Statistics
| Branch: | Tag: | Revision:

one / include / AclManager.h @ bfaabf35

History | View | Annotate | Download (3.84 KB)

1
/* -------------------------------------------------------------------------- */
2
/* Copyright 2002-2011, OpenNebula Project Leads (OpenNebula.org)             */
3
/*                                                                            */
4
/* Licensed under the Apache License, Version 2.0 (the "License"); you may    */
5
/* not use this file except in compliance with the License. You may obtain    */
6
/* a copy of the License at                                                   */
7
/*                                                                            */
8
/* http://www.apache.org/licenses/LICENSE-2.0                                 */
9
/*                                                                            */
10
/* Unless required by applicable law or agreed to in writing, software        */
11
/* distributed under the License is distributed on an "AS IS" BASIS,          */
12
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   */
13
/* See the License for the specific language governing permissions and        */
14
/* limitations under the License.                                             */
15
/* -------------------------------------------------------------------------- */
16

    
17
#ifndef ACL_MANAGER_H_
18
#define ACL_MANAGER_H_
19

    
20
#include <set>
21

    
22
#include "AuthManager.h"
23
#include "AclRule.h"
24

    
25
using namespace std;
26

    
27
class AclManager : public ObjectSQL
28
{
29
public:
30
    AclManager(){};
31

    
32
    /* ---------------------------------------------------------------------- */
33
    /* Rule management                                                        */
34
    /* ---------------------------------------------------------------------- */
35

    
36
    bool authorize(int uid, const set<int> &user_groups,
37
            AuthRequest::Object obj_type, int obj_id, int obj_gid,
38
            AuthRequest::Operation op);
39

    
40
    /* ---------------------------------------------------------------------- */
41

    
42
    int add_rule(long long user, long long resource, long long rights)
43
    {
44
        AclRule rule(user, resource, rights);
45
        return add_rule(rule);
46
    };
47

    
48
    int add_rule(const AclRule &rule)
49
    {
50
        pair<set<AclRule>::iterator,bool> ret;
51

    
52
        ret = acl_set.insert(rule);
53

    
54
        if( !ret.second )
55
        {
56
            return -1;
57
        }
58

    
59
        return 0;
60
    };
61

    
62
    /* ---------------------------------------------------------------------- */
63

    
64
    int del_rule(long long user, long long resource, long long rights)
65
    {
66
        AclRule rule(user, resource, rights);
67
        return del_rule(rule);
68
    };
69

    
70
    int del_rule(AclRule &rule)
71
    {
72
        if( acl_set.erase(rule) != 1 )
73
        {
74
            return -1;
75
        }
76

    
77
        return 0;
78
    };
79

    
80
    /* ---------------------------------------------------------------------- */
81
    /* DB management                                                          */
82
    /* ---------------------------------------------------------------------- */
83

    
84
    /**
85
     *  Callback function to unmarshall a PoolObjectSQL
86
     *    @param num the number of columns read from the DB
87
     *    @param names the column names
88
     *    @param vaues the column values
89
     *    @return 0 on success
90
     */
91
    int select_cb(void *nil, int num, char **values, char **names)
92
    {
93
        if ( (!values[0]) || (num != 1) )
94
        {
95
            return -1;
96
        }
97

    
98
        // TODO: from_xml
99

    
100
        return 0;
101
    };
102

    
103
    /**
104
     *  Reads the ACL rule set from the database.
105
     *    @param db pointer to the db
106
     *    @return 0 on success
107
     */
108
    int select(SqlDB *db)
109
    {
110
        return 0;
111
    };
112

    
113
    int insert(SqlDB*, std::string&)
114
    {
115
        return 0;
116
    };
117

    
118
    int update(SqlDB*)
119
    {
120
        return 0;
121
    };
122

    
123
    int drop(SqlDB*)
124
    {
125
        return 0;
126
    };
127

    
128
    /* ---------------------------------------------------------------------- */
129

    
130
    int dump(ostringstream& oss);
131

    
132
private:
133
    set<AclRule> acl_set;
134
};
135

    
136
#endif /*ACL_MANAGER_H*/
137