Leosac
0.8.0
Open Source Access Control
CredentialCRUD.cpp
Go to the documentation of this file.
1
/*
2
Copyright (C) 2014-2016 Leosac
3
4
This file is part of Leosac.
5
6
Leosac is free software: you can redistribute it and/or modify
7
it under the terms of the GNU Affero General Public License as published by
8
the Free Software Foundation, either version 3 of the License, or
9
(at your option) any later version.
10
11
Leosac is distributed in the hope that it will be useful,
12
but WITHOUT ANY WARRANTY; without even the implied warranty of
13
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
GNU Affero General Public License for more details.
15
16
You should have received a copy of the GNU Affero General Public License
17
along with this program. If not, see <http://www.gnu.org/licenses/>.
18
*/
19
20
#include "
api/CredentialCRUD.hpp
"
21
#include "
core/audit/AuditFactory.hpp
"
22
#include "
core/audit/ICredentialEvent.hpp
"
23
#include "
core/credentials/Credential.hpp
"
24
#include "core/credentials/Credential_odb.h"
25
#include "
core/credentials/PinCode.hpp
"
26
#include "
core/credentials/RFIDCard.hpp
"
27
#include "
core/credentials/serializers/CredentialSerializer.hpp
"
28
#include "
core/credentials/serializers/PolymorphicCredentialSerializer.hpp
"
29
#include "
exception/leosacexception.hpp
"
30
#include "
tools/AssertCast.hpp
"
31
#include "
tools/db/DBService.hpp
"
32
#include "
tools/registry/ThreadLocalRegistry.hpp
"
33
34
using namespace
Leosac
;
35
using namespace
Leosac::Module
;
36
using namespace
Leosac::Module::WebSockAPI
;
37
38
CredentialCRUD::CredentialCRUD
(
RequestContext
ctx)
39
:
CRUDResourceHandler
(ctx)
40
{
41
}
42
43
CRUDResourceHandlerUPtr
CredentialCRUD::instanciate
(
RequestContext
ctx)
44
{
45
auto
instance =
CRUDResourceHandlerUPtr
(
new
CredentialCRUD
(ctx));
46
47
return
instance;
48
}
49
50
std::vector<CRUDResourceHandler::ActionActionParam>
51
CredentialCRUD::required_permission
(
CRUDResourceHandler::Verb
verb,
52
const
json
&req)
const
53
{
54
std::vector<CRUDResourceHandler::ActionActionParam> ret;
55
SecurityContext::GroupActionParam
gap{};
56
try
57
{
58
gap.
group_id
= req.at(
"credential_id"
).get<
Auth::GroupId
>();
59
}
60
catch
(json::out_of_range &e)
61
{
62
gap.group_id = 0;
63
}
64
switch
(verb)
65
{
66
case
Verb::READ
:
67
ret.emplace_back(
SecurityContext::Action::CREDENTIAL_READ
, gap);
68
break
;
69
case
Verb::CREATE
:
70
ret.emplace_back(
SecurityContext::Action::CREDENTIAL_CREATE
, gap);
71
break
;
72
case
Verb::UPDATE
:
73
ret.emplace_back(
SecurityContext::Action::CREDENTIAL_UPDATE
, gap);
74
break
;
75
case
Verb::DELETE
:
76
ret.emplace_back(
SecurityContext::Action::CREDENTIAL_DELETE
, gap);
77
break
;
78
}
79
return
ret;
80
}
81
82
boost::optional<json>
CredentialCRUD::create_impl
(
const
json
&req)
83
{
84
json
rep;
85
DBPtr
db =
ctx_
.
dbsrv
->db();
86
odb::transaction t(db->begin());
87
88
Cred::ICredentialPtr
new_cred;
89
std::string type = req.at(
"credential-type"
);
90
if
(type ==
"rfid-card"
)
91
{
92
new_cred = std::make_shared<Cred::RFIDCard>();
93
}
94
else
if
(type ==
"pin-code"
)
95
{
96
new_cred = std::make_shared<Cred::PinCode>();
97
}
98
else
99
{
100
throw
LEOSACException
(
101
BUILD_STR
(
"Credential {"
<< type <<
"} are not supported."
));
102
}
103
104
PolymorphicCredentialJSONSerializer::unserialize
(*new_cred, req.at(
"attributes"
),
105
security_context
());
106
db->persist(assert_cast<Cred::CredentialPtr>(new_cred));
107
Audit::ICredentialEventPtr
audit =
108
Audit::Factory::CredentialEventPtr
(db, new_cred,
ctx_
.
audit
);
109
audit->event_mask(
Audit::EventType::CREDENTIAL_CREATED
);
110
audit->after(
PolymorphicCredentialJSONStringSerializer::serialize
(
111
*new_cred,
SystemSecurityContext::instance
()));
112
audit->finalize();
113
114
rep[
"data"
] =
PolymorphicCredentialJSONSerializer::serialize
(*new_cred,
115
security_context
());
116
117
t.commit();
118
return
rep;
119
}
120
121
boost::optional<json>
CredentialCRUD::read_impl
(
const
json
&req)
122
{
123
json
rep;
124
125
using
Result
= odb::result<Cred::Credential>;
126
DBPtr
db =
ctx_
.
dbsrv
->db();
127
odb::transaction t(db->begin());
128
auto
cid = req.at(
"credential_id"
).get<
Auth::UserId
>();
129
130
if
(cid != 0)
131
{
132
Cred::ICredentialPtr
cred =
133
ctx_
.
dbsrv
->find_credential_by_id(cid,
DBService::THROW_IF_NOT_FOUND
);
134
rep[
"data"
] =
PolymorphicCredentialJSONSerializer::serialize
(
135
*cred,
security_context
());
136
}
137
else
138
{
139
Result
result = db->query<
Cred::Credential
>();
140
rep[
"data"
] = json::array();
141
for
(
const
auto
&cred : result)
142
{
143
if
(
security_context
().check_permission(
144
SecurityContext::Action::CREDENTIAL_READ
,
145
SecurityContext::CredentialActionParam
{.
credential_id
=
146
cred.id()}))
147
{
148
rep[
"data"
].push_back(
PolymorphicCredentialJSONSerializer::serialize
(
149
cred,
security_context
()));
150
}
151
}
152
}
153
t.commit();
154
return
rep;
155
}
156
157
boost::optional<json>
CredentialCRUD::update_impl
(
const
json
&req)
158
{
159
json
rep;
160
auto
cid = req.at(
"credential_id"
).get<
Cred::CredentialId
>();
161
auto
db =
ctx_
.
dbsrv
->db();
162
odb::transaction t(db->begin());
163
164
Cred::ICredentialPtr
cred =
165
ctx_
.
dbsrv
->find_credential_by_id(cid,
DBService::THROW_IF_NOT_FOUND
);
166
Audit::ICredentialEventPtr
audit =
167
Audit::Factory::CredentialEventPtr
(db, cred,
ctx_
.
audit
);
168
audit->event_mask(
Audit::EventType::CREDENTIAL_UPDATED
);
169
audit->before(
PolymorphicCredentialJSONStringSerializer::serialize
(
170
*cred,
SystemSecurityContext::instance
()));
171
172
PolymorphicCredentialJSONSerializer::unserialize
(*cred, req.at(
"attributes"
),
173
security_context
());
174
db->update(assert_cast<Cred::CredentialPtr>(cred));
175
176
audit->after(
PolymorphicCredentialJSONStringSerializer::serialize
(
177
*cred,
SystemSecurityContext::instance
()));
178
audit->finalize();
179
t.commit();
180
return
rep;
181
}
182
183
boost::optional<json>
CredentialCRUD::delete_impl
(
const
json
&req)
184
{
185
auto
cid = req.at(
"credential_id"
).get<
Cred::CredentialId
>();
186
auto
db =
ctx_
.
dbsrv
->db();
187
odb::transaction t(db->begin());
188
189
if
(cid != 0)
190
{
191
Cred::ICredentialPtr
cred =
192
ctx_
.
dbsrv
->find_credential_by_id(cid,
DBService::THROW_IF_NOT_FOUND
);
193
Audit::ICredentialEventPtr
audit =
194
Audit::Factory::CredentialEventPtr
(db, cred,
ctx_
.
audit
);
195
audit->event_mask(
Audit::EventType::CREDENTIAL_DELETED
);
196
audit->before(
PolymorphicCredentialJSONStringSerializer::serialize
(
197
*cred,
SystemSecurityContext::instance
()));
198
199
audit->finalize();
200
db->erase<
Cred::Credential
>(cred->id());
201
t.commit();
202
}
203
return
json
{};
204
}
Leosac::Module::WebSockAPI::CredentialCRUD::CredentialCRUD
CredentialCRUD(RequestContext ctx)
Definition:
CredentialCRUD.cpp:38
AuditFactory.hpp
Leosac::SystemSecurityContext::instance
static SecurityContext & instance()
Definition:
SecurityContext.cpp:64
Leosac::SecurityContext::GroupActionParam
Definition:
SecurityContext.hpp:165
Leosac::Module::WebSockAPI::CredentialCRUD::instanciate
static CRUDResourceHandlerUPtr instanciate(RequestContext)
Definition:
CredentialCRUD.cpp:43
CredentialCRUD.hpp
Leosac::Module::WebSockAPI::CredentialCRUD::create_impl
virtual boost::optional< json > create_impl(const json &req) override
Create a new credential.
Definition:
CredentialCRUD.cpp:82
BUILD_STR
#define BUILD_STR(param)
Internal macro.
Definition:
log.hpp:63
PolymorphicCredentialSerializer.hpp
Leosac::Audit::EventType::CREDENTIAL_CREATED
@ CREDENTIAL_CREATED
Leosac::PolymorphicCredentialJSONSerializer::serialize
static json serialize(const Cred::ICredential &in, const SecurityContext &sc)
Definition:
PolymorphicCredentialSerializer.cpp:33
Leosac::PolymorphicCredentialJSONStringSerializer::serialize
static std::string serialize(const Cred::ICredential &in, const SecurityContext &sc)
Definition:
PolymorphicCredentialSerializer.cpp:102
Leosac::Audit::EventType::CREDENTIAL_UPDATED
@ CREDENTIAL_UPDATED
Leosac::PolymorphicCredentialJSONSerializer::unserialize
static void unserialize(Cred::ICredential &out, const json &in, const SecurityContext &sc)
Definition:
PolymorphicCredentialSerializer.cpp:41
Leosac::Module::WebSockAPI::CRUDResourceHandlerUPtr
std::unique_ptr< CRUDResourceHandler > CRUDResourceHandlerUPtr
Definition:
WebSockFwd.hpp:39
Leosac::Module::WebSockAPI::RequestContext::dbsrv
DBServicePtr dbsrv
Definition:
RequestContext.hpp:39
Leosac::Module::WebSockAPI::CRUDResourceHandler
Base CRUD handler for use within the websocket module.
Definition:
CRUDResourceHandler.hpp:84
RFIDCard.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::DELETE
@ DELETE
Leosac::DBPtr
std::shared_ptr< odb::database > DBPtr
Definition:
db_fwd.hpp:31
Leosac::Module::WebSockAPI::CredentialCRUD::update_impl
virtual boost::optional< json > update_impl(const json &req) override
Definition:
CredentialCRUD.cpp:157
Leosac::SecurityContext::CredentialActionParam::credential_id
Cred::CredentialId credential_id
Definition:
SecurityContext.hpp:181
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::CREATE
@ CREATE
Leosac::Module
All modules that provides features to Leosac shall be in this namespace.
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::READ
@ READ
Credential.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::UPDATE
@ UPDATE
Leosac::SecurityContext::Action::CREDENTIAL_UPDATE
@ CREDENTIAL_UPDATE
CredentialSerializer.hpp
Leosac
This is the header file for a generated source file, GitSHA1.cpp.
Definition:
APIStatusCode.hpp:22
Leosac::SecurityContext::GroupActionParam::group_id
Auth::GroupId group_id
Definition:
SecurityContext.hpp:167
leosacexception.hpp
Exception class for LEOSAC Project related errors.
Leosac::Module::WebSockAPI::CredentialCRUD::required_permission
virtual std::vector< ActionActionParam > required_permission(Verb verb, const json &req) const override
Definition:
CredentialCRUD.cpp:51
Leosac::Audit::EventType::CREDENTIAL_DELETED
@ CREDENTIAL_DELETED
LEOSACException
A base class for Leosac specific exception.
Definition:
leosacexception.hpp:40
Leosac::Module::WebSockAPI::CRUDResourceHandler::ctx_
RequestContext ctx_
Definition:
CRUDResourceHandler.hpp:95
Leosac::SecurityContext::Action::CREDENTIAL_DELETE
@ CREDENTIAL_DELETE
Leosac::Module::WebSockAPI::CredentialCRUD::delete_impl
virtual boost::optional< json > delete_impl(const json &req) override
Definition:
CredentialCRUD.cpp:183
PinCode.hpp
Leosac::Cred::Credential
An ODB enabled credential object.
Definition:
Credential.hpp:37
ThreadLocalRegistry.hpp
DBService.hpp
Leosac::Audit::ICredentialEventPtr
std::shared_ptr< ICredentialEvent > ICredentialEventPtr
Definition:
AuditFwd.hpp:58
Leosac::Cred::ICredentialPtr
std::shared_ptr< ICredential > ICredentialPtr
Definition:
CredentialFwd.hpp:32
Leosac::SecurityContext::CredentialActionParam
Definition:
SecurityContext.hpp:179
Leosac::Cred::CredentialId
unsigned long CredentialId
Definition:
CredentialFwd.hpp:35
Leosac::Auth::GroupId
unsigned long GroupId
Definition:
AuthFwd.hpp:41
Leosac::Module::WebSockAPI::RequestContext::audit
Audit::IAuditEntryPtr audit
The initial audit trail for the request.
Definition:
RequestContext.hpp:55
Leosac::DBService::THROW_IF_NOT_FOUND
@ THROW_IF_NOT_FOUND
Definition:
DBService.hpp:40
Leosac::Module::WebSockAPI::json
nlohmann::json json
Definition:
AccessOverview.hpp:30
Leosac::Auth::UserId
unsigned long UserId
Definition:
AuthFwd.hpp:34
Leosac::Module::WebSockAPI::RequestContext
Holds valuable pointer to provide context to a request.
Definition:
RequestContext.hpp:36
Leosac::Module::WebSockAPI
Definition:
ActionActionParam.hpp:28
Leosac::SecurityContext::Action::CREDENTIAL_READ
@ CREDENTIAL_READ
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb
Verb
Definition:
CRUDResourceHandler.hpp:43
Leosac::SecurityContext::Action::CREDENTIAL_CREATE
@ CREDENTIAL_CREATE
ICredentialEvent.hpp
Result
odb::result< Tools::LogEntry > Result
Definition:
LogEntry.cpp:37
Leosac::Module::WebSockAPI::CredentialCRUD::read_impl
virtual boost::optional< json > read_impl(const json &req) override
Definition:
CredentialCRUD.cpp:121
AssertCast.hpp
Leosac::Module::WebSockAPI::CRUDResourceHandler::security_context
virtual UserSecurityContext & security_context() const override
Helper function that returns the security context.
Definition:
CRUDResourceHandler.cpp:96
Leosac::Audit::Factory::CredentialEventPtr
static ICredentialEventPtr CredentialEventPtr(const DBPtr &database, Cred::ICredentialPtr target_cred, IAuditEntryPtr parent)
Definition:
AuditFactory.cpp:98
src
modules
websock-api
api
CredentialCRUD.cpp
Generated on Tue Mar 22 2022 10:48:27 for Leosac by
1.8.17