Leosac  0.8.0
Open Source Access Control
Public Types | Public Member Functions | Private Member Functions | Private Attributes | List of all members
Leosac::RemoteControlSecurity Class Reference

Provide some kind of security framework to the Remote Control service. More...

#include <RemoteControlSecurity.hpp>

+ Collaboration diagram for Leosac::RemoteControlSecurity:

Public Types

using KeyCommandsMap = std::unordered_map< std::string, std::vector< std::string > >
 Map user public key to a set of command. More...
 

Public Member Functions

 RemoteControlSecurity (const boost::property_tree::ptree &cfg)
 The config tree is the same tree that the RemoteControl object has. More...
 
bool allow_request (const std::string &user_pubkey, const std::string &req)
 

Private Member Functions

void process_config ()
 
void process_security_entry (const boost::property_tree::ptree &)
 Process one <map> entry. More...
 

Private Attributes

boost::property_tree::ptree cfg_
 
std::unordered_map< std::string, bool > default_permissions_
 
KeyCommandsMap permissions_
 
bool unrestricted_
 If everyone has access to everything. More...
 

Detailed Description

Provide some kind of security framework to the Remote Control service.

This allows relatively fine-grained permissions and allows user to chose who has access to the remote control, and how much permission they got.

Remote user are identified using the curve private key they use to connect.

Implementation Notes: We store a map of z85-encoded-pubkey <--> list (command name); The meaning of this map depends on the default permission for user.

If the user is by default granted permission, then the map holds a list command the user isn't allowed to perform. Otherwise, we store a list of allowed command.

Definition at line 48 of file RemoteControlSecurity.hpp.

Member Typedef Documentation

◆ KeyCommandsMap

using Leosac::RemoteControlSecurity::KeyCommandsMap = std::unordered_map<std::string, std::vector<std::string> >

Map user public key to a set of command.

Definition at line 61 of file RemoteControlSecurity.hpp.

Constructor & Destructor Documentation

◆ RemoteControlSecurity()

RemoteControlSecurity::RemoteControlSecurity ( const boost::property_tree::ptree &  cfg)

The config tree is the same tree that the RemoteControl object has.

Definition at line 26 of file RemoteControlSecurity.cpp.

Member Function Documentation

◆ allow_request()

bool RemoteControlSecurity::allow_request ( const std::string &  user_pubkey,
const std::string &  req 
)

Definition at line 49 of file RemoteControlSecurity.cpp.

◆ process_config()

void RemoteControlSecurity::process_config ( )
private

Definition at line 33 of file RemoteControlSecurity.cpp.

◆ process_security_entry()

void RemoteControlSecurity::process_security_entry ( const boost::property_tree::ptree &  entry)
private

Process one <map> entry.

Definition at line 71 of file RemoteControlSecurity.cpp.

Member Data Documentation

◆ cfg_

boost::property_tree::ptree Leosac::RemoteControlSecurity::cfg_
private

Definition at line 71 of file RemoteControlSecurity.hpp.

◆ default_permissions_

std::unordered_map<std::string, bool> Leosac::RemoteControlSecurity::default_permissions_
private

Definition at line 73 of file RemoteControlSecurity.hpp.

◆ permissions_

KeyCommandsMap Leosac::RemoteControlSecurity::permissions_
private

Definition at line 74 of file RemoteControlSecurity.hpp.

◆ unrestricted_

bool Leosac::RemoteControlSecurity::unrestricted_
private

If everyone has access to everything.

Definition at line 79 of file RemoteControlSecurity.hpp.

The documentation for this class was generated from the following files: