PageRenderTime 80ms CodeModel.GetById 40ms app.highlight 19ms RepoModel.GetById 13ms app.codeStats 1ms

/ucengine/src/controllers/role_controller.erl

http://github.com/AF83/ucengine
Erlang | 121 lines | 87 code | 17 blank | 17 comment | 0 complexity | 37648af5ed9187e3938ce733559542ba MD5 | raw file
  1%%
  2%%  U.C.Engine - Unified Collaboration Engine
  3%%  Copyright (C) 2011 af83
  4%%
  5%%  This program is free software: you can redistribute it and/or modify
  6%%  it under the terms of the GNU Affero General Public License as published by
  7%%  the Free Software Foundation, either version 3 of the License, or
  8%%  (at your option) any later version.
  9%%
 10%%  This program is distributed in the hope that it will be useful,
 11%%  but WITHOUT ANY WARRANTY; without even the implied warranty of
 12%%  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 13%%  GNU Affero General Public License for more details.
 14%%
 15%%  You should have received a copy of the GNU Affero General Public License
 16%%  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 17%%
 18-module(role_controller).
 19
 20-export([init/0, add/4, delete/4, add_access/4, delete_access/4]).
 21
 22-include("uce.hrl").
 23
 24init() ->
 25    [#uce_route{method='POST',
 26                path=["role"],
 27                callback={?MODULE, add,
 28                          [{"uid", required, string},
 29                           {"sid", required, string},
 30                           {"name", required, string}]}},
 31
 32     #uce_route{method='DELETE',
 33                path=["role", name],
 34                callback={?MODULE, delete,
 35                          [{"uid", required, string},
 36                           {"sid", required, string}]}},
 37
 38     #uce_route{method='POST',
 39                path=["role", name, "acl"],
 40                callback={?MODULE, add_access,
 41                          [{"uid", required, string},
 42                           {"sid", required, string},
 43                           {"object", "all", string},
 44                           {"action", "all", string},
 45                           {"conditions", [], dictionary}]}},
 46
 47     #uce_route{method='DELETE',
 48                path=["role", name, "acl", object, action],
 49                callback={?MODULE, delete_access,
 50                          [{"uid", required, string},
 51                           {"sid", required, string},
 52                           {"conditions", [], dictionary}]}}].
 53
 54add(Domain, [], [Uid, Sid, Name], _) ->
 55    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
 56    {ok, true} = uce_access:assert(Domain, Uid, "", "role", "add", [{"name", Name}]),
 57    {ok, created} = uce_role:add(Domain, #uce_role{id=Name}),
 58    {ok, _} = uce_event:add(Domain, #uce_event{id=none,
 59                                               from=Uid,
 60                                               location="",
 61                                               type="internal.role.add",
 62                                               metadata=[{"name", Name}]}),
 63
 64    json_helpers:created(Domain).
 65
 66delete(Domain, [{name, Name}], [Uid, Sid], _) ->
 67    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
 68    {ok, true} = uce_access:assert(Domain, Uid, "", "role", "delete", [{"name", Name}]),
 69    {ok, _} = uce_event:add(Domain, #uce_event{id=none,
 70                                               from=Uid,
 71                                               location="",
 72                                               type="internal.role.delete",
 73                                               metadata=[{"name", Name}]}),
 74    {ok, deleted} = uce_role:delete(Domain, Name),
 75    json_helpers:ok(Domain).
 76
 77add_access(Domain, [{name, Role}], [Uid, Sid, Object, Action, Conditions], _) ->
 78    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
 79    {ok, true} = uce_access:assert(Domain, Uid, "",
 80                                   "access", "add", [{"role", Role},
 81                                                     {"object", Object},
 82                                                     {"action", Action}]),
 83
 84    {ok, updated} = uce_role:add_access(Domain, Role,
 85                                       #uce_access{object=Object,
 86                                                   action=Action,
 87                                                   conditions=Conditions}),
 88
 89    {ok, _} = uce_event:add(Domain, #uce_event{id=none,
 90                                               from=Uid,
 91                                               location="",
 92                                               type="internal.access.add",
 93                                               metadata=[{"role", Role},
 94                                                         {"action", Action},
 95                                                         {"object", Object}] ++
 96                                                   Conditions}),
 97
 98    json_helpers:ok(Domain).
 99
100delete_access(Domain, [{name, Role}, {object, Object}, {action, Action}], [Uid, Sid, Conditions], _) ->
101    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
102    {ok, true} = uce_access:assert(Domain, Uid, "",
103                                   "access", "add", [{"role", Role},
104                                                     {"object", Object},
105                                                     {"action", Action}]),
106
107    {ok, updated} = uce_role:delete_access(Domain, Role,
108                                          #uce_access{object=Object,
109                                                      action=Action,
110                                                      conditions=Conditions}),
111
112    {ok, _} = uce_event:add(Domain, #uce_event{id=none,
113                                               from=Uid,
114                                               location="",
115                                               type="internal.access.delete",
116                                               metadata=[{"role", Role},
117                                                         {"action", Action},
118                                                         {"object", Object}] ++
119                                                   Conditions}),
120
121    json_helpers:ok(Domain).