cutelyst  4.5.1
A C++ Web Framework built on top of Qt, using the simple approach of Catalyst (Perl) framework.
Cutelyst::RoleACL Class Referencefinal

User role-based authorization action role. More...

Inheritance diagram for Cutelyst::RoleACL:

Public Member Functions

 RoleACL (QObject *parent=nullptr)
 
bool aroundExecute (Context *c, QStack< Component * > stack) override
 
bool canVisit (Context *c) const
 
bool init (Application *application, const QVariantHash &args) override
 
Modifiers modifiers () const override
 
- Public Member Functions inherited from Cutelyst::Component
 Component (QObject *parent=nullptr)
 
virtual ~Component () override
 
bool execute (Context *c)
 
QString name () const noexcept
 
QString reverse () const noexcept
 
void setName (const QString &name)
 
void setReverse (const QString &reverse)
 
- Public Member Functions inherited from QObject
 QObject (QObject *parent)
 
QBindable< QStringbindableObjectName ()
 
bool blockSignals (bool block)
 
const QObjectListchildren () const const
 
QMetaObject::Connection connect (const QObject *sender, const char *signal, const char *method, Qt::ConnectionType type) const const
 
void deleteLater ()
 
void destroyed (QObject *obj)
 
bool disconnect (const char *signal, const QObject *receiver, const char *method) const const
 
bool disconnect (const QObject *receiver, const char *method) const const
 
void dumpObjectInfo () const const
 
void dumpObjectTree () const const
 
QList< QByteArraydynamicPropertyNames () const const
 
virtual bool event (QEvent *e)
 
virtual bool eventFilter (QObject *watched, QEvent *event)
 
findChild (const QString &name, Qt::FindChildOptions options) const const
 
QList< T > findChildren (const QRegularExpression &re, Qt::FindChildOptions options) const const
 
QList< T > findChildren (const QString &name, Qt::FindChildOptions options) const const
 
QList< T > findChildren (Qt::FindChildOptions options) const const
 
bool inherits (const char *className) const const
 
void installEventFilter (QObject *filterObj)
 
bool isQuickItemType () const const
 
bool isWidgetType () const const
 
bool isWindowType () const const
 
void killTimer (int id)
 
virtual const QMetaObjectmetaObject () const const
 
void moveToThread (QThread *targetThread)
 
QString objectName () const const
 
void objectNameChanged (const QString &objectName)
 
QObjectparent () const const
 
QVariant property (const char *name) const const
 
 Q_CLASSINFO (Name, Value)
 
 Q_EMIT Q_EMIT
 
 Q_ENUM (...)
 
 Q_ENUM_NS (...)
 
 Q_ENUMS (...)
 
 Q_FLAG (...)
 
 Q_FLAG_NS (...)
 
 Q_FLAGS (...)
 
 Q_GADGET Q_GADGET
 
 Q_GADGET_EXPORT (EXPORT_MACRO)
 
 Q_INTERFACES (...)
 
 Q_INVOKABLE Q_INVOKABLE
 
 Q_MOC_INCLUDE Q_MOC_INCLUDE
 
 Q_NAMESPACE Q_NAMESPACE
 
 Q_NAMESPACE_EXPORT (EXPORT_MACRO)
 
 Q_OBJECT Q_OBJECT
 
 Q_PROPERTY (...)
 
 Q_REVISION Q_REVISION
 
 Q_SET_OBJECT_NAME (Object)
 
 Q_SIGNAL Q_SIGNAL
 
 Q_SIGNALS Q_SIGNALS
 
 Q_SLOT Q_SLOT
 
 Q_SLOTS Q_SLOTS
 
qobject_cast (const QObject *object)
 
qobject_cast (QObject *object)
 
 QT_NO_NARROWING_CONVERSIONS_IN_CONNECT QT_NO_NARROWING_CONVERSIONS_IN_CONNECT
 
void removeEventFilter (QObject *obj)
 
void setObjectName (const QString &name)
 
void setObjectName (QAnyStringView name)
 
void setParent (QObject *parent)
 
bool setProperty (const char *name, const QVariant &value)
 
bool setProperty (const char *name, QVariant &&value)
 
bool signalsBlocked () const const
 
int startTimer (int interval, Qt::TimerType timerType)
 
int startTimer (std::chrono::milliseconds interval, Qt::TimerType timerType)
 
QThreadthread () const const
 

Protected Member Functions

bool dispatcherReady (const Dispatcher *dispatcher, Controller *controller) override
 
- Protected Member Functions inherited from Cutelyst::Component
 Component (ComponentPrivate *d, QObject *parent=nullptr)
 
virtual bool afterExecute (Context *c)
 
void applyRoles (const QStack< Component * > &roles)
 
virtual bool beforeExecute (Context *c)
 
virtual bool doExecute (Context *c)
 
- Protected Member Functions inherited from QObject
virtual void childEvent (QChildEvent *event)
 
virtual void connectNotify (const QMetaMethod &signal)
 
virtual void customEvent (QEvent *event)
 
virtual void disconnectNotify (const QMetaMethod &signal)
 
bool isSignalConnected (const QMetaMethod &signal) const const
 
int receivers (const char *signal) const const
 
QObjectsender () const const
 
int senderSignalIndex () const const
 
virtual void timerEvent (QTimerEvent *event)
 

Additional Inherited Members

- Public Types inherited from Cutelyst::Component
enum  Modifier {
  None , OnlyExecute , BeforeExecute , AroundExecute ,
  AfterExecute
}
 
- Static Public Member Functions inherited from QObject
QMetaObject::Connection connect (const QObject *sender, const char *signal, const QObject *receiver, const char *method, Qt::ConnectionType type)
 
QMetaObject::Connection connect (const QObject *sender, const QMetaMethod &signal, const QObject *receiver, const QMetaMethod &method, Qt::ConnectionType type)
 
QMetaObject::Connection connect (const QObject *sender, PointerToMemberFunction signal, const QObject *context, Functor functor, Qt::ConnectionType type)
 
QMetaObject::Connection connect (const QObject *sender, PointerToMemberFunction signal, const QObject *receiver, PointerToMemberFunction method, Qt::ConnectionType type)
 
QMetaObject::Connection connect (const QObject *sender, PointerToMemberFunction signal, Functor functor)
 
bool disconnect (const QMetaObject::Connection &connection)
 
bool disconnect (const QObject *sender, const char *signal, const QObject *receiver, const char *method)
 
bool disconnect (const QObject *sender, const QMetaMethod &signal, const QObject *receiver, const QMetaMethod &method)
 
bool disconnect (const QObject *sender, PointerToMemberFunction signal, const QObject *receiver, PointerToMemberFunction method)
 
QString tr (const char *sourceText, const char *disambiguation, int n)
 
- Public Attributes inherited from QObject
typedef QObjectList
 
- Properties inherited from QObject
 objectName
 

Detailed Description

Provides a reusable action role for user role-based authorization. ACLs are applied via the assignment of attributes to application action subroutines.

class Foo : public Cutelyst::Controller
{
public:
C_ATTR(foo,
:Local
:Does(RoleACL)
:RequiresRole(admin)
:ACLDetachTo(denied))
void foo(Context *c);
C_ATTR(denied, :Local :Private :AutoArgs :ActionClass(RenderView))
void denied(Context *c);
};
Cutelyst Controller base class.
Definition: controller.h:56
RoleACL(QObject *parent=nullptr)
Definition: roleacl.cpp:123
Q_OBJECTQ_OBJECT

Required Attributes

Failure to include the following required attributes will result in a fatal error when the RoleACL action's constructor is called.

ACLDetachTo

The name of an action to which the request should be detached if it is determined that ACLs are not satisfied for this user and the resource he is attempting to access.

RequiresRole and AllowedRole

The action must include at least one of these attributes, otherwise the Role::ACL constructor will have a fatal error.

Processing of ACLs

One or more roles may be associated with an action.

User roles are fetched via the invocation of the AuthenticationUser object’s "roles" QStringList value.

Roles specified with the RequiresRole attribute are checked before roles specified with the AllowedRole attribute.

The mandatory ACLDetachTo attribute specifies the name of the action to which execution will detach on access violation.

ACLs may be applied to chained actions so that different roles are required or allowed for each link in the chain (or no roles at all).

ACLDetachTo allows us to short-circuit traversal of an action chain as soon as access is denied to one of the actions in the chain by its ACL.

Examples

// this is an invalid action
C_ATTR(broken,
:Local
:Does(RoleACL))
void broken(Context *c);

This action will cause a fatal error because it’s missing the ACLDetachTo attribute and has neither a RequiresRole nor an AllowedRole attribute. A RoleACL action must include at least one RequiresRole or AllowedRole attribute.

C_ATTR(foo,
:Local
:Does(RoleACL)
:RequiresRole(admin)
:ACLDetachTo(denied))
void foo(Context *c);

This action may only be executed by users with the 'admin' role.

C_ATTR(bar,
:Local
:Does(RoleACL)
:RequiresRole(admin)
:AllowedRole(editor)
:AllowedRole(writer)
:ACLDetachTo(denied))
void bar(Context *c);

This action requires that the user has the 'admin' role and either the 'editor' or 'writer' role (or both).

C_ATTR(easy,
:Local
:Does(RoleACL)
:AllowedRole(admin)
:AllowedRole(user)
:ACLDetachTo(denied))
void easy(Context *c);

Any user with either the 'admin' or 'user' role may execute this action.

Definition at line 17 of file roleacl.h.

Constructor & Destructor Documentation

◆ RoleACL()

RoleACL::RoleACL ( QObject parent = nullptr)
explicit

Constructs a new RoleACL object with the given parent.

Definition at line 123 of file roleacl.cpp.

Member Function Documentation

◆ aroundExecute()

bool RoleACL::aroundExecute ( Context c,
QStack< Component * >  stack 
)
overridevirtual

Reimplement this if you want to do processing around doExecute(), you must call doExecute() yourself then.

Reimplemented from Cutelyst::Component.

Definition at line 167 of file roleacl.cpp.

References Cutelyst::Component::aroundExecute(), canVisit(), and Cutelyst::Context::detach().

◆ canVisit()

bool RoleACL::canVisit ( Context c) const

Returns true if the action can be visited by the context c.

Definition at line 180 of file roleacl.cpp.

References QStringList::contains(), QList::isEmpty(), QVariant::toStringList(), Cutelyst::Authentication::user(), and Cutelyst::AuthenticationUser::value().

Referenced by aroundExecute().

◆ dispatcherReady()

bool RoleACL::dispatcherReady ( const Dispatcher dispatch,
Cutelyst::Controller controller 
)
overrideprotectedvirtual

Called by dispatcher once it’s done preparing actions.

Subclasses might want to implement this to cache special actions, such as special methods for REST actions.

Reimplemented from Cutelyst::Component.

Definition at line 220 of file roleacl.cpp.

References Cutelyst::Controller::actionFor(), and Cutelyst::Dispatcher::getActionByPath().

◆ init()

bool RoleACL::init ( Cutelyst::Application application,
const QVariantHash &  args 
)
overridevirtual

A Does class is always attached to an action, if this method returns false, the application will fail to start. Often useful if the user misconfigured the settings.

Reimplemented from Cutelyst::Component.

Definition at line 133 of file roleacl.cpp.

References QList::append(), and QMultiMap::value().

◆ modifiers()

Component::Modifiers RoleACL::modifiers ( ) const
overridevirtual

Always returns Component::Modifiers::AroundExecute.

Reimplemented from Cutelyst::Component.

Definition at line 128 of file roleacl.cpp.