Leosac  0.8.0
Open Source Access Control
CredentialCRUD.cpp
Go to the documentation of this file.
1 /*
2  Copyright (C) 2014-2016 Leosac
3 
4  This file is part of Leosac.
5 
6  Leosac is free software: you can redistribute it and/or modify
7  it under the terms of the GNU Affero General Public License as published by
8  the Free Software Foundation, either version 3 of the License, or
9  (at your option) any later version.
10 
11  Leosac is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU Affero General Public License for more details.
15 
16  You should have received a copy of the GNU Affero General Public License
17  along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19 
20 #include "api/CredentialCRUD.hpp"
24 #include "core/credentials/Credential_odb.h"
30 #include "tools/AssertCast.hpp"
31 #include "tools/db/DBService.hpp"
33 
34 using namespace Leosac;
35 using namespace Leosac::Module;
36 using namespace Leosac::Module::WebSockAPI;
37 
39  : CRUDResourceHandler(ctx)
40 {
41 }
42 
44 {
45  auto instance = CRUDResourceHandlerUPtr(new CredentialCRUD(ctx));
46 
47  return instance;
48 }
49 
50 std::vector<CRUDResourceHandler::ActionActionParam>
52  const json &req) const
53 {
54  std::vector<CRUDResourceHandler::ActionActionParam> ret;
56  try
57  {
58  gap.group_id = req.at("credential_id").get<Auth::GroupId>();
59  }
60  catch (json::out_of_range &e)
61  {
62  gap.group_id = 0;
63  }
64  switch (verb)
65  {
66  case Verb::READ:
67  ret.emplace_back(SecurityContext::Action::CREDENTIAL_READ, gap);
68  break;
69  case Verb::CREATE:
70  ret.emplace_back(SecurityContext::Action::CREDENTIAL_CREATE, gap);
71  break;
72  case Verb::UPDATE:
73  ret.emplace_back(SecurityContext::Action::CREDENTIAL_UPDATE, gap);
74  break;
75  case Verb::DELETE:
76  ret.emplace_back(SecurityContext::Action::CREDENTIAL_DELETE, gap);
77  break;
78  }
79  return ret;
80 }
81 
82 boost::optional<json> CredentialCRUD::create_impl(const json &req)
83 {
84  json rep;
85  DBPtr db = ctx_.dbsrv->db();
86  odb::transaction t(db->begin());
87 
88  Cred::ICredentialPtr new_cred;
89  std::string type = req.at("credential-type");
90  if (type == "rfid-card")
91  {
92  new_cred = std::make_shared<Cred::RFIDCard>();
93  }
94  else if (type == "pin-code")
95  {
96  new_cred = std::make_shared<Cred::PinCode>();
97  }
98  else
99  {
100  throw LEOSACException(
101  BUILD_STR("Credential {" << type << "} are not supported."));
102  }
103 
104  PolymorphicCredentialJSONSerializer::unserialize(*new_cred, req.at("attributes"),
105  security_context());
106  db->persist(assert_cast<Cred::CredentialPtr>(new_cred));
109  audit->event_mask(Audit::EventType::CREDENTIAL_CREATED);
111  *new_cred, SystemSecurityContext::instance()));
112  audit->finalize();
113 
114  rep["data"] = PolymorphicCredentialJSONSerializer::serialize(*new_cred,
115  security_context());
116 
117  t.commit();
118  return rep;
119 }
120 
121 boost::optional<json> CredentialCRUD::read_impl(const json &req)
122 {
123  json rep;
124 
125  using Result = odb::result<Cred::Credential>;
126  DBPtr db = ctx_.dbsrv->db();
127  odb::transaction t(db->begin());
128  auto cid = req.at("credential_id").get<Auth::UserId>();
129 
130  if (cid != 0)
131  {
132  Cred::ICredentialPtr cred =
133  ctx_.dbsrv->find_credential_by_id(cid, DBService::THROW_IF_NOT_FOUND);
135  *cred, security_context());
136  }
137  else
138  {
139  Result result = db->query<Cred::Credential>();
140  rep["data"] = json::array();
141  for (const auto &cred : result)
142  {
143  if (security_context().check_permission(
146  cred.id()}))
147  {
149  cred, security_context()));
150  }
151  }
152  }
153  t.commit();
154  return rep;
155 }
156 
157 boost::optional<json> CredentialCRUD::update_impl(const json &req)
158 {
159  json rep;
160  auto cid = req.at("credential_id").get<Cred::CredentialId>();
161  auto db = ctx_.dbsrv->db();
162  odb::transaction t(db->begin());
163 
164  Cred::ICredentialPtr cred =
165  ctx_.dbsrv->find_credential_by_id(cid, DBService::THROW_IF_NOT_FOUND);
168  audit->event_mask(Audit::EventType::CREDENTIAL_UPDATED);
171 
172  PolymorphicCredentialJSONSerializer::unserialize(*cred, req.at("attributes"),
173  security_context());
174  db->update(assert_cast<Cred::CredentialPtr>(cred));
175 
178  audit->finalize();
179  t.commit();
180  return rep;
181 }
182 
183 boost::optional<json> CredentialCRUD::delete_impl(const json &req)
184 {
185  auto cid = req.at("credential_id").get<Cred::CredentialId>();
186  auto db = ctx_.dbsrv->db();
187  odb::transaction t(db->begin());
188 
189  if (cid != 0)
190  {
191  Cred::ICredentialPtr cred =
192  ctx_.dbsrv->find_credential_by_id(cid, DBService::THROW_IF_NOT_FOUND);
195  audit->event_mask(Audit::EventType::CREDENTIAL_DELETED);
198 
199  audit->finalize();
200  db->erase<Cred::Credential>(cred->id());
201  t.commit();
202  }
203  return json{};
204 }
Leosac::Module::WebSockAPI::CredentialCRUD::CredentialCRUD
CredentialCRUD(RequestContext ctx)
Definition: CredentialCRUD.cpp:38
AuditFactory.hpp
Leosac::SystemSecurityContext::instance
static SecurityContext & instance()
Definition: SecurityContext.cpp:64
Leosac::SecurityContext::GroupActionParam
Definition: SecurityContext.hpp:165
Leosac::Module::WebSockAPI::CredentialCRUD::instanciate
static CRUDResourceHandlerUPtr instanciate(RequestContext)
Definition: CredentialCRUD.cpp:43
CredentialCRUD.hpp
Leosac::Module::WebSockAPI::CredentialCRUD::create_impl
virtual boost::optional< json > create_impl(const json &req) override
Create a new credential.
Definition: CredentialCRUD.cpp:82
BUILD_STR
#define BUILD_STR(param)
Internal macro.
Definition: log.hpp:63
PolymorphicCredentialSerializer.hpp
Leosac::Audit::EventType::CREDENTIAL_CREATED
@ CREDENTIAL_CREATED
Leosac::PolymorphicCredentialJSONSerializer::serialize
static json serialize(const Cred::ICredential &in, const SecurityContext &sc)
Definition: PolymorphicCredentialSerializer.cpp:33
Leosac::PolymorphicCredentialJSONStringSerializer::serialize
static std::string serialize(const Cred::ICredential &in, const SecurityContext &sc)
Definition: PolymorphicCredentialSerializer.cpp:102
Leosac::Audit::EventType::CREDENTIAL_UPDATED
@ CREDENTIAL_UPDATED
Leosac::PolymorphicCredentialJSONSerializer::unserialize
static void unserialize(Cred::ICredential &out, const json &in, const SecurityContext &sc)
Definition: PolymorphicCredentialSerializer.cpp:41
Leosac::Module::WebSockAPI::CRUDResourceHandlerUPtr
std::unique_ptr< CRUDResourceHandler > CRUDResourceHandlerUPtr
Definition: WebSockFwd.hpp:39
Leosac::Module::WebSockAPI::RequestContext::dbsrv
DBServicePtr dbsrv
Definition: RequestContext.hpp:39
Leosac::Module::WebSockAPI::CRUDResourceHandler
Base CRUD handler for use within the websocket module.
Definition: CRUDResourceHandler.hpp:84
RFIDCard.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::DELETE
@ DELETE
Leosac::DBPtr
std::shared_ptr< odb::database > DBPtr
Definition: db_fwd.hpp:31
Leosac::Module::WebSockAPI::CredentialCRUD::update_impl
virtual boost::optional< json > update_impl(const json &req) override
Definition: CredentialCRUD.cpp:157
Leosac::SecurityContext::CredentialActionParam::credential_id
Cred::CredentialId credential_id
Definition: SecurityContext.hpp:181
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::CREATE
@ CREATE
Leosac::Module
All modules that provides features to Leosac shall be in this namespace.
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::READ
@ READ
Credential.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::UPDATE
@ UPDATE
Leosac::SecurityContext::Action::CREDENTIAL_UPDATE
@ CREDENTIAL_UPDATE
CredentialSerializer.hpp
Leosac
This is the header file for a generated source file, GitSHA1.cpp.
Definition: APIStatusCode.hpp:22
Leosac::SecurityContext::GroupActionParam::group_id
Auth::GroupId group_id
Definition: SecurityContext.hpp:167
leosacexception.hpp
Exception class for LEOSAC Project related errors.
Leosac::Module::WebSockAPI::CredentialCRUD::required_permission
virtual std::vector< ActionActionParam > required_permission(Verb verb, const json &req) const override
Definition: CredentialCRUD.cpp:51
Leosac::Audit::EventType::CREDENTIAL_DELETED
@ CREDENTIAL_DELETED
LEOSACException
A base class for Leosac specific exception.
Definition: leosacexception.hpp:40
Leosac::Module::WebSockAPI::CRUDResourceHandler::ctx_
RequestContext ctx_
Definition: CRUDResourceHandler.hpp:95
Leosac::SecurityContext::Action::CREDENTIAL_DELETE
@ CREDENTIAL_DELETE
Leosac::Module::WebSockAPI::CredentialCRUD::delete_impl
virtual boost::optional< json > delete_impl(const json &req) override
Definition: CredentialCRUD.cpp:183
PinCode.hpp
Leosac::Cred::Credential
An ODB enabled credential object.
Definition: Credential.hpp:37
ThreadLocalRegistry.hpp
DBService.hpp
Leosac::Audit::ICredentialEventPtr
std::shared_ptr< ICredentialEvent > ICredentialEventPtr
Definition: AuditFwd.hpp:58
Leosac::Cred::ICredentialPtr
std::shared_ptr< ICredential > ICredentialPtr
Definition: CredentialFwd.hpp:32
Leosac::SecurityContext::CredentialActionParam
Definition: SecurityContext.hpp:179
Leosac::Cred::CredentialId
unsigned long CredentialId
Definition: CredentialFwd.hpp:35
Leosac::Auth::GroupId
unsigned long GroupId
Definition: AuthFwd.hpp:41
Leosac::Module::WebSockAPI::RequestContext::audit
Audit::IAuditEntryPtr audit
The initial audit trail for the request.
Definition: RequestContext.hpp:55
Leosac::DBService::THROW_IF_NOT_FOUND
@ THROW_IF_NOT_FOUND
Definition: DBService.hpp:40
Leosac::Module::WebSockAPI::json
nlohmann::json json
Definition: AccessOverview.hpp:30
Leosac::Auth::UserId
unsigned long UserId
Definition: AuthFwd.hpp:34
Leosac::Module::WebSockAPI::RequestContext
Holds valuable pointer to provide context to a request.
Definition: RequestContext.hpp:36
Leosac::Module::WebSockAPI
Definition: ActionActionParam.hpp:28
Leosac::SecurityContext::Action::CREDENTIAL_READ
@ CREDENTIAL_READ
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb
Verb
Definition: CRUDResourceHandler.hpp:43
Leosac::SecurityContext::Action::CREDENTIAL_CREATE
@ CREDENTIAL_CREATE
ICredentialEvent.hpp
Result
odb::result< Tools::LogEntry > Result
Definition: LogEntry.cpp:37
Leosac::Module::WebSockAPI::CredentialCRUD::read_impl
virtual boost::optional< json > read_impl(const json &req) override
Definition: CredentialCRUD.cpp:121
AssertCast.hpp
Leosac::Module::WebSockAPI::CRUDResourceHandler::security_context
virtual UserSecurityContext & security_context() const override
Helper function that returns the security context.
Definition: CRUDResourceHandler.cpp:96
Leosac::Audit::Factory::CredentialEventPtr
static ICredentialEventPtr CredentialEventPtr(const DBPtr &database, Cred::ICredentialPtr target_cred, IAuditEntryPtr parent)
Definition: AuditFactory.cpp:98