[ceph.git] / ceph / src / rgw / rgw_rest_role.h

// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab ft=cpp

#pragma once

#include "common/async/yield_context.h"

#include "rgw_role.h"
#include "rgw_rest.h"

class RGWRestRole : public RGWRESTOp {
protected:
  std::string role_name;
  std::string role_path;
  std::string trust_policy;
  std::string policy_name;
  std::string perm_policy;
  std::string path_prefix;
  std::string max_session_duration;
  std::multimap<std::string,std::string> tags;
  std::vector<std::string> tagKeys;
  std::unique_ptr<rgw::sal::RGWRole> _role;
  int verify_permission(optional_yield y) override;
  void send_response() override;
  virtual uint64_t get_op() = 0;
  int parse_tags();
};

class RGWRoleRead : public RGWRestRole {
public:
  RGWRoleRead() = default;
  int check_caps(const RGWUserCaps& caps) override;
};

class RGWRoleWrite : public RGWRestRole {
public:
  RGWRoleWrite() = default;
  int check_caps(const RGWUserCaps& caps) override;
};

class RGWCreateRole : public RGWRoleWrite {
  bufferlist bl_post_body;
public:
  RGWCreateRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
  int verify_permission(optional_yield y) override;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "create_role"; }
  RGWOpType get_type() override { return RGW_OP_CREATE_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamCreateRole; }
};

class RGWDeleteRole : public RGWRoleWrite {
  bufferlist bl_post_body;
public:
  RGWDeleteRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "delete_role"; }
  RGWOpType get_type() override { return RGW_OP_DELETE_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamDeleteRole; }
};

class RGWGetRole : public RGWRoleRead {
  int _verify_permission(const rgw::sal::RGWRole* role);
public:
  RGWGetRole() = default;
  int verify_permission(optional_yield y) override;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "get_role"; }
  RGWOpType get_type() override { return RGW_OP_GET_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamGetRole; }
};

class RGWModifyRoleTrustPolicy : public RGWRoleWrite {
  bufferlist bl_post_body;
public:
  RGWModifyRoleTrustPolicy(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "modify_role_trust_policy"; }
  RGWOpType get_type() override { return RGW_OP_MODIFY_ROLE_TRUST_POLICY; }
  uint64_t get_op() override { return rgw::IAM::iamModifyRoleTrustPolicy; }
};

class RGWListRoles : public RGWRoleRead {
public:
  RGWListRoles() = default;
  int verify_permission(optional_yield y) override;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "list_roles"; }
  RGWOpType get_type() override { return RGW_OP_LIST_ROLES; }
  uint64_t get_op() override { return rgw::IAM::iamListRoles; }
};

class RGWPutRolePolicy : public RGWRoleWrite {
  bufferlist bl_post_body;
public:
  RGWPutRolePolicy(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "put_role_policy"; }
  RGWOpType get_type() override { return RGW_OP_PUT_ROLE_POLICY; }
  uint64_t get_op() override { return rgw::IAM::iamPutRolePolicy; }
};

class RGWGetRolePolicy : public RGWRoleRead {
public:
  RGWGetRolePolicy() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "get_role_policy"; }
  RGWOpType get_type() override { return RGW_OP_GET_ROLE_POLICY; }
  uint64_t get_op() override { return rgw::IAM::iamGetRolePolicy; }
};

class RGWListRolePolicies : public RGWRoleRead {
public:
  RGWListRolePolicies() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "list_role_policies"; }
  RGWOpType get_type() override { return RGW_OP_LIST_ROLE_POLICIES; }
  uint64_t get_op() override { return rgw::IAM::iamListRolePolicies; }
};

class RGWDeleteRolePolicy : public RGWRoleWrite {
  bufferlist bl_post_body;
public:
  RGWDeleteRolePolicy(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "delete_role_policy"; }
  RGWOpType get_type() override { return RGW_OP_DELETE_ROLE_POLICY; }
  uint64_t get_op() override { return rgw::IAM::iamDeleteRolePolicy; }
};

class RGWTagRole : public RGWRoleWrite {
  bufferlist bl_post_body;
public:
  RGWTagRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "tag_role"; }
  RGWOpType get_type() override { return RGW_OP_TAG_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamTagRole; }
};

class RGWListRoleTags : public RGWRoleRead {
public:
  RGWListRoleTags() = default;
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "list_role_tags"; }
  RGWOpType get_type() override { return RGW_OP_LIST_ROLE_TAGS; }
  uint64_t get_op() override { return rgw::IAM::iamListRoleTags; }
};

class RGWUntagRole : public RGWRoleWrite {
  bufferlist bl_post_body;
public:
  RGWUntagRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "untag_role"; }
  RGWOpType get_type() override { return RGW_OP_UNTAG_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamUntagRole; }
};

class RGWUpdateRole : public RGWRoleWrite {
  bufferlist bl_post_body;
public:
  RGWUpdateRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
  void execute(optional_yield y) override;
  int get_params();
  const char* name() const override { return "update_role"; }
  RGWOpType get_type() override { return RGW_OP_UPDATE_ROLE; }
  uint64_t get_op() override { return rgw::IAM::iamUpdateRole; }
};
Commit	Line	Data
31f18b77	1	// -- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t --
9f95a23c	2	// vim: ts=8 sw=2 smarttab ft=cpp
11fdf7f2	3
9f95a23c	4	#pragma once
7c673cae	5
f67539c2 TL	6	#include "common/async/yield_context.h"
f67539c2 TL	7
11fdf7f2	8	#include "rgw_role.h"
f67539c2	9	#include "rgw_rest.h"
11fdf7f2 TL	10
11fdf7f2 TL	11	class RGWRestRole : public RGWRESTOp {
7c673cae	12	protected:
20effc67 TL	13	std::string role_name;
	14	std::string role_path;
	15	std::string trust_policy;
	16	std::string policy_name;
	17	std::string perm_policy;
	18	std::string path_prefix;
	19	std::string max_session_duration;
	20	std::multimap<std::string,std::string> tags;
	21	std::vector<std::string> tagKeys;
	22	std::unique_ptr<rgw::sal::RGWRole> _role;
f67539c2	23	int verify_permission(optional_yield y) override;
7c673cae	24	void send_response() override;
11fdf7f2	25	virtual uint64_t get_op() = 0;
20effc67	26	int parse_tags();
7c673cae FG	27	};
	28
	29	class RGWRoleRead : public RGWRestRole {
	30	public:
	31	RGWRoleRead() = default;
9f95a23c	32	int check_caps(const RGWUserCaps& caps) override;
7c673cae FG	33	};
	34
	35	class RGWRoleWrite : public RGWRestRole {
	36	public:
	37	RGWRoleWrite() = default;
9f95a23c	38	int check_caps(const RGWUserCaps& caps) override;
7c673cae FG	39	};
	40
	41	class RGWCreateRole : public RGWRoleWrite {
39ae355f	42	bufferlist bl_post_body;
7c673cae	43	public:
39ae355f	44	RGWCreateRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
f67539c2 TL	45	int verify_permission(optional_yield y) override;
f67539c2 TL	46	void execute(optional_yield y) override;
7c673cae	47	int get_params();
11fdf7f2	48	const char* name() const override { return "create_role"; }
7c673cae	49	RGWOpType get_type() override { return RGW_OP_CREATE_ROLE; }
f67539c2	50	uint64_t get_op() override { return rgw::IAM::iamCreateRole; }
7c673cae FG	51	};
	52
	53	class RGWDeleteRole : public RGWRoleWrite {
39ae355f	54	bufferlist bl_post_body;
7c673cae	55	public:
39ae355f	56	RGWDeleteRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
f67539c2	57	void execute(optional_yield y) override;
7c673cae	58	int get_params();
11fdf7f2	59	const char* name() const override { return "delete_role"; }
7c673cae	60	RGWOpType get_type() override { return RGW_OP_DELETE_ROLE; }
f67539c2	61	uint64_t get_op() override { return rgw::IAM::iamDeleteRole; }
7c673cae FG	62	};
	63
	64	class RGWGetRole : public RGWRoleRead {
20effc67	65	int _verify_permission(const rgw::sal::RGWRole* role);
7c673cae FG	66	public:
7c673cae FG	67	RGWGetRole() = default;
f67539c2 TL	68	int verify_permission(optional_yield y) override;
f67539c2 TL	69	void execute(optional_yield y) override;
7c673cae	70	int get_params();
11fdf7f2	71	const char* name() const override { return "get_role"; }
7c673cae	72	RGWOpType get_type() override { return RGW_OP_GET_ROLE; }
f67539c2	73	uint64_t get_op() override { return rgw::IAM::iamGetRole; }
7c673cae FG	74	};
7c673cae FG	75
1e59de90	76	class RGWModifyRoleTrustPolicy : public RGWRoleWrite {
39ae355f	77	bufferlist bl_post_body;
7c673cae	78	public:
1e59de90	79	RGWModifyRoleTrustPolicy(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
f67539c2	80	void execute(optional_yield y) override;
7c673cae	81	int get_params();
1e59de90 TL	82	const char* name() const override { return "modify_role_trust_policy"; }
	83	RGWOpType get_type() override { return RGW_OP_MODIFY_ROLE_TRUST_POLICY; }
	84	uint64_t get_op() override { return rgw::IAM::iamModifyRoleTrustPolicy; }
7c673cae FG	85	};
	86
	87	class RGWListRoles : public RGWRoleRead {
	88	public:
	89	RGWListRoles() = default;
f67539c2 TL	90	int verify_permission(optional_yield y) override;
f67539c2 TL	91	void execute(optional_yield y) override;
7c673cae	92	int get_params();
11fdf7f2	93	const char* name() const override { return "list_roles"; }
7c673cae	94	RGWOpType get_type() override { return RGW_OP_LIST_ROLES; }
f67539c2	95	uint64_t get_op() override { return rgw::IAM::iamListRoles; }
7c673cae FG	96	};
	97
	98	class RGWPutRolePolicy : public RGWRoleWrite {
39ae355f	99	bufferlist bl_post_body;
7c673cae	100	public:
39ae355f	101	RGWPutRolePolicy(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
f67539c2	102	void execute(optional_yield y) override;
7c673cae	103	int get_params();
11fdf7f2	104	const char* name() const override { return "put_role_policy"; }
7c673cae	105	RGWOpType get_type() override { return RGW_OP_PUT_ROLE_POLICY; }
f67539c2	106	uint64_t get_op() override { return rgw::IAM::iamPutRolePolicy; }
7c673cae FG	107	};
	108
	109	class RGWGetRolePolicy : public RGWRoleRead {
	110	public:
	111	RGWGetRolePolicy() = default;
f67539c2	112	void execute(optional_yield y) override;
7c673cae	113	int get_params();
11fdf7f2	114	const char* name() const override { return "get_role_policy"; }
7c673cae	115	RGWOpType get_type() override { return RGW_OP_GET_ROLE_POLICY; }
f67539c2	116	uint64_t get_op() override { return rgw::IAM::iamGetRolePolicy; }
7c673cae FG	117	};
	118
	119	class RGWListRolePolicies : public RGWRoleRead {
	120	public:
	121	RGWListRolePolicies() = default;
f67539c2	122	void execute(optional_yield y) override;
7c673cae	123	int get_params();
11fdf7f2	124	const char* name() const override { return "list_role_policies"; }
7c673cae	125	RGWOpType get_type() override { return RGW_OP_LIST_ROLE_POLICIES; }
f67539c2	126	uint64_t get_op() override { return rgw::IAM::iamListRolePolicies; }
7c673cae FG	127	};
	128
	129	class RGWDeleteRolePolicy : public RGWRoleWrite {
39ae355f	130	bufferlist bl_post_body;
7c673cae	131	public:
39ae355f	132	RGWDeleteRolePolicy(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
f67539c2	133	void execute(optional_yield y) override;
7c673cae	134	int get_params();
11fdf7f2	135	const char* name() const override { return "delete_role_policy"; }
7c673cae	136	RGWOpType get_type() override { return RGW_OP_DELETE_ROLE_POLICY; }
f67539c2	137	uint64_t get_op() override { return rgw::IAM::iamDeleteRolePolicy; }
7c673cae	138	};
20effc67 TL	139
20effc67 TL	140	class RGWTagRole : public RGWRoleWrite {
39ae355f	141	bufferlist bl_post_body;
20effc67	142	public:
39ae355f	143	RGWTagRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
20effc67 TL	144	void execute(optional_yield y) override;
	145	int get_params();
	146	const char* name() const override { return "tag_role"; }
	147	RGWOpType get_type() override { return RGW_OP_TAG_ROLE; }
	148	uint64_t get_op() override { return rgw::IAM::iamTagRole; }
	149	};
	150
	151	class RGWListRoleTags : public RGWRoleRead {
	152	public:
	153	RGWListRoleTags() = default;
	154	void execute(optional_yield y) override;
	155	int get_params();
	156	const char* name() const override { return "list_role_tags"; }
	157	RGWOpType get_type() override { return RGW_OP_LIST_ROLE_TAGS; }
	158	uint64_t get_op() override { return rgw::IAM::iamListRoleTags; }
	159	};
	160
	161	class RGWUntagRole : public RGWRoleWrite {
39ae355f	162	bufferlist bl_post_body;
20effc67	163	public:
39ae355f	164	RGWUntagRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
20effc67 TL	165	void execute(optional_yield y) override;
	166	int get_params();
	167	const char* name() const override { return "untag_role"; }
	168	RGWOpType get_type() override { return RGW_OP_UNTAG_ROLE; }
	169	uint64_t get_op() override { return rgw::IAM::iamUntagRole; }
	170	};
1e59de90 TL	171
	172	class RGWUpdateRole : public RGWRoleWrite {
	173	bufferlist bl_post_body;
	174	public:
	175	RGWUpdateRole(const bufferlist& bl_post_body) : bl_post_body(bl_post_body) {};
	176	void execute(optional_yield y) override;
	177	int get_params();
	178	const char* name() const override { return "update_role"; }
	179	RGWOpType get_type() override { return RGW_OP_UPDATE_ROLE; }
	180	uint64_t get_op() override { return rgw::IAM::iamUpdateRole; }
	181	};