::xotcl::Class ::xo::Policy

Methods: All Methods Documented Methods Hide Methods
Source: Display Source Hide Source
Variables: Show Variables Hide Variables

Class ::xo::Policy

::xo::Policy

create ...

Class Relations

class: ::xotcl::Class
superclass: ::xotcl::Object
subclass: ::xowiki::Policy

::xotcl::Class create ::xo::Policy \
     -superclass ::xotcl::Object

Methods (to be applied on instances)

check_permissions (scripted, public)

 <instance of xo::Policy> check_permissions [ -user_id user_id ] \
    [ -package_id package_id ] [ -link link ] object method

This method checks whether the current or specified user is allowed to invoke a method based on the given policy. This method is purely checking and does not force logins or other side effects. It can be safely used for example to check whether links should be shown or not.

Switches:

-user_id
(optional)
-package_id
(optional)
-link
(optional)

Parameters:
object
method

Returns:
0 or 1

See Also:

enforce_permissions

Partial Call Graph (max 5 caller/called nodes):

Testcases:
xowiki_test_cases

if {![info exists user_id]} {
  set user_id [::xo::cc user_id]
}
if {![info exists package_id]} {
  set package_id [::xo::cc package_id]
}
#:msg [info exists package_id]=>$package_id-[info exists :logical_package_id]
set ctx "::xo::cc"
if {$link ne ""} {
  #
  # Extract the query parameter from the link
  #
  set questionMarkPos [string first ? $link]
  if {$questionMarkPos > -1} {
    set query [string range $link $questionMarkPos+1 end]
  } else {
    set query ""
  }
  set ctx [::xo::Context new -destroy_on_cleanup -actual_query $query]
  $ctx process_query_parameter
}

set allowed 0
set permission [:get_permission $object $method]
#:log "--permission for o=$object, m=$method => $permission"

#:log "--     user_id=$user_id uid=[::xo::cc user_id] untrusted=[::xo::cc set untrusted_user_id]"
if {$permission ne ""} {
  lassign [:get_privilege -query_context $ctx $permission $object $method] kind p
  #:msg "--privilege = $p kind = $kind"
  switch -- $kind {
    primitive {
      set allowed [:check_privilege -login false  -package_id $package_id -user_id $user_id  $p $object $method]
    }
    complex {
      lassign $p attribute privilege
      set id [$object set $attribute]
      set allowed [::xo::cc permission -object_id $id -privilege $privilege -party_id $user_id]
    }
  }
}
#:log "--p check_permissions {$object $method} : $permission ==> $allowed"
return $allowed

enforce_permissions (scripted, public)

 <instance of xo::Policy> enforce_permissions \
    [ -user_id user_id ] [ -package_id package_id ] object method

This method checks whether the current user is allowed or not to invoke a method based on the given policy and forces logins if required.

Switches:

-user_id
(optional)
-package_id
(optional)

Parameters:
object
method

Returns:
0 or 1

See Also:

check_permissions

Partial Call Graph (max 5 caller/called nodes):

Testcases:
xowiki_test_cases

if {![info exists user_id]} {set user_id [::xo::cc user_id]}
if {![info exists package_id]} {set package_id [::xo::cc package_id]}

set allowed 0
set permission [:get_permission $object $method]
if {$permission ne ""} {
  lassign [:get_privilege $permission $object $method] kind p
  switch -- $kind {
    primitive {
      set allowed [:check_privilege  -user_id $user_id -package_id $package_id  $p $object $method]
      set privilege $p
    }
    complex {
      lassign $p attribute privilege
      set id [$object set $attribute]
      set allowed [::xo::cc permission -object_id $id  -privilege $privilege  -party_id $user_id]
    }
  }
}

#:log "--p enforce_permissions {$object $method} : $permission ==> $allowed"

if {!$allowed} {
  #
  # In case the request does not come from a connected client
  # (e.g. via some magic way via background processing) then
  # just abort in the call (raising an exception).
  #
  if {[ns_conn isconnected]} {
    set untrusted_user_id [::xo::cc set untrusted_user_id]
    if {$permission eq ""} {
      ns_log notice "enforce_permissions: no permission for $object->$method defined"
    } elseif {$user_id == 0 && $untrusted_user_id} {
      ns_log notice "enforce_permissions: force login, user_id=0 and untrusted_id=$untrusted_user_id"
      auth::require_login
    } else {
      ns_log notice "enforce_permissions: $user_id doesn't have $privilege on $object"
    }

    ad_return_forbidden [_ xotcl-core.permission_denied]  [_ xotcl-core.policy-error-insufficient_permissions]
  } else {
    ns_log warning "enforce_permissions: $user_id has no right to $method on $object in background operation"
  }
  ad_script_abort
}

return $allowed

Methods: All Methods Documented Methods Hide Methods
Source: Display Source Hide Source
Variables: Show Variables Hide Variables