Leosac  0.8.0
Open Source Access Control
CredentialSearch.cpp
Go to the documentation of this file.
1 /*
2  Copyright (C) 2014-2017 Leosac
3 
4  This file is part of Leosac.
5 
6  Leosac is free software: you can redistribute it and/or modify
7  it under the terms of the GNU Affero General Public License as published by
8  the Free Software Foundation, either version 3 of the License, or
9  (at your option) any later version.
10 
11  Leosac is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU Affero General Public License for more details.
15 
16  You should have received a copy of the GNU Affero General Public License
17  along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19 
21 #include "Exceptions.hpp"
22 #include "api/APISession.hpp"
23 #include "core/credentials/Credential_odb.h"
24 #include "tools/db/DBService.hpp"
25 #include "tools/log.hpp"
27 
28 using namespace Leosac;
29 using namespace Leosac::Module;
30 using namespace Leosac::Module::WebSockAPI;
31 
33  : MethodHandler(ctx)
34 {
35 }
36 
38 {
39  return std::make_unique<CredentialSearch>(ctx);
40 }
41 
43 {
45  {
46  ASSERT_LOG(c1, "Credential c1 is null");
47  ASSERT_LOG(c2, "Credential c2 is null");
48  ASSERT_LOG(c1->id(), "c1 has no id.");
49  ASSERT_LOG(c2->id(), "c2 has no id.");
50  return c1->id() < c2->id();
51  }
52 };
53 
55 {
56  json rep = json::array();
57  DBPtr db = ctx_.dbsrv->db();
58  odb::transaction t(db->begin());
59  using Query = odb::query<Cred::Credential>;
60  std::string partial_name = req.at("partial_name");
61  std::set<Cred::CredentialPtr, CredentialComparator> creds;
62 
63  // We want a case insensitive search. However, there is no portable
64  // way to do this. So for now we'll rely on a naive, potentially slow
65  // bruteforce-style implementation.
66  // todo: fixme
67 
68  for (auto i = 0u; i < partial_name.length(); ++i)
69  {
70  auto partial_name_copy = partial_name;
71  partial_name_copy[i] = std::toupper(partial_name[i]);
72  Query q(Query::alias.like("%" + partial_name_copy + "%"));
73  auto results = db->query(q);
74  for (const auto &cred : results)
75  {
76  // We want shared_ptr to store in set. Call load, this should load from
77  // the cache anyway.
78  creds.insert(db->load<Cred::Credential>(cred.id()));
79  }
80  }
81 
82  Query q(Query::alias.like("%" + partial_name + "%"));
83  auto results = db->query(q);
84  for (const auto &cred : results)
85  {
86  // We want shared_ptr to store in set. Call load, this should load from the
87  // cache anyway.
88  creds.insert(db->load<Cred::Credential>(cred.id()));
89  }
90 
91  for (const auto &cred : creds)
92  {
93  ASSERT_LOG(cred, "Credential is null.");
94  json result_json = {
95  {"id", cred->id()},
96  {"alias", cred->alias()},
98  rep.push_back(result_json);
99  }
100 
101  return rep;
102 }
103 
104 std::vector<ActionActionParam>
106 {
107  std::vector<ActionActionParam> perm_;
109 
110  perm_.push_back({SecurityContext::Action::DOOR_SEARCH, ap});
111  return perm_;
112 }
Leosac::Module::WebSockAPI::CredentialSearch::CredentialSearch
CredentialSearch(RequestContext ctx)
Definition: CredentialSearch.cpp:32
Exceptions.hpp
PolymorphicCredentialSerializer.hpp
Leosac::Module::WebSockAPI::RequestContext::dbsrv
DBServicePtr dbsrv
Definition: RequestContext.hpp:39
ASSERT_LOG
#define ASSERT_LOG(cond, msg)
Definition: log.hpp:190
Leosac::DBPtr
std::shared_ptr< odb::database > DBPtr
Definition: db_fwd.hpp:31
Leosac::Module
All modules that provides features to Leosac shall be in this namespace.
Query
odb::query< Tools::LogEntry > Query
Definition: LogEntry.cpp:36
Leosac::Module::WebSockAPI::CredentialSearch::process_impl
virtual json process_impl(const json &req) override
The API method implementation.
Definition: CredentialSearch.cpp:54
Leosac::SecurityContext::ActionParam
Definition: SecurityContext.hpp:231
Leosac::Module::WebSockAPI::CredentialSearch::required_permission
std::vector< ActionActionParam > required_permission(const json &req) const override
Return a list of "Action" / "ActionParam" that must pass before the request is processed.
Definition: CredentialSearch.cpp:105
Leosac::Module::WebSockAPI::MethodHandler
The base class for API method handler implementation.
Definition: MethodHandler.hpp:46
Leosac
This is the header file for a generated source file, GitSHA1.cpp.
Definition: APIStatusCode.hpp:22
CredentialComparator::operator()
bool operator()(const Cred::CredentialPtr &c1, const Cred::CredentialPtr &c2)
Definition: CredentialSearch.cpp:44
Leosac::Module::WebSockAPI::MethodHandler::ctx_
RequestContext ctx_
Definition: MethodHandler.hpp:90
CredentialSearch.hpp
Leosac::PolymorphicCredentialJSONSerializer::type_name
static std::string type_name(const Cred::ICredential &in)
Returns the "type-name" of the credential.
Definition: PolymorphicCredentialSerializer.cpp:50
Leosac::Cred::Credential
An ODB enabled credential object.
Definition: Credential.hpp:37
Leosac::Module::WebSockAPI::MethodHandlerUPtr
std::unique_ptr< MethodHandler > MethodHandlerUPtr
Definition: WebSockFwd.hpp:36
DBService.hpp
APISession.hpp
log.hpp
Leosac::Module::WebSockAPI::json
nlohmann::json json
Definition: AccessOverview.hpp:30
Leosac::Module::WebSockAPI::RequestContext
Holds valuable pointer to provide context to a request.
Definition: RequestContext.hpp:36
Leosac::Module::WebSockAPI
Definition: ActionActionParam.hpp:28
CredentialComparator
Definition: CredentialSearch.cpp:42
Leosac::Cred::CredentialPtr
std::shared_ptr< Credential > CredentialPtr
Definition: CredentialFwd.hpp:36
Leosac::SecurityContext::Action::DOOR_SEARCH
@ DOOR_SEARCH
Leosac::Module::WebSockAPI::CredentialSearch::create
static MethodHandlerUPtr create(RequestContext)
Definition: CredentialSearch.cpp:37