From bbb8e9176ced8b4079fcbb208137042ec56c1433 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <matthias@gamezock.de>
Date: Mon, 31 Aug 2009 08:46:09 +0200
Subject: UserRequestHandlerGroup: Authentifizierung fordern

---
 .../RequestHandlers/UserRequestHandlerGroup.cpp    | 91 +++++++++++++++++-----
 1 file changed, 73 insertions(+), 18 deletions(-)

diff --git a/src/Server/RequestHandlers/UserRequestHandlerGroup.cpp b/src/Server/RequestHandlers/UserRequestHandlerGroup.cpp
index 873815a..ea6f6c1 100644
--- a/src/Server/RequestHandlers/UserRequestHandlerGroup.cpp
+++ b/src/Server/RequestHandlers/UserRequestHandlerGroup.cpp
@@ -19,6 +19,7 @@
 
 #include "UserRequestHandlerGroup.h"
 #include "../Application.h"
+#include "../ConnectionManager.h"
 
 #include <Common/UserManager.h>
 
@@ -29,7 +30,10 @@ namespace Server {
 namespace RequestHandlers {
 
 void UserRequestHandlerGroup::handleUserListRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   boost::posix_time::ptime timestamp(boost::posix_time::not_a_date_time);
 
   const std::string &timestr = packet->get<const std::string&>("timestamp");
@@ -62,7 +66,10 @@ void UserRequestHandlerGroup::handleUserListRequest(boost::shared_ptr<const Comm
 }
 
 void UserRequestHandlerGroup::handleUserInfoRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   boost::posix_time::ptime timestamp(boost::posix_time::not_a_date_time);
 
   const std::string &timestr = packet->get<const std::string&>("timestamp");
@@ -95,7 +102,10 @@ void UserRequestHandlerGroup::handleUserInfoRequest(boost::shared_ptr<const Comm
 }
 
 void UserRequestHandlerGroup::handleUserGroupListRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   boost::posix_time::ptime timestamp(boost::posix_time::not_a_date_time);
 
   const std::string &timestr = packet->get<const std::string&>("timestamp");
@@ -125,7 +135,10 @@ void UserRequestHandlerGroup::handleUserGroupListRequest(boost::shared_ptr<const
 }
 
 void UserRequestHandlerGroup::handleGroupListRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   boost::posix_time::ptime timestamp(boost::posix_time::not_a_date_time);
 
   const std::string &timestr = packet->get<const std::string&>("timestamp");
@@ -156,7 +169,10 @@ void UserRequestHandlerGroup::handleGroupListRequest(boost::shared_ptr<const Com
 }
 
 void UserRequestHandlerGroup::handleGroupInfoRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   boost::posix_time::ptime timestamp(boost::posix_time::not_a_date_time);
 
   const std::string &timestr = packet->get<const std::string&>("timestamp");
@@ -187,7 +203,10 @@ void UserRequestHandlerGroup::handleGroupInfoRequest(boost::shared_ptr<const Com
 }
 
 void UserRequestHandlerGroup::handleGroupUserListRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   boost::posix_time::ptime timestamp(boost::posix_time::not_a_date_time);
 
   const std::string &timestr = packet->get<const std::string&>("timestamp");
@@ -215,7 +234,10 @@ void UserRequestHandlerGroup::handleGroupUserListRequest(boost::shared_ptr<const
 }
 
 void UserRequestHandlerGroup::handleFullUserGroupListRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   boost::posix_time::ptime timestamp(boost::posix_time::not_a_date_time);
 
   const std::string &timestr = packet->get<const std::string&>("timestamp");
@@ -247,7 +269,10 @@ void UserRequestHandlerGroup::handleFullUserGroupListRequest(boost::shared_ptr<c
 
 
 void UserRequestHandlerGroup::handleUserInfoCheckRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   Common::UserInfo userInfo(packet->get<unsigned long>("uid"), packet->get<const std::string&>("username"));
   userInfo.setGid(packet->get<unsigned long>("gid"));
   userInfo.setFullName(packet->get<const std::string&>("fullName"));
@@ -258,7 +283,10 @@ void UserRequestHandlerGroup::handleUserInfoCheckRequest(boost::shared_ptr<const
 }
 
 void UserRequestHandlerGroup::handleUserAddRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   Common::UserInfo userInfo(packet->get<unsigned long>("uid"), packet->get<const std::string&>("username"));
   userInfo.setGid(packet->get<unsigned long>("gid"));
   userInfo.setFullName(packet->get<const std::string&>("fullName"));
@@ -269,7 +297,10 @@ void UserRequestHandlerGroup::handleUserAddRequest(boost::shared_ptr<const Commo
 }
 
 void UserRequestHandlerGroup::handleUserUpdateRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   Common::UserInfo userInfo(packet->get<unsigned long>("uid"), packet->get<const std::string&>("username"));
   userInfo.setGid(packet->get<unsigned long>("gid"));
   userInfo.setFullName(packet->get<const std::string&>("fullName"));
@@ -280,7 +311,10 @@ void UserRequestHandlerGroup::handleUserUpdateRequest(boost::shared_ptr<const Co
 }
 
 void UserRequestHandlerGroup::handleUserDeleteRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   application->getUserManager()->deleteUser(packet->get<unsigned long>("uid"));
 
   ret->setType("OK");
@@ -288,21 +322,30 @@ void UserRequestHandlerGroup::handleUserDeleteRequest(boost::shared_ptr<const Co
 
 
 void UserRequestHandlerGroup::handleGroupInfoCheckRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   application->getUserManager()->checkGroupInfo(Common::GroupInfo(packet->get<unsigned long>("gid"), packet->get<const std::string&>("name")));
 
   ret->setType("OK");
 }
 
 void UserRequestHandlerGroup::handleGroupAddRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   application->getUserManager()->addGroup(Common::GroupInfo(packet->get<unsigned long>("gid"), packet->get<const std::string&>("name")));
 
   ret->setType("OK");
 }
 
 void UserRequestHandlerGroup::handleGroupUpdateRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   application->getUserManager()->updateGroup(packet->get<unsigned long>("origGid"),
       Common::GroupInfo(packet->get<unsigned long>("gid"), packet->get<const std::string&>("name")));
 
@@ -310,7 +353,10 @@ void UserRequestHandlerGroup::handleGroupUpdateRequest(boost::shared_ptr<const C
 }
 
 void UserRequestHandlerGroup::handleGroupDeleteRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   application->getUserManager()->deleteGroup(packet->get<unsigned long>("gid"));
 
   ret->setType("OK");
@@ -318,21 +364,30 @@ void UserRequestHandlerGroup::handleGroupDeleteRequest(boost::shared_ptr<const C
 
 
 void UserRequestHandlerGroup::handleAddUserToGroupRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   application->getUserManager()->addUserToGroup(packet->get<unsigned long>("uid"), packet->get<unsigned long>("gid"));
 
   ret->setType("OK");
 }
 
 void UserRequestHandlerGroup::handleDeleteUserFromGroupRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   application->getUserManager()->deleteUserFromGroup(packet->get<unsigned long>("uid"), packet->get<unsigned long>("gid"));
 
   ret->setType("OK");
 }
 
 void UserRequestHandlerGroup::handlePasswordSetRequest(boost::shared_ptr<const Common::XmlPacket> packet, Common::XmlPacket *ret,
-    Common::Connection* /*connection*/) {
+    Common::Connection *connection) {
+  if(!application->getConnectionManager()->isAuthenticated(connection))
+    throw(Core::Exception(Core::Exception::PERMISSION));
+
   application->getUserManager()->setPassword(packet->get<unsigned long>("uid"), packet->get<const std::string&>("password"));
 
   ret->setType("OK");
-- 
cgit v1.2.3