xrootd
XrdAccAccess.hh
Go to the documentation of this file.
1 #ifndef __ACC_ACCESS__
2 #define __ACC_ACCESS__
3 /******************************************************************************/
4 /* */
5 /* X r d A c c A c c e s s . h h */
6 /* */
7 /* (c) 2003 by the Board of Trustees of the Leland Stanford, Jr., University */
8 /* All Rights Reserved */
9 /* Produced by Andrew Hanushevsky for Stanford University under contract */
10 /* DE-AC02-76-SFO0515 with the Department of Energy */
11 /* */
12 /* This file is part of the XRootD software suite. */
13 /* */
14 /* XRootD is free software: you can redistribute it and/or modify it under */
15 /* the terms of the GNU Lesser General Public License as published by the */
16 /* Free Software Foundation, either version 3 of the License, or (at your */
17 /* option) any later version. */
18 /* */
19 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
20 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
21 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
22 /* License for more details. */
23 /* */
24 /* You should have received a copy of the GNU Lesser General Public License */
25 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
26 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
27 /* */
28 /* The copyright holder's institutional names and contributor's names may not */
29 /* be used to endorse or promote products derived from this software without */
30 /* specific prior written permission of the institution or contributor. */
31 /******************************************************************************/
32 
33 #include "XrdAcc/XrdAccAudit.hh"
34 #include "XrdAcc/XrdAccAuthorize.hh"
35 #include "XrdAcc/XrdAccCapability.hh"
36 #include "XrdSec/XrdSecEntity.hh"
37 #include "XrdOuc/XrdOucHash.hh"
38 #include "XrdSys/XrdSysXSLock.hh"
39 #include "XrdSys/XrdSysPlatform.hh"
40 
41 /******************************************************************************/
42 /* A c c e s s _ I D _ T y p e */
43 /******************************************************************************/
44 
45 // The following are supported id types for access() checking
46 //
47 enum Access_ID_Type {AID_Group,
48  AID_Host,
49  AID_Netgroup,
50  AID_Set,
51  AID_Template,
52  AID_User
53  };
54 
55 /******************************************************************************/
56 /* S e t T a b s P a r a m e t e r */
57 /******************************************************************************/
58 
59 struct XrdAccAccess_Tables
60  {XrdOucHash<XrdAccCapability> *G_Hash; // Groups
61  XrdOucHash<XrdAccCapability> *H_Hash; // Hosts
62  XrdOucHash<XrdAccCapability> *N_Hash; // Netgroups
63  XrdOucHash<XrdAccCapability> *S_Hash; // Sets
64  XrdOucHash<XrdAccCapability> *T_Hash; // Templates
65  XrdOucHash<XrdAccCapability> *U_Hash; // Users
66  XrdAccCapName *D_List; // Domains
67  XrdAccCapName *E_List; // Domains (end of list)
68  XrdAccCapability *X_List; // Fungable capbailities
69  XrdAccCapability *Z_List; // Default capbailities
70 
71  XrdAccAccess_Tables() {G_Hash = 0; H_Hash = 0; N_Hash = 0;
72  S_Hash = 0; T_Hash = 0; U_Hash = 0;
73  D_List = 0; E_List = 0;
74  X_List = 0; Z_List = 0;
75  }
76  ~XrdAccAccess_Tables() {if (G_Hash) delete G_Hash;
77  if (H_Hash) delete H_Hash;
78  if (N_Hash) delete N_Hash;
79  if (S_Hash) delete S_Hash;
80  if (T_Hash) delete T_Hash;
81  if (U_Hash) delete U_Hash;
82  if (X_List) delete X_List;
83  if (Z_List) delete Z_List;
84  }
85  };
86 
87 /******************************************************************************/
88 /* X r d A c c A c c e s s */
89 /******************************************************************************/
90 
91 class xrdOucError;
92 
93 class XrdAccAccess : public XrdAccAuthorize
94 {
95 public:
96 
97 friend class XrdAccConfig;
98 
99  XrdAccPrivs Access(const XrdSecEntity *Entity,
100  const char *path,
101  const Access_Operation oper,
102  XrdOucEnv *Env=0);
103 
104  int Audit(const int accok,
105  const XrdSecEntity *Entity,
106  const char *path,
107  const Access_Operation oper,
108  XrdOucEnv *Env=0);
109 
110 // SwapTabs() is used by the configuration object to establish new access
111 // control tables. It may be called whenever the tables change.
112 //
113 void SwapTabs(struct XrdAccAccess_Tables &newtab);
114 
115  int Test(const XrdAccPrivs priv, const Access_Operation oper);
116 
117  XrdAccAccess(XrdSysError *erp);
118 
119  ~XrdAccAccess() {} // The access object is never deleted
120 
121 private:
122 
123 XrdAccPrivs Access(const char *id, const Access_ID_Type idtype,
124  const char *path, const Access_Operation oper);
125 
126 struct XrdAccAccess_Tables Atab;
127 
128 XrdSysXSLock Access_Context;
129 
130 XrdAccAudit *Auditor;
131 };
132 #endif
Generated by   doxygen 1.8.3.1