frodovdr/hyperion.ng
1
0
Fork 0
mirror of https://github.com/hyperion-project/hyperion.ng.git synced 2025-03-01 10:33:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: API split (#721)

Browse Source 
* refactor: API split

* refactor: cleanup hyperiond
This commit is contained in:
brindosch
2020-03-26 17:59:41 +01:00
committed by GitHub
parent c6c6453267
commit 2739aec1e3
23 changed files with 2044 additions and 1128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
include/hyperion/AuthManager.h
View File

@@ -20,13 +20,14 @@ class AuthManager : public QObject
private:
friend class HyperionDaemon;
/// constructor is private, can be called from HyperionDaemon
AuthManager(QObject* parent = 0);
AuthManager(QObject *parent = 0);
public:
struct AuthDefinition{
struct AuthDefinition
{
QString id;
QString comment;
QObject* caller;
QObject *caller;
uint64_t timeoutTime;
QString token;
QString lastUse;
@@ -36,43 +37,25 @@ public:
/// @brief Get the unique id (imported from removed class 'Stats')
/// @return The unique id
///
const QString & getID() { return _uuid; };
///
/// @brief Get all available token entries
///
const QVector<AuthDefinition> getTokenList();
const QString &getID() { return _uuid; };
///
/// @brief Check authorization is required according to the user setting
/// @return True if authorization required else false
///
const bool & isAuthRequired() { return _authRequired; };
const bool &isAuthRequired() { return _authRequired; };
///
/// @brief Check if authorization is required for local network connections
/// @return True if authorization required else false
///
const bool & isLocalAuthRequired() { return _localAuthRequired; };
const bool &isLocalAuthRequired() { return _localAuthRequired; };
///
/// @brief Check if authorization is required for local network connections for admin access
/// @return True if authorization required else false
///
const bool & isLocalAdminAuthRequired() { return _localAdminAuthRequired; };
///
/// @brief Check if Hyperion user has default password
/// @return True if so, else false
///
const bool hasHyperionDefaultPw() { return isUserAuthorized("Hyperion","hyperion"); };
///
/// @brief Get the current valid token for user. Make sure this call is allowed!
/// @param For the defined user
/// @return The token
///
const QString getUserToken(const QString & usr = "Hyperion");
const bool &isLocalAdminAuthRequired() { return _localAdminAuthRequired; };
///
/// @brief Reset Hyperion user
@@ -81,11 +64,23 @@ public:
bool resetHyperionUser();
///
/// @brief Create a new token and skip the usual chain
/// @param comment The comment that should be used for
/// @return The new Auth definition
/// @brief Check if user auth is temporary blocked due to failed attempts
/// @return True on blocked and no further Auth requests will be accepted
///
const AuthDefinition createToken(const QString& comment);
bool isUserAuthBlocked() { return (_userAuthAttempts.length() >= 10); };
///
/// @brief Check if token auth is temporary blocked due to failed attempts
/// @return True on blocked and no further Auth requests will be accepted
///
bool isTokenAuthBlocked() { return (_tokenAuthAttempts.length() >= 25); };
/// Pointer of this instance
static AuthManager *manager;
/// Get Pointer of this instance
static AuthManager *getInstance() { return manager; };
public slots:
///
/// @brief Check if user is authorized
@@ -93,14 +88,14 @@ public:
/// @param pw The password
/// @return True if authorized else false
///
bool isUserAuthorized(const QString& user, const QString& pw);
bool isUserAuthorized(const QString &user, const QString &pw);
///
/// @brief Check if token is authorized
/// @param token The token
/// @return True if authorized else false
///
bool isTokenAuthorized(const QString& token);
bool isTokenAuthorized(const QString &token);
///
/// @brief Check if token is authorized
@@ -108,19 +103,29 @@ public:
/// @param token The token
/// @return True if authorized else false
///
bool isUserTokenAuthorized(const QString& usr, const QString& token);
bool isUserTokenAuthorized(const QString &usr, const QString &token);
///
/// @brief Check if user auth is temporary blocked due to failed attempts
/// @return True on blocked and no further Auth requests will be accepted
/// @brief Create a new token and skip the usual chain
/// @param comment The comment that should be used for
/// @return The new Auth definition
///
bool isUserAuthBlocked(){ return (_userAuthAttempts.length() >= 10); };
AuthManager::AuthDefinition createToken(const QString &comment);
///
/// @brief Check if token auth is temporary blocked due to failed attempts
/// @return True on blocked and no further Auth requests will be accepted
/// @brief Rename a token by id
/// @param id The token id
/// @param comment The new comment
/// @return True on success else false (or not found)
///
bool isTokenAuthBlocked(){ return (_tokenAuthAttempts.length() >= 25); };
bool renameToken(const QString &id, const QString &comment);
///
/// @brief Delete a token by id
/// @param id The token id
/// @return True on success else false (or not found)
///
bool deleteToken(const QString &id);
///
/// @brief Change password of user
@@ -129,7 +134,7 @@ public:
/// @param newPw The new password
/// @return True on success else false
///
bool updateUserPassword(const QString& user, const QString& pw, const QString& newPw);
bool updateUserPassword(const QString &user, const QString &pw, const QString &newPw);
///
/// @brief Generate a new pending token request with the provided comment and id as identifier helper
@@ -137,55 +142,55 @@ public:
/// @param comment The comment as ident helper
/// @param id The id created by the caller
///
void setNewTokenRequest(QObject* caller, const QString& comment, const QString& id);
void setNewTokenRequest(QObject *caller, const QString &comment, const QString &id);
///
/// @brief Accept a token request by id, generate token and inform token caller
/// @param id The id of the request
/// @return True on success, false if not found
/// @brief Cancel a pending token request with the provided comment and id as identifier helper
/// @param caller The QObject of the caller to deliver the reply
/// @param comment The comment as ident helper
/// @param id The id created by the caller
///
bool acceptTokenRequest(const QString& id);
void cancelNewTokenRequest(QObject *caller, const QString &comment, const QString &id);
///
/// @brief Deny a token request by id, inform the requester
/// @brief Handle a token request by id, generate token and inform token caller or deny
/// @param id The id of the request
/// @return True on success, false if not found
/// @param accept The accept or deny the request
///
bool denyTokenRequest(const QString& id);
void handlePendingTokenRequest(const QString &id, const bool &accept);
///
/// @brief Get pending requests
/// @return All pending requests
///
const QMap<QString, AuthDefinition> getPendingRequests();
QVector<AuthManager::AuthDefinition> getPendingRequests();
///
/// @brief Delete a token by id
/// @param id The token id
/// @return True on success else false (or not found)
/// @brief Get the current valid token for user. Make sure this call is allowed!
/// @param usr the defined user
/// @return The token
///
bool deleteToken(const QString& id);
const QString getUserToken(const QString &usr = "Hyperion");
/// Pointer of this instance
static AuthManager* manager;
/// Get Pointer of this instance
static AuthManager* getInstance() { return manager; };
///
/// @brief Get all available token entries
///
QVector<AuthManager::AuthDefinition> getTokenList();
public slots:
///
/// @brief Handle settings update from Hyperion Settingsmanager emit
/// @param type settings type from enum
/// @param config configuration object
///
void handleSettingsUpdate(const settings::type& type, const QJsonDocument& config);
void handleSettingsUpdate(const settings::type &type, const QJsonDocument &config);
signals:
///
/// @brief Emits whenever a new token Request has been created along with the id and comment
/// @param id The id of the request
/// @param comment The comment of the request
/// @param comment The comment of the request; If the comment is EMPTY, it's a revoke of the caller!
///
void newPendingTokenRequest(const QString& id, const QString& comment);
void newPendingTokenRequest(const QString &id, const QString &comment);
///
/// @brief Emits when the user has accepted or denied a token
@@ -195,26 +200,32 @@ signals:
/// @param comment The comment that was part of the request
/// @param id The id that was part of the request
///
void tokenResponse(const bool& success, QObject* caller, const QString& token, const QString& comment, const QString& id);
void tokenResponse(const bool &success, QObject *caller, const QString &token, const QString &comment, const QString &id);
///
/// @brief Emits whenever the token list changes
/// @param data The full list of tokens
///
void tokenChange(QVector<AuthManager::AuthDefinition>);
private:
///
/// @brief Increment counter for token/user auth
/// @param user If true we increment USER auth instead of token
///
void setAuthBlock(const bool& user = false);
void setAuthBlock(const bool &user = false);
/// Database interface for auth table
AuthTable* _authTable;
AuthTable *_authTable;
/// Database interface for meta table
MetaTable* _metaTable;
MetaTable *_metaTable;
/// Unique ID (imported from removed class 'Stats')
QString _uuid;
/// All pending requests
QMap<QString,AuthDefinition> _pendingRequests;
QMap<QString, AuthDefinition> _pendingRequests;
/// Reflect state of global auth
bool _authRequired;
@@ -226,10 +237,10 @@ private:
bool _localAdminAuthRequired;
/// Timer for counting against pendingRequest timeouts
QTimer* _timer;
QTimer *_timer;
// Timer which cleans up the block counter
QTimer* _authBlockTimer;
QTimer *_authBlockTimer;
// Contains timestamps of failed user login attempts
QVector<uint64_t> _userAuthAttempts;
@@ -247,4 +258,4 @@ private slots:
/// @brief Check if there are timeouts for failed login attempts
///
void checkAuthBlockTimeout();
};
};