Poco::OSP::Auth

class AuthAdminService

Library: OSP/Auth
Package: Auth
Header: Poco/OSP/Auth/AuthAdminService.h

Description

This service interface extends the basic AuthService interface with methods for administrating users, roles and their permissions.

Users can have assigned permissions and roles. Roles have assigned permissions as well. The effective permissions of a user are his directly assigned permissions plus the permissions assigned through the roles has has been assigned. Use of roles is thus optional.

Each user can have an arbitrary number of attributes.

Inheritance

Direct Base Classes: AuthService

All Base Classes: AuthService, Poco::OSP::Service, Poco::RefCountedObject

Known Derived Classes: AbstractLDAPAuthAdminService

Member Summary

Member Functions: addRole, addUser, assignRoleToUser, attributesForUser, changePassword, effectivePermissionsForUser, getUserAttribute, grantPermissionsToRole, grantPermissionsToUser, isA, permissionsForRole, permissionsForUser, removeRole, removeRoleFromUser, removeUser, removeUserAttribute, revokePermissionsFromRole, revokePermissionsFromUser, roleExists, roles, rolesForUser, setUserAttribute, type, uncacheUser, userExists, users

Inherited Functions: authenticate, authorize, duplicate, isA, referenceCount, release, type

Types

Ptr

typedef Poco::AutoPtr < AuthAdminService > Ptr;

Member Functions

addRole virtual

virtual void addRole(
    const std::string & rolename
) = 0;

Adds a new role to the database.

Throws a Poco::ExistsException if a role with the given name already exists.

addUser virtual

virtual void addUser(
    const std::string & username,
    const std::string & password
) = 0;

Adds a new user to the database.

Throws a Poco::ExistsException if an user with the given username already exists.

assignRoleToUser virtual

virtual void assignRoleToUser(
    const std::string & username,
    const std::string & rolename
) = 0;

Assigns a role to an user.

Throws a Poco::NotFoundException if the user or role does not exist. Does nothing if the user already has the role.

attributesForUser virtual

virtual void attributesForUser(
    const std::string & username,
    std::set < std::string > & attributes
) const = 0;

Returns the names of all attributes set for the given username.

changePassword virtual

virtual void changePassword(
    const std::string & username,
    const std::string & password
) = 0;

Changes the password for the user with the given username.

effectivePermissionsForUser virtual

virtual void effectivePermissionsForUser(
    const std::string & username,
    std::set < std::string > & permissions
) const = 0;

Returns a set of permissions for the user given by username. Both permissions directly granted to the user and permissions granted indirectly through roles will be included in the result.

Throws a Poco::NotFoundException if the user does not exist.

getUserAttribute virtual

virtual std::string getUserAttribute(
    const std::string & username,
    const std::string & attribute,
    const std::string & deflt = std::string ()
) const = 0;

Returns the value of a user attribute, or the specified default value if the user attribute does not exist.

grantPermissionsToRole virtual

virtual void grantPermissionsToRole(
    const std::string & rolename,
    const std::set < std::string > & permissions
) = 0;

Grans the given permissions to the role identified by rolename.

Throws a Poco::NotFoundException if the role does not exist.

grantPermissionsToUser virtual

virtual void grantPermissionsToUser(
    const std::string & username,
    const std::set < std::string > & permissions
) = 0;

Grans the given permissions to the user identified by username.

Throws a Poco::NotFoundException if the user does not exist.

isA virtual

bool isA(
    const std::type_info & otherType
) const;

permissionsForRole virtual

virtual void permissionsForRole(
    const std::string & rolename,
    std::set < std::string > & permissions
) const = 0;

Returns a set of permissions for the role given by rolename.

Throws a Poco::NotFoundException if the role does not exist.

permissionsForUser virtual

virtual void permissionsForUser(
    const std::string & username,
    std::set < std::string > & permissions
) const = 0;

Returns a set of permissions for the user given by username. Only permissions directly granted to the user will be returned. Permissions granted indirectly through roles will not be included.

Throws a Poco::NotFoundException if the user does not exist.

removeRole virtual

virtual void removeRole(
    const std::string & rolename
) = 0;

Removes the role identified by name from the database.

Throws a Poco::NotFoundException if the role does not exist.

removeRoleFromUser virtual

virtual void removeRoleFromUser(
    const std::string & username,
    const std::string & rolename
) = 0;

Removes a role from an user.

Throws a Poco::NotFoundException if the user does not exist. Does nothing if the user does not have the role.

removeUser virtual

virtual void removeUser(
    const std::string & username
) = 0;

Removes the user identified by username from the database.

Throws a Poco::NotFoundException if the user does not exist.

removeUserAttribute virtual

virtual void removeUserAttribute(
    const std::string & username,
    const std::string & attribute
) = 0;

Removes the given attribute from username.

revokePermissionsFromRole virtual

virtual void revokePermissionsFromRole(
    const std::string & rolename,
    const std::set < std::string > & permissions
) = 0;

Revokes the given permissions from the role identified by rolename.

Throws a Poco::NotFoundException if the role does not exist.

revokePermissionsFromUser virtual

virtual void revokePermissionsFromUser(
    const std::string & username,
    const std::set < std::string > & permissions
) = 0;

Revokes the given permissions from the user identified by username.

Throws a Poco::NotFoundException if the user does not exist.

roleExists virtual

virtual bool roleExists(
    const std::string & rolename
) const = 0;

Returns true if and only if a role with the given rolename exists.

roles virtual

virtual void roles(
    std::set < std::string > & roles
) const = 0;

Returns a set of all roles in the database.

rolesForUser virtual

virtual void rolesForUser(
    const std::string & username,
    std::set < std::string > & roles
) const = 0;

Returns the set of roles assigned to the user identified by username.

setUserAttribute virtual

virtual void setUserAttribute(
    const std::string & username,
    const std::string & attribute,
    const std::string & value
) = 0;

Sets the value of a user attribute.

type virtual

const std::type_info & type() const;

uncacheUser virtual

virtual void uncacheUser(
    const std::string & username
) = 0;

Removes all cached data for the user with the given name.

Should be done when a user logs out of an application.

userExists virtual

virtual bool userExists(
    const std::string & username
) const = 0;

Returns true if and only if a user with the given username exists.

users virtual

virtual void users(
    std::set < std::string > & users,
    int first = 0,
    int limit = 0
) const = 0;

Returns a list of all users in the database.

This method supports "paged" retrieval. First specifies the index of the first user to be returned. Limit specifies the maximum number of users to return.

Variables

SERVICE_NAME static

static const std::string SERVICE_NAME;

roleAdded

Poco::BasicEvent < const std::string > roleAdded;

Fired when a new role has been created.

roleRemoved

Poco::BasicEvent < const std::string > roleRemoved;

Fired when a role has been removed.

userAdded

Poco::BasicEvent < const std::string > userAdded;

Fired when a new user account has been created.

userRemoved

Poco::BasicEvent < const std::string > userRemoved;

Fired when a user account has been removed.