]>
Commit | Line | Data |
---|---|---|
11fdf7f2 | 1 | // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- |
9f95a23c | 2 | // vim: ts=8 sw=2 smarttab ft=cpp |
11fdf7f2 | 3 | |
7c673cae FG |
4 | #ifndef CEPH_RGW_ROLE_H |
5 | #define CEPH_RGW_ROLE_H | |
6 | ||
11fdf7f2 TL |
7 | #include <string> |
8 | ||
9 | #include "common/ceph_context.h" | |
10 | ||
9f95a23c | 11 | class RGWCtl; |
11fdf7f2 | 12 | |
7c673cae FG |
13 | class RGWRole |
14 | { | |
11fdf7f2 | 15 | using string = std::string; |
7c673cae FG |
16 | static const string role_name_oid_prefix; |
17 | static const string role_oid_prefix; | |
18 | static const string role_path_oid_prefix; | |
19 | static const string role_arn_prefix; | |
31f18b77 FG |
20 | static constexpr int MAX_ROLE_NAME_LEN = 64; |
21 | static constexpr int MAX_PATH_NAME_LEN = 512; | |
11fdf7f2 TL |
22 | static constexpr uint64_t SESSION_DURATION_MIN = 3600; // in seconds |
23 | static constexpr uint64_t SESSION_DURATION_MAX = 43200; // in seconds | |
7c673cae FG |
24 | |
25 | CephContext *cct; | |
9f95a23c | 26 | RGWCtl *ctl; |
7c673cae FG |
27 | string id; |
28 | string name; | |
29 | string path; | |
30 | string arn; | |
31 | string creation_date; | |
32 | string trust_policy; | |
33 | map<string, string> perm_policy_map; | |
31f18b77 | 34 | string tenant; |
11fdf7f2 | 35 | uint64_t max_session_duration; |
7c673cae FG |
36 | |
37 | int store_info(bool exclusive); | |
38 | int store_name(bool exclusive); | |
39 | int store_path(bool exclusive); | |
31f18b77 | 40 | int read_id(const string& role_name, const string& tenant, string& role_id); |
7c673cae FG |
41 | int read_name(); |
42 | int read_info(); | |
31f18b77 FG |
43 | bool validate_input(); |
44 | void extract_name_tenant(const std::string& str); | |
7c673cae FG |
45 | |
46 | public: | |
47 | RGWRole(CephContext *cct, | |
9f95a23c | 48 | RGWCtl *ctl, |
7c673cae FG |
49 | string name, |
50 | string path, | |
51 | string trust_policy, | |
11fdf7f2 TL |
52 | string tenant, |
53 | string max_session_duration_str="") | |
7c673cae | 54 | : cct(cct), |
9f95a23c | 55 | ctl(ctl), |
7c673cae FG |
56 | name(std::move(name)), |
57 | path(std::move(path)), | |
58 | trust_policy(std::move(trust_policy)), | |
31f18b77 | 59 | tenant(std::move(tenant)) { |
7c673cae FG |
60 | if (this->path.empty()) |
61 | this->path = "/"; | |
31f18b77 | 62 | extract_name_tenant(this->name); |
11fdf7f2 TL |
63 | if (max_session_duration_str.empty()) { |
64 | max_session_duration = SESSION_DURATION_MIN; | |
65 | } else { | |
66 | max_session_duration = std::stoull(max_session_duration_str); | |
67 | } | |
7c673cae FG |
68 | } |
69 | ||
70 | RGWRole(CephContext *cct, | |
9f95a23c | 71 | RGWCtl *ctl, |
31f18b77 FG |
72 | string name, |
73 | string tenant) | |
74 | : cct(cct), | |
9f95a23c | 75 | ctl(ctl), |
31f18b77 FG |
76 | name(std::move(name)), |
77 | tenant(std::move(tenant)) { | |
78 | extract_name_tenant(this->name); | |
79 | } | |
80 | ||
81 | RGWRole(CephContext *cct, | |
9f95a23c | 82 | RGWCtl *ctl, |
31f18b77 | 83 | string id) |
7c673cae | 84 | : cct(cct), |
9f95a23c | 85 | ctl(ctl), |
31f18b77 | 86 | id(std::move(id)) {} |
7c673cae FG |
87 | |
88 | RGWRole(CephContext *cct, | |
9f95a23c | 89 | RGWCtl *ctl) |
7c673cae | 90 | : cct(cct), |
9f95a23c | 91 | ctl(ctl) {} |
7c673cae FG |
92 | |
93 | RGWRole() {} | |
94 | ||
95 | ~RGWRole() = default; | |
96 | ||
97 | void encode(bufferlist& bl) const { | |
11fdf7f2 TL |
98 | ENCODE_START(3, 1, bl); |
99 | encode(id, bl); | |
100 | encode(name, bl); | |
101 | encode(path, bl); | |
102 | encode(arn, bl); | |
103 | encode(creation_date, bl); | |
104 | encode(trust_policy, bl); | |
105 | encode(perm_policy_map, bl); | |
106 | encode(tenant, bl); | |
107 | encode(max_session_duration, bl); | |
7c673cae FG |
108 | ENCODE_FINISH(bl); |
109 | } | |
110 | ||
11fdf7f2 | 111 | void decode(bufferlist::const_iterator& bl) { |
31f18b77 | 112 | DECODE_START(2, bl); |
11fdf7f2 TL |
113 | decode(id, bl); |
114 | decode(name, bl); | |
115 | decode(path, bl); | |
116 | decode(arn, bl); | |
117 | decode(creation_date, bl); | |
118 | decode(trust_policy, bl); | |
119 | decode(perm_policy_map, bl); | |
31f18b77 | 120 | if (struct_v >= 2) { |
11fdf7f2 TL |
121 | decode(tenant, bl); |
122 | } | |
123 | if (struct_v >= 3) { | |
124 | decode(max_session_duration, bl); | |
31f18b77 | 125 | } |
7c673cae FG |
126 | DECODE_FINISH(bl); |
127 | } | |
128 | ||
129 | const string& get_id() const { return id; } | |
130 | const string& get_name() const { return name; } | |
f91f0fd5 | 131 | const string& get_tenant() const { return tenant; } |
7c673cae FG |
132 | const string& get_path() const { return path; } |
133 | const string& get_create_date() const { return creation_date; } | |
31f18b77 | 134 | const string& get_assume_role_policy() const { return trust_policy;} |
11fdf7f2 | 135 | const uint64_t& get_max_session_duration() const { return max_session_duration; } |
7c673cae | 136 | |
f91f0fd5 TL |
137 | void set_id(const string& id) { this->id = id; } |
138 | ||
7c673cae FG |
139 | int create(bool exclusive); |
140 | int delete_obj(); | |
141 | int get(); | |
31f18b77 | 142 | int get_by_id(); |
7c673cae FG |
143 | int update(); |
144 | void update_trust_policy(string& trust_policy); | |
145 | void set_perm_policy(const string& policy_name, const string& perm_policy); | |
146 | vector<string> get_role_policy_names(); | |
147 | int get_role_policy(const string& policy_name, string& perm_policy); | |
148 | int delete_policy(const string& policy_name); | |
149 | void dump(Formatter *f) const; | |
150 | void decode_json(JSONObj *obj); | |
151 | ||
152 | static const string& get_names_oid_prefix(); | |
153 | static const string& get_info_oid_prefix(); | |
154 | static const string& get_path_oid_prefix(); | |
31f18b77 FG |
155 | static int get_roles_by_path_prefix(RGWRados *store, |
156 | CephContext *cct, | |
157 | const string& path_prefix, | |
158 | const string& tenant, | |
159 | vector<RGWRole>& roles); | |
7c673cae FG |
160 | }; |
161 | WRITE_CLASS_ENCODER(RGWRole) | |
162 | #endif /* CEPH_RGW_ROLE_H */ | |
163 |