Skip to content

Controllers

Controllers

abcdesktop.io use a Model–view–controller (usually known as MVC) is a software design pattern commonly used for developing user interfaces which divides the related program logic into three interconnected elements. This is done to separate internal representations of information from the ways information is presented to and accepted from the user.

Controller Description
AccountingController accounting data json and ebnf format
AuthController authenticate user
ComposerController CRUD main services (like createDesktop, runApplication)
CoreController get configuration and user message info
ManagerController manage pyos
PrinterController CRUD printer object
StoreController CRUD key value data
UserController retrieve user information

Access Permission

The AccountingController and ManagerController access is protected with a source ip address filter. The access control filter is defined in a dictionary. Each dictionary entry use the controller name and with an entry permitip. The permitip is a list of subnet, for example [ '10.0.0.0/8', '172.16.0.0/12' ]. If permitip is not set or the controller name is not set, all ip source address are allowed the send a request to the controller.

The controllers dictionnary is defined in the od.config file. By default the configuration permit private network defined in rfc1918 and rfc4193. Get more information about the private network.

By default others controllers access is enabled, without ip restriction.

    controllers : { 
        'AccountingController': 
            { 
                'permitip': [ '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16', 'fd00::/8', '169.254.0.0/16', '127.0.0.0/8' ] 
            },
        'AuthController' :      { 'permitip': None },
        'ComposerController' :  { 'permitip': None },
        'CoreController' :      { 'permitip': None },
        'ManagerController': 
            { 
                'permitip': [ '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16', 'fd00::/8', '169.254.0.0/16', '127.0.0.0/8' ] 
            },
        'PrinterController' :   { 'permitip': None },
        'StoreController' :     { 'permitip': None },
        'UserController' :      { 'permitip': None }
    }

If the source ip address is not allowed, the response is a HTTP status code 403 Forbidden

{"status": 403, "status_message": "403 Forbidden", "message": "Request forbidden -- authorization will not help"}