server: move domain::types to separate domain crate (#1086)

Preparation for using basic type definitions in other upcoming modules, in particular for plugins.
2026-03-31 15:07:48 +01:00 · 2025-02-03 23:00:27 +01:00
parent 417abc54e4
commit 1b26859141
47 changed files with 365 additions and 243 deletions
@@ -2527,7 +2527,6 @@ dependencies = [
 "graphql_client 0.11.0",
 "hmac 0.12.1",
 "http 0.2.12",
 "image",
 "itertools",
 "juniper",
 "jwt 0.16.0",
@@ -2536,6 +2535,7 @@ dependencies = [
 "ldap3_proto",
 "lettre",
 "lldap_auth",
 "lldap_domain",
 "lldap_validation",
 "log",
 "mockall",
@@ -2551,7 +2551,6 @@ dependencies = [
 "sea-orm",
 "secstr",
 "serde",
 "serde_bytes",
 "serde_json",
 "serial_test",
 "sha2 0.10.8",
@@ -2625,6 +2624,26 @@ dependencies = [
 "thiserror",
 ]
 [[package]]
 name = "lldap_domain"
 version = "0.1.0"
 dependencies = [
 "anyhow",
 "base64 0.21.7",
 "bincode",
 "chrono",
 "derive_more 1.0.0",
 "image",
 "juniper",
 "lldap_auth",
 "pretty_assertions",
 "sea-orm",
 "serde",
 "serde_bytes",
 "strum",
 "uuid 1.11.0",
 ]
 [[package]]
 name = "lldap_migration_tool"
 version = "0.4.2"
@@ -1,10 +1,11 @@
 [workspace]
 members = [
-  "server",
+    "crates/domain",
-  "auth",
+    "server",
-  "app",
+    "auth",
-  "migration-tool",
+    "app",
-  "set-password",
+    "migration-tool",
    "set-password",
 ]
 default-members = ["server"]
@@ -0,0 +1,59 @@
 [package]
 authors = [
    "Valentin Tolmer <valentin@tolmer.fr>",
    "Simon Broeng Jensen <sbj@cwconsult.dk>",
 ]
 name = "lldap_domain"
 version = "0.1.0"
 edition = "2021"
 [features]
 test = []
 [dependencies]
 anyhow = "*"
 base64 = "0.21"
 bincode = "1.3"
 juniper = "0.15"
 serde = "*"
 serde_bytes = "0.11"
 [dev-dependencies]
 pretty_assertions = "1"
 [dependencies.chrono]
 features = ["serde"]
 version = "*"
 [dependencies.derive_more]
 features = ["debug", "display", "from", "from_str"]
 default-features = false
 version = "1"
 [dependencies.image]
 features = ["jpeg"]
 default-features = false
 version = "0.24"
 [dependencies.lldap_auth]
 path = "../../auth"
 features = ["opaque_server", "opaque_client", "sea_orm"]
 [dependencies.sea-orm]
 version = "0.12"
 default-features = false
 features = [
    "macros",
    "with-chrono",
    "with-uuid",
    "sqlx-all",
    "runtime-actix-rustls",
 ]
 [dependencies.strum]
 features = ["derive"]
 version = "0.25"
 [dependencies.uuid]
 features = ["v1", "v3"]
 version = "1"
@@ -0,0 +1,3 @@
 pub mod requests;
 pub mod schema;
 pub mod types;
@@ -0,0 +1,53 @@
 use serde::{Deserialize, Serialize};
 use crate::types::{
    AttributeName, AttributeType, AttributeValue, Email, GroupId, GroupName, JpegPhoto, UserId,
 };
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone, Default)]
 pub struct CreateUserRequest {
    // Same fields as User, but no creation_date, and with password.
    pub user_id: UserId,
    pub email: Email,
    pub display_name: Option<String>,
    pub first_name: Option<String>,
    pub last_name: Option<String>,
    pub avatar: Option<JpegPhoto>,
    pub attributes: Vec<AttributeValue>,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone, Default)]
 pub struct UpdateUserRequest {
    // Same fields as CreateUserRequest, but no with an extra layer of Option.
    pub user_id: UserId,
    pub email: Option<Email>,
    pub display_name: Option<String>,
    pub first_name: Option<String>,
    pub last_name: Option<String>,
    pub avatar: Option<JpegPhoto>,
    pub delete_attributes: Vec<AttributeName>,
    pub insert_attributes: Vec<AttributeValue>,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone, Default)]
 pub struct CreateGroupRequest {
    pub display_name: GroupName,
    pub attributes: Vec<AttributeValue>,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct UpdateGroupRequest {
    pub group_id: GroupId,
    pub display_name: Option<GroupName>,
    pub delete_attributes: Vec<AttributeName>,
    pub insert_attributes: Vec<AttributeValue>,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct CreateAttributeRequest {
    pub name: AttributeName,
    pub attribute_type: AttributeType,
    pub is_list: bool,
    pub is_visible: bool,
    pub is_editable: bool,
 }
@@ -0,0 +1,39 @@
 use serde::{Deserialize, Serialize};
 use crate::types::{AttributeName, AttributeType, LdapObjectClass};
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct Schema {
    pub user_attributes: AttributeList,
    pub group_attributes: AttributeList,
    pub extra_user_object_classes: Vec<LdapObjectClass>,
    pub extra_group_object_classes: Vec<LdapObjectClass>,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct AttributeSchema {
    pub name: AttributeName,
    //TODO: pub aliases: Vec<String>,
    pub attribute_type: AttributeType,
    pub is_list: bool,
    pub is_visible: bool,
    pub is_editable: bool,
    pub is_hardcoded: bool,
    pub is_readonly: bool,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct AttributeList {
    pub attributes: Vec<AttributeSchema>,
 }
 impl AttributeList {
    pub fn get_attribute_schema(&self, name: &AttributeName) -> Option<&AttributeSchema> {
        self.attributes.iter().find(|a| a.name == *name)
    }
    pub fn get_attribute_type(&self, name: &AttributeName) -> Option<(AttributeType, bool)> {
        self.get_attribute_schema(name)
            .map(|a| (a.attribute_type, a.is_list))
    }
 }
@@ -11,7 +11,6 @@ use sea_orm::{
 use serde::{Deserialize, Serialize};
 use strum::{EnumString, IntoStaticStr};
 pub use super::model::UserColumn;
 pub use lldap_auth::types::UserId;
 #[derive(
@@ -66,11 +65,11 @@ impl<'a> std::convert::TryFrom<&'a str> for Uuid {
    }
 }
-#[cfg(test)]
+#[cfg(feature = "test")]
 #[macro_export]
 macro_rules! uuid {
    ($s:literal) => {
-        <$crate::domain::types::Uuid as std::convert::TryFrom<_>>::try_from($s).unwrap()
+        <lldap_domain::types::Uuid as std::convert::TryFrom<_>>::try_from($s).unwrap()
    };
 }
@@ -372,7 +371,7 @@ impl JpegPhoto {
        self.0
    }
-    #[cfg(test)]
+    #[cfg(any(feature = "test", test))]
    pub fn for_tests() -> Self {
        use image::{ImageOutputFormat, Rgb, RgbImage};
        let img = RgbImage::from_fn(32, 32, |x, y| {
@@ -424,7 +423,7 @@ pub struct User {
    pub attributes: Vec<AttributeValue>,
 }
-#[cfg(test)]
+#[cfg(feature = "test")]
 impl Default for User {
    fn default() -> Self {
        let epoch = chrono::Utc.timestamp_opt(0, 0).unwrap().naive_utc();
@@ -40,7 +40,6 @@ orion = "0.17"
 rand_chacha = "0.3"
 rustls-pemfile = "1"
 serde = "*"
 serde_bytes = "0.11"
 serde_json = "1"
 sha2 = "0.10"
 thiserror = "*"
@@ -85,6 +84,13 @@ version = "0.10.1"
 path = "../auth"
 features = ["opaque_server", "opaque_client", "sea_orm"]
 [dependencies.lldap_domain]
 path = "../crates/domain"
 [dev-dependencies.lldap_domain]
 path = "../crates/domain"
 features = ["test"]
 [dependencies.lldap_validation]
 path = "../validation"
@@ -119,20 +125,15 @@ version = "^0.1.6"
 features = ["default", "rustls"]
 version = "3"
 [dependencies.image]
 features = ["jpeg"]
 default-features = false
 version = "0.24"
 [dependencies.sea-orm]
 version = "0.12"
 default-features = false
 features = [
-  "macros",
+    "macros",
-  "with-chrono",
+    "with-chrono",
-  "with-uuid",
+    "with-uuid",
-  "sqlx-all",
+    "sqlx-all",
-  "runtime-actix-rustls",
+    "runtime-actix-rustls",
 ]
 [dependencies.reqwest]
@@ -1,5 +1,5 @@
 use crate::domain::types::{AttributeType, JpegPhoto, Serialized};
 use anyhow::{bail, Context as AnyhowContext};
 use lldap_domain::types::{AttributeType, JpegPhoto, Serialized};
 pub fn deserialize_attribute_value(
    value: &[String],
@@ -1,12 +1,16 @@
-use crate::domain::{
+use crate::domain::{error::Result, model::UserColumn};
-    error::Result,
+use async_trait::async_trait;
 use lldap_domain::{
    requests::{
        CreateAttributeRequest, CreateGroupRequest, CreateUserRequest, UpdateGroupRequest,
        UpdateUserRequest,
    },
    schema::Schema,
    types::{
-        AttributeName, AttributeType, AttributeValue, Email, Group, GroupDetails, GroupId,
+        AttributeName, Group, GroupDetails, GroupId, GroupName, LdapObjectClass, Serialized, User,
-        GroupName, JpegPhoto, LdapObjectClass, Serialized, User, UserAndGroups, UserColumn, UserId,
+        UserAndGroups, UserId, Uuid,
        Uuid,
    },
 };
 use async_trait::async_trait;
 use serde::{Deserialize, Serialize};
 use std::collections::HashSet;
@@ -99,90 +103,6 @@ impl From<bool> for GroupRequestFilter {
    }
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone, Default)]
 pub struct CreateUserRequest {
    // Same fields as User, but no creation_date, and with password.
    pub user_id: UserId,
    pub email: Email,
    pub display_name: Option<String>,
    pub first_name: Option<String>,
    pub last_name: Option<String>,
    pub avatar: Option<JpegPhoto>,
    pub attributes: Vec<AttributeValue>,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone, Default)]
 pub struct UpdateUserRequest {
    // Same fields as CreateUserRequest, but no with an extra layer of Option.
    pub user_id: UserId,
    pub email: Option<Email>,
    pub display_name: Option<String>,
    pub first_name: Option<String>,
    pub last_name: Option<String>,
    pub avatar: Option<JpegPhoto>,
    pub delete_attributes: Vec<AttributeName>,
    pub insert_attributes: Vec<AttributeValue>,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone, Default)]
 pub struct CreateGroupRequest {
    pub display_name: GroupName,
    pub attributes: Vec<AttributeValue>,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct UpdateGroupRequest {
    pub group_id: GroupId,
    pub display_name: Option<GroupName>,
    pub delete_attributes: Vec<AttributeName>,
    pub insert_attributes: Vec<AttributeValue>,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct AttributeSchema {
    pub name: AttributeName,
    //TODO: pub aliases: Vec<String>,
    pub attribute_type: AttributeType,
    pub is_list: bool,
    pub is_visible: bool,
    pub is_editable: bool,
    pub is_hardcoded: bool,
    pub is_readonly: bool,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct CreateAttributeRequest {
    pub name: AttributeName,
    pub attribute_type: AttributeType,
    pub is_list: bool,
    pub is_visible: bool,
    pub is_editable: bool,
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct AttributeList {
    pub attributes: Vec<AttributeSchema>,
 }
 impl AttributeList {
    pub fn get_attribute_schema(&self, name: &AttributeName) -> Option<&AttributeSchema> {
        self.attributes.iter().find(|a| a.name == *name)
    }
    pub fn get_attribute_type(&self, name: &AttributeName) -> Option<(AttributeType, bool)> {
        self.get_attribute_schema(name)
            .map(|a| (a.attribute_type, a.is_list))
    }
 }
 #[derive(PartialEq, Eq, Debug, Serialize, Deserialize, Clone)]
 pub struct Schema {
    pub user_attributes: AttributeList,
    pub group_attributes: AttributeList,
    pub extra_user_object_classes: Vec<LdapObjectClass>,
    pub extra_group_object_classes: Vec<LdapObjectClass>,
 }
 #[async_trait]
 pub trait LoginHandler: Send + Sync {
    async fn bind(&self, request: BindRequest) -> Result<()>;
@@ -257,6 +177,7 @@ pub trait BackendHandler:
 mod tests {
    use super::*;
    use base64::Engine;
    use lldap_domain::types::JpegPhoto;
    use pretty_assertions::assert_ne;
    #[test]
@@ -17,7 +17,9 @@ use crate::domain::{
        },
    },
    schema::{PublicSchema, SchemaGroupAttributeExtractor},
-    types::{AttributeName, AttributeType, Group, GroupId, LdapObjectClass, UserId, Uuid},
+};
 use lldap_domain::types::{
    AttributeName, AttributeType, Group, GroupId, LdapObjectClass, UserId, Uuid,
 };
 pub fn get_group_attribute(
@@ -16,11 +16,11 @@ use crate::domain::{
            LdapInfo, UserFieldType,
        },
    },
    model::UserColumn,
    schema::{PublicSchema, SchemaUserAttributeExtractor},
-    types::{
+};
-        AttributeName, AttributeType, GroupDetails, LdapObjectClass, User, UserAndGroups,
+use lldap_domain::types::{
-        UserColumn, UserId,
+    AttributeName, AttributeType, GroupDetails, LdapObjectClass, User, UserAndGroups, UserId,
    },
 };
 pub fn get_user_attribute(
@@ -7,10 +7,11 @@ use tracing::{debug, instrument, warn};
 use crate::domain::{
    handler::SubStringFilter,
    ldap::error::{LdapError, LdapResult},
    model::UserColumn,
    schema::{PublicSchema, SchemaAttributeExtractor},
-    types::{
+};
-        AttributeName, AttributeType, AttributeValue, GroupName, JpegPhoto, UserColumn, UserId,
+use lldap_domain::types::{
-    },
+    AttributeName, AttributeType, AttributeValue, GroupName, JpegPhoto, UserId,
 };
 impl From<LdapSubstringFilter> for SubStringFilter {
@@ -12,4 +12,3 @@ pub mod sql_opaque_handler;
 pub mod sql_schema_backend_handler;
 pub mod sql_tables;
 pub mod sql_user_backend_handler;
 pub mod types;
@@ -1,8 +1,8 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::{
+use lldap_domain::{
-    handler::AttributeSchema,
+    schema::AttributeSchema,
    types::{AttributeName, AttributeType},
 };
@@ -1,7 +1,7 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::types::{AttributeName, AttributeValue, GroupId, Serialized};
+use lldap_domain::types::{AttributeName, AttributeValue, GroupId, Serialized};
 #[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
 #[sea_orm(table_name = "group_attributes")]
@@ -1,7 +1,7 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::types::LdapObjectClass;
+use lldap_domain::types::LdapObjectClass;
 #[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
 #[sea_orm(table_name = "group_object_classes")]
@@ -3,7 +3,7 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::types::{GroupId, GroupName, Uuid};
+use lldap_domain::types::{GroupId, GroupName, Uuid};
 #[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
 #[sea_orm(table_name = "groups")]
@@ -30,7 +30,7 @@ impl Related<super::memberships::Entity> for Entity {
 impl ActiveModelBehavior for ActiveModel {}
-impl From<Model> for crate::domain::types::Group {
+impl From<Model> for lldap_domain::types::Group {
    fn from(group: Model) -> Self {
        Self {
            id: group.group_id,
@@ -43,7 +43,7 @@ impl From<Model> for crate::domain::types::Group {
    }
 }
-impl From<Model> for crate::domain::types::GroupDetails {
+impl From<Model> for lldap_domain::types::GroupDetails {
    fn from(group: Model) -> Self {
        Self {
            group_id: group.group_id,
@@ -3,7 +3,7 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::types::UserId;
+use lldap_domain::types::UserId;
 #[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
 #[sea_orm(table_name = "jwt_refresh_storage")]
@@ -3,7 +3,7 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::types::UserId;
+use lldap_domain::types::UserId;
 #[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
 #[sea_orm(table_name = "jwt_storage")]
@@ -3,7 +3,7 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::types::{GroupId, UserId};
+use lldap_domain::types::{GroupId, UserId};
 #[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
 #[sea_orm(table_name = "memberships")]
@@ -3,7 +3,7 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::types::UserId;
+use lldap_domain::types::UserId;
 #[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
 #[sea_orm(table_name = "password_reset_tokens")]
@@ -1,8 +1,8 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::{
+use lldap_domain::{
-    handler::AttributeSchema,
+    schema::AttributeSchema,
    types::{AttributeName, AttributeType},
 };
@@ -1,7 +1,7 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::types::{AttributeName, AttributeValue, Serialized, UserId};
+use lldap_domain::types::{AttributeName, AttributeValue, Serialized, UserId};
 #[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
 #[sea_orm(table_name = "user_attributes")]
@@ -1,7 +1,7 @@
 use sea_orm::entity::prelude::*;
 use serde::{Deserialize, Serialize};
-use crate::domain::types::LdapObjectClass;
+use lldap_domain::types::LdapObjectClass;
 #[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
 #[sea_orm(table_name = "user_object_classes")]
@@ -3,7 +3,7 @@
 use sea_orm::{entity::prelude::*, sea_query::BlobSize};
 use serde::{Deserialize, Serialize};
-use crate::domain::types::{Email, UserId, Uuid};
+use lldap_domain::types::{Email, UserId, Uuid};
 #[derive(Copy, Clone, Default, Debug, DeriveEntity)]
 pub struct Entity;
@@ -112,7 +112,7 @@ impl Related<super::password_reset_tokens::Entity> for Entity {
 impl ActiveModelBehavior for ActiveModel {}
-impl From<Model> for crate::domain::types::User {
+impl From<Model> for lldap_domain::types::User {
    fn from(user: Model) -> Self {
        Self {
            user_id: user.user_id,
@@ -1,5 +1,6 @@
-use crate::domain::{error::Result, types::UserId};
+use crate::domain::error::Result;
 use async_trait::async_trait;
 use lldap_domain::types::UserId;
 pub use lldap_auth::{login, registration};
@@ -1,5 +1,5 @@
-use crate::domain::{
+use lldap_domain::{
-    handler::{AttributeList, AttributeSchema, Schema},
+    schema::{AttributeList, AttributeSchema, Schema},
    types::AttributeType,
 };
 use serde::{Deserialize, Serialize};
@@ -23,15 +23,18 @@ pub mod tests {
    use crate::{
        domain::{
            handler::{
-                CreateGroupRequest, CreateUserRequest, GroupBackendHandler, UserBackendHandler,
+                GroupBackendHandler, UserBackendHandler, UserListerBackendHandler,
-                UserListerBackendHandler, UserRequestFilter,
+                UserRequestFilter,
            },
            sql_tables::init_table,
            types::{GroupId, UserId},
        },
        infra::configuration::ConfigurationBuilder,
    };
    use lldap_auth::{opaque, registration};
    use lldap_domain::{
        requests::{CreateGroupRequest, CreateUserRequest},
        types::{GroupId, UserId},
    };
    use pretty_assertions::assert_eq;
    use sea_orm::Database;
@@ -1,14 +1,14 @@
 use crate::domain::{
    error::{DomainError, Result},
-    handler::{
+    handler::{GroupBackendHandler, GroupListerBackendHandler, GroupRequestFilter},
        CreateGroupRequest, GroupBackendHandler, GroupListerBackendHandler, GroupRequestFilter,
        UpdateGroupRequest,
    },
    model::{self, GroupColumn, MembershipColumn},
    sql_backend_handler::SqlBackendHandler,
    types::{AttributeName, AttributeValue, Group, GroupDetails, GroupId, Serialized, Uuid},
 };
 use async_trait::async_trait;
 use lldap_domain::{
    requests::{CreateGroupRequest, UpdateGroupRequest},
    types::{AttributeName, AttributeValue, Group, GroupDetails, GroupId, Serialized, Uuid},
 };
 use sea_orm::{
    sea_query::{Alias, Cond, Expr, Func, IntoCondition, OnConflict, SimpleExpr},
    ActiveModelTrait, ColumnTrait, DatabaseTransaction, EntityTrait, QueryFilter, QueryOrder,
@@ -314,8 +314,11 @@ impl SqlBackendHandler {
 mod tests {
    use super::*;
    use crate::domain::{
-        handler::{CreateAttributeRequest, SchemaBackendHandler, SubStringFilter},
+        handler::{SchemaBackendHandler, SubStringFilter},
        sql_backend_handler::tests::*,
    };
    use lldap_domain::{
        requests::CreateAttributeRequest,
        types::{AttributeType, GroupName, Serialized, UserId},
    };
    use pretty_assertions::assert_eq;
@@ -1,8 +1,6 @@
-use crate::domain::{
+use crate::domain::sql_tables::{DbConnection, SchemaVersion, LAST_SCHEMA_VERSION};
    sql_tables::{DbConnection, SchemaVersion, LAST_SCHEMA_VERSION},
    types::{AttributeType, GroupId, JpegPhoto, Serialized, UserId, Uuid},
 };
 use itertools::Itertools;
 use lldap_domain::types::{AttributeType, GroupId, JpegPhoto, Serialized, UserId, Uuid};
 use sea_orm::{
    sea_query::{
        self, all, BinOper, BlobSize::Blob, ColumnDef, Expr, ForeignKey, ForeignKeyAction, Func,
@@ -4,11 +4,11 @@ use super::{
    model::{self, UserColumn},
    opaque_handler::{login, registration, OpaqueHandler},
    sql_backend_handler::SqlBackendHandler,
    types::UserId,
 };
 use async_trait::async_trait;
 use base64::Engine;
 use lldap_auth::opaque;
 use lldap_domain::types::UserId;
 use sea_orm::{ActiveModelTrait, ActiveValue, EntityTrait, QuerySelect};
 use secstr::SecUtf8;
 use tracing::{debug, info, instrument, warn};
@@ -1,14 +1,15 @@
 use crate::domain::{
    error::{DomainError, Result},
-    handler::{
+    handler::{ReadSchemaBackendHandler, SchemaBackendHandler},
        AttributeList, AttributeSchema, CreateAttributeRequest, ReadSchemaBackendHandler, Schema,
        SchemaBackendHandler,
    },
    model,
    sql_backend_handler::SqlBackendHandler,
    types::{AttributeName, LdapObjectClass},
 };
 use async_trait::async_trait;
 use lldap_domain::{
    requests::CreateAttributeRequest,
    schema::{AttributeList, AttributeSchema, Schema},
    types::{AttributeName, LdapObjectClass},
 };
 use sea_orm::{
    ActiveModelTrait, DatabaseTransaction, EntityTrait, QueryOrder, Set, TransactionTrait,
 };
@@ -175,10 +176,12 @@ impl SqlBackendHandler {
 mod tests {
    use super::*;
    use crate::domain::{
-        handler::{AttributeList, UpdateUserRequest, UserBackendHandler, UserRequestFilter},
+        handler::{UserBackendHandler, UserRequestFilter},
        sql_backend_handler::tests::*,
        types::{AttributeType, AttributeValue, Serialized},
    };
    use lldap_domain::requests::UpdateUserRequest;
    use lldap_domain::schema::AttributeList;
    use lldap_domain::types::{AttributeType, AttributeValue, Serialized};
    use pretty_assertions::assert_eq;
    #[tokio::test]
@@ -123,10 +123,8 @@ pub async fn set_private_key_info(pool: &DbConnection, info: PrivateKeyInfo) ->
 #[cfg(test)]
 mod tests {
-    use crate::domain::{
+    use crate::domain::sql_migrations;
-        sql_migrations,
+    use lldap_domain::types::{GroupId, JpegPhoto, Serialized, Uuid};
        types::{GroupId, JpegPhoto, Serialized, Uuid},
    };
    use pretty_assertions::assert_eq;
    use super::*;
@@ -254,11 +252,11 @@ mod tests {
            vec![
                SimpleUser {
                    display_name: None,
-                    uuid: crate::uuid!("a02eaf13-48a7-30f6-a3d4-040ff7c52b04")
+                    uuid: lldap_domain::uuid!("a02eaf13-48a7-30f6-a3d4-040ff7c52b04")
                },
                SimpleUser {
                    display_name: Some("John Doe".to_owned()),
-                    uuid: crate::uuid!("986765a5-3f03-389e-b47b-536b2d6e1bec")
+                    uuid: lldap_domain::uuid!("986765a5-3f03-389e-b47b-536b2d6e1bec")
                }
            ]
        );
@@ -1,17 +1,17 @@
 use crate::domain::{
    error::{DomainError, Result},
-    handler::{
+    handler::{UserBackendHandler, UserListerBackendHandler, UserRequestFilter},
        CreateUserRequest, UpdateUserRequest, UserBackendHandler, UserListerBackendHandler,
        UserRequestFilter,
    },
    model::{self, GroupColumn, UserColumn},
    sql_backend_handler::SqlBackendHandler,
 };
 use async_trait::async_trait;
 use lldap_domain::{
    requests::{CreateUserRequest, UpdateUserRequest},
    types::{
        AttributeName, AttributeValue, GroupDetails, GroupId, Serialized, User, UserAndGroups,
        UserId, Uuid,
    },
 };
 use async_trait::async_trait;
 use sea_orm::{
    sea_query::{
        query::OnConflict, Alias, Cond, Expr, Func, IntoColumnRef, IntoCondition, SimpleExpr,
@@ -430,10 +430,9 @@ impl UserBackendHandler for SqlBackendHandler {
 mod tests {
    use super::*;
    use crate::domain::{
-        handler::SubStringFilter,
+        handler::SubStringFilter, model::UserColumn, sql_backend_handler::tests::*,
        sql_backend_handler::tests::*,
        types::{JpegPhoto, UserColumn},
    };
    use lldap_domain::types::JpegPhoto;
    use pretty_assertions::{assert_eq, assert_ne};
    #[tokio::test]
@@ -6,12 +6,18 @@ use tracing::info;
 use crate::domain::{
    error::Result,
    handler::{
-        AttributeSchema, BackendHandler, CreateAttributeRequest, CreateGroupRequest,
+        BackendHandler, GroupBackendHandler, GroupListerBackendHandler, GroupRequestFilter,
-        CreateUserRequest, GroupBackendHandler, GroupListerBackendHandler, GroupRequestFilter,
+        ReadSchemaBackendHandler, SchemaBackendHandler, UserBackendHandler,
-        ReadSchemaBackendHandler, Schema, SchemaBackendHandler, UpdateGroupRequest,
+        UserListerBackendHandler, UserRequestFilter,
        UpdateUserRequest, UserBackendHandler, UserListerBackendHandler, UserRequestFilter,
    },
    schema::PublicSchema,
 };
 use lldap_domain::{
    requests::{
        CreateAttributeRequest, CreateGroupRequest, CreateUserRequest, UpdateGroupRequest,
        UpdateUserRequest,
    },
    schema::{AttributeSchema, Schema},
    types::{
        AttributeName, Group, GroupDetails, GroupId, GroupName, LdapObjectClass, User,
        UserAndGroups, UserId,
@@ -22,13 +22,14 @@ use time::ext::NumericalDuration;
 use tracing::{debug, info, instrument, warn};
 use lldap_auth::{login, password_reset, registration, JWTClaims};
 use lldap_domain::types::{GroupDetails, GroupName, UserId};
 use crate::{
    domain::{
        error::DomainError,
        handler::{BackendHandler, BindRequest, LoginHandler, UserRequestFilter},
        model::UserColumn,
        opaque_handler::OpaqueHandler,
        types::{GroupDetails, GroupName, UserColumn, UserId},
    },
    infra::{
        access_control::{ReadonlyBackendHandler, UserReadableBackendHandler, ValidationResults},
@@ -1,10 +1,7 @@
 use std::collections::HashSet;
 use crate::{
-    domain::{
+    domain::sql_tables::{ConfigLocation, PrivateKeyHash, PrivateKeyInfo, PrivateKeyLocation},
        sql_tables::{ConfigLocation, PrivateKeyHash, PrivateKeyInfo, PrivateKeyLocation},
        types::{AttributeName, UserId},
    },
    infra::{
        cli::{
            GeneralConfigOpts, LdapsOpts, RunOpts, SmtpEncryption, SmtpOpts, TestEmailOpts,
@@ -20,6 +17,7 @@ use figment::{
 };
 use figment_file_provider_adapter::FileAdapter;
 use lldap_auth::opaque::{server::ServerSetup, KeyPair};
 use lldap_domain::types::{AttributeName, UserId};
 use secstr::SecUtf8;
 use serde::{Deserialize, Serialize};
 use std::path::PathBuf;
@@ -623,7 +621,7 @@ where
            Either set the `jwt_secret` config value or the `LLDAP_JWT_SECRET` environment variable. \
            You can generate the value by running\n\
            LC_ALL=C tr -dc 'A-Za-z0-9!#%&'\\''()*+,-./:;<=>?@[\\]^_{{|}}~' </dev/urandom | head -c 32; echo ''\n\
-            or you can use this random value: {}", 
+            or you can use this random value: {}",
        rand::thread_rng()
            .sample_iter(&Symbols)
            .take(32)
@@ -1,5 +1,5 @@
 use crate::{
-    domain::{handler::BackendHandler, types::UserId},
+    domain::handler::BackendHandler,
    infra::{
        access_control::{
            AccessControlledBackendHandler, AdminBackendHandler, ReadonlyBackendHandler,
@@ -11,6 +11,7 @@ use crate::{
        tcp_server::AppState,
    },
 };
 use actix_web::FromRequest;
 use actix_web::HttpMessage;
 use actix_web::{error::JsonPayloadError, web, Error, HttpRequest, HttpResponse};
@@ -22,6 +23,7 @@ use juniper::{
    },
    EmptySubscription, FieldError, RootNode, ScalarValue,
 };
 use lldap_domain::types::UserId;
 use tracing::debug;
 pub struct Context<Handler: BackendHandler> {
@@ -2,16 +2,7 @@ use std::sync::Arc;
 use crate::{
    domain::{
-        deserialize::deserialize_attribute_value,
+        deserialize::deserialize_attribute_value, handler::BackendHandler, schema::PublicSchema,
        handler::{
            AttributeList, BackendHandler, CreateAttributeRequest, CreateGroupRequest,
            CreateUserRequest, UpdateGroupRequest, UpdateUserRequest,
        },
        schema::PublicSchema,
        types::{
            AttributeName, AttributeType, AttributeValue as DomainAttributeValue, Email, GroupId,
            JpegPhoto, LdapObjectClass, UserId,
        },
    },
    infra::{
        access_control::{
@@ -24,6 +15,17 @@ use crate::{
 use anyhow::{anyhow, Context as AnyhowContext};
 use base64::Engine;
 use juniper::{graphql_object, FieldError, FieldResult, GraphQLInputObject, GraphQLObject};
 use lldap_domain::{
    requests::{
        CreateAttributeRequest, CreateGroupRequest, CreateUserRequest, UpdateGroupRequest,
        UpdateUserRequest,
    },
    schema::AttributeList,
    types::{
        AttributeName, AttributeType, AttributeValue as DomainAttributeValue, Email, GroupId,
        JpegPhoto, LdapObjectClass, UserId,
    },
 };
 use lldap_validation::attributes::{validate_attribute_name, ALLOWED_CHARACTERS_DESCRIPTION};
 use tracing::{debug, debug_span, Instrument, Span};
@@ -731,18 +733,16 @@ fn deserialize_attribute(
 mod tests {
    use super::*;
-    use crate::{
+    use crate::infra::{
-        domain::types::{AttributeName, AttributeType},
+        access_control::{Permission, ValidationResults},
-        infra::{
+        graphql::query::Query,
-            access_control::{Permission, ValidationResults},
+        test_utils::MockTestBackendHandler,
            graphql::query::Query,
            test_utils::MockTestBackendHandler,
        },
    };
    use juniper::{
        execute, graphql_value, DefaultScalarValue, EmptySubscription, GraphQLType, InputValue,
        RootNode, Variables,
    };
    use lldap_domain::types::{AttributeName, AttributeType};
    use mockall::predicate::eq;
    use pretty_assertions::assert_eq;
@@ -7,9 +7,6 @@ use crate::{
        ldap::utils::{map_user_field, UserFieldType},
        model::UserColumn,
        schema::PublicSchema,
        types::{
            AttributeType, GroupDetails, GroupId, JpegPhoto, LdapObjectClass, Serialized, UserId,
        },
    },
    infra::{
        access_control::{ReadonlyBackendHandler, UserReadableBackendHandler},
@@ -19,16 +16,19 @@ use crate::{
 use anyhow::Context as AnyhowContext;
 use chrono::{NaiveDateTime, TimeZone};
 use juniper::{graphql_object, FieldResult, GraphQLInputObject};
 use lldap_domain::types::{
    AttributeType, GroupDetails, GroupId, JpegPhoto, LdapObjectClass, Serialized, UserId,
 };
 use serde::{Deserialize, Serialize};
 use tracing::{debug, debug_span, Instrument, Span};
 type DomainRequestFilter = crate::domain::handler::UserRequestFilter;
-type DomainUser = crate::domain::types::User;
+type DomainUser = lldap_domain::types::User;
-type DomainGroup = crate::domain::types::Group;
+type DomainGroup = lldap_domain::types::Group;
-type DomainUserAndGroups = crate::domain::types::UserAndGroups;
+type DomainUserAndGroups = lldap_domain::types::UserAndGroups;
-type DomainAttributeList = crate::domain::handler::AttributeList;
+type DomainAttributeList = lldap_domain::schema::AttributeList;
-type DomainAttributeSchema = crate::domain::handler::AttributeSchema;
+type DomainAttributeSchema = lldap_domain::schema::AttributeSchema;
-type DomainAttributeValue = crate::domain::types::AttributeValue;
+type DomainAttributeValue = lldap_domain::types::AttributeValue;
 #[derive(PartialEq, Eq, Debug, GraphQLInputObject)]
 /// A filter for requests, specifying a boolean expression based on field constraints. Only one of
@@ -801,21 +801,19 @@ impl<Handler: BackendHandler> AttributeValue<Handler> {
 #[cfg(test)]
 mod tests {
    use super::*;
-    use crate::{
+    use crate::infra::{
-        domain::{
+        access_control::{Permission, ValidationResults},
-            handler::AttributeList,
+        test_utils::{setup_default_schema, MockTestBackendHandler},
            types::{AttributeName, AttributeType, LdapObjectClass, Serialized},
        },
        infra::{
            access_control::{Permission, ValidationResults},
            test_utils::{setup_default_schema, MockTestBackendHandler},
        },
    };
    use chrono::TimeZone;
    use juniper::{
        execute, graphql_value, DefaultScalarValue, EmptyMutation, EmptySubscription, GraphQLType,
        RootNode, Variables,
    };
    use lldap_domain::{
        schema::{AttributeList, Schema},
        types::{AttributeName, AttributeType, LdapObjectClass, Serialized},
    };
    use mockall::predicate::eq;
    use pretty_assertions::assert_eq;
    use std::collections::HashSet;
@@ -860,7 +858,7 @@ mod tests {
        let mut mock = MockTestBackendHandler::new();
        mock.expect_get_schema().returning(|| {
-            Ok(crate::domain::handler::Schema {
+            Ok(Schema {
                user_attributes: DomainAttributeList {
                    attributes: vec![
                        DomainAttributeSchema {
@@ -908,7 +906,7 @@ mod tests {
                    user_id: UserId::new("bob"),
                    email: "bob@bobbers.on".into(),
                    creation_date: chrono::Utc.timestamp_millis_opt(42).unwrap().naive_utc(),
-                    uuid: crate::uuid!("b1a2a3a4b1b2c1c2d1d2d3d4d5d6d7d8"),
+                    uuid: lldap_domain::uuid!("b1a2a3a4b1b2c1c2d1d2d3d4d5d6d7d8"),
                    attributes: vec![
                        DomainAttributeValue {
                            name: "first_name".into(),
@@ -927,7 +925,7 @@ mod tests {
            group_id: GroupId(3),
            display_name: "Bobbersons".into(),
            creation_date: chrono::Utc.timestamp_nanos(42).naive_utc(),
-            uuid: crate::uuid!("a1a2a3a4b1b2c1c2d1d2d3d4d5d6d7d8"),
+            uuid: lldap_domain::uuid!("a1a2a3a4b1b2c1c2d1d2d3d4d5d6d7d8"),
            attributes: vec![DomainAttributeValue {
                name: "club_name".into(),
                value: Serialized::from("Gang of Four"),
@@ -937,7 +935,7 @@ mod tests {
            group_id: GroupId(7),
            display_name: "Jefferees".into(),
            creation_date: chrono::Utc.timestamp_nanos(12).naive_utc(),
-            uuid: crate::uuid!("b1a2a3a4b1b2c1c2d1d2d3d4d5d6d7d8"),
+            uuid: lldap_domain::uuid!("b1a2a3a4b1b2c1c2d1d2d3d4d5d6d7d8"),
            attributes: Vec::new(),
        });
        mock.expect_get_user_groups()
@@ -1299,7 +1297,7 @@ mod tests {
        let mut mock = MockTestBackendHandler::new();
        mock.expect_get_schema().times(1).return_once(|| {
-            Ok(crate::domain::handler::Schema {
+            Ok(Schema {
                user_attributes: AttributeList {
                    attributes: vec![DomainAttributeSchema {
                        name: "invisible".into(),
@@ -1,8 +1,6 @@
 use crate::{
    domain::{
-        handler::{
+        handler::{BackendHandler, BindRequest, LoginHandler, ReadSchemaBackendHandler},
            BackendHandler, BindRequest, CreateUserRequest, LoginHandler, ReadSchemaBackendHandler,
        },
        ldap::{
            error::{LdapError, LdapResult},
            group::{convert_groups_to_ldap_op, get_groups_list},
@@ -13,7 +11,6 @@ use crate::{
        },
        opaque_handler::OpaqueHandler,
        schema::PublicSchema,
        types::{AttributeName, Email, Group, JpegPhoto, UserAndGroups, UserId},
    },
    infra::access_control::{
        AccessControlledBackendHandler, AdminBackendHandler, UserAndGroupListerBackendHandler,
@@ -28,6 +25,10 @@ use ldap3_proto::proto::{
    LdapResult as LdapResultOp, LdapResultCode, LdapSearchRequest, LdapSearchResultEntry,
    LdapSearchScope,
 };
 use lldap_domain::{
    requests::CreateUserRequest,
    types::{AttributeName, Email, Group, JpegPhoto, UserAndGroups, UserId},
 };
 use std::collections::HashMap;
 use tracing::{debug, instrument, warn};
@@ -879,12 +880,15 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
 mod tests {
    use super::*;
    use crate::{
-        domain::{handler::*, types::*},
+        domain::handler::*,
        domain::model::UserColumn,
        infra::test_utils::{setup_default_schema, MockTestBackendHandler},
        uuid,
    };
    use chrono::TimeZone;
    use ldap3_proto::proto::{LdapDerefAliases, LdapSearchScope, LdapSubstringFilter};
    use lldap_domain::schema::{AttributeList, AttributeSchema, Schema};
    use lldap_domain::types::*;
    use lldap_domain::uuid;
    use mockall::predicate::eq;
    use pretty_assertions::assert_eq;
    use std::collections::HashSet;
@@ -1691,7 +1695,7 @@ mod tests {
                }])
            });
        mock.expect_get_schema().returning(|| {
-            Ok(crate::domain::handler::Schema {
+            Ok(Schema {
                user_attributes: AttributeList {
                    attributes: Vec::new(),
                },
@@ -3020,7 +3024,7 @@ mod tests {
            }])
        });
        mock.expect_get_schema().returning(|| {
-            Ok(crate::domain::handler::Schema {
+            Ok(Schema {
                user_attributes: AttributeList {
                    attributes: vec![AttributeSchema {
                        name: "nickname".into(),
@@ -2,7 +2,6 @@ use crate::{
    domain::{
        handler::{BackendHandler, LoginHandler},
        opaque_handler::OpaqueHandler,
        types::AttributeName,
    },
    infra::{
        access_control::AccessControlledBackendHandler,
@@ -15,6 +14,7 @@ use actix_server::ServerBuilder;
 use actix_service::{fn_service, ServiceFactoryExt};
 use anyhow::{anyhow, Context, Result};
 use ldap3_proto::{control::LdapControl, proto::LdapMsg, proto::LdapOp, LdapCodec};
 use lldap_domain::types::AttributeName;
 use rustls::PrivateKey;
 use tokio_rustls::TlsAcceptor as RustlsTlsAcceptor;
 use tokio_util::codec::{FramedRead, FramedWrite};
@@ -3,10 +3,10 @@ use crate::domain::{
    error::*,
    model::{self, JwtRefreshStorageColumn, JwtStorageColumn, PasswordResetTokensColumn},
    sql_backend_handler::SqlBackendHandler,
    types::UserId,
 };
 use async_trait::async_trait;
 use chrono::NaiveDateTime;
 use lldap_domain::types::UserId;
 use sea_orm::{
    sea_query::{Cond, Expr},
    ActiveModelTrait, ColumnTrait, EntityTrait, IntoActiveModel, QueryFilter, QuerySelect,
@@ -2,7 +2,8 @@ use async_trait::async_trait;
 use chrono::NaiveDateTime;
 use std::collections::HashSet;
-use crate::domain::{error::Result, types::UserId};
+use crate::domain::error::Result;
 use lldap_domain::types::UserId;
 #[async_trait]
 pub trait TcpBackendHandler: Sync {
@@ -1,4 +1,12 @@
-use crate::domain::{error::Result, handler::*, opaque_handler::*, types::*};
+use crate::domain::{error::Result, handler::*, opaque_handler::*};
 use lldap_domain::{
    requests::{
        CreateAttributeRequest, CreateGroupRequest, CreateUserRequest, UpdateGroupRequest,
        UpdateUserRequest,
    },
    schema::{AttributeList, AttributeSchema, Schema},
    types::*,
 };
 use async_trait::async_trait;
 use std::collections::HashSet;
@@ -8,8 +8,8 @@ use std::time::Duration;
 use crate::{
    domain::{
        handler::{
-            CreateGroupRequest, CreateUserRequest, GroupBackendHandler, GroupListerBackendHandler,
+            GroupBackendHandler, GroupListerBackendHandler, GroupRequestFilter, UserBackendHandler,
-            GroupRequestFilter, UserBackendHandler, UserListerBackendHandler, UserRequestFilter,
+            UserListerBackendHandler, UserRequestFilter,
        },
        sql_backend_handler::SqlBackendHandler,
        sql_opaque_handler::register_password,
@@ -30,6 +30,8 @@ use futures_util::TryFutureExt;
 use sea_orm::{Database, DatabaseConnection};
 use tracing::{debug, error, info, instrument, span, warn, Instrument, Level};
 use lldap_domain::requests::{CreateGroupRequest, CreateUserRequest};
 mod domain;
 mod infra;