buffet: Move command minimal role checking into CommandManager
Code uses information available inside CommandManager.
BUG=brillo:1161
TEST=`FEATURES=test emerge-gizmo buffet`
Change-Id: I21bb7f6ca3923b5375c97eea4a05f942893f3ab1
Reviewed-on: https://chromium-review.googlesource.com/276361
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Reviewed-by: Vitaly Buka <vitalybuka@chromium.org>
Tested-by: Vitaly Buka <vitalybuka@chromium.org>
Commit-Queue: Vitaly Buka <vitalybuka@chromium.org>
diff --git a/buffet/commands/command_manager.cc b/buffet/commands/command_manager.cc
index d0743de..71ea5a9 100644
--- a/buffet/commands/command_manager.cc
+++ b/buffet/commands/command_manager.cc
@@ -99,6 +99,32 @@
command_queue_.Add(std::move(command_instance));
}
+bool CommandManager::AddCommand(const base::DictionaryValue& command,
+ UserRole role,
+ std::string* id,
+ chromeos::ErrorPtr* error) {
+ auto command_instance = buffet::CommandInstance::FromJson(
+ &command, commands::attributes::kCommand_Visibility_Local,
+ GetCommandDictionary(), nullptr, error);
+ if (!command_instance)
+ return false;
+
+ UserRole minimal_role =
+ command_instance->GetCommandDefinition()->GetMinimalRole();
+ if (role < minimal_role) {
+ chromeos::Error::AddToPrintf(
+ error, FROM_HERE, errors::commands::kDomain, "access_denied",
+ "User role '%s' less than minimal: '%s'", ToString(role).c_str(),
+ ToString(minimal_role).c_str());
+ return false;
+ }
+
+ *id = std::to_string(++next_command_id_);
+ command_instance->SetID(*id);
+ AddCommand(std::move(command_instance));
+ return true;
+}
+
CommandInstance* CommandManager::FindCommand(const std::string& id) const {
return command_queue_.Find(id);
}
