Leosac
0.8.0
Open Source Access Control
|
An introduction to modules.
This pages aims to be an introduction to modules in Leosac, both for the non-technical end-user and for developers. The developers part assumes the end-user was read and understood.
Modules are what provides features to Leosac: devices supports, authentication backend, monitoring, all are implemented through modules. Modules are cool because they allows to build the configuration you want by enabling only the feature you will use. It also makes it easy to expand (or reimplement) the existing functionally.
You should know (or be able to find out) what modules you need for your use case. You then need to be able to properly configure them.
Where to find modules, which modules to load, and their basic configuration take place in the the core configuration file
. You can read-up a per-module documentation that will detail and explain how to configure the module.
Some module may have additional configuration files in order to not bloat the main config file.
It's not really possible to answer this, because it depends heavily and how you plan to use Leosac. However, if you're doing access-control you will generally need:
Name | Description | More info |
---|---|---|
SysFS GPIO | Provide support for GPIO through SysFS | Hardware module |
PifaceDigital | Provide support for GPIO through the Piface digital device | Hardware module |
Led-Buzzer | Support Led and buzzer devices. | Hardware module, requires a GPIO module |
Wiegand | Support wiegand device. | Hardware module, Authentication Source module. Requires GPIO module. |
Auth-File | Implementation permissions checking / auth validation | Authentication backend module. |
Doorman | Take actions when an authentication attempt succeed or fails | Policy implementation module (takes actions on event) |
Replication | Allows Leosac to run in a master/slave configuration | - |
Monitor | Additional logs. Provide activity feedback (is network down?) | - |
The following section is aimed toward developers.
Leosac's core loads a bunch of modules (as defined in the configuration file) and everything talks to each other.
See the Leosac::Module namespace for a reference of all modules.
When configuring a module, the name specified in the configuration file must match the name provided by the module through its get_module_name()
function.
Modules to modules communication and core to modules communication does NOT happen by invoking methods on each other. Instead, we have a higher level of abstraction in place: we use message passing. Each module has a mailbox and can receive (and send) messages to anyone.
For this to work, proper specifications must be in place, so that we can swap an implementation with an other without changing anything else in dependants modules. For example, we can use either the Piface device (and the Piface module) to implements GPIO, but we could also use the SysfsGPIO module. Other modules that needs to use GPIO do not care which GPIO module is loaded and provide the support for the GPIOs.
Leosac's core also set up a message-bus where everyone can write and read from everyone else. This is useful to broadcast information and is used a lot.
To write a new module you need to code either in C++ or eventually in C. There are a few guidelines (some are even requirements) that you have to follow in order to write a module compliant with the Leosac system.
If you're going to write a module to handle hardware devices (leds, gpios, etc) take a look at the current implementation and to the specifications of said device:
It is recommended to derive from BaseModule to implement your own module. This base class make things easier. However, it doesn't take care of everything.
There are hard requirements regarding which symbols your shared library (aka modules) must export:
start_module()
with the following prototype: bool start_module(zmqpp::socket *pipe, boost::property_tree::ptree cfg, zmqpp::context &zmq_ctx, CoreUtilsPtr utils)
get_module_name()
that takes no parameters and return a const char *
that points to the name of the module. This string must be NULL
terminated. Note that the returned module name shall be composed of capital letter, number and underscore only.The start_module()
function can be a one liner if you use the the BaseModule
class and the helper start_module_helper.