Newer
Older
/*----- PROTECTED REGION ID(SupervisedID.cpp) ENABLED START -----*/
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
//=============================================================================
//
// file : SupervisedID.cpp
//
// description : C++ source for the SupervisedID and its commands.
// The class is derived from Device. It represents the
// CORBA servant object which will be accessed from the
// network. All commands which can be executed on the
// SupervisedID are implemented in this file.
//
// project : Supervised ID: common interface for supervised insertion devices.
//
// $Author: claudio $
//
// $Revision: 1.2 $
// $Date: 2014-04-14 14:51:54 $
//
// SVN only:
// $HeadURL: $
//
// CVS only:
// $Source: /home/cvsadm/cvsroot/AbstractClasses7/SupervisedID/SupervisedID.cpp,v $
// $Log: SupervisedID.cpp,v $
// Revision 1.2 2014-04-14 14:51:54 claudio
// for 8.1.2.c and pogo-8
//
// Revision 1.1.1.1 2012-03-05 14:01:56 claudio
// frist import
//
//
//=============================================================================
// This file is generated by POGO
// (Program Obviously used to Generate tango Object)
//=============================================================================
#include <SupervisedID.h>
#include <SupervisedIDClass.h>
/*----- PROTECTED REGION END -----*/ // SupervisedID.cpp
/**
* SupervisedID class description:
* This abstract class incapsulates the common interface for insertion devices used
* under ID supervisor. The "supervisor" can inhibi/allow the operations on the insertion device
* and impose limits on the permited range.
*/
//================================================================
// The following table gives the correspondence
// between command and method names.
//
// Command name | Method name
//================================================================
// State | Inherited (no method)
// Status | Inherited (no method)
//================================================================
//================================================================
// Attributes managed are:
//================================================================
// Enabled | Tango::DevBoolean Scalar
// Ready | Tango::DevBoolean Scalar
// StatRF | Tango::DevBoolean Spectrum ( max = 32)
//================================================================
namespace SupervisedID_ns
{
/*----- PROTECTED REGION ID(SupervisedID::namespace_starting) ENABLED START -----*/
// static initializations
/*----- PROTECTED REGION END -----*/ // SupervisedID::namespace_starting
//--------------------------------------------------------
/**
* Method : SupervisedID::SupervisedID()
* Description : Constructors for a Tango device
* implementing the classSupervisedID
*/
//--------------------------------------------------------
SupervisedID::SupervisedID(Tango::DeviceClass *cl, string &s)
: TANGO_BASE_CLASS(cl, s.c_str())
{
/*----- PROTECTED REGION ID(SupervisedID::constructor_1) ENABLED START -----*/
init_device();
/*----- PROTECTED REGION END -----*/ // SupervisedID::constructor_1
}
//--------------------------------------------------------
SupervisedID::SupervisedID(Tango::DeviceClass *cl, const char *s)
: TANGO_BASE_CLASS(cl, s)
{
/*----- PROTECTED REGION ID(SupervisedID::constructor_2) ENABLED START -----*/
init_device();
/*----- PROTECTED REGION END -----*/ // SupervisedID::constructor_2
}
//--------------------------------------------------------
SupervisedID::SupervisedID(Tango::DeviceClass *cl, const char *s, const char *d)
: TANGO_BASE_CLASS(cl, s, d)
{
/*----- PROTECTED REGION ID(SupervisedID::constructor_3) ENABLED START -----*/
init_device();
/*----- PROTECTED REGION END -----*/ // SupervisedID::constructor_3
}
//--------------------------------------------------------
/**
* Method : SupervisedID::delete_device()
* Description : will be called at device destruction or at init command
*/
//--------------------------------------------------------
void SupervisedID::delete_device()
{
DEBUG_STREAM << "SupervisedID::delete_device() " << device_name << endl;
/*----- PROTECTED REGION ID(SupervisedID::delete_device) ENABLED START -----*/
// Delete device allocated objects
/*----- PROTECTED REGION END -----*/ // SupervisedID::delete_device
}
//--------------------------------------------------------
/**
* Method : SupervisedID::init_device()
* Description : will be called at device initialization.
*/
//--------------------------------------------------------
void SupervisedID::init_device()
{
DEBUG_STREAM << "SupervisedID::init_device() create device " << device_name << endl;
/*----- PROTECTED REGION ID(SupervisedID::init_device_before) ENABLED START -----*/
// Initialization before get_device_property() call
/*----- PROTECTED REGION END -----*/ // SupervisedID::init_device_before
// Get the device properties from database
get_device_property();
/*----- PROTECTED REGION ID(SupervisedID::init_device) ENABLED START -----*/
// Initialize device
//init hostMap from hostPriviliges
{
vector<string>::const_iterator i;
for (i = hostPrivileges.begin(); i != hostPrivileges.end(); i++) {
int pos = (*i).find(':');
if (pos <= 0) {
ERROR_STREAM
<< "SupervisedID::init() hostPrivileges syntax error "
<< (*i) << endl;
} else {
string h = (*i).substr(0, pos);
string val = (*i).substr(pos + 1);
int valint = atoi(val.c_str());
DEBUG_STREAM << "host: " << h << " privilege: " << valint
<< endl;
pair<string, int> mypair(h, valint);
hostMap.insert(mypair);
}
}
}
/*----- PROTECTED REGION END -----*/ // SupervisedID::init_device
}
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
//--------------------------------------------------------
/**
* Method : SupervisedID::get_device_property()
* Description : Read database to initialize property data members.
*/
//--------------------------------------------------------
void SupervisedID::get_device_property()
{
/*----- PROTECTED REGION ID(SupervisedID::get_device_property_before) ENABLED START -----*/
// Initialize property data members
/*----- PROTECTED REGION END -----*/ // SupervisedID::get_device_property_before
// Read device properties from database.
Tango::DbData dev_prop;
dev_prop.push_back(Tango::DbDatum("HostPrivileges"));
// is there at least one property to be read ?
if (dev_prop.size()>0)
{
// Call database and extract values
if (Tango::Util::instance()->_UseDb==true)
get_db_device()->get_property(dev_prop);
// get instance on SupervisedIDClass to get class property
Tango::DbDatum def_prop, cl_prop;
SupervisedIDClass *ds_class =
(static_cast<SupervisedIDClass *>(get_device_class()));
int i = -1;
// Try to initialize HostPrivileges from class property
cl_prop = ds_class->get_class_property(dev_prop[++i].name);
if (cl_prop.is_empty()==false) cl_prop >> hostPrivileges;
else {
// Try to initialize HostPrivileges from default device value
def_prop = ds_class->get_default_device_property(dev_prop[i].name);
if (def_prop.is_empty()==false) def_prop >> hostPrivileges;
}
// And try to extract HostPrivileges value from database
if (dev_prop[i].is_empty()==false) dev_prop[i] >> hostPrivileges;
}
/*----- PROTECTED REGION ID(SupervisedID::get_device_property_after) ENABLED START -----*/
// Check device property data members init
/*----- PROTECTED REGION END -----*/ // SupervisedID::get_device_property_after
}
//--------------------------------------------------------
/**
* Method : SupervisedID::always_executed_hook()
* Description : method always executed before any command is executed
*/
//--------------------------------------------------------
void SupervisedID::always_executed_hook()
{
DEBUG_STREAM << "SupervisedID::always_executed_hook() " << device_name << endl;
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
/*----- PROTECTED REGION ID(SupervisedID::always_executed_hook) ENABLED START -----*/
// code always executed before all requests
/*----- PROTECTED REGION END -----*/ // SupervisedID::always_executed_hook
}
//--------------------------------------------------------
/**
* Method : SupervisedID::read_attr_hardware()
* Description : Hardware acquisition for attributes
*/
//--------------------------------------------------------
void SupervisedID::read_attr_hardware(TANGO_UNUSED(vector<long> &attr_list))
{
DEBUG_STREAM << "SupervisedID::read_attr_hardware(vector<long> &attr_list) entering... " << endl;
/*----- PROTECTED REGION ID(SupervisedID::read_attr_hardware) ENABLED START -----*/
// Add your own code
/*----- PROTECTED REGION END -----*/ // SupervisedID::read_attr_hardware
}
//--------------------------------------------------------
/**
* Method : SupervisedID::write_attr_hardware()
* Description : Hardware writing for attributes
*/
//--------------------------------------------------------
void SupervisedID::write_attr_hardware(TANGO_UNUSED(vector<long> &attr_list))
{
DEBUG_STREAM << "SupervisedID::write_attr_hardware(vector<long> &attr_list) entering... " << endl;
/*----- PROTECTED REGION ID(SupervisedID::write_attr_hardware) ENABLED START -----*/
// Add your own code
/*----- PROTECTED REGION END -----*/ // SupervisedID::write_attr_hardware
}
//--------------------------------------------------------
/**
* Method : SupervisedID::add_dynamic_attributes()
* Description : Create the dynamic attributes if any
* for specified device.
*/
//--------------------------------------------------------
void SupervisedID::add_dynamic_attributes()
{
/*----- PROTECTED REGION ID(SupervisedID::add_dynamic_attributes) ENABLED START -----*/
// Add your own code to create and add dynamic attributes if any
/*----- PROTECTED REGION END -----*/ // SupervisedID::add_dynamic_attributes
}
//--------------------------------------------------------
/**
* Method : SupervisedID::add_dynamic_commands()
* Description : Create the dynamic commands if any
* for specified device.
*/
//--------------------------------------------------------
void SupervisedID::add_dynamic_commands()
{
/*----- PROTECTED REGION ID(SupervisedID::add_dynamic_commands) ENABLED START -----*/
// Add your own code to create and add dynamic commands if any
/*----- PROTECTED REGION END -----*/ // SupervisedID::add_dynamic_commands
}
/*----- PROTECTED REGION ID(SupervisedID::namespace_ending) ENABLED START -----*/
// Additional Methods
//-------------------------------------------------------------------------------
/**
* assign privileges elevel based on host name from which the call is generated
* PRIVILEGED : can change the enable bit and set gap/tapering
* AUTHORIZED : can set gap/tapering when enabled
* NORMAL : can only read;
*/
privilege SupervisedID::caller_privileges(void)
{
//if no privileges are configured, run unimpeded
if(hostMap.size() == 0)return PRIVILEGED;
Tango::DevVarStringArray blackbox = black_box(1)[0];
string last_msg(blackbox[0].in());
string::size_type loc = last_msg.find( " requested from ", 0 );
if( loc != string::npos )
{
clientAddress = last_msg.substr(loc + strlen(" requested from "));
loc=clientAddress.find(" ",0);
clientAddress =clientAddress.substr(0,loc);
INFO_STREAM<<"checking call from "<<clientAddress<<endl;
map<string,int>::iterator it;
it=hostMap.find(clientAddress);
if (it == hostMap.end()) {
INFO_STREAM << clientAddress<< " host not foud" << endl;
return NORMAL;
}
else {
INFO_STREAM << "host: " << clientAddress << " privilges="
<< it->second << endl;
switch (it->second) {
case 0:
return NORMAL;
case 1:
return AUTHORIZED;
case 2:
return PRIVILEGED;
default:
return NORMAL;
}
}
}
else
{
WARN_STREAM << "Cannot extract client IP or hostname from tango blackbox, denying access.";
clientAddress="";
return NORMAL; //do not grant special privileges
}
return NORMAL; //do not grant special privilege - but we should NOT arrive at this line
}
//--------------------------------------------------------------------
/**
* check privileges level based on host name from which the call is generated
* formats warning/ error messages and throw exception in case of vilotaions
* privilege levels:
* PRIVILEGED : can change the enable bit and set gap/tapering
* AUTHORIZED : can set gap/tapering when enabled
* NORMAL : can only read;
*/
privilege SupervisedID::check_privileges(privilege level, string msg)
if (priv < level){
INFO_STREAM << msg << " from "<< clientAddress <<" REJECTED"<<endl;
TangoSys_OMemStream o;
o << msg << " from "<< clientAddress <<" REJECTED"<<ends;
Tango::Except::throw_exception((const char *)"Host not allowed",o.str(),msg);
}
return priv;
}
/*----- PROTECTED REGION END -----*/ // SupervisedID::namespace_ending
} // namespace