qt6/cutelyst4/roleacl_8cpp_source.html

/*

 * SPDX-FileCopyrightText: (C) 2014-2022 Daniel Nicoletti <dantti12@gmail.com>

 * SPDX-License-Identifier: BSD-3-Clause

 */

#include "common.h"

#include "roleacl_p.h"


#include <Cutelyst/Controller>

#include <Cutelyst/Dispatcher>

#include <Cutelyst/Plugins/Authentication/authentication.h>


using namespace Cutelyst;


RoleACL::RoleACL(QObject *parent)

    : Component(new RoleACLPrivate, parent)

{

}


Component::Modifiers RoleACL::modifiers() const

{

    return AroundExecute;

}


bool RoleACL::init(Cutelyst::Application *application, const QVariantHash &args)

{

    Q_D(RoleACL);

    Q_UNUSED(application)


    const auto attributes = args.value(QLatin1String("attributes")).value<ParamsMultiMap>();

    d->actionReverse      = args.value(QLatin1String("reverse")).toString();


    if (!attributes.contains(QLatin1String("RequiresRole")) &&

        !attributes.contains(QLatin1String("AllowedRole"))) {

        qFatal("RoleACL: Action %s requires at least one RequiresRole or AllowedRole attribute",

               qPrintable(d->actionReverse));

    } else {

        const QStringList required = attributes.values(QLatin1String("RequiresRole"));

        for (const QString &role : required) {

            d->requiresRole.append(role);

        }


        const QStringList allowed = attributes.values(QLatin1String("AllowedRole"));

        for (const QString &role : allowed) {

            d->allowedRole.append(role);

        }

    }


    auto it = attributes.constFind(QLatin1String("ACLDetachTo"));

    if (it == attributes.constEnd() || it.value().isEmpty()) {

        qFatal("RoleACL: Action %s requires the ACLDetachTo(<action>) attribute",

               qPrintable(d->actionReverse));

    }

    d->aclDetachTo = it.value();


    return true;

}


bool RoleACL::aroundExecute(Context *c, QStack<Cutelyst::Component *> stack)

{

    Q_D(const RoleACL);


    if (canVisit(c)) {

        return Component::aroundExecute(c, stack);

    }


    c->detach(d->detachTo);


    return false;

}


bool RoleACL::canVisit(Context *c) const

{

    Q_D(const RoleACL);


    const QStringList user_has =

        Authentication::user(c).value(QStringLiteral("roles")).toStringList();


    const QStringList required = d->requiresRole;

    const QStringList allowed  = d->allowedRole;


    if (!required.isEmpty() && !allowed.isEmpty()) {

        for (const QString &role : required) {

            if (!user_has.contains(role)) {

                return false;

            }

        }


        for (const QString &role : allowed) {

            if (user_has.contains(role)) {

                return true;

            }

        }

    } else if (!required.isEmpty()) {

        for (const QString &role : required) {

            if (!user_has.contains(role)) {

                return false;

            }

        }

        return true;

    } else if (!allowed.isEmpty()) {

        for (const QString &role : allowed) {

            if (user_has.contains(role)) {

                return true;

            }

        }

    }


    return false;

}


bool RoleACL::dispatcherReady(const Dispatcher *dispatcher, Cutelyst::Controller *controller)

{

    Q_D(RoleACL);

    Q_UNUSED(dispatcher)


    d->detachTo = controller->actionFor(d->aclDetachTo);

    if (!d->detachTo) {

        d->detachTo = dispatcher->getActionByPath(d->aclDetachTo);

        if (!d->detachTo) {

            qFatal(

                "RoleACL: Action '%s' requires a valid action set on the ACLDetachTo(%s) attribute",

                qPrintable(d->actionReverse),

                qPrintable(d->aclDetachTo));

        }

    }


    return true;

}


#include "moc_roleacl.cpp"

Cutelyst::Application
The Cutelyst application.
Definition application.h:66

Cutelyst::AuthenticationUser::value
QVariant value(const QString &key, const QVariant &defaultValue=QVariant()) const
Definition authenticationuser.h:121

Cutelyst::Authentication::user
static AuthenticationUser user(Context *c)
Definition authentication.cpp:105

Cutelyst::Component::Component
Component(QObject *parent=nullptr)
Definition component.cpp:11

Cutelyst::Component::aroundExecute
virtual bool aroundExecute(Context *c, QStack< Component * > stack)
Definition component.cpp:103

Cutelyst::Context
The Cutelyst Context.
Definition context.h:42

Cutelyst::Context::detach
void detach(Action *action=nullptr)
Definition context.cpp:340

Cutelyst::Controller
Cutelyst Controller base class.
Definition controller.h:56

Cutelyst::Controller::actionFor
Action * actionFor(QStringView name) const
Definition controller.cpp:260

Cutelyst::Dispatcher
The Cutelyst Dispatcher.
Definition dispatcher.h:29

Cutelyst::Dispatcher::getActionByPath
Action * getActionByPath(QStringView path) const
Definition dispatcher.cpp:233

Cutelyst::RoleACL::canVisit
bool canVisit(Context *c) const
Definition roleacl.cpp:180

Cutelyst::RoleACL::init
bool init(Application *application, const QVariantHash &args) override
Definition roleacl.cpp:133

Cutelyst::RoleACL::RoleACL
RoleACL(QObject *parent=nullptr)
Definition roleacl.cpp:123

Cutelyst::RoleACL::aroundExecute
bool aroundExecute(Context *c, QStack< Component * > stack) override
Definition roleacl.cpp:167

Cutelyst::RoleACL::modifiers
Modifiers modifiers() const override
Definition roleacl.cpp:128

Cutelyst::RoleACL::dispatcherReady
bool dispatcherReady(const Dispatcher *dispatcher, Controller *controller) override
Definition roleacl.cpp:220

Cutelyst::ParamsMultiMap
QMultiMap< QString, QString > ParamsMultiMap
Definition paramsmultimap.h:23

Cutelyst
The Cutelyst namespace holds all public Cutelyst API.
Definition group-core-actions.dox:1