mgmt, main: add support for authorized commands
refs: #1227
Change-Id: I907d1fa6e78775470c5376fcdfe898be4c311001
diff --git a/daemon/mgmt/local-control-header-manager.cpp b/daemon/mgmt/local-control-header-manager.cpp
index 5717f54..aae1d0c 100644
--- a/daemon/mgmt/local-control-header-manager.cpp
+++ b/daemon/mgmt/local-control-header-manager.cpp
@@ -6,6 +6,7 @@
#include "local-control-header-manager.hpp"
#include "face/local-face.hpp"
+#include "mgmt/internal-face.hpp"
namespace nfd {
@@ -20,26 +21,23 @@
const size_t LocalControlHeaderManager::COMMAND_SIGNED_NCOMPS =
LocalControlHeaderManager::COMMAND_UNSIGNED_NCOMPS +
- 0; // No signed Interest support in mock
+ 4; // (timestamp, nonce, signed info tlv, signature tlv)
LocalControlHeaderManager::LocalControlHeaderManager(function<shared_ptr<Face>(FaceId)> getFace,
- shared_ptr<AppFace> face)
- : ManagerBase(face),
+ shared_ptr<InternalFace> face)
+ : ManagerBase(face, CONTROL_HEADER_PRIVILEGE),
m_getFace(getFace)
{
face->setInterestFilter("/localhost/nfd/control-header",
bind(&LocalControlHeaderManager::onLocalControlHeaderRequest, this, _2));
}
+
+
void
LocalControlHeaderManager::onLocalControlHeaderRequest(const Interest& request)
{
- static const Name::Component MODULE_IN_FACEID("in-faceid");
- static const Name::Component MODULE_NEXTHOP_FACEID("nexthop-faceid");
- static const Name::Component VERB_ENABLE("enable");
- static const Name::Component VERB_DISABLE("disable");
-
const Name& command = request.getName();
const size_t commandNComps = command.size();
@@ -59,35 +57,53 @@
return;
}
+ validate(request,
+ bind(&LocalControlHeaderManager::onCommandValidated,
+ this, _1),
+ bind(&ManagerBase::onCommandValidationFailed,
+ this, _1, _2));
+
+
+}
+
+void
+LocalControlHeaderManager::onCommandValidated(const shared_ptr<const Interest>& command)
+{
+ static const Name::Component MODULE_IN_FACEID("in-faceid");
+ static const Name::Component MODULE_NEXTHOP_FACEID("nexthop-faceid");
+ static const Name::Component VERB_ENABLE("enable");
+ static const Name::Component VERB_DISABLE("disable");
+
shared_ptr<LocalFace> face =
- dynamic_pointer_cast<LocalFace>(m_getFace(request.getIncomingFaceId()));
+ dynamic_pointer_cast<LocalFace>(m_getFace(command->getIncomingFaceId()));
if (!static_cast<bool>(face))
{
- NFD_LOG_INFO("command result: request to enable control header on non-local face");
- sendResponse(command, 400, "Command not supported on the requested face");
+ NFD_LOG_INFO("command result: command to enable control header on non-local face");
+ sendResponse(command->getName(), 400, "Command not supported on the requested face");
return;
}
- const Name::Component& module = command.get(COMMAND_PREFIX.size());
- const Name::Component& verb = command.get(COMMAND_PREFIX.size() + 1);
+ const Name& commandName = command->getName();
+ const Name::Component& module = commandName[COMMAND_PREFIX.size()];
+ const Name::Component& verb = commandName[COMMAND_PREFIX.size() + 1];
if (module == MODULE_IN_FACEID)
{
if (verb == VERB_ENABLE)
{
face->setLocalControlHeaderFeature(LOCAL_CONTROL_HEADER_FEATURE_IN_FACEID, true);
- sendResponse(command, 200, "Success");
+ sendResponse(commandName, 200, "Success");
}
else if (verb == VERB_DISABLE)
{
face->setLocalControlHeaderFeature(LOCAL_CONTROL_HEADER_FEATURE_IN_FACEID, false);
- sendResponse(command, 200, "Success");
+ sendResponse(commandName, 200, "Success");
}
else
{
NFD_LOG_INFO("command result: unsupported verb: " << verb);
- sendResponse(command, 501, "Unsupported");
+ sendResponse(commandName, 501, "Unsupported");
}
}
else if (module == MODULE_NEXTHOP_FACEID)
@@ -95,23 +111,23 @@
if (verb == VERB_ENABLE)
{
face->setLocalControlHeaderFeature(LOCAL_CONTROL_HEADER_FEATURE_NEXTHOP_FACEID, true);
- sendResponse(command, 200, "Success");
+ sendResponse(commandName, 200, "Success");
}
else if (verb == VERB_DISABLE)
{
face->setLocalControlHeaderFeature(LOCAL_CONTROL_HEADER_FEATURE_NEXTHOP_FACEID, false);
- sendResponse(command, 200, "Success");
+ sendResponse(commandName, 200, "Success");
}
else
{
NFD_LOG_INFO("command result: unsupported verb: " << verb);
- sendResponse(command, 501, "Unsupported");
+ sendResponse(commandName, 501, "Unsupported");
}
}
else
{
NFD_LOG_INFO("command result: unsupported module: " << module);
- sendResponse(command, 501, "Unsupported");
+ sendResponse(commandName, 501, "Unsupported");
}
}