Hi German, This sounds like a job for membranes!
https://github.com/capnproto/capnproto/blob/master/c++/src/capnp/membrane.h A "membrane" is a wrapper which also automatically wraps any further objects that pass through it. So if you have a membraned object, and you call a method on it, and it returns a new capability, that capability will be wrapped as well. One thing in particular that membranes are useful for is revocation. Create a MembranePolicy whose onRevoked() method returns a promise that resolves when logoutAllUsers() in invoked. Details: Use kj::newPromiseAndFulfiller<void>() to create a promise/fulfiller pair. Call .fork() on the promise so that you can return a new copy every time onRevoked() is called. When logoutAllUsers() is called, call fulfiller->reject(KJ_EXCEPTION(DISCONNECTED, "logoutAllUsers() was called")). Then create a new pair for the next time it's called. Whenever someone authenticates, before returning OnlineRoomsService to them, wrap it in the membrane using capnp::membrane(capability, policy->addRef()). -Kenton On Sun, Mar 22, 2020 at 7:02 AM German Diago <germandiago1...@gmail.com> wrote: > Hello everyone, > > I am user germandiagogomez from Github. I opened before a couple of isues, > so that you can identify who I am :) > > > It is my first post in the mailing lists. After some research, I could not > find definitive answers to my questios anywhere. > I saw some related post, but that was at the time of Capnproto 0.5 > version: > https://groups.google.com/forum/#!msg/capnproto/-VtGIsRP-ho/zVtiz0yHLQAJ > > *Some context* > > I am using capnproto for a service where people connect and create rooms > and join them to play matches in a small game. So far so good :) Now, I am > in the need to implement a command that logs outs all users > from the admin interface for the server. > > My implementation is something like this (simplified). I have: > > a. game cilent > b. an admin commands console to talk to the server for admin purposes, > independent of the game client > > These are the capnproto interfaces I have implemented in C++ code: > > 1. class OnlineRoomsAccess with a method authenticate and another method > authenticateAsAdmin that are used to log in into the server > to interact with it. These 2 calls will return another object of their > respective type to use some capabilities. > > 2. class OnlineRoomsService that is returned after calling > onlineRoomsAccessObj.authenticate(params) in my game client. It can be used > to create/join rooms, etc. > > 3. class OnlineRoomsAdmin that is returned after calling > onlineRoomsAccessObj.authenticateAsAdmin(params). I can issue a call to > logoutAllUsers > with this interface. I created a cli to send this command. > > > My game client C++ code, looks like this at some point, when I issue an > authenticate request: > > // Authenticate + use flow > > auto authRequest = accessObj.authenticateRequest(); > authRequest.setUserName("myUser"); > ... > auto authResponse = authRequest.send().wait(...); > OnlineRoomsService::Client onlineRoomsService = > authResponse.getService(); > //Now create/join rooms, etc. > onlineRoomsService.createRoom(....); > > > My server has something like this in OnlineRoomsAccesss::authenticate to > give the object capability to the user that requested it: > > kj::Promise<void> authenticate(AuthenticateContext context) override { > ... > context.getResults().setService(kj::heap<OnlineRoomsService>()); > ... > } > > As you can see, I use setService in the implementation of > OnlineRoomsAccess::authenticate and I do not hold myself a reference to > OnlineRoomsService object myself anymore after > creating it via kj::heap. I just send it through the response to the > request. As far as I understand, kj::heap<T> is the equivalent of > std::unique_ptr<T>, correct me if I am wrong. > > > *Question* > > > 1. when my admin tool issues a logoutAllUsers() after I authenticate as > admin, and a client is connected, how can I revoke the capability to its > user? > Because I do not see an obvious way to do it on the server side. I do > not have an object or anything to destroy/dispose after > context.getResults().setService(kj::heap<OnlineRoomsService>()) > has been called... and I do not want to stop the server either. > I saw the proxy trick (which I did not understand fully yet) with > dispatchCall in the server for 0.5. Is this still the better way to > achieve this functionality? > > > Thanks for your time > > -- > You received this message because you are subscribed to the Google Groups > "Cap'n Proto" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to capnproto+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/capnproto/312b2324-7a4c-47eb-99cd-a4fad12adb03%40googlegroups.com > <https://groups.google.com/d/msgid/capnproto/312b2324-7a4c-47eb-99cd-a4fad12adb03%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Cap'n Proto" group. To unsubscribe from this group and stop receiving emails from it, send an email to capnproto+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/capnproto/CAJouXQmxekURXNo%2BB%3D_7SCnHdFuhzAoR4vcnatdZv9ad12R%3DBQ%40mail.gmail.com.
