ws_accessService.hpp 8.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128
  1. /*##############################################################################
  2. Copyright (C) 2011 HPCC Systems.
  3. All rights reserved. This program is free software: you can redistribute it and/or modify
  4. it under the terms of the GNU Affero General Public License as
  5. published by the Free Software Foundation, either version 3 of the
  6. License, or (at your option) any later version.
  7. This program is distributed in the hope that it will be useful,
  8. but WITHOUT ANY WARRANTY; without even the implied warranty of
  9. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  10. GNU Affero General Public License for more details.
  11. You should have received a copy of the GNU Affero General Public License
  12. along with this program. If not, see <http://www.gnu.org/licenses/>.
  13. ############################################################################## */
  14. #ifndef _ESPWIZ_ws_access_HPP__
  15. #define _ESPWIZ_ws_access_HPP__
  16. #pragma warning( disable : 4786)
  17. #include "ldapsecurity.ipp"
  18. #include "ws_access.hpp"
  19. #include "ws_access_esp.ipp"
  20. class Cws_accessSoapBindingEx : public Cws_accessSoapBinding
  21. {
  22. StringBuffer m_authType;
  23. Owned<IXslProcessor> xslp;
  24. public:
  25. Cws_accessSoapBindingEx(IPropertyTree *cfg, const char *name, const char *process, http_soap_log_level llevel=hsl_none) : Cws_accessSoapBinding(cfg, name, process, llevel)
  26. {
  27. StringBuffer xpath;
  28. xpath.appendf("Software/EspProcess[@name='%s']/Authentication/@method", process);
  29. const char* method = cfg->queryProp(xpath);
  30. if (method && *method)
  31. m_authType.append(method);
  32. }
  33. virtual void getNavigationData(IEspContext &context, IPropertyTree & data)
  34. {
  35. IPropertyTree *folder = ensureNavFolder(data, "Users/Permissions", "Permissions");
  36. if (!stricmp(m_authType.str(), "none") || !stricmp(m_authType.str(), "local"))
  37. {
  38. ensureNavLink(*folder, "Users", "/ws_access/SecurityNotEnabled?form_", "Users");
  39. ensureNavLink(*folder, "Groups", "/ws_access/SecurityNotEnabled?form_", "Groups");
  40. ensureNavLink(*folder, "Permissions", "/ws_access/SecurityNotEnabled?form_", "Permissions");
  41. }
  42. else
  43. {
  44. ensureNavLink(*folder, "Users", "/ws_access/Users", "Users");
  45. ensureNavLink(*folder, "Groups", "/ws_access/Groups", "Groups");
  46. ensureNavLink(*folder, "Permissions", "/ws_access/Permissions", "Permissions");
  47. }
  48. }
  49. virtual int onGetForm(IEspContext &context, CHttpRequest* request, CHttpResponse* response, const char *service, const char *method);
  50. int getQualifiedNames(IEspContext& ctx, MethodInfoArray & methods)
  51. {
  52. return methods.ordinality();
  53. }
  54. void setXslProcessor(IInterface *xslp_){xslp.set(dynamic_cast<IXslProcessor *>(xslp_));}
  55. };
  56. class Cws_accessEx : public Cws_access
  57. {
  58. Owned<IPropertyTree> m_servicecfg;
  59. IArrayOf<IEspDnStruct> m_basedns;
  60. IArrayOf<IEspDnStruct> m_rawbasedns;
  61. SecResourceType str2type(const char* rtstr);
  62. void setBasedns(IEspContext &context);
  63. bool permissionAddInputOnResource(IEspContext &context, IEspPermissionAddRequest &req, IEspPermissionAddResponse &resp);
  64. bool permissionAddInputOnAccount(IEspContext &context, const char* accountName, IEspPermissionAddRequest &req, IEspPermissionAddResponse &resp);
  65. bool getNewFileScopePermissions(ISecManager* secmgr, IEspResourceAddRequest &req, StringBuffer& existingResource, StringArray& newResources);
  66. bool setNewFileScopePermissions(ISecManager* secmgr, IEspResourceAddRequest &req, StringBuffer& existingResource, StringArray& newResources);
  67. bool permissionsReset(CLdapSecManager* ldapsecmgr, const char* basedn, const char* rtype, const char* prefix,
  68. const char* resourceName, ACT_TYPE accountType, const char* accountName,
  69. bool allow_access, bool allow_read, bool allow_write, bool allow_full,
  70. bool deny_access, bool deny_read, bool deny_write, bool deny_full);
  71. public:
  72. IMPLEMENT_IINTERFACE;
  73. virtual void init(IPropertyTree *cfg, const char *process, const char *service);
  74. virtual bool onUsers(IEspContext &context, IEspUserRequest &req, IEspUserResponse &resp);
  75. virtual bool onUserEdit(IEspContext &context, IEspUserEditRequest &req, IEspUserEditResponse &resp);
  76. virtual bool onGroups(IEspContext &context, IEspGroupRequest &req, IEspGroupResponse &resp);
  77. virtual bool onAddUser(IEspContext &context, IEspAddUserRequest &req, IEspAddUserResponse &resp);
  78. virtual bool onUserAction(IEspContext &context, IEspUserActionRequest &req, IEspUserActionResponse &resp);
  79. virtual bool onPermissions(IEspContext &context, IEspBasednsRequest &req, IEspBasednsResponse &resp);
  80. virtual bool onResources(IEspContext &context, IEspResourcesRequest &req, IEspResourcesResponse &resp);
  81. virtual bool onResourceAdd(IEspContext &context, IEspResourceAddRequest &req, IEspResourceAddResponse &resp);
  82. virtual bool onResourceAddInput(IEspContext &context, IEspResourceAddInputRequest &req, IEspResourceAddInputResponse &resp);
  83. virtual bool onResourcePermissions(IEspContext &context, IEspResourcePermissionsRequest &req, IEspResourcePermissionsResponse &resp);
  84. virtual bool onPermissionAddInput(IEspContext &context, IEspPermissionAddRequest &req, IEspPermissionAddResponse &resp);
  85. virtual bool onPermissionAction(IEspContext &context, IEspPermissionActionRequest &req, IEspPermissionActionResponse &resp);
  86. virtual bool onUserGroupEditInput(IEspContext &context, IEspUserGroupEditInputRequest &req, IEspUserGroupEditInputResponse &resp);
  87. virtual bool onUserGroupEdit(IEspContext &context, IEspUserGroupEditRequest &req, IEspUserGroupEditResponse &resp);
  88. virtual bool onGroupAdd(IEspContext &context, IEspGroupAddRequest &req, IEspGroupAddResponse &resp);
  89. virtual bool onGroupAction(IEspContext &context, IEspGroupActionRequest &req, IEspGroupActionResponse &resp);
  90. virtual bool onGroupEdit(IEspContext &context, IEspGroupEditRequest &req, IEspGroupEditResponse &resp);
  91. virtual bool onGroupMemberEditInput(IEspContext &context, IEspGroupMemberEditInputRequest &req, IEspGroupMemberEditInputResponse &resp);
  92. virtual bool onGroupMemberEdit(IEspContext &context, IEspGroupMemberEditRequest &req, IEspGroupMemberEditResponse &resp);
  93. virtual bool onResourceDelete(IEspContext &context, IEspResourceDeleteRequest &req, IEspResourceDeleteResponse &resp);
  94. virtual bool onUserResetPass(IEspContext &context, IEspUserResetPassRequest &req, IEspUserResetPassResponse &resp);
  95. virtual bool onUserResetPassInput(IEspContext &context, IEspUserResetPassInputRequest &req, IEspUserResetPassInputResponse &resp);
  96. virtual bool onUserPosix(IEspContext &context, IEspUserPosixRequest &req, IEspUserPosixResponse &resp);
  97. virtual bool onUserPosixInput(IEspContext &context, IEspUserPosixInputRequest &req, IEspUserPosixInputResponse &resp);
  98. virtual bool onUserInfoEdit(IEspContext &context, IEspUserInfoEditRequest &req, IEspUserInfoEditResponse &resp);
  99. virtual bool onUserInfoEditInput(IEspContext &context, IEspUserInfoEditInputRequest &req, IEspUserInfoEditInputResponse &resp);
  100. virtual bool onUserSudoersInput(IEspContext &context, IEspUserSudoersInputRequest &req, IEspUserSudoersInputResponse &resp);
  101. virtual bool onUserSudoers(IEspContext &context, IEspUserSudoersRequest &req, IEspUserSudoersResponse &resp);
  102. virtual bool onAccountPermissions(IEspContext &context, IEspAccountPermissionsRequest &req, IEspAccountPermissionsResponse &resp);
  103. virtual bool onFilePermission(IEspContext &context, IEspFilePermissionRequest &req, IEspFilePermissionResponse &resp);
  104. virtual bool onPermissionsResetInput(IEspContext &context, IEspPermissionsResetInputRequest &req, IEspPermissionsResetInputResponse &resp);
  105. virtual bool onPermissionsReset(IEspContext &context, IEspPermissionsResetRequest &req, IEspPermissionsResetResponse &resp);
  106. virtual bool onUserAccountExport(IEspContext &context, IEspUserAccountExportRequest &req, IEspUserAccountExportResponse &resp);
  107. };
  108. #endif //_ESPWIZ_ws_access_HPP__