Commit 75c6c69e authored by Hugo Roenick's avatar Hugo Roenick
Browse files

Commit final do item [OPENBUS-2481]: Permitir que operacoes de getEntityLogins...

Commit final do item [OPENBUS-2481]: Permitir que operacoes de getEntityLogins e invalidateLogin seja realizado pela mesma entidade cuja informacao deseja-se manipular


git-svn-id: https://subversion.tecgraf.puc-rio.br/engdist/openbus/core/branches/02_00_00@150698 ae0415b3-e90b-0410-900d-d0be9363c56b
parent 3264792b
......@@ -71,6 +71,8 @@ local ICredentialObserver = idl.types.access_control_service.ICredentialObserver
local msg = require "openbus.core.services.messages"
local Logins = require "openbus.core.services.LoginDB"
local coreutil = require "openbus.core.services.util"
local assertCaller = coreutil.assertCaller
local MaxEncryptedData = strrep("\255", EncryptedBlockSize-11)
......@@ -515,10 +517,8 @@ function LoginRegistry:__init(data)
self.subscriptionOf = {} -- for legacy support (OpenBus 1.5)
local access = self.access
local admins = data.admins
access:setGrantedUsers(self.__type, "getAllLogins", admins)
access:setGrantedUsers(self.__type, "getEntityLogins", admins)
access:setGrantedUsers(self.__type, "invalidateLogin", admins)
self.admins = data.admins
access:setGrantedUsers(self.__type, "getAllLogins", self.admins)
-- register itself to receive logout notifications
local logins = AccessControl.activeLogins
rawset(logins.publisher, self, self)
......@@ -580,6 +580,7 @@ function LoginRegistry:getAllLogins()
end
function LoginRegistry:getEntityLogins(entity)
assertCaller(self, entity)
local logins = {}
for id, login in AccessControl.activeLogins:iLogins() do
if login.entity == entity then
......@@ -592,8 +593,9 @@ end
function LoginRegistry:invalidateLogin(id)
local login = AccessControl.activeLogins:getLogin(id)
if login ~= nil then
local tag = assertCaller(self, login.entity)
login:remove()
log:admin(msg.LogoutForced:tag{
log[tag](log, msg.LogoutForced:tag{
login = id,
entity = login.entity,
})
......
......@@ -38,7 +38,6 @@ local BAD_PARAM = sysex.BAD_PARAM
local idl = require "openbus.core.idl"
local assert = idl.serviceAssertion
local ServiceFailure = idl.throw.services.ServiceFailure
local UnauthorizedOperation = idl.throw.services.UnauthorizedOperation
local offexp = idl.throw.services.offer_registry
local InvalidProperties = offexp.InvalidProperties
local InvalidService = offexp.InvalidService
......@@ -71,22 +70,12 @@ local AccessControl = require "openbus.core.services.AccessControl"
AccessControl = AccessControl.AccessControl
local PropertyIndex = require "openbus.core.services.PropertyIndex"
local coreutil = require "openbus.core.services.util"
local assertCaller = coreutil.assertCaller
local OfferRegistry -- forward declaration
local EntityRegistry -- forward declaration
local function assertCaller(self, owner)
local entity = self.access:getCallerChain().caller.entity
local logtag
if entity == owner then
logtag = "request"
elseif self.admins[entity] ~= nil then
logtag = "admin"
else
UnauthorizedOperation()
end
return logtag
end
local function ifaceId2Key(ifaceId)
local name, version = ifaceId:match("^IDL:(.-):(%d+%.%d+)$")
......
......@@ -59,17 +59,22 @@ return OpenBusFixture{
},
getEntityLogins = {
Unauthorized = {
params = { user },
params = { "fake" },
except = checks.like{_repid=srvtypes.UnauthorizedOperation},
},
},
invalidateLogin = {
Unauthorized = {
InvalidLogin = {
params = { FakeLoginId },
except = checks.like{_repid=srvtypes.UnauthorizedOperation},
result = { checks.equal(false)} ,
},
},
},
GetInfoOfEntityLogins = function (fixture, openbus)
local logins = fixture.logins
local login = openbus.context:getCurrentConnection().login
checks.assert(logins:getEntityLogins(user), checks.like({login}))
end,
GetInfoOfAllLogins = function (fixture)
local logins = fixture.logins
for id, login in pairs(fixture:getMyLogins()) do
......@@ -82,6 +87,30 @@ return OpenBusFixture{
checks.assert(logins:getLoginValidity(id), checks.greater(0))
end
end,
InvalidateLogin = function (fixture)
local conn = fixture:newConn("user")
local login = conn.login.id
local logins = fixture.logins
checks.assert(logins:invalidateLogin(login), checks.equal(true))
checks.assert(logins:getLoginValidity(login), checks.equal(0))
local ok, err = pcall(logins.getLoginInfo, logins, login)
checks.assert(ok, checks.equal(false))
checks.assert(err, checks.like{
_repid = logintypes.InvalidLogins,
loginIds = { login },
})
checks.assert(conn:logout(), checks.equal(false))
end,
InvalidateLoginUnauthorized = function (fixture)
local conn = fixture:newConn("system")
local login = conn.login.id
local logins = fixture.logins
local ok, err = pcall(logins.invalidateLogin, logins, login)
checks.assert(ok, checks.equal(false))
checks.assert(err, checks.like{
_repid = srvtypes.UnauthorizedOperation,
})
end,
InvalidObserverWatchingOtherLogin = function (fixture)
local logins = fixture.logins
local subscription = logins:subscribeObserver({})
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment