RDK Resources
[*RDK Preferred*]
Code Management Facility
RDK Forums
[RDK Conferences]
RDK Support
Archives
Papers & Presentations Archive
Authorization of XConf works through servlet filter.
To add login filter service web.xml file should be updated by following (example) code:
<filter> <filter-name>jwtTokenFilter</filter-name> <filter-class>com.JwtTokenFilter</filter-class> <init-param> <param-name>loginUrl</param-name> <param-value>/loginForm</param-value> </init-param> </filter> <filter-mapping> <filter-name>jwtTokenFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
After login is performed through servlet filter, JWT token with user information stored in cookies. When application is opened fist time, "/api/auth/info/" endpoint is called to retrieve all available user information: name, login, permissions, etc:
{ "serviceName": "XConf", "username": "testuser001", "firstName": "FirstName", "lastName": "LastName", "email": "useremail@test.com", "permissions": ["read-common", "write-common", "read-dcm-stb", "read-telemetry"], "groups": ["xconf_user_group"] }
Each page has a permission verification before access it. This set up is located in state.config.js file:
.state('models', { controller: 'ModelController', controllerAs: 'vm', url: '/model/all', templateUrl: 'app/xconf/firmware/model/models.html', data: { permissions: [PERMISSION.READ_COMMON] } })
Also there is verification on UI page itself to permit user's action:
<button class="btn btn-default" type="button" ui-sref="firmwareconfig-edit({firmwareConfigId: firmware.id})" ng-show="authUtils.canWriteFirmwareByApplication($root.applicationType)" title="Edit"> <i class=ri-pencil-fill></i> </button>
Where authUtils.canWriteFirmwareByApplication($root.applicationType) is a function that returns boolead value corresponding the user permission.
Permissions are combined with application type. Currently XConf supports stb, xhome, rdkcloud, sky applications.
Admin permission:
Common section:
FirmwareRuleTemplate permissions:
Firmware section (except FirmwareRuleTemplate):
DCM:
Telemetry:
Changes:
Tools: