Leosac  0.8.0
Open Source Access Control
MembershipCRUD.cpp
Go to the documentation of this file.
1 /*
2  Copyright (C) 2014-2016 Leosac
3 
4  This file is part of Leosac.
5 
6  Leosac is free software: you can redistribute it and/or modify
7  it under the terms of the GNU Affero General Public License as published by
8  the Free Software Foundation, either version 3 of the License, or
9  (at your option) any later version.
10 
11  Leosac is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU Affero General Public License for more details.
15 
16  You should have received a copy of the GNU Affero General Public License
17  along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19 
20 #include "api/MembershipCRUD.hpp"
21 #include "Exceptions.hpp"
22 #include "api/APISession.hpp"
25 #include "core/audit/UserEvent.hpp"
26 #include "core/auth/Group.hpp"
27 #include "core/auth/User.hpp"
29 #include "core/auth/UserGroupMembership_odb.h"
30 #include "core/auth/User_odb.h"
32 #include "tools/JSONUtils.hpp"
33 #include "tools/log.hpp"
34 #include <nlohmann/json.hpp>
35 
36 using namespace Leosac;
37 using namespace Leosac::Module;
38 using namespace Leosac::Module::WebSockAPI;
39 
41  : CRUDResourceHandler(ctx)
42 {
43 }
44 
46 {
47  auto instance = CRUDResourceHandlerUPtr(new MembershipCRUD(ctx));
48  return instance;
49 }
50 
51 boost::optional<json> MembershipCRUD::create_impl(const json &req)
52 {
53  json rep;
54  DBPtr db = ctx_.dbsrv->db();
55  odb::transaction t(db->begin());
56 
57  auto attributes = req.at("attributes");
58  auto gid = attributes.at("group_id").get<size_t>();
59  auto uid = attributes.at("user_id").get<size_t>();
60  Auth::GroupRank rank =
61  static_cast<Auth::GroupRank>(attributes.at("rank").get<size_t>());
62 
63  auto group = ctx_.dbsrv->find_group_by_id(gid, DBService::THROW_IF_NOT_FOUND);
64  auto user = ctx_.dbsrv->find_user_by_id(uid, DBService::THROW_IF_NOT_FOUND);
65  auto audit =
68 
69  if (group->member_has(user->id()))
70  {
71  throw LEOSACException(BUILD_STR("User " << user->username()
72  << " is already in group "
73  << group->name()));
74  }
75 
76  auto membership = group->member_add(user, rank);
77  db->update(group);
78  audit->finalize();
79  t.commit();
80  rep["data"] = UserGroupMembershipJSONSerializer::serialize(*membership,
82  return rep;
83 }
84 
85 boost::optional<json> MembershipCRUD::read_impl(const json &req)
86 {
87  json rep;
88 
89  DBPtr db = ctx_.dbsrv->db();
90  odb::transaction t(db->begin());
91  auto mid = req.at("membership_id").get<Auth::UserGroupMembershipId>();
92 
93  Auth::UserGroupMembershipPtr membership =
94  ctx_.dbsrv->find_membership_by_id(mid, DBService::THROW_IF_NOT_FOUND);
95  rep["data"] = UserGroupMembershipJSONSerializer::serialize(*membership,
97  t.commit();
98  return rep;
99 }
100 
101 boost::optional<json> MembershipCRUD::update_impl(const json &)
102 {
103  throw LEOSACException("Not implemented.");
104 }
105 
106 boost::optional<json> MembershipCRUD::delete_impl(const json &req)
107 {
108  odb::transaction t(ctx_.dbsrv->db()->begin());
109  auto mid = req.at("membership_id").get<Auth::UserGroupMembershipId>();
110 
111  Auth::UserGroupMembershipPtr membership =
112  ctx_.dbsrv->find_membership_by_id(mid, DBService::THROW_IF_NOT_FOUND);
114  ctx_.dbsrv->db(), membership->group().load(), membership->user().load(),
115  ctx_.audit);
116  audit->event_mask(Audit::EventType::GROUP_MEMBERSHIP_LEFT);
117  ctx_.dbsrv->db()->erase(membership);
118  audit->finalize();
119  t.commit();
120  return json{};
121 }
122 
123 std::vector<CRUDResourceHandler::ActionActionParam>
125  const json &req) const
126 {
127  using namespace JSONUtil;
128 
129  std::vector<CRUDResourceHandler::ActionActionParam> ret;
131  map.membership_id = extract_with_default(req, "membership_id", 0u);
132  map.user_id = extract_with_default(req, "user_id", 0u);
133  map.group_id = extract_with_default(req, "group_id", 0u);
134  map.rank = static_cast<Auth::GroupRank>(extract_with_default(req, "rank", 0u));
135 
136  switch (verb)
137  {
138  case Verb::READ:
139  ret.push_back(std::make_pair(SecurityContext::Action::MEMBERSHIP_READ, map));
140  break;
141  case Verb::CREATE:
142  ret.push_back(
144  break;
145  case Verb::DELETE:
146  ret.push_back(
148  break;
149  case Verb::UPDATE:
150  // No permission required as the call is not implemented.
151  break;
152  }
153  return ret;
154 }
Leosac::Module::WebSockAPI::MembershipCRUD::update_impl
virtual boost::optional< json > update_impl(const json &req) override
Definition: MembershipCRUD.cpp:101
AuditFactory.hpp
UserGroupMembershipSerializer.hpp
Leosac::JSONUtil::extract_with_default
std::chrono::system_clock::time_point extract_with_default(const nlohmann::json &obj, const std::string &key, const std::chrono::system_clock::time_point &tp)
Extract an ISO 8601 datetime string from a json object.
Definition: JSONUtils.cpp:45
Exceptions.hpp
BUILD_STR
#define BUILD_STR(param)
Internal macro.
Definition: log.hpp:63
Leosac::Module::WebSockAPI::CRUDResourceHandlerUPtr
std::unique_ptr< CRUDResourceHandler > CRUDResourceHandlerUPtr
Definition: WebSockFwd.hpp:39
Leosac::Module::WebSockAPI::RequestContext::dbsrv
DBServicePtr dbsrv
Definition: RequestContext.hpp:39
Leosac::Audit::EventType::GROUP_MEMBERSHIP_JOINED
@ GROUP_MEMBERSHIP_JOINED
Someone joined the group.
Leosac::Module::WebSockAPI::CRUDResourceHandler
Base CRUD handler for use within the websocket module.
Definition: CRUDResourceHandler.hpp:84
User.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::DELETE
@ DELETE
Leosac::DBPtr
std::shared_ptr< odb::database > DBPtr
Definition: db_fwd.hpp:31
Leosac::SecurityContext::MembershipActionParam::membership_id
Auth::UserGroupMembershipId membership_id
Definition: SecurityContext.hpp:188
Leosac::SecurityContext::Action::MEMBERSHIP_READ
@ MEMBERSHIP_READ
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::CREATE
@ CREATE
Leosac::Module
All modules that provides features to Leosac shall be in this namespace.
UserGroupMembership.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::READ
@ READ
Leosac::SecurityContext::MembershipActionParam::rank
Auth::GroupRank rank
Definition: SecurityContext.hpp:191
Leosac::SecurityContext::MembershipActionParam::group_id
Auth::GroupId group_id
Definition: SecurityContext.hpp:189
MembershipCRUD.hpp
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb::UPDATE
@ UPDATE
Leosac::SecurityContext::Action::GROUP_MEMBERSHIP_JOINED
@ GROUP_MEMBERSHIP_JOINED
Leosac
This is the header file for a generated source file, GitSHA1.cpp.
Definition: APIStatusCode.hpp:22
Leosac::Auth::UserGroupMembershipId
unsigned long UserGroupMembershipId
Definition: AuthFwd.hpp:82
Group.hpp
LEOSACException
A base class for Leosac specific exception.
Definition: leosacexception.hpp:40
Leosac::Module::WebSockAPI::MembershipCRUD::read_impl
virtual boost::optional< json > read_impl(const json &req) override
Retrieve information about a group.
Definition: MembershipCRUD.cpp:85
Leosac::Module::WebSockAPI::CRUDResourceHandler::ctx_
RequestContext ctx_
Definition: CRUDResourceHandler.hpp:95
Leosac::Module::WebSockAPI::MembershipCRUD::instanciate
static CRUDResourceHandlerUPtr instanciate(RequestContext)
Definition: MembershipCRUD.cpp:45
JSONUtils.hpp
UserEvent.hpp
Leosac::Module::WebSockAPI::MembershipCRUD::required_permission
virtual std::vector< ActionActionParam > required_permission(Verb verb, const json &req) const override
Definition: MembershipCRUD.cpp:124
Leosac::Auth::UserGroupMembershipPtr
std::shared_ptr< UserGroupMembership > UserGroupMembershipPtr
Definition: AuthFwd.hpp:81
IUserGroupMembershipEvent.hpp
Leosac::SecurityContext::Action::GROUP_MEMBERSHIP_LEFT
@ GROUP_MEMBERSHIP_LEFT
Leosac::Audit::EventType::GROUP_MEMBERSHIP_LEFT
@ GROUP_MEMBERSHIP_LEFT
Someone left the group.
APISession.hpp
Leosac::Module::WebSockAPI::MembershipCRUD::create_impl
virtual boost::optional< json > create_impl(const json &req) override
Creating a new UserGroupMembersip: this means someone is joining a group.
Definition: MembershipCRUD.cpp:51
Leosac::SecurityContext::MembershipActionParam::user_id
Auth::UserId user_id
Definition: SecurityContext.hpp:190
Leosac::Module::WebSockAPI::RequestContext::audit
Audit::IAuditEntryPtr audit
The initial audit trail for the request.
Definition: RequestContext.hpp:55
log.hpp
Leosac::DBService::THROW_IF_NOT_FOUND
@ THROW_IF_NOT_FOUND
Definition: DBService.hpp:40
Leosac::Module::WebSockAPI::json
nlohmann::json json
Definition: AccessOverview.hpp:30
Leosac::Module::WebSockAPI::RequestContext
Holds valuable pointer to provide context to a request.
Definition: RequestContext.hpp:36
Leosac::Auth::GroupRank
GroupRank
The rank of an User inside a Group.
Definition: AuthFwd.hpp:49
Leosac::Module::WebSockAPI
Definition: ActionActionParam.hpp:28
Leosac::SecurityContext::MembershipActionParam
Definition: SecurityContext.hpp:186
Leosac::Module::WebSockAPI::MembershipCRUD::MembershipCRUD
MembershipCRUD(RequestContext ctx)
Definition: MembershipCRUD.cpp:40
Leosac::Module::WebSockAPI::ICRUDResourceHandler::Verb
Verb
Definition: CRUDResourceHandler.hpp:43
Leosac::UserGroupMembershipJSONSerializer::serialize
static json serialize(const Auth::UserGroupMembership &ugm, const SecurityContext &sc)
Definition: UserGroupMembershipSerializer.cpp:28
Leosac::Module::WebSockAPI::CRUDResourceHandler::security_context
virtual UserSecurityContext & security_context() const override
Helper function that returns the security context.
Definition: CRUDResourceHandler.cpp:96
Leosac::Module::WebSockAPI::MembershipCRUD::delete_impl
virtual boost::optional< json > delete_impl(const json &req) override
Definition: MembershipCRUD.cpp:106
Leosac::Audit::Factory::UserGroupMembershipEvent
static IUserGroupMembershipEventPtr UserGroupMembershipEvent(const DBPtr &database, Auth::GroupPtr target_group, Auth::UserPtr target_user, IAuditEntryPtr parent)
Definition: AuditFactory.cpp:82