XRootD
XrdAccAuthorize Class Referenceabstract

#include <XrdAccAuthorize.hh>

+ Inheritance diagram for XrdAccAuthorize:
+ Collaboration diagram for XrdAccAuthorize:

Public Member Functions

 XrdAccAuthorize ()
 Constructor. More...
 
virtual ~XrdAccAuthorize ()
 Destructor. More...
 
virtual XrdAccPrivs Access (const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env=0)=0
 
virtual int Audit (const int accok, const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env=0)=0
 
virtual int Test (const XrdAccPrivs priv, const Access_Operation oper)=0
 

Detailed Description

Definition at line 67 of file XrdAccAuthorize.hh.

Constructor & Destructor Documentation

◆ XrdAccAuthorize()

XrdAccAuthorize::XrdAccAuthorize ( )
inline

Constructor.

Definition at line 134 of file XrdAccAuthorize.hh.

134 {}

◆ ~XrdAccAuthorize()

virtual XrdAccAuthorize::~XrdAccAuthorize ( )
inlinevirtual

Destructor.

Definition at line 140 of file XrdAccAuthorize.hh.

140 {}

Member Function Documentation

◆ Access()

virtual XrdAccPrivs XrdAccAuthorize::Access ( const XrdSecEntity Entity,
const char *  path,
const Access_Operation  oper,
XrdOucEnv Env = 0 
)
pure virtual

Check whether or not the client is permitted specified access to a path.

Parameters
Entity-> Authentication information
path-> The logical path which is the target of oper
oper-> The operation being attempted (see the enum above). If the oper is AOP_Any, then the actual privileges are returned and the caller may make subsequent tests using Test().
Env-> Environmental information at the time of the operation as supplied by the path CGI string. This is optional and the pointer may be zero.
Returns
Permit: a non-zero value (access is permitted) Deny: zero (access is denied)

Implemented in XrdAccAccess, XrdAccSciTokens, and Macaroons::Authz.

Referenced by Macaroons::Authz::Access(), DoIt(), XrdOfs::fsctl(), XrdBwmFile::open(), XrdOfsFile::open(), and XrdOfs::rename().

+ Here is the caller graph for this function:

◆ Audit()

virtual int XrdAccAuthorize::Audit ( const int  accok,
const XrdSecEntity Entity,
const char *  path,
const Access_Operation  oper,
XrdOucEnv Env = 0 
)
pure virtual

Route an audit message to the appropriate audit exit routine. See XrdAccAudit.h for more information on how the default implementation works. Currently, this method is not called by the ofs but should be used by the implementation to record denials or grants, as warranted.

Parameters
accok-> True is access was grated; false otherwise.
Entity-> Authentication information
path-> The logical path which is the target of oper
oper-> The operation being attempted (see above)
Env-> Environmental information at the time of the operation as supplied by the path CGI string. This is optional and the pointer may be zero.
Returns
Success: !0 information recorded. Failure: 0 information could not be recorded.

Implemented in XrdAccSciTokens, XrdAccAccess, and Macaroons::Authz.

◆ Test()

virtual int XrdAccAuthorize::Test ( const XrdAccPrivs  priv,
const Access_Operation  oper 
)
pure virtual

Check whether the specified operation is permitted.

Parameters
priv-> the privileges as returned by Access().
oper-> The operation being attempted (see above)
Returns
Permit: a non-zero value (access is permitted) Deny: zero (access is denied)

Implemented in XrdAccSciTokens, Macaroons::Authz, and XrdAccAccess.

Referenced by XrdAccSciTokens::Test().

+ Here is the caller graph for this function:

The documentation for this class was generated from the following file: