diff --git a/sources/queued-server/src/QueuedServer.cpp b/sources/queued-server/src/QueuedServer.cpp index 295b82c..7c1154b 100644 --- a/sources/queued-server/src/QueuedServer.cpp +++ b/sources/queued-server/src/QueuedServer.cpp @@ -55,21 +55,21 @@ void QueuedServer::init() } m_server->init(QueuedCoreAdaptor::getOption( - QueuedConfig::QueuedSettings::ServerTimeout) + QueuedConfig::QueuedSettings::ServerTimeout, "") .get() .toInt()); QString address = QueuedCoreAdaptor::getOption( - QueuedConfig::QueuedSettings::ServerAddress) + QueuedConfig::QueuedSettings::ServerAddress, "") .get() .toString(); - ushort port - = QueuedCoreAdaptor::getOption(QueuedConfig::QueuedSettings::ServerPort) - .get() - .toUInt(); + ushort port = QueuedCoreAdaptor::getOption( + QueuedConfig::QueuedSettings::ServerPort, "") + .get() + .toUInt(); m_server->listen(QHostAddress(address), port); m_server->setMaxPendingConnections( QueuedCoreAdaptor::getOption( - QueuedConfig::QueuedSettings::ServerMaxConnections) + QueuedConfig::QueuedSettings::ServerMaxConnections, "") .get() .toInt()); diff --git a/sources/queued-server/src/QueuedTcpServerResponseHelperApi1.cpp b/sources/queued-server/src/QueuedTcpServerResponseHelperApi1.cpp index 94d48f3..d9f2eca 100644 --- a/sources/queued-server/src/QueuedTcpServerResponseHelperApi1.cpp +++ b/sources/queued-server/src/QueuedTcpServerResponseHelperApi1.cpp @@ -50,7 +50,8 @@ QVariantHash QueuedTcpServerResponseHelperApi1::getData( break; case QueuedTcpServerResponseHelper::RequestPath::Option: if (_type == "GET") - output = QueuedTcpServerResponseHelperOption::getOption(_arg); + output + = QueuedTcpServerResponseHelperOption::getOption(_arg, _token); else if (_type == "POST") output = QueuedTcpServerResponseHelperOption::setOption(_arg, _data, _token); diff --git a/sources/queued-server/src/QueuedTcpServerResponseHelperOption.cpp b/sources/queued-server/src/QueuedTcpServerResponseHelperOption.cpp index c333917..16a1524 100644 --- a/sources/queued-server/src/QueuedTcpServerResponseHelperOption.cpp +++ b/sources/queued-server/src/QueuedTcpServerResponseHelperOption.cpp @@ -20,11 +20,12 @@ QVariantHash -QueuedTcpServerResponseHelperOption::getOption(const QString &_option) +QueuedTcpServerResponseHelperOption::getOption(const QString &_option, + const QString &_token) { qCDebug(LOG_SERV) << "Get option" << _option; - auto res = QueuedCoreAdaptor::getOption(_option); + auto res = QueuedCoreAdaptor::getOption(_option, _token); QVariantHash output; res.match( diff --git a/sources/queued-server/src/QueuedTcpServerResponseHelperOption.h b/sources/queued-server/src/QueuedTcpServerResponseHelperOption.h index 6e0a6a7..2423aca 100644 --- a/sources/queued-server/src/QueuedTcpServerResponseHelperOption.h +++ b/sources/queued-server/src/QueuedTcpServerResponseHelperOption.h @@ -22,7 +22,7 @@ namespace QueuedTcpServerResponseHelperOption { -QVariantHash getOption(const QString &_option); +QVariantHash getOption(const QString &_option, const QString &_token); QVariantHash setOption(const QString &_option, const QVariantHash &_value, const QString &_token); }; diff --git a/sources/queued-server/src/QueuedTcpServerResponseHelperPlugins.cpp b/sources/queued-server/src/QueuedTcpServerResponseHelperPlugins.cpp index 84cfe50..3d5de7a 100644 --- a/sources/queued-server/src/QueuedTcpServerResponseHelperPlugins.cpp +++ b/sources/queued-server/src/QueuedTcpServerResponseHelperPlugins.cpp @@ -42,8 +42,8 @@ QueuedTcpServerResponseHelperPlugins::addPlugin(const QString &_name, QVariantHash QueuedTcpServerResponseHelperPlugins::listPlugins() { - auto res - = QueuedCoreAdaptor::getOption(QueuedConfig::QueuedSettings::Plugins); + auto res = QueuedCoreAdaptor::getOption( + QueuedConfig::QueuedSettings::Plugins, ""); QVariantHash output; res.match( diff --git a/sources/queued/include/queued/QueuedAdvancedSettings.h b/sources/queued/include/queued/QueuedAdvancedSettings.h index da7a0d8..efae0a9 100644 --- a/sources/queued/include/queued/QueuedAdvancedSettings.h +++ b/sources/queued/include/queued/QueuedAdvancedSettings.h @@ -88,6 +88,20 @@ public: * @return ID in settings representation */ static QString internalId(const QueuedConfig::QueuedSettings _key); + /** + * @brief check whether requested option is admin only + * @param _key + * key to search in + * @return true if this value is hidden for non-admins + */ + bool isAdmin(const QString &_key) const; + /** + * @brief check whether requested option is admin only + * @param _key + * key to search in + * @return true if this value is hidden for non-admins + */ + bool isAdmin(const QueuedConfig::QueuedSettings &_key) const; /** * @brief set value * @param _key diff --git a/sources/queued/include/queued/QueuedCore.h b/sources/queued/include/queued/QueuedCore.h index c2930c6..166b9e2 100644 --- a/sources/queued/include/queued/QueuedCore.h +++ b/sources/queued/include/queued/QueuedCore.h @@ -196,9 +196,11 @@ public: * @brief get value from advanced settings * @param _key * key string + * @param _token + * user auth token * @return option value or empty QVariant */ - QueuedResult option(const QString &_key); + QueuedResult option(const QString &_key, const QString &_token); /** * @brief usage report * @param _from diff --git a/sources/queued/include/queued/QueuedCoreAdaptor.h b/sources/queued/include/queued/QueuedCoreAdaptor.h index 8ca662b..e3ed568 100644 --- a/sources/queued/include/queued/QueuedCoreAdaptor.h +++ b/sources/queued/include/queued/QueuedCoreAdaptor.h @@ -194,16 +194,22 @@ sendUserPermissionRemove(const long long _id, * @brief get option * @param _property * option name + * @param _token + * user auth token * @return option value */ -QueuedResult getOption(const QString &_property); +QueuedResult getOption(const QString &_property, + const QString &_token); /** * @brief get option * @param _property * option name + * @param _token + * user auth token * @return option value */ -QueuedResult getOption(const QueuedConfig::QueuedSettings _property); +QueuedResult getOption(const QueuedConfig::QueuedSettings _property, + const QString &_token); /** * @brief performance report * @param _from diff --git a/sources/queued/include/queued/QueuedPropertyInterface.h b/sources/queued/include/queued/QueuedPropertyInterface.h index 4df619c..70e9cb2 100644 --- a/sources/queued/include/queued/QueuedPropertyInterface.h +++ b/sources/queued/include/queued/QueuedPropertyInterface.h @@ -57,9 +57,11 @@ public slots: * @brief get advanced option * @param property * property name + * @param token + * user auth token * @return property value or empty if property not found */ - QDBusVariant Option(const QString &property); + QDBusVariant Option(const QString &property, const QString &token); /** * @brief get task property * @param id diff --git a/sources/queued/include/queued/QueuedStaticConfig.h b/sources/queued/include/queued/QueuedStaticConfig.h index d57146f..0fe861a 100644 --- a/sources/queued/include/queued/QueuedStaticConfig.h +++ b/sources/queued/include/queued/QueuedStaticConfig.h @@ -132,6 +132,7 @@ enum class QueuedSettings { typedef struct { QueuedSettings id; QVariant defaultValue; + bool isAdmin = true; } QueuedSettingsField; /** * @typedef QueuedSettingsDefaultMap @@ -142,20 +143,20 @@ typedef QHash QueuedSettingsDefaultMap; * @brief default settings map */ static const QueuedSettingsDefaultMap QueuedSettingsDefaults = { - {"", {QueuedSettings::Invalid, QVariant()}}, - {"DatabaseInterval", {QueuedSettings::DatabaseInterval, 86400000}}, + {"", {QueuedSettings::Invalid, QVariant(), false}}, + {"DatabaseInterval", {QueuedSettings::DatabaseInterval, 86400000, true}}, {"DatabaseVersion", - {QueuedSettings::DatabaseVersion, QueuedConfig::DATABASE_VERSION}}, - {"DefaultLimits", {QueuedSettings::DefaultLimits, "0\n0\n0\n0\n0"}}, - {"KeepTasks", {QueuedSettings::KeepTasks, 0}}, - {"KeepUsers", {QueuedSettings::KeepUsers, 0}}, - {"OnExitAction", {QueuedSettings::OnExitAction, 2}}, - {"Plugins", {QueuedSettings::Plugins, ""}}, - {"ServerAddress", {QueuedSettings::ServerAddress, ""}}, - {"ServerMaxConnections", {QueuedSettings::ServerMaxConnections, 30}}, - {"ServerPort", {QueuedSettings::ServerPort, 8080}}, - {"ServerTimeout", {QueuedSettings::ServerTimeout, -1}}, - {"TokenExpiration", {QueuedSettings::TokenExpiration, 30}}, + {QueuedSettings::DatabaseVersion, QueuedConfig::DATABASE_VERSION, true}}, + {"DefaultLimits", {QueuedSettings::DefaultLimits, "0\n0\n0\n0\n0", false}}, + {"KeepTasks", {QueuedSettings::KeepTasks, 0, false}}, + {"KeepUsers", {QueuedSettings::KeepUsers, 0, false}}, + {"OnExitAction", {QueuedSettings::OnExitAction, 2, false}}, + {"Plugins", {QueuedSettings::Plugins, "", false}}, + {"ServerAddress", {QueuedSettings::ServerAddress, "", false}}, + {"ServerMaxConnections", {QueuedSettings::ServerMaxConnections, 30, false}}, + {"ServerPort", {QueuedSettings::ServerPort, 8080, false}}, + {"ServerTimeout", {QueuedSettings::ServerTimeout, -1, false}}, + {"TokenExpiration", {QueuedSettings::TokenExpiration, 30, false}}, }; }; diff --git a/sources/queued/include/queued/private/QueuedCorePrivate.h b/sources/queued/include/queued/private/QueuedCorePrivate.h index 1925811..9512efb 100644 --- a/sources/queued/include/queued/private/QueuedCorePrivate.h +++ b/sources/queued/include/queued/private/QueuedCorePrivate.h @@ -205,9 +205,11 @@ public: * @brief get value from advanced settings * @param _key * key string + * @param _token + * user auth token * @return option value or empty QVariant */ - QueuedResult option(const QString &_key); + QueuedResult option(const QString &_key, const QString &_token); /** * @brief usage report * @param _from diff --git a/sources/queued/src/QueuedAdvancedSettings.cpp b/sources/queued/src/QueuedAdvancedSettings.cpp index 9602a78..31c9f60 100644 --- a/sources/queued/src/QueuedAdvancedSettings.cpp +++ b/sources/queued/src/QueuedAdvancedSettings.cpp @@ -22,6 +22,7 @@ #include +#include /** @@ -139,6 +140,32 @@ QueuedAdvancedSettings::internalId(const QueuedConfig::QueuedSettings _key) } +/** + * @fn isAdmin + */ +bool QueuedAdvancedSettings::isAdmin(const QString &_key) const +{ + qCDebug(LOG_LIB) << "Check if admin option" << _key; + + if ((_key.startsWith("Plugin.")) || (_key.startsWith("plugin."))) + return true; + else + return QueuedConfig::QueuedSettingsDefaults[internalId(_key)].isAdmin; +} + + +/** + * @fn isAdmin + */ +bool QueuedAdvancedSettings::isAdmin( + const QueuedConfig::QueuedSettings &_key) const +{ + qCDebug(LOG_LIB) << "Check if admin option" << static_cast(_key); + + return QueuedConfig::QueuedSettingsDefaults[internalId(_key)].isAdmin; +} + + /** * @fn set */ diff --git a/sources/queued/src/QueuedCore.cpp b/sources/queued/src/QueuedCore.cpp index 7139ab7..26ee9ae 100644 --- a/sources/queued/src/QueuedCore.cpp +++ b/sources/queued/src/QueuedCore.cpp @@ -186,11 +186,12 @@ QueuedResult QueuedCore::hashFromPassword(const QString &_password) /** * @fn option */ -QueuedResult QueuedCore::option(const QString &_key) +QueuedResult QueuedCore::option(const QString &_key, + const QString &_token) { qCDebug(LOG_LIB) << "Look for option" << _key; - return m_impl->option(_key); + return m_impl->option(_key, _token); } diff --git a/sources/queued/src/QueuedCoreAdaptor.cpp b/sources/queued/src/QueuedCoreAdaptor.cpp index e404b55..983d1c4 100644 --- a/sources/queued/src/QueuedCoreAdaptor.cpp +++ b/sources/queued/src/QueuedCoreAdaptor.cpp @@ -290,11 +290,12 @@ QueuedResult QueuedCoreAdaptor::sendUserPermissionRemove( /** * @fn getOption */ -QueuedResult QueuedCoreAdaptor::getOption(const QString &_property) +QueuedResult QueuedCoreAdaptor::getOption(const QString &_property, + const QString &_token) { qCDebug(LOG_DBUS) << "Get option" << _property; - QVariantList args = {_property}; + QVariantList args = {_property, _token}; return sendRequest(QueuedConfig::DBUS_SERVICE, QueuedConfig::DBUS_PROPERTY_PATH, QueuedConfig::DBUS_SERVICE, "Option", args); @@ -305,11 +306,12 @@ QueuedResult QueuedCoreAdaptor::getOption(const QString &_property) * @fn getOption */ QueuedResult -QueuedCoreAdaptor::getOption(const QueuedConfig::QueuedSettings _property) +QueuedCoreAdaptor::getOption(const QueuedConfig::QueuedSettings _property, + const QString &_token) { qCDebug(LOG_DBUS) << "Get option" << static_cast(_property); - return getOption(QueuedAdvancedSettings::internalId(_property)); + return getOption(QueuedAdvancedSettings::internalId(_property), _token); } diff --git a/sources/queued/src/QueuedCorePrivate.cpp b/sources/queued/src/QueuedCorePrivate.cpp index 2beb8d1..b3fb8e7 100644 --- a/sources/queued/src/QueuedCorePrivate.cpp +++ b/sources/queued/src/QueuedCorePrivate.cpp @@ -333,11 +333,18 @@ QueuedCorePrivate::hashFromPassword(const QString &_password) /** * @fn option */ -QueuedResult QueuedCorePrivate::option(const QString &_key) +QueuedResult QueuedCorePrivate::option(const QString &_key, + const QString &_token) { qCDebug(LOG_LIB) << "Look for option" << _key; - return m_advancedSettings->get(_key); + bool isAdmin = m_users->authorize(_token, QueuedEnums::Permission::Admin); + + if ((isAdmin) || (!m_advancedSettings->isAdmin(_key))) + return m_advancedSettings->get(_key); + else + return QueuedError("Not allowed", + QueuedEnums::ReturnStatus::InsufficientPermissions); } diff --git a/sources/queued/src/QueuedPropertyInterface.cpp b/sources/queued/src/QueuedPropertyInterface.cpp index 38f413e..5c46d28 100644 --- a/sources/queued/src/QueuedPropertyInterface.cpp +++ b/sources/queued/src/QueuedPropertyInterface.cpp @@ -56,11 +56,12 @@ QueuedPropertyInterface::~QueuedPropertyInterface() /** * @fn Option */ -QDBusVariant QueuedPropertyInterface::Option(const QString &property) +QDBusVariant QueuedPropertyInterface::Option(const QString &property, + const QString &token) { qCDebug(LOG_DBUS) << "Get property" << property; - return QueuedCoreAdaptor::toDBusVariant(m_core->option(property)); + return QueuedCoreAdaptor::toDBusVariant(m_core->option(property, token)); } diff --git a/sources/queuedctl/src/QueuedctlCommon.cpp b/sources/queuedctl/src/QueuedctlCommon.cpp index dd41060..da81af2 100644 --- a/sources/queuedctl/src/QueuedctlCommon.cpp +++ b/sources/queuedctl/src/QueuedctlCommon.cpp @@ -225,7 +225,8 @@ QueuedctlCommon::process(QCommandLineParser &_parser, const QString &_cache, break; } case QueuedctlArgument::OptionGet: { - result = QueuedctlOption::getOption(args.at(1)); + QString token = QueuedctlAuth::getToken(_cache, _user); + result = QueuedctlOption::getOption(args.at(1), token); break; } case QueuedctlArgument::OptionSet: { diff --git a/sources/queuedctl/src/QueuedctlOption.cpp b/sources/queuedctl/src/QueuedctlOption.cpp index 0886ba2..aba4f70 100644 --- a/sources/queuedctl/src/QueuedctlOption.cpp +++ b/sources/queuedctl/src/QueuedctlOption.cpp @@ -38,12 +38,12 @@ QueuedctlOption::editOption(const QString &_option, const QVariant &_value, QueuedctlCommon::QueuedctlResult -QueuedctlOption::getOption(const QString &_option) +QueuedctlOption::getOption(const QString &_option, const QString &_token) { qCDebug(LOG_APP) << "Get option" << _option; QueuedctlCommon::QueuedctlResult output; - auto res = QueuedCoreAdaptor::getOption(_option); + auto res = QueuedCoreAdaptor::getOption(_option, _token); res.match( [&output](const QVariant &val) { output.status = val.isValid(); diff --git a/sources/queuedctl/src/QueuedctlOption.h b/sources/queuedctl/src/QueuedctlOption.h index ad0b213..fc89048 100644 --- a/sources/queuedctl/src/QueuedctlOption.h +++ b/sources/queuedctl/src/QueuedctlOption.h @@ -27,7 +27,8 @@ namespace QueuedctlOption QueuedctlCommon::QueuedctlResult editOption(const QString &_option, const QVariant &_value, const QString &_token); -QueuedctlCommon::QueuedctlResult getOption(const QString &_option); +QueuedctlCommon::QueuedctlResult getOption(const QString &_option, + const QString &_token); void parserGet(QCommandLineParser &_parser); void parserSet(QCommandLineParser &_parser); }; diff --git a/sources/queuedctl/src/QueuedctlPlugins.cpp b/sources/queuedctl/src/QueuedctlPlugins.cpp index 544063b..959faa0 100644 --- a/sources/queuedctl/src/QueuedctlPlugins.cpp +++ b/sources/queuedctl/src/QueuedctlPlugins.cpp @@ -39,8 +39,8 @@ QueuedctlPlugins::addPlugin(const QString &_plugin, const QString &_token) QueuedctlCommon::QueuedctlResult QueuedctlPlugins::listPlugins() { - auto res - = QueuedCoreAdaptor::getOption(QueuedConfig::QueuedSettings::Plugins); + auto res = QueuedCoreAdaptor::getOption( + QueuedConfig::QueuedSettings::Plugins, ""); QueuedctlCommon::QueuedctlResult output; res.match(