]> git.proxmox.com Git - ceph.git/blame - ceph/src/rgw/rgw_role.h
import quincy beta 17.1.0
[ceph.git] / ceph / src / rgw / rgw_role.h
CommitLineData
11fdf7f2 1// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
9f95a23c 2// vim: ts=8 sw=2 smarttab ft=cpp
11fdf7f2 3
7c673cae
FG
4#ifndef CEPH_RGW_ROLE_H
5#define CEPH_RGW_ROLE_H
6
11fdf7f2
TL
7#include <string>
8
f67539c2
TL
9#include "common/async/yield_context.h"
10
11#include "common/ceph_json.h"
11fdf7f2
TL
12#include "common/ceph_context.h"
13
f67539c2
TL
14#include "rgw/rgw_rados.h"
15
20effc67 16namespace rgw { namespace sal {
11fdf7f2 17
7c673cae
FG
18class RGWRole
19{
20effc67
TL
20public:
21 static const std::string role_name_oid_prefix;
22 static const std::string role_oid_prefix;
23 static const std::string role_path_oid_prefix;
24 static const std::string role_arn_prefix;
31f18b77
FG
25 static constexpr int MAX_ROLE_NAME_LEN = 64;
26 static constexpr int MAX_PATH_NAME_LEN = 512;
11fdf7f2
TL
27 static constexpr uint64_t SESSION_DURATION_MIN = 3600; // in seconds
28 static constexpr uint64_t SESSION_DURATION_MAX = 43200; // in seconds
20effc67
TL
29protected:
30
31 std::string id;
32 std::string name;
33 std::string path;
34 std::string arn;
35 std::string creation_date;
36 std::string trust_policy;
37 std::map<std::string, std::string> perm_policy_map;
38 std::string tenant;
11fdf7f2 39 uint64_t max_session_duration;
20effc67 40 std::multimap<std::string,std::string> tags;
7c673cae 41
20effc67
TL
42public:
43 virtual int store_info(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0;
44 virtual int store_name(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0;
45 virtual int store_path(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0;
46 virtual int read_id(const DoutPrefixProvider *dpp, const std::string& role_name, const std::string& tenant, std::string& role_id, optional_yield y) = 0;
47 virtual int read_name(const DoutPrefixProvider *dpp, optional_yield y) = 0;
48 virtual int read_info(const DoutPrefixProvider *dpp, optional_yield y) = 0;
49 bool validate_input(const DoutPrefixProvider* dpp);
31f18b77 50 void extract_name_tenant(const std::string& str);
7c673cae 51
20effc67
TL
52 RGWRole(std::string name,
53 std::string tenant,
54 std::string path="",
55 std::string trust_policy="",
56 std::string max_session_duration_str="",
57 std::multimap<std::string,std::string> tags={})
58 : name(std::move(name)),
7c673cae
FG
59 path(std::move(path)),
60 trust_policy(std::move(trust_policy)),
20effc67
TL
61 tenant(std::move(tenant)),
62 tags(std::move(tags)) {
7c673cae
FG
63 if (this->path.empty())
64 this->path = "/";
31f18b77 65 extract_name_tenant(this->name);
11fdf7f2
TL
66 if (max_session_duration_str.empty()) {
67 max_session_duration = SESSION_DURATION_MIN;
68 } else {
69 max_session_duration = std::stoull(max_session_duration_str);
70 }
7c673cae
FG
71 }
72
20effc67 73 RGWRole(std::string id) : id(std::move(id)) {}
7c673cae 74
20effc67 75 virtual ~RGWRole() = default;
7c673cae
FG
76
77 void encode(bufferlist& bl) const {
11fdf7f2
TL
78 ENCODE_START(3, 1, bl);
79 encode(id, bl);
80 encode(name, bl);
81 encode(path, bl);
82 encode(arn, bl);
83 encode(creation_date, bl);
84 encode(trust_policy, bl);
85 encode(perm_policy_map, bl);
86 encode(tenant, bl);
87 encode(max_session_duration, bl);
7c673cae
FG
88 ENCODE_FINISH(bl);
89 }
90
11fdf7f2 91 void decode(bufferlist::const_iterator& bl) {
20effc67 92 DECODE_START(3, bl);
11fdf7f2
TL
93 decode(id, bl);
94 decode(name, bl);
95 decode(path, bl);
96 decode(arn, bl);
97 decode(creation_date, bl);
98 decode(trust_policy, bl);
99 decode(perm_policy_map, bl);
31f18b77 100 if (struct_v >= 2) {
11fdf7f2
TL
101 decode(tenant, bl);
102 }
103 if (struct_v >= 3) {
104 decode(max_session_duration, bl);
31f18b77 105 }
7c673cae
FG
106 DECODE_FINISH(bl);
107 }
108
20effc67
TL
109 const std::string& get_id() const { return id; }
110 const std::string& get_name() const { return name; }
111 const std::string& get_tenant() const { return tenant; }
112 const std::string& get_path() const { return path; }
113 const std::string& get_create_date() const { return creation_date; }
114 const std::string& get_assume_role_policy() const { return trust_policy;}
11fdf7f2 115 const uint64_t& get_max_session_duration() const { return max_session_duration; }
7c673cae 116
20effc67 117 void set_id(const std::string& id) { this->id = id; }
f91f0fd5 118
20effc67
TL
119 virtual int create(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0;
120 virtual int delete_obj(const DoutPrefixProvider *dpp, optional_yield y) = 0;
b3b6e05e
TL
121 int get(const DoutPrefixProvider *dpp, optional_yield y);
122 int get_by_id(const DoutPrefixProvider *dpp, optional_yield y);
123 int update(const DoutPrefixProvider *dpp, optional_yield y);
20effc67
TL
124 void update_trust_policy(std::string& trust_policy);
125 void set_perm_policy(const std::string& policy_name, const std::string& perm_policy);
126 std::vector<std::string> get_role_policy_names();
127 int get_role_policy(const DoutPrefixProvider* dpp, const std::string& policy_name, std::string& perm_policy);
128 int delete_policy(const DoutPrefixProvider* dpp, const std::string& policy_name);
129 int set_tags(const DoutPrefixProvider* dpp, const std::multimap<std::string,std::string>& tags_map);
130 boost::optional<std::multimap<std::string,std::string>> get_tags();
131 void erase_tags(const std::vector<std::string>& tagKeys);
7c673cae
FG
132 void dump(Formatter *f) const;
133 void decode_json(JSONObj *obj);
134
20effc67
TL
135 static const std::string& get_names_oid_prefix();
136 static const std::string& get_info_oid_prefix();
137 static const std::string& get_path_oid_prefix();
7c673cae
FG
138};
139WRITE_CLASS_ENCODER(RGWRole)
20effc67 140} } // namespace rgw::sal
7c673cae 141#endif /* CEPH_RGW_ROLE_H */