Leosac  0.8.0
Open Source Access Control
FileAuthSourceMapper.cpp
Go to the documentation of this file.
1 /*
2  Copyright (C) 2014-2016 Leosac
3 
4  This file is part of Leosac.
5 
6  Leosac is free software: you can redistribute it and/or modify
7  it under the terms of the GNU Affero General Public License as published by
8  the Free Software Foundation, either version 3 of the License, or
9  (at your option) any later version.
10 
11  Leosac is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU Affero General Public License for more details.
15 
16  You should have received a copy of the GNU Affero General Public License
17  along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19 
20 #include "FileAuthSourceMapper.hpp"
21 #include "core/auth/Auth.hpp"
22 #include "core/auth/Door.hpp"
23 #include "core/auth/Group.hpp"
24 #include "core/auth/Interfaces/IAuthenticationSource.hpp"
25 #include "core/auth/ProfileMerger.hpp"
26 #include "core/auth/User.hpp"
27 #include "core/credentials/ICredential.hpp"
28 #include "core/credentials/PinCode.hpp"
29 #include "core/credentials/RFIDCard.hpp"
30 #include "core/credentials/RFIDCardPin.hpp"
31 #include "exception/moduleexception.hpp"
32 #include "tools/AssertCast.hpp"
33 #include "tools/Schedule.hpp"
34 #include "tools/XmlPropertyTree.hpp"
35 #include "tools/log.hpp"
36 #include <boost/algorithm/string.hpp>
37 #include <tools/enforce.hpp>
38 
39 using namespace Leosac::Module::Auth;
40 using namespace Leosac::Auth;
41 
42 FileAuthSourceMapper::FileAuthSourceMapper(const std::string &auth_file)
43  : config_file_(auth_file)
44  , xmlnne_(config_file_)
45 {
46  try
47  {
48  // Loading order:
49  // - Users
50  // - Groups
51  // - Credentials
52  // - Schedule, and schedule mapping
53 
54  DEBUG("Will load tree");
55  auto &&additional_config = Tools::propertyTreeFromXmlFile(auth_file);
56  additional_config = additional_config.get_child("root");
57  DEBUG("Tree loaded");
58 
59  const auto &users_tree = additional_config.get_child_optional("users");
60  if (users_tree)
61  load_users(*users_tree);
62 
63  const auto &groups_tree =
64  additional_config.get_child_optional("group_mapping");
65  if (groups_tree)
66  load_groups(*groups_tree);
67 
68  const auto &credentials_tree =
69  additional_config.get_child_optional("credentials");
70  if (credentials_tree)
71  load_credentials(*credentials_tree);
72 
73  const auto &schedules_tree =
74  additional_config.get_child_optional("schedules");
75  if (schedules_tree)
76  load_schedules(*schedules_tree);
77 
78  const auto &schedule_mapping_tree =
79  additional_config.get_child_optional("schedules_mapping");
80  if (schedule_mapping_tree)
81  map_schedules(*schedule_mapping_tree);
82 
83  DEBUG("Ready");
84  }
85  catch (std::exception &e)
86  {
87  ERROR("Exception: " << e.what());
88  std::throw_with_nested(
89  ModuleException("AuthFile cannot load configuration"));
90  }
91 }
92 
93 void FileAuthSourceMapper::visit(::Leosac::Cred::RFIDCard &src)
94 {
95  auto it = rfid_cards_.find(src.card_id());
96  if (it != rfid_cards_.end())
97  {
98  auto cred = it->second;
99 
100  // By copying our instance of the credential to the
101  // caller credential object, we store additional info we gathered
102  // (like owner, id, or validity) and made them accessible to them.
103  src = *cred;
104  }
105 }
106 
107 void FileAuthSourceMapper::visit(::Leosac::Cred::PinCode &src)
108 {
109  auto it = pin_codes_.find(src.pin_code());
110  if (it != pin_codes_.end())
111  {
112  auto cred = it->second;
113 
114  // By copying our instance of the credential to the
115  // caller credential object, we store additional info we gathered
116  // (like owner, id, or validity) and made them accessible to them.
117  src = *cred;
118  }
119 }
120 
121 void FileAuthSourceMapper::visit(::Leosac::Cred::RFIDCardPin &src)
122 {
123  auto key = std::make_pair(src.card().card_id(), src.pin().pin_code());
124 
125  auto it = rfid_cards_pin.find(key);
126  if (it != rfid_cards_pin.end())
127  {
128  auto cred = it->second;
129 
130  // By copying our instance of the credential to the
131  // caller credential object, we store additional info we gathered
132  // (like owner) and made them accessible to them.
133  src = *cred;
134  }
135 }
136 
137 void FileAuthSourceMapper::mapToUser(Cred::ICredentialPtr cred)
138 {
139  ASSERT_LOG(cred, "Credential is null.");
140  try
141  {
142  cred->accept(*this);
143  }
144  catch (...)
145  {
146  std::throw_with_nested(
147  ModuleException("AuthFile failed to map auth_source to user"));
148  }
149 }
150 
151 void FileAuthSourceMapper::load_groups(
152  const boost::property_tree::ptree &group_mapping)
153 {
154  GroupId group_id =
155  1; // Similar to user, we need ID to identify group in mapping.
156  for (const auto &group_info : group_mapping)
157  {
158  const boost::property_tree::ptree &node = group_info.second;
159  const std::string &group_name = node.get<std::string>("group");
160 
161  xmlnne_("map", group_info.first);
162 
163  GroupPtr grp = groups_[group_name] = GroupPtr(new Group(group_name));
164  grp->id(group_id++);
165  grp->profile(SimpleAccessProfilePtr(new SimpleAccessProfile()));
166 
167  for (const auto &membership : node)
168  {
169  if (membership.first != "user")
170  continue;
171  std::string user_name = membership.second.data();
172  UserPtr user = users_[user_name];
173  if (!user)
174  {
175  ERROR("Unknown user " << user_name);
176  throw ConfigException(config_file_, "Unknown user " + user_name);
177  }
178  grp->member_add(user);
179  }
180  }
181 }
182 
183 std::vector<GroupPtr> FileAuthSourceMapper::groups() const
184 {
185  std::vector<GroupPtr> ret;
186 
187  ret.reserve(groups_.size());
188  for (const auto &map_entry : groups_)
189  {
190  ret.push_back(map_entry.second);
191  }
192  return ret;
193 }
194 
195 std::vector<GroupPtr> FileAuthSourceMapper::get_user_groups(Leosac::Auth::UserPtr u)
196 {
197  assert(u);
198  std::vector<GroupPtr> grps;
199  auto lambda_cmp = [&](UserPtr user) -> bool {
200  return user->username() == u->username();
201  };
202 
203  for (const auto &grp_map : groups_)
204  {
205  GroupPtr grp;
206  std::tie(std::ignore, grp) = grp_map;
207 
208  if (std::find_if(grp->members().begin(), grp->members().end(), lambda_cmp) !=
209  grp->members().end())
210  {
211  grps.push_back(grp);
212  }
213  }
214  return grps;
215 }
216 
217 IAccessProfilePtr
218 FileAuthSourceMapper::merge_profiles(const std::vector<IAccessProfilePtr> profiles)
219 {
220  ProfileMerger merger;
221  IAccessProfilePtr result(new SimpleAccessProfile());
222 
223  for (auto &profile : profiles)
224  {
225  if (profile)
226  result = merger.merge(result, profile);
227  }
228  if (result->schedule_count())
229  return result;
230  return nullptr;
231 }
232 
233 void FileAuthSourceMapper::load_credentials(
234  const boost::property_tree::ptree &credentials)
235 {
236  Cred::CredentialId cred_id = 1;
237  for (const auto &mapping : credentials)
238  {
239  const std::string &node_name = mapping.first;
240  const boost::property_tree::ptree &node = mapping.second;
241 
242  xmlnne_("map", node_name);
243 
244  std::string user_id = node.get<std::string>("user");
245  UserPtr user = users_[user_id];
246  if (!user)
247  throw ConfigException(
248  config_file_, "Credentials defined for undefined user " + user_id);
249  assert(user);
250 
251  Cred::ICredentialPtr credential;
252 
253  // does this entry map a wiegand card?
254  auto opt_child = node.get_child_optional("WiegandCard");
255  if (opt_child)
256  {
257  std::string card_id = opt_child->get<std::string>("card_id");
258  int bits = opt_child->get<int>("bits");
259 
260  Cred::RFIDCardPtr c = std::make_shared<Cred::RFIDCard>();
261  c->card_id(card_id);
262  c->nb_bits(bits);
263  rfid_cards_[card_id] = c;
264  credential = c;
265  }
266  else if (opt_child = node.get_child_optional("PINCode"))
267  {
268  // or to a PIN code ?
269  std::string pin = opt_child->get<std::string>("pin");
270 
271  Cred::PinCodePtr p = std::make_shared<Cred::PinCode>();
272  p->pin_code(pin);
273  pin_codes_[pin] = p;
274  credential = p;
275  }
276  else if (opt_child = node.get_child_optional("WiegandCardPin"))
277  {
278  std::string card_id = opt_child->get<std::string>("card_id");
279  std::string pin = opt_child->get<std::string>("pin");
280  int bits = opt_child->get<int>("bits");
281 
282  auto c = std::make_shared<Cred::RFIDCard>();
283  c->id(cred_id++);
284  c->card_id(card_id);
285  c->nb_bits(bits);
286 
287  auto p = std::make_shared<Cred::PinCode>();
288  p->id(cred_id++);
289  p->pin_code(pin);
290  credential = std::make_shared<Cred::RFIDCardPin>(c, p);
291  rfid_cards_pin[std::make_pair(card_id, pin)] =
292  assert_cast<Cred::RFIDCardPinPtr>(credential);
293  }
294  assert(opt_child);
295  credential->id(cred_id++);
296  credential->validity(extract_credentials_validity(*opt_child));
297  credential->owner(user);
298 
299  // Alias in place of id, so that it can be a string (making it easier to
300  // configure from the a XML file)
301  credential->alias(opt_child->get<std::string>("id", ""));
302  add_cred_to_id_map(credential);
303  }
304 }
305 
306 void FileAuthSourceMapper::load_schedules(
307  const boost::property_tree::ptree &schedules)
308 {
309  bool ret = xml_schedules_.load(schedules);
310  ASSERT_LOG(ret, "Failed to load schedules");
311 }
312 
313 void FileAuthSourceMapper::map_schedules(
314  const boost::property_tree::ptree &schedules_mapping)
315 {
316  for (const auto &mapping_entry : schedules_mapping)
317  {
318  const std::string &node_name = mapping_entry.first;
319  const boost::property_tree::ptree &node = mapping_entry.second;
320 
321  xmlnne_("map", node_name);
322 
323  // we can map multiple schedule at once.
324  std::list<std::string> schedule_names;
325  std::list<std::string> user_names;
326  std::list<std::string> group_names;
327  std::list<std::string> credential_names;
328  std::string target_door;
329  target_door = node.get<std::string>("door", "");
330  auto door(std::make_shared<Leosac::Auth::Door>());
331  door->alias(target_door);
332  doors_.push_back(door);
333 
334  // lets loop over all the info we have
335  for (const auto &mapping_data : node)
336  {
337  if (mapping_data.first == "door")
338  continue;
339  if (mapping_data.first == "schedule")
340  schedule_names.push_back(mapping_data.second.data());
341  if (mapping_data.first == "user")
342  user_names.push_back(mapping_data.second.data());
343  if (mapping_data.first == "group")
344  group_names.push_back(mapping_data.second.data());
345  if (mapping_data.first == "credential")
346  credential_names.push_back(mapping_data.second.data());
347  }
348 
349  // now build object based on what we extracted.
350  for (const auto &schedule_name : schedule_names)
351  {
352  // Each schedule can be mapped once per ScheduleMapping, but can be
353  // referenced by multiple schedule mapping. What we do here is for each
354  // schedule in the mapping entry, we create a ScheduleMapping object.
355  Tools::ScheduleMappingPtr sm(std::make_shared<Tools::ScheduleMapping>());
356  xml_schedules_.schedules().at(schedule_name)->add_mapping(sm);
357 
358  if (!door->alias().empty())
359  sm->add_door(door);
360 
361  for (const auto &user_name : user_names)
362  {
363  UserPtr user = users_[user_name];
364  sm->add_user(user);
365  }
366  // now for groups
367  for (const auto &group_name : group_names)
368  {
369  GroupPtr grp = groups_[group_name];
370  sm->add_group(grp);
371  }
372  for (const auto &cred_id : credential_names)
373  {
374  DEBUG("CRED = " << cred_id);
375  Cred::ICredentialPtr cred = find_cred_by_alias(cred_id);
376  sm->add_credential(assert_cast<Cred::CredentialPtr>(cred));
377  }
378 
379  mappings_.push_back(sm);
380  }
381  }
382 }
383 
384 void FileAuthSourceMapper::load_users(const boost::property_tree::ptree &users)
385 {
386  // We use the user id internally to uniquely identify user
387  // through ScheduleMapping.
388  UserId user_id = 1;
389  for (const auto &user : users)
390  {
391  const std::string &node_name = user.first;
392  const boost::property_tree::ptree &node = user.second;
393 
394  xmlnne_("user", node_name);
395 
396  std::string username = node.get<std::string>("name");
397  std::string firstname = node.get<std::string>("firstname", "");
398  std::string lastname = node.get<std::string>("lastname", "");
399  std::string email = node.get<std::string>("email", "");
400 
401  if (username == "UNKNOWN_USER") // reserved username
402  throw ConfigException(config_file_,
403  "'UNKNOWN_USER' is a reserved name. Do not use.");
404 
405  UserPtr uptr(std::make_unique<User>(user_id++));
406  uptr->username(username);
407  uptr->firstname(firstname);
408  uptr->lastname(lastname);
409  uptr->email(email);
410  uptr->validity(extract_credentials_validity(node));
411 
412  // create an empty profile
413  uptr->profile(SimpleAccessProfilePtr(new SimpleAccessProfile()));
414 
415  if (users_.count(username))
416  {
417  WARN("User " << username << " was already defined. Will overwrite.");
418  }
419  users_[username] = uptr;
420  }
421 }
422 
423 Leosac::Auth::ValidityInfo FileAuthSourceMapper::extract_credentials_validity(
424  const boost::property_tree::ptree &node)
425 {
426  ValidityInfo v;
427 
428  v.set_start_date(node.get<std::string>("validity_start", ""));
429  v.set_end_date(node.get<std::string>("validity_end", ""));
430  v.set_enabled(node.get<bool>("enabled", true));
431 
432  return v;
433 }
434 
435 Leosac::Cred::ICredentialPtr
436 FileAuthSourceMapper::find_cred_by_alias(const std::string &alias)
437 {
438  auto &&itr = id_to_cred_.find(alias);
439  if (itr != id_to_cred_.end())
440  return itr->second;
441  return nullptr;
442 }
443 
444 void FileAuthSourceMapper::add_cred_to_id_map(
445  Leosac::Cred::ICredentialPtr credential)
446 {
447  if (!credential->alias().empty())
448  {
449  if (id_to_cred_.count(credential->alias()))
450  {
451  WARN("Credential with ID = " << credential->alias()
452  << " already exist and "
453  "will be overwritten.");
454  }
455  id_to_cred_[credential->alias()] = credential;
456  }
457 }
458 
459 Leosac::Auth::IAccessProfilePtr
460 FileAuthSourceMapper::buildProfile(Leosac::Cred::ICredentialPtr cred)
461 {
462  assert(cred);
463  std::vector<GroupPtr> grps;
464  std::vector<IAccessProfilePtr> profiles; // profiles that apply to the user.
465 
466  // Sanity check
467  if (cred->owner())
468  ASSERT_LOG(cred->owner().get_eager(), "Sanity check failed.");
469 
470  auto cred_owner = cred->owner().get_eager();
471  if (!cred->validity().is_valid())
472  {
473  INFO("Credentials is invalid. It was disabled or out of its validity "
474  "period.");
475  return nullptr;
476  }
477 
478  if (cred_owner && !cred_owner->is_valid())
479  {
480  INFO("The user (" << cred_owner->username()
481  << ") is disabled or out of its validity period.");
482  return nullptr;
483  }
484 
485  // First, create the profile for the user, if any
486  if (cred_owner)
487  {
488  profiles.push_back(build_user_profile(cred_owner));
489 
490  // Profile for user's groups.
491  grps = get_user_groups(cred_owner);
492  for (auto &grp : grps)
493  profiles.push_back(build_group_profile(grp));
494  }
495 
496  profiles.push_back(build_cred_profile(cred));
497 
498  return merge_profiles(profiles);
499 }
500 
501 static void
502 add_schedule_from_mapping_to_profile(Leosac::Tools::ScheduleMappingPtr mapping,
503  SimpleAccessProfilePtr profile)
504 {
505  ASSERT_LOG(mapping, "Mapping cannot be null");
506  ASSERT_LOG(profile, "Profile cannot be null");
507 
508  auto schedule = LEOSAC_ENFORCE(mapping->schedule().get_eager().lock(),
509  "Cannot retrieve schedule from mapping");
510 
511  if (mapping->doors().size())
512  {
513  // If we have doors, add the schedule against each door (AuthTarget)
514  for (auto lazy_weak_door : mapping->doors())
515  {
516  auto door_ptr = LEOSAC_ENFORCE(lazy_weak_door.get_eager().lock(),
517  "Cannot get Door from mapping");
518  profile->addAccessSchedule(
519  std::make_shared<AuthTarget>(door_ptr->alias()),
520  std::static_pointer_cast<const Leosac::Tools::ISchedule>(schedule));
521  }
522  }
523  else
524  {
525  // No specific door, add with nullptr as a target.
526  profile->addAccessSchedule(
527  nullptr,
528  std::static_pointer_cast<const Leosac::Tools::ISchedule>(schedule));
529  }
530 }
531 
532 SimpleAccessProfilePtr FileAuthSourceMapper::build_user_profile(UserPtr u)
533 {
534  ASSERT_LOG(u, "User is null");
535 
536  auto profile(std::make_shared<SimpleAccessProfile>());
537  for (const auto &mapping : mappings_)
538  {
539  if (mapping->has_user(u->id()))
540  {
541  add_schedule_from_mapping_to_profile(mapping, profile);
542  }
543  }
544  return profile;
545 }
546 
547 SimpleAccessProfilePtr FileAuthSourceMapper::build_group_profile(GroupPtr g)
548 {
549  ASSERT_LOG(g, "Group is null");
550 
551  auto profile(std::make_shared<SimpleAccessProfile>());
552  for (const auto &mapping : mappings_)
553  {
554  if (mapping->has_group(g->id()))
555  {
556  add_schedule_from_mapping_to_profile(mapping, profile);
557  }
558  }
559  return profile;
560 }
561 
562 Leosac::Auth::SimpleAccessProfilePtr
563 FileAuthSourceMapper::build_cred_profile(Leosac::Cred::ICredentialPtr c)
564 {
565  ASSERT_LOG(c, "Credential is null");
566 
567  auto profile(std::make_shared<SimpleAccessProfile>());
568  for (const auto &mapping : mappings_)
569  {
570  if (mapping->has_cred(c->id()))
571  {
572  add_schedule_from_mapping_to_profile(mapping, profile);
573  }
574  }
575  return profile;
576 }
Leosac::Module::Auth::FileAuthSourceMapper::groups_
std::map< std::string, Leosac::Auth::GroupPtr > groups_
Maps group name to object.
Definition: FileAuthSourceMapper.hpp:167
Leosac::Auth
Holds classes relevant to the Authentication and Authorization subsystem.
Definition: AccessPoint.hpp:27
Leosac::Cred::PinCode
A PinCode credential.
Definition: PinCode.hpp:33
Leosac::Module::Auth::FileAuthSourceMapper::add_cred_to_id_map
void add_cred_to_id_map(Leosac::Cred::ICredentialPtr credential)
Store the credential to the id <-> credential map if the id is non-empty.
Definition: FileAuthSourceMapper.cpp:444
WARN
@ WARN
Definition: log.hpp:33
Leosac::Auth::ValidityInfo::set_start_date
void set_start_date(const std::string &s)
Set the start validity date.
Definition: ValidityInfo.cpp:51
Leosac::Module::Auth::FileAuthSourceMapper::find_cred_by_alias
Cred::ICredentialPtr find_cred_by_alias(const std::string &alias)
Lookup a credentials by ID.
Definition: FileAuthSourceMapper.cpp:436
Leosac::Cred::RFIDCardPin
Credentials composed of an RFIDCard and a PIN code.
Definition: RFIDCardPin.hpp:37
ERROR
@ ERROR
Definition: log.hpp:32
DEBUG
@ DEBUG
Definition: log.hpp:35
Auth.hpp
Leosac::Cred::RFIDCardPtr
std::shared_ptr< RFIDCard > RFIDCardPtr
Definition: CredentialFwd.hpp:43
ASSERT_LOG
#define ASSERT_LOG(cond, msg)
Definition: log.hpp:190
Leosac::Auth::UserPtr
std::shared_ptr< User > UserPtr
Definition: AuthFwd.hpp:31
Leosac::Tools::propertyTreeFromXmlFile
boost::property_tree::ptree propertyTreeFromXmlFile(const std::string &path)
Build a property tree from a xml file.
Definition: XmlPropertyTree.cpp:39
moduleexception.hpp
Exception class for modules.
RFIDCard.hpp
User.hpp
INFO
@ INFO
Definition: log.hpp:34
Leosac::Module::Auth::FileAuthSourceMapper::pin_codes_
std::unordered_map< std::string, Leosac::Cred::PinCodePtr > pin_codes_
Maps PIN code to object.
Definition: FileAuthSourceMapper.hpp:178
Leosac::Auth::IAccessProfilePtr
std::shared_ptr< IAccessProfile > IAccessProfilePtr
Definition: AuthFwd.hpp:88
ICredential.hpp
Leosac::Module::Auth::FileAuthSourceMapper::load_credentials
void load_credentials(const boost::property_tree::ptree &credentials)
Eager loading of credentials to avoid walking through the ptree whenever we have to grant/deny an acc...
Definition: FileAuthSourceMapper.cpp:233
Leosac::Cred::RFIDCard
An RFID card credential.
Definition: RFIDCard.hpp:33
Leosac::Tools::ScheduleMappingPtr
std::shared_ptr< ScheduleMapping > ScheduleMappingPtr
Definition: ToolsFwd.hpp:41
Leosac::Module::Auth::FileAuthSourceMapper::build_group_profile
Leosac::Auth::SimpleAccessProfilePtr build_group_profile(Leosac::Auth::GroupPtr g)
Definition: FileAuthSourceMapper.cpp:547
Leosac::Module::Auth::FileAuthSourceMapper::xmlnne_
Tools::XmlNodeNameEnforcer xmlnne_
Definition: FileAuthSourceMapper.hpp:206
ModuleException
Definition: moduleexception.hpp:33
Leosac::Tools::XmlScheduleLoader::load
bool load(const boost::property_tree::ptree &t)
Load all schedules from a tree and stores them in the map.
Definition: XmlScheduleLoader.cpp:49
Leosac::Module::Auth::FileAuthSourceMapper::rfid_cards_pin
std::map< std::pair< std::string, std::string >, Leosac::Cred::RFIDCardPinPtr > rfid_cards_pin
Maps WiegandCard + PIN code to object.
Definition: FileAuthSourceMapper.hpp:184
Leosac::Module::Auth::FileAuthSourceMapper::buildProfile
virtual Leosac::Auth::IAccessProfilePtr buildProfile(Leosac::Cred::ICredentialPtr cred)
Build an AccessProfile object given a Credential.
Definition: FileAuthSourceMapper.cpp:460
Leosac::Module::Auth::FileAuthSourceMapper::load_groups
void load_groups(const boost::property_tree::ptree &group_mapping)
Extract group membership.
Definition: FileAuthSourceMapper.cpp:151
Leosac::Module::Auth::FileAuthSourceMapper::load_schedules
void load_schedules(const boost::property_tree::ptree &schedules)
Load the schedules information from the config tree.
Definition: FileAuthSourceMapper.cpp:306
Door.hpp
enforce.hpp
Leosac::Cred::PinCode::pin_code
const std::string & pin_code() const override
Definition: PinCode.cpp:28
Leosac::Module::Auth::FileAuthSourceMapper::mapToUser
virtual void mapToUser(Leosac::Cred::ICredentialPtr auth_source)
Must map the ICredential data to a User.
Definition: FileAuthSourceMapper.cpp:137
RFIDCardPin.hpp
ConfigException
Definition: configexception.hpp:87
Leosac::Auth::ValidityInfo::set_enabled
void set_enabled(bool v)
Definition: ValidityInfo.cpp:93
Group.hpp
FileAuthSourceMapper.hpp
Leosac::Auth::SimpleAccessProfile
Concrete implementation of a simple access control class.
Definition: SimpleAccessProfile.hpp:39
Leosac::Auth::GroupPtr
std::shared_ptr< Group > GroupPtr
Definition: AuthFwd.hpp:37
Leosac::Auth::Group
A authentication group regroup users that share permissions.
Definition: Group.hpp:57
Leosac::Auth::SimpleAccessProfilePtr
std::shared_ptr< SimpleAccessProfile > SimpleAccessProfilePtr
Definition: AuthFwd.hpp:44
Leosac::Module::Auth::FileAuthSourceMapper::groups
std::vector< Leosac::Auth::GroupPtr > groups() const override
Return the groups this mapper is aware of.
Definition: FileAuthSourceMapper.cpp:183
Leosac::Cred::PinCodePtr
std::shared_ptr< PinCode > PinCodePtr
Definition: CredentialFwd.hpp:47
PinCode.hpp
Leosac::Module::Auth::FileAuthSourceMapper::rfid_cards_
std::unordered_map< std::string, Leosac::Cred::RFIDCardPtr > rfid_cards_
Maps card_id to object.
Definition: FileAuthSourceMapper.hpp:172
Leosac::Module::Auth::FileAuthSourceMapper::users_
std::map< std::string, Leosac::Auth::UserPtr > users_
Maps user id (or name) to object.
Definition: FileAuthSourceMapper.hpp:162
Leosac::Cred::RFIDCardPin::card
const RFIDCard & card() const
Definition: RFIDCardPin.cpp:46
Leosac::Module::Auth::FileAuthSourceMapper::config_file_
std::string config_file_
Store the name of the configuration file.
Definition: FileAuthSourceMapper.hpp:157
XmlPropertyTree.hpp
Leosac::Cred::RFIDCard::card_id
virtual const std::string & card_id() const override
Definition: RFIDCard.cpp:34
Leosac::Cred::RFIDCardPin::pin
const PinCode & pin() const
Definition: RFIDCardPin.cpp:41
Leosac::Module::Auth::FileAuthSourceMapper::visit
virtual void visit(::Leosac::Cred::RFIDCard &src) override
Try to map a wiegand card_id to a user.
Definition: FileAuthSourceMapper.cpp:93
Leosac::Module::Auth::FileAuthSourceMapper::id_to_cred_
std::unordered_map< std::string, Leosac::Cred::ICredentialPtr > id_to_cred_
Maps credentials ID (from XML) to object.
Definition: FileAuthSourceMapper.hpp:190
Leosac::Module::Auth::FileAuthSourceMapper::xml_schedules_
Tools::XmlScheduleLoader xml_schedules_
Definition: FileAuthSourceMapper.hpp:192
Leosac::Module::Auth::FileAuthSourceMapper::FileAuthSourceMapper
FileAuthSourceMapper(const std::string &auth_file)
Definition: FileAuthSourceMapper.cpp:42
Leosac::Module::Auth::FileAuthSourceMapper::build_cred_profile
Leosac::Auth::SimpleAccessProfilePtr build_cred_profile(Leosac::Cred::ICredentialPtr c)
Definition: FileAuthSourceMapper.cpp:563
Leosac::Cred::ICredentialPtr
std::shared_ptr< ICredential > ICredentialPtr
Definition: CredentialFwd.hpp:32
Leosac::Tools::XmlScheduleLoader::schedules
const std::map< std::string, ISchedulePtr > & schedules() const
Access the map of stored schedules.
Definition: XmlScheduleLoader.cpp:111
Leosac::Auth::ProfileMerger
Helper class that merges profile together.
Definition: ProfileMerger.hpp:36
Leosac::Module::Auth::FileAuthSourceMapper::extract_credentials_validity
Leosac::Auth::ValidityInfo extract_credentials_validity(const boost::property_tree::ptree &node)
Definition: FileAuthSourceMapper.cpp:423
Leosac::Cred::CredentialId
unsigned long CredentialId
Definition: CredentialFwd.hpp:35
Leosac::Auth::GroupId
unsigned long GroupId
Definition: AuthFwd.hpp:41
log.hpp
Leosac::Module::Auth::FileAuthSourceMapper::map_schedules
void map_schedules(const boost::property_tree::ptree &schedules_mapping)
Interpret the schedule mapping content of the config file.
Definition: FileAuthSourceMapper.cpp:313
ProfileMerger.hpp
Leosac::Auth::UserId
unsigned long UserId
Definition: AuthFwd.hpp:34
Leosac::Module::Auth
Authentication backend modules live here.
Leosac::Module::Auth::FileAuthSourceMapper::merge_profiles
Leosac::Auth::IAccessProfilePtr merge_profiles(const std::vector< Leosac::Auth::IAccessProfilePtr > profiles)
Merge a bunch of profiles together and returns a new profile.
Definition: FileAuthSourceMapper.cpp:218
Leosac::Auth::ProfileMerger::merge
virtual IAccessProfilePtr merge(std::shared_ptr< const IAccessProfile > p1, std::shared_ptr< const IAccessProfile > p2)
Build a new Profile object by merging two profiles.
Definition: ProfileMerger.cpp:28
Leosac::Module::Auth::FileAuthSourceMapper::load_users
void load_users(const boost::property_tree::ptree &users)
Load users from configuration tree, storing them in the users_ map.
Definition: FileAuthSourceMapper.cpp:384
Leosac::Module::Auth::FileAuthSourceMapper::mappings_
std::vector< Tools::ScheduleMappingPtr > mappings_
List of mappings defined in the configuration file.
Definition: FileAuthSourceMapper.hpp:197
Leosac::Auth::ValidityInfo::set_end_date
void set_end_date(const std::string &s)
Set the end validity date.
Definition: ValidityInfo.cpp:72
Schedule.hpp
LEOSAC_ENFORCE
#define LEOSAC_ENFORCE(cond,...)
Similar to enforce, except that it will throw a LEOSACException.
Definition: enforce.hpp:47
Leosac::Module::Auth::FileAuthSourceMapper::get_user_groups
std::vector< Leosac::Auth::GroupPtr > get_user_groups(Leosac::Auth::UserPtr u)
Naive method that bruteforce groups to try to find membership for an user.
Definition: FileAuthSourceMapper.cpp:195
Leosac::Module::Auth::FileAuthSourceMapper::build_user_profile
Leosac::Auth::SimpleAccessProfilePtr build_user_profile(Leosac::Auth::UserPtr u)
Build an access for a user.
Definition: FileAuthSourceMapper.cpp:532
Leosac::Auth::ValidityInfo
A simple class that stores (and can be queried for) the validity of some objects.
Definition: ValidityInfo.hpp:42
AssertCast.hpp
IAuthenticationSource.hpp
Leosac::Module::Auth::FileAuthSourceMapper::doors_
std::vector< Leosac::Auth::DoorPtr > doors_
We store doors object, but really we only use the name property.
Definition: FileAuthSourceMapper.hpp:204