[ceph.git] / ceph / src / rgw / rgw_role.h

// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab ft=cpp

#ifndef CEPH_RGW_ROLE_H
#define CEPH_RGW_ROLE_H

#include <string>

#include "common/async/yield_context.h"

#include "common/ceph_json.h"
#include "common/ceph_context.h"

#include "rgw/rgw_rados.h"

struct RGWCtl;

class RGWRole
{
  using string = std::string;
  static const string role_name_oid_prefix;
  static const string role_oid_prefix;
  static const string role_path_oid_prefix;
  static const string role_arn_prefix;
  static constexpr int MAX_ROLE_NAME_LEN = 64;
  static constexpr int MAX_PATH_NAME_LEN = 512;
  static constexpr uint64_t SESSION_DURATION_MIN = 3600; // in seconds
  static constexpr uint64_t SESSION_DURATION_MAX = 43200; // in seconds

  CephContext *cct;
  RGWCtl *ctl;
  string id;
  string name;
  string path;
  string arn;
  string creation_date;
  string trust_policy;
  map<string, string> perm_policy_map;
  string tenant;
  uint64_t max_session_duration;

  int store_info(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y);
  int store_name(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y);
  int store_path(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y);
  int read_id(const DoutPrefixProvider *dpp, const string& role_name, const string& tenant, string& role_id, optional_yield y);
  int read_name(const DoutPrefixProvider *dpp, optional_yield y);
  int read_info(const DoutPrefixProvider *dpp, optional_yield y);
  bool validate_input();
  void extract_name_tenant(const std::string& str);

public:
  RGWRole(CephContext *cct,
          RGWCtl *ctl,
          string name,
          string path,
          string trust_policy,
          string tenant,
          string max_session_duration_str="")
  : cct(cct),
    ctl(ctl),
    name(std::move(name)),
    path(std::move(path)),
    trust_policy(std::move(trust_policy)),
    tenant(std::move(tenant)) {
    if (this->path.empty())
      this->path = "/";
    extract_name_tenant(this->name);
    if (max_session_duration_str.empty()) {
      max_session_duration = SESSION_DURATION_MIN;
    } else {
      max_session_duration = std::stoull(max_session_duration_str);
    }
  }

  RGWRole(CephContext *cct,
          RGWCtl *ctl,
          string name,
          string tenant)
  : cct(cct),
    ctl(ctl),
    name(std::move(name)),
    tenant(std::move(tenant)) {
    extract_name_tenant(this->name);
  }

  RGWRole(CephContext *cct,
          RGWCtl *ctl,
          string id)
  : cct(cct),
    ctl(ctl),
    id(std::move(id)) {}

  RGWRole(CephContext *cct,
          RGWCtl *ctl)
  : cct(cct),
    ctl(ctl) {}

  RGWRole() {}

  ~RGWRole() = default;

  void encode(bufferlist& bl) const {
    ENCODE_START(3, 1, bl);
    encode(id, bl);
    encode(name, bl);
    encode(path, bl);
    encode(arn, bl);
    encode(creation_date, bl);
    encode(trust_policy, bl);
    encode(perm_policy_map, bl);
    encode(tenant, bl);
    encode(max_session_duration, bl);
    ENCODE_FINISH(bl);
  }

  void decode(bufferlist::const_iterator& bl) {
    DECODE_START(2, bl);
    decode(id, bl);
    decode(name, bl);
    decode(path, bl);
    decode(arn, bl);
    decode(creation_date, bl);
    decode(trust_policy, bl);
    decode(perm_policy_map, bl);
    if (struct_v >= 2) {
      decode(tenant, bl);
    }
    if (struct_v >= 3) {
      decode(max_session_duration, bl);
    }
    DECODE_FINISH(bl);
  }

  const string& get_id() const { return id; }
  const string& get_name() const { return name; }
  const string& get_tenant() const { return tenant; }
  const string& get_path() const { return path; }
  const string& get_create_date() const { return creation_date; }
  const string& get_assume_role_policy() const { return trust_policy;}
  const uint64_t& get_max_session_duration() const { return max_session_duration; }

  void set_id(const string& id) { this->id = id; }

  int create(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y);
  int delete_obj(const DoutPrefixProvider *dpp, optional_yield y);
  int get(const DoutPrefixProvider *dpp, optional_yield y);
  int get_by_id(const DoutPrefixProvider *dpp, optional_yield y);
  int update(const DoutPrefixProvider *dpp, optional_yield y);
  void update_trust_policy(string& trust_policy);
  void set_perm_policy(const string& policy_name, const string& perm_policy);
  vector<string> get_role_policy_names();
  int get_role_policy(const string& policy_name, string& perm_policy);
  int delete_policy(const string& policy_name);
  void dump(Formatter *f) const;
  void decode_json(JSONObj *obj);

  static const string& get_names_oid_prefix();
  static const string& get_info_oid_prefix();
  static const string& get_path_oid_prefix();
  static int get_roles_by_path_prefix(const DoutPrefixProvider *dpp, 
                                      RGWRados *store,
                                      CephContext *cct,
                                      const string& path_prefix,
                                      const string& tenant,
                                      vector<RGWRole>& roles,
				      optional_yield y);
};
WRITE_CLASS_ENCODER(RGWRole)
#endif /* CEPH_RGW_ROLE_H */
Commit	Line	Data
11fdf7f2	1	// -- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t --
9f95a23c	2	// vim: ts=8 sw=2 smarttab ft=cpp
11fdf7f2	3
7c673cae FG	4	#ifndef CEPH_RGW_ROLE_H
	5	#define CEPH_RGW_ROLE_H
	6
11fdf7f2 TL	7	#include <string>
11fdf7f2 TL	8
f67539c2 TL	9	#include "common/async/yield_context.h"
	10
	11	#include "common/ceph_json.h"
11fdf7f2 TL	12	#include "common/ceph_context.h"
11fdf7f2 TL	13
f67539c2 TL	14	#include "rgw/rgw_rados.h"
	15
	16	struct RGWCtl;
11fdf7f2	17
7c673cae FG	18	class RGWRole
7c673cae FG	19	{
11fdf7f2	20	using string = std::string;
7c673cae FG	21	static const string role_name_oid_prefix;
	22	static const string role_oid_prefix;
	23	static const string role_path_oid_prefix;
	24	static const string role_arn_prefix;
31f18b77 FG	25	static constexpr int MAX_ROLE_NAME_LEN = 64;
31f18b77 FG	26	static constexpr int MAX_PATH_NAME_LEN = 512;
11fdf7f2 TL	27	static constexpr uint64_t SESSION_DURATION_MIN = 3600; // in seconds
11fdf7f2 TL	28	static constexpr uint64_t SESSION_DURATION_MAX = 43200; // in seconds
7c673cae FG	29
7c673cae FG	30	CephContext *cct;
9f95a23c	31	RGWCtl *ctl;
7c673cae FG	32	string id;
	33	string name;
	34	string path;
	35	string arn;
	36	string creation_date;
	37	string trust_policy;
	38	map<string, string> perm_policy_map;
31f18b77	39	string tenant;
11fdf7f2	40	uint64_t max_session_duration;
7c673cae	41
b3b6e05e TL	42	int store_info(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y);
	43	int store_name(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y);
	44	int store_path(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y);
	45	int read_id(const DoutPrefixProvider *dpp, const string& role_name, const string& tenant, string& role_id, optional_yield y);
	46	int read_name(const DoutPrefixProvider *dpp, optional_yield y);
	47	int read_info(const DoutPrefixProvider *dpp, optional_yield y);
31f18b77 FG	48	bool validate_input();
31f18b77 FG	49	void extract_name_tenant(const std::string& str);
7c673cae FG	50
	51	public:
	52	RGWRole(CephContext *cct,
9f95a23c	53	RGWCtl *ctl,
7c673cae FG	54	string name,
	55	string path,
	56	string trust_policy,
11fdf7f2 TL	57	string tenant,
11fdf7f2 TL	58	string max_session_duration_str="")
7c673cae	59	: cct(cct),
9f95a23c	60	ctl(ctl),
7c673cae FG	61	name(std::move(name)),
	62	path(std::move(path)),
	63	trust_policy(std::move(trust_policy)),
31f18b77	64	tenant(std::move(tenant)) {
7c673cae FG	65	if (this->path.empty())
7c673cae FG	66	this->path = "/";
31f18b77	67	extract_name_tenant(this->name);
11fdf7f2 TL	68	if (max_session_duration_str.empty()) {
	69	max_session_duration = SESSION_DURATION_MIN;
	70	} else {
	71	max_session_duration = std::stoull(max_session_duration_str);
	72	}
7c673cae FG	73	}
	74
	75	RGWRole(CephContext *cct,
9f95a23c	76	RGWCtl *ctl,
31f18b77 FG	77	string name,
	78	string tenant)
	79	: cct(cct),
9f95a23c	80	ctl(ctl),
31f18b77 FG	81	name(std::move(name)),
	82	tenant(std::move(tenant)) {
	83	extract_name_tenant(this->name);
	84	}
	85
	86	RGWRole(CephContext *cct,
9f95a23c	87	RGWCtl *ctl,
31f18b77	88	string id)
7c673cae	89	: cct(cct),
9f95a23c	90	ctl(ctl),
31f18b77	91	id(std::move(id)) {}
7c673cae FG	92
7c673cae FG	93	RGWRole(CephContext *cct,
9f95a23c	94	RGWCtl *ctl)
7c673cae	95	: cct(cct),
9f95a23c	96	ctl(ctl) {}
7c673cae FG	97
	98	RGWRole() {}
	99
	100	~RGWRole() = default;
	101
	102	void encode(bufferlist& bl) const {
11fdf7f2 TL	103	ENCODE_START(3, 1, bl);
	104	encode(id, bl);
	105	encode(name, bl);
	106	encode(path, bl);
	107	encode(arn, bl);
	108	encode(creation_date, bl);
	109	encode(trust_policy, bl);
	110	encode(perm_policy_map, bl);
	111	encode(tenant, bl);
	112	encode(max_session_duration, bl);
7c673cae FG	113	ENCODE_FINISH(bl);
	114	}
	115
11fdf7f2	116	void decode(bufferlist::const_iterator& bl) {
31f18b77	117	DECODE_START(2, bl);
11fdf7f2 TL	118	decode(id, bl);
	119	decode(name, bl);
	120	decode(path, bl);
	121	decode(arn, bl);
	122	decode(creation_date, bl);
	123	decode(trust_policy, bl);
	124	decode(perm_policy_map, bl);
31f18b77	125	if (struct_v >= 2) {
11fdf7f2 TL	126	decode(tenant, bl);
	127	}
	128	if (struct_v >= 3) {
	129	decode(max_session_duration, bl);
31f18b77	130	}
7c673cae FG	131	DECODE_FINISH(bl);
	132	}
	133
	134	const string& get_id() const { return id; }
	135	const string& get_name() const { return name; }
f91f0fd5	136	const string& get_tenant() const { return tenant; }
7c673cae FG	137	const string& get_path() const { return path; }
7c673cae FG	138	const string& get_create_date() const { return creation_date; }
31f18b77	139	const string& get_assume_role_policy() const { return trust_policy;}
11fdf7f2	140	const uint64_t& get_max_session_duration() const { return max_session_duration; }
7c673cae	141
f91f0fd5 TL	142	void set_id(const string& id) { this->id = id; }
f91f0fd5 TL	143
b3b6e05e TL	144	int create(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y);
	145	int delete_obj(const DoutPrefixProvider *dpp, optional_yield y);
	146	int get(const DoutPrefixProvider *dpp, optional_yield y);
	147	int get_by_id(const DoutPrefixProvider *dpp, optional_yield y);
	148	int update(const DoutPrefixProvider *dpp, optional_yield y);
7c673cae FG	149	void update_trust_policy(string& trust_policy);
	150	void set_perm_policy(const string& policy_name, const string& perm_policy);
	151	vector<string> get_role_policy_names();
	152	int get_role_policy(const string& policy_name, string& perm_policy);
	153	int delete_policy(const string& policy_name);
	154	void dump(Formatter *f) const;
	155	void decode_json(JSONObj *obj);
	156
	157	static const string& get_names_oid_prefix();
	158	static const string& get_info_oid_prefix();
	159	static const string& get_path_oid_prefix();
b3b6e05e TL	160	static int get_roles_by_path_prefix(const DoutPrefixProvider *dpp,
b3b6e05e TL	161	RGWRados *store,
31f18b77 FG	162	CephContext *cct,
	163	const string& path_prefix,
	164	const string& tenant,
f67539c2 TL	165	vector<RGWRole>& roles,
f67539c2 TL	166	optional_yield y);
7c673cae FG	167	};
	168	WRITE_CLASS_ENCODER(RGWRole)
	169	#endif /* CEPH_RGW_ROLE_H */