1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab ft=cpp
8 #include "common/async/yield_context.h"
10 #include "common/ceph_json.h"
11 #include "common/ceph_context.h"
12 #include "rgw_rados.h"
13 #include "rgw_metadata.h"
17 namespace rgw
{ namespace sal
{
24 std::string creation_date
;
25 std::string trust_policy
;
26 std::map
<std::string
, std::string
> perm_policy_map
;
28 uint64_t max_session_duration
;
29 std::multimap
<std::string
,std::string
> tags
;
30 std::map
<std::string
, bufferlist
> attrs
;
31 RGWObjVersionTracker objv_tracker
;
34 RGWRoleInfo() = default;
36 ~RGWRoleInfo() = default;
38 void encode(bufferlist
& bl
) const {
39 ENCODE_START(3, 1, bl
);
44 encode(creation_date
, bl
);
45 encode(trust_policy
, bl
);
46 encode(perm_policy_map
, bl
);
48 encode(max_session_duration
, bl
);
52 void decode(bufferlist::const_iterator
& bl
) {
58 decode(creation_date
, bl
);
59 decode(trust_policy
, bl
);
60 decode(perm_policy_map
, bl
);
65 decode(max_session_duration
, bl
);
70 void dump(Formatter
*f
) const;
71 void decode_json(JSONObj
*obj
);
73 WRITE_CLASS_ENCODER(RGWRoleInfo
)
78 static const std::string role_name_oid_prefix
;
79 static const std::string role_oid_prefix
;
80 static const std::string role_path_oid_prefix
;
81 static const std::string role_arn_prefix
;
82 static constexpr int MAX_ROLE_NAME_LEN
= 64;
83 static constexpr int MAX_PATH_NAME_LEN
= 512;
84 static constexpr uint64_t SESSION_DURATION_MIN
= 3600; // in seconds
85 static constexpr uint64_t SESSION_DURATION_MAX
= 43200; // in seconds
89 virtual int store_info(const DoutPrefixProvider
*dpp
, bool exclusive
, optional_yield y
) = 0;
90 virtual int store_name(const DoutPrefixProvider
*dpp
, bool exclusive
, optional_yield y
) = 0;
91 virtual int store_path(const DoutPrefixProvider
*dpp
, bool exclusive
, optional_yield y
) = 0;
92 virtual int read_id(const DoutPrefixProvider
*dpp
, const std::string
& role_name
, const std::string
& tenant
, std::string
& role_id
, optional_yield y
) = 0;
93 virtual int read_name(const DoutPrefixProvider
*dpp
, optional_yield y
) = 0;
94 virtual int read_info(const DoutPrefixProvider
*dpp
, optional_yield y
) = 0;
95 bool validate_max_session_duration(const DoutPrefixProvider
* dpp
);
96 bool validate_input(const DoutPrefixProvider
* dpp
);
97 void extract_name_tenant(const std::string
& str
);
99 RGWRole(std::string name
,
102 std::string trust_policy
="",
103 std::string max_session_duration_str
="",
104 std::multimap
<std::string
,std::string
> tags
={});
106 explicit RGWRole(std::string id
);
108 explicit RGWRole(const RGWRoleInfo
& info
) : info(info
) {}
112 virtual ~RGWRole() = default;
114 const std::string
& get_id() const { return info
.id
; }
115 const std::string
& get_name() const { return info
.name
; }
116 const std::string
& get_tenant() const { return info
.tenant
; }
117 const std::string
& get_path() const { return info
.path
; }
118 const std::string
& get_create_date() const { return info
.creation_date
; }
119 const std::string
& get_assume_role_policy() const { return info
.trust_policy
;}
120 const uint64_t& get_max_session_duration() const { return info
.max_session_duration
; }
121 const RGWObjVersionTracker
& get_objv_tracker() const { return info
.objv_tracker
; }
122 const real_time
& get_mtime() const { return info
.mtime
; }
123 std::map
<std::string
, bufferlist
>& get_attrs() { return info
.attrs
; }
124 RGWRoleInfo
& get_info() { return info
; }
126 void set_id(const std::string
& id
) { this->info
.id
= id
; }
127 void set_mtime(const real_time
& mtime
) { this->info
.mtime
= mtime
; }
129 virtual int create(const DoutPrefixProvider
*dpp
, bool exclusive
, const std::string
&role_id
, optional_yield y
) = 0;
130 virtual int delete_obj(const DoutPrefixProvider
*dpp
, optional_yield y
) = 0;
131 int get(const DoutPrefixProvider
*dpp
, optional_yield y
);
132 int get_by_id(const DoutPrefixProvider
*dpp
, optional_yield y
);
133 int update(const DoutPrefixProvider
*dpp
, optional_yield y
);
134 void update_trust_policy(std::string
& trust_policy
);
135 void set_perm_policy(const std::string
& policy_name
, const std::string
& perm_policy
);
136 std::vector
<std::string
> get_role_policy_names();
137 int get_role_policy(const DoutPrefixProvider
* dpp
, const std::string
& policy_name
, std::string
& perm_policy
);
138 int delete_policy(const DoutPrefixProvider
* dpp
, const std::string
& policy_name
);
139 int set_tags(const DoutPrefixProvider
* dpp
, const std::multimap
<std::string
,std::string
>& tags_map
);
140 boost::optional
<std::multimap
<std::string
,std::string
>> get_tags();
141 void erase_tags(const std::vector
<std::string
>& tagKeys
);
142 void update_max_session_duration(const std::string
& max_session_duration_str
);
143 void dump(Formatter
*f
) const;
144 void decode_json(JSONObj
*obj
);
146 static const std::string
& get_names_oid_prefix();
147 static const std::string
& get_info_oid_prefix();
148 static const std::string
& get_path_oid_prefix();
151 class RGWRoleMetadataObject
: public RGWMetadataObject
{
155 RGWRoleMetadataObject() = default;
156 RGWRoleMetadataObject(RGWRoleInfo
& info
,
157 const obj_version
& v
,
159 Driver
* driver
) : RGWMetadataObject(v
,m
), info(info
), driver(driver
) {}
161 void dump(Formatter
*f
) const override
{
165 RGWRoleInfo
& get_role_info() {
169 Driver
* get_driver() {
174 class RGWRoleMetadataHandler
: public RGWMetadataHandler_GenericMetaBE
177 RGWRoleMetadataHandler(Driver
* driver
, RGWSI_Role_RADOS
*role_svc
);
179 std::string
get_type() final
{ return "roles"; }
181 RGWMetadataObject
*get_meta_obj(JSONObj
*jo
,
182 const obj_version
& objv
,
183 const ceph::real_time
& mtime
);
185 int do_get(RGWSI_MetaBackend_Handler::Op
*op
,
187 RGWMetadataObject
**obj
,
189 const DoutPrefixProvider
*dpp
) final
;
191 int do_remove(RGWSI_MetaBackend_Handler::Op
*op
,
193 RGWObjVersionTracker
& objv_tracker
,
195 const DoutPrefixProvider
*dpp
) final
;
197 int do_put(RGWSI_MetaBackend_Handler::Op
*op
,
199 RGWMetadataObject
*obj
,
200 RGWObjVersionTracker
& objv_tracker
,
202 const DoutPrefixProvider
*dpp
,
203 RGWMDLogSyncType type
,
204 bool from_remote_zone
) override
;
209 } } // namespace rgw::sal