mirror of
https://github.com/Relintai/pandemonium_engine.git
synced 2024-12-23 12:26:59 +01:00
Remove drbac and related classes.
This commit is contained in:
parent
3f481f6eba
commit
9d5828a6bd
@ -3,8 +3,8 @@
|
||||
|
||||
#include "web/http/web_node.h"
|
||||
|
||||
#include "core/string.h"
|
||||
#include "core/containers/vector.h"
|
||||
#include "core/string.h"
|
||||
|
||||
class Request;
|
||||
class FormValidator;
|
||||
|
@ -1,872 +0,0 @@
|
||||
#include "rbac_controller.h"
|
||||
|
||||
#include "core/error_macros.h"
|
||||
|
||||
#include "web/html/form_validator.h"
|
||||
#include "web/html/html_builder.h"
|
||||
#include "web/http/cookie.h"
|
||||
#include "web/http/http_session.h"
|
||||
#include "web/http/request.h"
|
||||
#include "web/http/session_manager.h"
|
||||
#include "rbac_default_permissions.h"
|
||||
#include "web_modules/users/user.h"
|
||||
|
||||
#include "database/database.h"
|
||||
#include "database/database_manager.h"
|
||||
#include "database/query_builder.h"
|
||||
#include "database/query_result.h"
|
||||
#include "database/table_builder.h"
|
||||
|
||||
void RBACController::handle_request_main(Request *request) {
|
||||
}
|
||||
|
||||
void RBACController::create_validators() {
|
||||
}
|
||||
|
||||
void RBACController::admin_handle_request_main(Request *request) {
|
||||
String seg = request->get_current_path_segment();
|
||||
|
||||
if (seg == "") {
|
||||
admin_render_rank_list(request);
|
||||
return;
|
||||
} else if (seg == "new_rank") {
|
||||
request->push_path();
|
||||
|
||||
admin_handle_new_rank(request);
|
||||
} else if (seg == "edit_rank") {
|
||||
request->push_path();
|
||||
|
||||
admin_handle_edit_rank(request);
|
||||
} else if (seg == "permission_editor") {
|
||||
request->push_path();
|
||||
|
||||
admin_permission_editor(request);
|
||||
}
|
||||
}
|
||||
|
||||
void RBACController::admin_handle_new_rank(Request *request) {
|
||||
|
||||
if (request->get_method() == HTTP_METHOD_POST) {
|
||||
Ref<RBACRank> rank;
|
||||
rank.instance();
|
||||
|
||||
rank->name = request->get_parameter("name");
|
||||
rank->name_internal = request->get_parameter("name_internal");
|
||||
rank->settings = request->get_parameter("settings");
|
||||
|
||||
int base_permissions = 0;
|
||||
|
||||
for (int i = 0; i < _registered_permissions.size(); ++i) {
|
||||
String param = request->get_parameter("perm_check_" + String::num(i));
|
||||
|
||||
if (param != "") {
|
||||
base_permissions |= _registered_permissions[i].value;
|
||||
}
|
||||
}
|
||||
|
||||
rank->base_permissions = base_permissions;
|
||||
|
||||
int rank_permissions = 0;
|
||||
|
||||
for (int i = 0; i < _registered_rank_permissions.size(); ++i) {
|
||||
String param = request->get_parameter("perm_rank_check_" + String::num(i));
|
||||
|
||||
if (param != "") {
|
||||
rank_permissions |= _registered_rank_permissions[i].value;
|
||||
}
|
||||
}
|
||||
|
||||
rank->rank_permissions = rank_permissions;
|
||||
|
||||
db_save_rank(rank);
|
||||
|
||||
_ranks[rank->id] = rank;
|
||||
|
||||
request->send_redirect(request->get_url_root_parent() + "edit_rank/" + String::num(rank->id));
|
||||
return;
|
||||
}
|
||||
|
||||
RBACAdminRankViewData data;
|
||||
render_rank_view(request, &data);
|
||||
}
|
||||
|
||||
void RBACController::admin_handle_edit_rank(Request *request) {
|
||||
String seg = request->get_current_path_segment();
|
||||
|
||||
//check whether it's numeric
|
||||
//if (!seg.is)
|
||||
|
||||
int id = seg.to_int();
|
||||
|
||||
if (id == 0) {
|
||||
RLOG_MSG("RBACController::admin_handle_edit_rank: id == 0!\n");
|
||||
request->send_redirect(request->get_url_root_parent());
|
||||
return;
|
||||
}
|
||||
|
||||
Ref<RBACRank> rank = _ranks[id];
|
||||
|
||||
if (!rank.is_valid()) {
|
||||
RLOG_MSG("RBACController::admin_handle_edit_rank: !rank.is_valid()\n");
|
||||
request->send_redirect(request->get_url_root_parent());
|
||||
return;
|
||||
}
|
||||
|
||||
RBACAdminRankViewData data;
|
||||
data.rank = rank;
|
||||
|
||||
if (request->get_method() == HTTP_METHOD_POST) {
|
||||
rank->name = request->get_parameter("name");
|
||||
rank->name_internal = request->get_parameter("name_internal");
|
||||
rank->settings = request->get_parameter("settings");
|
||||
|
||||
int base_permissions = 0;
|
||||
|
||||
for (int i = 0; i < _registered_permissions.size(); ++i) {
|
||||
String param = request->get_parameter("perm_check_" + String::num(i));
|
||||
|
||||
if (param != "") {
|
||||
base_permissions |= _registered_permissions[i].value;
|
||||
}
|
||||
}
|
||||
|
||||
rank->base_permissions = base_permissions;
|
||||
|
||||
int rank_permissions = 0;
|
||||
|
||||
for (int i = 0; i < _registered_rank_permissions.size(); ++i) {
|
||||
String param = request->get_parameter("perm_rank_check_" + String::num(i));
|
||||
|
||||
if (param != "") {
|
||||
rank_permissions |= _registered_rank_permissions[i].value;
|
||||
}
|
||||
}
|
||||
|
||||
rank->rank_permissions = rank_permissions;
|
||||
|
||||
db_save_rank(rank);
|
||||
|
||||
data.messages.push_back("Save Success!");
|
||||
}
|
||||
|
||||
render_rank_view(request, &data);
|
||||
}
|
||||
|
||||
void RBACController::render_rank_view(Request *request, RBACAdminRankViewData *data) {
|
||||
int id = 0;
|
||||
String name = "";
|
||||
String name_internal = "";
|
||||
String settings = "";
|
||||
int base_permissions = 0;
|
||||
int rank_permissions = 0;
|
||||
|
||||
if (data->rank.is_valid()) {
|
||||
id = data->rank->id;
|
||||
name = data->rank->name;
|
||||
name_internal = data->rank->name_internal;
|
||||
settings = data->rank->settings;
|
||||
base_permissions = data->rank->base_permissions;
|
||||
rank_permissions = data->rank->rank_permissions;
|
||||
}
|
||||
|
||||
HTMLBuilder b;
|
||||
|
||||
b.h4()->f()->a()->href(request->get_url_root_parent())->f()->w("<- Back")->ca()->ch4();
|
||||
b.h4()->f()->w("RBAC Editor")->ch4();
|
||||
|
||||
b.div()->cls("messages");
|
||||
for (int i = 0; i < data->messages.size(); ++i) {
|
||||
b.w(data->messages[i])->br();
|
||||
}
|
||||
b.cdiv();
|
||||
|
||||
b.form()->method("POST")->action(request->get_url_root() + String::num(id));
|
||||
{
|
||||
b.csrf_token(request);
|
||||
|
||||
//b.input()->type("hidden")->name("id")->value(String::num(id))->f()->cinput();
|
||||
b.w("Name:")->br();
|
||||
b.input()->type("text")->name("name")->value(name)->f()->br();
|
||||
b.w("Name (Internal):")->br();
|
||||
b.input()->type("text")->name("name_internal")->value(name_internal)->f()->cinput()->br();
|
||||
b.w("Custom Settings:")->br();
|
||||
b.input()->type("text")->name("settings")->value(settings)->f()->cinput()->br();
|
||||
|
||||
b.w("Base Permissions:")->br();
|
||||
|
||||
for (int i = 0; i < _registered_permissions.size(); ++i) {
|
||||
String checkbox_name = "perm_check_" + String::num(i);
|
||||
|
||||
b.input()->type("checkbox")->name(checkbox_name)->value(checkbox_name)->id(checkbox_name)->checked((base_permissions & _registered_permissions[i].value) != 0);
|
||||
b.label()->fora(checkbox_name)->f()->w(_registered_permissions[i].name)->clabel();
|
||||
}
|
||||
|
||||
b.br();
|
||||
|
||||
b.w("Rank Permissions:")->br();
|
||||
|
||||
for (int i = 0; i < _registered_rank_permissions.size(); ++i) {
|
||||
String checkbox_name = "perm_rank_check_" + String::num(i);
|
||||
|
||||
b.input()->type("checkbox")->name(checkbox_name)->value(checkbox_name)->id(checkbox_name)->checked((rank_permissions & _registered_rank_permissions[i].value) != 0);
|
||||
b.label()->fora(checkbox_name)->f()->w(_registered_rank_permissions[i].name)->clabel();
|
||||
}
|
||||
|
||||
b.br();
|
||||
|
||||
b.input()->type("submit")->value("Save");
|
||||
}
|
||||
b.cform();
|
||||
|
||||
request->body += b.result;
|
||||
}
|
||||
|
||||
void RBACController::admin_permission_editor(Request *request) {
|
||||
|
||||
String seg = request->get_current_path_segment();
|
||||
|
||||
//check whether it's numeric
|
||||
//if (!seg.is)
|
||||
|
||||
int id = seg.to_int();
|
||||
|
||||
if (id == 0) {
|
||||
RLOG_MSG("RBACController::admin_permission_editor: id == 0!\n");
|
||||
request->send_redirect(request->get_url_root_parent());
|
||||
return;
|
||||
}
|
||||
|
||||
Ref<RBACRank> rank = _ranks[id];
|
||||
|
||||
if (!rank.is_valid()) {
|
||||
RLOG_MSG("RBACController::admin_permission_editor: !rank.is_valid()\n");
|
||||
request->send_redirect(request->get_url_root_parent());
|
||||
return;
|
||||
}
|
||||
|
||||
RBACAdminEditPermissionView data;
|
||||
data.rank = rank;
|
||||
|
||||
request->push_path();
|
||||
|
||||
String segn = request->get_current_path_segment();
|
||||
|
||||
if (segn == "") {
|
||||
admin_render_permission_editor_main_view(request, &data);
|
||||
return;
|
||||
}
|
||||
|
||||
if (segn == "new") {
|
||||
request->push_path();
|
||||
|
||||
if (request->get_method() == HTTP_METHOD_POST) {
|
||||
if (admin_process_permission_editor_entry_edit_create_post(request, &data)) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
admin_render_permission_editor_entry_edit_create_view(request, &data);
|
||||
return;
|
||||
}
|
||||
|
||||
if (segn.is_uint()) {
|
||||
int perm_index = segn.to_int();
|
||||
|
||||
request->push_path();
|
||||
|
||||
if (perm_index < 0 || perm_index >= rank->permissions.size()) {
|
||||
RLOG_ERR("(perm_index < 0 || perm_index >= rank->permissions.size())!\n");
|
||||
request->send_redirect(request->get_url_root_parent());
|
||||
return;
|
||||
}
|
||||
|
||||
data.permission = rank->permissions[perm_index];
|
||||
|
||||
if (!data.permission.is_valid()) {
|
||||
RLOG_ERR("(!data.permission.is_valid()\n");
|
||||
request->send_error(503);
|
||||
return;
|
||||
}
|
||||
|
||||
if (request->get_method() == HTTP_METHOD_POST) {
|
||||
if (admin_process_permission_editor_entry_edit_create_post(request, &data)) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
admin_render_permission_editor_entry_edit_create_view(request, &data);
|
||||
return;
|
||||
}
|
||||
|
||||
request->send_error(404);
|
||||
}
|
||||
|
||||
void RBACController::admin_render_permission_editor_main_view(Request *request, RBACAdminEditPermissionView *data) {
|
||||
HTMLBuilder b;
|
||||
|
||||
Ref<RBACRank> rank = data->rank;
|
||||
|
||||
b.h4()->f()->a()->href(request->get_url_root_parent(2))->f()->w("<- Back")->ca()->ch4();
|
||||
b.h4()->f()->w("RBAC Editor")->ch4();
|
||||
|
||||
b.div()->cls("heading");
|
||||
{
|
||||
b.w("[ Id ]: ")->wn(rank->id)->w(", [ Name ]: ")->w(rank->name)->w(", [ Name Internal ]: ")->w(rank->name_internal);
|
||||
}
|
||||
b.cdiv();
|
||||
|
||||
b.br();
|
||||
|
||||
for (int i = 0; i < rank->permissions.size(); ++i) {
|
||||
Ref<RBACPermission> perm = rank->permissions[i];
|
||||
|
||||
if (!perm.is_valid()) {
|
||||
RLOG_ERR("RBACController::admin_render_permission_editor_main_view: !perm.is_valid()\n");
|
||||
continue;
|
||||
}
|
||||
|
||||
b.div()->cls("row");
|
||||
{
|
||||
b.a()->href(request->get_url_root() + String::num(i));
|
||||
|
||||
b.w("-- Rank: [ Id ]: ")->wn(perm->id)->w(", [ Rank Id ]: ")->wn(perm->rank_id)->w(", [ Name ]: ")->w(perm->name);
|
||||
b.w(" [ URL ]: ")->w(perm->url)->w(", [ Sort Order ]: ")->wn(perm->sort_order);
|
||||
b.w(" [ Permissions ]: ");
|
||||
|
||||
int pcount = 0;
|
||||
int perms = perm->permissions;
|
||||
for (int i = 0; i < _registered_permissions.size(); ++i) {
|
||||
if ((_registered_permissions[i].value & perms) != 0) {
|
||||
if (pcount > 0) {
|
||||
b.w(", ");
|
||||
}
|
||||
|
||||
b.w(_registered_permissions[i].name);
|
||||
|
||||
++pcount;
|
||||
}
|
||||
}
|
||||
|
||||
if (pcount == 0) {
|
||||
b.w("- None -");
|
||||
}
|
||||
|
||||
b.ca();
|
||||
}
|
||||
b.cdiv();
|
||||
}
|
||||
|
||||
b.br();
|
||||
|
||||
b.a()->href(request->get_url_root("new"));
|
||||
b.w("New Permission");
|
||||
b.ca();
|
||||
|
||||
request->body += b.result;
|
||||
}
|
||||
|
||||
void RBACController::admin_render_permission_editor_entry_edit_create_view(Request *request, RBACAdminEditPermissionView *data) {
|
||||
HTMLBuilder b;
|
||||
|
||||
Ref<RBACRank> rank = data->rank;
|
||||
Ref<RBACPermission> perm = data->permission;
|
||||
|
||||
String name;
|
||||
String url;
|
||||
int sort_order = 0;
|
||||
int permissions = 0;
|
||||
|
||||
if (perm.is_valid()) {
|
||||
name = perm->name;
|
||||
url = perm->url;
|
||||
sort_order = perm->sort_order;
|
||||
permissions = perm->permissions;
|
||||
}
|
||||
|
||||
b.h4()->f()->a()->href(request->get_url_root_parent())->f()->w("<- Back")->ca()->ch4();
|
||||
b.h4()->f()->w("RBAC Editor")->ch4();
|
||||
b.br();
|
||||
|
||||
b.div()->cls("messages");
|
||||
for (int i = 0; i < data->messages.size(); ++i) {
|
||||
b.w(data->messages[i])->br();
|
||||
}
|
||||
b.cdiv();
|
||||
b.br();
|
||||
|
||||
b.div()->cls("heading");
|
||||
{
|
||||
b.w("Rank: [ Id ]: ")->wn(rank->id)->w(", [ Name ]: ")->w(rank->name)->w(", [ Name Internal ]: ")->w(rank->name_internal);
|
||||
}
|
||||
b.cdiv();
|
||||
b.br();
|
||||
|
||||
b.form()->method("POST")->action(request->get_url_root());
|
||||
{
|
||||
b.csrf_token(request);
|
||||
|
||||
b.w("Name:")->br();
|
||||
b.input()->type("text")->name("name")->value(name)->f()->br();
|
||||
b.w("URL:")->br();
|
||||
b.input()->type("text")->name("url")->value(url)->f()->cinput()->br();
|
||||
|
||||
b.w("Permissions:")->br();
|
||||
|
||||
for (int i = 0; i < _registered_permissions.size(); ++i) {
|
||||
String checkbox_name = "perm_check_" + String::num(i);
|
||||
|
||||
b.input()->type("checkbox")->name(checkbox_name)->value(checkbox_name)->id(checkbox_name)->checked((permissions & _registered_permissions[i].value) != 0);
|
||||
b.label()->fora(checkbox_name)->f()->w(_registered_permissions[i].name)->clabel();
|
||||
}
|
||||
|
||||
b.br();
|
||||
|
||||
b.input()->type("submit")->value("Save");
|
||||
}
|
||||
b.cform();
|
||||
|
||||
request->body += b.result;
|
||||
}
|
||||
|
||||
bool RBACController::admin_process_permission_editor_entry_edit_create_post(Request *request, RBACAdminEditPermissionView *data) {
|
||||
Ref<RBACRank> rank = data->rank;
|
||||
|
||||
Ref<RBACPermission> perm = data->permission;
|
||||
|
||||
if (!perm.is_valid()) {
|
||||
perm.instance();
|
||||
|
||||
perm->rank_id = rank->id;
|
||||
|
||||
if (rank->permissions.size() > 0) {
|
||||
Ref<RBACPermission> p = rank->permissions[rank->permissions.size() - 1];
|
||||
|
||||
perm->sort_order = p->sort_order + 1;
|
||||
}
|
||||
|
||||
rank->permissions.push_back(perm);
|
||||
}
|
||||
|
||||
perm->name = request->get_parameter("name");
|
||||
perm->url = request->get_parameter("url");
|
||||
|
||||
int permissions = 0;
|
||||
|
||||
for (int i = 0; i < _registered_permissions.size(); ++i) {
|
||||
String param = request->get_parameter("perm_check_" + String::num(i));
|
||||
|
||||
if (param != "") {
|
||||
permissions |= _registered_permissions[i].value;
|
||||
}
|
||||
}
|
||||
|
||||
perm->permissions = permissions;
|
||||
|
||||
//set this up in the form by default
|
||||
//perm->sort_order = request->get_parameter("sort_order").to_int();
|
||||
|
||||
db_save_permission(perm);
|
||||
|
||||
if (perm->id == 0) {
|
||||
RLOG_ERR("RBACController::admin_process_permission_editor_entry_edit_create_post: perm->id == 0!\n");
|
||||
}
|
||||
|
||||
request->send_redirect(request->get_url_root_parent());
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
void RBACController::admin_render_rank_list(Request *request) {
|
||||
HTMLBuilder b;
|
||||
|
||||
b.h4()->f()->a()->href(request->get_url_root_parent())->f()->w("<- Back")->ca()->ch4();
|
||||
b.h4()->f()->w("RBAC Editor")->ch4();
|
||||
|
||||
for (std::map<int, Ref<RBACRank> >::iterator p = _ranks.begin(); p != _ranks.end(); p++) {
|
||||
Ref<RBACRank> r = p->second;
|
||||
|
||||
if (!r.is_valid()) {
|
||||
continue;
|
||||
}
|
||||
|
||||
b.div()->cls("row");
|
||||
{
|
||||
b.a()->href(request->get_url_root("permission_editor/") + String::num(r->id));
|
||||
b.w("[ Id ]: ")->wn(r->id)->w(", [ Name ]: ")->w(r->name)->w(", [ Name Internal ]: ")->w(r->name_internal);
|
||||
b.w(", [ Base Permissions ]: ");
|
||||
|
||||
int pcount = 0;
|
||||
int perms = r->base_permissions;
|
||||
for (int i = 0; i < _registered_permissions.size(); ++i) {
|
||||
if ((_registered_permissions[i].value & perms) != 0) {
|
||||
if (pcount > 0) {
|
||||
b.w(", ");
|
||||
}
|
||||
|
||||
b.w(_registered_permissions[i].name);
|
||||
|
||||
++pcount;
|
||||
}
|
||||
}
|
||||
|
||||
if (pcount == 0) {
|
||||
b.w("- None -");
|
||||
}
|
||||
|
||||
b.w(", [ Rank Permissions ]: ");
|
||||
|
||||
pcount = 0;
|
||||
perms = r->rank_permissions;
|
||||
for (int i = 0; i < _registered_rank_permissions.size(); ++i) {
|
||||
if ((_registered_rank_permissions[i].value & perms) != 0) {
|
||||
if (pcount > 0) {
|
||||
b.w(", ");
|
||||
}
|
||||
|
||||
b.w(_registered_rank_permissions[i].name);
|
||||
|
||||
++pcount;
|
||||
}
|
||||
}
|
||||
|
||||
if (pcount == 0) {
|
||||
b.w("- None -");
|
||||
}
|
||||
|
||||
b.ca();
|
||||
|
||||
b.w(" - ");
|
||||
|
||||
b.a()->href(request->get_url_root("edit_rank/") + String::num(r->id));
|
||||
b.w("[ Edit ]");
|
||||
b.ca();
|
||||
}
|
||||
b.cdiv();
|
||||
}
|
||||
|
||||
b.br();
|
||||
|
||||
b.a()->href(request->get_url_root("new_rank"));
|
||||
b.w("New Rank");
|
||||
b.ca();
|
||||
|
||||
request->body += b.result;
|
||||
}
|
||||
|
||||
void RBACController::admin_render_rank_editor(Request *request) {
|
||||
}
|
||||
|
||||
String RBACController::admin_get_section_name() {
|
||||
return "Role Based Access Control";
|
||||
}
|
||||
|
||||
void RBACController::admin_add_section_links(Vector<AdminSectionLinkInfo> *links) {
|
||||
links->push_back(AdminSectionLinkInfo("Editor", ""));
|
||||
}
|
||||
|
||||
void RBACController::register_permission(const String &name, const int val) {
|
||||
_registered_permissions.push_back(PermissionEntry(name, val));
|
||||
}
|
||||
void RBACController::register_rank_permission(const String &name, const int val) {
|
||||
_registered_rank_permissions.push_back(PermissionEntry(name, val));
|
||||
}
|
||||
void RBACController::clear_registered_permissions() {
|
||||
_registered_permissions.clear();
|
||||
_registered_rank_permissions.clear();
|
||||
}
|
||||
|
||||
void RBACController::initialize() {
|
||||
_ranks = db_load_ranks();
|
||||
_default_rank_id = db_get_default_rank();
|
||||
_default_user_rank_id = db_get_default_user_rank();
|
||||
|
||||
register_permissions();
|
||||
}
|
||||
|
||||
void RBACController::register_permissions() {
|
||||
register_permission("Create", User::PERMISSION_CREATE);
|
||||
register_permission("Read", User::PERMISSION_READ);
|
||||
register_permission("Update", User::PERMISSION_UPDATE);
|
||||
register_permission("Delete", User::PERMISSION_DELETE);
|
||||
|
||||
register_rank_permission("Admin Panel", RBAC_RANK_PERMISSION_ADMIN_PANEL);
|
||||
register_rank_permission("Use Redirect", RBAC_RANK_PERMISSION_USE_REDIRECT);
|
||||
}
|
||||
|
||||
Ref<RBACRank> RBACController::get_rank(int rank_id) {
|
||||
return _ranks[rank_id];
|
||||
}
|
||||
|
||||
int RBACController::get_default_user_rank_id() {
|
||||
return _default_user_rank_id;
|
||||
}
|
||||
Ref<RBACRank> RBACController::get_default_user_rank() {
|
||||
return _ranks[get_default_user_rank_id()];
|
||||
}
|
||||
|
||||
int RBACController::get_default_rank_id() {
|
||||
return _default_rank_id;
|
||||
}
|
||||
|
||||
Ref<RBACRank> RBACController::get_default_rank() {
|
||||
return _ranks[get_default_rank_id()];
|
||||
}
|
||||
|
||||
String &RBACController::get_redirect_url() {
|
||||
return _redirect_url;
|
||||
}
|
||||
|
||||
bool RBACController::continue_on_missing_default_rank() {
|
||||
//todo, add setting
|
||||
return false;
|
||||
}
|
||||
|
||||
//DB
|
||||
|
||||
std::map<int, Ref<RBACRank> > RBACController::db_load_ranks() {
|
||||
std::map<int, Ref<RBACRank> > ranks;
|
||||
|
||||
Ref<QueryBuilder> qb = get_query_builder();
|
||||
|
||||
qb->select("id,name,name_internal,settings,base_permissions,rank_permissions")->from(_rbac_ranks_table);
|
||||
Ref<QueryResult> res = qb->run();
|
||||
|
||||
while (res->next_row()) {
|
||||
Ref<RBACRank> r;
|
||||
r.instance();
|
||||
|
||||
r->id = res->get_cell_int(0);
|
||||
r->name = res->get_cell_str(1);
|
||||
r->name_internal = res->get_cell_str(2);
|
||||
r->settings = res->get_cell_str(3);
|
||||
r->base_permissions = res->get_cell_int(4);
|
||||
r->rank_permissions = res->get_cell_int(5);
|
||||
|
||||
ranks[r->id] = r;
|
||||
}
|
||||
|
||||
qb->reset();
|
||||
qb->select("id,rank_id,name,url,sort_order,permissions")->from(_rbac_permissions_table);
|
||||
res = qb->run();
|
||||
|
||||
while (res->next_row()) {
|
||||
Ref<RBACPermission> p;
|
||||
p.instance();
|
||||
|
||||
p->id = res->get_cell_int(0);
|
||||
p->rank_id = res->get_cell_int(1);
|
||||
p->name = res->get_cell_str(2);
|
||||
p->url = res->get_cell_str(3);
|
||||
p->sort_order = res->get_cell_int(4);
|
||||
p->permissions = res->get_cell_int(5);
|
||||
|
||||
Ref<RBACRank> r = ranks[p->rank_id];
|
||||
|
||||
if (!r.is_valid()) {
|
||||
RLOG_ERR("RBACModel::load_permissions: !r.is_valid()!");
|
||||
continue;
|
||||
}
|
||||
|
||||
r->permissions.push_back(p);
|
||||
}
|
||||
|
||||
for (std::map<int, Ref<RBACRank> >::iterator i = ranks.begin(); i != ranks.end(); ++i) {
|
||||
Ref<RBACRank> r = i->second;
|
||||
|
||||
if (r.is_valid()) {
|
||||
r->sort_permissions();
|
||||
}
|
||||
}
|
||||
|
||||
return ranks;
|
||||
}
|
||||
|
||||
void RBACController::db_save(const Ref<RBACRank> &rank) {
|
||||
db_save_rank(rank);
|
||||
|
||||
for (int i = 0; i < rank->permissions.size(); ++i) {
|
||||
Ref<RBACPermission> permission = rank->permissions[i];
|
||||
|
||||
int rid = rank->id;
|
||||
|
||||
if (permission->rank_id != rid) {
|
||||
permission->rank_id = rid;
|
||||
}
|
||||
|
||||
db_save_permission(permission);
|
||||
}
|
||||
}
|
||||
|
||||
void RBACController::db_save_rank(const Ref<RBACRank> &rank) {
|
||||
Ref<QueryBuilder> qb = get_query_builder();
|
||||
|
||||
if (rank->id == 0) {
|
||||
qb->insert(_rbac_ranks_table, "name,name_internal,settings,base_permissions,rank_permissions")->values();
|
||||
qb->val(rank->name)->val(rank->name_internal)->val(rank->settings)->val(rank->base_permissions)->val(rank->rank_permissions);
|
||||
qb->cvalues();
|
||||
qb->select_last_insert_id();
|
||||
Ref<QueryResult> res = qb->run();
|
||||
//qb->print();
|
||||
|
||||
Ref<RBACRank> r = rank;
|
||||
|
||||
r->id = res->get_last_insert_rowid();
|
||||
} else {
|
||||
qb->update(_rbac_ranks_table)->set();
|
||||
qb->setp("name", rank->name);
|
||||
qb->setp("name_internal", rank->name_internal);
|
||||
qb->setp("settings", rank->settings);
|
||||
qb->setp("base_permissions", rank->base_permissions);
|
||||
qb->setp("rank_permissions", rank->rank_permissions);
|
||||
qb->cset();
|
||||
qb->where()->wp("id", rank->id);
|
||||
qb->end_command();
|
||||
qb->run_query();
|
||||
//qb->print();
|
||||
}
|
||||
}
|
||||
|
||||
void RBACController::db_save_permission(const Ref<RBACPermission> &permission) {
|
||||
Ref<QueryBuilder> qb = get_query_builder();
|
||||
|
||||
if (permission->id == 0) {
|
||||
qb->insert(_rbac_permissions_table, "rank_id,name,url,sort_order,permissions")->values();
|
||||
qb->val(permission->rank_id)->val(permission->name)->val(permission->url);
|
||||
qb->val(permission->sort_order)->val(permission->permissions);
|
||||
qb->cvalues();
|
||||
qb->select_last_insert_id();
|
||||
Ref<QueryResult> res = qb->run();
|
||||
//qb->print();
|
||||
|
||||
Ref<RBACPermission> r = permission;
|
||||
|
||||
r->id = res->get_last_insert_rowid();
|
||||
} else {
|
||||
qb->update(_rbac_permissions_table)->set();
|
||||
qb->setp("rank_id", permission->rank_id);
|
||||
qb->setp("name", permission->name);
|
||||
qb->setp("url", permission->url);
|
||||
qb->setp("sort_order", permission->sort_order);
|
||||
qb->setp("permissions", permission->permissions);
|
||||
qb->cset();
|
||||
qb->where()->wp("id", permission->id);
|
||||
qb->end_command();
|
||||
qb->run_query();
|
||||
//qb->print();
|
||||
}
|
||||
}
|
||||
|
||||
int RBACController::db_get_default_rank() {
|
||||
//todo, load this, and save it to a table (probably a new settings class)
|
||||
return 3;
|
||||
}
|
||||
|
||||
int RBACController::db_get_default_user_rank() {
|
||||
//todo, load this, and save it to a table (probably a new settings class)
|
||||
return 2;
|
||||
}
|
||||
|
||||
String RBACController::db_get_redirect_url() {
|
||||
//todo, load this, and save it to a table (probably a new settings class)
|
||||
return String("/user/login");
|
||||
}
|
||||
|
||||
void RBACController::create_table() {
|
||||
Ref<TableBuilder> tb = get_table_builder();
|
||||
|
||||
tb->create_table(_rbac_ranks_table);
|
||||
tb->integer("id")->auto_increment()->next_row();
|
||||
tb->varchar("name", 60)->not_null()->next_row();
|
||||
tb->varchar("name_internal", 100)->not_null()->next_row();
|
||||
tb->varchar("settings", 200)->not_null()->next_row();
|
||||
tb->integer("base_permissions")->not_null()->next_row();
|
||||
tb->integer("rank_permissions")->not_null()->next_row();
|
||||
tb->primary_key("id");
|
||||
tb->ccreate_table();
|
||||
//tb->run_query();
|
||||
//tb->print();
|
||||
|
||||
//tb->result = "";
|
||||
|
||||
tb->create_table(_rbac_permissions_table);
|
||||
tb->integer("id")->auto_increment()->next_row();
|
||||
tb->integer("rank_id")->not_null()->next_row();
|
||||
tb->varchar("name", 60)->not_null()->next_row();
|
||||
tb->varchar("url", 100)->not_null()->next_row();
|
||||
tb->integer("sort_order")->not_null()->next_row();
|
||||
tb->integer("permissions")->not_null()->next_row();
|
||||
|
||||
tb->primary_key("id");
|
||||
tb->foreign_key("rank_id")->references(_rbac_ranks_table, "id");
|
||||
tb->ccreate_table();
|
||||
tb->run_query();
|
||||
//tb->print();
|
||||
}
|
||||
void RBACController::drop_table() {
|
||||
Ref<TableBuilder> tb = get_table_builder();
|
||||
|
||||
tb->drop_table_if_exists(_rbac_permissions_table)->drop_table_if_exists(_rbac_ranks_table)->run_query();
|
||||
//tb->print();
|
||||
}
|
||||
|
||||
void RBACController::create_default_entries() {
|
||||
Ref<RBACRank> admin;
|
||||
admin.instance();
|
||||
|
||||
admin->name = "Admin";
|
||||
admin->base_permissions = User::PERMISSION_ALL;
|
||||
admin->rank_permissions = RBAC_RANK_PERMISSION_ADMIN_PANEL;
|
||||
|
||||
db_save_rank(admin);
|
||||
|
||||
Ref<RBACRank> user;
|
||||
user.instance();
|
||||
|
||||
user->name = "User";
|
||||
//user->base_permissions = User::PERMISSION_READ;
|
||||
//user->rank_permissions = 0;
|
||||
|
||||
//temporary!
|
||||
user->base_permissions = User::PERMISSION_ALL;
|
||||
user->rank_permissions = RBAC_RANK_PERMISSION_ADMIN_PANEL;
|
||||
|
||||
db_save_rank(user);
|
||||
|
||||
Ref<RBACRank> guest;
|
||||
guest.instance();
|
||||
|
||||
guest->name = "Guest";
|
||||
guest->base_permissions = User::PERMISSION_READ;
|
||||
guest->rank_permissions = RBAC_RANK_PERMISSION_USE_REDIRECT;
|
||||
|
||||
db_save_rank(guest);
|
||||
}
|
||||
|
||||
|
||||
RBACController *RBACController::get_singleton() {
|
||||
return _self;
|
||||
}
|
||||
|
||||
RBACController::RBACController() :
|
||||
AdminNode() {
|
||||
|
||||
if (_self) {
|
||||
printf("RBACController::RBACController(): Error! self is not null!/n");
|
||||
}
|
||||
|
||||
_default_rank_id = 0;
|
||||
_default_user_rank_id = 0;
|
||||
|
||||
_rbac_ranks_table = "rbac_ranks";
|
||||
_rbac_permissions_table = "rbac_permissions";
|
||||
|
||||
_self = this;
|
||||
}
|
||||
|
||||
RBACController::~RBACController() {
|
||||
if (_self == this) {
|
||||
_self = nullptr;
|
||||
}
|
||||
}
|
||||
|
||||
RBACController *RBACController::_self = nullptr;
|
@ -1,127 +0,0 @@
|
||||
#ifndef RBAC_CONTROLLER_H
|
||||
#define RBAC_CONTROLLER_H
|
||||
|
||||
#include <map>
|
||||
|
||||
#include "web_modules/admin_panel/admin_node.h"
|
||||
|
||||
#include "core/containers/vector.h"
|
||||
#include "core/string.h"
|
||||
|
||||
#include "rbac_permission.h"
|
||||
#include "rbac_rank.h"
|
||||
|
||||
class Request;
|
||||
class FormValidator;
|
||||
|
||||
class RBACController : public AdminNode {
|
||||
RCPP_OBJECT(RBACController, AdminNode);
|
||||
|
||||
public:
|
||||
void handle_request_main(Request *request);
|
||||
void create_validators();
|
||||
|
||||
void admin_handle_request_main(Request *request);
|
||||
String admin_get_section_name();
|
||||
void admin_add_section_links(Vector<AdminSectionLinkInfo> *links);
|
||||
|
||||
struct RBACAdminRankViewData {
|
||||
Ref<RBACRank> rank;
|
||||
Vector<String> messages;
|
||||
|
||||
int id = 0;
|
||||
String name = "";
|
||||
String name_internal = "";
|
||||
String settings = "";
|
||||
int rank_permissions = 0;
|
||||
};
|
||||
|
||||
void admin_handle_new_rank(Request *request);
|
||||
void admin_handle_edit_rank(Request *request);
|
||||
void render_rank_view(Request *request, RBACAdminRankViewData *data);
|
||||
|
||||
struct RBACAdminEditPermissionView {
|
||||
Ref<RBACRank> rank;
|
||||
Ref<RBACPermission> permission;
|
||||
Vector<String> messages;
|
||||
|
||||
int rank_id = 0;
|
||||
int permission_id = 0;
|
||||
};
|
||||
|
||||
void admin_permission_editor(Request *request);
|
||||
void admin_render_permission_editor_main_view(Request *request, RBACAdminEditPermissionView *data);
|
||||
void admin_render_permission_editor_entry_edit_create_view(Request *request, RBACAdminEditPermissionView *data);
|
||||
bool admin_process_permission_editor_entry_edit_create_post(Request *request, RBACAdminEditPermissionView *data);
|
||||
|
||||
void admin_render_rank_list(Request *request);
|
||||
void admin_render_rank_editor(Request *request);
|
||||
|
||||
void register_permission(const String &name, const int val);
|
||||
void register_rank_permission(const String &name, const int val);
|
||||
void clear_registered_permissions();
|
||||
|
||||
void initialize();
|
||||
virtual void register_permissions();
|
||||
|
||||
Ref<RBACRank> get_rank(int rank_id);
|
||||
|
||||
int get_default_user_rank_id();
|
||||
Ref<RBACRank> get_default_user_rank();
|
||||
|
||||
int get_default_rank_id();
|
||||
Ref<RBACRank> get_default_rank();
|
||||
|
||||
String &get_redirect_url();
|
||||
|
||||
bool continue_on_missing_default_rank();
|
||||
|
||||
// db
|
||||
|
||||
virtual std::map<int, Ref<RBACRank> > db_load_ranks();
|
||||
|
||||
virtual void db_save(const Ref<RBACRank> &rank);
|
||||
virtual void db_save_rank(const Ref<RBACRank> &rank);
|
||||
virtual void db_save_permission(const Ref<RBACPermission> &permission);
|
||||
virtual int db_get_default_rank();
|
||||
virtual int db_get_default_user_rank();
|
||||
virtual String db_get_redirect_url();
|
||||
|
||||
void create_table();
|
||||
void drop_table();
|
||||
void create_default_entries();
|
||||
|
||||
static RBACController *get_singleton();
|
||||
|
||||
RBACController();
|
||||
~RBACController();
|
||||
|
||||
protected:
|
||||
static RBACController *_self;
|
||||
|
||||
int _default_rank_id;
|
||||
int _default_user_rank_id;
|
||||
std::map<int, Ref<RBACRank> > _ranks;
|
||||
String _redirect_url;
|
||||
|
||||
struct PermissionEntry {
|
||||
String name;
|
||||
int value;
|
||||
|
||||
PermissionEntry() {
|
||||
}
|
||||
|
||||
PermissionEntry(const String &p_name, const int p_val) {
|
||||
name = p_name;
|
||||
value = p_val;
|
||||
}
|
||||
};
|
||||
|
||||
String _rbac_ranks_table;
|
||||
String _rbac_permissions_table;
|
||||
|
||||
Vector<PermissionEntry> _registered_permissions;
|
||||
Vector<PermissionEntry> _registered_rank_permissions;
|
||||
};
|
||||
|
||||
#endif
|
@ -1,9 +0,0 @@
|
||||
#ifndef RBAC_DEFAULT_PERMISSIONS_H
|
||||
#define RBAC_DEFAULT_PERMISSIONS_H
|
||||
|
||||
enum RBACDefaultRankPermissions {
|
||||
RBAC_RANK_PERMISSION_ADMIN_PANEL = 1 << 0,
|
||||
RBAC_RANK_PERMISSION_USE_REDIRECT = 1 << 1,
|
||||
};
|
||||
|
||||
#endif
|
@ -1,21 +0,0 @@
|
||||
#include "rbac_permission.h"
|
||||
|
||||
bool RBACPermission::is_smaller(const Ref<RBACPermission> &b) const {
|
||||
if (!b.is_valid()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return sort_order < b->sort_order;
|
||||
}
|
||||
|
||||
RBACPermission::RBACPermission() :
|
||||
Resource() {
|
||||
|
||||
id = 0;
|
||||
rank_id = 0;
|
||||
sort_order = 0;
|
||||
permissions = 0;
|
||||
}
|
||||
|
||||
RBACPermission::~RBACPermission() {
|
||||
}
|
@ -1,25 +0,0 @@
|
||||
#ifndef RBAC_PERMISSION_H
|
||||
#define RBAC_PERMISSION_H
|
||||
|
||||
#include "core/string.h"
|
||||
|
||||
#include "core/resource.h"
|
||||
|
||||
class RBACPermission : public Resource {
|
||||
RCPP_OBJECT(RBACPermission, Resource);
|
||||
|
||||
public:
|
||||
int id;
|
||||
int rank_id;
|
||||
String name;
|
||||
String url;
|
||||
int sort_order;
|
||||
int permissions;
|
||||
|
||||
bool is_smaller(const Ref<RBACPermission> &b) const;
|
||||
|
||||
RBACPermission();
|
||||
~RBACPermission();
|
||||
};
|
||||
|
||||
#endif
|
@ -1,77 +0,0 @@
|
||||
#include "rbac_rank.h"
|
||||
|
||||
#include "web/http/request.h"
|
||||
|
||||
Ref<RBACPermission> RBACRank::match_request(Request *request) {
|
||||
const String &full_path = request->get_path_full();
|
||||
|
||||
Ref<RBACPermission> perm;
|
||||
int current_max = 0;
|
||||
|
||||
for (int i = 0; i < permissions.size(); ++i) {
|
||||
Ref<RBACPermission> p;
|
||||
|
||||
if (!p.is_valid()) {
|
||||
continue;
|
||||
}
|
||||
|
||||
int c = full_path.first_difference_index(p->url);
|
||||
|
||||
if (c > current_max) {
|
||||
perm = p;
|
||||
current_max = c;
|
||||
}
|
||||
}
|
||||
|
||||
return perm;
|
||||
}
|
||||
|
||||
bool RBACRank::get_permissions(Request *request) {
|
||||
int perm = base_permissions;
|
||||
|
||||
Ref<RBACPermission> match = match_request(request);
|
||||
|
||||
if (match.is_valid()) {
|
||||
perm = match->permissions;
|
||||
}
|
||||
|
||||
return perm;
|
||||
}
|
||||
|
||||
bool RBACRank::has_permission(Request *request, const int permission) {
|
||||
int perm = base_permissions;
|
||||
|
||||
Ref<RBACPermission> match = match_request(request);
|
||||
|
||||
if (match.is_valid()) {
|
||||
perm = match->permissions;
|
||||
}
|
||||
|
||||
return (perm & permission) != 0;
|
||||
}
|
||||
|
||||
bool RBACRank::has_rank_permission(const int permission) {
|
||||
return (rank_permissions & permission) != 0;
|
||||
}
|
||||
|
||||
void RBACRank::sort_permissions() {
|
||||
for (int i = 0; i < permissions.size(); ++i) {
|
||||
for (int j = i + 1; j < permissions.size(); ++j) {
|
||||
if (permissions[j]->is_smaller(permissions[i])) {
|
||||
permissions.swap(i, j);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
RBACRank::RBACRank() :
|
||||
Resource() {
|
||||
|
||||
id = 0;
|
||||
base_permissions = 0;
|
||||
rank_permissions = 0;
|
||||
}
|
||||
|
||||
RBACRank::~RBACRank() {
|
||||
permissions.clear();
|
||||
}
|
@ -1,40 +0,0 @@
|
||||
#ifndef RBAC_RANK_H
|
||||
#define RBAC_RANK_H
|
||||
|
||||
#include "core/string.h"
|
||||
#include "core/containers/vector.h"
|
||||
|
||||
#include "core/resource.h"
|
||||
|
||||
#include "rbac_permission.h"
|
||||
|
||||
class Request;
|
||||
|
||||
class RBACRank : public Resource {
|
||||
RCPP_OBJECT(RBACRank, Resource);
|
||||
|
||||
public:
|
||||
int id;
|
||||
|
||||
String name;
|
||||
String name_internal;
|
||||
String settings;
|
||||
|
||||
int base_permissions;
|
||||
int rank_permissions;
|
||||
|
||||
Vector<Ref<RBACPermission> > permissions;
|
||||
|
||||
Ref<RBACPermission> match_request(Request *request);
|
||||
|
||||
bool get_permissions(Request *request);
|
||||
bool has_permission(Request *request, const int permission);
|
||||
bool has_rank_permission(const int permission);
|
||||
|
||||
void sort_permissions();
|
||||
|
||||
RBACRank();
|
||||
~RBACRank();
|
||||
};
|
||||
|
||||
#endif
|
@ -1,37 +0,0 @@
|
||||
#include "rbac_user.h"
|
||||
|
||||
int RBACUser::get_permissions(Request *request) {
|
||||
if (!rbac_rank.is_valid()) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
return rbac_rank->get_permissions(request);
|
||||
}
|
||||
bool RBACUser::has_permission(Request *request, const int permission) {
|
||||
if (!rbac_rank.is_valid()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return rbac_rank->has_permission(request, permission);
|
||||
}
|
||||
int RBACUser::get_additional_permissions(Request *request) {
|
||||
if (!rbac_rank.is_valid()) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
return rbac_rank->rank_permissions;
|
||||
}
|
||||
bool RBACUser::has_additional_permission(Request *request, const int permission) {
|
||||
if (!rbac_rank.is_valid()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return rbac_rank->rank_permissions & permission;
|
||||
}
|
||||
|
||||
RBACUser::RBACUser() :
|
||||
User() {
|
||||
}
|
||||
|
||||
RBACUser::~RBACUser() {
|
||||
}
|
@ -1,27 +0,0 @@
|
||||
#ifndef RBAC_USER_H
|
||||
#define RBAC_USER_H
|
||||
|
||||
#include "core/string.h"
|
||||
|
||||
#include "web_modules/users/user.h"
|
||||
#include "web_modules/rbac/rbac_rank.h"
|
||||
|
||||
class Request;
|
||||
class FormValidator;
|
||||
|
||||
class RBACUser : public User {
|
||||
RCPP_OBJECT(RBACUser, User);
|
||||
|
||||
public:
|
||||
Ref<RBACRank> rbac_rank;
|
||||
|
||||
int get_permissions(Request *request);
|
||||
bool has_permission(Request *request, const int permission);
|
||||
int get_additional_permissions(Request *request);
|
||||
bool has_additional_permission(Request *request, const int permission);
|
||||
|
||||
RBACUser();
|
||||
~RBACUser();
|
||||
};
|
||||
|
||||
#endif
|
@ -1,146 +0,0 @@
|
||||
#include "rbac_user_controller.h"
|
||||
|
||||
#include "web/http/http_session.h"
|
||||
#include "web/http/request.h"
|
||||
|
||||
#include "web_modules/rbac/rbac_controller.h"
|
||||
#include "web_modules/rbac/rbac_default_permissions.h"
|
||||
#include "rbac_user.h"
|
||||
|
||||
Ref<User> RBACUserController::db_get_user(const int id) {
|
||||
Ref<RBACUser> u = UserController::db_get_user(id);
|
||||
|
||||
if (u.is_valid()) {
|
||||
u->rbac_rank = RBACController::get_singleton()->get_rank(u->rank);
|
||||
}
|
||||
|
||||
return u;
|
||||
}
|
||||
Ref<User> RBACUserController::db_get_user(const String &user_name_input) {
|
||||
Ref<RBACUser> u = UserController::db_get_user(user_name_input);
|
||||
|
||||
if (u.is_valid()) {
|
||||
u->rbac_rank = RBACController::get_singleton()->get_rank(u->rank);
|
||||
}
|
||||
|
||||
return u;
|
||||
}
|
||||
|
||||
Vector<Ref<User> > RBACUserController::db_get_all() {
|
||||
Vector<Ref<User> > users = UserController::db_get_all();
|
||||
|
||||
for (int i = 0; i < users.size(); ++i) {
|
||||
Ref<RBACUser> u = users[i];
|
||||
|
||||
if (u.is_valid()) {
|
||||
u->rbac_rank = RBACController::get_singleton()->get_rank(u->rank);
|
||||
}
|
||||
}
|
||||
|
||||
return users;
|
||||
}
|
||||
|
||||
Ref<User> RBACUserController::create_user() {
|
||||
Ref<RBACUser> u;
|
||||
u.instance();
|
||||
|
||||
u->rank = RBACController::get_singleton()->get_default_user_rank_id();
|
||||
u->rbac_rank = RBACController::get_singleton()->get_rank(u->rank);
|
||||
|
||||
return u;
|
||||
}
|
||||
|
||||
RBACUserController::RBACUserController() :
|
||||
UserController() {
|
||||
}
|
||||
|
||||
RBACUserController::~RBACUserController() {
|
||||
}
|
||||
|
||||
// returnring true means handled, false means continue
|
||||
bool RBACUserSessionSetupMiddleware::on_before_handle_request_main(Request *request) {
|
||||
if (request->session.is_valid()) {
|
||||
int user_id = request->session->get_int("user_id");
|
||||
|
||||
if (user_id != 0) {
|
||||
|
||||
Ref<RBACUser> u = UserController::get_singleton()->db_get_user(user_id);
|
||||
|
||||
if (u.is_valid()) {
|
||||
request->reference_data["user"] = u;
|
||||
} else {
|
||||
// log
|
||||
request->session->remove("user_id");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
RBACUserSessionSetupMiddleware::RBACUserSessionSetupMiddleware() {
|
||||
}
|
||||
RBACUserSessionSetupMiddleware::~RBACUserSessionSetupMiddleware() {
|
||||
}
|
||||
|
||||
// returnring true means handled, false means continue
|
||||
bool RBACDefaultUserSessionSetupMiddleware::on_before_handle_request_main(Request *request) {
|
||||
// note: add a new file handler middleware func, so basic file handling is easy to set up before this
|
||||
|
||||
Ref<RBACRank> rank;
|
||||
|
||||
if (request->session.is_valid()) {
|
||||
int user_id = request->session->get_int("user_id");
|
||||
|
||||
if (user_id != 0) {
|
||||
|
||||
Ref<RBACUser> u = UserController::get_singleton()->db_get_user(user_id);
|
||||
|
||||
if (u.is_valid()) {
|
||||
rank = u->rbac_rank;
|
||||
|
||||
request->reference_data["user"] = u;
|
||||
} else {
|
||||
// log
|
||||
request->session->remove("user_id");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!rank.is_valid()) {
|
||||
rank = RBACController::get_singleton()->get_default_rank();
|
||||
|
||||
if (!rank.is_valid()) {
|
||||
if (RBACController::get_singleton()->continue_on_missing_default_rank()) {
|
||||
RLOG_ERR("get_default_rank() has not been set up properly!!! Continuing!");
|
||||
return false;
|
||||
} else {
|
||||
RLOG_ERR("get_default_rank() has not been set up properly!!! Sending 404!");
|
||||
request->send_error(404);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
if (!rank->has_permission(request, User::PERMISSION_READ)) {
|
||||
if (rank->has_rank_permission(RBAC_RANK_PERMISSION_USE_REDIRECT)) {
|
||||
// Note this can make the webapp prone to enumerations, if not done correctly
|
||||
// e.g. redirect from /admin, but sending 404 on a non existing uri, which does not have
|
||||
// a special rbac entry
|
||||
request->send_redirect(RBACController::get_singleton()->get_redirect_url());
|
||||
return true;
|
||||
}
|
||||
|
||||
request->send_error(404);
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
RBACDefaultUserSessionSetupMiddleware::RBACDefaultUserSessionSetupMiddleware() {
|
||||
}
|
||||
RBACDefaultUserSessionSetupMiddleware::~RBACDefaultUserSessionSetupMiddleware() {
|
||||
}
|
@ -1,54 +0,0 @@
|
||||
#ifndef RBAC_USER_CONTROLLER_H
|
||||
#define RBAC_USER_CONTROLLER_H
|
||||
|
||||
#include "web_modules/users/user_controller.h"
|
||||
|
||||
#include "web/http/middleware.h"
|
||||
|
||||
class Request;
|
||||
|
||||
class RBACUserController : public UserController {
|
||||
RCPP_OBJECT(RBACUserController, UserController);
|
||||
|
||||
public:
|
||||
// db
|
||||
|
||||
Ref<User> db_get_user(const int id);
|
||||
Ref<User> db_get_user(const String &user_name_input);
|
||||
|
||||
Vector<Ref<User> > db_get_all();
|
||||
|
||||
Ref<User> create_user();
|
||||
|
||||
RBACUserController();
|
||||
~RBACUserController();
|
||||
|
||||
protected:
|
||||
};
|
||||
|
||||
// just session setup
|
||||
class RBACUserSessionSetupMiddleware : public Middleware {
|
||||
RCPP_OBJECT(RBACUserSessionSetupMiddleware, Middleware);
|
||||
|
||||
public:
|
||||
//returnring true means handled, false means continue
|
||||
bool on_before_handle_request_main(Request *request);
|
||||
|
||||
RBACUserSessionSetupMiddleware();
|
||||
~RBACUserSessionSetupMiddleware();
|
||||
};
|
||||
|
||||
// this one also handles missing read permission / redirect
|
||||
class RBACDefaultUserSessionSetupMiddleware : public Middleware {
|
||||
RCPP_OBJECT(RBACDefaultUserSessionSetupMiddleware, Middleware);
|
||||
|
||||
public:
|
||||
//returnring true means handled, false means continue
|
||||
bool on_before_handle_request_main(Request *request);
|
||||
|
||||
RBACDefaultUserSessionSetupMiddleware();
|
||||
~RBACDefaultUserSessionSetupMiddleware();
|
||||
};
|
||||
|
||||
|
||||
#endif
|
Loading…
Reference in New Issue
Block a user