From 97b40ab87d904abac8e969df4d9cee02d829c2d1 Mon Sep 17 00:00:00 2001 From: Seth Alves Date: Thu, 21 Jul 2016 14:04:55 -0700 Subject: [PATCH] adapting to api changes --- domain-server/src/DomainGatekeeper.cpp | 23 +++++++- .../src/DomainServerSettingsManager.cpp | 59 ++++++++----------- 2 files changed, 46 insertions(+), 36 deletions(-) diff --git a/domain-server/src/DomainGatekeeper.cpp b/domain-server/src/DomainGatekeeper.cpp index a5ab4ce410..32c0eb00c9 100644 --- a/domain-server/src/DomainGatekeeper.cpp +++ b/domain-server/src/DomainGatekeeper.cpp @@ -153,18 +153,24 @@ NodePermissions DomainGatekeeper::applyPermissionsForUser(bool isLocalUser, int rank = _server->_settingsManager.isGroupMember(verifiedUsername, groupID); if (rank >= 0) { userPerms |= _server->_settingsManager.getPermissionsForGroup(groupID, rank); - qDebug() << "user-permissions: user is in group:" << groupID << "so:" << userPerms; + qDebug() << "user-permissions: user is in group:" << groupID << " rank:" << rank << "so:" << userPerms; } } // if this user is a known member of a blacklist group, remove the implied permissions + qDebug() << "------------------ checking blacklists ----------------------"; + qDebug() << _server->_settingsManager.getBlacklistGroupIDs(); foreach (QUuid groupID, _server->_settingsManager.getBlacklistGroupIDs()) { if (_server->_settingsManager.isGroupMember(verifiedUsername, groupID)) { int rank = _server->_settingsManager.isGroupMember(verifiedUsername, groupID); + qDebug() << groupID << verifiedUsername << "is member with rank" << rank; if (rank >= 0) { userPerms &= ~_server->_settingsManager.getForbiddensForGroup(groupID, rank); - qDebug() << "user-permissions: user is in blacklist group:" << groupID << "so:" << userPerms; + qDebug() << "user-permissions: user is in blacklist group:" << groupID << " rank:" << rank + << "so:" << userPerms; } + } else { + qDebug() << groupID << verifiedUsername << "is not member."; } } } @@ -739,14 +745,23 @@ void DomainGatekeeper::getIsGroupMemberJSONCallback(QNetworkReply& requestReply) // "status":"success" // } + + + QJsonObject jsonObject = QJsonDocument::fromJson(requestReply.readAll()).object(); + + qDebug() << "********* getIsGroupMember api call returned:" << QJsonDocument(jsonObject).toJson(QJsonDocument::Compact); + + if (jsonObject["status"].toString() == "success") { QJsonObject data = jsonObject["data"].toObject(); QJsonObject groups = data["groups"].toObject(); QString username = data["username"].toString(); _server->_settingsManager.clearGroupMemberships(username); foreach (auto groupID, groups.keys()) { - _server->_settingsManager.recordGroupMembership(username, groupID, true); + QJsonObject group = groups[groupID].toObject(); + int order = group["order"].toInt(); + _server->_settingsManager.recordGroupMembership(username, groupID, order); } } else { qDebug() << "getIsGroupMember api call returned:" << QJsonDocument(jsonObject).toJson(QJsonDocument::Compact); @@ -812,4 +827,6 @@ void DomainGatekeeper::refreshGroupsCache() { if (agentCount > 0) { _server->_settingsManager.apiRefreshGroupInformation(); } + + updateNodePermissions(); } diff --git a/domain-server/src/DomainServerSettingsManager.cpp b/domain-server/src/DomainServerSettingsManager.cpp index b9715240ca..53b90551c1 100644 --- a/domain-server/src/DomainServerSettingsManager.cpp +++ b/domain-server/src/DomainServerSettingsManager.cpp @@ -481,7 +481,7 @@ void DomainServerSettingsManager::unpackPermissions() { } if (perms->isGroup()) { // the group-id was cached. hook-up the uuid in the uuid->group hash - _groupForbiddensByUUID[GroupByUUIDKey(perms->getGroupID(), perms->getRank())] = _groupPermissions[idKey]; + _groupForbiddensByUUID[GroupByUUIDKey(perms->getGroupID(), perms->getRank())] = _groupForbiddens[idKey]; needPack |= setGroupID(perms->getID(), perms->getGroupID()); } } @@ -714,8 +714,6 @@ bool DomainServerSettingsManager::handleAuthenticatedHTTPRequest(HTTPConnection QJsonDocument postedDocument = QJsonDocument::fromJson(connection->requestContent()); QJsonObject postedObject = postedDocument.object(); - qDebug() << "DomainServerSettingsManager postedObject -" << postedObject; - // we recurse one level deep below each group for the appropriate setting bool restartRequired = recurseJSONObjectAndOverwriteSettings(postedObject); @@ -747,6 +745,9 @@ bool DomainServerSettingsManager::handleAuthenticatedHTTPRequest(HTTPConnection rootObject[SETTINGS_RESPONSE_VALUE_KEY] = responseObjectForType("", true); rootObject[SETTINGS_RESPONSE_LOCKED_VALUES_KEY] = QJsonDocument::fromVariant(_configMap.getMasterConfig()).object(); + + qDebug() << QJsonDocument(rootObject).toJson(QJsonDocument::Indented); + connection->respond(HTTPConnection::StatusCode200, QJsonDocument(rootObject).toJson(), "application/json"); } @@ -1149,6 +1150,8 @@ void DomainServerSettingsManager::apiRefreshGroupInformation() { foreach (QUuid groupID, _groupNames.keys()) { apiGetGroupRanks(groupID); } + + unpackPermissions(); } void DomainServerSettingsManager::apiGetGroupID(const QString& groupName) { @@ -1234,13 +1237,17 @@ void DomainServerSettingsManager::apiGetGroupRanks(const QUuid& groupID) { } void DomainServerSettingsManager::apiGetGroupRanksJSONCallback(QNetworkReply& requestReply) { + + // { - // "current_page":1, // "data":{ // "groups":{ - // "fd55479a-265d-4990-854e-3d04214ad1b0":{ + // "d3500f49-0655-4b1b-9846-ff8dd1b03351":{ + // "members_count":1, // "ranks":[ // { + // "id":"7979b774-e7f8-436c-9df1-912f1019f32f", + // "members_count":1, // "name":"owner", // "order":0, // "permissions":{ @@ -1248,44 +1255,24 @@ void DomainServerSettingsManager::apiGetGroupRanksJSONCallback(QNetworkReply& re // "custom_2":false, // "custom_3":false, // "custom_4":false, - // "del_group":true, - // "invite_member":true, - // "kick_member":true, + // "edit_group":true, + // "edit_member":true, + // "edit_rank":true, // "list_members":true, - // "mv_group":true, - // "query_members":true, - // "rank_member":true - // } - // }, - // { - // "name":"admin", - // "order":1, - // "permissions":{ - // "custom_1":false, - // "custom_2":false, - // "custom_3":false, - // "custom_4":false, - // "del_group":false, - // "invite_member":false, - // "kick_member":false, - // "list_members":false, - // "mv_group":false, - // "query_members":false, - // "rank_member":false + // "list_permissions":true, + // "list_ranks":true, + // "query_member":true // } // } // ] // } // } - // }, - // "per_page":30, - // "status":"success", - // "total_entries":2, - // "total_pages":1 + // },"status":"success" // } bool changed = false; QJsonObject jsonObject = QJsonDocument::fromJson(requestReply.readAll()).object(); + if (jsonObject["status"].toString() == "success") { QJsonObject groups = jsonObject["data"].toObject()["groups"].toObject(); foreach (auto groupID, groups.keys()) { @@ -1365,6 +1352,12 @@ void DomainServerSettingsManager::debugDumpGroupsState() { qDebug() << "| " << groupKey << perms; } + qDebug() << "_groupForbiddens:"; + foreach (NodePermissionsKey groupKey, _groupForbiddens.keys()) { + NodePermissionsPointer perms = _groupForbiddens[groupKey]; + qDebug() << "| " << groupKey << perms; + } + qDebug() << "_groupIDs:"; foreach (QString groupName, _groupIDs.keys()) { qDebug() << "| " << groupName << "==>" << _groupIDs[groupName];