1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab ft=cpp
4 #ifndef CEPH_RGW_ROLE_H
5 #define CEPH_RGW_ROLE_H
9 #include "common/async/yield_context.h"
11 #include "common/ceph_json.h"
12 #include "common/ceph_context.h"
14 #include "rgw/rgw_rados.h"
16 namespace rgw
{ namespace sal
{
21 static const std::string role_name_oid_prefix
;
22 static const std::string role_oid_prefix
;
23 static const std::string role_path_oid_prefix
;
24 static const std::string role_arn_prefix
;
25 static constexpr int MAX_ROLE_NAME_LEN
= 64;
26 static constexpr int MAX_PATH_NAME_LEN
= 512;
27 static constexpr uint64_t SESSION_DURATION_MIN
= 3600; // in seconds
28 static constexpr uint64_t SESSION_DURATION_MAX
= 43200; // in seconds
35 std::string creation_date
;
36 std::string trust_policy
;
37 std::map
<std::string
, std::string
> perm_policy_map
;
39 uint64_t max_session_duration
;
40 std::multimap
<std::string
,std::string
> tags
;
43 virtual int store_info(const DoutPrefixProvider
*dpp
, bool exclusive
, optional_yield y
) = 0;
44 virtual int store_name(const DoutPrefixProvider
*dpp
, bool exclusive
, optional_yield y
) = 0;
45 virtual int store_path(const DoutPrefixProvider
*dpp
, bool exclusive
, optional_yield y
) = 0;
46 virtual int read_id(const DoutPrefixProvider
*dpp
, const std::string
& role_name
, const std::string
& tenant
, std::string
& role_id
, optional_yield y
) = 0;
47 virtual int read_name(const DoutPrefixProvider
*dpp
, optional_yield y
) = 0;
48 virtual int read_info(const DoutPrefixProvider
*dpp
, optional_yield y
) = 0;
49 bool validate_input(const DoutPrefixProvider
* dpp
);
50 void extract_name_tenant(const std::string
& str
);
52 RGWRole(std::string name
,
55 std::string trust_policy
="",
56 std::string max_session_duration_str
="",
57 std::multimap
<std::string
,std::string
> tags
={})
58 : name(std::move(name
)),
59 path(std::move(path
)),
60 trust_policy(std::move(trust_policy
)),
61 tenant(std::move(tenant
)),
62 tags(std::move(tags
)) {
63 if (this->path
.empty())
65 extract_name_tenant(this->name
);
66 if (max_session_duration_str
.empty()) {
67 max_session_duration
= SESSION_DURATION_MIN
;
69 max_session_duration
= std::stoull(max_session_duration_str
);
73 RGWRole(std::string id
) : id(std::move(id
)) {}
75 virtual ~RGWRole() = default;
77 void encode(bufferlist
& bl
) const {
78 ENCODE_START(3, 1, bl
);
83 encode(creation_date
, bl
);
84 encode(trust_policy
, bl
);
85 encode(perm_policy_map
, bl
);
87 encode(max_session_duration
, bl
);
91 void decode(bufferlist::const_iterator
& bl
) {
97 decode(creation_date
, bl
);
98 decode(trust_policy
, bl
);
99 decode(perm_policy_map
, bl
);
104 decode(max_session_duration
, bl
);
109 const std::string
& get_id() const { return id
; }
110 const std::string
& get_name() const { return name
; }
111 const std::string
& get_tenant() const { return tenant
; }
112 const std::string
& get_path() const { return path
; }
113 const std::string
& get_create_date() const { return creation_date
; }
114 const std::string
& get_assume_role_policy() const { return trust_policy
;}
115 const uint64_t& get_max_session_duration() const { return max_session_duration
; }
117 void set_id(const std::string
& id
) { this->id
= id
; }
119 virtual int create(const DoutPrefixProvider
*dpp
, bool exclusive
, optional_yield y
) = 0;
120 virtual int delete_obj(const DoutPrefixProvider
*dpp
, optional_yield y
) = 0;
121 int get(const DoutPrefixProvider
*dpp
, optional_yield y
);
122 int get_by_id(const DoutPrefixProvider
*dpp
, optional_yield y
);
123 int update(const DoutPrefixProvider
*dpp
, optional_yield y
);
124 void update_trust_policy(std::string
& trust_policy
);
125 void set_perm_policy(const std::string
& policy_name
, const std::string
& perm_policy
);
126 std::vector
<std::string
> get_role_policy_names();
127 int get_role_policy(const DoutPrefixProvider
* dpp
, const std::string
& policy_name
, std::string
& perm_policy
);
128 int delete_policy(const DoutPrefixProvider
* dpp
, const std::string
& policy_name
);
129 int set_tags(const DoutPrefixProvider
* dpp
, const std::multimap
<std::string
,std::string
>& tags_map
);
130 boost::optional
<std::multimap
<std::string
,std::string
>> get_tags();
131 void erase_tags(const std::vector
<std::string
>& tagKeys
);
132 void dump(Formatter
*f
) const;
133 void decode_json(JSONObj
*obj
);
135 static const std::string
& get_names_oid_prefix();
136 static const std::string
& get_info_oid_prefix();
137 static const std::string
& get_path_oid_prefix();
139 WRITE_CLASS_ENCODER(RGWRole
)
140 } } // namespace rgw::sal
141 #endif /* CEPH_RGW_ROLE_H */