]>
Commit | Line | Data |
---|---|---|
11fdf7f2 | 1 | // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- |
9f95a23c | 2 | // vim: ts=8 sw=2 smarttab ft=cpp |
11fdf7f2 | 3 | |
7c673cae FG |
4 | #ifndef CEPH_RGW_ROLE_H |
5 | #define CEPH_RGW_ROLE_H | |
6 | ||
11fdf7f2 TL |
7 | #include <string> |
8 | ||
f67539c2 TL |
9 | #include "common/async/yield_context.h" |
10 | ||
11 | #include "common/ceph_json.h" | |
11fdf7f2 TL |
12 | #include "common/ceph_context.h" |
13 | ||
f67539c2 TL |
14 | #include "rgw/rgw_rados.h" |
15 | ||
16 | struct RGWCtl; | |
11fdf7f2 | 17 | |
7c673cae FG |
18 | class RGWRole |
19 | { | |
11fdf7f2 | 20 | using string = std::string; |
7c673cae FG |
21 | static const string role_name_oid_prefix; |
22 | static const string role_oid_prefix; | |
23 | static const string role_path_oid_prefix; | |
24 | static const string role_arn_prefix; | |
31f18b77 FG |
25 | static constexpr int MAX_ROLE_NAME_LEN = 64; |
26 | static constexpr int MAX_PATH_NAME_LEN = 512; | |
11fdf7f2 TL |
27 | static constexpr uint64_t SESSION_DURATION_MIN = 3600; // in seconds |
28 | static constexpr uint64_t SESSION_DURATION_MAX = 43200; // in seconds | |
7c673cae FG |
29 | |
30 | CephContext *cct; | |
9f95a23c | 31 | RGWCtl *ctl; |
7c673cae FG |
32 | string id; |
33 | string name; | |
34 | string path; | |
35 | string arn; | |
36 | string creation_date; | |
37 | string trust_policy; | |
38 | map<string, string> perm_policy_map; | |
31f18b77 | 39 | string tenant; |
11fdf7f2 | 40 | uint64_t max_session_duration; |
7c673cae | 41 | |
b3b6e05e TL |
42 | int store_info(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y); |
43 | int store_name(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y); | |
44 | int store_path(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y); | |
45 | int read_id(const DoutPrefixProvider *dpp, const string& role_name, const string& tenant, string& role_id, optional_yield y); | |
46 | int read_name(const DoutPrefixProvider *dpp, optional_yield y); | |
47 | int read_info(const DoutPrefixProvider *dpp, optional_yield y); | |
31f18b77 FG |
48 | bool validate_input(); |
49 | void extract_name_tenant(const std::string& str); | |
7c673cae FG |
50 | |
51 | public: | |
52 | RGWRole(CephContext *cct, | |
9f95a23c | 53 | RGWCtl *ctl, |
7c673cae FG |
54 | string name, |
55 | string path, | |
56 | string trust_policy, | |
11fdf7f2 TL |
57 | string tenant, |
58 | string max_session_duration_str="") | |
7c673cae | 59 | : cct(cct), |
9f95a23c | 60 | ctl(ctl), |
7c673cae FG |
61 | name(std::move(name)), |
62 | path(std::move(path)), | |
63 | trust_policy(std::move(trust_policy)), | |
31f18b77 | 64 | tenant(std::move(tenant)) { |
7c673cae FG |
65 | if (this->path.empty()) |
66 | this->path = "/"; | |
31f18b77 | 67 | extract_name_tenant(this->name); |
11fdf7f2 TL |
68 | if (max_session_duration_str.empty()) { |
69 | max_session_duration = SESSION_DURATION_MIN; | |
70 | } else { | |
71 | max_session_duration = std::stoull(max_session_duration_str); | |
72 | } | |
7c673cae FG |
73 | } |
74 | ||
75 | RGWRole(CephContext *cct, | |
9f95a23c | 76 | RGWCtl *ctl, |
31f18b77 FG |
77 | string name, |
78 | string tenant) | |
79 | : cct(cct), | |
9f95a23c | 80 | ctl(ctl), |
31f18b77 FG |
81 | name(std::move(name)), |
82 | tenant(std::move(tenant)) { | |
83 | extract_name_tenant(this->name); | |
84 | } | |
85 | ||
86 | RGWRole(CephContext *cct, | |
9f95a23c | 87 | RGWCtl *ctl, |
31f18b77 | 88 | string id) |
7c673cae | 89 | : cct(cct), |
9f95a23c | 90 | ctl(ctl), |
31f18b77 | 91 | id(std::move(id)) {} |
7c673cae FG |
92 | |
93 | RGWRole(CephContext *cct, | |
9f95a23c | 94 | RGWCtl *ctl) |
7c673cae | 95 | : cct(cct), |
9f95a23c | 96 | ctl(ctl) {} |
7c673cae FG |
97 | |
98 | RGWRole() {} | |
99 | ||
100 | ~RGWRole() = default; | |
101 | ||
102 | void encode(bufferlist& bl) const { | |
11fdf7f2 TL |
103 | ENCODE_START(3, 1, bl); |
104 | encode(id, bl); | |
105 | encode(name, bl); | |
106 | encode(path, bl); | |
107 | encode(arn, bl); | |
108 | encode(creation_date, bl); | |
109 | encode(trust_policy, bl); | |
110 | encode(perm_policy_map, bl); | |
111 | encode(tenant, bl); | |
112 | encode(max_session_duration, bl); | |
7c673cae FG |
113 | ENCODE_FINISH(bl); |
114 | } | |
115 | ||
11fdf7f2 | 116 | void decode(bufferlist::const_iterator& bl) { |
31f18b77 | 117 | DECODE_START(2, bl); |
11fdf7f2 TL |
118 | decode(id, bl); |
119 | decode(name, bl); | |
120 | decode(path, bl); | |
121 | decode(arn, bl); | |
122 | decode(creation_date, bl); | |
123 | decode(trust_policy, bl); | |
124 | decode(perm_policy_map, bl); | |
31f18b77 | 125 | if (struct_v >= 2) { |
11fdf7f2 TL |
126 | decode(tenant, bl); |
127 | } | |
128 | if (struct_v >= 3) { | |
129 | decode(max_session_duration, bl); | |
31f18b77 | 130 | } |
7c673cae FG |
131 | DECODE_FINISH(bl); |
132 | } | |
133 | ||
134 | const string& get_id() const { return id; } | |
135 | const string& get_name() const { return name; } | |
f91f0fd5 | 136 | const string& get_tenant() const { return tenant; } |
7c673cae FG |
137 | const string& get_path() const { return path; } |
138 | const string& get_create_date() const { return creation_date; } | |
31f18b77 | 139 | const string& get_assume_role_policy() const { return trust_policy;} |
11fdf7f2 | 140 | const uint64_t& get_max_session_duration() const { return max_session_duration; } |
7c673cae | 141 | |
f91f0fd5 TL |
142 | void set_id(const string& id) { this->id = id; } |
143 | ||
b3b6e05e TL |
144 | int create(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y); |
145 | int delete_obj(const DoutPrefixProvider *dpp, optional_yield y); | |
146 | int get(const DoutPrefixProvider *dpp, optional_yield y); | |
147 | int get_by_id(const DoutPrefixProvider *dpp, optional_yield y); | |
148 | int update(const DoutPrefixProvider *dpp, optional_yield y); | |
7c673cae FG |
149 | void update_trust_policy(string& trust_policy); |
150 | void set_perm_policy(const string& policy_name, const string& perm_policy); | |
151 | vector<string> get_role_policy_names(); | |
152 | int get_role_policy(const string& policy_name, string& perm_policy); | |
153 | int delete_policy(const string& policy_name); | |
154 | void dump(Formatter *f) const; | |
155 | void decode_json(JSONObj *obj); | |
156 | ||
157 | static const string& get_names_oid_prefix(); | |
158 | static const string& get_info_oid_prefix(); | |
159 | static const string& get_path_oid_prefix(); | |
b3b6e05e TL |
160 | static int get_roles_by_path_prefix(const DoutPrefixProvider *dpp, |
161 | RGWRados *store, | |
31f18b77 FG |
162 | CephContext *cct, |
163 | const string& path_prefix, | |
164 | const string& tenant, | |
f67539c2 TL |
165 | vector<RGWRole>& roles, |
166 | optional_yield y); | |
7c673cae FG |
167 | }; |
168 | WRITE_CLASS_ENCODER(RGWRole) | |
169 | #endif /* CEPH_RGW_ROLE_H */ |