Statistics
| Branch: | Tag: | Revision:

one / include / AclRule.h @ 84f874bf

History | View | Annotate | Download (4.07 KB)

1
/* -------------------------------------------------------------------------- */
2
/* Copyright 2002-2011, OpenNebula Project Leads (OpenNebula.org)             */
3
/*                                                                            */
4
/* Licensed under the Apache License, Version 2.0 (the "License"); you may    */
5
/* not use this file except in compliance with the License. You may obtain    */
6
/* a copy of the License at                                                   */
7
/*                                                                            */
8
/* http://www.apache.org/licenses/LICENSE-2.0                                 */
9
/*                                                                            */
10
/* Unless required by applicable law or agreed to in writing, software        */
11
/* distributed under the License is distributed on an "AS IS" BASIS,          */
12
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   */
13
/* See the License for the specific language governing permissions and        */
14
/* limitations under the License.                                             */
15
/* -------------------------------------------------------------------------- */
16

    
17
#ifndef ACL_RULE_H_
18
#define ACL_RULE_H_
19

    
20
#include <set>
21

    
22
#include "ObjectSQL.h"
23

    
24
using namespace std;
25

    
26
/**
27
 *  An ACL Rule is composed of three 64 bit numbers: user, resource and rights.
28
 *  These attributes store a combination of IDs and flags
29
 */
30
class AclRule
31
{
32
public:
33

    
34
    static const long long INDIVIDUAL_ID;
35
    static const long long GROUP_ID;
36
    static const long long ALL_ID;
37

    
38
    AclRule(long long _user, long long _resource, long long _rights):
39
        user(_user), resource(_resource), rights(_rights)
40
    {
41
        build_str();
42
    };
43

    
44
    bool operator ==(const AclRule& other) const
45
    {
46
        return (user == other.user &&
47
                resource == other.resource &&
48
                rights == other.rights);
49
    };
50

    
51
    /**
52
     *  Returns a human readable string for this rule
53
     *
54
     *    @return a human readable string for this rule
55
     */
56
    const string& to_str() const
57
    {
58
        return str;
59
    };
60

    
61
    /**
62
     *  Returns whether or not the rule is malformed.
63
     *
64
     *    @param error_str Returns the error message, if any
65
     *    @return true if the rule is wrong
66
     */
67
    bool malformed(string& error_str) const;
68

    
69
    /**
70
     *  Function to print the object into a string in XML format
71
     *
72
     *    @param xml the resulting XML string
73
     *    @return a reference to the generated string
74
     */
75
    string& to_xml(string& xml) const;
76

    
77
    /**
78
     *  Returns the 32 less significant bits of the user long long attribute
79
     *
80
     *    @return the user or group ID
81
     */
82
    int user_id() const
83
    {
84
        return user;
85
    };
86

    
87
    /**
88
     *  Returns the 64 bit user attribute with the ID cleared (the 32 less
89
     *  significant bits are set to 0)
90
     *
91
     *    @return the user flags
92
     */
93
    long long user_code() const
94
    {
95
        return user & 0xFFFFFFFF00000000LL;
96
    };
97

    
98
    /**
99
     *  Returns the 32 less significant bits of the resource long long attribute
100
     *
101
     *    @return the resource ID
102
     */
103
    int resource_id() const
104
    {
105
        return resource;
106
    };
107

    
108
    /**
109
     *  Returns the 64 bit resource attribute with the ID cleared (the 32 less
110
     *  significant bits are set to 0)
111
     *
112
     *    @return the resource flags
113
     */
114
    long long resource_code() const
115
    {
116
        return resource & 0xFFFFFFFF00000000LL;
117
    };
118

    
119
private:
120

    
121
    friend class AclManager;
122

    
123
    /**
124
     *  64 bit integer holding a user ID in the 32 less significant bits,
125
     *  and a flag indicating the kind of ID in the other 32
126
     */
127
    long long user;
128

    
129
    /**
130
     *  64 bit integer holding an object ID in the 32 less significant bits,
131
     *  and flags indicanting the kind of ID and object in the other 32
132
     */
133
    long long resource;
134

    
135
    /**
136
     *  64 bit integer containing the rights flags
137
     */
138
    long long rights;
139

    
140
    /**
141
     *  Human readable representation
142
     */
143
    string str;
144

    
145
    void build_str();
146
};
147

    
148
#endif /*ACL_RULE_H*/
149