]> git.proxmox.com Git - ceph.git/blob - ceph/src/rgw/rgw_role.h
projects / ceph.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
update ceph source to reef 18.1.2
[ceph.git] / ceph / src / rgw / rgw_role.h
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab ft=cpp
3
4 #pragma once
5
6 #include <string>
7
8 #include "common/async/yield_context.h"
9
10 #include "common/ceph_json.h"
11 #include "common/ceph_context.h"
12 #include "rgw_rados.h"
13 #include "rgw_metadata.h"
14
15 class RGWRados;
16
17 namespace rgw { namespace sal {
18 struct RGWRoleInfo
19 {
20 std::string id;
21 std::string name;
22 std::string path;
23 std::string arn;
24 std::string creation_date;
25 std::string trust_policy;
26 std::map<std::string, std::string> perm_policy_map;
27 std::string tenant;
28 uint64_t max_session_duration;
29 std::multimap<std::string,std::string> tags;
30 std::map<std::string, bufferlist> attrs;
31 RGWObjVersionTracker objv_tracker;
32 real_time mtime;
33
34 RGWRoleInfo() = default;
35
36 ~RGWRoleInfo() = default;
37
38 void encode(bufferlist& bl) const {
39 ENCODE_START(3, 1, bl);
40 encode(id, bl);
41 encode(name, bl);
42 encode(path, bl);
43 encode(arn, bl);
44 encode(creation_date, bl);
45 encode(trust_policy, bl);
46 encode(perm_policy_map, bl);
47 encode(tenant, bl);
48 encode(max_session_duration, bl);
49 ENCODE_FINISH(bl);
50 }
51
52 void decode(bufferlist::const_iterator& bl) {
53 DECODE_START(3, bl);
54 decode(id, bl);
55 decode(name, bl);
56 decode(path, bl);
57 decode(arn, bl);
58 decode(creation_date, bl);
59 decode(trust_policy, bl);
60 decode(perm_policy_map, bl);
61 if (struct_v >= 2) {
62 decode(tenant, bl);
63 }
64 if (struct_v >= 3) {
65 decode(max_session_duration, bl);
66 }
67 DECODE_FINISH(bl);
68 }
69
70 void dump(Formatter *f) const;
71 void decode_json(JSONObj *obj);
72 };
73 WRITE_CLASS_ENCODER(RGWRoleInfo)
74
75 class RGWRole
76 {
77 public:
78 static const std::string role_name_oid_prefix;
79 static const std::string role_oid_prefix;
80 static const std::string role_path_oid_prefix;
81 static const std::string role_arn_prefix;
82 static constexpr int MAX_ROLE_NAME_LEN = 64;
83 static constexpr int MAX_PATH_NAME_LEN = 512;
84 static constexpr uint64_t SESSION_DURATION_MIN = 3600; // in seconds
85 static constexpr uint64_t SESSION_DURATION_MAX = 43200; // in seconds
86 protected:
87 RGWRoleInfo info;
88 public:
89 virtual int store_info(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0;
90 virtual int store_name(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0;
91 virtual int store_path(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y) = 0;
92 virtual int read_id(const DoutPrefixProvider *dpp, const std::string& role_name, const std::string& tenant, std::string& role_id, optional_yield y) = 0;
93 virtual int read_name(const DoutPrefixProvider *dpp, optional_yield y) = 0;
94 virtual int read_info(const DoutPrefixProvider *dpp, optional_yield y) = 0;
95 bool validate_max_session_duration(const DoutPrefixProvider* dpp);
96 bool validate_input(const DoutPrefixProvider* dpp);
97 void extract_name_tenant(const std::string& str);
98
99 RGWRole(std::string name,
100 std::string tenant,
101 std::string path="",
102 std::string trust_policy="",
103 std::string max_session_duration_str="",
104 std::multimap<std::string,std::string> tags={});
105
106 explicit RGWRole(std::string id);
107
108 explicit RGWRole(const RGWRoleInfo& info) : info(info) {}
109
110 RGWRole() = default;
111
112 virtual ~RGWRole() = default;
113
114 const std::string& get_id() const { return info.id; }
115 const std::string& get_name() const { return info.name; }
116 const std::string& get_tenant() const { return info.tenant; }
117 const std::string& get_path() const { return info.path; }
118 const std::string& get_create_date() const { return info.creation_date; }
119 const std::string& get_assume_role_policy() const { return info.trust_policy;}
120 const uint64_t& get_max_session_duration() const { return info.max_session_duration; }
121 const RGWObjVersionTracker& get_objv_tracker() const { return info.objv_tracker; }
122 const real_time& get_mtime() const { return info.mtime; }
123 std::map<std::string, bufferlist>& get_attrs() { return info.attrs; }
124 RGWRoleInfo& get_info() { return info; }
125
126 void set_id(const std::string& id) { this->info.id = id; }
127 void set_mtime(const real_time& mtime) { this->info.mtime = mtime; }
128
129 virtual int create(const DoutPrefixProvider *dpp, bool exclusive, const std::string &role_id, optional_yield y) = 0;
130 virtual int delete_obj(const DoutPrefixProvider *dpp, optional_yield y) = 0;
131 int get(const DoutPrefixProvider *dpp, optional_yield y);
132 int get_by_id(const DoutPrefixProvider *dpp, optional_yield y);
133 int update(const DoutPrefixProvider *dpp, optional_yield y);
134 void update_trust_policy(std::string& trust_policy);
135 void set_perm_policy(const std::string& policy_name, const std::string& perm_policy);
136 std::vector<std::string> get_role_policy_names();
137 int get_role_policy(const DoutPrefixProvider* dpp, const std::string& policy_name, std::string& perm_policy);
138 int delete_policy(const DoutPrefixProvider* dpp, const std::string& policy_name);
139 int set_tags(const DoutPrefixProvider* dpp, const std::multimap<std::string,std::string>& tags_map);
140 boost::optional<std::multimap<std::string,std::string>> get_tags();
141 void erase_tags(const std::vector<std::string>& tagKeys);
142 void update_max_session_duration(const std::string& max_session_duration_str);
143 void dump(Formatter *f) const;
144 void decode_json(JSONObj *obj);
145
146 static const std::string& get_names_oid_prefix();
147 static const std::string& get_info_oid_prefix();
148 static const std::string& get_path_oid_prefix();
149 };
150
151 class RGWRoleMetadataObject: public RGWMetadataObject {
152 RGWRoleInfo info;
153 Driver* driver;
154 public:
155 RGWRoleMetadataObject() = default;
156 RGWRoleMetadataObject(RGWRoleInfo& info,
157 const obj_version& v,
158 real_time m,
159 Driver* driver) : RGWMetadataObject(v,m), info(info), driver(driver) {}
160
161 void dump(Formatter *f) const override {
162 info.dump(f);
163 }
164
165 RGWRoleInfo& get_role_info() {
166 return info;
167 }
168
169 Driver* get_driver() {
170 return driver;
171 }
172 };
173
174 class RGWRoleMetadataHandler: public RGWMetadataHandler_GenericMetaBE
175 {
176 public:
177 RGWRoleMetadataHandler(Driver* driver, RGWSI_Role_RADOS *role_svc);
178
179 std::string get_type() final { return "roles"; }
180
181 RGWMetadataObject *get_meta_obj(JSONObj *jo,
182 const obj_version& objv,
183 const ceph::real_time& mtime);
184
185 int do_get(RGWSI_MetaBackend_Handler::Op *op,
186 std::string& entry,
187 RGWMetadataObject **obj,
188 optional_yield y,
189 const DoutPrefixProvider *dpp) final;
190
191 int do_remove(RGWSI_MetaBackend_Handler::Op *op,
192 std::string& entry,
193 RGWObjVersionTracker& objv_tracker,
194 optional_yield y,
195 const DoutPrefixProvider *dpp) final;
196
197 int do_put(RGWSI_MetaBackend_Handler::Op *op,
198 std::string& entr,
199 RGWMetadataObject *obj,
200 RGWObjVersionTracker& objv_tracker,
201 optional_yield y,
202 const DoutPrefixProvider *dpp,
203 RGWMDLogSyncType type,
204 bool from_remote_zone) override;
205
206 private:
207 Driver* driver;
208 };
209 } } // namespace rgw::sal
Ceph