Leosac  0.8.0
Open Source Access Control
MethodHandler.cpp
Go to the documentation of this file.
1 /*
2  Copyright (C) 2014-2016 Leosac
3 
4  This file is part of Leosac.
5 
6  Leosac is free software: you can redistribute it and/or modify
7  it under the terms of the GNU Affero General Public License as published by
8  the Free Software Foundation, either version 3 of the License, or
9  (at your option) any later version.
10 
11  Leosac is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU Affero General Public License for more details.
15 
16  You should have received a copy of the GNU Affero General Public License
17  along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19 
20 #include "api/MethodHandler.hpp"
21 #include "Exceptions.hpp"
22 #include "WSServer.hpp"
24 #include "tools/log.hpp"
25 
26 using namespace Leosac;
27 using namespace Leosac::Module;
28 using namespace Leosac::Module::WebSockAPI;
29 
31 {
32  auto &security_ctx = ctx_.session->security_context();
33  for (const auto &action_and_param : required_permission(msg.content))
34  {
35  if (!security_ctx.check_permission(action_and_param.first,
36  action_and_param.second))
37  {
38  throw PermissionDenied();
39  }
40  }
41  return process_impl(msg.content);
42 }
43 
45 {
46  auto wsc =
47  dynamic_cast<UserSecurityContext *>(&ctx_.session->security_context());
48  ASSERT_LOG(wsc, "SecurityContext has unexpected type.");
49  return *wsc;
50 }
51 
53 {
55  return ec;
56 }
Leosac::Module::WebSockAPI::MethodHandler::exec_context
ExecutionContext exec_context()
Returns a representation of the execution context of this request.
Definition: MethodHandler.cpp:52
Leosac::UserSecurityContext
A SecurityContext object for users.
Definition: UserSecurityContext.hpp:31
Exceptions.hpp
Leosac::Module::WebSockAPI::MethodHandler::required_permission
virtual std::vector< ActionActionParam > required_permission(const json &req) const =0
Return a list of "Action" / "ActionParam" that must pass before the request is processed.
ASSERT_LOG
#define ASSERT_LOG(cond, msg)
Definition: log.hpp:190
Leosac::Module::WebSockAPI::ClientMessage
A message sent by a client to Leosac.
Definition: Messages.hpp:54
Leosac::Module
All modules that provides features to Leosac shall be in this namespace.
Leosac::Module::WebSockAPI::ClientMessage::content
json content
Definition: Messages.hpp:58
Leosac
This is the header file for a generated source file, GitSHA1.cpp.
Definition: APIStatusCode.hpp:22
Leosac::ExecutionContext
An ExecutionContext is passed around to service so they have context about who is making the call and...
Definition: SecurityContext.hpp:301
PermissionDenied.hpp
Leosac::Module::WebSockAPI::MethodHandler::ctx_
RequestContext ctx_
Definition: MethodHandler.hpp:90
WSServer.hpp
Leosac::Module::WebSockAPI::RequestContext::audit
Audit::IAuditEntryPtr audit
The initial audit trail for the request.
Definition: RequestContext.hpp:55
Leosac::Module::WebSockAPI::MethodHandler::process
json process(const ClientMessage &msg)
The public process() method.
Definition: MethodHandler.cpp:30
log.hpp
Leosac::Module::WebSockAPI::MethodHandler::security_context
UserSecurityContext & security_context()
Definition: MethodHandler.cpp:44
Leosac::Module::WebSockAPI::json
nlohmann::json json
Definition: AccessOverview.hpp:30
Leosac::Module::WebSockAPI::MethodHandler::process_impl
virtual json process_impl(const json &req)=0
The API method implementation.
Leosac::Module::WebSockAPI
Definition: ActionActionParam.hpp:28
MethodHandler.hpp
Leosac::Module::WebSockAPI::RequestContext::session
APIPtr session
Definition: RequestContext.hpp:38
PermissionDenied
An exception that can be throw when the permission for a given operation is denied.
Definition: PermissionDenied.hpp:28