13 #ifndef hifi_DomainServerSettingsManager_h
14 #define hifi_DomainServerSettingsManager_h
16 #include <QtCore/QJsonArray>
17 #include <QtCore/QJsonObject>
18 #include <QtCore/QJsonDocument>
19 #include <QtNetwork/QNetworkReply>
20 #include <QtCore/QSharedPointer>
22 #include <HifiConfigVariantMap.h>
23 #include <HTTPManager.h>
25 #include <ReceivedMessage.h>
27 #include "DomainGatekeeper.h"
28 #include "NodePermissions.h"
30 const QString SETTINGS_PATHS_KEY =
"paths";
32 const QString AGENT_STANDARD_PERMISSIONS_KEYPATH =
"security.standard_permissions";
33 const QString AGENT_PERMISSIONS_KEYPATH =
"security.permissions";
34 const QString IP_PERMISSIONS_KEYPATH =
"security.ip_permissions";
35 const QString MAC_PERMISSIONS_KEYPATH =
"security.mac_permissions";
36 const QString MACHINE_FINGERPRINT_PERMISSIONS_KEYPATH =
"security.machine_fingerprint_permissions";
37 const QString GROUP_PERMISSIONS_KEYPATH =
"security.group_permissions";
38 const QString GROUP_FORBIDDENS_KEYPATH =
"security.group_forbiddens";
39 const QString AUTOMATIC_CONTENT_ARCHIVES_GROUP =
"automatic_content_archives";
40 const QString CONTENT_SETTINGS_INSTALLED_CONTENT_FILENAME =
"installed_content.filename";
41 const QString CONTENT_SETTINGS_INSTALLED_CONTENT_NAME =
"installed_content.name";
42 const QString CONTENT_SETTINGS_INSTALLED_CONTENT_CREATION_TIME =
"installed_content.creation_time";
43 const QString CONTENT_SETTINGS_INSTALLED_CONTENT_INSTALL_TIME =
"installed_content.install_time";
44 const QString CONTENT_SETTINGS_INSTALLED_CONTENT_INSTALLED_BY =
"installed_content.installed_by";
46 using GroupByUUIDKey = QPair<QUuid, QUuid>;
79 bool handleAuthenticatedHTTPRequest(
HTTPConnection* connection,
const QUrl& url);
93 QVariant valueOrDefaultValueForKeyPath(
const QString& keyPath);
94 QVariant valueForKeyPath(
const QString& keyPath);
95 bool containsKeyPath(
const QString& keyPath) {
return valueForKeyPath(keyPath).isValid(); }
98 bool haveStandardPermissionsForName(
const QString& name)
const {
return _standardAgentPermissions.contains(name, 0); }
99 NodePermissions getStandardPermissionsForName(
const NodePermissionsKey& name)
const;
102 bool havePermissionsForName(
const QString& name)
const {
return _agentPermissions.contains(name, 0); }
103 NodePermissions getPermissionsForName(
const QString& name)
const;
104 NodePermissions getPermissionsForName(
const NodePermissionsKey& key)
const {
return getPermissionsForName(key.first); }
105 QStringList getAllNames()
const;
108 bool hasPermissionsForIP(
const QHostAddress& address)
const {
return _ipPermissions.contains(address.toString(), 0); }
109 NodePermissions getPermissionsForIP(
const QHostAddress& address)
const;
112 bool hasPermissionsForMAC(
const QString& macAddress)
const {
return _macPermissions.contains(macAddress, 0); }
113 NodePermissions getPermissionsForMAC(
const QString& macAddress)
const;
116 bool hasPermissionsForMachineFingerprint(
const QUuid& machineFingerprint) {
return _machineFingerprintPermissions.contains(machineFingerprint.toString(), 0); }
117 NodePermissions getPermissionsForMachineFingerprint(
const QUuid& machineFingerprint)
const;
120 bool havePermissionsForGroup(
const QString& groupName, QUuid rankID)
const {
121 return _groupPermissions.contains(groupName, rankID);
123 NodePermissions getPermissionsForGroup(
const QString& groupName, QUuid rankID)
const;
124 NodePermissions getPermissionsForGroup(
const QUuid& groupID, QUuid rankID)
const;
127 bool haveForbiddensForGroup(
const QString& groupName, QUuid rankID)
const {
128 return _groupForbiddens.contains(groupName, rankID);
130 NodePermissions getForbiddensForGroup(
const QString& groupName, QUuid rankID)
const;
131 NodePermissions getForbiddensForGroup(
const QUuid& groupID, QUuid rankID)
const;
133 QStringList getAllKnownGroupNames();
134 bool setGroupID(
const QString& groupName,
const QUuid& groupID);
135 GroupRank getGroupRank(QUuid groupID, QUuid rankID) {
return _groupRanks[groupID][rankID]; }
137 QList<QUuid> getGroupIDs();
138 QList<QUuid> getBlacklistGroupIDs();
140 QStringList getDomainServerGroupNames();
141 QStringList getDomainServerBlacklistGroupNames();
144 void clearGroupMemberships(
const QString& name) { _groupMembership[name.toLower()].clear(); }
145 void recordGroupMembership(
const QString& name,
const QUuid groupID, QUuid rankID);
146 QUuid isGroupMember(
const QString& name,
const QUuid& groupID);
149 void apiRefreshGroupInformation();
151 void debugDumpGroupsState();
153 enum SettingsRequestAuthentication { NotAuthenticated, Authenticated };
154 enum DomainSettingsInclusion { NoDomainSettings, IncludeDomainSettings };
155 enum ContentSettingsInclusion { NoContentSettings, IncludeContentSettings };
156 enum DefaultSettingsInclusion { NoDefaultSettings, IncludeDefaultSettings };
157 enum SettingsBackupFlag { NotForBackup, ForBackup };
175 SettingsRequestAuthentication authentication = NotAuthenticated,
176 DomainSettingsInclusion domainSettingsInclusion = IncludeDomainSettings,
177 ContentSettingsInclusion contentSettingsInclusion = IncludeContentSettings,
178 DefaultSettingsInclusion defaultSettingsInclusion = IncludeDefaultSettings,
179 SettingsBackupFlag settingsBackupFlag = NotForBackup);
183 bool recurseJSONObjectAndOverwriteSettings(
const QJsonObject& postedObject, SettingsType settingsType);
186 void updateNodePermissions();
187 void settingsUpdated();
190 void apiGetGroupIDJSONCallback(QNetworkReply* requestReply);
191 void apiGetGroupIDErrorCallback(QNetworkReply* requestReply);
192 void apiGetGroupRanksJSONCallback(QNetworkReply* requestReply);
193 void apiGetGroupRanksErrorCallback(QNetworkReply* requestReply);
196 void processSettingsRequestPacket(QSharedPointer<ReceivedMessage> message);
197 void processNodeKickRequestPacket(QSharedPointer<ReceivedMessage> message, SharedNodePointer sendingNode);
198 void processUsernameFromIDRequestPacket(QSharedPointer<ReceivedMessage> message, SharedNodePointer sendingNode);
201 QJsonArray filteredDescriptionArray(
bool isContentSettings);
202 void updateSetting(
const QString& key,
const QJsonValue& newValue, QVariantMap& settingMap,
203 const QJsonObject& settingDescription);
204 QJsonObject settingDescriptionFromGroup(
const QJsonObject& groupObject,
const QString& settingName);
205 void sortPermissions();
209 void persistToFile();
211 void splitSettingsDescription();
213 double _descriptionVersion;
215 QJsonArray _descriptionArray;
216 QJsonArray _domainSettingsDescription;
217 QJsonArray _contentSettingsDescription;
218 QJsonObject _settingsMenuGroups;
222 HifiConfigVariantMap _configMap;
225 void apiGetGroupID(
const QString& groupName);
226 void apiGetGroupRanks(
const QUuid& groupID);
228 void initializeGroupPermissions(NodePermissionsMap& permissionsRows, QString groupName, NodePermissionsPointer perms);
229 void packPermissionsForMap(QString mapName, NodePermissionsMap& permissionsRows, QString keyPath);
230 void packPermissions();
231 void unpackPermissions();
232 bool unpackPermissionsForKeypath(
const QString& keyPath, NodePermissionsMap* destinationMapPointer,
233 std::function<
void(NodePermissionsPointer)> customUnpacker = {});
234 bool ensurePermissionsForGroupRanks();
236 NodePermissionsMap _standardAgentPermissions;
237 NodePermissionsMap _agentPermissions;
239 NodePermissionsMap _ipPermissions;
240 NodePermissionsMap _macPermissions;
241 NodePermissionsMap _machineFingerprintPermissions;
243 NodePermissionsMap _groupPermissions;
244 NodePermissionsMap _groupForbiddens;
246 QHash<GroupByUUIDKey, NodePermissionsPointer> _groupPermissionsByUUID;
247 QHash<GroupByUUIDKey, NodePermissionsPointer> _groupForbiddensByUUID;
249 QHash<QString, QUuid> _groupIDs;
250 QHash<QUuid, QString> _groupNames;
253 QHash<QUuid, QHash<QUuid, GroupRank>> _groupRanks;
256 QHash<QString, QHash<QUuid, QUuid>> _groupMembership;
259 QReadWriteLock _settingsLock { QReadWriteLock::Recursive };
261 friend class DomainServer;
Manages the domain-wide settings.
Definition: DomainServerSettingsManager.h:75
void setupConfigMap(const QString &userConfigFilename)
Loads the configuration from the specified file.
Definition: DomainServerSettingsManager.cpp:206
QJsonObject settingsResponseObjectForType(const QString &typeValue, SettingsRequestAuthentication authentication=NotAuthenticated, DomainSettingsInclusion domainSettingsInclusion=IncludeDomainSettings, ContentSettingsInclusion contentSettingsInclusion=IncludeContentSettings, DefaultSettingsInclusion defaultSettingsInclusion=IncludeDefaultSettings, SettingsBackupFlag settingsBackupFlag=NotForBackup)
Generates a JSON representation of settings.
Definition: DomainServerSettingsManager.cpp:1506
Q_INVOKABLE bool restoreSettingsFromObject(QJsonObject settingsToRestore, SettingsType settingsType)
thread safe method to restore settings from a JSON object
Definition: DomainServerSettingsManager.cpp:1375
Handles a single HTTP connection.
Definition: HTTPConnection.h:43