Use `flagenumclass.h` for auth flags
This commit is contained in:
parent
aece080986
commit
662c924321
|
|
@ -80,7 +80,7 @@ set(LINK_TESTS_AGAINST_APP_TARGET ON)
|
|||
set(CONFIGURATION_PACKAGE_SUFFIX
|
||||
""
|
||||
CACHE STRING "sets the suffix for find_package() calls to packages configured via c++utilities")
|
||||
find_package(c++utilities${CONFIGURATION_PACKAGE_SUFFIX} 5.11.0 REQUIRED)
|
||||
find_package(c++utilities${CONFIGURATION_PACKAGE_SUFFIX} 5.18.0 REQUIRED)
|
||||
use_cpp_utilities(VISIBILITY PUBLIC)
|
||||
|
||||
# find passwordfile
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
#ifndef LIBREPOMGR_AUTHENTICATION_H
|
||||
#define LIBREPOMGR_AUTHENTICATION_H
|
||||
|
||||
#include <c++utilities/misc/flagenumclass.h>
|
||||
|
||||
#include <cstdint>
|
||||
#include <string>
|
||||
|
||||
|
|
@ -23,11 +25,11 @@ struct UserAuth {
|
|||
UserPermissions permissions = UserPermissions::DefaultPermissions;
|
||||
};
|
||||
|
||||
constexpr UserPermissions operator|(UserPermissions lhs, UserPermissions rhs)
|
||||
{
|
||||
return static_cast<UserPermissions>(
|
||||
static_cast<std::underlying_type_t<UserPermissions>>(lhs) | static_cast<std::underlying_type_t<UserPermissions>>(rhs));
|
||||
}
|
||||
} // namespace LibRepoMgr
|
||||
|
||||
CPP_UTILITIES_MARK_FLAG_ENUM_CLASS(LibPkg, LibRepoMgr::UserPermissions)
|
||||
|
||||
namespace LibRepoMgr {
|
||||
|
||||
struct UserInfo {
|
||||
std::string passwordSha512;
|
||||
|
|
|
|||
|
|
@ -88,22 +88,19 @@ void Session::received(boost::system::error_code ec, size_t bytesTransferred)
|
|||
return;
|
||||
}
|
||||
const auto userAuth = m_setup.auth.authenticate(std::string_view(authInfo->value().data(), authInfo->value().size()));
|
||||
using PermissionFlags = std::underlying_type_t<UserPermissions>;
|
||||
if (static_cast<PermissionFlags>(userAuth.permissions) & static_cast<PermissionFlags>(UserPermissions::TryAgain)) {
|
||||
if (userAuth.permissions & UserPermissions::TryAgain) {
|
||||
// send the 401 response again if credentials are 'try again' to show the password prompt for the XMLHttpRequest again
|
||||
// note: This is kind of a hack. Maybe there's a better solution to make XMLHttpRequest forget wrongly entered credentials
|
||||
// and instead show the login prompt again?
|
||||
respond(Render::makeAuthRequired(request));
|
||||
return;
|
||||
}
|
||||
if ((static_cast<PermissionFlags>(requiredPermissions) & static_cast<PermissionFlags>(userAuth.permissions))
|
||||
!= static_cast<PermissionFlags>(requiredPermissions)) {
|
||||
if (!checkFlagEnum(userAuth.permissions, requiredPermissions)) {
|
||||
respond(Render::makeForbidden(request));
|
||||
return;
|
||||
}
|
||||
// prepare file with secrets for user
|
||||
if (!userAuth.name.empty() && !userAuth.password.empty()
|
||||
&& (static_cast<PermissionFlags>(requiredPermissions) & static_cast<PermissionFlags>(UserPermissions::AccessSecrets))) {
|
||||
if (!userAuth.name.empty() && !userAuth.password.empty() && (requiredPermissions & UserPermissions::AccessSecrets)) {
|
||||
try {
|
||||
if (m_secrets) {
|
||||
m_secrets->clear();
|
||||
|
|
|
|||
Loading…
Reference in New Issue