diff --git a/sources/plugins/emailnotify/QueuedEmailNotify.cpp b/sources/plugins/emailnotify/QueuedEmailNotify.cpp index 1c06505..138ab8e 100644 --- a/sources/plugins/emailnotify/QueuedEmailNotify.cpp +++ b/sources/plugins/emailnotify/QueuedEmailNotify.cpp @@ -39,6 +39,7 @@ void QueuedEmailNotify::init(const QVariantHash &_settings) void QueuedEmailNotify::setToken(const QString &_token) { m_token = _token; + m_helper->setToken(_token); } diff --git a/sources/plugins/emailnotify/QueuedEmailNotifyHelper.cpp b/sources/plugins/emailnotify/QueuedEmailNotifyHelper.cpp index 524e30c..5cd76aa 100644 --- a/sources/plugins/emailnotify/QueuedEmailNotifyHelper.cpp +++ b/sources/plugins/emailnotify/QueuedEmailNotifyHelper.cpp @@ -102,6 +102,12 @@ QString QueuedEmailNotifyHelper::server() const } +QString QueuedEmailNotifyHelper::token() const +{ + return m_token; +} + + QString QueuedEmailNotifyHelper::username() const { return m_username; @@ -156,6 +162,12 @@ void QueuedEmailNotifyHelper::setSslEnabled(const bool _sslEnabled) } +void QueuedEmailNotifyHelper::setToken(const QString &_token) +{ + m_token = _token; +} + + void QueuedEmailNotifyHelper::setUsername(const QString &_username) { qCDebug(LOG_PL) << "Set username" << _username; @@ -215,14 +227,14 @@ QString QueuedEmailNotifyHelper::getEmail(const long long _id) const { qCDebug(LOG_PL) << "Get email for task ID" << _id; - auto task = QueuedCoreAdaptor::getTask(_id, "user"); + auto task = QueuedCoreAdaptor::getTask(_id, "user", token()); if (task.type() != Result::Content::Value) { qCWarning(LOG_LIB) << "Could not get task information" << _id; return ""; } auto userId = task.get().toLongLong(); - auto user = QueuedCoreAdaptor::getUser(userId, "email"); + auto user = QueuedCoreAdaptor::getUser(userId, "email", token()); if (user.type() != Result::Content::Value) { qCWarning(LOG_LIB) << "Could not get user information" << userId; return ""; diff --git a/sources/plugins/emailnotify/QueuedEmailNotifyHelper.h b/sources/plugins/emailnotify/QueuedEmailNotifyHelper.h index a8d7163..48975cd 100644 --- a/sources/plugins/emailnotify/QueuedEmailNotifyHelper.h +++ b/sources/plugins/emailnotify/QueuedEmailNotifyHelper.h @@ -29,6 +29,7 @@ class QueuedEmailNotifyHelper : public QObject Q_PROPERTY(int port READ port WRITE setPort) Q_PROPERTY(QString server READ server WRITE setServer) Q_PROPERTY(bool ssl READ isSslEnabled WRITE setSslEnabled) + Q_PROPERTY(QString token READ token WRITE setToken) Q_PROPERTY(QString username READ username WRITE setUsername) public: @@ -50,6 +51,7 @@ public: QString password() const; int port() const; QString server() const; + QString token() const; QString username() const; void setFrom(const QString &_from); void setInsecureCurl(const bool _insecureCurl); @@ -57,6 +59,7 @@ public: void setPort(const int &_port); void setServer(const QString &_server); void setSslEnabled(const bool _sslEnabled); + void setToken(const QString &_token); void setUsername(const QString &_username); public slots: @@ -71,6 +74,7 @@ private: int m_port = 0; QString m_server; bool m_ssl = false; + QString m_token; QString m_username; }; diff --git a/sources/queued-server/src/QueuedTcpServerResponseHelperApi1.cpp b/sources/queued-server/src/QueuedTcpServerResponseHelperApi1.cpp index d9f2eca..c7c80b0 100644 --- a/sources/queued-server/src/QueuedTcpServerResponseHelperApi1.cpp +++ b/sources/queued-server/src/QueuedTcpServerResponseHelperApi1.cpp @@ -96,7 +96,7 @@ QVariantHash QueuedTcpServerResponseHelperApi1::getData( case QueuedTcpServerResponseHelper::RequestPath::Task: if (_type == "GET") output = QueuedTcpServerResponseHelperTask::getTask( - _arg.toLongLong(), _data); + _arg.toLongLong(), _data, _token); else if (_type == "POST") output = QueuedTcpServerResponseHelperTask::addOrEditTask( _arg.toLongLong(), _data, _token); @@ -114,7 +114,8 @@ QVariantHash QueuedTcpServerResponseHelperApi1::getData( break; case QueuedTcpServerResponseHelper::RequestPath::User: if (_type == "GET") - output = QueuedTcpServerResponseHelperUser::getUser(_arg, _data); + output = QueuedTcpServerResponseHelperUser::getUser(_arg, _data, + _token); else if (_type == "POST") output = QueuedTcpServerResponseHelperUser::addOrEditUser( _arg, _data, _token); diff --git a/sources/queued-server/src/QueuedTcpServerResponseHelperTask.cpp b/sources/queued-server/src/QueuedTcpServerResponseHelperTask.cpp index 135960c..4cfd855 100644 --- a/sources/queued-server/src/QueuedTcpServerResponseHelperTask.cpp +++ b/sources/queued-server/src/QueuedTcpServerResponseHelperTask.cpp @@ -85,9 +85,8 @@ QueuedTcpServerResponseHelperTask::getDefinitions(const QVariantHash &_data) } -QVariantHash -QueuedTcpServerResponseHelperTask::getTask(const long long _id, - const QVariantHash &_data) +QVariantHash QueuedTcpServerResponseHelperTask::getTask( + const long long _id, const QVariantHash &_data, const QString &_token) { qCDebug(LOG_SERV) << "Get task" << _id << _data; @@ -95,7 +94,7 @@ QueuedTcpServerResponseHelperTask::getTask(const long long _id, QVariantHash output = {{"code", 200}}; if (property.isEmpty()) { - auto res = QueuedCoreAdaptor::getTask(_id); + auto res = QueuedCoreAdaptor::getTask(_id, _token); res.match( [&output](const QVariantHash &val) { output["properties"] = val; }, [&output](const QueuedError &err) { @@ -152,7 +151,7 @@ QueuedTcpServerResponseHelperTask::startOrStopTask(const long long _id, { qCDebug(LOG_SERV) << "Change task state" << _id; - auto res = QueuedCoreAdaptor::getTask(_id); + auto res = QueuedCoreAdaptor::getTask(_id, _token); QVariantHash output; res.match( diff --git a/sources/queued-server/src/QueuedTcpServerResponseHelperTask.h b/sources/queued-server/src/QueuedTcpServerResponseHelperTask.h index d496d3f..74fdd75 100644 --- a/sources/queued-server/src/QueuedTcpServerResponseHelperTask.h +++ b/sources/queued-server/src/QueuedTcpServerResponseHelperTask.h @@ -28,7 +28,8 @@ QVariantHash addOrEditTask(const long long _id, const QVariantHash &_data, const QString &_token); QueuedProcess::QueuedProcessDefinitions getDefinitions(const QVariantHash &_data); -QVariantHash getTask(const long long _id, const QVariantHash &_data); +QVariantHash getTask(const long long _id, const QVariantHash &_data, + const QString &_token); QVariantHash getTasks(const QVariantHash &_data, const QString &_token); QVariantHash startOrStopTask(const long long _id, const QString &_token); QVariantHash startTask(const long long _id, const QString &_token); diff --git a/sources/queued-server/src/QueuedTcpServerResponseHelperUser.cpp b/sources/queued-server/src/QueuedTcpServerResponseHelperUser.cpp index 9e057d9..2ed4b04 100644 --- a/sources/queued-server/src/QueuedTcpServerResponseHelperUser.cpp +++ b/sources/queued-server/src/QueuedTcpServerResponseHelperUser.cpp @@ -26,7 +26,7 @@ QVariantHash QueuedTcpServerResponseHelperUser::addOrEditUser( qCDebug(LOG_SERV) << "Add user" << _user << "with data" << _data; // try define if user exists first - auto userIdRes = QueuedCoreAdaptor::getUserId(_user); + auto userIdRes = QueuedCoreAdaptor::getUserId(_user, _token); long long userId = -1; userIdRes.match([&userId](const long long val) { userId = val; }, [&userId](const QueuedError &) {}); @@ -116,13 +116,12 @@ QueuedTcpServerResponseHelperUser::getReport(const QVariantHash &_data, } -QVariantHash -QueuedTcpServerResponseHelperUser::getUser(const QString &_user, - const QVariantHash &_data) +QVariantHash QueuedTcpServerResponseHelperUser::getUser( + const QString &_user, const QVariantHash &_data, const QString &_token) { qCDebug(LOG_SERV) << "Get user data for" << _user << _data; - auto userIdRes = QueuedCoreAdaptor::getUserId(_user); + auto userIdRes = QueuedCoreAdaptor::getUserId(_user, _token); long long userId = -1; userIdRes.match([&userId](const long long val) { userId = val; }, [](const QueuedError &) {}); @@ -133,7 +132,7 @@ QueuedTcpServerResponseHelperUser::getUser(const QString &_user, QVariantHash output = {{"code", 200}}; if (property.isEmpty()) { - auto res = QueuedCoreAdaptor::getUser(userId); + auto res = QueuedCoreAdaptor::getUser(userId, _token); res.match( [&output](const QVariantHash &val) { output["properties"] = val; }, [&output](const QueuedError &err) { diff --git a/sources/queued-server/src/QueuedTcpServerResponseHelperUser.h b/sources/queued-server/src/QueuedTcpServerResponseHelperUser.h index 4895f5d..89c7496 100644 --- a/sources/queued-server/src/QueuedTcpServerResponseHelperUser.h +++ b/sources/queued-server/src/QueuedTcpServerResponseHelperUser.h @@ -28,7 +28,8 @@ QVariantHash addOrEditUser(const QString &_user, const QVariantHash &_data, const QString &_token); QueuedUser::QueuedUserDefinitions getDefinitions(const QVariantHash &_data); QVariantHash getReport(const QVariantHash &_data, const QString &_token); -QVariantHash getUser(const QString &_user, const QVariantHash &_data); +QVariantHash getUser(const QString &_user, const QVariantHash &_data, + const QString &_token); QVariantHash getUsers(const QVariantHash &_data, const QString &_token); }; diff --git a/sources/queued/include/queued/QueuedCore.h b/sources/queued/include/queued/QueuedCore.h index 166b9e2..ba9d0af 100644 --- a/sources/queued/include/queued/QueuedCore.h +++ b/sources/queued/include/queued/QueuedCore.h @@ -253,9 +253,11 @@ public: * @brief get task by ID * @param _id * task ID + * @param _token + * user auth token * @return task object or nullptr if no task found */ - const QueuedProcess *task(const long long _id) const; + const QueuedProcess *task(const long long _id, const QString &_token) const; /** * list of tasks which match criteria * @param _user @@ -276,16 +278,20 @@ public: * @brief get user by ID * @param _id * user ID + * @param _token + * user auth token * @return user object or nullptr if no user found */ - const QueuedUser *user(const long long _id) const; + const QueuedUser *user(const long long _id, const QString &_token) const; /** * @brief get user by name * @param _name * user name + * @param _token + * user auth token * @return user object or nullptr if no user found */ - const QueuedUser *user(const QString &_name) const; + const QueuedUser *user(const QString &_name, const QString &_token) const; /** * list of users which match criteria * @param _lastLogged diff --git a/sources/queued/include/queued/QueuedCoreAdaptor.h b/sources/queued/include/queued/QueuedCoreAdaptor.h index e3ed568..9e342cc 100644 --- a/sources/queued/include/queued/QueuedCoreAdaptor.h +++ b/sources/queued/include/queued/QueuedCoreAdaptor.h @@ -232,18 +232,23 @@ QueuedResult getStatus(); * @brief get all task properties * @param _id * task ID + * @param _token + * user auth token * @return task properties */ -QueuedResult getTask(const long long _id); +QueuedResult getTask(const long long _id, const QString &_token); /** * @brief get task property * @param _id * task id * @param _property * task property name + * @param _token + * user auth token * @return task property value */ -QueuedResult getTask(const long long _id, const QString &_property); +QueuedResult getTask(const long long _id, const QString &_property, + const QString &_token); /** * @brief get tasks list * @param _user @@ -264,26 +269,33 @@ QueuedResult> getTasks(const long long _user, * @brief get user properties * @param _id * user id + * @param _token + * user auth token * @return user properties */ -QueuedResult getUser(const long long _id); +QueuedResult getUser(const long long _id, const QString &_token); /** * @brief get user property * @param _id * user id * @param _property * user property name + * @param _token + * user auth token * @return user property value */ -QueuedResult getUser(const long long _id, const QString &_property); +QueuedResult getUser(const long long _id, const QString &_property, + const QString &_token); /** * @brief get user ID * @param _name * user name + * @param _token + * user auth token * @return user ID or {0, -1} if no user found. If _name is numeric value it * returns converted one */ -QueuedResult getUserId(const QString &_name); +QueuedResult getUserId(const QString &_name, const QString &_token); /** * @brief get users list * @param _lastLogged diff --git a/sources/queued/include/queued/QueuedPropertyInterface.h b/sources/queued/include/queued/QueuedPropertyInterface.h index 70e9cb2..7461cc2 100644 --- a/sources/queued/include/queued/QueuedPropertyInterface.h +++ b/sources/queued/include/queued/QueuedPropertyInterface.h @@ -68,27 +68,35 @@ public slots: * task ID * @param property * property name + * @param token + * user auth token * @remark if property is empty it return map of all properties * @return property value or empty if task or property not found */ - QDBusVariant Task(const long long id, const QString &property); + QDBusVariant Task(const long long id, const QString &property, + const QString &token); /** * @brief get user property * @param id * user ID * @param property * property name + * @param token + * user auth token * @remark if property is empty it return map of all properties * @return property value or empty if user or property not found */ - QDBusVariant User(const long long id, const QString &property); + QDBusVariant User(const long long id, const QString &property, + const QString &token); /** * @brief get user ID by name * @param name * user name + * @param token + * user auth token * @return user ID or -1 if no user found */ - QDBusVariant UserIdByName(const QString &name); + QDBusVariant UserIdByName(const QString &name, const QString &token); private: /** diff --git a/sources/queued/include/queued/QueuedReportManager.h b/sources/queued/include/queued/QueuedReportManager.h index 6fde6c0..aac2f2a 100644 --- a/sources/queued/include/queued/QueuedReportManager.h +++ b/sources/queued/include/queued/QueuedReportManager.h @@ -47,8 +47,11 @@ public: * pointer to parent item * @param _database * pointer to database object + * @param _token + * user auth token */ - explicit QueuedReportManager(QObject *_parent, QueuedDatabase *_database); + explicit QueuedReportManager(QObject *_parent, QueuedDatabase *_database, + const QString &_token); /** * @brief QueuedReportManager class destructor */ @@ -96,6 +99,10 @@ private: * @brief pointer to database object */ QueuedDatabase *m_database = nullptr; + /** + * @brief object token + */ + QString m_token; }; diff --git a/sources/queued/include/queued/private/QueuedCorePrivate.h b/sources/queued/include/queued/private/QueuedCorePrivate.h index 9512efb..83744c9 100644 --- a/sources/queued/include/queued/private/QueuedCorePrivate.h +++ b/sources/queued/include/queued/private/QueuedCorePrivate.h @@ -262,9 +262,11 @@ public: * @brief get task by ID * @param _id * task ID + * @param _token + * user auth token * @return task object or nullptr if no task found */ - const QueuedProcess *task(const long long _id) const; + const QueuedProcess *task(const long long _id, const QString &_token) const; /** * list of tasks which match criteria * @param _user @@ -285,16 +287,20 @@ public: * @brief get user by ID * @param _id * user ID + * @param _token + * user auth token * @return user object or nullptr if no user found */ - const QueuedUser *user(const long long _id) const; + const QueuedUser *user(const long long _id, const QString &_token) const; /** * @brief get user by name * @param _name * user name + * @param _token + * user auth token * @return user object or nullptr if no user found */ - const QueuedUser *user(const QString &_name) const; + const QueuedUser *user(const QString &_name, const QString &_token) const; /** * list of users which match criteria * @param _lastLogged @@ -356,6 +362,10 @@ private slots: void updateUserLoginTime(const long long _id, const QDateTime &_time); private: + /** + * @brief admin token for internal services + */ + QString m_adminToken; /** * @brief private helper pointer */ @@ -406,6 +416,10 @@ private: * @brief init processes */ void initProcesses(); + /** + * @brief init reports + */ + void initReports(); /** * @brief init settings and database * @param _configuration diff --git a/sources/queued/src/QueuedCore.cpp b/sources/queued/src/QueuedCore.cpp index 26ee9ae..fec3031 100644 --- a/sources/queued/src/QueuedCore.cpp +++ b/sources/queued/src/QueuedCore.cpp @@ -258,11 +258,12 @@ QueuedResult QueuedCore::stopTask(const long long _id, /** * @fn task */ -const QueuedProcess *QueuedCore::task(const long long _id) const +const QueuedProcess *QueuedCore::task(const long long _id, + const QString &_token) const { qCDebug(LOG_LIB) << "Get task by ID" << _id; - return m_impl->task(_id); + return m_impl->task(_id, _token); } @@ -282,22 +283,24 @@ QueuedCore::taskReport(const long long _user, const QDateTime &_from, /** * @fn user */ -const QueuedUser *QueuedCore::user(const long long _id) const +const QueuedUser *QueuedCore::user(const long long _id, + const QString &_token) const { qCDebug(LOG_LIB) << "Get user by ID" << _id; - return m_impl->user(_id); + return m_impl->user(_id, _token); } /** * @fn user */ -const QueuedUser *QueuedCore::user(const QString &_name) const +const QueuedUser *QueuedCore::user(const QString &_name, + const QString &_token) const { qCDebug(LOG_LIB) << "Get user by name" << _name; - return m_impl->user(_name); + return m_impl->user(_name, _token); } diff --git a/sources/queued/src/QueuedCoreAdaptor.cpp b/sources/queued/src/QueuedCoreAdaptor.cpp index 983d1c4..726b3bd 100644 --- a/sources/queued/src/QueuedCoreAdaptor.cpp +++ b/sources/queued/src/QueuedCoreAdaptor.cpp @@ -346,11 +346,12 @@ QueuedResult QueuedCoreAdaptor::getStatus() /** * @fn getTask */ -QueuedResult QueuedCoreAdaptor::getTask(const long long _id) +QueuedResult QueuedCoreAdaptor::getTask(const long long _id, + const QString &_token) { qCDebug(LOG_DBUS) << "Get task properties" << _id; - auto res = getTask(_id, ""); + auto res = getTask(_id, "", _token); QueuedResult output; res.match( @@ -367,11 +368,12 @@ QueuedResult QueuedCoreAdaptor::getTask(const long long _id) * @fn getTask */ QueuedResult QueuedCoreAdaptor::getTask(const long long _id, - const QString &_property) + const QString &_property, + const QString &_token) { qCDebug(LOG_DBUS) << "Get task property" << _id << _property; - QVariantList args = {_id, _property}; + QVariantList args = {_id, _property, _token}; return sendRequest(QueuedConfig::DBUS_SERVICE, QueuedConfig::DBUS_PROPERTY_PATH, QueuedConfig::DBUS_SERVICE, "Task", args); @@ -398,11 +400,12 @@ QueuedCoreAdaptor::getTasks(const long long _user, const QDateTime &_from, /** * @fn getUser */ -QueuedResult QueuedCoreAdaptor::getUser(const long long _id) +QueuedResult QueuedCoreAdaptor::getUser(const long long _id, + const QString &_token) { qCDebug(LOG_DBUS) << "Get user property" << _id; - auto res = getUser(_id, ""); + auto res = getUser(_id, "", _token); QueuedResult output; res.match( @@ -419,11 +422,12 @@ QueuedResult QueuedCoreAdaptor::getUser(const long long _id) * @fn getUser */ QueuedResult QueuedCoreAdaptor::getUser(const long long _id, - const QString &_property) + const QString &_property, + const QString &_token) { qCDebug(LOG_DBUS) << "Get user property" << _id << _property; - QVariantList args = {_id, _property}; + QVariantList args = {_id, _property, _token}; return sendRequest(QueuedConfig::DBUS_SERVICE, QueuedConfig::DBUS_PROPERTY_PATH, QueuedConfig::DBUS_SERVICE, "User", args); @@ -433,7 +437,8 @@ QueuedResult QueuedCoreAdaptor::getUser(const long long _id, /** * @fn getUserId */ -QueuedResult QueuedCoreAdaptor::getUserId(const QString &_name) +QueuedResult QueuedCoreAdaptor::getUserId(const QString &_name, + const QString &_token) { qCDebug(LOG_DBUS) << "Get user ID for" << _name; @@ -442,7 +447,7 @@ QueuedResult QueuedCoreAdaptor::getUserId(const QString &_name) if (status) return stringToLong; - QVariantList args = {_name}; + QVariantList args = {_name, _token}; return sendRequest( QueuedConfig::DBUS_SERVICE, QueuedConfig::DBUS_PROPERTY_PATH, QueuedConfig::DBUS_SERVICE, "UserIdByName", args); diff --git a/sources/queued/src/QueuedCoreInterface.cpp b/sources/queued/src/QueuedCoreInterface.cpp index 7c527c0..06992ac 100644 --- a/sources/queued/src/QueuedCoreInterface.cpp +++ b/sources/queued/src/QueuedCoreInterface.cpp @@ -151,7 +151,7 @@ QDBusVariant QueuedCoreInterface::TaskEdit( << nice << uid << gid << cpu << gpu << memory << gpumemory << storage; - auto task = m_core->task(id); + auto task = m_core->task(id, token); if (!task) { qCWarning(LOG_DBUS) << "Could not find task" << id; return QueuedCoreAdaptor::toDBusVariant(QueuedResult( @@ -258,7 +258,7 @@ QueuedCoreInterface::UserEdit(const qlonglong id, const QString &name, << memory << gpumemory << storage; // get user object first to match limits - auto user = m_core->user(id); + auto user = m_core->user(id, token); if (!user) { qCWarning(LOG_DBUS) << "Could not find user" << id; return QueuedCoreAdaptor::toDBusVariant(QueuedResult( diff --git a/sources/queued/src/QueuedCorePrivate.cpp b/sources/queued/src/QueuedCorePrivate.cpp index b3fb8e7..95f5a95 100644 --- a/sources/queued/src/QueuedCorePrivate.cpp +++ b/sources/queued/src/QueuedCorePrivate.cpp @@ -24,7 +24,7 @@ #include #include -#include "queued/QueuedDatabaseSchema.h" +#include #include @@ -117,7 +117,7 @@ QueuedResult QueuedCorePrivate::addUser( } // check if already exists - auto userObj = user(_name); + auto userObj = user(_name, _token); if (userObj) { qCWarning(LOG_LIB) << "User" << _name << "already exists"; return QueuedError("User already exists", @@ -261,7 +261,7 @@ QueuedResult QueuedCorePrivate::editUser(const long long _id, { qCDebug(LOG_LIB) << "Edit user with ID" << _id; - auto userObj = user(_id); + auto userObj = user(_id, _token); if (!userObj) { qCWarning(LOG_LIB) << "Could not find user with ID" << _id; return QueuedError("User does not exist", @@ -508,11 +508,34 @@ QueuedResult QueuedCorePrivate::stopTask(const long long _id, /** * @fn task */ -const QueuedProcess *QueuedCorePrivate::task(const long long _id) const +const QueuedProcess *QueuedCorePrivate::task(const long long _id, + const QString &_token) const { qCDebug(LOG_LIB) << "Get task by ID" << _id; - return m_processes->process(_id); + auto task = m_processes->process(_id); + if (!task) { + qCWarning(LOG_LIB) << "Could not find task with ID" << _id; + return task; + } + + // check permissions + auto authUser = m_users->user(_token, true); + if (!authUser) { + qCWarning(LOG_LIB) << "Could not find auth user" << _token; + return nullptr; + } + long long userAuthId = authUser->index(); + bool isAdmin = m_users->authorize(_token, QueuedEnums::Permission::Admin); + + if (isAdmin) { + return task; + } else if (userAuthId == task->user()) { + return task; + } else { + qCInfo(LOG_LIB) << "User" << _token << "not allowed to get task" << _id; + return nullptr; + } } @@ -554,22 +577,48 @@ QueuedCorePrivate::taskReport(const long long _user, const QDateTime &_from, /** * @fn user */ -const QueuedUser *QueuedCorePrivate::user(const long long _id) const +const QueuedUser *QueuedCorePrivate::user(const long long _id, + const QString &_token) const { qCDebug(LOG_LIB) << "Get user by ID" << _id; - return m_users->user(_id); + auto user = m_users->user(_id); + if (!user) { + qCWarning(LOG_LIB) << "Could not find user with ID" << _id; + return user; + } + + // check permissions + auto authUser = m_users->user(_token, true); + if (!authUser) { + qCWarning(LOG_LIB) << "Could not find auth user" << _token; + return nullptr; + } + long long userAuthId = authUser->index(); + bool isAdmin = m_users->authorize(_token, QueuedEnums::Permission::Admin); + + if (isAdmin) { + return user; + } else if (userAuthId == user->index()) { + return user; + } else { + qCInfo(LOG_LIB) << "User" << _token << "not allowed to get user" << _id; + return nullptr; + } } /** * @fn user */ -const QueuedUser *QueuedCorePrivate::user(const QString &_name) const +const QueuedUser *QueuedCorePrivate::user(const QString &_name, + const QString &_token) const { qCDebug(LOG_LIB) << "Get user by name" << _name; - return m_users->user(_name, false); + auto userObj = m_users->user(_name, false); + + return userObj ? user(userObj->index(), _token) : nullptr; } diff --git a/sources/queued/src/QueuedCorePrivateHelper.cpp b/sources/queued/src/QueuedCorePrivateHelper.cpp index 2b65fff..03fd608 100644 --- a/sources/queued/src/QueuedCorePrivateHelper.cpp +++ b/sources/queued/src/QueuedCorePrivateHelper.cpp @@ -26,6 +26,7 @@ #include "queued/QueuedDatabaseSchema.h" +#include #include @@ -132,7 +133,7 @@ QueuedResult QueuedCorePrivateHelper::addTaskPrivate( // add to database auto ids = users()->ids(_userId); - auto userObj = m_core->user(_userId); + auto userObj = m_core->user(_userId, m_core->m_adminToken); if (!userObj) { qCWarning(LOG_LIB) << "Could not find task user" << _userId; return QueuedError("Invalid token", diff --git a/sources/queued/src/QueuedCorePrivateInitializator.cpp b/sources/queued/src/QueuedCorePrivateInitializator.cpp index 6de5281..7a672b3 100644 --- a/sources/queued/src/QueuedCorePrivateInitializator.cpp +++ b/sources/queued/src/QueuedCorePrivateInitializator.cpp @@ -80,8 +80,12 @@ void QueuedCorePrivate::init(const QString &_configuration) // init parts initSettings(_configuration); initUsers(); + // create admin token + m_adminToken = m_users->authorize(m_settings->admin().name); + initPlugins(); initProcesses(); + initReports(); // settings update notifier m_connections @@ -106,9 +110,8 @@ void QueuedCorePrivate::initPlugins() = m_advancedSettings->get(QueuedConfig::QueuedSettings::Plugins) .toString() .split('\n'); - QString token = m_users->authorize(m_settings->admin().name); - m_plugins = m_helper->initObject(m_plugins, token); + m_plugins = m_helper->initObject(m_plugins, m_adminToken); for (auto &plugin : pluginList) m_plugins->loadPlugin(plugin, pluginSettings(plugin)); } @@ -143,6 +146,16 @@ void QueuedCorePrivate::initProcesses() } +/** + * @fn initReports + */ +void QueuedCorePrivate::initReports() +{ + // report manager + m_reports = m_helper->initObject(m_reports, m_database, m_adminToken); +} + + /** * @fn initSettings */ @@ -179,8 +192,6 @@ void QueuedCorePrivate::initSettings(const QString &_configuration) QueuedConfig::DATABASE_VERSION); } - // report manager - m_reports = m_helper->initObject(m_reports, m_database); // database manager m_databaseManager = m_helper->initObject(m_databaseManager, m_database); } diff --git a/sources/queued/src/QueuedPropertyInterface.cpp b/sources/queued/src/QueuedPropertyInterface.cpp index 5c46d28..9e0f080 100644 --- a/sources/queued/src/QueuedPropertyInterface.cpp +++ b/sources/queued/src/QueuedPropertyInterface.cpp @@ -69,11 +69,12 @@ QDBusVariant QueuedPropertyInterface::Option(const QString &property, * @fn Task */ QDBusVariant QueuedPropertyInterface::Task(const long long id, - const QString &property) + const QString &property, + const QString &token) { qCDebug(LOG_DBUS) << "Get property" << property << "from task" << id; - auto task = m_core->task(id); + auto task = m_core->task(id, token); if (!task) { qCWarning(LOG_DBUS) << "Could not find task" << id; return QueuedCoreAdaptor::toDBusVariant(QueuedResult( @@ -99,11 +100,12 @@ QDBusVariant QueuedPropertyInterface::Task(const long long id, * @fn User */ QDBusVariant QueuedPropertyInterface::User(const long long id, - const QString &property) + const QString &property, + const QString &token) { qCDebug(LOG_DBUS) << "Get property" << property << "from user" << id; - auto user = m_core->user(id); + auto user = m_core->user(id, token); if (!user) { qCWarning(LOG_DBUS) << "Could not find user" << id; return QueuedCoreAdaptor::toDBusVariant(QueuedResult( @@ -128,11 +130,12 @@ QDBusVariant QueuedPropertyInterface::User(const long long id, /** * @fn UserIdByName */ -QDBusVariant QueuedPropertyInterface::UserIdByName(const QString &name) +QDBusVariant QueuedPropertyInterface::UserIdByName(const QString &name, + const QString &token) { qCDebug(LOG_DBUS) << "Look for user ID" << name; - auto user = m_core->user(name); + auto user = m_core->user(name, token); if (!user) { qCWarning(LOG_DBUS) << "Could not find user" << name; return QueuedCoreAdaptor::toDBusVariant(QueuedResult( diff --git a/sources/queued/src/QueuedReportManager.cpp b/sources/queued/src/QueuedReportManager.cpp index 973d2db..f6b55be 100644 --- a/sources/queued/src/QueuedReportManager.cpp +++ b/sources/queued/src/QueuedReportManager.cpp @@ -33,9 +33,11 @@ * @fn QueuedReportManager */ QueuedReportManager::QueuedReportManager(QObject *_parent, - QueuedDatabase *_database) + QueuedDatabase *_database, + const QString &_token) : QObject(_parent) , m_database(_database) + , m_token(_token) { qCDebug(LOG_LIB) << __PRETTY_FUNCTION__; } @@ -98,7 +100,7 @@ QList QueuedReportManager::performance(const QueuedCore *_core, // append long long userId = task.value("user").toLongLong(); - auto userObj = _core->user(userId); + auto userObj = _core->user(userId, m_token); QVariantHash currentData = hashOutput[userId]; currentData["cpu"] = currentData.value("cpu", 0).toLongLong() + limits.cpu; diff --git a/sources/queuedctl/src/QueuedctlCommon.cpp b/sources/queuedctl/src/QueuedctlCommon.cpp index da81af2..0cb41f8 100644 --- a/sources/queuedctl/src/QueuedctlCommon.cpp +++ b/sources/queuedctl/src/QueuedctlCommon.cpp @@ -219,23 +219,25 @@ QueuedctlCommon::process(QCommandLineParser &_parser, const QString &_cache, : QueuedctlArgument::Invalid; checkArgs(args, QueuedctlArguments[command].positionalArgsCount, _parser); + QString token = (id == QueuedctlArgument::Auth) + ? "" + : QueuedctlAuth::getToken(_cache, _user); + switch (id) { case QueuedctlArgument::Auth: { result = QueuedctlAuth::auth(_user, _cache); break; } case QueuedctlArgument::OptionGet: { - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlOption::getOption(args.at(1), token); break; } case QueuedctlArgument::OptionSet: { - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlOption::editOption(args.at(1), args.at(2), token); break; } case QueuedctlArgument::PermissionAdd: { - auto userIdRes = QueuedCoreAdaptor::getUserId(args.at(1)); + auto userIdRes = QueuedCoreAdaptor::getUserId(args.at(1), token); long long userId = -1; userIdRes.match([&userId](const long long val) { userId = val; }, [&result](const QueuedError &err) { @@ -243,12 +245,11 @@ QueuedctlCommon::process(QCommandLineParser &_parser, const QString &_cache, }); if (userId == -1) break; - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlPermissions::addPermission(userId, args.at(2), token); break; } case QueuedctlArgument::PermissionRemove: { - auto userIdRes = QueuedCoreAdaptor::getUserId(args.at(1)); + auto userIdRes = QueuedCoreAdaptor::getUserId(args.at(1), token); long long userId = -1; userIdRes.match([&userId](const long long val) { userId = val; }, [&result](const QueuedError &err) { @@ -256,13 +257,11 @@ QueuedctlCommon::process(QCommandLineParser &_parser, const QString &_cache, }); if (userId == -1) break; - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlPermissions::removePermission(userId, args.at(2), token); break; } case QueuedctlArgument::PluginAdd: { - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlPlugins::addPlugin(args.at(1), token); break; } @@ -271,12 +270,10 @@ QueuedctlCommon::process(QCommandLineParser &_parser, const QString &_cache, break; } case QueuedctlArgument::PluginRemove: { - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlPlugins::removePlugin(args.at(1), token); break; } case QueuedctlArgument::Report: { - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlUser::getReport(_parser, token); break; } @@ -293,45 +290,40 @@ QueuedctlCommon::process(QCommandLineParser &_parser, const QString &_cache, break; } case QueuedctlArgument::TaskAdd: { - QString token = QueuedctlAuth::getToken(_cache, _user); - auto definitions = QueuedctlTask::getDefinitions(_parser, false); + auto definitions = QueuedctlTask::getDefinitions(_parser, false, token); result = QueuedctlTask::addTask(definitions, token); break; } case QueuedctlArgument::TaskGet: { - result = QueuedctlTask::getTask(args.at(1).toLongLong(), args.at(2)); + result = QueuedctlTask::getTask(args.at(1).toLongLong(), args.at(2), + token); break; } case QueuedctlArgument::TaskList: { - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlTask::getTasks(_parser, token); break; } case QueuedctlArgument::TaskSet: { - QString token = QueuedctlAuth::getToken(_cache, _user); - auto definitions = QueuedctlTask::getDefinitions(_parser, true); + auto definitions = QueuedctlTask::getDefinitions(_parser, true, token); result = QueuedctlTask::setTask(args.at(1).toLongLong(), definitions, token); break; } case QueuedctlArgument::TaskStart: { - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlTask::startTask(args.at(1).toLongLong(), token); break; } case QueuedctlArgument::TaskStop: { - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlTask::stopTask(args.at(1).toLongLong(), token); break; } case QueuedctlArgument::UserAdd: { - QString token = QueuedctlAuth::getToken(_cache, _user); auto definitions = QueuedctlUser::getDefinitions(_parser, false); result = QueuedctlUser::addUser(definitions, token); break; } case QueuedctlArgument::UserGet: { - auto userIdRes = QueuedCoreAdaptor::getUserId(args.at(1)); + auto userIdRes = QueuedCoreAdaptor::getUserId(args.at(1), token); long long userId = -1; userIdRes.match([&userId](const long long val) { userId = val; }, [&result](const QueuedError &err) { @@ -339,16 +331,15 @@ QueuedctlCommon::process(QCommandLineParser &_parser, const QString &_cache, }); if (userId == -1) break; - result = QueuedctlUser::getUser(userId, args.at(2)); + result = QueuedctlUser::getUser(userId, args.at(2), token); break; } case QueuedctlArgument::UserList: { - QString token = QueuedctlAuth::getToken(_cache, _user); result = QueuedctlUser::getUsers(_parser, token); break; } case QueuedctlArgument::UserSet: { - auto userIdRes = QueuedCoreAdaptor::getUserId(args.at(1)); + auto userIdRes = QueuedCoreAdaptor::getUserId(args.at(1), token); long long userId = -1; userIdRes.match([&userId](const long long val) { userId = val; }, [&result](const QueuedError &err) { @@ -356,7 +347,6 @@ QueuedctlCommon::process(QCommandLineParser &_parser, const QString &_cache, }); if (userId == -1) break; - QString token = QueuedctlAuth::getToken(_cache, _user); auto definitions = QueuedctlUser::getDefinitions(_parser, true); result = QueuedctlUser::setUser(userId, definitions, token); break; diff --git a/sources/queuedctl/src/QueuedctlTask.cpp b/sources/queuedctl/src/QueuedctlTask.cpp index 95ab2c1..8002828 100644 --- a/sources/queuedctl/src/QueuedctlTask.cpp +++ b/sources/queuedctl/src/QueuedctlTask.cpp @@ -50,7 +50,7 @@ QueuedctlCommon::QueuedctlResult QueuedctlTask::addTask( QueuedProcess::QueuedProcessDefinitions QueuedctlTask::getDefinitions(const QCommandLineParser &_parser, - const bool _expandAll) + const bool _expandAll, const QString &_token) { qCDebug(LOG_APP) << "Parse task definitions from parser, expand all" << _expandAll; @@ -68,7 +68,8 @@ QueuedctlTask::getDefinitions(const QCommandLineParser &_parser, if (_parser.value("task-user").isEmpty()) { definitions.user = 0; } else { - auto res = QueuedCoreAdaptor::getUserId(_parser.value("task-user")); + auto res + = QueuedCoreAdaptor::getUserId(_parser.value("task-user"), _token); res.match( [&definitions](const long long val) { definitions.user = val; }, [&definitions](const QueuedError &) { definitions.user = 0; }); @@ -105,14 +106,15 @@ QueuedctlTask::getDefinitions(const QCommandLineParser &_parser, QueuedctlCommon::QueuedctlResult -QueuedctlTask::getTask(const long long _id, const QString &_property) +QueuedctlTask::getTask(const long long _id, const QString &_property, + const QString &_token) { qCDebug(LOG_APP) << "Get property" << _property << "from task" << _id; QueuedctlCommon::QueuedctlResult output; if (_property.isEmpty()) { - auto res = QueuedCoreAdaptor::getTask(_id); + auto res = QueuedCoreAdaptor::getTask(_id, _token); res.match( [&output](const QVariantHash &val) { output.status = true; @@ -143,7 +145,8 @@ QueuedctlTask::getTasks(const QCommandLineParser &_parser, { long long userId = -1; if (!_parser.value("task-user").isEmpty()) { - auto res = QueuedCoreAdaptor::getUserId(_parser.value("task-user")); + auto res + = QueuedCoreAdaptor::getUserId(_parser.value("task-user"), _token); res.match([&userId](const long long val) { userId = val; }, [&userId](const QueuedError &) {}); } diff --git a/sources/queuedctl/src/QueuedctlTask.h b/sources/queuedctl/src/QueuedctlTask.h index d3bacad..3d18a99 100644 --- a/sources/queuedctl/src/QueuedctlTask.h +++ b/sources/queuedctl/src/QueuedctlTask.h @@ -30,9 +30,10 @@ QueuedctlCommon::QueuedctlResult addTask(const QueuedProcess::QueuedProcessDefinitions &_definitions, const QString &_token); QueuedProcess::QueuedProcessDefinitions -getDefinitions(const QCommandLineParser &_parser, const bool _expandAll); -QueuedctlCommon::QueuedctlResult getTask(const long long _id, - const QString &_property); +getDefinitions(const QCommandLineParser &_parser, const bool _expandAll, + const QString &_token); +QueuedctlCommon::QueuedctlResult +getTask(const long long _id, const QString &_property, const QString &_token); QueuedctlCommon::QueuedctlResult getTasks(const QCommandLineParser &_parser, const QString &_token); void parserAdd(QCommandLineParser &_parser); diff --git a/sources/queuedctl/src/QueuedctlUser.cpp b/sources/queuedctl/src/QueuedctlUser.cpp index 37c2fc5..51fc36e 100644 --- a/sources/queuedctl/src/QueuedctlUser.cpp +++ b/sources/queuedctl/src/QueuedctlUser.cpp @@ -137,14 +137,15 @@ QString QueuedctlUser::getPassword() QueuedctlCommon::QueuedctlResult -QueuedctlUser::getUser(const long long _id, const QString &_property) +QueuedctlUser::getUser(const long long _id, const QString &_property, + const QString &_token) { qCDebug(LOG_APP) << "Get property" << _property << "from user" << _id; QueuedctlCommon::QueuedctlResult output; if (_property.isEmpty()) { - auto res = QueuedCoreAdaptor::getUser(_id); + auto res = QueuedCoreAdaptor::getUser(_id, _token); res.match( [&output](const QVariantHash &val) { output.status = true; diff --git a/sources/queuedctl/src/QueuedctlUser.h b/sources/queuedctl/src/QueuedctlUser.h index 4049d66..0bba422 100644 --- a/sources/queuedctl/src/QueuedctlUser.h +++ b/sources/queuedctl/src/QueuedctlUser.h @@ -34,8 +34,8 @@ QueuedctlCommon::QueuedctlResult getReport(const QCommandLineParser &_parser, QueuedUser::QueuedUserDefinitions getDefinitions(const QCommandLineParser &_parser, const bool _expandAll); QString getPassword(); -QueuedctlCommon::QueuedctlResult getUser(const long long _id, - const QString &_property); +QueuedctlCommon::QueuedctlResult +getUser(const long long _id, const QString &_property, const QString &_token); QueuedctlCommon::QueuedctlResult getUsers(const QCommandLineParser &_parser, const QString &_token); void parserAdd(QCommandLineParser &_parser);