server: split off ldap/search from ldap_handler

server/src/domain/ldap/utils.rs

@@ -331,3 +331,41 @@ pub fn get_custom_attribute(
             }
         })
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_is_subtree() {
+        let subtree1 = &[
+            ("ou".to_string(), "people".to_string()),
+            ("dc".to_string(), "example".to_string()),
+            ("dc".to_string(), "com".to_string()),
+        ];
+        let root = &[
+            ("dc".to_string(), "example".to_string()),
+            ("dc".to_string(), "com".to_string()),
+        ];
+        assert!(is_subtree(subtree1, root));
+        assert!(!is_subtree(&[], root));
+    }
+
+    #[test]
+    fn test_parse_distinguished_name() {
+        let parsed_dn = &[
+            ("ou".to_string(), "people".to_string()),
+            ("dc".to_string(), "example".to_string()),
+            ("dc".to_string(), "com".to_string()),
+        ];
+        assert_eq!(
+            parse_distinguished_name("ou=people,dc=example,dc=com").expect("parsing failed"),
+            parsed_dn
+        );
+        assert_eq!(
+            parse_distinguished_name(" ou  = people , dc = example , dc =  com ")
+                .expect("parsing failed"),
+            parsed_dn
+        );
+    }
+}

server/src/infra/access_control.rs

@@ -259,7 +259,7 @@ impl<Handler: BackendHandler> AccessControlledBackendHandler<Handler> {
 
 pub struct UserRestrictedListerBackendHandler<'a, Handler> {
     handler: &'a Handler,
-    pub user_filter: Option<UserId>,
+    user_filter: Option<UserId>,
 }
 
 #[async_trait]
@@ -325,10 +325,14 @@ impl<Handler: GroupListerBackendHandler + Sync> GroupListerBackendHandler
 pub trait UserAndGroupListerBackendHandler:
     UserListerBackendHandler + GroupListerBackendHandler
 {
+    fn user_filter(&self) -> &Option<UserId>;
 }
 
 #[async_trait]
 impl<Handler: GroupListerBackendHandler + UserListerBackendHandler + Sync>
     UserAndGroupListerBackendHandler for UserRestrictedListerBackendHandler<'_, Handler>
 {
+    fn user_filter(&self) -> &Option<UserId> {
+        &self.user_filter
+    }
 }

server/src/infra/ldap/mod.rs

@@ -0,0 +1,2 @@
+pub mod handler;
+pub mod search;

server/src/infra/ldap_server.rs

@@ -3,7 +3,7 @@ use crate::{
     infra::{
         access_control::AccessControlledBackendHandler,
         configuration::{Configuration, LdapsOptions},
-        ldap_handler::LdapHandler,
+        ldap::handler::LdapHandler,
     },
 };
 use actix_rt::net::TcpStream;

server/src/infra/mod.rs

@@ -7,7 +7,7 @@ pub mod db_cleaner;
 pub mod graphql;
 pub mod healthcheck;
 pub mod jwt_sql_tables;
-pub mod ldap_handler;
+pub mod ldap;
 pub mod ldap_server;
 pub mod logging;
 pub mod mail;