<tr><td>name</td><td>the name of the transaction</td></tr>
<tr><td>mode</td><td>(optional, default=checked) can be used to require less restrictive privileges, see below for values</td></tr>
<tr><td>updating</td><td>optional, tells woc whether the transaction is to be considered writing to the database - the default is given in the global "Database" tag.</td></tr>
+<tr><td>nolog</td><td>optional, if given it excludes the request and/or response from the log file (currently: Qt implementation only), use this for transactions that carry passwords or other sensitive information, see below</td></tr>
</table><p>
Transaction modes:
<tr><td>open</td><td>no session is necessary for this to work; usually this is only done for login</tr></tr>
</table><p>
+NoLog values:
+<table frame="1" border="1">
+<tr><td><b>Value</b></td><td><b>Description</b></td></tr>
+<tr><td>"request" (or: req)</td><td>excludes the request body from logging</td></tr>
+<tr><td>"response" (or: rsp)</td><td>excludes the response body from logging</td></tr>
+<tr><td>"any" (or: "all" or: "request,response")</td><td>neither request nor response bodies are logged (only the fact that the transaction happened is logged)</tr></tr>
+</table><p>
+
Input defines the input parameters (Var tag) of the transaction (ie. what is sent to the server).<p>
Output defines the data (Var tag) sent back to the client.<p>
friend class WTransaction::LogWrap;
friend class WTransaction_Private;
WTransaction_Private *d;
+
+ ///internal: returns true if this transaction can log requests (default: true)
+ virtual bool canLogRequest()const;
+ ///internal: returns true if this transaction can log responses (default: true)
+ virtual bool canLogResponse()const;
};
#endif
return doc.toByteArray();
}
+bool WTransaction::canLogRequest()const{return true;}
+bool WTransaction::canLogResponse()const{return true;}
+
/*****************************************************************************/
static int logid=0;
void WTransaction::Log::setRequ(const QString&h,const QString&d)
{
if(lvl<=WInterface::LogInfo)return;
- QString r=QString("Transaction %1, Request:\n--Header--\n%2\n--Body--\n%3\n--End--")
- .arg(trn).arg(h).arg(d);
+ QString r;
+ if(parent && parent->canLogRequest())
+ r=QString("Transaction %1, Request:\n--Header--\n%2\n--Body--\n%3\n--End--")
+ .arg(trn).arg(h).arg(d);
+ else
+ r=QString("Transaction %1, Request:\n--Header--\n%2\n--Cannot Log Body: Log Forbidden--")
+ .arg(trn).arg(h);
if(lvl==WInterface::LogDetailed)
outStr(r);
else
void WTransaction::Log::setResp(const QString&h,const QString&d)
{
if(lvl<=WInterface::LogInfo)return;
- QString r=QString("Transaction %1, Response:\n--Header--\n%2\n--Body--\n%3\n--End--")
- .arg(trn).arg(h).arg(d);
+ QString r;
+ if(parent && parent->canLogResponse())
+ r=QString("Transaction %1, Response:\n--Header--\n%2\n--Body--\n%3\n--End--")
+ .arg(trn).arg(h).arg(d);
+ else
+ r=QString("Transaction %1, Response:\n--Header--\n%2\n--Cannot Log Body: Log Forbidden--")
+ .arg(trn).arg(h);
if(lvl==WInterface::LogDetailed)
outStr(r);
else
{
m_valid=true;
m_mode=Checked;
+ m_logmode=LogAll;
QRegExp rval("[a-z][a-z0-9_]*",Qt::CaseInsensitive);
//get basics
m_name=root.attribute("name");
return;
}
}
+ if(root.hasAttribute("nolog")){
+ QStringList nl=root.attribute("nolog").toLower().split(",");
+ if(nl.contains("request")||nl.contains("req"))m_logmode=NoLogRequest;
+ if(nl.contains("response")||nl.contains("rsp"))
+ m_logmode=NoLogMode(m_logmode|NoLogResponse);
+ if(nl.contains("all")||nl.contains("any"))
+ m_logmode=NoLogAny;
+ }
if(root.hasAttribute("updating"))
m_update=str2bool(root.attribute("updating"));
else
};
AuthMode authMode()const{return m_mode;}
+ ///Log Mode: signals what kind of logging is forbidden
+ enum NoLogMode {
+ ///default: all logging is allowed
+ LogAll=0,
+ ///logging the request is forbidden
+ NoLogRequest=1,
+ ///logging the response is forbidden
+ NoLogResponse=2,
+ ///logging any data is forbidden
+ NoLogAny=3
+ };
+ NoLogMode logMode()const{return m_logmode;}
+
/**returns true if the type given is a list*/
static bool isListType(QString t){return t.startsWith("List:");}
/**returns the type without list or xml qualifiers*/
QString m_name;
bool m_valid,m_update;
AuthMode m_mode;
+ NoLogMode m_logmode;
QMap<QString,QPair<QString,QString> > m_call;
QList<QPair<QString,QString> >m_input,m_output;
QStringList m_privileges;
//create scripting
genScripting(ct);
+
+ //create log control
+ genLogCtrl(ct);
//button class up
ct.hcd+="};\n\n";
);
}
+void WocQtClientTransaction::genLogCtrl(QtCTrans& ct)
+{
+ if(ct.trn.logMode()==WocTransaction::LogAll)return;
+ ct.hcd+=" protected:\n";
+ if(ct.trn.logMode()&WocTransaction::NoLogRequest)
+ ct.hcd+="\tvirtual bool canLogRequest()const{return false;}\n";
+ if(ct.trn.logMode()&WocTransaction::NoLogResponse)
+ ct.hcd+="\tvirtual bool canLogResponse()const{return false;}\n";
+}
+
QString WocQtClientTransaction::trnInput(const WocTransaction&trn)
{
QString code;
void genGetters(QtCTrans&);
///helper: generate QtScript glue code
void genScripting(QtCTrans&);
+ ///helper: generate log control
+ void genLogCtrl(QtCTrans&);
///helper: initialize data in the transaction wrapper
void initList(QtCTrans&);
//create scripting
genScripting(ct);
+
+ //create log control
+ genLogCtrl(ct);
//button class up
ct.hcd+="};\n\n";
);
}
+void WocQtServerTransaction::genLogCtrl(QtSTrans& ct)
+{
+ if(ct.trn.logMode()==WocTransaction::LogAll)return;
+ ct.hcd+=" protected:\n";
+ if(ct.trn.logMode()&WocTransaction::NoLogRequest)
+ ct.hcd+="\tvirtual bool canLogRequest()const{return false;}\n";
+ if(ct.trn.logMode()&WocTransaction::NoLogResponse)
+ ct.hcd+="\tvirtual bool canLogResponse()const{return false;}\n";
+}
+
QString WocQtServerTransaction::trnOutput(const WocTransaction&trn)
{
QString code;
void genSetters(QtSTrans&);
///helper: generate QtScript glue code
void genScripting(QtSTrans&);
+ ///helper: generate log control
+ void genLogCtrl(QtSTrans&);
};
#endif