116 , _defaultAllow(defaultAllow)
117 , _superadmin(superadmin)
118 , _initialized(false)
138 s->
_data = QJsonDocument();
150 QMutexLocker l2(&
_lock);
178 if ( r->
_path.startsWith(
"browse") )
194 QMutexLocker l2(&
_lock);
229 QMutexLocker l2(&
_lock);
233 bool notifyRequestor =
false;
234 QList<VFS_request *> queries;
236 QJsonObject o = r->
_data.object();
237 QJsonObject::iterator it;
238 for (it = o.begin(); it != o.end(); it++)
240 QString k = it.key();
241 QJsonValue v = it.value();
245 if (v.toBool()==
true)
250 r->
_reason =
"Entry already exists.\n\nWon't create a duplicate ACL entry.";
258 notifyRequestor =
true;
262 VFS::WARN( QString(
"Request to create new acl '%1', but received false. Ignoring.").arg(k) );
306 if (r->
_path.startsWith(
"browse"))
309 s->
_path = r->
_path.mid( QString(
"browse/").length() );
328 if (r->
_path.startsWith(
"browse"))
331 s->
_path = r->
_path.mid( QString(
"browse/").length() );
351 QMutexLocker l2(&
_lock);
376 o[p] = r->
_data.object();
411 bool wasDefault =
false;
412 bool allowed =
false;
468 QMutexLocker l2(&
_lock);
473 printf(
"ACL check: %s (%s)\n",qUtf8Printable(path),qUtf8Printable(feature));
494 printf(
" check 0: %s %d\n",qUtf8Printable(path),d);
501 printf(
" check 1: %s %d\n",qUtf8Printable(path),d);
506 if (o.contains(
"default"))
507 d = o[
"default"].toBool();
509 if (o.contains(
"groups"))
510 g = o[
"groups"].toObject();
512 if (o.contains(
"users"))
513 u = o[
"users"].toObject();
515 if (o.contains(
"features"))
516 f = o[
"features"].toObject();
525 printf(
" check 2: %s %d\n",qUtf8Printable(path),d);
528 for (
int i=0;i<groups.size();i++)
529 if (g.contains(groups[i].toString()))
530 d = g[groups[i].toString()].toBool();
533 printf(
" check 3: %s %d\n",qUtf8Printable(path),d);
536 if (u.contains(user))
537 d = u[user].toBool(d);
540 printf(
" check 4: %s %d\n",qUtf8Printable(path),d);
543 if (feature !=
"" && f.contains(feature))
545 QJsonObject ff,fg,fu;
547 ff = f[feature].toObject();
549 if (ff.contains(
"default"))
550 d = ff[
"default"].toBool();
552 fg = ff[
"groups"].toObject();
553 fu = ff[
"users"].toObject();
555 for (
int j=0;j<groups.size();j++)
556 if (fg.contains(groups[j].toString()))
557 d = fg[groups[j].toString()].toBool();
559 if (fu.contains(user))
560 d = fu[user].toBool(d);
The ACL class for maintaining permission to nodes.
bool _defaultAllow
The default value if an entry is not found.
static QList< VFS_acl * > _accessControlLists
The ACLs that have been registered to the VFS.
static QMutex _accessControlLock
A mutex used to modify the _accessControlFeatures.
virtual void unsubscribe(VFS_request *r)
Perform a normal VFS_node::unsubscribe, unless the path is "browse".
virtual void read(VFS_request *r)
Read the ACL entries.
QString _vfspath
The VFS path of this node.
bool privateCheckAllowAccess(VFS_session *s, QString path, QString feature, bool &wasDefault)
Check if a request has access to a resource.
virtual void submit(VFS_request *r)
Submit features or settings to the ACL.
QString _superadmin
A single user who these ACLs will not apply to regardless of ACL file.
virtual void initialize()
Initialize the ACL by subscribing to its data file.
static bool checkAllowAccess(VFS_session *s, QString path, QString feature="")
Check if a session has access to a resource.
virtual bool isContainer()
VFS_acl nodes cannot contain children.
Q_INVOKABLE VFS_acl(QString vfspath, QString path, bool defaultAllow=true, QString superadmin="")
Construct a VFS_acl object.
virtual void receiveResponse(VFS_request *r)
A request has been completed, respond to the results.
virtual QString reportDetails()
Report data about an ACL.
virtual void subscribe(VFS_request *r)
Perform a normal VFS_node::subscribe, unless the path is "browse".
bool _initialized
Whether or not the settings file has been loaded.
static void registerACL(VFS_acl *acl)
Add an acl to the _accessControlLists list.
static QStringList fetchACLPaths()
Fetch the VFS path to each registered ACL file.
QString _path
The VFS path to an ACL settings file.
QJsonObject _accessControlList
The ACL entries.
virtual VFS_node * find(VFS_request *r)
Find a child based on a VFS_request::_path.
static void unregisterACL(VFS_acl *acl)
Remove an acl from the _accessControlLists list.
static QJsonObject applyJsonDiff(QJsonObject obj, QJsonObject diff, QString trace="", QString user="server")
Apply a json diff to a json object.
VFS_node is the base class from which all other VFS_node classes derive.
virtual VFS_request * createRequest(VFS_request::requestType type, QString path, QString user="unknown", QJsonDocument data=QJsonDocument(), QJsonObject metadata=QJsonObject(), bool dontDelete=false)
Create a new VFS_request with this object as _origin.
virtual void issueRequest(VFS_request *t)
A convenience function.
static bool __isNode(VFS_node *)
Check to see if a node is in the global registry.
VFS_node * find(QString path)
Find a node by string path.
void diff(VFS_node *origin, VFS_request *t)
Emit a diff, which will trigger notifySubscribers() for a mounted node.
QString className()
Return the class name of a node.
QMutex _lock
A recursive mutex that is local to this node.
virtual void unsubscribe(VFS_request *r)
Remove an entry from this node's _subscription list.
virtual void subscribe(VFS_request *r)
Add an entry to this node's _subscription list.
virtual void receiveResponse(VFS_request *t)
Once a VFS_request has been completed, a response will be issued back to its _origin.
The base class for all requests between nodes.
@ read
read full contents (4)
@ acl
return the ACL defaults for this node (11)
@ subscribe
subscribe to a path (9)
requestType _requestType
the action this request is performing or requesting
QString _initialPath
the target path when the request was made (relative to the responder)
QStringList _prefixPath
the prefix elements found while searching for the target
QString _user
who initiated this request, mostly for logging
VFS_session * _session
The session associated with this request. This is an optional value, and care should be taken to chec...
QString _reason
if something (probably bad) happened, this is the reason
QString _path
the target path remnant... the remaining path element once the request has found its target
QList< notifyException > _notifyExceptions
a list of nodes not to send responses to for this transaction. For instance if a node submits to a no...
bool _success
if the request was successfully completed
QJsonDocument _data
the request payload
virtual VFS_request * getCallback(VFS_node *receiver)
Create and chain a VFS_request for a receiver.
QJsonObject _metadata
the request payload
The VFS_session object represents a single session.
QString _user
The username associated with this session.
QJsonArray _groups
The list of groups this user is a member of.
static VFS * root()
Return the root node of the VFS filesystem.
static void WARN(QString message, int level=0, QString user="server")
Send a message to the VFS::_warnings VFS_stream.
getter path
a getter DOCME