retrieve and set users' permissions

server/src/cmds/run/config.rs

@@ -8,6 +8,8 @@ use std::path::PathBuf;
 
 use serde::Deserialize;
 
+use crate::json::Permissions;
+
 fn default_db_dir() -> PathBuf {
     "/var/lib/moonfire-nvr/db".into()
 }
@@ -82,32 +84,3 @@ pub enum AddressConfig {
     // TODO: SystemdFileDescriptorName(String), see
     // https://www.freedesktop.org/software/systemd/man/systemd.socket.html
 }
-
-/// JSON analog of `Permissions` defined in `db/proto/schema.proto`.
-#[derive(Debug, Default, Deserialize)]
-#[serde(deny_unknown_fields)]
-pub struct Permissions {
-    #[serde(default)]
-    view_video: bool,
-
-    #[serde(default)]
-    read_camera_configs: bool,
-
-    #[serde(default)]
-    update_signals: bool,
-
-    #[serde(default)]
-    admin_users: bool,
-}
-
-impl Permissions {
-    pub fn as_proto(&self) -> db::schema::Permissions {
-        db::schema::Permissions {
-            view_video: self.view_video,
-            read_camera_configs: self.read_camera_configs,
-            update_signals: self.update_signals,
-            admin_users: self.admin_users,
-            ..Default::default()
-        }
-    }
-}

server/src/cmds/run/mod.rs

@@ -2,7 +2,6 @@
 // Copyright (C) 2022 The Moonfire NVR Authors; see AUTHORS and LICENSE.txt.
 // SPDX-License-Identifier: GPL-v3.0-or-later WITH GPL-3.0-linking-exception.
 
-use crate::cmds::run::config::Permissions;
 use crate::streamer;
 use crate::web;
 use crate::web::accept::Listener;
@@ -369,7 +368,7 @@ async fn inner(
                 allow_unauthenticated_permissions: b
                     .allow_unauthenticated_permissions
                     .as_ref()
-                    .map(Permissions::as_proto),
+                    .map(db::Permissions::from),
                 trust_forward_hdrs: b.trust_forward_headers,
                 time_zone_name: time_zone_name.clone(),
                 privileged_unix_uid: b.own_uid_is_privileged.then(|| own_euid),