73,9 @@ pub fn read_secret( .with_prompt(prompt) .with_timeout(30); if let Some(confirm_prompt) = confirm { - input.with_confirmation(confirm_prompt, &mismatch_error); + input.with_confirmation(confirm_prompt, mismatch_error); } else { - input.required(&empty_error); + input.required(empty_error); } input.interact() } else { diff --git a/src/helper/parse_identity.rs b/src/helper/parse_identity.rs index 18898e9..3944b88 100644 --- a/src/helper/parse_identity.rs +++ b/src/helper/parse_identity.rs @@ -16,11 +16,11 @@ impl ParsedIdentity { recipient, } } - pub fn get_identity(&self) -> &Box { - &self.identity + pub fn get_identity(&self) -> &dyn Identity { + self.identity.as_ref() } - pub fn _get_recipient(&self) -> &Box { - &self.recipient + pub fn _get_recipient(&self) -> &dyn Recipient { + self.recipient.as_ref() } } @@ -32,9 +32,9 @@ impl TryInto for RawIdentity { pubkey: _, // not required. gen from prv key so fast. } = self; if identity.is_empty() { - return Err(eyre!( + Err(eyre!( "No identity found, require `vaultix.settings.identity`." - )); + )) } else { macro_rules! create { ($method:ident, $err_context:expr) => {{ @@ -52,7 +52,7 @@ impl TryInto for RawIdentity { let recip = create!(to_recipients, "into recip fail"); - return Ok(ParsedIdentity::from_exist(ident, recip)); + Ok(ParsedIdentity::from_exist(ident, recip)) } } } diff --git a/src/helper/secret_buf.rs b/src/helper/secret_buf.rs index 2678edf..ff90929 100644 --- a/src/helper/secret_buf.rs +++ b/src/helper/secret_buf.rs @@ -31,7 +31,7 @@ impl SecBuf { use eyre::Result; impl SecBuf { - pub fn buf_ref<'a>(&'a self) -> &'a Vec { + pub fn buf_ref(&self) -> &Vec { self.buf.as_ref() } pub fn decrypt(&self, ident: &dyn Identity) -> Result> { @@ -115,7 +115,7 @@ mod tests { let _ = buf .renc( &key as &dyn Identity, - Rc::new(age::x25519::Recipient::from_str(&new_recip_str).unwrap()) + Rc::new(age::x25519::Recipient::from_str(new_recip_str).unwrap()) as Rc, ) .unwrap(); diff --git a/src/helper/stored.rs b/src/helper/stored.rs index 3254a2f..6f69ed5 100644 --- a/src/helper/stored.rs +++ b/src/helper/stored.rs @@ -95,20 +95,21 @@ macro_rules! impl_from_iterator_for_secmap { } impl_from_iterator_for_secmap!(Vec, blake3::Hash, UniPath, SecBuf); -macro_rules! impl_into_secmap_for_themap { +macro_rules! impl_from_for_secmap { ($($t:ty),*) => { $( - impl<'a> Into>> - for HashMap<&'a profile::Secret, SecPBWith<$t>> + impl<'a> From>> + for SecMap<'a, SecPBWith<$t>> { - fn into(self) -> SecMap<'a, SecPBWith<$t>> { - SecMap::>(self) + fn from(map: HashMap<&'a profile::Secret, SecPBWith<$t>>) -> Self { + SecMap::>(map) } } )* }; } -impl_into_secmap_for_themap!(InCfg, InStore); + +impl_from_for_secmap!(InCfg, InStore); #[derive(Debug, Clone)] pub struct SecMap<'a, P>(HashMap<&'a profile::Secret, P>); @@ -167,7 +168,7 @@ impl<'a> SecMap<'a, SecPBWith> { pub fn bake_ctx(self) -> Result>> { self.inner() .into_iter() - .map(|(k, v)| v.read_buffer().and_then(|b| Ok((k, SecBuf::from(b))))) + .map(|(k, v)| v.read_buffer().map(|b| (k, SecBuf::from(b)))) .try_collect::>>() } } @@ -193,7 +194,7 @@ pub struct Renc<'a> { impl<'a> Renc<'a> { pub fn create(secrets: &'a SecretSet, host_dir: PathBuf, host_recip: &'a str) -> Self { let instore = SecMap::>::create(secrets); - let incfg = SecMap::>::create(&secrets, host_dir.clone(), host_recip); + let incfg = SecMap::>::create(secrets, host_dir.clone(), host_recip); incfg.clean_old(host_dir.clone()).expect("success"); let map = incfg .inner() @@ -219,7 +220,7 @@ impl<'a> Renc<'a> { .inner() .into_iter() .filter_map(|(k, v)| { - let enc_hash = v.store.calc_hash(&self.host_recip).ok()?; + let enc_hash = v.store.calc_hash(self.host_recip).ok()?; let mut renc_path = self.host_dir.clone(); renc_path.push(enc_hash.to_string()); if renc_path.exists() { @@ -238,29 +239,27 @@ impl<'a> Renc<'a> { impl<'a> SecMap<'a, UniPath> { pub fn makeup(self, recips: Vec>, ident: &dyn Identity) -> Result<()> { - self.inner() - .into_iter() - .map(|(_sec, sec_path)| { - let UniPath { store, real } = sec_path; - use std::io::Write; - - trace!("re-encrypted output path {}", real.path.display()); - let enc_ctx = store.read_buffer().expect("read buffer in store err"); - // rencrypt - let renc_ctx = SecBuf::::new(enc_ctx) - .renc(ident, recips.first().expect("have").clone()) - .expect("renc_ctx err"); - - let mut target_file = fs::OpenOptions::new() - .write(true) - .create(true) - .open(real.path.clone())?; - - target_file - .write_all(renc_ctx.buf_ref()) - .wrap_err_with(|| eyre!("write renc file error")) - }) - .collect() + self.inner().into_values().try_for_each(|sec_path| { + let UniPath { store, real } = sec_path; + use std::io::Write; + + trace!("re-encrypted output path {}", real.path.display()); + let enc_ctx = store.read_buffer().expect("read buffer in store err"); + // rencrypt + let renc_ctx = SecBuf::::new(enc_ctx) + .renc(ident, recips.first().expect("have").clone()) + .expect("renc_ctx err"); + + let mut target_file = fs::OpenOptions::new() + .write(true) + .create(true) + .truncate(true) + .open(real.path.clone())?; + + target_file + .write_all(renc_ctx.buf_ref()) + .wrap_err_with(|| eyre!("write renc file error")) + }) } } diff --git a/src/helper/template.rs b/src/helper/template.rs index 8a327cd..62e8cba 100644 --- a/src/helper/template.rs +++ b/src/helper/template.rs @@ -17,14 +17,11 @@ fn parse_braced_hash(input: &str) -> IResult<&str, &str, Error<&str>> { fn pars<'a>(text: &'a str, res: &mut Vec<&'a str>) { if let Ok((brace_start_then, _)) = is_not::<&str, &str, Error<&str>>("{")(text) { - match parse_braced_hash(brace_start_then) { - Ok((remain, hashes)) => { - res.push(hashes); - if !remain.is_empty() { - pars(remain, res); - } + if let Ok((remain, hashes)) = parse_braced_hash(brace_start_then) { + res.push(hashes); + if !remain.is_empty() { + pars(remain, res); } - Err(_) => {} }; }; } @@ -63,7 +60,7 @@ mod tests { }; assert_eq!( hex!("dcd789434d890685da841b8db8a02b0173b90eac3774109ba9bca1b81440aa93"), - t.parse_hash_str_list().unwrap().get(0).unwrap().as_bytes() + t.parse_hash_str_list().unwrap().first().unwrap().as_bytes() ) } #[test] @@ -77,7 +74,7 @@ mod tests { let l = t.parse_hash_str_list().unwrap(); assert_eq!( hex!("dcd789434d890685da841b8db8a02b0173b90eac3774109ba9bca1b81440aa93"), - l.get(0).unwrap().as_slice() + l.first().unwrap().as_slice() ); assert_eq!( hex!("cd789434d890685da841b8db8a02b0173b90eac3774109ba9bca1b81440a2a93"), @@ -95,7 +92,7 @@ mod tests { let l = t.parse_hash_str_list().unwrap(); assert_eq!( hex!("cd789434d890685da841b8db8a02b0173b90eac3774109ba9bca1b81440a2a93"), - l.get(0).unwrap().as_slice() + l.first().unwrap().as_slice() ) } #[test] @@ -109,7 +106,7 @@ mod tests { let l = t.parse_hash_str_list().unwrap(); assert_eq!( hex!("cd789434d890685da841b8db8a02b0173b90eac3774109ba9bca1b81440a2a93"), - l.get(0).unwrap().as_slice() + l.first().unwrap().as_slice() ) } #[test] @@ -120,7 +117,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_brace() { @@ -130,7 +127,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_multi_line_truncate() { @@ -141,7 +138,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_multi_line_truncate_type1() { @@ -152,7 +149,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_pad() { @@ -162,7 +159,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_char_not_hex() { @@ -172,7 +169,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_no_hash() { @@ -182,7 +179,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_invalid_length_of_hash() { @@ -192,7 +189,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_open() { @@ -202,7 +199,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_whatever() { @@ -212,7 +209,7 @@ mod tests { content: String::from(str), ..Template::default() }; - assert!(t.parse_hash_str_list().unwrap().len() == 0) + assert!(t.parse_hash_str_list().unwrap().is_empty()) } #[test] fn parse_template_fuzz_crash_1() {