Leosac  0.8.0
Open Source Access Control
CRUDResourceHandler.cpp
Go to the documentation of this file.
1 /*
2  Copyright (C) 2014-2016 Leosac
3 
4  This file is part of Leosac.
5 
6  Leosac is free software: you can redistribute it and/or modify
7  it under the terms of the GNU Affero General Public License as published by
8  the Free Software Foundation, either version 3 of the License, or
9  (at your option) any later version.
10 
11  Leosac is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU Affero General Public License for more details.
15 
16  You should have received a copy of the GNU Affero General Public License
17  along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19 
21 #include "Exceptions.hpp"
22 #include "WSServer.hpp"
24 #include "tools/log.hpp"
25 #include <boost/algorithm/string/predicate.hpp>
26 
27 using namespace Leosac;
28 using namespace Leosac::Module;
29 using namespace Leosac::Module::WebSockAPI;
30 
33 {
34  if (boost::algorithm::ends_with(req, ".read"))
35  return Verb::READ;
36  else if (boost::algorithm::ends_with(req, ".create"))
37  return Verb::CREATE;
38  else if (boost::algorithm::ends_with(req, ".update"))
39  return Verb::UPDATE;
40  else if (boost::algorithm::ends_with(req, ".delete"))
41  return Verb::DELETE;
42  else
43  {
44  ASSERT_LOG(0, "Invalid request type {" << req
45  << "} for CRUD resource handler");
46  throw LEOSACException("Should not be here");
47  }
48 }
49 
51  const std::vector<ActionActionParam> &permissions)
52 {
53  auto &security_ctx = security_context();
54  for (const auto &action_and_param : permissions)
55  {
56  if (!security_ctx.check_permission(action_and_param.first,
57  action_and_param.second))
58  {
59  throw PermissionDenied();
60  }
61  }
62 }
63 
64 boost::optional<json> ICRUDResourceHandler::process(const ClientMessage &msg)
65 {
67  switch (verb_from_request_type(msg.type))
68  {
69  case Verb::READ:
70  enforce_permission(perms);
71  return read_impl(msg.content);
72  case Verb::CREATE:
73  enforce_permission(perms);
74  return create_impl(msg.content);
75  case Verb::UPDATE:
76  enforce_permission(perms);
77  return update_impl(msg.content);
78  case Verb::DELETE:
79  enforce_permission(perms);
80  return delete_impl(msg.content);
81  }
82  ASSERT_LOG(0, "Should not be here.");
83  throw LEOSACException("Should not be here");
84 }
85 
87  : ctx_(ctx)
88 {
89 }
90 
92 {
93  return nullptr;
94 }
95 
97 {
98  auto wsc =
99  dynamic_cast<UserSecurityContext *>(&ctx_.session->security_context());
100  ASSERT_LOG(wsc, "SecurityContext has unexpected type.");
101  return *wsc;
102 }
103 
105  : ctx_(ctx)
106 {
107 }
108 
110 {
111  return *ctx_.security_ctx;
112 }
Leosac::Module::WebSockAPI::ClientMessage::type
std::string type
Definition: Messages.hpp:57
Leosac::UserSecurityContext
A SecurityContext object for users.
Definition: UserSecurityContext.hpp:31
Leosac::Module::WebSockAPI::ICRUDResourceHandler::verb_from_request_type
static Verb verb_from_request_type(const std::string &)
Definition: CRUDResourceHandler.cpp:32
Exceptions.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::enforce_permission
void enforce_permission(const std::vector< ActionActionParam > &)
Definition: CRUDResourceHandler.cpp:50
CRUDResourceHandler.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::read_impl
virtual boost::optional< json > read_impl(const json &req)=0
Leosac::Module::WebSockAPI::CRUDResourceHandlerUPtr
std::unique_ptr< CRUDResourceHandler > CRUDResourceHandlerUPtr
Definition: WebSockFwd.hpp:39
ASSERT_LOG
#define ASSERT_LOG(cond, msg)
Definition: log.hpp:190
Leosac::Module::WebSockAPI::ClientMessage
A message sent by a client to Leosac.
Definition: Messages.hpp:54
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::DELETE
@ DELETE
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::CREATE
@ CREATE
Leosac::Module
All modules that provides features to Leosac shall be in this namespace.
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::READ
@ READ
Leosac::Module::WebSockAPI::ICRUDResourceHandler::delete_impl
virtual boost::optional< json > delete_impl(const json &req)=0
Leosac::Module::WebSockAPI::ExternalCRUDResourceHandler::ExternalCRUDResourceHandler
ExternalCRUDResourceHandler(ModuleRequestContext ctx)
Definition: CRUDResourceHandler.cpp:104
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::UPDATE
@ UPDATE
Leosac::Module::WebSockAPI::CRUDResourceHandler::instanciate
static CRUDResourceHandlerUPtr instanciate(RequestContext)
Definition: CRUDResourceHandler.cpp:91
Leosac::Module::WebSockAPI::ClientMessage::content
json content
Definition: Messages.hpp:58
Leosac
This is the header file for a generated source file, GitSHA1.cpp.
Definition: APIStatusCode.hpp:22
PermissionDenied.hpp
Leosac::Module::WebSockAPI::ExternalCRUDResourceHandler::ctx_
ModuleRequestContext ctx_
Definition: CRUDResourceHandler.hpp:112
Leosac::Module::WebSockAPI::ICRUDResourceHandler::required_permission
virtual std::vector< ActionActionParam > required_permission(Verb verb, const json &req) const =0
LEOSACException
A base class for Leosac specific exception.
Definition: leosacexception.hpp:40
Leosac::Module::WebSockAPI::CRUDResourceHandler::ctx_
RequestContext ctx_
Definition: CRUDResourceHandler.hpp:95
Leosac::Module::WebSockAPI::ModuleRequestContext
A request context dedicated for websocket request that are handled by other modules.
Definition: RequestContext.hpp:63
Leosac::Module::WebSockAPI::ICRUDResourceHandler::update_impl
virtual boost::optional< json > update_impl(const json &req)=0
Leosac::Module::WebSockAPI::ExternalCRUDResourceHandler::security_context
virtual UserSecurityContext & security_context() const override
Helper function that returns the security context.
Definition: CRUDResourceHandler.cpp:109
WSServer.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::security_context
virtual UserSecurityContext & security_context() const =0
Helper function that returns the security context.
Leosac::Module::WebSockAPI::ICRUDResourceHandler::create_impl
virtual boost::optional< json > create_impl(const json &req)=0
log.hpp
Leosac::Module::WebSockAPI::RequestContext
Holds valuable pointer to provide context to a request.
Definition: RequestContext.hpp:36
Leosac::Module::WebSockAPI
Definition: ActionActionParam.hpp:28
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb
Verb
Definition: CRUDResourceHandler.hpp:43
Leosac::Module::WebSockAPI::CRUDResourceHandler::CRUDResourceHandler
CRUDResourceHandler(RequestContext ctx)
Definition: CRUDResourceHandler.cpp:86
Leosac::Module::WebSockAPI::ModuleRequestContext::security_ctx
UserSecurityContext * security_ctx
The object lifetime will not expand past the current request processing.
Definition: RequestContext.hpp:70
Leosac::Module::WebSockAPI::RequestContext::session
APIPtr session
Definition: RequestContext.hpp:38
Leosac::Module::WebSockAPI::CRUDResourceHandler::security_context
virtual UserSecurityContext & security_context() const override
Helper function that returns the security context.
Definition: CRUDResourceHandler.cpp:96
PermissionDenied
An exception that can be throw when the permission for a given operation is denied.
Definition: PermissionDenied.hpp:28
Leosac::Module::WebSockAPI::ICRUDResourceHandler::process
boost::optional< json > process(const ClientMessage &msg)
Definition: CRUDResourceHandler.cpp:64