Security
Authentication is mandatory and authenticated users have access to all systems and drivers within. They can’t edit or see settings, can’t list systems or change anything however they can, by default, access all functions defined in drivers if they know the system id. This is via the websocket API, most restful API’s are out of bounds to a regular user.
A global callback can be defined to check if a user should be able to access a system:
1
# Returning true means access should be granted
2
Rails.application.config.orchestrator.check_access = proc { |system_id, user|
3
if system_id == 'sys-nuclear-warheads'
4
user.sys_admin ? true : false
5
else
6
# We only want to block access to the warheads
7
true
8
end
9
}
Copied!
All drivers have a helper method for accessing the user details so you can manually manage permissions:
1
def some_method_in_driver
2
user = current_user
3
if user.nil?
4
# Method was invoked internally - timer, onload callback etc
5
else
6
logger.info "Method called by user #{user.email} (#{user.id})"
7
end
8
end
Copied!
You can also protect methods using protect_method. The last protect_method call for any function is the one that will be used.
1
class Some::Device::Driver
2
include ::Orchestrator::Security
3
4
# By default both Tech Support and Admin users have access to these methods
5
# Regular users will be rejected
6
protect_method :method_1, :method_2
7
8
# if you provide a block then it can be used to decide if a user should have access
9
protect_method :method_1, :method_2 do |user|
10
user.sys_admin || user.name == 'service account' || check_room_bookings(user)
11
end
12
13
def method_1; end
14
def method_2; end
15
end
Copied!
you can also check if a user has access to a method
1
can_access? :method_name
2
# by default it checks against the current user, this can be overridden
3
can_access? :method_name, user
Copied!
NOTE:: the current user is maintained across asynchronous function calls and timers.
i.e. Browser (user: Bob) -> LogicModule.do_something_weird -> Display.reset_to_factory_new
If Bob is a regular user and the reset_to_factory_new function is protected then reset_to_factory_new will not be executed.
Finally all system access is logged and saved for a few months to make it fairly easy to track down bad actors within an organisation.

Encrypted Settings

Passwords often need to be stored in the database for accessing secure devices. To have a setting stored securely, you enter the key with a $ sign prefix.
1
{
2
"$password": "secret"
3
}
Copied!
once saved, the setting is encrypted with 256 bit AES using GCM ciphers to prevent tampering
Last modified 2yr ago
Copy link