Add permission mask decoding
(EN) Add permission mask decoding.
Because the ScadaLTS permissions do not work, we store them in a separate User-Management system, which we ask for permissions using the REST API.
- API PermissionEvaluator:
- /api/permission/filter takes into account the isRead permission mask, i.e. if the user has the isRead
permission set to the element, he will be able to see the element. - /api/permission/hasPermission he asks for permission (isRead, isWrite, isExecute) in context.
- /api/permission/filter takes into account the isRead permission mask, i.e. if the user has the isRead
This causes that we need to decode the permission mask on the backend side which should be added in this task.
The task involves the preparation of the decoding mechanism itself and tests.
- For mask decoding purposes, the EncodeAndDecodeMaskPermission class was created in the org.scada_lts.shared package with the methods:
- byte getBit(Integer mask, byte index) - The method return the int (0,1) value based on the converted numeric mask e.g. 1, into a string, e.g. '001' and a bit based on the index, eg an index equal to 2 returns 1.
- int getMask(isRead, isWrite, isExecute) - The method that returns the mask in numerical form based on the permissions.
- byte isRead(Integer mask) - The method that checks the isExecute permission in the mask on the first bit from the left, returns 0 or 1. eg mask 1 '100' will return 1 and '010' will return 0.
- byte isWrite(Integer mask) - The method that checks the isWrite permission in the mask on the second bit from the left, returns 0 or 1. eg mask 2 '010' will return 1 and '100' will return 0.
- byte isExecute(Integer mask) - The method that checks the isExecute permission in the mask on the third bit from the left, returns 0 or 1. eg mask 1 '001' will return 1 and '100' will return 0.
Link to sources:
EncodeAndDecodeMaskPermission
EncodeAndDecodeMaskPermissionTest
I'm just learning English, this is not my native language, I am asking for understanding on language issues.
(PL) Dodanie dekodowania maski uprawnień.
Dlatego że uprawnienia w ScadaLTS nie działają przechowujemy je w osobnym systemie User-Management, którego pytamy się o uprawnienia używając REST API.
- API PermissionEvaluator:
- /api/permission/filter uwzględnia maskę uprawnienia isRead czyli jeśli użytkownik będzie miał uprawnienie isRead ustawione do elementu to będzie mógł zobaczyć element.
- /api/permission/hasPermission dostaje zapytanie o uprawnienie (isRead, isWrite, isExecute) w kontekście.
To powoduję, że potrzebujemy dekodować maskę uprawnień po stronie backendu co należy dodać w tym zadaniu.
Zadanie obejmuje przygotowanie samego mechanizmu dekodowania i testy.
- Dla celów dekodowania maski powstała klasa EncodeAndDecodeMaskPermission w pakiecie org.scada_lts.shared z metodami:
- byte getBit(Integer mask, byte index) - Metoda zwracająca wartości int (0,1) na podstawie zamienionej maski numerycznej (np. 1) na ciąg znaków np. ‘001’ i pobranie bit-u na podstawie indeksu np. index równy 2 zwróci 1.
- int getMask(isRead, isWrite, isExecute) - Metoda zwracająca maskę w postaci numerycznej na podstawie uprawnień.
- byte isRead(Integer mask) - Metoda sprawdzająca uprawnienie isRead w masce na pierwszym bicie od lewej strony, zwraca 0 lub 1. np. maska ‘100’ zwroci 1 a ‘010’ zwróci 0.
- byte isWrite(Integer mask) - Metoda sprawdzająca uprawnienie isWrite w masce na drugim bicie od lewej strony, zwraca 0 lub 1. np. maska 2 ‘010’ zwróci 1 a ‘100’ zwróci 0.
- byte isExecute(Integer mask) - Metoda sprawdzająca uprawnienie isExecute na trzecim bicie od lewej, zwraca 0 lub 1. np maska ‘001’ zwraca wartość 0 lub 1. np. dla maski ‘001’ zwróci 1 a dla maski ‘010’ zwróci 0;
Link do źródeł:
EncodeAndDecodeMaskPermission
EncodeAndDecodeMaskPermissionTest
Posted on Utopian.io - Rewarding Open Source Contributors
Leave Add permission mask decoding to:
Read more #utopian-io posts
Best Posts From grzesiek
We have not curated any of grzesiekb's posts yet. But you can encourage our curation team to review posts by visiting them regularly and by referring other readers. Because we give priority to frequently read content.
More Posts From grzesiek
- Bash script - challenge [part 3]. Authentication test (token) using the curl program.
- Bash script challenge [part 2]. Authentication test (session) using the curl program.
- Bash script - challenge. Writing API tests using the curl program
- Adding description for datasource state [develop Scada-LTS]
- New option in HttpRetriver datasource [Scada-LTS]
- New Export/Import pointHierarchy. [ScadaLTS]
- [Scada-LTS] The possibility to add image sets without requiring a reboot
- [Scada-LTS] The possibility to add image sets without a restart
- New Project “shop-at-everything”.
- A successful attempt on adding switch language option in the angular app and integrating it with crowdin.com
- Add login component [EN/PL]
- Generating data (multistate) for simulations in Scada-LTS. [EN/PL]
- Correct the api rest authentication [EN/PL]
- How the data of virtual multisate points in the Scada-LTS program change
- We add a virtual point with the ** multistate ** type (increment) in Scada-LTS
- Generating data (binary) for simulations in Scada-LTS / Generowanie danych (binarnych) do symulacji w Scadzie-LTS [EN/PL]
- Preview how data from "virtual-data source" (type binary - Alternate, No Change, Random) changes every second
- Add "virtual point" in "virual data-source" - with Binary type in Scada-LTS
- Add a "virtual data-source" in Scada-LTS
- Add permission mask decoding