scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-10-29 18:02:29 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

https://telecominfraproject.atlassian.net/browse/WIFI-10391

Browse Source 
Signed-off-by: stephb9959 <stephane.bourque@gmail.com>
This commit is contained in:
stephb9959
2023-01-25 16:15:28 -08:00
parent acdb617d35
commit ce1818c93c
10 changed files with 196 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CMakeLists.txt
View File

@@ -175,7 +175,7 @@ add_executable( owsec
src/TotpCache.h
src/RESTAPI/RESTAPI_subtotp_handler.cpp src/RESTAPI/RESTAPI_subtotp_handler.h
src/RESTAPI/RESTAPI_signup_handler.cpp src/RESTAPI/RESTAPI_signup_handler.h
src/MessagingTemplates.h src/RESTAPI/RESTAPI_apiKey_handler.cpp src/RESTAPI/RESTAPI_apiKey_handler.h src/storage/orm_apikeys.cpp src/storage/orm_apikeys.h src/RESTAPI/RESTAPI_validate_apikey.cpp src/RESTAPI/RESTAPI_validate_apikey.h)
src/MessagingTemplates.h src/RESTAPI/RESTAPI_apiKey_handler.cpp src/RESTAPI/RESTAPI_apiKey_handler.h src/storage/orm_apikeys.cpp src/storage/orm_apikeys.h src/RESTAPI/RESTAPI_validate_apikey.cpp src/RESTAPI/RESTAPI_validate_apikey.h src/RESTAPI/RESTAPI_systemSecret_handler.cpp src/RESTAPI/RESTAPI_systemSecret_handler.h src/SecretStore.cpp src/SecretStore.h)
if(NOT SMALL_BUILD)
target_link_libraries(owsec PUBLIC

2
build
View File

@@ -1 +1 @@
6
9

75
openpapi/owsec.yaml
View File

@@ -243,7 +243,7 @@ components:
apiKey:
type: string
rights:
$ref: '#/components/schemas/ApiKeyAccessRights'
$ref: '#/components/schemas/ApiKeyAccessRightList'
AclTemplate:
type: object
@@ -753,6 +753,23 @@ components:
value:
type: string
SystemSecretEntry:
type: object
properties:
name:
type: string
value:
type: string
SystemSecretEntryList:
type: object
properties:
secrets:
type: array
items:
$ref: '#/components/schemas/SystemSecretEntry'
#########################################################################################
##
## End of uCentral system wide values
@@ -1956,6 +1973,62 @@ paths:
404:
$ref: '#/components/responses/NotFound'
/systemSecret/{secret}:
get:
description: Retrieve a specific secret
operationId: getSecret
parameters:
- in: path
name: secret
schema:
type: string
required: true
responses:
200:
$ref: '#/components/schemas/SystemSecretEntry'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
put:
description: Modify a specific secret
operationId: modifySecret
parameters:
- in: path
name: secret
schema:
type: string
required: true
- in: query
name: value
schema:
type: string
required: true
responses:
200:
$ref: '#/components/schemas/SystemSecretEntry'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
delete:
description: Remove a specific secret
operationId: deleteSecret
parameters:
- in: path
name: secret
schema:
type: string
required: true
responses:
200:
$ref: '#/components/responses/Success'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
#########################################################################################
##

7
src/RESTAPI/RESTAPI_routers.cpp
View File

@@ -28,6 +28,7 @@
#include "framework/RESTAPI_SystemCommand.h"
#include "framework/RESTAPI_WebSocketServer.h"
#include "RESTAPI_systemSecret_handler.h"
namespace OpenWifi {
@@ -59,7 +60,8 @@ namespace OpenWifi {
RESTAPI_validate_token_handler,
RESTAPI_validate_apikey,
RESTAPI_webSocketServer,
RESTAPI_apiKey_handler
RESTAPI_apiKey_handler,
RESTAPI_systemSecret_handler
>(Path, Bindings, L, S,TransactionId);
}
@@ -89,7 +91,8 @@ namespace OpenWifi {
RESTAPI_validate_sub_token_handler,
RESTAPI_validate_token_handler,
RESTAPI_validate_apikey,
RESTAPI_signup_handler
RESTAPI_signup_handler,
RESTAPI_systemSecret_handler
>(Path, Bindings, L, S, TransactionId);
}
}

10
src/RESTAPI/RESTAPI_subusers_handler.cpp
View File

@@ -17,15 +17,15 @@ namespace OpenWifi {
std::string baseQuery;
if(!nameSearch.empty() || !emailSearch.empty()) {
if(!nameSearch.empty())
baseQuery = fmt::format(" Lower(name) like('%{}%') ", Poco::toLower(nameSearch) );
baseQuery = fmt::format(" Lower(name) like('%{}%') ", ORM::Escape(Poco::toLower(nameSearch)) );
if(!emailSearch.empty())
baseQuery += baseQuery.empty() ? fmt::format(" Lower(email) like('%{}%') ", Poco::toLower(emailSearch))
: fmt::format(" and Lower(email) like('%{}%') ", Poco::toLower(emailSearch));
baseQuery += baseQuery.empty() ? fmt::format(" Lower(email) like('%{}%') ", ORM::Escape(Poco::toLower(emailSearch)))
: fmt::format(" and Lower(email) like('%{}%') ", ORM::Escape(Poco::toLower(emailSearch)));
}
if(QB_.CountOnly) {
std::string whereClause;
if(!operatorId.empty()) {
if(!operatorId.empty() && Utils::ValidUUID(operatorId)) {
whereClause = baseQuery.empty() ? fmt::format(" owner='{}' ", operatorId) :
fmt::format(" owner='{}' and {} ", operatorId, baseQuery);
auto count = StorageService()->SubDB().Count(whereClause);
@@ -35,7 +35,7 @@ namespace OpenWifi {
return ReturnCountOnly(count);
} else if(QB_.Select.empty()) {
std::string whereClause;
if(!operatorId.empty()) {
if(!operatorId.empty() && Utils::ValidUUID(operatorId)) {
whereClause = baseQuery.empty() ? fmt::format(" owner='{}' ", operatorId) :
fmt::format(" owner='{}' and {} ", operatorId, baseQuery);
}

29
src/RESTAPI/RESTAPI_systemSecret_handler.cpp Normal file
View File

@@ -0,0 +1,29 @@
//
// Created by stephane bourque on 2023-01-25.
//
#include "RESTAPI_systemSecret_handler.h"
namespace OpenWifi {
void RESTAPI_systemSecret_handler::DoGet() {
if(!Internal_ && UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
}
void RESTAPI_systemSecret_handler::DoDelete() {
if(UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
}
void RESTAPI_systemSecret_handler::DoPut() {
if(UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
}
} // OpenWifi

32
src/RESTAPI/RESTAPI_systemSecret_handler.h Normal file
View File

@@ -0,0 +1,32 @@
//
// Created by stephane bourque on 2023-01-25.
//
#pragma once
#include "framework/RESTAPI_Handler.h"
namespace OpenWifi {
class RESTAPI_systemSecret_handler : public RESTAPIHandler {
public:
RESTAPI_systemSecret_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L,
std::vector<std::string>
{
Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_PUT,
Poco::Net::HTTPRequest::HTTP_DELETE,
Poco::Net::HTTPRequest::HTTP_OPTIONS
},
Server,
TransactionId,
Internal) {}
static auto PathName() { return std::list<std::string>{"/systemSecret/{secret}"}; };
void DoGet() final;
void DoPost() final {};
void DoDelete() final;
void DoPut() final;
private:
};
}

6
src/RESTAPI/RESTAPI_users_handler.cpp
View File

@@ -15,10 +15,10 @@ namespace OpenWifi {
std::string baseQuery;
if(!nameSearch.empty() || !emailSearch.empty()) {
if(!nameSearch.empty())
baseQuery = fmt::format(" Lower(name) like('%{}%') ", Poco::toLower(nameSearch) );
baseQuery = fmt::format(" Lower(name) like('%{}%') ", ORM::Escape(Poco::toLower(nameSearch)) );
if(!emailSearch.empty())
baseQuery += baseQuery.empty() ? fmt::format(" Lower(email) like('%{}%') ", Poco::toLower(emailSearch))
: fmt::format(" and Lower(email) like('%{}%') ", Poco::toLower(emailSearch));
baseQuery += baseQuery.empty() ? fmt::format(" Lower(email) like('%{}%') ", ORM::Escape(Poco::toLower(emailSearch)))
: fmt::format(" and Lower(email) like('%{}%') ", ORM::Escape(Poco::toLower(emailSearch)));
}
if(QB_.Select.empty()) {

16
src/SecretStore.cpp Normal file
View File

@@ -0,0 +1,16 @@
//
// Created by stephane bourque on 2023-01-25.
//
#include "SecretStore.h"
namespace OpenWifi {
int SecretStore::Start() {
return 0;
}
void SecretStore::Stop() {
}
} // OpenWifi

30
src/SecretStore.h Normal file
View File

@@ -0,0 +1,30 @@
//
// Created by stephane bourque on 2023-01-25.
//
#pragma once
#include <framework/SubSystemServer.h>
namespace OpenWifi {
class SecretStore : public SubSystemServer {
public:
static SecretStore *instance() {
static auto *instance_ = new SecretStore;
return instance_;
}
int Start() final;
void Stop() final;
private:
SecretStore() noexcept:
SubSystemServer("SecretStore", "SECRET-SVR", "secret.store")
{
}
};
inline SecretStore * SecretStore() { return SecretStore::instance(); }
} // OpenWifi