1
0
mirror of https://github.com/binary-kitchen/doorlockd synced 2024-10-31 22:47:05 +01:00

Added error codes

This commit is contained in:
Ralf Ramsauer 2015-05-12 13:59:04 +00:00
parent c723002599
commit e0ebdc63f2
2 changed files with 47 additions and 19 deletions

View File

@ -37,12 +37,12 @@ Logic::~Logic()
{ {
} }
int Logic::parseRequest(const string &str) Logic::Response Logic::parseRequest(const string &str)
{ {
_logger("Parsing request..."); _logger("Parsing request...");
Json::Reader reader; Json::Reader reader;
Json::Value root; Json::Value root;
int retval = 0; Response retval = Fail;
string action, user, password, ip, token; string action, user, password, ip, token;
bool authenticate; bool authenticate;
@ -50,6 +50,7 @@ int Logic::parseRequest(const string &str)
if (!suc) if (!suc)
{ {
_logger(LogLevel::error, "Request ist not valid JSON!"); _logger(LogLevel::error, "Request ist not valid JSON!");
retval = NotJson;
goto out; goto out;
} }
@ -67,6 +68,7 @@ int Logic::parseRequest(const string &str)
catch (...) catch (...)
{ {
_logger(LogLevel::warning, "Error parsing JSON"); _logger(LogLevel::warning, "Error parsing JSON");
retval = JsonError;
goto out; goto out;
} }
@ -78,57 +80,67 @@ int Logic::parseRequest(const string &str)
if (_checkToken(token) == false) if (_checkToken(token) == false)
{ {
_logger(LogLevel::error, "User provided invalid token"); _logger(LogLevel::error, "User provided invalid token");
retval = InvalidToken;
goto out; goto out;
} }
if (_checkLDAP(user, password) == false) retval = _checkLDAP(user,password);
if (retval != Success)
{ {
_logger(LogLevel::error, "invalid LDAP credentials"); _logger(LogLevel::error, "Ldap error");
goto out; goto out;
} }
} else { } else {
if (_checkIP(ip) == false) if (_checkIP(ip) == false)
{ {
_logger(LogLevel::error, "IP check for non-authentication failed"); _logger(LogLevel::error, "IP check for non-authentication failed");
retval = InvalidIP;
goto out; goto out;
} }
} }
if (action == "lock") if (action == "lock")
{ {
_lock(); retval = _lock();
} else if (action == "unlock") { } else if (action == "unlock") {
_unlock(); retval = _unlock();
} else { } else {
_logger(LogLevel::error, "Unknown Action: %s", action.c_str()); _logger(LogLevel::error, "Unknown Action: %s", action.c_str());
retval = UnknownAction;
} }
out: out:
return retval; return retval;
} }
void Logic::_lock() Logic::Response Logic::_lock()
{ {
if (_state == LOCKED) if (_state == LOCKED)
{ {
_logger(LogLevel::warning, "Unable to lock: already locked"); _logger(LogLevel::warning, "Unable to lock: already closed");
return; return AlreadyLocked;
} }
_door.lock(); _door.lock();
_state = LOCKED; _state = LOCKED;
createNewToken(false); createNewToken(false);
return Success;
} }
void Logic::_unlock() Logic::Response Logic::_unlock()
{ {
if (_state == UNLOCKED) if (_state == UNLOCKED)
{ {
_logger(LogLevel::warning, "Unable to unlock: already unlocked"); _logger(LogLevel::warning, "Unable to unlock: already unlocked");
return; return AlreadyUnlocked;
} }
_door.unlock(); _door.unlock();
_state = UNLOCKED; _state = UNLOCKED;
createNewToken(false); createNewToken(false);
return Success;
} }
bool Logic::_checkIP(const string &ip) bool Logic::_checkIP(const string &ip)
@ -153,11 +165,11 @@ bool Logic::_checkToken(const string &strToken)
return false; return false;
} }
bool Logic::_checkLDAP(const string &user, const string &password) Logic::Response Logic::_checkLDAP(const string &user, const string &password)
{ {
constexpr int BUFFERSIZE = 1024; constexpr int BUFFERSIZE = 1024;
char buffer[BUFFERSIZE]; char buffer[BUFFERSIZE];
bool retval = false; Response retval = Fail;
int rc = -1; int rc = -1;
LDAP* ld = nullptr; LDAP* ld = nullptr;
unsigned long version = LDAP_VERSION3; unsigned long version = LDAP_VERSION3;
@ -169,6 +181,7 @@ bool Logic::_checkLDAP(const string &user, const string &password)
if(rc != LDAP_SUCCESS) if(rc != LDAP_SUCCESS)
{ {
_logger(LogLevel::error, "LDAP initialize error: %s", ldap_err2string(rc)); _logger(LogLevel::error, "LDAP initialize error: %s", ldap_err2string(rc));
retval = LDAPInit;
goto out2; goto out2;
} }
@ -178,6 +191,7 @@ bool Logic::_checkLDAP(const string &user, const string &password)
if (rc != LDAP_SUCCESS) if (rc != LDAP_SUCCESS)
{ {
_logger(LogLevel::error, "LDAP set version failed"); _logger(LogLevel::error, "LDAP set version failed");
retval = LDAPInit;
goto out; goto out;
} }
@ -185,11 +199,12 @@ bool Logic::_checkLDAP(const string &user, const string &password)
if (rc != LDAP_SUCCESS) if (rc != LDAP_SUCCESS)
{ {
_logger(LogLevel::error, "Credential check for user \"%s\" failed: %s", user.c_str(), ldap_err2string(rc)); _logger(LogLevel::error, "Credential check for user \"%s\" failed: %s", user.c_str(), ldap_err2string(rc));
retval = InvalidCredentials;
goto out; goto out;
} }
_logger(LogLevel::notice, "user \"%s\" successfully authenticated", user.c_str()); _logger(LogLevel::notice, "user \"%s\" successfully authenticated", user.c_str());
retval = true; retval = Success;
out: out:
ldap_unbind(ld); ldap_unbind(ld);

23
logic.h
View File

@ -17,18 +17,32 @@ public:
static Logic &get(); static Logic &get();
~Logic(); ~Logic();
int parseRequest(const std::string &str); enum Response {
Success = 0, // Request successful
Fail, // General non-specified error
AlreadyUnlocked, // Authentication successful, but door is already unlocked
AlreadyLocked, // Authentication successful, but door is already locked
NotJson, // Request is not a valid JSON object
JsonError, // Request is valid JSON, but does not contain necessary material
InvalidToken, // Request contains invalid token
InvalidCredentials, // Invalid LDAP credentials
InvalidIP, // IP check failure
UnknownAction, // Unknown action
LDAPInit, // Ldap initialization failed
};
Response parseRequest(const std::string &str);
void createNewToken(const bool stillValid); void createNewToken(const bool stillValid);
private: private:
Logic(); Logic();
void _lock(); Response _lock();
void _unlock(); Response _unlock();
bool _checkToken(const std::string &token); bool _checkToken(const std::string &token);
bool _checkLDAP(const std::string &user, const std::string &password); Response _checkLDAP(const std::string &user, const std::string &password);
bool _checkIP(const std::string &ip); bool _checkIP(const std::string &ip);
@ -44,7 +58,6 @@ private:
const static std::string _lockPagePrefix; const static std::string _lockPagePrefix;
const static std::string _fifoLocation;
const static std::string _bindDN; const static std::string _bindDN;
const static std::string _ldapServer; const static std::string _ldapServer;
const static std::string _allowedIpPrefix; const static std::string _allowedIpPrefix;