Use `flagenumclass.h` for auth flags
This commit is contained in:
parent
aece080986
commit
662c924321
|
@ -80,7 +80,7 @@ set(LINK_TESTS_AGAINST_APP_TARGET ON)
|
||||||
set(CONFIGURATION_PACKAGE_SUFFIX
|
set(CONFIGURATION_PACKAGE_SUFFIX
|
||||||
""
|
""
|
||||||
CACHE STRING "sets the suffix for find_package() calls to packages configured via c++utilities")
|
CACHE STRING "sets the suffix for find_package() calls to packages configured via c++utilities")
|
||||||
find_package(c++utilities${CONFIGURATION_PACKAGE_SUFFIX} 5.11.0 REQUIRED)
|
find_package(c++utilities${CONFIGURATION_PACKAGE_SUFFIX} 5.18.0 REQUIRED)
|
||||||
use_cpp_utilities(VISIBILITY PUBLIC)
|
use_cpp_utilities(VISIBILITY PUBLIC)
|
||||||
|
|
||||||
# find passwordfile
|
# find passwordfile
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
#ifndef LIBREPOMGR_AUTHENTICATION_H
|
#ifndef LIBREPOMGR_AUTHENTICATION_H
|
||||||
#define LIBREPOMGR_AUTHENTICATION_H
|
#define LIBREPOMGR_AUTHENTICATION_H
|
||||||
|
|
||||||
|
#include <c++utilities/misc/flagenumclass.h>
|
||||||
|
|
||||||
#include <cstdint>
|
#include <cstdint>
|
||||||
#include <string>
|
#include <string>
|
||||||
|
|
||||||
|
@ -23,11 +25,11 @@ struct UserAuth {
|
||||||
UserPermissions permissions = UserPermissions::DefaultPermissions;
|
UserPermissions permissions = UserPermissions::DefaultPermissions;
|
||||||
};
|
};
|
||||||
|
|
||||||
constexpr UserPermissions operator|(UserPermissions lhs, UserPermissions rhs)
|
} // namespace LibRepoMgr
|
||||||
{
|
|
||||||
return static_cast<UserPermissions>(
|
CPP_UTILITIES_MARK_FLAG_ENUM_CLASS(LibPkg, LibRepoMgr::UserPermissions)
|
||||||
static_cast<std::underlying_type_t<UserPermissions>>(lhs) | static_cast<std::underlying_type_t<UserPermissions>>(rhs));
|
|
||||||
}
|
namespace LibRepoMgr {
|
||||||
|
|
||||||
struct UserInfo {
|
struct UserInfo {
|
||||||
std::string passwordSha512;
|
std::string passwordSha512;
|
||||||
|
|
|
@ -88,22 +88,19 @@ void Session::received(boost::system::error_code ec, size_t bytesTransferred)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
const auto userAuth = m_setup.auth.authenticate(std::string_view(authInfo->value().data(), authInfo->value().size()));
|
const auto userAuth = m_setup.auth.authenticate(std::string_view(authInfo->value().data(), authInfo->value().size()));
|
||||||
using PermissionFlags = std::underlying_type_t<UserPermissions>;
|
if (userAuth.permissions & UserPermissions::TryAgain) {
|
||||||
if (static_cast<PermissionFlags>(userAuth.permissions) & static_cast<PermissionFlags>(UserPermissions::TryAgain)) {
|
|
||||||
// send the 401 response again if credentials are 'try again' to show the password prompt for the XMLHttpRequest again
|
// send the 401 response again if credentials are 'try again' to show the password prompt for the XMLHttpRequest again
|
||||||
// note: This is kind of a hack. Maybe there's a better solution to make XMLHttpRequest forget wrongly entered credentials
|
// note: This is kind of a hack. Maybe there's a better solution to make XMLHttpRequest forget wrongly entered credentials
|
||||||
// and instead show the login prompt again?
|
// and instead show the login prompt again?
|
||||||
respond(Render::makeAuthRequired(request));
|
respond(Render::makeAuthRequired(request));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if ((static_cast<PermissionFlags>(requiredPermissions) & static_cast<PermissionFlags>(userAuth.permissions))
|
if (!checkFlagEnum(userAuth.permissions, requiredPermissions)) {
|
||||||
!= static_cast<PermissionFlags>(requiredPermissions)) {
|
|
||||||
respond(Render::makeForbidden(request));
|
respond(Render::makeForbidden(request));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
// prepare file with secrets for user
|
// prepare file with secrets for user
|
||||||
if (!userAuth.name.empty() && !userAuth.password.empty()
|
if (!userAuth.name.empty() && !userAuth.password.empty() && (requiredPermissions & UserPermissions::AccessSecrets)) {
|
||||||
&& (static_cast<PermissionFlags>(requiredPermissions) & static_cast<PermissionFlags>(UserPermissions::AccessSecrets))) {
|
|
||||||
try {
|
try {
|
||||||
if (m_secrets) {
|
if (m_secrets) {
|
||||||
m_secrets->clear();
|
m_secrets->clear();
|
||||||
|
|
Loading…
Reference in New Issue