XRootD
XrdAccAccess.hh
Go to the documentation of this file.
1 #ifndef __ACC_ACCESS__
2 #define __ACC_ACCESS__
3 /******************************************************************************/
4 /* */
5 /* X r d A c c A c c e s s . h h */
6 /* */
7 /* (c) 2003 by the Board of Trustees of the Leland Stanford, Jr., University */
8 /* All Rights Reserved */
9 /* Produced by Andrew Hanushevsky for Stanford University under contract */
10 /* DE-AC02-76-SFO0515 with the Department of Energy */
11 /* */
12 /* This file is part of the XRootD software suite. */
13 /* */
14 /* XRootD is free software: you can redistribute it and/or modify it under */
15 /* the terms of the GNU Lesser General Public License as published by the */
16 /* Free Software Foundation, either version 3 of the License, or (at your */
17 /* option) any later version. */
18 /* */
19 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
20 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
21 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
22 /* License for more details. */
23 /* */
24 /* You should have received a copy of the GNU Lesser General Public License */
25 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
26 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
27 /* */
28 /* The copyright holder's institutional names and contributor's names may not */
29 /* be used to endorse or promote products derived from this software without */
30 /* specific prior written permission of the institution or contributor. */
31 /******************************************************************************/
32 
33 #include "XrdAcc/XrdAccAudit.hh"
36 #include "XrdSec/XrdSecEntity.hh"
37 #include "XrdOuc/XrdOucHash.hh"
38 #include "XrdSys/XrdSysXSLock.hh"
39 #include "XrdSys/XrdSysPlatform.hh"
40 
41 /******************************************************************************/
42 /* S e t T a b s P a r a m e t e r */
43 /******************************************************************************/
44 
45 struct XrdAccEntityInfo;
46 
48  {char *name;
49  char *grp;
50  char *host;
51  char *org;
52  char *role;
53  char *user;
56  int rule;
57  short hlen;
58  short glen;
59 
60  bool Applies(const XrdAccEntityInfo &Entity);
61 
63  {XrdAccAccess_ID *xID;
64  xID = new XrdAccAccess_ID;
65  *xID = *this;
66  name = grp = host = org = role = user = 0;
67  caps = 0;
68  return xID;
69  }
70 
71  XrdAccAccess_ID(const char *Name=0)
72  : name(Name ? strdup(Name) : 0),
73  grp(0), host(0), org(0), role(0), user(0),
74  caps(0), next(0), rule(0), hlen(0), glen(0) {}
75  ~XrdAccAccess_ID() {if (name) free(name);
76  if (grp) free(grp);
77  if (host) free(host);
78  if (org) free(org);
79  if (role) free(role);
80  if (user) free(user);
81  if (caps) delete caps;
82  }
83  };
84 
94  XrdAccCapName *D_List; // Domains
95  XrdAccCapName *E_List; // Domains (end of list)
96  XrdAccCapability *X_List; // Fungable capbailities
97  XrdAccCapability *Z_List; // Default capbailities
98  XrdAccAccess_ID *SXList; // 's' exclusive list
99  XrdAccAccess_ID *SYList; // 's' inclusive list
100 
102  O_Hash = 0; R_Hash = 0;
103  S_Hash = 0; T_Hash = 0; U_Hash = 0;
104  D_List = 0; E_List = 0;
105  X_List = 0; Z_List = 0;
106  SXList = 0; SYList = 0;
107  }
109  if (H_Hash) delete H_Hash;
110  if (N_Hash) delete N_Hash;
111  if (O_Hash) delete O_Hash;
112  if (R_Hash) delete R_Hash;
113  if (S_Hash) delete S_Hash; //Deletes SX & SYList
114  if (T_Hash) delete T_Hash;
115  if (U_Hash) delete U_Hash;
116  if (X_List) delete X_List;
117  if (Z_List) delete Z_List;
118  }
119  };
120 
121 /******************************************************************************/
122 /* X r d A c c A c c e s s */
123 /******************************************************************************/
124 
125 class xrdOucError;
126 
128 {
129 public:
130 
131 friend class XrdAccConfig;
132 
133  XrdAccPrivs Access(const XrdSecEntity *Entity,
134  const char *path,
135  const Access_Operation oper,
136  XrdOucEnv *Env=0);
137 
138  int Audit(const int accok,
139  const XrdSecEntity *Entity,
140  const char *path,
141  const Access_Operation oper,
142  XrdOucEnv *Env=0);
143 
144 static
145 const char *Resolve(const XrdSecEntity *Entity);
146 
147 // SwapTabs() is used by the configuration object to establish new access
148 // control tables. It may be called whenever the tables change.
149 //
150 void SwapTabs(struct XrdAccAccess_Tables &newtab);
151 
152  int Test(const XrdAccPrivs priv, const Access_Operation oper);
153 
155 
156  ~XrdAccAccess() {} // The access object is never deleted
157 
158 private:
159 
161  const XrdSecEntity *Entity,
162  const char *path,
163  const Access_Operation oper);
164 
165 struct XrdAccAccess_Tables Atab;
166 bool hostRefX; // True if we need to resolve hostname for exclusive rules
167 bool hostRefY; // True if we need to resolve hostname for any other rules
168 
169 XrdSysXSLock Access_Context;
170 
171 XrdAccAudit *Auditor;
172 };
173 #endif
Access_Operation
The following are supported operations.
XrdAccPrivs
Definition: XrdAccPrivs.hh:39
int Test(const XrdAccPrivs priv, const Access_Operation oper)
int Audit(const int accok, const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env=0)
static const char * Resolve(const XrdSecEntity *Entity)
XrdAccPrivs Access(const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env=0)
XrdAccAccess(XrdSysError *erp)
Definition: XrdAccAccess.cc:94
void SwapTabs(struct XrdAccAccess_Tables &newtab)
XrdAccAccess_ID * Export()
Definition: XrdAccAccess.hh:62
bool Applies(const XrdAccEntityInfo &Entity)
XrdAccCapability * caps
Definition: XrdAccAccess.hh:54
XrdAccAccess_ID * next
Definition: XrdAccAccess.hh:55
XrdAccAccess_ID(const char *Name=0)
Definition: XrdAccAccess.hh:71
XrdOucHash< XrdAccCapability > * U_Hash
Definition: XrdAccAccess.hh:93
XrdOucHash< XrdAccCapability > * G_Hash
Definition: XrdAccAccess.hh:86
XrdAccCapName * E_List
Definition: XrdAccAccess.hh:95
XrdOucHash< XrdAccCapability > * N_Hash
Definition: XrdAccAccess.hh:88
XrdAccCapability * X_List
Definition: XrdAccAccess.hh:96
XrdAccAccess_ID * SXList
Definition: XrdAccAccess.hh:98
XrdAccCapability * Z_List
Definition: XrdAccAccess.hh:97
XrdOucHash< XrdAccCapability > * T_Hash
Definition: XrdAccAccess.hh:92
XrdOucHash< XrdAccCapability > * O_Hash
Definition: XrdAccAccess.hh:89
XrdAccCapName * D_List
Definition: XrdAccAccess.hh:94
XrdOucHash< XrdAccCapability > * H_Hash
Definition: XrdAccAccess.hh:87
XrdOucHash< XrdAccAccess_ID > * S_Hash
Definition: XrdAccAccess.hh:91
XrdOucHash< XrdAccCapability > * R_Hash
Definition: XrdAccAccess.hh:90
XrdAccAccess_ID * SYList
Definition: XrdAccAccess.hh:99