libhomegear-base  0.7
Base library for Homegear and Homegear family modules.
Acl.h
Go to the documentation of this file.
1 /* Copyright 2013-2019 Homegear GmbH
2  *
3  * libhomegear-base is free software: you can redistribute it and/or
4  * modify it under the terms of the GNU Lesser General Public License as
5  * published by the Free Software Foundation, either version 3 of the
6  * License, or (at your option) any later version.
7  *
8  * libhomegear-base is distributed in the hope that it will be useful,
9  * but WITHOUT ANY WARRANTY; without even the implied warranty of
10  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11  * GNU Lesser General Public License for more details.
12  *
13  * You should have received a copy of the GNU Lesser General Public
14  * License along with libhomegear-base. If not, see
15  * <http://www.gnu.org/licenses/>.
16  *
17  * In addition, as a special exception, the copyright holders give
18  * permission to link the code of portions of this program with the
19  * OpenSSL library under certain conditions as described in each
20  * individual source file, and distribute linked combinations
21  * including the two.
22  * You must obey the GNU Lesser General Public License in all respects
23  * for all of the code used other than OpenSSL. If you modify
24  * file(s) with this exception, you may extend this exception to your
25  * version of the file(s), but you are not obligated to do so. If you
26  * do not wish to do so, delete this exception statement from your
27  * version. If you delete this exception statement from all source
28  * files in the program, then also delete it here.
29 */
30 
31 #ifndef BASELIB_SECURITY_ACL_H_
32 #define BASELIB_SECURITY_ACL_H_
33 
34 #include "../Exception.h"
35 #include "../Variable.h"
36 #include "../Database/IDatabaseController.h"
37 
38 #include <set>
39 
40 namespace BaseLib {
41 
42 namespace Systems {
43 class Peer;
44 }
45 
46 namespace Security {
47 
48 enum class AclResult {
49  error = -3,
50  notInList = -2,
51  deny = -1,
52  accept = 0
53 };
54 
60 class AclException : public Exception {
61  public:
62  AclException(std::string message) : Exception(message) {}
63 };
64 
111 class Acl {
112  private:
116  bool _devicesReadSet = false;
117 
123  std::unordered_map<uint64_t, bool> _devicesRead;
124 
128  bool _devicesWriteSet = false;
129 
135  std::unordered_map<uint64_t, bool> _devicesWrite;
136 
140  bool _variablesReadSet = false;
141 
153  std::unordered_map<uint64_t, std::unordered_map<int32_t, std::unordered_map<std::string, bool>>> _variablesRead;
154 
158  bool _variablesWriteSet = false;
159 
171  std::unordered_map<uint64_t, std::unordered_map<int32_t, std::unordered_map<std::string, bool>>> _variablesWrite;
172 
176  bool _roomsReadSet = false;
177 
181  std::unordered_map<uint64_t, bool> _roomsRead;
182 
186  bool _roomsWriteSet = false;
187 
193  std::unordered_map<uint64_t, bool> _roomsWrite;
194 
198  bool _buildingPartsReadSet = false;
199 
203  std::unordered_map<uint64_t, bool> _buildingPartsRead;
204 
208  bool _buildingPartsWriteSet = false;
209 
215  std::unordered_map<uint64_t, bool> _buildingPartsWrite;
216 
220  bool _categoriesReadSet = false;
221 
227  std::unordered_map<uint64_t, bool> _categoriesRead;
228 
232  bool _categoriesWriteSet = false;
233 
237  std::unordered_map<uint64_t, bool> _categoriesWrite;
238 
242  bool _rolesReadSet = false;
243 
249  std::unordered_map<uint64_t, bool> _rolesRead;
250 
254  bool _rolesWriteSet = false;
255 
259  std::unordered_map<uint64_t, bool> _rolesWrite;
260 
264  bool _methodsSet = false;
265 
272  std::unordered_map<std::string, bool> _methods;
273 
277  bool _eventServerMethodsSet = false;
278 
285  std::unordered_map<std::string, bool> _eventServerMethods;
286 
290  bool _servicesSet = false;
291 
298  std::unordered_map<std::string, bool> _services;
299  public:
300  Acl();
301 
305  virtual ~Acl();
306 
307  bool categoriesReadSet() { return _categoriesReadSet; }
308  bool categoriesWriteSet() { return _categoriesWriteSet; }
309  bool rolesReadSet() { return _rolesReadSet; }
310  bool rolesWriteSet() { return _rolesWriteSet; }
311  bool devicesReadSet() { return _devicesReadSet; }
312  bool devicesWriteSet() { return _devicesWriteSet; }
313  bool roomsReadSet() { return _roomsReadSet; }
314  bool roomsWriteSet() { return _roomsWriteSet; }
315  bool buildingPartsReadSet() { return _buildingPartsReadSet; }
316  bool buildingPartsWriteSet() { return _buildingPartsWriteSet; }
317  bool variablesReadSet() { return _variablesReadSet; }
318  bool variablesWriteSet() { return _variablesWriteSet; }
319 
320  PVariable toVariable();
321 
327  void fromVariable(PVariable serializedData);
328 
329  AclResult checkServiceAccess(std::string &serviceName);
330  AclResult checkCategoriesReadAccess(std::set<uint64_t> &categories);
331  AclResult checkCategoriesWriteAccess(std::set<uint64_t> &categories);
332  AclResult checkCategoryReadAccess(uint64_t category);
333  AclResult checkCategoryWriteAccess(uint64_t category);
334  AclResult checkRolesReadAccess(std::set<uint64_t> &roles);
335  AclResult checkRolesWriteAccess(std::set<uint64_t> &roles);
336  AclResult checkRoleReadAccess(uint64_t role);
337  AclResult checkRoleWriteAccess(uint64_t role);
338  AclResult checkDeviceReadAccess(std::shared_ptr<Systems::Peer> peer);
339  AclResult checkDeviceWriteAccess(std::shared_ptr<Systems::Peer> peer);
340  AclResult checkEventServerMethodAccess(std::string &methodName);
341  AclResult checkMethodAccess(std::string &methodName);
342  AclResult checkMethodAndCategoryReadAccess(std::string &methodName, uint64_t categoryId);
343  AclResult checkMethodAndCategoryWriteAccess(std::string &methodName, uint64_t categoryId);
344  AclResult checkMethodAndRoleReadAccess(std::string &methodName, uint64_t roleId);
345  AclResult checkMethodAndRoleWriteAccess(std::string &methodName, uint64_t roleId);
346  AclResult checkMethodAndRoomReadAccess(std::string &methodName, uint64_t roomId);
347  AclResult checkMethodAndRoomWriteAccess(std::string &methodName, uint64_t roomId);
348  AclResult checkMethodAndBuildingPartReadAccess(std::string &methodName, uint64_t buildingPartId);
349  AclResult checkMethodAndBuildingPartWriteAccess(std::string &methodName, uint64_t buildingPartId);
350  AclResult checkMethodAndDeviceWriteAccess(std::string &methodName, uint64_t peerId);
351  AclResult checkNodeBlueVariableReadAccess(const std::string &nodeId, int32_t input);
352  AclResult checkNodeBlueVariableWriteAccess(const std::string &nodeId, int32_t input);
353  AclResult checkRoomReadAccess(uint64_t roomId);
354  AclResult checkRoomWriteAccess(uint64_t roomId);
355  AclResult checkBuildingPartReadAccess(uint64_t buildingPartId);
356  AclResult checkBuildingPartWriteAccess(uint64_t buildingPartId);
357  AclResult checkSystemVariableReadAccess(Database::PSystemVariable systemVariable);
358  AclResult checkSystemVariableWriteAccess(Database::PSystemVariable systemVariable);
359  AclResult checkVariableReadAccess(std::shared_ptr<Systems::Peer> peer, int32_t channel, const std::string &variableName);
360  AclResult checkVariableWriteAccess(std::shared_ptr<Systems::Peer> peer, int32_t channel, const std::string &variableName);
361 
362  std::string toString(int32_t indentation = 0);
363 };
364 
365 typedef std::shared_ptr<Acl> PAcl;
366 
367 }
368 }
369 #endif
BaseLib::Security::Acl::rolesReadSet
bool rolesReadSet()
Definition: Acl.h:309
BaseLib::Security::Acl::roomsReadSet
bool roomsReadSet()
Definition: Acl.h:313
BaseLib::Security::AclException
Exception class for Acl.
Definition: Acl.h:60
BaseLib::Database::PSystemVariable
std::shared_ptr< SystemVariable > PSystemVariable
Definition: IDatabaseController.h:51
BaseLib::Security::PAcl
std::shared_ptr< Acl > PAcl
Definition: Acl.h:365
BaseLib::Security::Acl::variablesWriteSet
bool variablesWriteSet()
Definition: Acl.h:318
BaseLib
Definition: BaseLib.cpp:34
BaseLib::Security::Acl::devicesWriteSet
bool devicesWriteSet()
Definition: Acl.h:312
BaseLib::Security::AclException::AclException
AclException(std::string message)
Definition: Acl.h:62
BaseLib::PVariable
std::shared_ptr< Variable > PVariable
Definition: PhysicalInterfaceSettings.h:41
channel
int32_t channel
Definition: UiElements.h:215
BaseLib::Security::AclResult
AclResult
Definition: Acl.h:48
BaseLib::Security::Acl::roomsWriteSet
bool roomsWriteSet()
Definition: Acl.h:314
BaseLib::Systems::Peer
Definition: Peer.h:321
BaseLib::Security::Acl
This class is used to store ACL rules.
Definition: Acl.h:111
peerId
uint64_t peerId
Definition: UiElements.h:214
BaseLib::Security::Acl::rolesWriteSet
bool rolesWriteSet()
Definition: Acl.h:310
BaseLib::Security::Acl::buildingPartsWriteSet
bool buildingPartsWriteSet()
Definition: Acl.h:316
BaseLib::Security::Acl::categoriesWriteSet
bool categoriesWriteSet()
Definition: Acl.h:308
BaseLib::Exception
Base class for all exceptions defined in Homegear.
Definition: Exception.h:41
BaseLib::Security::Acl::categoriesReadSet
bool categoriesReadSet()
Definition: Acl.h:307
BaseLib::Security::Acl::variablesReadSet
bool variablesReadSet()
Definition: Acl.h:317
BaseLib::Security::Acl::devicesReadSet
bool devicesReadSet()
Definition: Acl.h:311
BaseLib::Security::Acl::buildingPartsReadSet
bool buildingPartsReadSet()
Definition: Acl.h:315