cutelyst 4.3.0
A C++ Web Framework built on top of Qt, using the simple approach of Catalyst (Perl) framework.
roleacl.cpp
1/*
2 * SPDX-FileCopyrightText: (C) 2014-2022 Daniel Nicoletti <dantti12@gmail.com>
3 * SPDX-License-Identifier: BSD-3-Clause
4 */
5#include "common.h"
6#include "roleacl_p.h"
7
8#include <Cutelyst/Controller>
9#include <Cutelyst/Dispatcher>
10#include <Cutelyst/Plugins/Authentication/authentication.h>
11
12using namespace Cutelyst;
13
123RoleACL::RoleACL(QObject *parent)
124 : Component(new RoleACLPrivate, parent)
125{
126}
127
128Component::Modifiers RoleACL::modifiers() const
129{
130 return AroundExecute;
131}
132
133bool RoleACL::init(Cutelyst::Application *application, const QVariantHash &args)
134{
135 Q_D(RoleACL);
136 Q_UNUSED(application)
137
138 const auto attributes = args.value(QLatin1String("attributes")).value<ParamsMultiMap>();
139 d->actionReverse = args.value(QLatin1String("reverse")).toString();
140
141 if (!attributes.contains(QLatin1String("RequiresRole")) &&
142 !attributes.contains(QLatin1String("AllowedRole"))) {
143 qFatal("RoleACL: Action %s requires at least one RequiresRole or AllowedRole attribute",
144 qPrintable(d->actionReverse));
145 } else {
146 const QStringList required = attributes.values(QLatin1String("RequiresRole"));
147 for (const QString &role : required) {
148 d->requiresRole.append(role);
149 }
150
151 const QStringList allowed = attributes.values(QLatin1String("AllowedRole"));
152 for (const QString &role : allowed) {
153 d->allowedRole.append(role);
154 }
155 }
156
157 auto it = attributes.constFind(QLatin1String("ACLDetachTo"));
158 if (it == attributes.constEnd() || it.value().isEmpty()) {
159 qFatal("RoleACL: Action %s requires the ACLDetachTo(<action>) attribute",
160 qPrintable(d->actionReverse));
161 }
162 d->aclDetachTo = it.value();
163
164 return true;
165}
166
167bool RoleACL::aroundExecute(Context *c, QStack<Cutelyst::Component *> stack)
168{
169 Q_D(const RoleACL);
170
171 if (canVisit(c)) {
172 return Component::aroundExecute(c, stack);
173 }
174
175 c->detach(d->detachTo);
176
177 return false;
178}
179
180bool RoleACL::canVisit(Context *c) const
181{
182 Q_D(const RoleACL);
183
184 const QStringList user_has =
185 Authentication::user(c).value(QStringLiteral("roles")).toStringList();
186
187 const QStringList required = d->requiresRole;
188 const QStringList allowed = d->allowedRole;
189
190 if (!required.isEmpty() && !allowed.isEmpty()) {
191 for (const QString &role : required) {
192 if (!user_has.contains(role)) {
193 return false;
194 }
195 }
196
197 for (const QString &role : allowed) {
198 if (user_has.contains(role)) {
199 return true;
200 }
201 }
202 } else if (!required.isEmpty()) {
203 for (const QString &role : required) {
204 if (!user_has.contains(role)) {
205 return false;
206 }
207 }
208 return true;
209 } else if (!allowed.isEmpty()) {
210 for (const QString &role : allowed) {
211 if (user_has.contains(role)) {
212 return true;
213 }
214 }
215 }
216
217 return false;
218}
219
220bool RoleACL::dispatcherReady(const Dispatcher *dispatcher, Cutelyst::Controller *controller)
221{
222 Q_D(RoleACL);
223 Q_UNUSED(dispatcher)
224
225 d->detachTo = controller->actionFor(d->aclDetachTo);
226 if (!d->detachTo) {
227 d->detachTo = dispatcher->getActionByPath(d->aclDetachTo);
228 if (!d->detachTo) {
229 qFatal(
230 "RoleACL: Action '%s' requires a valid action set on the ACLDetachTo(%s) attribute",
231 qPrintable(d->actionReverse),
232 qPrintable(d->aclDetachTo));
233 }
234 }
235
236 return true;
237}
238
239#include "moc_roleacl.cpp"
Cutelyst::Application
The Cutelyst application.
Definition application.h:66
Cutelyst::AuthenticationUser::value
QVariant value(const QString &key, const QVariant &defaultValue=QVariant()) const
Definition authenticationuser.h:121
Cutelyst::Authentication::user
static AuthenticationUser user(Context *c)
Definition authentication.cpp:105
Cutelyst::Component
The Cutelyst Component base class.
Definition component.h:30
Cutelyst::Component::aroundExecute
virtual bool aroundExecute(Context *c, QStack< Component * > stack)
Definition component.cpp:103
Cutelyst::Context
The Cutelyst Context.
Definition context.h:42
Cutelyst::Context::detach
void detach(Action *action=nullptr)
Definition context.cpp:339
Cutelyst::Controller
Cutelyst Controller base class.
Definition controller.h:56
Cutelyst::Controller::actionFor
Action * actionFor(QStringView name) const
Definition controller.cpp:259
Cutelyst::Dispatcher
The Cutelyst Dispatcher.
Definition dispatcher.h:29
Cutelyst::Dispatcher::getActionByPath
Action * getActionByPath(QStringView path) const
Definition dispatcher.cpp:232
Cutelyst::RoleACL
User role-based authorization action role.
Definition roleacl.h:19
Cutelyst::RoleACL::canVisit
bool canVisit(Context *c) const
Definition roleacl.cpp:180
Cutelyst::RoleACL::init
bool init(Application *application, const QVariantHash &args) override
Definition roleacl.cpp:133
Cutelyst::RoleACL::RoleACL
RoleACL(QObject *parent=nullptr)
Definition roleacl.cpp:123
Cutelyst::RoleACL::aroundExecute
bool aroundExecute(Context *c, QStack< Component * > stack) override
Definition roleacl.cpp:167
Cutelyst::RoleACL::modifiers
Modifiers modifiers() const override
Definition roleacl.cpp:128
Cutelyst::RoleACL::dispatcherReady
virtual bool dispatcherReady(const Dispatcher *dispatcher, Controller *controller) override
Definition roleacl.cpp:220
Cutelyst
The Cutelyst namespace holds all public Cutelyst API.
Definition group-core-actions.dox:1
QList::append
void append(QList::parameter_type value)
QList::isEmpty
bool isEmpty() const const
QMultiMap::value
T value(const Key &key, const T &defaultValue) const const
QStringList::contains
bool contains(QLatin1StringView str, Qt::CaseSensitivity cs) const const
QVariant::toStringList
QStringList toStringList() const const