18 #include "roleacl_p.h"
22 #include <Cutelyst/Plugins/Authentication/authentication.h>
23 #include <Cutelyst/Controller>
24 #include <Cutelyst/Dispatcher>
132 return AroundExecute;
138 Q_UNUSED(application)
140 const auto attributes = args.value(QLatin1String(
"attributes")).value<
ParamsMultiMap>();
141 d->actionReverse = args.value(QLatin1String(
"reverse")).toString();
143 if (!attributes.contains(QLatin1String(
"RequiresRole")) && !attributes.contains(QLatin1String(
"AllowedRole"))) {
144 qFatal(
"RoleACL: Action %s requires at least one RequiresRole or AllowedRole attribute", qPrintable(d->actionReverse));
146 const QStringList required = attributes.values(QLatin1String(
"RequiresRole"));
147 for (
const QString &role : required) {
148 d->requiresRole.append(role);
151 const QStringList allowed = attributes.values(QLatin1String(
"AllowedRole"));
152 for (
const QString &role : allowed) {
153 d->allowedRole.append(role);
157 auto it = attributes.constFind(QLatin1String(
"ACLDetachTo"));
158 if (it == attributes.constEnd() || it.value().isEmpty()) {
159 qFatal(
"RoleACL: Action %s requires the ACLDetachTo(<action>) attribute", qPrintable(d->actionReverse));
161 d->aclDetachTo = it.value();
183 const QStringList user_has =
Authentication::user(c).value(QStringLiteral(
"roles")).toStringList();
185 const QStringList required = d->requiresRole;
186 const QStringList allowed = d->allowedRole;
188 if (!required.isEmpty() && !allowed.isEmpty()) {
189 for (
const QString &role : required) {
190 if (!user_has.contains(role)) {
195 for (
const QString &role : allowed) {
196 if (user_has.contains(role)) {
200 }
else if (!required.isEmpty()) {
201 for (
const QString &role : required) {
202 if (!user_has.contains(role)) {
207 }
else if (!allowed.isEmpty()) {
208 for (
const QString &role : allowed) {
209 if (user_has.contains(role)) {
223 d->detachTo = controller->
actionFor(d->aclDetachTo);
227 qFatal(
"RoleACL: Action '%s' requires a valid action set on the ACLDetachTo(%s) attribute",
228 qPrintable(d->actionReverse), qPrintable(d->aclDetachTo));
235 #include "moc_roleacl.cpp"