Leosac
0.8.0
Open Source Access Control
MethodHandler.cpp
Go to the documentation of this file.
1
/*
2
Copyright (C) 2014-2016 Leosac
3
4
This file is part of Leosac.
5
6
Leosac is free software: you can redistribute it and/or modify
7
it under the terms of the GNU Affero General Public License as published by
8
the Free Software Foundation, either version 3 of the License, or
9
(at your option) any later version.
10
11
Leosac is distributed in the hope that it will be useful,
12
but WITHOUT ANY WARRANTY; without even the implied warranty of
13
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
GNU Affero General Public License for more details.
15
16
You should have received a copy of the GNU Affero General Public License
17
along with this program. If not, see <http://www.gnu.org/licenses/>.
18
*/
19
20
#include "
api/MethodHandler.hpp
"
21
#include "
Exceptions.hpp
"
22
#include "
WSServer.hpp
"
23
#include "
exception/PermissionDenied.hpp
"
24
#include "
tools/log.hpp
"
25
26
using namespace
Leosac
;
27
using namespace
Leosac::Module
;
28
using namespace
Leosac::Module::WebSockAPI
;
29
30
json
MethodHandler::process
(
const
ClientMessage
&msg)
31
{
32
auto
&security_ctx =
ctx_
.
session
->security_context();
33
for
(
const
auto
&action_and_param :
required_permission
(msg.
content
))
34
{
35
if
(!security_ctx.check_permission(action_and_param.first,
36
action_and_param.second))
37
{
38
throw
PermissionDenied
();
39
}
40
}
41
return
process_impl
(msg.
content
);
42
}
43
44
UserSecurityContext
&
MethodHandler::security_context
()
45
{
46
auto
wsc =
47
dynamic_cast<
UserSecurityContext
*
>
(&
ctx_
.
session
->security_context());
48
ASSERT_LOG
(wsc,
"SecurityContext has unexpected type."
);
49
return
*wsc;
50
}
51
52
ExecutionContext
MethodHandler::exec_context
()
53
{
54
ExecutionContext
ec{
security_context
(),
ctx_
.
audit
};
55
return
ec;
56
}
Leosac::Module::WebSockAPI::MethodHandler::exec_context
ExecutionContext exec_context()
Returns a representation of the execution context of this request.
Definition:
MethodHandler.cpp:52
Leosac::UserSecurityContext
A SecurityContext object for users.
Definition:
UserSecurityContext.hpp:31
Exceptions.hpp
Leosac::Module::WebSockAPI::MethodHandler::required_permission
virtual std::vector< ActionActionParam > required_permission(const json &req) const =0
Return a list of "Action" / "ActionParam" that must pass before the request is processed.
ASSERT_LOG
#define ASSERT_LOG(cond, msg)
Definition:
log.hpp:190
Leosac::Module::WebSockAPI::ClientMessage
A message sent by a client to Leosac.
Definition:
Messages.hpp:54
Leosac::Module
All modules that provides features to Leosac shall be in this namespace.
Leosac::Module::WebSockAPI::ClientMessage::content
json content
Definition:
Messages.hpp:58
Leosac
This is the header file for a generated source file, GitSHA1.cpp.
Definition:
APIStatusCode.hpp:22
Leosac::ExecutionContext
An ExecutionContext is passed around to service so they have context about who is making the call and...
Definition:
SecurityContext.hpp:301
PermissionDenied.hpp
Leosac::Module::WebSockAPI::MethodHandler::ctx_
RequestContext ctx_
Definition:
MethodHandler.hpp:90
WSServer.hpp
Leosac::Module::WebSockAPI::RequestContext::audit
Audit::IAuditEntryPtr audit
The initial audit trail for the request.
Definition:
RequestContext.hpp:55
Leosac::Module::WebSockAPI::MethodHandler::process
json process(const ClientMessage &msg)
The public process() method.
Definition:
MethodHandler.cpp:30
log.hpp
Leosac::Module::WebSockAPI::MethodHandler::security_context
UserSecurityContext & security_context()
Definition:
MethodHandler.cpp:44
Leosac::Module::WebSockAPI::json
nlohmann::json json
Definition:
AccessOverview.hpp:30
Leosac::Module::WebSockAPI::MethodHandler::process_impl
virtual json process_impl(const json &req)=0
The API method implementation.
Leosac::Module::WebSockAPI
Definition:
ActionActionParam.hpp:28
MethodHandler.hpp
Leosac::Module::WebSockAPI::RequestContext::session
APIPtr session
Definition:
RequestContext.hpp:38
PermissionDenied
An exception that can be throw when the permission for a given operation is denied.
Definition:
PermissionDenied.hpp:28
src
modules
websock-api
api
MethodHandler.cpp
Generated on Tue Mar 22 2022 10:48:28 for Leosac by
1.8.17