This class is used to store ACL rules. More...

#include <Acl.h>

Public Member Functions
	Acl ()

virtual	~Acl ()
	Destructor. More...

bool	categoriesReadSet ()

bool	categoriesWriteSet ()

bool	rolesReadSet ()

bool	rolesWriteSet ()

bool	devicesReadSet ()

bool	devicesWriteSet ()

bool	roomsReadSet ()

bool	roomsWriteSet ()

bool	buildingPartsReadSet ()

bool	buildingPartsWriteSet ()

bool	variablesReadSet ()

bool	variablesWriteSet ()

PVariable	toVariable ()

void	fromVariable (PVariable serializedData)
	Converts a Variable structure to an ACL. More...

AclResult	checkServiceAccess (std::string &serviceName)

AclResult	checkCategoriesReadAccess (std::set< uint64_t > &categories)

AclResult	checkCategoriesWriteAccess (std::set< uint64_t > &categories)

AclResult	checkCategoryReadAccess (uint64_t category)

AclResult	checkCategoryWriteAccess (uint64_t category)

AclResult	checkRolesReadAccess (std::set< uint64_t > &roles)

AclResult	checkRolesWriteAccess (std::set< uint64_t > &roles)

AclResult	checkRoleReadAccess (uint64_t role)

AclResult	checkRoleWriteAccess (uint64_t role)

AclResult	checkDeviceReadAccess (std::shared_ptr< Systems::Peer > peer)

AclResult	checkDeviceWriteAccess (std::shared_ptr< Systems::Peer > peer)

AclResult	checkEventServerMethodAccess (std::string &methodName)

AclResult	checkMethodAccess (std::string &methodName)

AclResult	checkMethodAndCategoryReadAccess (std::string &methodName, uint64_t categoryId)

AclResult	checkMethodAndCategoryWriteAccess (std::string &methodName, uint64_t categoryId)

AclResult	checkMethodAndRoleReadAccess (std::string &methodName, uint64_t roleId)

AclResult	checkMethodAndRoleWriteAccess (std::string &methodName, uint64_t roleId)

AclResult	checkMethodAndRoomReadAccess (std::string &methodName, uint64_t roomId)

AclResult	checkMethodAndRoomWriteAccess (std::string &methodName, uint64_t roomId)

AclResult	checkMethodAndBuildingPartReadAccess (std::string &methodName, uint64_t buildingPartId)

AclResult	checkMethodAndBuildingPartWriteAccess (std::string &methodName, uint64_t buildingPartId)

AclResult	checkMethodAndDeviceWriteAccess (std::string &methodName, uint64_t peerId)

AclResult	checkNodeBlueVariableReadAccess (const std::string &nodeId, int32_t input)

AclResult	checkNodeBlueVariableWriteAccess (const std::string &nodeId, int32_t input)

AclResult	checkRoomReadAccess (uint64_t roomId)

AclResult	checkRoomWriteAccess (uint64_t roomId)

AclResult	checkBuildingPartReadAccess (uint64_t buildingPartId)

AclResult	checkBuildingPartWriteAccess (uint64_t buildingPartId)

AclResult	checkSystemVariableReadAccess (Database::PSystemVariable systemVariable)

AclResult	checkSystemVariableWriteAccess (Database::PSystemVariable systemVariable)

AclResult	checkVariableReadAccess (std::shared_ptr< Systems::Peer > peer, int32_t channel, const std::string &variableName)

AclResult	checkVariableWriteAccess (std::shared_ptr< Systems::Peer > peer, int32_t channel, const std::string &variableName)

std::string	toString (int32_t indentation=0)

Detailed Description

This class is used to store ACL rules.

The elements are checked in the following order. Unset elements are skipped. If a field is set to "no access", access is denied immediately without checking further rules. When set to "access", the rule checking continues.

Variables
Devices
Rooms
Building parts
Categories
Roles
Methods
Event Server Methods

Security needs to be applied here:

RpcServer:

Most RPC methods are defined in file RPCMethods.cpp
Variable with all methods from RPCMethods.cpp: _rpcMethods
If not found in map => IpcServer::callRpcMethod()

IpcServer:

All methods on clients are called within callRpcMethod()
Server methods are defined in _rpcMethods and _localRpcMethods
Variable with all methods from RPCMethods.cpp: _rpcMethods
Has broadcast methods
Has it's own RPC methods

NodeBlueServer:

Server methods are defined in _rpcMethods and _localRpcMethods
Variable with all methods from RPCMethods.cpp: _rpcMethods
If not found in above maps => IpcServer::callRpcMethod()
Has broadcast methods
Has it's own RPC methods

ScriptEngineServer:

Server methods are defined in _rpcMethods and _localRpcMethods
Variable with all methods from RPCMethods.cpp: _rpcMethods
If not found in above maps => IpcServer::callRpcMethod()
Has broadcast methods
Has it's own RPC methods

RPC::Client

Has broadcast methods

Mqtt

Check method access

Constructor & Destructor Documentation

§ Acl()

BaseLib::Security::Acl::Acl ( )

§ ~Acl()

BaseLib::Security::Acl::~Acl ( )

virtual

Destructor.

Member Function Documentation

§ buildingPartsReadSet()

bool BaseLib::Security::Acl::buildingPartsReadSet ( )

inline

§ buildingPartsWriteSet()

bool BaseLib::Security::Acl::buildingPartsWriteSet ( )

inline

§ categoriesReadSet()

bool BaseLib::Security::Acl::categoriesReadSet ( )

inline

§ categoriesWriteSet()

bool BaseLib::Security::Acl::categoriesWriteSet ( )

inline

§ checkBuildingPartReadAccess()

AclResult BaseLib::Security::Acl::checkBuildingPartReadAccess ( uint64_t buildingPartId )

§ checkBuildingPartWriteAccess()

AclResult BaseLib::Security::Acl::checkBuildingPartWriteAccess ( uint64_t buildingPartId )

§ checkCategoriesReadAccess()

AclResult BaseLib::Security::Acl::checkCategoriesReadAccess ( std::set< uint64_t > & categories )

§ checkCategoriesWriteAccess()

AclResult BaseLib::Security::Acl::checkCategoriesWriteAccess ( std::set< uint64_t > & categories )

§ checkCategoryReadAccess()

AclResult BaseLib::Security::Acl::checkCategoryReadAccess ( uint64_t category )

§ checkCategoryWriteAccess()

AclResult BaseLib::Security::Acl::checkCategoryWriteAccess ( uint64_t category )

§ checkDeviceReadAccess()

AclResult BaseLib::Security::Acl::checkDeviceReadAccess ( std::shared_ptr< Systems::Peer > peer )

§ checkDeviceWriteAccess()

AclResult BaseLib::Security::Acl::checkDeviceWriteAccess ( std::shared_ptr< Systems::Peer > peer )

§ checkEventServerMethodAccess()

AclResult BaseLib::Security::Acl::checkEventServerMethodAccess ( std::string & methodName )

§ checkMethodAccess()

AclResult BaseLib::Security::Acl::checkMethodAccess ( std::string & methodName )

§ checkMethodAndBuildingPartReadAccess()

AclResult BaseLib::Security::Acl::checkMethodAndBuildingPartReadAccess	(	std::string &	methodName,
		uint64_t	buildingPartId
	)

§ checkMethodAndBuildingPartWriteAccess()

AclResult BaseLib::Security::Acl::checkMethodAndBuildingPartWriteAccess	(	std::string &	methodName,
		uint64_t	buildingPartId
	)

§ checkMethodAndCategoryReadAccess()

AclResult BaseLib::Security::Acl::checkMethodAndCategoryReadAccess	(	std::string &	methodName,
		uint64_t	categoryId
	)

§ checkMethodAndCategoryWriteAccess()

AclResult BaseLib::Security::Acl::checkMethodAndCategoryWriteAccess	(	std::string &	methodName,
		uint64_t	categoryId
	)

§ checkMethodAndDeviceWriteAccess()

AclResult BaseLib::Security::Acl::checkMethodAndDeviceWriteAccess	(	std::string &	methodName,
		uint64_t	peerId
	)

§ checkMethodAndRoleReadAccess()

AclResult BaseLib::Security::Acl::checkMethodAndRoleReadAccess	(	std::string &	methodName,
		uint64_t	roleId
	)

§ checkMethodAndRoleWriteAccess()

AclResult BaseLib::Security::Acl::checkMethodAndRoleWriteAccess	(	std::string &	methodName,
		uint64_t	roleId
	)

§ checkMethodAndRoomReadAccess()

AclResult BaseLib::Security::Acl::checkMethodAndRoomReadAccess	(	std::string &	methodName,
		uint64_t	roomId
	)

§ checkMethodAndRoomWriteAccess()

AclResult BaseLib::Security::Acl::checkMethodAndRoomWriteAccess	(	std::string &	methodName,
		uint64_t	roomId
	)

§ checkNodeBlueVariableReadAccess()

AclResult BaseLib::Security::Acl::checkNodeBlueVariableReadAccess	(	const std::string &	nodeId,
		int32_t	input
	)

§ checkNodeBlueVariableWriteAccess()

AclResult BaseLib::Security::Acl::checkNodeBlueVariableWriteAccess	(	const std::string &	nodeId,
		int32_t	input
	)

§ checkRoleReadAccess()

AclResult BaseLib::Security::Acl::checkRoleReadAccess ( uint64_t role )

§ checkRolesReadAccess()

AclResult BaseLib::Security::Acl::checkRolesReadAccess ( std::set< uint64_t > & roles )

§ checkRolesWriteAccess()

AclResult BaseLib::Security::Acl::checkRolesWriteAccess ( std::set< uint64_t > & roles )

§ checkRoleWriteAccess()

AclResult BaseLib::Security::Acl::checkRoleWriteAccess ( uint64_t role )

§ checkRoomReadAccess()

AclResult BaseLib::Security::Acl::checkRoomReadAccess ( uint64_t roomId )

§ checkRoomWriteAccess()

AclResult BaseLib::Security::Acl::checkRoomWriteAccess ( uint64_t roomId )

§ checkServiceAccess()

AclResult BaseLib::Security::Acl::checkServiceAccess ( std::string & serviceName )

§ checkSystemVariableReadAccess()

AclResult BaseLib::Security::Acl::checkSystemVariableReadAccess ( Database::PSystemVariable systemVariable )

§ checkSystemVariableWriteAccess()

AclResult BaseLib::Security::Acl::checkSystemVariableWriteAccess ( Database::PSystemVariable systemVariable )

§ checkVariableReadAccess()

AclResult BaseLib::Security::Acl::checkVariableReadAccess	(	std::shared_ptr< Systems::Peer >	peer,
		int32_t	channel,
		const std::string &	variableName
	)

§ checkVariableWriteAccess()

AclResult BaseLib::Security::Acl::checkVariableWriteAccess	(	std::shared_ptr< Systems::Peer >	peer,
		int32_t	channel,
		const std::string &	variableName
	)

§ devicesReadSet()

bool BaseLib::Security::Acl::devicesReadSet ( )

inline

§ devicesWriteSet()

bool BaseLib::Security::Acl::devicesWriteSet ( )

inline

§ fromVariable()

void BaseLib::Security::Acl::fromVariable ( PVariable serializedData )

Converts a Variable structure to an ACL.

This is not thread safe, so make sure no checks are being executed when calling this method!

Parameters

serializedData The structure to convert to an ACL.

§ rolesReadSet()

bool BaseLib::Security::Acl::rolesReadSet ( )

inline

§ rolesWriteSet()

bool BaseLib::Security::Acl::rolesWriteSet ( )

inline

§ roomsReadSet()

bool BaseLib::Security::Acl::roomsReadSet ( )

inline

§ roomsWriteSet()

bool BaseLib::Security::Acl::roomsWriteSet ( )

inline

§ toString()

std::string BaseLib::Security::Acl::toString ( int32_t indentation = 0 )

§ toVariable()

PVariable BaseLib::Security::Acl::toVariable ( )

§ variablesReadSet()

bool BaseLib::Security::Acl::variablesReadSet ( )

inline

§ variablesWriteSet()

bool BaseLib::Security::Acl::variablesWriteSet ( )

inline

The documentation for this class was generated from the following files:

Security/Acl.h
Security/Acl.cpp

Public Member Functions

Detailed Description

Constructor & Destructor Documentation

§ Acl()

§ ~Acl()

Member Function Documentation

§ buildingPartsReadSet()

§ buildingPartsWriteSet()

§ categoriesReadSet()

§ categoriesWriteSet()

§ checkBuildingPartReadAccess()

§ checkBuildingPartWriteAccess()

§ checkCategoriesReadAccess()

§ checkCategoriesWriteAccess()

§ checkCategoryReadAccess()

§ checkCategoryWriteAccess()

§ checkDeviceReadAccess()

§ checkDeviceWriteAccess()

§ checkEventServerMethodAccess()

§ checkMethodAccess()

§ checkMethodAndBuildingPartReadAccess()

§ checkMethodAndBuildingPartWriteAccess()

§ checkMethodAndCategoryReadAccess()

§ checkMethodAndCategoryWriteAccess()

§ checkMethodAndDeviceWriteAccess()

§ checkMethodAndRoleReadAccess()

§ checkMethodAndRoleWriteAccess()

§ checkMethodAndRoomReadAccess()

§ checkMethodAndRoomWriteAccess()

§ checkNodeBlueVariableReadAccess()

§ checkNodeBlueVariableWriteAccess()

§ checkRoleReadAccess()

§ checkRolesReadAccess()

§ checkRolesWriteAccess()

§ checkRoleWriteAccess()

§ checkRoomReadAccess()

§ checkRoomWriteAccess()

§ checkServiceAccess()

§ checkSystemVariableReadAccess()

§ checkSystemVariableWriteAccess()

§ checkVariableReadAccess()

§ checkVariableWriteAccess()

§ devicesReadSet()

§ devicesWriteSet()

§ fromVariable()

§ rolesReadSet()

§ rolesWriteSet()

§ roomsReadSet()

§ roomsWriteSet()

§ toString()

§ toVariable()

§ variablesReadSet()

§ variablesWriteSet()