[ceph.git] / ceph / src / rgw / rgw_rest_role.h

// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab ft=cpp

#pragma once

#include "common/async/yield_context.h"

#include "rgw_role.h"
#include "rgw_rest.h"

class RGWRestRole : public RGWRESTOp {
protected:
  std::string role_name;
  std::string role_path;
  std::string trust_policy;
  std::string policy_name;
  std::string perm_policy;
  std::string path_prefix;
  std::string max_session_duration;
  std::multimap<std::string,std::string> tags;
  std::vector<std::string> tagKeys;
  std::unique_ptr<rgw::sal::RGWRole> _role;
  int verify_permission(optional_yield y) override;
  void send_response() override;
  virtual uint64_t get_op() = 0;
  int parse_tags();
};

class RGWRoleRead : public RGWRestRole {
public:
  RGWRoleRead() = default;
  int check_caps(const RGWUserCaps& caps) override;
};

class RGWRoleWrite : public RGWRestRole {
public:
  RGWRoleWrite() = default;
  int check_caps(const RGWUserCaps& caps) override;
};

class RGWCreateRole : public RGWRoleWrite {
public:
  RGWCreateRole() = default;
  int verify_permission(optional_yield y) override;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "create_role"; }
  RGWOpType get_type() override { return RGW_OP_CREATE_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamCreateRole; }
};

class RGWDeleteRole : public RGWRoleWrite {
public:
  RGWDeleteRole() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "delete_role"; }
  RGWOpType get_type() override { return RGW_OP_DELETE_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamDeleteRole; }
};

class RGWGetRole : public RGWRoleRead {
  int _verify_permission(const rgw::sal::RGWRole* role);
public:
  RGWGetRole() = default;
  int verify_permission(optional_yield y) override;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "get_role"; }
  RGWOpType get_type() override { return RGW_OP_GET_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamGetRole; }
};

class RGWModifyRole : public RGWRoleWrite {
public:
  RGWModifyRole() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "modify_role"; }
  RGWOpType get_type() override { return RGW_OP_MODIFY_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamModifyRole; }
};

class RGWListRoles : public RGWRoleRead {
public:
  RGWListRoles() = default;
  int verify_permission(optional_yield y) override;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "list_roles"; }
  RGWOpType get_type() override { return RGW_OP_LIST_ROLES; }
  uint64_t get_op() override { return rgw::IAM::iamListRoles; }
};

class RGWPutRolePolicy : public RGWRoleWrite {
public:
  RGWPutRolePolicy() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "put_role_policy"; }
  RGWOpType get_type() override { return RGW_OP_PUT_ROLE_POLICY; }
  uint64_t get_op() override { return rgw::IAM::iamPutRolePolicy; }
};

class RGWGetRolePolicy : public RGWRoleRead {
public:
  RGWGetRolePolicy() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "get_role_policy"; }
  RGWOpType get_type() override { return RGW_OP_GET_ROLE_POLICY; }
  uint64_t get_op() override { return rgw::IAM::iamGetRolePolicy; }
};

class RGWListRolePolicies : public RGWRoleRead {
public:
  RGWListRolePolicies() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "list_role_policies"; }
  RGWOpType get_type() override { return RGW_OP_LIST_ROLE_POLICIES; }
  uint64_t get_op() override { return rgw::IAM::iamListRolePolicies; }
};

class RGWDeleteRolePolicy : public RGWRoleWrite {
public:
  RGWDeleteRolePolicy() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "delete_role_policy"; }
  RGWOpType get_type() override { return RGW_OP_DELETE_ROLE_POLICY; }
  uint64_t get_op() override { return rgw::IAM::iamDeleteRolePolicy; }
};

class RGWTagRole : public RGWRoleWrite {
public:
  RGWTagRole() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "tag_role"; }
  RGWOpType get_type() override { return RGW_OP_TAG_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamTagRole; }
};

class RGWListRoleTags : public RGWRoleRead {
public:
  RGWListRoleTags() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "list_role_tags"; }
  RGWOpType get_type() override { return RGW_OP_LIST_ROLE_TAGS; }
  uint64_t get_op() override { return rgw::IAM::iamListRoleTags; }
};

class RGWUntagRole : public RGWRoleWrite {
public:
  RGWUntagRole() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "untag_role"; }
  RGWOpType get_type() override { return RGW_OP_UNTAG_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamUntagRole; }
};
Commit	Line	Data
31f18b77	1	// -- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t --
9f95a23c	2	// vim: ts=8 sw=2 smarttab ft=cpp
11fdf7f2	3
9f95a23c	4	#pragma once
7c673cae	5
f67539c2 TL	6	#include "common/async/yield_context.h"
f67539c2 TL	7
11fdf7f2	8	#include "rgw_role.h"
f67539c2	9	#include "rgw_rest.h"
11fdf7f2 TL	10
11fdf7f2 TL	11	class RGWRestRole : public RGWRESTOp {
7c673cae	12	protected:
20effc67 TL	13	std::string role_name;
	14	std::string role_path;
	15	std::string trust_policy;
	16	std::string policy_name;
	17	std::string perm_policy;
	18	std::string path_prefix;
	19	std::string max_session_duration;
	20	std::multimap<std::string,std::string> tags;
	21	std::vector<std::string> tagKeys;
	22	std::unique_ptr<rgw::sal::RGWRole> _role;
f67539c2	23	int verify_permission(optional_yield y) override;
7c673cae	24	void send_response() override;
11fdf7f2	25	virtual uint64_t get_op() = 0;
20effc67	26	int parse_tags();
7c673cae FG	27	};
	28
	29	class RGWRoleRead : public RGWRestRole {
	30	public:
	31	RGWRoleRead() = default;
9f95a23c	32	int check_caps(const RGWUserCaps& caps) override;
7c673cae FG	33	};
	34
	35	class RGWRoleWrite : public RGWRestRole {
	36	public:
	37	RGWRoleWrite() = default;
9f95a23c	38	int check_caps(const RGWUserCaps& caps) override;
7c673cae FG	39	};
	40
	41	class RGWCreateRole : public RGWRoleWrite {
	42	public:
	43	RGWCreateRole() = default;
f67539c2 TL	44	int verify_permission(optional_yield y) override;
f67539c2 TL	45	void execute(optional_yield y) override;
7c673cae	46	int get_params();
11fdf7f2	47	const char* name() const override { return "create_role"; }
7c673cae	48	RGWOpType get_type() override { return RGW_OP_CREATE_ROLE; }
f67539c2	49	uint64_t get_op() override { return rgw::IAM::iamCreateRole; }
7c673cae FG	50	};
	51
	52	class RGWDeleteRole : public RGWRoleWrite {
	53	public:
	54	RGWDeleteRole() = default;
f67539c2	55	void execute(optional_yield y) override;
7c673cae	56	int get_params();
11fdf7f2	57	const char* name() const override { return "delete_role"; }
7c673cae	58	RGWOpType get_type() override { return RGW_OP_DELETE_ROLE; }
f67539c2	59	uint64_t get_op() override { return rgw::IAM::iamDeleteRole; }
7c673cae FG	60	};
	61
	62	class RGWGetRole : public RGWRoleRead {
20effc67	63	int _verify_permission(const rgw::sal::RGWRole* role);
7c673cae FG	64	public:
7c673cae FG	65	RGWGetRole() = default;
f67539c2 TL	66	int verify_permission(optional_yield y) override;
f67539c2 TL	67	void execute(optional_yield y) override;
7c673cae	68	int get_params();
11fdf7f2	69	const char* name() const override { return "get_role"; }
7c673cae	70	RGWOpType get_type() override { return RGW_OP_GET_ROLE; }
f67539c2	71	uint64_t get_op() override { return rgw::IAM::iamGetRole; }
7c673cae FG	72	};
	73
	74	class RGWModifyRole : public RGWRoleWrite {
	75	public:
	76	RGWModifyRole() = default;
f67539c2	77	void execute(optional_yield y) override;
7c673cae	78	int get_params();
11fdf7f2	79	const char* name() const override { return "modify_role"; }
7c673cae	80	RGWOpType get_type() override { return RGW_OP_MODIFY_ROLE; }
f67539c2	81	uint64_t get_op() override { return rgw::IAM::iamModifyRole; }
7c673cae FG	82	};
	83
	84	class RGWListRoles : public RGWRoleRead {
	85	public:
	86	RGWListRoles() = default;
f67539c2 TL	87	int verify_permission(optional_yield y) override;
f67539c2 TL	88	void execute(optional_yield y) override;
7c673cae	89	int get_params();
11fdf7f2	90	const char* name() const override { return "list_roles"; }
7c673cae	91	RGWOpType get_type() override { return RGW_OP_LIST_ROLES; }
f67539c2	92	uint64_t get_op() override { return rgw::IAM::iamListRoles; }
7c673cae FG	93	};
	94
	95	class RGWPutRolePolicy : public RGWRoleWrite {
	96	public:
	97	RGWPutRolePolicy() = default;
f67539c2	98	void execute(optional_yield y) override;
7c673cae	99	int get_params();
11fdf7f2	100	const char* name() const override { return "put_role_policy"; }
7c673cae	101	RGWOpType get_type() override { return RGW_OP_PUT_ROLE_POLICY; }
f67539c2	102	uint64_t get_op() override { return rgw::IAM::iamPutRolePolicy; }
7c673cae FG	103	};
	104
	105	class RGWGetRolePolicy : public RGWRoleRead {
	106	public:
	107	RGWGetRolePolicy() = default;
f67539c2	108	void execute(optional_yield y) override;
7c673cae	109	int get_params();
11fdf7f2	110	const char* name() const override { return "get_role_policy"; }
7c673cae	111	RGWOpType get_type() override { return RGW_OP_GET_ROLE_POLICY; }
f67539c2	112	uint64_t get_op() override { return rgw::IAM::iamGetRolePolicy; }
7c673cae FG	113	};
	114
	115	class RGWListRolePolicies : public RGWRoleRead {
	116	public:
	117	RGWListRolePolicies() = default;
f67539c2	118	void execute(optional_yield y) override;
7c673cae	119	int get_params();
11fdf7f2	120	const char* name() const override { return "list_role_policies"; }
7c673cae	121	RGWOpType get_type() override { return RGW_OP_LIST_ROLE_POLICIES; }
f67539c2	122	uint64_t get_op() override { return rgw::IAM::iamListRolePolicies; }
7c673cae FG	123	};
	124
	125	class RGWDeleteRolePolicy : public RGWRoleWrite {
	126	public:
	127	RGWDeleteRolePolicy() = default;
f67539c2	128	void execute(optional_yield y) override;
7c673cae	129	int get_params();
11fdf7f2	130	const char* name() const override { return "delete_role_policy"; }
7c673cae	131	RGWOpType get_type() override { return RGW_OP_DELETE_ROLE_POLICY; }
f67539c2	132	uint64_t get_op() override { return rgw::IAM::iamDeleteRolePolicy; }
7c673cae	133	};
20effc67 TL	134
	135	class RGWTagRole : public RGWRoleWrite {
	136	public:
	137	RGWTagRole() = default;
	138	void execute(optional_yield y) override;
	139	int get_params();
	140	const char* name() const override { return "tag_role"; }
	141	RGWOpType get_type() override { return RGW_OP_TAG_ROLE; }
	142	uint64_t get_op() override { return rgw::IAM::iamTagRole; }
	143	};
	144
	145	class RGWListRoleTags : public RGWRoleRead {
	146	public:
	147	RGWListRoleTags() = default;
	148	void execute(optional_yield y) override;
	149	int get_params();
	150	const char* name() const override { return "list_role_tags"; }
	151	RGWOpType get_type() override { return RGW_OP_LIST_ROLE_TAGS; }
	152	uint64_t get_op() override { return rgw::IAM::iamListRoleTags; }
	153	};
	154
	155	class RGWUntagRole : public RGWRoleWrite {
	156	public:
	157	RGWUntagRole() = default;
	158	void execute(optional_yield y) override;
	159	int get_params();
	160	const char* name() const override { return "untag_role"; }
	161	RGWOpType get_type() override { return RGW_OP_UNTAG_ROLE; }
	162	uint64_t get_op() override { return rgw::IAM::iamUntagRole; }
	163	};