refactor: store PEDM configuration in SQLite instead of JSON files (#1356)

Previously the PEDM profiles and assignments were wrapped up in a
`Policy` object, which was loaded at startup and then maintained via an
`IdList` structure. API calls would have the `Policy` in their context
and interact with it directly.

This PR:

- Strips out unused features from the API surface area (session /
temporary elevations, revoke elevation). We don't support them right now
and it just adds noise.
- The remaining `Policy` item needed for elevation is the current user
selected profile. We load this from the DB at the API front -end and
pass it back to where it's needed.
- The API now calls the database directly to query/update/delete. In
most cases transactions are used where we need to enforce consistency,
but we are not expecting a high volume of calls or needing a high level
of atomicity.

The API and database design is not the most well thought-out, but it
closely reflects the _existing_ APIs to minimize disruption elsewhere
(API clients like RDM, as well as avoid significant behaviour changes
that may introduce new bugs).

Concerns are:

- There's no effort to maintain compatibility here. Existing PEDM users
will need to uninstall, wipe out their %programdata%\Agent\pedm
directory, and reinstall. Internally I'll provide a script to do that.
RDM will be blocked from using any version that doesn't include these
changes.
- The handling of users is not optimal (see @allan2 related PR). This
goes back to Kyle's original implementation and if we had made these
changes earlier, we could've addressed it, but there is no time now.
We'll have some technical debt here to correct in the future.

Author: thenextman

crates/devolutions-pedm-shared/devolutions-pedm-client-http/.openapi-generator/FILES

@@ -5,8 +5,6 @@ docs/Assignment.md
 docs/AuthenticodeSignatureStatus.md
 docs/Certificate.md
 docs/DefaultApi.md
-docs/ElevateTemporaryPayload.md
-docs/ElevationConfigurations.md
 docs/ElevationKind.md
 docs/ElevationMethod.md
 docs/Error.md
@@ -18,18 +16,11 @@ docs/JitElevationLogQueryOptions.md
 docs/JitElevationLogRow.md
 docs/LaunchPayload.md
 docs/LaunchResponse.md
-docs/OptionalId.md
 docs/PathIdParameter.md
-docs/PathIntIdPath.md
 docs/Profile.md
-docs/SessionElevationConfiguration.md
-docs/SessionElevationStatus.md
 docs/Signature.md
 docs/Signer.md
 docs/StartupInfoDto.md
-docs/StatusResponse.md
-docs/TemporaryElevationConfiguration.md
-docs/TemporaryElevationStatus.md
 docs/User.md
 src/apis/client.rs
 src/apis/configuration.rs
@@ -41,8 +32,6 @@ src/models/about_data.rs
 src/models/assignment.rs
 src/models/authenticode_signature_status.rs
 src/models/certificate.rs
-src/models/elevate_temporary_payload.rs
-src/models/elevation_configurations.rs
 src/models/elevation_kind.rs
 src/models/elevation_method.rs
 src/models/error.rs
@@ -55,16 +44,9 @@ src/models/jit_elevation_log_row.rs
 src/models/launch_payload.rs
 src/models/launch_response.rs
 src/models/mod.rs
-src/models/optional_id.rs
 src/models/path_id_parameter.rs
-src/models/path_int_id_path.rs
 src/models/profile.rs
-src/models/session_elevation_configuration.rs
-src/models/session_elevation_status.rs
 src/models/signature.rs
 src/models/signer.rs
 src/models/startup_info_dto.rs
-src/models/status_response.rs
-src/models/temporary_elevation_configuration.rs
-src/models/temporary_elevation_status.rs
 src/models/user.rs

crates/devolutions-pedm-shared/devolutions-pedm-client-http/README.md

@@ -27,23 +27,18 @@ All URIs are relative to *http://localhost*
 Class | Method | HTTP request | Description
 ------------ | ------------- | ------------- | -------------
 *DefaultApi* | [**about_get**](docs/DefaultApi.md#about_get) | **Get** /about | 
-*DefaultApi* | [**elevate_session_post**](docs/DefaultApi.md#elevate_session_post) | **Post** /elevate/session | 
-*DefaultApi* | [**elevate_temporary_post**](docs/DefaultApi.md#elevate_temporary_post) | **Post** /elevate/temporary | 
 *DefaultApi* | [**launch_post**](docs/DefaultApi.md#launch_post) | **Post** /launch | 
 *DefaultApi* | [**log_jit_get**](docs/DefaultApi.md#log_jit_get) | **Get** /log/jit | 
 *DefaultApi* | [**log_jit_id_get**](docs/DefaultApi.md#log_jit_id_get) | **Get** /log/jit/{id} | 
 *DefaultApi* | [**policy_assignments_get**](docs/DefaultApi.md#policy_assignments_get) | **Get** /policy/assignments | 
 *DefaultApi* | [**policy_assignments_id_put**](docs/DefaultApi.md#policy_assignments_id_put) | **Put** /policy/assignments/{id} | 
 *DefaultApi* | [**policy_me_get**](docs/DefaultApi.md#policy_me_get) | **Get** /policy/me | 
-*DefaultApi* | [**policy_me_put**](docs/DefaultApi.md#policy_me_put) | **Put** /policy/me | 
+*DefaultApi* | [**policy_me_id_put**](docs/DefaultApi.md#policy_me_id_put) | **Put** /policy/me/{id} | 
 *DefaultApi* | [**policy_profiles_get**](docs/DefaultApi.md#policy_profiles_get) | **Get** /policy/profiles | 
 *DefaultApi* | [**policy_profiles_id_delete**](docs/DefaultApi.md#policy_profiles_id_delete) | **Delete** /policy/profiles/{id} | 
 *DefaultApi* | [**policy_profiles_id_get**](docs/DefaultApi.md#policy_profiles_id_get) | **Get** /policy/profiles/{id} | 
-*DefaultApi* | [**policy_profiles_id_put**](docs/DefaultApi.md#policy_profiles_id_put) | **Put** /policy/profiles/{id} | 
 *DefaultApi* | [**policy_profiles_post**](docs/DefaultApi.md#policy_profiles_post) | **Post** /policy/profiles | 
 *DefaultApi* | [**policy_users_get**](docs/DefaultApi.md#policy_users_get) | **Get** /policy/users | 
-*DefaultApi* | [**revoke_post**](docs/DefaultApi.md#revoke_post) | **Post** /revoke | 
-*DefaultApi* | [**status_get**](docs/DefaultApi.md#status_get) | **Get** /status | 
 
 
 ## Documentation For Models
@@ -52,8 +47,6 @@ Class | Method | HTTP request | Description
  - [Assignment](docs/Assignment.md)
  - [AuthenticodeSignatureStatus](docs/AuthenticodeSignatureStatus.md)
  - [Certificate](docs/Certificate.md)
- - [ElevateTemporaryPayload](docs/ElevateTemporaryPayload.md)
- - [ElevationConfigurations](docs/ElevationConfigurations.md)
  - [ElevationKind](docs/ElevationKind.md)
  - [ElevationMethod](docs/ElevationMethod.md)
  - [Error](docs/Error.md)
@@ -65,18 +58,11 @@ Class | Method | HTTP request | Description
  - [JitElevationLogRow](docs/JitElevationLogRow.md)
  - [LaunchPayload](docs/LaunchPayload.md)
  - [LaunchResponse](docs/LaunchResponse.md)
- - [OptionalId](docs/OptionalId.md)
  - [PathIdParameter](docs/PathIdParameter.md)
- - [PathIntIdPath](docs/PathIntIdPath.md)
  - [Profile](docs/Profile.md)
- - [SessionElevationConfiguration](docs/SessionElevationConfiguration.md)
- - [SessionElevationStatus](docs/SessionElevationStatus.md)
  - [Signature](docs/Signature.md)
  - [Signer](docs/Signer.md)
  - [StartupInfoDto](docs/StartupInfoDto.md)
- - [StatusResponse](docs/StatusResponse.md)
- - [TemporaryElevationConfiguration](docs/TemporaryElevationConfiguration.md)
- - [TemporaryElevationStatus](docs/TemporaryElevationStatus.md)
  - [User](docs/User.md)
 
 

crates/devolutions-pedm-shared/devolutions-pedm-client-http/docs/DefaultApi.md

@@ -5,23 +5,18 @@ All URIs are relative to *http://localhost*
 Method | HTTP request | Description
 ------------- | ------------- | -------------
 [**about_get**](DefaultApi.md#about_get) | **Get** /about | 
-[**elevate_session_post**](DefaultApi.md#elevate_session_post) | **Post** /elevate/session | 
-[**elevate_temporary_post**](DefaultApi.md#elevate_temporary_post) | **Post** /elevate/temporary | 
 [**launch_post**](DefaultApi.md#launch_post) | **Post** /launch | 
 [**log_jit_get**](DefaultApi.md#log_jit_get) | **Get** /log/jit | 
 [**log_jit_id_get**](DefaultApi.md#log_jit_id_get) | **Get** /log/jit/{id} | 
 [**policy_assignments_get**](DefaultApi.md#policy_assignments_get) | **Get** /policy/assignments | 
 [**policy_assignments_id_put**](DefaultApi.md#policy_assignments_id_put) | **Put** /policy/assignments/{id} | 
 [**policy_me_get**](DefaultApi.md#policy_me_get) | **Get** /policy/me | 
-[**policy_me_put**](DefaultApi.md#policy_me_put) | **Put** /policy/me | 
+[**policy_me_id_put**](DefaultApi.md#policy_me_id_put) | **Put** /policy/me/{id} | 
 [**policy_profiles_get**](DefaultApi.md#policy_profiles_get) | **Get** /policy/profiles | 
 [**policy_profiles_id_delete**](DefaultApi.md#policy_profiles_id_delete) | **Delete** /policy/profiles/{id} | 
 [**policy_profiles_id_get**](DefaultApi.md#policy_profiles_id_get) | **Get** /policy/profiles/{id} | 
-[**policy_profiles_id_put**](DefaultApi.md#policy_profiles_id_put) | **Put** /policy/profiles/{id} | 
 [**policy_profiles_post**](DefaultApi.md#policy_profiles_post) | **Post** /policy/profiles | 
 [**policy_users_get**](DefaultApi.md#policy_users_get) | **Get** /policy/users | 
-[**revoke_post**](DefaultApi.md#revoke_post) | **Post** /revoke | 
-[**status_get**](DefaultApi.md#status_get) | **Get** /status | 
 
 
 
@@ -50,59 +45,6 @@ No authorization required
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
 
 
-## elevate_session_post
-
-> elevate_session_post()
-
-
-### Parameters
-
-This endpoint does not need any parameter.
-
-### Return type
-
- (empty response body)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: application/json
-
-[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
-
-
-## elevate_temporary_post
-
-> elevate_temporary_post(elevate_temporary_payload)
-
-
-### Parameters
-
-
-Name | Type | Description  | Required | Notes
-------------- | ------------- | ------------- | ------------- | -------------
-**elevate_temporary_payload** | [**ElevateTemporaryPayload**](ElevateTemporaryPayload.md) |  | [required] |
-
-### Return type
-
- (empty response body)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: application/json
-- **Accept**: application/json
-
-[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
-
-
 ## launch_post
 
 > models::LaunchResponse launch_post(launch_payload)
@@ -222,7 +164,7 @@ No authorization required
 
 Name | Type | Description  | Required | Notes
 ------------- | ------------- | ------------- | ------------- | -------------
-**id** | **uuid::Uuid** |  | [required] |
+**id** | **i64** |  | [required] |
 **user** | [**Vec<models::User>**](User.md) |  | [required] |
 
 ### Return type
@@ -266,17 +208,17 @@ No authorization required
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
 
 
-## policy_me_put
+## policy_me_id_put
 
-> policy_me_put(optional_id)
+> policy_me_id_put(id)
 
 
 ### Parameters
 
 
 Name | Type | Description  | Required | Notes
 ------------- | ------------- | ------------- | ------------- | -------------
-**optional_id** | [**OptionalId**](OptionalId.md) |  | [required] |
+**id** | **i64** |  | [required] |
 
 ### Return type
 
@@ -288,15 +230,15 @@ No authorization required
 
 ### HTTP request headers
 
-- **Content-Type**: application/json
+- **Content-Type**: Not defined
 - **Accept**: application/json
 
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
 
 
 ## policy_profiles_get
 
-> Vec<uuid::Uuid> policy_profiles_get()
+> Vec<i64> policy_profiles_get()
 
 
 ### Parameters
@@ -305,7 +247,7 @@ This endpoint does not need any parameter.
 
 ### Return type
 
-[**Vec<uuid::Uuid>**](uuid::Uuid.md)
+**Vec<i64>**
 
 ### Authorization
 
@@ -329,7 +271,7 @@ No authorization required
 
 Name | Type | Description  | Required | Notes
 ------------- | ------------- | ------------- | ------------- | -------------
-**id** | **uuid::Uuid** |  | [required] |
+**id** | **i64** |  | [required] |
 
 ### Return type
 
@@ -357,7 +299,7 @@ No authorization required
 
 Name | Type | Description  | Required | Notes
 ------------- | ------------- | ------------- | ------------- | -------------
-**id** | **uuid::Uuid** |  | [required] |
+**id** | **i64** |  | [required] |
 
 ### Return type
 
@@ -375,35 +317,6 @@ No authorization required
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
 
 
-## policy_profiles_id_put
-
-> policy_profiles_id_put(id, profile)
-
-
-### Parameters
-
-
-Name | Type | Description  | Required | Notes
-------------- | ------------- | ------------- | ------------- | -------------
-**id** | **uuid::Uuid** |  | [required] |
-**profile** | [**Profile**](Profile.md) |  | [required] |
-
-### Return type
-
- (empty response body)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: application/json
-- **Accept**: application/json
-
-[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
-
-
 ## policy_profiles_post
 
 > policy_profiles_post(profile)
@@ -456,53 +369,3 @@ No authorization required
 
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
 
-
-## revoke_post
-
-> revoke_post()
-
-
-### Parameters
-
-This endpoint does not need any parameter.
-
-### Return type
-
- (empty response body)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: application/json
-
-[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
-
-
-## status_get
-
-> models::StatusResponse status_get()
-
-
-### Parameters
-
-This endpoint does not need any parameter.
-
-### Return type
-
-[**models::StatusResponse**](StatusResponse.md)
-
-### Authorization
-
-No authorization required
-
-### HTTP request headers
-
-- **Content-Type**: Not defined
-- **Accept**: application/json
-
-[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
-

crates/devolutions-pedm-shared/devolutions-pedm-client-http/docs/ElevateTemporaryPayload.md

@@ -4,8 +4,8 @@
 
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**active** | [**uuid::Uuid**](uuid::Uuid.md) |  | 
-**available** | [**Vec<uuid::Uuid>**](uuid::Uuid.md) |  | 
+**active** | **i64** |  | 
+**available** | **Vec<i64>** |  | 
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)