#include <XrdAccAccess.hh>
Public Member Functions | |
| XrdAccPrivs | Access (const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env=0) |
| int | Audit (const int accok, const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env=0) |
| void | SwapTabs (struct XrdAccAccess_Tables &newtab) |
| int | Test (const XrdAccPrivs priv, const Access_Operation oper) |
| XrdAccAccess (XrdSysError *erp) | |
| ~XrdAccAccess () | |
 Public Member Functions inherited from XrdAccAuthorize | |
| XrdAccAuthorize () | |
| Constructor. More... | |
| virtual | ~XrdAccAuthorize () |
| Destructor. More... | |
Private Member Functions | |
| XrdAccPrivs | Access (const char *id, const Access_ID_Type idtype, const char *path, const Access_Operation oper) |
Private Attributes | |
| struct XrdAccAccess_Tables | Atab |
| XrdSysXSLock | Access_Context |
| XrdAccAudit * | Auditor |
Friends | |
| class | XrdAccConfig |
Constructor & Destructor Documentation
| XrdAccAccess::XrdAccAccess | ( | XrdSysError * | erp | ) |
References Auditor, and XrdAccAuditObject().
|
inline |
Member Function Documentation
|
virtual |
Check whether or not the client is permitted specified access to a path.
- Parameters
-
Entity -> Authentication information path -> The logical path which is the target of oper oper -> The operation being attempted (see the enum above). If the oper is AOP_Any, then the actual privileges are returned and the caller may make subsequent tests using Test(). Env -> Environmental information at the time of the operation as supplied by the path CGI string. This is optional and the pointer may be zero.
- Returns
- Permit: a non-zero value (access is permitted) Deny: zero (access is denied)
Implements XrdAccAuthorize.
References Access_Context, Atab, Audit(), audit_grant, XrdAccAudit::Auditing(), Auditor, XrdAccAccess_Tables::D_List, XrdAccCapName::Find(), XrdOucHash< T >::Find(), XrdAccAccess_Tables::G_Hash, XrdOucTokenizer::GetLine(), XrdOucTokenizer::GetToken(), XrdAccConfig::GroupMaster, XrdAccGroups::Groups(), XrdSecEntity::grps, XrdAccAccess_Tables::H_Hash, XrdSecEntity::host, XrdSysXSLock::Lock(), XrdAccAccess_Tables::N_Hash, XrdSecEntity::name, XrdAccGroups::NetGroups(), XrdAccGroupList::Next(), XrdAccPrivCaps::nprivs, XrdAccPrivCaps::pprivs, XrdAccCapability::Privs(), strlcpy(), Test(), XrdAccAccess_Tables::U_Hash, XrdSysXSLock::UnLock(), XrdAccAccess_Tables::X_List, XrdOucHashVal2(), xs_Shared, and XrdAccAccess_Tables::Z_List.
|
private |
References Access_Context, AID_Group, AID_Host, AID_Netgroup, AID_Set, AID_Template, AID_User, Atab, XrdAccAccess_Tables::D_List, XrdAccCapName::Find(), XrdOucHash< T >::Find(), XrdAccAccess_Tables::G_Hash, XrdAccAccess_Tables::H_Hash, XrdSysXSLock::Lock(), XrdAccAccess_Tables::N_Hash, XrdAccPrivCaps::nprivs, XrdAccPrivCaps::pprivs, XrdAccCapability::Privs(), XrdAccAccess_Tables::S_Hash, XrdAccAccess_Tables::T_Hash, Test(), XrdAccAccess_Tables::U_Hash, XrdSysXSLock::UnLock(), XrdAccAccess_Tables::X_List, XrdOucHashVal2(), xs_Shared, and XrdAccAccess_Tables::Z_List.
|
virtual |
Route an audit message to the appropriate audit exit routine. See XrdAccAudit.h for more information on how the default implementation works. Currently, this method is not called by the ofs but should be used by the implementation to record denials or grants, as warranted.
- Parameters
-
accok -> True is access was grated; false otherwise. Entity -> Authentication information path -> The logical path which is the target of oper oper -> The operation being attempted (see above) Env -> Environmental information at the time of the operation as supplied by the path CGI string. This is optional and the pointer may be zero.
- Returns
- Success: !0 information recorded. Failure: 0 information could not be recorded.
Implements XrdAccAuthorize.
References AOP_LastOp, Auditor, XrdAccAudit::Deny(), XrdAccAudit::Grant(), XrdSecEntity::host, XrdSecEntity::name, XrdSecEntity::prot, XrdSecEntity::tident, and XrdSecPROTOIDSIZE.
Referenced by Access().
| void XrdAccAccess::SwapTabs | ( | struct XrdAccAccess_Tables & | newtab | ) |
References Access_Context, XrdAccAccess_Tables::D_List, XrdAccAccess_Tables::E_List, XrdAccAccess_Tables::G_Hash, XrdAccConfig::GroupMaster, XrdAccAccess_Tables::H_Hash, XrdSysXSLock::Lock(), XrdAccAccess_Tables::N_Hash, XrdAccGroups::PurgeCache(), XrdAccAccess_Tables::S_Hash, XrdAccAccess_Tables::T_Hash, XrdAccAccess_Tables::U_Hash, XrdSysXSLock::UnLock(), XrdAccAccess_Tables::X_List, XrdAccSWAP, xs_Exclusive, and XrdAccAccess_Tables::Z_List.
Referenced by XrdAccConfig::ConfigDB().
|
virtual |
Check whether the specified operation is permitted.
- Parameters
-
priv -> the privileges as returned by Access(). oper -> The operation being attempted (see above)
- Returns
- Permit: a non-zero value (access is permitted) Deny: zero (access is denied)
Implements XrdAccAuthorize.
References AOP_LastOp, XrdAccPriv_Chmod, XrdAccPriv_Chown, XrdAccPriv_Create, XrdAccPriv_Delete, XrdAccPriv_Insert, XrdAccPriv_Lock, XrdAccPriv_Lookup, XrdAccPriv_Mkdir, XrdAccPriv_None, XrdAccPriv_Read, XrdAccPriv_Readdir, XrdAccPriv_Rename, and XrdAccPriv_Update.
Referenced by Access().
Friends And Related Function Documentation
|
friend |
Member Data Documentation
|
private |
Referenced by Access(), and SwapTabs().
|
private |
Referenced by Access().
|
private |
Referenced by Access(), Audit(), XrdAccConfig::xaud(), and XrdAccAccess().
The documentation for this class was generated from the following files:
