systemprompt_users/services/user/
provider.rs1use std::str::FromStr;
2
3use async_trait::async_trait;
4use systemprompt_identifiers::UserId;
5use systemprompt_traits::auth::{
6 AuthProviderError, AuthResult, AuthUser, RoleProvider, UserProvider,
7};
8
9use super::UserService;
10use crate::models::{User, UserRole};
11
12#[async_trait]
13impl UserProvider for UserService {
14 async fn find_by_id(&self, id: &UserId) -> AuthResult<Option<AuthUser>> {
15 self.find_by_id(id)
16 .await
17 .map(|opt| opt.map(|u| user_to_auth_user(&u)))
18 .map_err(|e| AuthProviderError::Internal(e.to_string()))
19 }
20
21 async fn find_by_email(&self, email: &str) -> AuthResult<Option<AuthUser>> {
22 Self::find_by_email(self, email)
23 .await
24 .map(|opt| opt.map(|u| user_to_auth_user(&u)))
25 .map_err(|e| AuthProviderError::Internal(e.to_string()))
26 }
27
28 async fn find_by_name(&self, name: &str) -> AuthResult<Option<AuthUser>> {
29 Self::find_by_name(self, name)
30 .await
31 .map(|opt| opt.map(|u| user_to_auth_user(&u)))
32 .map_err(|e| AuthProviderError::Internal(e.to_string()))
33 }
34
35 async fn create_user(
36 &self,
37 name: &str,
38 email: &str,
39 full_name: Option<&str>,
40 ) -> AuthResult<AuthUser> {
41 Self::create(self, name, email, full_name, full_name)
42 .await
43 .map(|u| user_to_auth_user(&u))
44 .map_err(|e| AuthProviderError::Internal(e.to_string()))
45 }
46
47 async fn create_anonymous(&self, fingerprint: &str) -> AuthResult<AuthUser> {
48 Self::create_anonymous(self, fingerprint)
49 .await
50 .map(|u| user_to_auth_user(&u))
51 .map_err(|e| AuthProviderError::Internal(e.to_string()))
52 }
53
54 async fn assign_roles(&self, user_id: &UserId, roles: &[String]) -> AuthResult<()> {
55 Self::assign_roles(self, user_id, roles)
56 .await
57 .map(|_| ())
58 .map_err(|e| AuthProviderError::Internal(e.to_string()))
59 }
60}
61
62fn user_to_auth_user(user: &User) -> AuthUser {
63 AuthUser {
64 id: UserId::new(user.id.to_string()),
65 name: user.name.clone(),
66 email: user.email.clone(),
67 roles: user.roles.clone(),
68 is_active: user.is_active(),
69 }
70}
71
72#[async_trait]
73impl RoleProvider for UserService {
74 async fn get_roles(&self, user_id: &UserId) -> AuthResult<Vec<String>> {
75 match Self::find_by_id(self, user_id).await {
76 Ok(Some(user)) => Ok(user.roles),
77 Ok(None) => Err(AuthProviderError::UserNotFound),
78 Err(e) => Err(AuthProviderError::Internal(e.to_string())),
79 }
80 }
81
82 async fn assign_role(&self, user_id: &UserId, role: &str) -> AuthResult<()> {
83 let user = match Self::find_by_id(self, user_id).await {
84 Ok(Some(u)) => u,
85 Ok(None) => return Err(AuthProviderError::UserNotFound),
86 Err(e) => return Err(AuthProviderError::Internal(e.to_string())),
87 };
88
89 let mut roles = user.roles;
90 let role_str = role.to_string();
91 if !roles.contains(&role_str) {
92 roles.push(role_str);
93 }
94
95 Self::assign_roles(self, user_id, &roles)
96 .await
97 .map(|_| ())
98 .map_err(|e| AuthProviderError::Internal(e.to_string()))
99 }
100
101 async fn revoke_role(&self, user_id: &UserId, role: &str) -> AuthResult<()> {
102 let user = match Self::find_by_id(self, user_id).await {
103 Ok(Some(u)) => u,
104 Ok(None) => return Err(AuthProviderError::UserNotFound),
105 Err(e) => return Err(AuthProviderError::Internal(e.to_string())),
106 };
107
108 let roles: Vec<String> = user.roles.into_iter().filter(|r| r != role).collect();
109
110 Self::assign_roles(self, user_id, &roles)
111 .await
112 .map(|_| ())
113 .map_err(|e| AuthProviderError::Internal(e.to_string()))
114 }
115
116 async fn list_users_by_role(&self, role: &str) -> AuthResult<Vec<AuthUser>> {
117 let Ok(user_role) = UserRole::from_str(role) else {
118 return Ok(vec![]);
119 };
120
121 Self::find_by_role(self, user_role)
122 .await
123 .map(|users| users.iter().map(user_to_auth_user).collect())
124 .map_err(|e| AuthProviderError::Internal(e.to_string()))
125 }
126}