indexing description: "Base class for use cases that need authorization." author: "Patrick Ruckstuhl " date: "$Date$" revision: "$Revision$" deferred class AUTH_USE_CASE inherit USE_CASE feature -- Access auth_node: STRING is "storage1" -- Authentication node. feature {NONE} -- Implementation is_authorized_for_project (a_msg: O_SESSION_MESSAGE; a_instruction: STRING; a_project: INTEGER; a_auth_node: STRING) is -- Check if `a_msg' is authorized to do `a_instruction' in `a_project'. -- If so, call handle_auth_reply. require a_msg_ok: a_msg /= Void a_instruction_ok: a_instruction /= Void and then not a_instruction.is_empty a_project_ok: a_project >= 0 a_auth_node_ok: a_auth_node /= Void and then not a_auth_node.is_empty local l_auth: O_USER_AUTHORIZED_FOR_PROJECT_MESSAGE do -- check if the user is authorized and act accordingly create l_auth.make (a_msg.session, a_instruction, a_project) l_auth.set_reply_handler (agent handle_auth_reply (?, a_msg)) node.send_message_node (l_auth, a_auth_node) end is_authorized_for_community (a_msg: O_SESSION_MESSAGE; a_instruction: STRING; a_community_name: STRING; a_auth_node: STRING) is -- Check if `a_msg' is authorized to do `a_instruction' for a community with name `a_community_name'. -- If so, call handle_auth_reply. -- The community name can be "" -> then the instruction is tested not for a specific community but -- in general. require a_msg_ok: a_msg /= Void a_instruction_ok: a_instruction /= Void and then not a_instruction.is_empty a_community_name_ok: a_community_name /= Void a_auth_node_ok: a_auth_node /= Void and then not a_auth_node.is_empty local l_auth: O_USER_AUTHORIZED_FOR_COMMUNITY_MESSAGE do -- check if the user is authorized and act accordingly create l_auth.make (a_msg.session, a_instruction, a_community_name) l_auth.set_reply_handler (agent handle_auth_reply (?, a_msg)) node.send_message_node (l_auth, a_auth_node) end handle_auth_success (a_msg: O_MESSAGE) is -- a_msg has been authorized, execute it. require a_msg_set: a_msg /= Void deferred end handle_auth_reply (a_auth_reply: O_MESSAGE; a_orig_msg: O_MESSAGE) is -- Handle a_auth_reply and send according messages, use a_orig_msg as original message where we have to send replies. require a_auth_reply_ok: a_auth_reply /= Void a_orig_msg_ok: a_orig_msg /= Void local l_status: O_GENERAL_STATUS_MESSAGE do l_status ?= a_auth_reply check status_message: l_status /= Void end -- allowed => send message to storage, send ok if l_status.is_success then handle_auth_success (a_orig_msg) -- not allowed => forward error else node.send_message_reply (a_auth_reply, a_orig_msg) end end end