Permalink
Browse files

Fixing several small bugs

  • Loading branch information...
1 parent 252cc45 commit 63ea09fdce75eee09aa5aea613801207649d0941 @mauritslamers committed Aug 11, 2010
Showing with 28 additions and 5 deletions.
  1. +20 −4 OrionPolicies.js
  2. +7 −0 OrionServer.js
  3. +1 −1 myPolicies.sample.js
View
24 OrionPolicies.js
@@ -18,6 +18,7 @@ or a changed record with certain information filtered out or changed.
*/
if(!global.SC) require('./sc/runtime/core');
//require('./OrionPolicyModel');
+var sys=require('sys');
global.OrionPolicies = SC.Object.extend({
@@ -33,7 +34,9 @@ global.OrionPolicies = SC.Object.extend({
readPolicyFile: function(){
var policyFileName = this.get('policyFile');
+ sys.log("OrionPolicy: readPolicyFile: policyFileName = " + this.policyFile);
if(policyFileName){
+ sys.log('OrionPolicy: Reading policies file');
var policyFile = require(policyFileName);
var enabledPolicies = policyFile.enabledPolicies;
var policyDir = policyFile.policyPath;
@@ -50,7 +53,8 @@ global.OrionPolicies = SC.Object.extend({
if(tmpPol && tmpPol[curPolName]) ret[curPolName] = tmpPol[curPolName];
}
// set the policy cache
- this.set('policyCache', ret);
+ sys.log('OrionPolicy: Setting policyCache');
+ this.policyCache = ret;
}
}
},
@@ -98,17 +102,28 @@ global.OrionPolicies = SC.Object.extend({
checkPolicy: function(storeRequest,record,callback){
// function to check whether the current record and storeRequest are allowed...
+ if(!this.policyCache) this.readPolicyFile(); // load if not already done...
var resource = storeRequest.bucket;
var action = storeRequest.action;
- var policies = this.get('policyCache');
- var noPolCheck = this.get('noPolicyCheckForRoles');
- if(noPolCheck.indexOf(storeRequest.userData.role) === -1){
+ var policies = this.policyCache;
+ // load policies if not yet loaded
+ var noPolCheck = this.noPolicyCheckForRoles;
+ if(noPolCheck.indexOf(storeRequest.client.userData.role) === -1){
+ // we need to catch requests for which there is no policy
+ if(!policies[resource]){
+ sys.log("OrionPolicies: You have been trying to perform a " + action + " action on " + resource + " but no policies have been defined for this resource");
+ callback(NO);
+ return;
+ }
+
// check whether record happens to be an array, we have to pass all records through the policy check
// which is kind of difficult, and most importantly, ALL policy checks MUST call the callback, otherwise
// the data will never arrive at the client!!
if(record instanceof Array){
+ sys.log('running checkPolicy: inside array stuff');
var me = this, cacheKey = this.generateCacheKey();
var curRec, polCheck;
+
if(record.length !== 0){
this._tmpRecordCache[cacheKey]=[];
this._tmpRecordCacheCount[cacheKey]=record.length;
@@ -120,6 +135,7 @@ global.OrionPolicies = SC.Object.extend({
}
}
else {
+ sys.log('OrionPolicy: request not an array request...')
policies[resource][action](storeRequest,storeRequest.client.userData,record,callback);
}
}
View
7 OrionServer.js
@@ -562,6 +562,13 @@ global.OrionServer = SC.Object.extend({
}
}; // end refreshAction
+
+ if(this.policyModule){
+ this.policyModule.checkPolicy(storeRequest,storeRequest.recordData,refreshAction);
+ }
+ else {
+ refreshAction(YES);
+ }
}
else {
sys.log("OrionServer received an invalid refreshRecord call:");
View
2 myPolicies.sample.js
@@ -12,7 +12,7 @@ exports.policyPath = './policies';
// define which roles do not require policy checking: "root admin".w()
// if you leave this emply every role will be checked
-exports.noPolicyCheckForRoles: "root admin".w();
+exports.noPolicyCheckForRoles = "root admin".w();
// define the resources you want to be able to load. Just define the resources.
// example exports.enabledPolicies = "sample1 sample2".w()

0 comments on commit 63ea09f

Please sign in to comment.