diff --git a/modules/web/nodes/admin_panel/admin_panel.h b/modules/web/nodes/admin_panel/admin_panel.h index eabe18eda..d154739bf 100644 --- a/modules/web/nodes/admin_panel/admin_panel.h +++ b/modules/web/nodes/admin_panel/admin_panel.h @@ -3,8 +3,8 @@ #include "web/http/web_node.h" -#include "core/string.h" #include "core/containers/vector.h" +#include "core/string.h" class Request; class FormValidator; @@ -12,7 +12,7 @@ class AdminNode; class AdminPanel : public WebNode { RCPP_OBJECT(AdminPanel, WebNode); - + public: void handle_request_main(Request *request); @@ -46,7 +46,7 @@ protected: static AdminPanel *_self; - Vector _controllers; + Vector _controllers; String _default_headers; String _default_main_body_top; @@ -54,4 +54,4 @@ protected: String _default_footer; }; -#endif \ No newline at end of file +#endif diff --git a/modules/web/nodes/rbac/rbac_controller.cpp b/modules/web/nodes/rbac/rbac_controller.cpp deleted file mode 100644 index 428cbd3f0..000000000 --- a/modules/web/nodes/rbac/rbac_controller.cpp +++ /dev/null @@ -1,872 +0,0 @@ -#include "rbac_controller.h" - -#include "core/error_macros.h" - -#include "web/html/form_validator.h" -#include "web/html/html_builder.h" -#include "web/http/cookie.h" -#include "web/http/http_session.h" -#include "web/http/request.h" -#include "web/http/session_manager.h" -#include "rbac_default_permissions.h" -#include "web_modules/users/user.h" - -#include "database/database.h" -#include "database/database_manager.h" -#include "database/query_builder.h" -#include "database/query_result.h" -#include "database/table_builder.h" - -void RBACController::handle_request_main(Request *request) { -} - -void RBACController::create_validators() { -} - -void RBACController::admin_handle_request_main(Request *request) { - String seg = request->get_current_path_segment(); - - if (seg == "") { - admin_render_rank_list(request); - return; - } else if (seg == "new_rank") { - request->push_path(); - - admin_handle_new_rank(request); - } else if (seg == "edit_rank") { - request->push_path(); - - admin_handle_edit_rank(request); - } else if (seg == "permission_editor") { - request->push_path(); - - admin_permission_editor(request); - } -} - -void RBACController::admin_handle_new_rank(Request *request) { - - if (request->get_method() == HTTP_METHOD_POST) { - Ref rank; - rank.instance(); - - rank->name = request->get_parameter("name"); - rank->name_internal = request->get_parameter("name_internal"); - rank->settings = request->get_parameter("settings"); - - int base_permissions = 0; - - for (int i = 0; i < _registered_permissions.size(); ++i) { - String param = request->get_parameter("perm_check_" + String::num(i)); - - if (param != "") { - base_permissions |= _registered_permissions[i].value; - } - } - - rank->base_permissions = base_permissions; - - int rank_permissions = 0; - - for (int i = 0; i < _registered_rank_permissions.size(); ++i) { - String param = request->get_parameter("perm_rank_check_" + String::num(i)); - - if (param != "") { - rank_permissions |= _registered_rank_permissions[i].value; - } - } - - rank->rank_permissions = rank_permissions; - - db_save_rank(rank); - - _ranks[rank->id] = rank; - - request->send_redirect(request->get_url_root_parent() + "edit_rank/" + String::num(rank->id)); - return; - } - - RBACAdminRankViewData data; - render_rank_view(request, &data); -} - -void RBACController::admin_handle_edit_rank(Request *request) { - String seg = request->get_current_path_segment(); - - //check whether it's numeric - //if (!seg.is) - - int id = seg.to_int(); - - if (id == 0) { - RLOG_MSG("RBACController::admin_handle_edit_rank: id == 0!\n"); - request->send_redirect(request->get_url_root_parent()); - return; - } - - Ref rank = _ranks[id]; - - if (!rank.is_valid()) { - RLOG_MSG("RBACController::admin_handle_edit_rank: !rank.is_valid()\n"); - request->send_redirect(request->get_url_root_parent()); - return; - } - - RBACAdminRankViewData data; - data.rank = rank; - - if (request->get_method() == HTTP_METHOD_POST) { - rank->name = request->get_parameter("name"); - rank->name_internal = request->get_parameter("name_internal"); - rank->settings = request->get_parameter("settings"); - - int base_permissions = 0; - - for (int i = 0; i < _registered_permissions.size(); ++i) { - String param = request->get_parameter("perm_check_" + String::num(i)); - - if (param != "") { - base_permissions |= _registered_permissions[i].value; - } - } - - rank->base_permissions = base_permissions; - - int rank_permissions = 0; - - for (int i = 0; i < _registered_rank_permissions.size(); ++i) { - String param = request->get_parameter("perm_rank_check_" + String::num(i)); - - if (param != "") { - rank_permissions |= _registered_rank_permissions[i].value; - } - } - - rank->rank_permissions = rank_permissions; - - db_save_rank(rank); - - data.messages.push_back("Save Success!"); - } - - render_rank_view(request, &data); -} - -void RBACController::render_rank_view(Request *request, RBACAdminRankViewData *data) { - int id = 0; - String name = ""; - String name_internal = ""; - String settings = ""; - int base_permissions = 0; - int rank_permissions = 0; - - if (data->rank.is_valid()) { - id = data->rank->id; - name = data->rank->name; - name_internal = data->rank->name_internal; - settings = data->rank->settings; - base_permissions = data->rank->base_permissions; - rank_permissions = data->rank->rank_permissions; - } - - HTMLBuilder b; - - b.h4()->f()->a()->href(request->get_url_root_parent())->f()->w("<- Back")->ca()->ch4(); - b.h4()->f()->w("RBAC Editor")->ch4(); - - b.div()->cls("messages"); - for (int i = 0; i < data->messages.size(); ++i) { - b.w(data->messages[i])->br(); - } - b.cdiv(); - - b.form()->method("POST")->action(request->get_url_root() + String::num(id)); - { - b.csrf_token(request); - - //b.input()->type("hidden")->name("id")->value(String::num(id))->f()->cinput(); - b.w("Name:")->br(); - b.input()->type("text")->name("name")->value(name)->f()->br(); - b.w("Name (Internal):")->br(); - b.input()->type("text")->name("name_internal")->value(name_internal)->f()->cinput()->br(); - b.w("Custom Settings:")->br(); - b.input()->type("text")->name("settings")->value(settings)->f()->cinput()->br(); - - b.w("Base Permissions:")->br(); - - for (int i = 0; i < _registered_permissions.size(); ++i) { - String checkbox_name = "perm_check_" + String::num(i); - - b.input()->type("checkbox")->name(checkbox_name)->value(checkbox_name)->id(checkbox_name)->checked((base_permissions & _registered_permissions[i].value) != 0); - b.label()->fora(checkbox_name)->f()->w(_registered_permissions[i].name)->clabel(); - } - - b.br(); - - b.w("Rank Permissions:")->br(); - - for (int i = 0; i < _registered_rank_permissions.size(); ++i) { - String checkbox_name = "perm_rank_check_" + String::num(i); - - b.input()->type("checkbox")->name(checkbox_name)->value(checkbox_name)->id(checkbox_name)->checked((rank_permissions & _registered_rank_permissions[i].value) != 0); - b.label()->fora(checkbox_name)->f()->w(_registered_rank_permissions[i].name)->clabel(); - } - - b.br(); - - b.input()->type("submit")->value("Save"); - } - b.cform(); - - request->body += b.result; -} - -void RBACController::admin_permission_editor(Request *request) { - - String seg = request->get_current_path_segment(); - - //check whether it's numeric - //if (!seg.is) - - int id = seg.to_int(); - - if (id == 0) { - RLOG_MSG("RBACController::admin_permission_editor: id == 0!\n"); - request->send_redirect(request->get_url_root_parent()); - return; - } - - Ref rank = _ranks[id]; - - if (!rank.is_valid()) { - RLOG_MSG("RBACController::admin_permission_editor: !rank.is_valid()\n"); - request->send_redirect(request->get_url_root_parent()); - return; - } - - RBACAdminEditPermissionView data; - data.rank = rank; - - request->push_path(); - - String segn = request->get_current_path_segment(); - - if (segn == "") { - admin_render_permission_editor_main_view(request, &data); - return; - } - - if (segn == "new") { - request->push_path(); - - if (request->get_method() == HTTP_METHOD_POST) { - if (admin_process_permission_editor_entry_edit_create_post(request, &data)) { - return; - } - } - - admin_render_permission_editor_entry_edit_create_view(request, &data); - return; - } - - if (segn.is_uint()) { - int perm_index = segn.to_int(); - - request->push_path(); - - if (perm_index < 0 || perm_index >= rank->permissions.size()) { - RLOG_ERR("(perm_index < 0 || perm_index >= rank->permissions.size())!\n"); - request->send_redirect(request->get_url_root_parent()); - return; - } - - data.permission = rank->permissions[perm_index]; - - if (!data.permission.is_valid()) { - RLOG_ERR("(!data.permission.is_valid()\n"); - request->send_error(503); - return; - } - - if (request->get_method() == HTTP_METHOD_POST) { - if (admin_process_permission_editor_entry_edit_create_post(request, &data)) { - return; - } - } - - admin_render_permission_editor_entry_edit_create_view(request, &data); - return; - } - - request->send_error(404); -} - -void RBACController::admin_render_permission_editor_main_view(Request *request, RBACAdminEditPermissionView *data) { - HTMLBuilder b; - - Ref rank = data->rank; - - b.h4()->f()->a()->href(request->get_url_root_parent(2))->f()->w("<- Back")->ca()->ch4(); - b.h4()->f()->w("RBAC Editor")->ch4(); - - b.div()->cls("heading"); - { - b.w("[ Id ]: ")->wn(rank->id)->w(", [ Name ]: ")->w(rank->name)->w(", [ Name Internal ]: ")->w(rank->name_internal); - } - b.cdiv(); - - b.br(); - - for (int i = 0; i < rank->permissions.size(); ++i) { - Ref perm = rank->permissions[i]; - - if (!perm.is_valid()) { - RLOG_ERR("RBACController::admin_render_permission_editor_main_view: !perm.is_valid()\n"); - continue; - } - - b.div()->cls("row"); - { - b.a()->href(request->get_url_root() + String::num(i)); - - b.w("-- Rank: [ Id ]: ")->wn(perm->id)->w(", [ Rank Id ]: ")->wn(perm->rank_id)->w(", [ Name ]: ")->w(perm->name); - b.w(" [ URL ]: ")->w(perm->url)->w(", [ Sort Order ]: ")->wn(perm->sort_order); - b.w(" [ Permissions ]: "); - - int pcount = 0; - int perms = perm->permissions; - for (int i = 0; i < _registered_permissions.size(); ++i) { - if ((_registered_permissions[i].value & perms) != 0) { - if (pcount > 0) { - b.w(", "); - } - - b.w(_registered_permissions[i].name); - - ++pcount; - } - } - - if (pcount == 0) { - b.w("- None -"); - } - - b.ca(); - } - b.cdiv(); - } - - b.br(); - - b.a()->href(request->get_url_root("new")); - b.w("New Permission"); - b.ca(); - - request->body += b.result; -} - -void RBACController::admin_render_permission_editor_entry_edit_create_view(Request *request, RBACAdminEditPermissionView *data) { - HTMLBuilder b; - - Ref rank = data->rank; - Ref perm = data->permission; - - String name; - String url; - int sort_order = 0; - int permissions = 0; - - if (perm.is_valid()) { - name = perm->name; - url = perm->url; - sort_order = perm->sort_order; - permissions = perm->permissions; - } - - b.h4()->f()->a()->href(request->get_url_root_parent())->f()->w("<- Back")->ca()->ch4(); - b.h4()->f()->w("RBAC Editor")->ch4(); - b.br(); - - b.div()->cls("messages"); - for (int i = 0; i < data->messages.size(); ++i) { - b.w(data->messages[i])->br(); - } - b.cdiv(); - b.br(); - - b.div()->cls("heading"); - { - b.w("Rank: [ Id ]: ")->wn(rank->id)->w(", [ Name ]: ")->w(rank->name)->w(", [ Name Internal ]: ")->w(rank->name_internal); - } - b.cdiv(); - b.br(); - - b.form()->method("POST")->action(request->get_url_root()); - { - b.csrf_token(request); - - b.w("Name:")->br(); - b.input()->type("text")->name("name")->value(name)->f()->br(); - b.w("URL:")->br(); - b.input()->type("text")->name("url")->value(url)->f()->cinput()->br(); - - b.w("Permissions:")->br(); - - for (int i = 0; i < _registered_permissions.size(); ++i) { - String checkbox_name = "perm_check_" + String::num(i); - - b.input()->type("checkbox")->name(checkbox_name)->value(checkbox_name)->id(checkbox_name)->checked((permissions & _registered_permissions[i].value) != 0); - b.label()->fora(checkbox_name)->f()->w(_registered_permissions[i].name)->clabel(); - } - - b.br(); - - b.input()->type("submit")->value("Save"); - } - b.cform(); - - request->body += b.result; -} - -bool RBACController::admin_process_permission_editor_entry_edit_create_post(Request *request, RBACAdminEditPermissionView *data) { - Ref rank = data->rank; - - Ref perm = data->permission; - - if (!perm.is_valid()) { - perm.instance(); - - perm->rank_id = rank->id; - - if (rank->permissions.size() > 0) { - Ref p = rank->permissions[rank->permissions.size() - 1]; - - perm->sort_order = p->sort_order + 1; - } - - rank->permissions.push_back(perm); - } - - perm->name = request->get_parameter("name"); - perm->url = request->get_parameter("url"); - - int permissions = 0; - - for (int i = 0; i < _registered_permissions.size(); ++i) { - String param = request->get_parameter("perm_check_" + String::num(i)); - - if (param != "") { - permissions |= _registered_permissions[i].value; - } - } - - perm->permissions = permissions; - - //set this up in the form by default - //perm->sort_order = request->get_parameter("sort_order").to_int(); - - db_save_permission(perm); - - if (perm->id == 0) { - RLOG_ERR("RBACController::admin_process_permission_editor_entry_edit_create_post: perm->id == 0!\n"); - } - - request->send_redirect(request->get_url_root_parent()); - - return true; -} - -void RBACController::admin_render_rank_list(Request *request) { - HTMLBuilder b; - - b.h4()->f()->a()->href(request->get_url_root_parent())->f()->w("<- Back")->ca()->ch4(); - b.h4()->f()->w("RBAC Editor")->ch4(); - - for (std::map >::iterator p = _ranks.begin(); p != _ranks.end(); p++) { - Ref r = p->second; - - if (!r.is_valid()) { - continue; - } - - b.div()->cls("row"); - { - b.a()->href(request->get_url_root("permission_editor/") + String::num(r->id)); - b.w("[ Id ]: ")->wn(r->id)->w(", [ Name ]: ")->w(r->name)->w(", [ Name Internal ]: ")->w(r->name_internal); - b.w(", [ Base Permissions ]: "); - - int pcount = 0; - int perms = r->base_permissions; - for (int i = 0; i < _registered_permissions.size(); ++i) { - if ((_registered_permissions[i].value & perms) != 0) { - if (pcount > 0) { - b.w(", "); - } - - b.w(_registered_permissions[i].name); - - ++pcount; - } - } - - if (pcount == 0) { - b.w("- None -"); - } - - b.w(", [ Rank Permissions ]: "); - - pcount = 0; - perms = r->rank_permissions; - for (int i = 0; i < _registered_rank_permissions.size(); ++i) { - if ((_registered_rank_permissions[i].value & perms) != 0) { - if (pcount > 0) { - b.w(", "); - } - - b.w(_registered_rank_permissions[i].name); - - ++pcount; - } - } - - if (pcount == 0) { - b.w("- None -"); - } - - b.ca(); - - b.w(" - "); - - b.a()->href(request->get_url_root("edit_rank/") + String::num(r->id)); - b.w("[ Edit ]"); - b.ca(); - } - b.cdiv(); - } - - b.br(); - - b.a()->href(request->get_url_root("new_rank")); - b.w("New Rank"); - b.ca(); - - request->body += b.result; -} - -void RBACController::admin_render_rank_editor(Request *request) { -} - -String RBACController::admin_get_section_name() { - return "Role Based Access Control"; -} - -void RBACController::admin_add_section_links(Vector *links) { - links->push_back(AdminSectionLinkInfo("Editor", "")); -} - -void RBACController::register_permission(const String &name, const int val) { - _registered_permissions.push_back(PermissionEntry(name, val)); -} -void RBACController::register_rank_permission(const String &name, const int val) { - _registered_rank_permissions.push_back(PermissionEntry(name, val)); -} -void RBACController::clear_registered_permissions() { - _registered_permissions.clear(); - _registered_rank_permissions.clear(); -} - -void RBACController::initialize() { - _ranks = db_load_ranks(); - _default_rank_id = db_get_default_rank(); - _default_user_rank_id = db_get_default_user_rank(); - - register_permissions(); -} - -void RBACController::register_permissions() { - register_permission("Create", User::PERMISSION_CREATE); - register_permission("Read", User::PERMISSION_READ); - register_permission("Update", User::PERMISSION_UPDATE); - register_permission("Delete", User::PERMISSION_DELETE); - - register_rank_permission("Admin Panel", RBAC_RANK_PERMISSION_ADMIN_PANEL); - register_rank_permission("Use Redirect", RBAC_RANK_PERMISSION_USE_REDIRECT); -} - -Ref RBACController::get_rank(int rank_id) { - return _ranks[rank_id]; -} - -int RBACController::get_default_user_rank_id() { - return _default_user_rank_id; -} -Ref RBACController::get_default_user_rank() { - return _ranks[get_default_user_rank_id()]; -} - -int RBACController::get_default_rank_id() { - return _default_rank_id; -} - -Ref RBACController::get_default_rank() { - return _ranks[get_default_rank_id()]; -} - -String &RBACController::get_redirect_url() { - return _redirect_url; -} - -bool RBACController::continue_on_missing_default_rank() { - //todo, add setting - return false; -} - -//DB - -std::map > RBACController::db_load_ranks() { - std::map > ranks; - - Ref qb = get_query_builder(); - - qb->select("id,name,name_internal,settings,base_permissions,rank_permissions")->from(_rbac_ranks_table); - Ref res = qb->run(); - - while (res->next_row()) { - Ref r; - r.instance(); - - r->id = res->get_cell_int(0); - r->name = res->get_cell_str(1); - r->name_internal = res->get_cell_str(2); - r->settings = res->get_cell_str(3); - r->base_permissions = res->get_cell_int(4); - r->rank_permissions = res->get_cell_int(5); - - ranks[r->id] = r; - } - - qb->reset(); - qb->select("id,rank_id,name,url,sort_order,permissions")->from(_rbac_permissions_table); - res = qb->run(); - - while (res->next_row()) { - Ref p; - p.instance(); - - p->id = res->get_cell_int(0); - p->rank_id = res->get_cell_int(1); - p->name = res->get_cell_str(2); - p->url = res->get_cell_str(3); - p->sort_order = res->get_cell_int(4); - p->permissions = res->get_cell_int(5); - - Ref r = ranks[p->rank_id]; - - if (!r.is_valid()) { - RLOG_ERR("RBACModel::load_permissions: !r.is_valid()!"); - continue; - } - - r->permissions.push_back(p); - } - - for (std::map >::iterator i = ranks.begin(); i != ranks.end(); ++i) { - Ref r = i->second; - - if (r.is_valid()) { - r->sort_permissions(); - } - } - - return ranks; -} - -void RBACController::db_save(const Ref &rank) { - db_save_rank(rank); - - for (int i = 0; i < rank->permissions.size(); ++i) { - Ref permission = rank->permissions[i]; - - int rid = rank->id; - - if (permission->rank_id != rid) { - permission->rank_id = rid; - } - - db_save_permission(permission); - } -} - -void RBACController::db_save_rank(const Ref &rank) { - Ref qb = get_query_builder(); - - if (rank->id == 0) { - qb->insert(_rbac_ranks_table, "name,name_internal,settings,base_permissions,rank_permissions")->values(); - qb->val(rank->name)->val(rank->name_internal)->val(rank->settings)->val(rank->base_permissions)->val(rank->rank_permissions); - qb->cvalues(); - qb->select_last_insert_id(); - Ref res = qb->run(); - //qb->print(); - - Ref r = rank; - - r->id = res->get_last_insert_rowid(); - } else { - qb->update(_rbac_ranks_table)->set(); - qb->setp("name", rank->name); - qb->setp("name_internal", rank->name_internal); - qb->setp("settings", rank->settings); - qb->setp("base_permissions", rank->base_permissions); - qb->setp("rank_permissions", rank->rank_permissions); - qb->cset(); - qb->where()->wp("id", rank->id); - qb->end_command(); - qb->run_query(); - //qb->print(); - } -} - -void RBACController::db_save_permission(const Ref &permission) { - Ref qb = get_query_builder(); - - if (permission->id == 0) { - qb->insert(_rbac_permissions_table, "rank_id,name,url,sort_order,permissions")->values(); - qb->val(permission->rank_id)->val(permission->name)->val(permission->url); - qb->val(permission->sort_order)->val(permission->permissions); - qb->cvalues(); - qb->select_last_insert_id(); - Ref res = qb->run(); - //qb->print(); - - Ref r = permission; - - r->id = res->get_last_insert_rowid(); - } else { - qb->update(_rbac_permissions_table)->set(); - qb->setp("rank_id", permission->rank_id); - qb->setp("name", permission->name); - qb->setp("url", permission->url); - qb->setp("sort_order", permission->sort_order); - qb->setp("permissions", permission->permissions); - qb->cset(); - qb->where()->wp("id", permission->id); - qb->end_command(); - qb->run_query(); - //qb->print(); - } -} - -int RBACController::db_get_default_rank() { - //todo, load this, and save it to a table (probably a new settings class) - return 3; -} - -int RBACController::db_get_default_user_rank() { - //todo, load this, and save it to a table (probably a new settings class) - return 2; -} - -String RBACController::db_get_redirect_url() { - //todo, load this, and save it to a table (probably a new settings class) - return String("/user/login"); -} - -void RBACController::create_table() { - Ref tb = get_table_builder(); - - tb->create_table(_rbac_ranks_table); - tb->integer("id")->auto_increment()->next_row(); - tb->varchar("name", 60)->not_null()->next_row(); - tb->varchar("name_internal", 100)->not_null()->next_row(); - tb->varchar("settings", 200)->not_null()->next_row(); - tb->integer("base_permissions")->not_null()->next_row(); - tb->integer("rank_permissions")->not_null()->next_row(); - tb->primary_key("id"); - tb->ccreate_table(); - //tb->run_query(); - //tb->print(); - - //tb->result = ""; - - tb->create_table(_rbac_permissions_table); - tb->integer("id")->auto_increment()->next_row(); - tb->integer("rank_id")->not_null()->next_row(); - tb->varchar("name", 60)->not_null()->next_row(); - tb->varchar("url", 100)->not_null()->next_row(); - tb->integer("sort_order")->not_null()->next_row(); - tb->integer("permissions")->not_null()->next_row(); - - tb->primary_key("id"); - tb->foreign_key("rank_id")->references(_rbac_ranks_table, "id"); - tb->ccreate_table(); - tb->run_query(); - //tb->print(); -} -void RBACController::drop_table() { - Ref tb = get_table_builder(); - - tb->drop_table_if_exists(_rbac_permissions_table)->drop_table_if_exists(_rbac_ranks_table)->run_query(); - //tb->print(); -} - -void RBACController::create_default_entries() { - Ref admin; - admin.instance(); - - admin->name = "Admin"; - admin->base_permissions = User::PERMISSION_ALL; - admin->rank_permissions = RBAC_RANK_PERMISSION_ADMIN_PANEL; - - db_save_rank(admin); - - Ref user; - user.instance(); - - user->name = "User"; - //user->base_permissions = User::PERMISSION_READ; - //user->rank_permissions = 0; - - //temporary! - user->base_permissions = User::PERMISSION_ALL; - user->rank_permissions = RBAC_RANK_PERMISSION_ADMIN_PANEL; - - db_save_rank(user); - - Ref guest; - guest.instance(); - - guest->name = "Guest"; - guest->base_permissions = User::PERMISSION_READ; - guest->rank_permissions = RBAC_RANK_PERMISSION_USE_REDIRECT; - - db_save_rank(guest); -} - - -RBACController *RBACController::get_singleton() { - return _self; -} - -RBACController::RBACController() : - AdminNode() { - - if (_self) { - printf("RBACController::RBACController(): Error! self is not null!/n"); - } - - _default_rank_id = 0; - _default_user_rank_id = 0; - - _rbac_ranks_table = "rbac_ranks"; - _rbac_permissions_table = "rbac_permissions"; - - _self = this; -} - -RBACController::~RBACController() { - if (_self == this) { - _self = nullptr; - } -} - -RBACController *RBACController::_self = nullptr; diff --git a/modules/web/nodes/rbac/rbac_controller.h b/modules/web/nodes/rbac/rbac_controller.h deleted file mode 100644 index b155cfe08..000000000 --- a/modules/web/nodes/rbac/rbac_controller.h +++ /dev/null @@ -1,127 +0,0 @@ -#ifndef RBAC_CONTROLLER_H -#define RBAC_CONTROLLER_H - -#include - -#include "web_modules/admin_panel/admin_node.h" - -#include "core/containers/vector.h" -#include "core/string.h" - -#include "rbac_permission.h" -#include "rbac_rank.h" - -class Request; -class FormValidator; - -class RBACController : public AdminNode { - RCPP_OBJECT(RBACController, AdminNode); - -public: - void handle_request_main(Request *request); - void create_validators(); - - void admin_handle_request_main(Request *request); - String admin_get_section_name(); - void admin_add_section_links(Vector *links); - - struct RBACAdminRankViewData { - Ref rank; - Vector messages; - - int id = 0; - String name = ""; - String name_internal = ""; - String settings = ""; - int rank_permissions = 0; - }; - - void admin_handle_new_rank(Request *request); - void admin_handle_edit_rank(Request *request); - void render_rank_view(Request *request, RBACAdminRankViewData *data); - - struct RBACAdminEditPermissionView { - Ref rank; - Ref permission; - Vector messages; - - int rank_id = 0; - int permission_id = 0; - }; - - void admin_permission_editor(Request *request); - void admin_render_permission_editor_main_view(Request *request, RBACAdminEditPermissionView *data); - void admin_render_permission_editor_entry_edit_create_view(Request *request, RBACAdminEditPermissionView *data); - bool admin_process_permission_editor_entry_edit_create_post(Request *request, RBACAdminEditPermissionView *data); - - void admin_render_rank_list(Request *request); - void admin_render_rank_editor(Request *request); - - void register_permission(const String &name, const int val); - void register_rank_permission(const String &name, const int val); - void clear_registered_permissions(); - - void initialize(); - virtual void register_permissions(); - - Ref get_rank(int rank_id); - - int get_default_user_rank_id(); - Ref get_default_user_rank(); - - int get_default_rank_id(); - Ref get_default_rank(); - - String &get_redirect_url(); - - bool continue_on_missing_default_rank(); - - // db - - virtual std::map > db_load_ranks(); - - virtual void db_save(const Ref &rank); - virtual void db_save_rank(const Ref &rank); - virtual void db_save_permission(const Ref &permission); - virtual int db_get_default_rank(); - virtual int db_get_default_user_rank(); - virtual String db_get_redirect_url(); - - void create_table(); - void drop_table(); - void create_default_entries(); - - static RBACController *get_singleton(); - - RBACController(); - ~RBACController(); - -protected: - static RBACController *_self; - - int _default_rank_id; - int _default_user_rank_id; - std::map > _ranks; - String _redirect_url; - - struct PermissionEntry { - String name; - int value; - - PermissionEntry() { - } - - PermissionEntry(const String &p_name, const int p_val) { - name = p_name; - value = p_val; - } - }; - - String _rbac_ranks_table; - String _rbac_permissions_table; - - Vector _registered_permissions; - Vector _registered_rank_permissions; -}; - -#endif \ No newline at end of file diff --git a/modules/web/nodes/rbac/rbac_default_permissions.h b/modules/web/nodes/rbac/rbac_default_permissions.h deleted file mode 100644 index b4b214931..000000000 --- a/modules/web/nodes/rbac/rbac_default_permissions.h +++ /dev/null @@ -1,9 +0,0 @@ -#ifndef RBAC_DEFAULT_PERMISSIONS_H -#define RBAC_DEFAULT_PERMISSIONS_H - -enum RBACDefaultRankPermissions { - RBAC_RANK_PERMISSION_ADMIN_PANEL = 1 << 0, - RBAC_RANK_PERMISSION_USE_REDIRECT = 1 << 1, -}; - -#endif \ No newline at end of file diff --git a/modules/web/nodes/rbac/rbac_permission.cpp b/modules/web/nodes/rbac/rbac_permission.cpp deleted file mode 100644 index 12c394efb..000000000 --- a/modules/web/nodes/rbac/rbac_permission.cpp +++ /dev/null @@ -1,21 +0,0 @@ -#include "rbac_permission.h" - -bool RBACPermission::is_smaller(const Ref &b) const { - if (!b.is_valid()) { - return true; - } - - return sort_order < b->sort_order; -} - -RBACPermission::RBACPermission() : - Resource() { - - id = 0; - rank_id = 0; - sort_order = 0; - permissions = 0; -} - -RBACPermission::~RBACPermission() { -} diff --git a/modules/web/nodes/rbac/rbac_permission.h b/modules/web/nodes/rbac/rbac_permission.h deleted file mode 100644 index 150090dd5..000000000 --- a/modules/web/nodes/rbac/rbac_permission.h +++ /dev/null @@ -1,25 +0,0 @@ -#ifndef RBAC_PERMISSION_H -#define RBAC_PERMISSION_H - -#include "core/string.h" - -#include "core/resource.h" - -class RBACPermission : public Resource { - RCPP_OBJECT(RBACPermission, Resource); - -public: - int id; - int rank_id; - String name; - String url; - int sort_order; - int permissions; - - bool is_smaller(const Ref &b) const; - - RBACPermission(); - ~RBACPermission(); -}; - -#endif \ No newline at end of file diff --git a/modules/web/nodes/rbac/rbac_rank.cpp b/modules/web/nodes/rbac/rbac_rank.cpp deleted file mode 100644 index 5a43f0dfe..000000000 --- a/modules/web/nodes/rbac/rbac_rank.cpp +++ /dev/null @@ -1,77 +0,0 @@ -#include "rbac_rank.h" - -#include "web/http/request.h" - -Ref RBACRank::match_request(Request *request) { - const String &full_path = request->get_path_full(); - - Ref perm; - int current_max = 0; - - for (int i = 0; i < permissions.size(); ++i) { - Ref p; - - if (!p.is_valid()) { - continue; - } - - int c = full_path.first_difference_index(p->url); - - if (c > current_max) { - perm = p; - current_max = c; - } - } - - return perm; -} - -bool RBACRank::get_permissions(Request *request) { - int perm = base_permissions; - - Ref match = match_request(request); - - if (match.is_valid()) { - perm = match->permissions; - } - - return perm; -} - -bool RBACRank::has_permission(Request *request, const int permission) { - int perm = base_permissions; - - Ref match = match_request(request); - - if (match.is_valid()) { - perm = match->permissions; - } - - return (perm & permission) != 0; -} - -bool RBACRank::has_rank_permission(const int permission) { - return (rank_permissions & permission) != 0; -} - -void RBACRank::sort_permissions() { - for (int i = 0; i < permissions.size(); ++i) { - for (int j = i + 1; j < permissions.size(); ++j) { - if (permissions[j]->is_smaller(permissions[i])) { - permissions.swap(i, j); - } - } - } -} - -RBACRank::RBACRank() : - Resource() { - - id = 0; - base_permissions = 0; - rank_permissions = 0; -} - -RBACRank::~RBACRank() { - permissions.clear(); -} diff --git a/modules/web/nodes/rbac/rbac_rank.h b/modules/web/nodes/rbac/rbac_rank.h deleted file mode 100644 index 674cded86..000000000 --- a/modules/web/nodes/rbac/rbac_rank.h +++ /dev/null @@ -1,40 +0,0 @@ -#ifndef RBAC_RANK_H -#define RBAC_RANK_H - -#include "core/string.h" -#include "core/containers/vector.h" - -#include "core/resource.h" - -#include "rbac_permission.h" - -class Request; - -class RBACRank : public Resource { - RCPP_OBJECT(RBACRank, Resource); - -public: - int id; - - String name; - String name_internal; - String settings; - - int base_permissions; - int rank_permissions; - - Vector > permissions; - - Ref match_request(Request *request); - - bool get_permissions(Request *request); - bool has_permission(Request *request, const int permission); - bool has_rank_permission(const int permission); - - void sort_permissions(); - - RBACRank(); - ~RBACRank(); -}; - -#endif \ No newline at end of file diff --git a/modules/web/nodes/rbac_users/rbac_user.cpp b/modules/web/nodes/rbac_users/rbac_user.cpp deleted file mode 100644 index 000ecb092..000000000 --- a/modules/web/nodes/rbac_users/rbac_user.cpp +++ /dev/null @@ -1,37 +0,0 @@ -#include "rbac_user.h" - -int RBACUser::get_permissions(Request *request) { - if (!rbac_rank.is_valid()) { - return 0; - } - - return rbac_rank->get_permissions(request); -} -bool RBACUser::has_permission(Request *request, const int permission) { - if (!rbac_rank.is_valid()) { - return false; - } - - return rbac_rank->has_permission(request, permission); -} -int RBACUser::get_additional_permissions(Request *request) { - if (!rbac_rank.is_valid()) { - return 0; - } - - return rbac_rank->rank_permissions; -} -bool RBACUser::has_additional_permission(Request *request, const int permission) { - if (!rbac_rank.is_valid()) { - return false; - } - - return rbac_rank->rank_permissions & permission; -} - -RBACUser::RBACUser() : - User() { -} - -RBACUser::~RBACUser() { -} diff --git a/modules/web/nodes/rbac_users/rbac_user.h b/modules/web/nodes/rbac_users/rbac_user.h deleted file mode 100644 index f86acf1fe..000000000 --- a/modules/web/nodes/rbac_users/rbac_user.h +++ /dev/null @@ -1,27 +0,0 @@ -#ifndef RBAC_USER_H -#define RBAC_USER_H - -#include "core/string.h" - -#include "web_modules/users/user.h" -#include "web_modules/rbac/rbac_rank.h" - -class Request; -class FormValidator; - -class RBACUser : public User { - RCPP_OBJECT(RBACUser, User); - -public: - Ref rbac_rank; - - int get_permissions(Request *request); - bool has_permission(Request *request, const int permission); - int get_additional_permissions(Request *request); - bool has_additional_permission(Request *request, const int permission); - - RBACUser(); - ~RBACUser(); -}; - -#endif \ No newline at end of file diff --git a/modules/web/nodes/rbac_users/rbac_user_controller.cpp b/modules/web/nodes/rbac_users/rbac_user_controller.cpp deleted file mode 100644 index deac3f4dd..000000000 --- a/modules/web/nodes/rbac_users/rbac_user_controller.cpp +++ /dev/null @@ -1,146 +0,0 @@ -#include "rbac_user_controller.h" - -#include "web/http/http_session.h" -#include "web/http/request.h" - -#include "web_modules/rbac/rbac_controller.h" -#include "web_modules/rbac/rbac_default_permissions.h" -#include "rbac_user.h" - -Ref RBACUserController::db_get_user(const int id) { - Ref u = UserController::db_get_user(id); - - if (u.is_valid()) { - u->rbac_rank = RBACController::get_singleton()->get_rank(u->rank); - } - - return u; -} -Ref RBACUserController::db_get_user(const String &user_name_input) { - Ref u = UserController::db_get_user(user_name_input); - - if (u.is_valid()) { - u->rbac_rank = RBACController::get_singleton()->get_rank(u->rank); - } - - return u; -} - -Vector > RBACUserController::db_get_all() { - Vector > users = UserController::db_get_all(); - - for (int i = 0; i < users.size(); ++i) { - Ref u = users[i]; - - if (u.is_valid()) { - u->rbac_rank = RBACController::get_singleton()->get_rank(u->rank); - } - } - - return users; -} - -Ref RBACUserController::create_user() { - Ref u; - u.instance(); - - u->rank = RBACController::get_singleton()->get_default_user_rank_id(); - u->rbac_rank = RBACController::get_singleton()->get_rank(u->rank); - - return u; -} - -RBACUserController::RBACUserController() : - UserController() { -} - -RBACUserController::~RBACUserController() { -} - -// returnring true means handled, false means continue -bool RBACUserSessionSetupMiddleware::on_before_handle_request_main(Request *request) { - if (request->session.is_valid()) { - int user_id = request->session->get_int("user_id"); - - if (user_id != 0) { - - Ref u = UserController::get_singleton()->db_get_user(user_id); - - if (u.is_valid()) { - request->reference_data["user"] = u; - } else { - // log - request->session->remove("user_id"); - } - } - } - - return false; -} - -RBACUserSessionSetupMiddleware::RBACUserSessionSetupMiddleware() { -} -RBACUserSessionSetupMiddleware::~RBACUserSessionSetupMiddleware() { -} - -// returnring true means handled, false means continue -bool RBACDefaultUserSessionSetupMiddleware::on_before_handle_request_main(Request *request) { - // note: add a new file handler middleware func, so basic file handling is easy to set up before this - - Ref rank; - - if (request->session.is_valid()) { - int user_id = request->session->get_int("user_id"); - - if (user_id != 0) { - - Ref u = UserController::get_singleton()->db_get_user(user_id); - - if (u.is_valid()) { - rank = u->rbac_rank; - - request->reference_data["user"] = u; - } else { - // log - request->session->remove("user_id"); - } - } - } - - if (!rank.is_valid()) { - rank = RBACController::get_singleton()->get_default_rank(); - - if (!rank.is_valid()) { - if (RBACController::get_singleton()->continue_on_missing_default_rank()) { - RLOG_ERR("get_default_rank() has not been set up properly!!! Continuing!"); - return false; - } else { - RLOG_ERR("get_default_rank() has not been set up properly!!! Sending 404!"); - request->send_error(404); - return true; - } - - - } - } - - if (!rank->has_permission(request, User::PERMISSION_READ)) { - if (rank->has_rank_permission(RBAC_RANK_PERMISSION_USE_REDIRECT)) { - // Note this can make the webapp prone to enumerations, if not done correctly - // e.g. redirect from /admin, but sending 404 on a non existing uri, which does not have - // a special rbac entry - request->send_redirect(RBACController::get_singleton()->get_redirect_url()); - return true; - } - - request->send_error(404); - return true; - } - - return false; -} - -RBACDefaultUserSessionSetupMiddleware::RBACDefaultUserSessionSetupMiddleware() { -} -RBACDefaultUserSessionSetupMiddleware::~RBACDefaultUserSessionSetupMiddleware() { -} diff --git a/modules/web/nodes/rbac_users/rbac_user_controller.h b/modules/web/nodes/rbac_users/rbac_user_controller.h deleted file mode 100644 index 24ec78038..000000000 --- a/modules/web/nodes/rbac_users/rbac_user_controller.h +++ /dev/null @@ -1,54 +0,0 @@ -#ifndef RBAC_USER_CONTROLLER_H -#define RBAC_USER_CONTROLLER_H - -#include "web_modules/users/user_controller.h" - -#include "web/http/middleware.h" - -class Request; - -class RBACUserController : public UserController { - RCPP_OBJECT(RBACUserController, UserController); - -public: - // db - - Ref db_get_user(const int id); - Ref db_get_user(const String &user_name_input); - - Vector > db_get_all(); - - Ref create_user(); - - RBACUserController(); - ~RBACUserController(); - -protected: -}; - -// just session setup -class RBACUserSessionSetupMiddleware : public Middleware { - RCPP_OBJECT(RBACUserSessionSetupMiddleware, Middleware); - -public: - //returnring true means handled, false means continue - bool on_before_handle_request_main(Request *request); - - RBACUserSessionSetupMiddleware(); - ~RBACUserSessionSetupMiddleware(); -}; - -// this one also handles missing read permission / redirect -class RBACDefaultUserSessionSetupMiddleware : public Middleware { - RCPP_OBJECT(RBACDefaultUserSessionSetupMiddleware, Middleware); - -public: - //returnring true means handled, false means continue - bool on_before_handle_request_main(Request *request); - - RBACDefaultUserSessionSetupMiddleware(); - ~RBACDefaultUserSessionSetupMiddleware(); -}; - - -#endif \ No newline at end of file