flow_application/

connections.rs

//! Connection profile persistence.
//!
//! Profile metadata (host / port / user / protocol / rejectUnauthorized) is
//! stored as JSON at `<dir>/connections.json` - single file, single array.
//! Secrets (passwords / tokens) live in the OS keyring under
//! `flow-security`'s `zowe:<id>` account, never on disk.
//!
//! Resolving a profile for the Zowe adapter at execution time combines the
//! metadata with the keyring secret into a `ResolvedZoweConnection`, which is
//! consumed once and dropped - the adapter never persists or logs it.

use flow_domain::connection::ConnectionProfile;
use flow_execution::{ConnectionLookup, ResolvedZoweConnection};
use flow_security::{CredentialKind, CredentialStore};
use parking_lot::Mutex;
use serde::{Deserialize, Serialize};
use std::path::{Path, PathBuf};
use std::sync::Arc;
use thiserror::Error;

const FILE_NAME: &str = "connections.json";

/// Storage-layer errors. Distinct from the runtime [`ConnectionError`] so the
/// `flow-application` API can surface IO / JSON failures without leaking them
/// into the cross-crate `ConnectionLookup` contract.
#[derive(Debug, Error)]
pub enum StoreError {
    #[error("connection id is empty")]
    EmptyId,
    #[error(transparent)]
    Io(#[from] std::io::Error),
    #[error(transparent)]
    Json(#[from] serde_json::Error),
    #[error("credential lookup failed: {0}")]
    Credential(String),
}

// Re-export the runtime-side types so callers in this crate can use them
// without depending on `flow-execution` directly.
pub use flow_execution::ConnectionError as RuntimeConnectionError;

#[derive(Debug, Clone, Serialize, Deserialize, Default)]
struct File {
    #[serde(default)]
    connections: Vec<ConnectionProfile>,
}

#[derive(Clone)]
pub struct ConnectionStore {
    path: PathBuf,
    credentials: Arc<dyn CredentialStore>,
    cache: Arc<Mutex<File>>,
}

impl ConnectionStore {
    pub fn open(dir: &Path, credentials: Arc<dyn CredentialStore>) -> Result<Self, StoreError> {
        std::fs::create_dir_all(dir)?;
        let path = dir.join(FILE_NAME);
        let cache = if path.exists() {
            let body = std::fs::read_to_string(&path)?;
            serde_json::from_str::<File>(&body).unwrap_or_default()
        } else {
            File::default()
        };
        Ok(Self {
            path,
            credentials,
            cache: Arc::new(Mutex::new(cache)),
        })
    }

    pub fn list(&self) -> Vec<ConnectionProfile> {
        self.cache.lock().connections.clone()
    }

    pub fn get(&self, id: &str) -> Option<ConnectionProfile> {
        self.cache
            .lock()
            .connections
            .iter()
            .find(|c| c.id == id)
            .cloned()
    }

    /// Insert or update a profile. If `secret` is `Some`, also writes it to
    /// the keyring; passing `None` leaves the existing keyring entry alone (so
    /// edits to host/port/user don't require re-entering the password).
    pub fn upsert(
        &self,
        profile: ConnectionProfile,
        secret: Option<&str>,
    ) -> Result<(), StoreError> {
        if profile.id.is_empty() {
            return Err(StoreError::EmptyId);
        }
        if let Some(s) = secret {
            self.set_secret(&profile.id, s)?;
        }
        let mut guard = self.cache.lock();
        if let Some(slot) = guard.connections.iter_mut().find(|c| c.id == profile.id) {
            *slot = profile;
        } else {
            guard.connections.push(profile);
        }
        let body = serde_json::to_string_pretty(&*guard)?;
        drop(guard);
        std::fs::write(&self.path, body)?;
        Ok(())
    }

    pub fn delete(&self, id: &str) -> Result<(), StoreError> {
        let mut guard = self.cache.lock();
        let before = guard.connections.len();
        guard.connections.retain(|c| c.id != id);
        if guard.connections.len() == before {
            return Err(StoreError::Io(std::io::Error::new(
                std::io::ErrorKind::NotFound,
                format!("connection '{id}' not found"),
            )));
        }
        let body = serde_json::to_string_pretty(&*guard)?;
        drop(guard);
        std::fs::write(&self.path, body)?;
        // Best-effort: remove the keyring entry too. A missing entry is fine.
        let account = CredentialKind::ZoweProfile.account_for(id);
        let _ = self.credentials.delete(&account);
        Ok(())
    }

    pub fn set_secret(&self, id: &str, secret: &str) -> Result<(), StoreError> {
        let account = CredentialKind::ZoweProfile.account_for(id);
        self.credentials
            .set(&account, secret)
            .map_err(|e| StoreError::Credential(e.to_string()))
    }

    pub fn has_secret(&self, id: &str) -> bool {
        let account = CredentialKind::ZoweProfile.account_for(id);
        self.credentials.exists(&account)
    }
}

impl ConnectionLookup for ConnectionStore {
    fn resolve_zowe(
        &self,
        connection_id: &str,
    ) -> Result<ResolvedZoweConnection, RuntimeConnectionError> {
        let profile = self
            .get(connection_id)
            .ok_or_else(|| RuntimeConnectionError::NotFound(connection_id.to_string()))?;
        if profile.kind != "zosmf" {
            return Err(RuntimeConnectionError::NotFound(format!(
                "{connection_id} (not a zosmf connection)"
            )));
        }
        let account = CredentialKind::ZoweProfile.account_for(connection_id);
        let password = self
            .credentials
            .get(&account)
            .map_err(|e| RuntimeConnectionError::Credential(e.to_string()))?;
        Ok(ResolvedZoweConnection {
            host: profile.host,
            port: profile.port,
            user: profile.user,
            password,
            protocol: profile.protocol,
            reject_unauthorized: profile.reject_unauthorized,
        })
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use flow_security::InMemoryCredentialStore;

    fn tmp_dir() -> PathBuf {
        let p = std::env::temp_dir().join(format!("flow-conn-{}", uuid::Uuid::new_v4()));
        std::fs::create_dir_all(&p).unwrap();
        p
    }

    fn make_profile(id: &str) -> ConnectionProfile {
        ConnectionProfile::new_zosmf(
            id,
            format!("{id} profile"),
            "lpar.example.com",
            443,
            "USR01",
        )
    }

    #[test]
    fn upsert_and_list_round_trip() {
        let dir = tmp_dir();
        let store = ConnectionStore::open(&dir, Arc::new(InMemoryCredentialStore::new())).unwrap();
        store
            .upsert(make_profile("prd01"), Some("hunter2"))
            .unwrap();
        let listed = store.list();
        assert_eq!(listed.len(), 1);
        assert_eq!(listed[0].id, "prd01");
        assert!(store.has_secret("prd01"));
        let _ = std::fs::remove_dir_all(&dir);
    }

    #[test]
    fn upsert_replaces_existing() {
        let dir = tmp_dir();
        let store = ConnectionStore::open(&dir, Arc::new(InMemoryCredentialStore::new())).unwrap();
        store.upsert(make_profile("prd01"), Some("first")).unwrap();
        let mut p2 = make_profile("prd01");
        p2.host = "new.host".into();
        // Pass None for secret so the old keyring entry is preserved.
        store.upsert(p2, None).unwrap();
        let resolved = store.resolve_zowe("prd01").unwrap();
        assert_eq!(resolved.host, "new.host");
        assert_eq!(
            resolved.password, "first",
            "secret must persist when not patched"
        );
        let _ = std::fs::remove_dir_all(&dir);
    }

    #[test]
    fn delete_removes_metadata_and_secret() {
        let dir = tmp_dir();
        let store = ConnectionStore::open(&dir, Arc::new(InMemoryCredentialStore::new())).unwrap();
        store.upsert(make_profile("dev01"), Some("pw")).unwrap();
        store.delete("dev01").unwrap();
        assert!(store.list().is_empty());
        assert!(!store.has_secret("dev01"));
        let _ = std::fs::remove_dir_all(&dir);
    }

    #[test]
    fn delete_missing_is_not_found() {
        let dir = tmp_dir();
        let store = ConnectionStore::open(&dir, Arc::new(InMemoryCredentialStore::new())).unwrap();
        let err = store.delete("nope").unwrap_err();
        match err {
            StoreError::Io(e) => assert_eq!(e.kind(), std::io::ErrorKind::NotFound),
            other => panic!("unexpected error: {other:?}"),
        }
        let _ = std::fs::remove_dir_all(&dir);
    }

    #[test]
    fn resolve_with_no_secret_is_credential_error() {
        let dir = tmp_dir();
        let creds = Arc::new(InMemoryCredentialStore::new());
        let store = ConnectionStore::open(&dir, creds).unwrap();
        store.upsert(make_profile("p"), None).unwrap();
        assert!(matches!(
            store.resolve_zowe("p"),
            Err(RuntimeConnectionError::Credential(_))
        ));
        let _ = std::fs::remove_dir_all(&dir);
    }

    #[test]
    fn upsert_rejects_empty_id() {
        let dir = tmp_dir();
        let store = ConnectionStore::open(&dir, Arc::new(InMemoryCredentialStore::new())).unwrap();
        let mut p = make_profile("ok");
        p.id = "".into();
        assert!(matches!(
            store.upsert(p, Some("x")),
            Err(StoreError::EmptyId)
        ));
        let _ = std::fs::remove_dir_all(&dir);
    }

    #[test]
    fn round_trip_via_disk_persists_metadata() {
        let dir = tmp_dir();
        let creds = Arc::new(InMemoryCredentialStore::new());
        {
            let store = ConnectionStore::open(&dir, creds.clone()).unwrap();
            store.upsert(make_profile("alpha"), Some("pw")).unwrap();
        }
        // Reopen - metadata reloads from JSON, secret reloads from the same store.
        let store = ConnectionStore::open(&dir, creds).unwrap();
        assert_eq!(store.list().len(), 1);
        assert_eq!(
            store.resolve_zowe("alpha").unwrap().host,
            "lpar.example.com"
        );
        let _ = std::fs::remove_dir_all(&dir);
    }
}