]>
git.proxmox.com Git - ceph.git/blob - ceph/src/rgw/rgw_rest_iam.cc
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab ft=cpp
4 #include <boost/tokenizer.hpp>
6 #include "rgw_auth_s3.h"
7 #include "rgw_rest_iam.h"
9 #include "rgw_rest_role.h"
10 #include "rgw_rest_user_policy.h"
11 #include "rgw_rest_oidc_provider.h"
13 #define dout_context g_ceph_context
14 #define dout_subsys ceph_subsys_rgw
18 using op_generator
= RGWOp
*(*)(const bufferlist
&);
19 static const std::unordered_map
<std::string_view
, op_generator
> op_generators
= {
20 {"CreateRole", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWCreateRole(bl_post_body
);}},
21 {"DeleteRole", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWDeleteRole(bl_post_body
);}},
22 {"GetRole", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWGetRole
;}},
23 {"UpdateAssumeRolePolicy", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWModifyRoleTrustPolicy(bl_post_body
);}},
24 {"ListRoles", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWListRoles
;}},
25 {"PutRolePolicy", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWPutRolePolicy(bl_post_body
);}},
26 {"GetRolePolicy", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWGetRolePolicy
;}},
27 {"ListRolePolicies", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWListRolePolicies
;}},
28 {"DeleteRolePolicy", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWDeleteRolePolicy(bl_post_body
);}},
29 {"PutUserPolicy", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWPutUserPolicy
;}},
30 {"GetUserPolicy", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWGetUserPolicy
;}},
31 {"ListUserPolicies", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWListUserPolicies
;}},
32 {"DeleteUserPolicy", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWDeleteUserPolicy
;}},
33 {"CreateOpenIDConnectProvider", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWCreateOIDCProvider
;}},
34 {"ListOpenIDConnectProviders", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWListOIDCProviders
;}},
35 {"GetOpenIDConnectProvider", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWGetOIDCProvider
;}},
36 {"DeleteOpenIDConnectProvider", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWDeleteOIDCProvider
;}},
37 {"TagRole", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWTagRole(bl_post_body
);}},
38 {"ListRoleTags", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWListRoleTags
;}},
39 {"UntagRole", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWUntagRole(bl_post_body
);}},
40 {"UpdateRole", [](const bufferlist
& bl_post_body
) -> RGWOp
* {return new RGWUpdateRole(bl_post_body
);}}
43 bool RGWHandler_REST_IAM::action_exists(const req_state
* s
)
45 if (s
->info
.args
.exists("Action")) {
46 const std::string action_name
= s
->info
.args
.get("Action");
47 return op_generators
.contains(action_name
);
52 RGWOp
*RGWHandler_REST_IAM::op_post()
54 if (s
->info
.args
.exists("Action")) {
55 const std::string action_name
= s
->info
.args
.get("Action");
56 const auto action_it
= op_generators
.find(action_name
);
57 if (action_it
!= op_generators
.end()) {
58 return action_it
->second(bl_post_body
);
60 ldpp_dout(s
, 10) << "unknown action '" << action_name
<< "' for IAM handler" << dendl
;
62 ldpp_dout(s
, 10) << "missing action argument in IAM handler" << dendl
;
67 int RGWHandler_REST_IAM::init(rgw::sal::Driver
* driver
,
69 rgw::io::BasicClient
*cio
)
72 s
->prot_flags
= RGW_REST_IAM
;
74 return RGWHandler_REST::init(driver
, s
, cio
);
77 int RGWHandler_REST_IAM::authorize(const DoutPrefixProvider
* dpp
, optional_yield y
)
79 return RGW_Auth_S3::authorize(dpp
, driver
, auth_registry
, s
, y
);
83 RGWRESTMgr_IAM::get_handler(rgw::sal::Driver
* driver
,
85 const rgw::auth::StrategyRegistry
& auth_registry
,
86 const std::string
& frontend_prefix
)
89 return new RGWHandler_REST_IAM(auth_registry
, bl
);