feat(pedm): account tracking

This commit adds tracking of user accounts and domain accounts.
Changes to accounts on the system such as name change, creation, removal, and even SID change are captured.

Accounts now use an internally generated stable ID. This stable ID can be used to build policies in a robust manner.

The functionality has been tested with real account creation, deletion, and removal on Windows for both DB backends.

This commit also includes query helpers for parametrization and bulk insertion.

A basic endpoint, `/accounts`, is added for displaying info about
existing accounts in a fashion similar to `Get-LocalUser`.

Author: allan2

Cargo.lock

@@ -45,6 +45,13 @@ tokio-postgres = { version = "0.7", optional = true, features = ["with-chrono-0_
 bb8 = { version = "0.9", optional = true }
 bb8-postgres = { version = "0.9", optional = true }
 
+[target.'cfg(windows)'.dependencies]
+windows = { version = "0.61", features = [
+  "Win32_NetworkManagement_NetManagement",
+  "Win32_Security_Authorization",
+] }
+windows-result = "0.3"
+
 [features]
 default = ["libsql"]
 libsql = ["dep:libsql"]

crates/devolutions-pedm/Cargo.toml

@@ -0,0 +1,19 @@
+use std::path::Path;
+use std::{env, fs};
+
+fn main() -> Result<(), Box<dyn std::error::Error>> {
+    let manifest_dir = env::var("CARGO_MANIFEST_DIR")?;
+    // This expects the PEDM crate to be in repo_root/crates/devolutions-pedm.
+    let repo_root = Path::new(&manifest_dir)
+        .parent()
+        .expect("crates dir missing")
+        .parent()
+        .expect("repo root missing");
+
+    let version = fs::read_to_string(repo_root.join("VERSION"))
+        .expect("failed to read VERSION file")
+        .trim_end()
+        .to_string();
+    println!("cargo:rustc-env=VERSION={}", version);
+    Ok(())
+}

crates/devolutions-pedm/build.rs

@@ -1,20 +1,23 @@
 /* In SQLite, we store time as an 8-byte integer (i64) with microsecond precision. This matches TIMESTAMPTZ in Postgres.
    Use `chrono::DateTime::timestamp_micros` when inserting or fetching timestamps in Rust.
+
+   `valid_from` and `valid_to` are used in place of a temporal interval type.
+   Since the special infinity value does not exist in SQLite, we use NULL. This allows for easy checking of a row validity. A row is presently valid if `valid_to` is NULL.
 */
 
 CREATE TABLE IF NOT EXISTS version
 (
     version    integer PRIMARY KEY,
     updated_at integer NOT NULL DEFAULT (
-        CAST(strftime('%s', 'now') AS integer) * 1000000 + CAST(strftime('%f', 'now') * 1000000 AS integer) % 1000000
+        cast(strftime('%s', 'now') AS integer) * 1000000 + cast(strftime('%f', 'now') * 1000000 AS integer) % 1000000
         )
 );
 
 CREATE TABLE IF NOT EXISTS run
 (
     id         integer PRIMARY KEY,
     start_time integer NOT NULL DEFAULT (
-        CAST(strftime('%s', 'now') AS integer) * 1000000 + CAST(strftime('%f', 'now') * 1000000 AS integer) % 1000000
+        cast(strftime('%s', 'now') AS integer) * 1000000 + cast(strftime('%f', 'now') * 1000000 AS integer) % 1000000
         ),
     pipe_name  text    NOT NULL
 );
@@ -23,7 +26,7 @@ CREATE TABLE IF NOT EXISTS http_request
 (
     id          integer PRIMARY KEY,
     at          integer NOT NULL DEFAULT (
-        CAST(strftime('%s', 'now') AS integer) * 1000000 + CAST(strftime('%f', 'now') * 1000000 AS integer) % 1000000
+        cast(strftime('%s', 'now') AS integer) * 1000000 + cast(strftime('%f', 'now') * 1000000 AS integer) % 1000000
         ),
     method      text    NOT NULL,
     path        text    NOT NULL,
@@ -69,4 +72,71 @@ CREATE TABLE IF NOT EXISTS jit_elevation_result
     FOREIGN KEY (target_user_id) REFERENCES user(id)
 );
 
+CREATE TABLE IF NOT EXISTS account_diff_request
+(
+    id integer PRIMARY KEY,
+    at integer NOT NULL DEFAULT (
+        cast(strftime('%s', 'now') AS integer) * 1000000 +
+        cast(strftime('%f', 'now') * 1000000 AS integer) % 1000000
+        )
+);
+
+CREATE TABLE IF NOT EXISTS domain
+(
+    id       integer PRIMARY KEY AUTOINCREMENT,
+    subauth1 integer NOT NULL,
+    subauth2 integer NOT NULL,
+    subauth3 integer NOT NULL,
+    subauth4 integer NOT NULL,
+    CONSTRAINT unique_domain UNIQUE (subauth1, subauth2, subauth3, subauth4)
+);
+
+CREATE TABLE IF NOT EXISTS sid
+(
+    id          integer PRIMARY KEY AUTOINCREMENT,
+    domain_id   integer NOT NULL REFERENCES domain (id),
+    relative_id integer NOT NULL,
+    CONSTRAINT unique_sid UNIQUE (domain_id, relative_id)
+);
+
+CREATE TABLE IF NOT EXISTS account
+(
+    id integer PRIMARY KEY
+);
+
+CREATE TABLE IF NOT EXISTS account_name
+(
+    id         integer NOT NULL REFERENCES account (id),
+    name       text    NOT NULL,
+    valid_from integer NOT NULL DEFAULT (
+        cast(strftime('%s', 'now') AS integer) * 1000000 +
+        cast(strftime('%f', 'now') * 1000000 AS integer) % 1000000
+        ),
+    valid_to   integer DEFAULT NULL,
+    PRIMARY KEY (id, valid_from)
+);
+
+CREATE TABLE IF NOT EXISTS account_removed
+(
+    id         integer NOT NULL REFERENCES account (id),
+    valid_from integer NOT NULL DEFAULT (
+        cast(strftime('%s', 'now') AS integer) * 1000000 +
+        cast(strftime('%f', 'now') * 1000000 AS integer) % 1000000
+        ),
+    valid_to   integer DEFAULT NULL,
+    PRIMARY KEY (id, valid_from)
+);
+
+CREATE TABLE IF NOT EXISTS account_sid
+(
+    account_id integer NOT NULL REFERENCES account (id),
+    sid_id     integer NOT NULL REFERENCES sid (id),
+    valid_from integer NOT NULL DEFAULT (
+        cast(strftime('%s', 'now') AS integer) * 1000000 +
+        cast(strftime('%f', 'now') * 1000000 AS integer) % 1000000
+        ),
+    valid_to   integer DEFAULT NULL,
+    PRIMARY KEY (account_id, sid_id, valid_from)
+);
+
 INSERT INTO version (version) VALUES (0) ON CONFLICT DO NOTHING;

crates/devolutions-pedm/schema/libsql.sql

@@ -1,3 +1,5 @@
+CREATE EXTENSION IF NOT EXISTS btree_gist;
+
 CREATE TABLE IF NOT EXISTS version
 (
     version  smallint PRIMARY KEY,
@@ -28,4 +30,59 @@ CREATE TABLE IF NOT EXISTS elevate_tmp_request
     seconds int NOT NULL
 );
 
+CREATE TABLE IF NOT EXISTS account_diff_request
+(
+    id int PRIMARY KEY GENERATED ALWAYS AS IDENTITY,
+    at timestamptz NOT NULL DEFAULT now()
+);
+
+CREATE TABLE IF NOT EXISTS domain
+(
+    id       smallint PRIMARY KEY GENERATED ALWAYS AS IDENTITY,
+    subauth1 smallint NOT NULL,
+    subauth2 bigint   NOT NULL,
+    subauth3 bigint   NOT NULL,
+    subauth4 bigint   NOT NULL,
+    CONSTRAINT unique_domain UNIQUE (subauth1, subauth2, subauth3, subauth4)
+);
+
+CREATE TABLE IF NOT EXISTS sid
+(
+    id             smallint PRIMARY KEY GENERATED ALWAYS AS IDENTITY,
+    domain_id      smallint NOT NULL REFERENCES domain (id),
+    relative_id    smallint NOT NULL,
+    CONSTRAINT unique_sid UNIQUE (domain_id, relative_id)
+);
+
+CREATE TABLE IF NOT EXISTS account
+(
+    id smallint PRIMARY KEY GENERATED ALWAYS AS IDENTITY
+);
+
+CREATE TABLE IF NOT EXISTS account_name
+(
+    id     smallint  NOT NULL REFERENCES account (id),
+    name   text      NOT NULL,
+    during tstzrange NOT NULL DEFAULT tstzrange(now(), 'infinity'),
+    PRIMARY KEY (id, during),
+    EXCLUDE USING gist (id WITH =, during WITH &&)
+);
+
+CREATE TABLE IF NOT EXISTS account_removed
+(
+    id     smallint  NOT NULL REFERENCES account (id),
+    during tstzrange NOT NULL DEFAULT tstzrange(now(), 'infinity'),
+    PRIMARY KEY (id, during),
+    EXCLUDE USING gist (id WITH =, during WITH &&)
+);
+
+CREATE TABLE IF NOT EXISTS account_sid
+(
+    account_id smallint  NOT NULL REFERENCES account (id),
+    sid_id     smallint  NOT NULL REFERENCES sid (id),
+    during     tstzrange NOT NULL DEFAULT tstzrange(now(), 'infinity'),
+    PRIMARY KEY (account_id, sid_id, during),
+    EXCLUDE USING gist (account_id WITH =, sid_id WITH =, during WITH &&)
+);
+
 INSERT INTO version (version) VALUES (0) ON CONFLICT DO NOTHING;