/** * @fn editUserPermissionPrivate */ QueuedResult<bool> QueuedCorePrivateHelper::editUserPermissionPrivate( const long long _id, const QueuedEnums::Permission &_permission, const bool _add) { qCDebug(LOG_LIB) << "Edit permissions" << static_cast<int>(_permission) << "for user" << _id << "add" << _add; auto userObj = users()->user(_id); if (!userObj) { qCWarning(LOG_LIB) << "Could not find user with ID" << _id; return QueuedError("User does not exist", QueuedEnums::ReturnStatus::InvalidArgument); } // edit runtime permissions to get value auto perms = _add ? userObj->addPermission(_permission) : userObj->removePermission(_permission); auto permissions = static_cast<uint>(perms); qCInfo(LOG_LIB) << "New user permissions" << perms; // modify in database now QVariantHash payload = {{"permissions", permissions}}; bool status = database()->modify(QueuedDB::USERS_TABLE, _id, payload); if (!status) { qCWarning(LOG_LIB) << "Could not modify user record" << _id << "in database, do not edit it in memory"; // rollback in-memory values if (_add) userObj->removePermission(_permission); else userObj->addPermission(_permission); return QueuedError("", QueuedEnums::ReturnStatus::Error); } return true; }
// Return hunting and/or fishing permissions in the ResultSet. // Use a dummy identity. void getPermissions(ResultSet& permissions, bool hunting, bool fishing) { if (hunting) { addPermission(permissions, "hunting"); } if (fishing) { addPermission(permissions, "fishing"); } }
void ServerAllocation::handleCreatePermission(Request& request) { TraceL << "Handle Create Permission" << endl; // 9.2. Receiving a CreatePermission Request // // When the server receives the CreatePermission request, it processes // as per Section 4 plus the specific rules mentioned here. // // The message is checked for validity. The CreatePermission request // MUST contain at least one XOR-PEER-ADDRESS attribute and MAY contain // multiple such attributes. If no such attribute exists, or if any of // these attributes are invalid, then a 400 (Bad Request) error is // returned. If the request is valid, but the server is unable to // satisfy the request due to some capacity limit or similar, then a 508 // (Insufficient Capacity) error is returned. // // The server MAY impose restrictions on the IP address allowed in the // XOR-PEER-ADDRESS attribute -- if a value is not allowed, the server // rejects the request with a 403 (Forbidden) error. // // If the message is valid and the server is capable of carrying out the // request, then the server installs or refreshes a permission for the // IP address contained in each XOR-PEER-ADDRESS attribute as described // in Section 8. The port portion of each attribute is ignored and may // be any arbitrary value. // // The server then responds with a CreatePermission success response. // There are no mandatory attributes in the success response. // // NOTE: A server need not do anything special to implement // idempotency of CreatePermission requests over UDP using the // "stateless stack approach". Retransmitted CreatePermission // requests will simply refresh the permissions. // for (int i = 0; i < _server.options().allocationMaxPermissions; i++) { auto peerAttr = request.get<stun::XorPeerAddress>(i); if (!peerAttr || (peerAttr && peerAttr->family() != 1)) { if (i == 0) { _server.respondError(request, 400, "Bad Request"); return; } else break; } addPermission(std::string(peerAttr->address().host())); } stun::Message response(stun::Message::SuccessResponse, stun::Message::CreatePermission); response.setTransactionID(request.transactionID()); _server.respond(request, response); //request.socket->send(response, request.remoteAddress); }
void PermissionManager::reload() { XML::Document doc(permissionFile); xmlNodePtr rootNode = doc.rootNode(); if (!rootNode || !xmlStrEqual(rootNode->name, BAD_CAST "permissions")) { LOG_ERROR("Permission Manager: " << permissionFile << " is not a valid database file!"); return; } LOG_INFO("Loading permission reference..."); for_each_xml_child_node(node, rootNode) { unsigned char classmask = 0x01; if (!xmlStrEqual(node->name, BAD_CAST "class")) { continue; } int level = XML::getProperty(node, "level", 0); if (level < 1 || level > 8) { LOG_WARN("PermissionManager: Illegal class level " <<level <<" in " <<permissionFile <<" (allowed range: 1..8)"); continue; } classmask = classmask << (level-1); xmlNodePtr perNode; for (perNode = node->xmlChildrenNode; perNode != nullptr; perNode = perNode->next) { if (xmlStrEqual(perNode->name, BAD_CAST "allow")) { const char* permission = (const char*)perNode->xmlChildrenNode->content; if (permission && strlen(permission) > 0) { addPermission(permission, classmask); } } else if (xmlStrEqual(perNode->name, BAD_CAST "deny")){ //const char* permission = (const char*)perNode->xmlChildrenNode->content; // To be implemented } else if (xmlStrEqual(perNode->name, BAD_CAST "alias")){ const char* alias = (const char*)perNode->xmlChildrenNode->content; if (alias && strlen(alias) > 0) aliases[alias] = classmask; } } }
void IAllocation::addPermissions(const IPList& ips) { for (auto it = ips.begin(); it != ips.end(); ++it) { addPermission(*it); } }
Permissions::Permissions(const Permissions::Permission & perm) { addPermission(perm); }
void Permissions::setAllPermissions() { for (int i = FIRST_PERMISSION; i < LAST_PERMISSION; ++i) { addPermission(Permission(i)); } }
void PermissionManager::reload() { int size; char *data = ResourceManager::loadFile(permissionFile, size); if (!data) { LOG_ERROR("Permission Manager: Could not find " << permissionFile << "!"); free(data); return; } xmlDocPtr doc = xmlParseMemory(data, size); free(data); if (!doc) { LOG_ERROR("Permission Manager: Error while parsing permission database (" << permissionFile << ")!"); return; } xmlNodePtr node = xmlDocGetRootElement(doc); if (!node || !xmlStrEqual(node->name, BAD_CAST "permissions")) { LOG_ERROR("Permission Manager: " << permissionFile << " is not a valid database file!"); xmlFreeDoc(doc); return; } LOG_INFO("Loading permission reference..."); for (node = node->xmlChildrenNode; node != NULL; node = node->next) { unsigned char classmask = 0x01; if (!xmlStrEqual(node->name, BAD_CAST "class")) { continue; } int level = XML::getProperty(node, "level", 0); if (level < 1 || level > 8) { LOG_WARN("PermissionManager: Illegal class level " <<level <<" in " <<permissionFile <<" (allowed range: 1..8)"); continue; } classmask = classmask << (level-1); xmlNodePtr perNode; for (perNode = node->xmlChildrenNode; perNode != NULL; perNode = perNode->next) { if (xmlStrEqual(perNode->name, BAD_CAST "allow")) { const char* permission = (const char*)perNode->xmlChildrenNode->content; if (permission && strlen(permission) > 0) { addPermission(permission, classmask); } } else if (xmlStrEqual(perNode->name, BAD_CAST "deny")){ //const char* permission = (const char*)perNode->xmlChildrenNode->content; // To be implemented } else if (xmlStrEqual(perNode->name, BAD_CAST "alias")){ const char* alias = (const char*)perNode->xmlChildrenNode->content; if (alias && strlen(alias) > 0) aliases[alias] = classmask; } } } }