qt5/cutelyst3/roleacl_8cpp_source.html

/*

 * SPDX-FileCopyrightText: (C) 2014-2022 Daniel Nicoletti <dantti12@gmail.com>

 * SPDX-License-Identifier: BSD-3-Clause

 */

#include "common.h"

#include "roleacl_p.h"


#include <Cutelyst/Controller>

#include <Cutelyst/Dispatcher>

#include <Cutelyst/Plugins/Authentication/authentication.h>


using namespace Cutelyst;


RoleACL::RoleACL(QObject *parent)

    : Component(new RoleACLPrivate, parent)

{

}


Component::Modifiers RoleACL::modifiers() const

{

    return AroundExecute;

}


bool RoleACL::init(Cutelyst::Application *application, const QVariantHash &args)

{

    Q_D(RoleACL);

    Q_UNUSED(application)


    const auto attributes = args.value(QLatin1String("attributes")).value<ParamsMultiMap>();

    d->actionReverse      = args.value(QLatin1String("reverse")).toString();


    if (!attributes.contains(QLatin1String("RequiresRole")) &&

        !attributes.contains(QLatin1String("AllowedRole"))) {

        qFatal("RoleACL: Action %s requires at least one RequiresRole or AllowedRole attribute",

               qPrintable(d->actionReverse));

    } else {

        const QStringList required = attributes.values(QLatin1String("RequiresRole"));

        for (const QString &role : required) {

            d->requiresRole.append(role);

        }


        const QStringList allowed = attributes.values(QLatin1String("AllowedRole"));

        for (const QString &role : allowed) {

            d->allowedRole.append(role);

        }

    }


    auto it = attributes.constFind(QLatin1String("ACLDetachTo"));

    if (it == attributes.constEnd() || it.value().isEmpty()) {

        qFatal("RoleACL: Action %s requires the ACLDetachTo(<action>) attribute",

               qPrintable(d->actionReverse));

    }

    d->aclDetachTo = it.value();


    return true;

}


bool RoleACL::aroundExecute(Context *c, QStack<Cutelyst::Component *> stack)

{

    Q_D(const RoleACL);


    if (canVisit(c)) {

        return Component::aroundExecute(c, stack);

    }


    c->detach(d->detachTo);


    return false;

}


bool RoleACL::canVisit(Context *c) const

{

    Q_D(const RoleACL);


    const QStringList user_has =

        Authentication::user(c).value(QStringLiteral("roles")).toStringList();


    const QStringList required = d->requiresRole;

    const QStringList allowed  = d->allowedRole;


    if (!required.isEmpty() && !allowed.isEmpty()) {

        for (const QString &role : required) {

            if (!user_has.contains(role)) {

                return false;

            }

        }


        for (const QString &role : allowed) {

            if (user_has.contains(role)) {

                return true;

            }

        }

    } else if (!required.isEmpty()) {

        for (const QString &role : required) {

            if (!user_has.contains(role)) {

                return false;

            }

        }

        return true;

    } else if (!allowed.isEmpty()) {

        for (const QString &role : allowed) {

            if (user_has.contains(role)) {

                return true;

            }

        }

    }


    return false;

}


bool RoleACL::dispatcherReady(const Dispatcher *dispatcher, Cutelyst::Controller *controller)

{

    Q_D(RoleACL);

    Q_UNUSED(dispatcher)


    d->detachTo = controller->actionFor(d->aclDetachTo);

    if (!d->detachTo) {

        d->detachTo = dispatcher->getActionByPath(d->aclDetachTo);

        if (!d->detachTo) {

            qFatal(

                "RoleACL: Action '%s' requires a valid action set on the ACLDetachTo(%s) attribute",

                qPrintable(d->actionReverse),

                qPrintable(d->aclDetachTo));

        }

    }


    return true;

}


#include "moc_roleacl.cpp"

Cutelyst::Application
The Cutelyst Application.
Definition application.h:43

Cutelyst::Authentication::user
static AuthenticationUser user(Context *c)
Definition authentication.cpp:108

Cutelyst::Component::Component
Component(QObject *parent=nullptr)
Definition component.cpp:11

Cutelyst::Component::aroundExecute
virtual bool aroundExecute(Context *c, QStack< Component * > stack)
Definition component.cpp:103

Cutelyst::Context
The Cutelyst Context.
Definition context.h:39

Cutelyst::Context::detach
void detach(Action *action=nullptr)
Definition context.cpp:345

Cutelyst::Controller
Cutelyst Controller base class
Definition controller.h:88

Cutelyst::Controller::actionFor
Action * actionFor(const QString &name) const
Definition controller.cpp:36

Cutelyst::Dispatcher
The Cutelyst Dispatcher.
Definition dispatcher.h:28

Cutelyst::Dispatcher::getActionByPath
Action * getActionByPath(const QString &path) const
Definition dispatcher.cpp:223

Cutelyst::RoleACL::canVisit
bool canVisit(Context *c) const
Definition roleacl.cpp:179

Cutelyst::RoleACL::init
virtual bool init(Application *application, const QVariantHash &args) override
Definition roleacl.cpp:132

Cutelyst::RoleACL::RoleACL
RoleACL(QObject *parent=nullptr)
Definition roleacl.cpp:122

Cutelyst::RoleACL::aroundExecute
virtual bool aroundExecute(Context *c, QStack< Component * > stack) override
Definition roleacl.cpp:166

Cutelyst::RoleACL::modifiers
virtual Modifiers modifiers() const override
Definition roleacl.cpp:127

Cutelyst::RoleACL::dispatcherReady
virtual bool dispatcherReady(const Dispatcher *dispatcher, Controller *controller) override
Definition roleacl.cpp:219

Cutelyst
The Cutelyst namespace holds all public Cutelyst API.
Definition Mainpage.dox:8

Cutelyst::ParamsMultiMap
QMultiMap< QString, QString > ParamsMultiMap
Definition paramsmultimap.h:23

QLatin1String

QList::isEmpty
bool isEmpty() const const

QObject::QObject
QObject(QObject *parent)

QObject::parent
QObject * parent() const const

QStack

QString

QStringList

QStringList::contains
bool contains(const QString &str, Qt::CaseSensitivity cs) const const

QVariant::toStringList
QStringList toStringList() const const