]>
Commit | Line | Data |
---|---|---|
11fdf7f2 | 1 | // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- |
9f95a23c | 2 | // vim: ts=8 sw=2 smarttab ft=cpp |
11fdf7f2 | 3 | |
7c673cae FG |
4 | #ifndef CEPH_RGW_ROLE_H |
5 | #define CEPH_RGW_ROLE_H | |
6 | ||
11fdf7f2 TL |
7 | #include <string> |
8 | ||
f67539c2 TL |
9 | #include "common/async/yield_context.h" |
10 | ||
11 | #include "common/ceph_json.h" | |
11fdf7f2 TL |
12 | #include "common/ceph_context.h" |
13 | ||
f67539c2 TL |
14 | #include "rgw/rgw_rados.h" |
15 | ||
20effc67 | 16 | namespace rgw { namespace sal { |
11fdf7f2 | 17 | |
7c673cae FG |
18 | class RGWRole |
19 | { | |
20effc67 TL |
20 | public: |
21 | static const std::string role_name_oid_prefix; | |
22 | static const std::string role_oid_prefix; | |
23 | static const std::string role_path_oid_prefix; | |
24 | static const std::string role_arn_prefix; | |
31f18b77 FG |
25 | static constexpr int MAX_ROLE_NAME_LEN = 64; |
26 | static constexpr int MAX_PATH_NAME_LEN = 512; | |
11fdf7f2 TL |
27 | static constexpr uint64_t SESSION_DURATION_MIN = 3600; // in seconds |
28 | static constexpr uint64_t SESSION_DURATION_MAX = 43200; // in seconds | |
20effc67 TL |
29 | protected: |
30 | ||
31 | std::string id; | |
32 | std::string name; | |
33 | std::string path; | |
34 | std::string arn; | |
35 | std::string creation_date; | |
36 | std::string trust_policy; | |
37 | std::map<std::string, std::string> perm_policy_map; | |
38 | std::string tenant; | |
11fdf7f2 | 39 | uint64_t max_session_duration; |
20effc67 | 40 | std::multimap<std::string,std::string> tags; |
7c673cae | 41 | |
20effc67 TL |
42 | public: |
43 | virtual int store_info(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0; | |
44 | virtual int store_name(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0; | |
45 | virtual int store_path(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0; | |
46 | virtual int read_id(const DoutPrefixProvider *dpp, const std::string& role_name, const std::string& tenant, std::string& role_id, optional_yield y) = 0; | |
47 | virtual int read_name(const DoutPrefixProvider *dpp, optional_yield y) = 0; | |
48 | virtual int read_info(const DoutPrefixProvider *dpp, optional_yield y) = 0; | |
49 | bool validate_input(const DoutPrefixProvider* dpp); | |
31f18b77 | 50 | void extract_name_tenant(const std::string& str); |
7c673cae | 51 | |
20effc67 TL |
52 | RGWRole(std::string name, |
53 | std::string tenant, | |
54 | std::string path="", | |
55 | std::string trust_policy="", | |
56 | std::string max_session_duration_str="", | |
57 | std::multimap<std::string,std::string> tags={}) | |
58 | : name(std::move(name)), | |
7c673cae FG |
59 | path(std::move(path)), |
60 | trust_policy(std::move(trust_policy)), | |
20effc67 TL |
61 | tenant(std::move(tenant)), |
62 | tags(std::move(tags)) { | |
7c673cae FG |
63 | if (this->path.empty()) |
64 | this->path = "/"; | |
31f18b77 | 65 | extract_name_tenant(this->name); |
11fdf7f2 TL |
66 | if (max_session_duration_str.empty()) { |
67 | max_session_duration = SESSION_DURATION_MIN; | |
68 | } else { | |
69 | max_session_duration = std::stoull(max_session_duration_str); | |
70 | } | |
7c673cae FG |
71 | } |
72 | ||
20effc67 | 73 | RGWRole(std::string id) : id(std::move(id)) {} |
7c673cae | 74 | |
20effc67 | 75 | virtual ~RGWRole() = default; |
7c673cae FG |
76 | |
77 | void encode(bufferlist& bl) const { | |
11fdf7f2 TL |
78 | ENCODE_START(3, 1, bl); |
79 | encode(id, bl); | |
80 | encode(name, bl); | |
81 | encode(path, bl); | |
82 | encode(arn, bl); | |
83 | encode(creation_date, bl); | |
84 | encode(trust_policy, bl); | |
85 | encode(perm_policy_map, bl); | |
86 | encode(tenant, bl); | |
87 | encode(max_session_duration, bl); | |
7c673cae FG |
88 | ENCODE_FINISH(bl); |
89 | } | |
90 | ||
11fdf7f2 | 91 | void decode(bufferlist::const_iterator& bl) { |
20effc67 | 92 | DECODE_START(3, bl); |
11fdf7f2 TL |
93 | decode(id, bl); |
94 | decode(name, bl); | |
95 | decode(path, bl); | |
96 | decode(arn, bl); | |
97 | decode(creation_date, bl); | |
98 | decode(trust_policy, bl); | |
99 | decode(perm_policy_map, bl); | |
31f18b77 | 100 | if (struct_v >= 2) { |
11fdf7f2 TL |
101 | decode(tenant, bl); |
102 | } | |
103 | if (struct_v >= 3) { | |
104 | decode(max_session_duration, bl); | |
31f18b77 | 105 | } |
7c673cae FG |
106 | DECODE_FINISH(bl); |
107 | } | |
108 | ||
20effc67 TL |
109 | const std::string& get_id() const { return id; } |
110 | const std::string& get_name() const { return name; } | |
111 | const std::string& get_tenant() const { return tenant; } | |
112 | const std::string& get_path() const { return path; } | |
113 | const std::string& get_create_date() const { return creation_date; } | |
114 | const std::string& get_assume_role_policy() const { return trust_policy;} | |
11fdf7f2 | 115 | const uint64_t& get_max_session_duration() const { return max_session_duration; } |
7c673cae | 116 | |
20effc67 | 117 | void set_id(const std::string& id) { this->id = id; } |
f91f0fd5 | 118 | |
20effc67 TL |
119 | virtual int create(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0; |
120 | virtual int delete_obj(const DoutPrefixProvider *dpp, optional_yield y) = 0; | |
b3b6e05e TL |
121 | int get(const DoutPrefixProvider *dpp, optional_yield y); |
122 | int get_by_id(const DoutPrefixProvider *dpp, optional_yield y); | |
123 | int update(const DoutPrefixProvider *dpp, optional_yield y); | |
20effc67 TL |
124 | void update_trust_policy(std::string& trust_policy); |
125 | void set_perm_policy(const std::string& policy_name, const std::string& perm_policy); | |
126 | std::vector<std::string> get_role_policy_names(); | |
127 | int get_role_policy(const DoutPrefixProvider* dpp, const std::string& policy_name, std::string& perm_policy); | |
128 | int delete_policy(const DoutPrefixProvider* dpp, const std::string& policy_name); | |
129 | int set_tags(const DoutPrefixProvider* dpp, const std::multimap<std::string,std::string>& tags_map); | |
130 | boost::optional<std::multimap<std::string,std::string>> get_tags(); | |
131 | void erase_tags(const std::vector<std::string>& tagKeys); | |
7c673cae FG |
132 | void dump(Formatter *f) const; |
133 | void decode_json(JSONObj *obj); | |
134 | ||
20effc67 TL |
135 | static const std::string& get_names_oid_prefix(); |
136 | static const std::string& get_info_oid_prefix(); | |
137 | static const std::string& get_path_oid_prefix(); | |
7c673cae FG |
138 | }; |
139 | WRITE_CLASS_ENCODER(RGWRole) | |
20effc67 | 140 | } } // namespace rgw::sal |
7c673cae | 141 | #endif /* CEPH_RGW_ROLE_H */ |