xrootd
XrdAccAccess.hh
Go to the documentation of this file.
1 #ifndef __ACC_ACCESS__
2 #define __ACC_ACCESS__
3 /******************************************************************************/
4 /* */
5 /* X r d A c c A c c e s s . h h */
6 /* */
7 /* (c) 2003 by the Board of Trustees of the Leland Stanford, Jr., University */
8 /* All Rights Reserved */
9 /* Produced by Andrew Hanushevsky for Stanford University under contract */
10 /* DE-AC03-76-SFO0515 with the Department of Energy */
11 /******************************************************************************/
12 
13 // $Id$
14 
15 #include "XrdAcc/XrdAccAudit.hh"
16 #include "XrdAcc/XrdAccAuthorize.hh"
17 #include "XrdAcc/XrdAccCapability.hh"
18 #include "XrdSec/XrdSecEntity.hh"
19 #include "XrdOuc/XrdOucHash.hh"
20 #include "XrdSys/XrdSysXSLock.hh"
21 #include "XrdSys/XrdSysPlatform.hh"
22 
23 /******************************************************************************/
24 /* A c c e s s _ I D _ T y p e */
25 /******************************************************************************/
26 
27 // The following are supported id types for access() checking
28 //
29 enum Access_ID_Type {AID_Group,
30  AID_Host,
31  AID_Netgroup,
32  AID_Set,
33  AID_Template,
34  AID_User
35  };
36 
37 /******************************************************************************/
38 /* S e t T a b s P a r a m e t e r */
39 /******************************************************************************/
40 
41 struct XrdAccAccess_Tables
42  {XrdOucHash<XrdAccCapability> *G_Hash; // Groups
43  XrdOucHash<XrdAccCapability> *H_Hash; // Hosts
44  XrdOucHash<XrdAccCapability> *N_Hash; // Netgroups
45  XrdOucHash<XrdAccCapability> *S_Hash; // Sets
46  XrdOucHash<XrdAccCapability> *T_Hash; // Templates
47  XrdOucHash<XrdAccCapability> *U_Hash; // Users
48  XrdAccCapName *D_List; // Domains
49  XrdAccCapName *E_List; // Domains (end of list)
50  XrdAccCapability *X_List; // Fungable capbailities
51  XrdAccCapability *Z_List; // Default capbailities
52 
53  XrdAccAccess_Tables() {G_Hash = 0; H_Hash = 0; N_Hash = 0;
54  S_Hash = 0; T_Hash = 0; U_Hash = 0;
55  D_List = 0; E_List = 0;
56  X_List = 0; Z_List = 0;
57  }
58  ~XrdAccAccess_Tables() {if (G_Hash) delete G_Hash;
59  if (H_Hash) delete H_Hash;
60  if (N_Hash) delete N_Hash;
61  if (S_Hash) delete S_Hash;
62  if (T_Hash) delete T_Hash;
63  if (U_Hash) delete U_Hash;
64  if (X_List) delete X_List;
65  if (Z_List) delete Z_List;
66  }
67  };
68 
69 /******************************************************************************/
70 /* X r d A c c A c c e s s */
71 /******************************************************************************/
72 
73 class xrdOucError;
74 
75 class XrdAccAccess : public XrdAccAuthorize
76 {
77 public:
78 
79 friend class XrdAccConfig;
80 
81  XrdAccPrivs Access(const XrdSecEntity *Entity,
82  const char *path,
83  const Access_Operation oper,
84  XrdOucEnv *Env=0);
85 
86  int Audit(const int accok,
87  const XrdSecEntity *Entity,
88  const char *path,
89  const Access_Operation oper,
90  XrdOucEnv *Env=0);
91 
92 // SwapTabs() is used by the configuration object to establish new access
93 // control tables. It may be called whenever the tables change.
94 //
95 void SwapTabs(struct XrdAccAccess_Tables &newtab);
96 
97  int Test(const XrdAccPrivs priv, const Access_Operation oper);
98 
99  XrdAccAccess(XrdSysError *erp);
100 
101  ~XrdAccAccess() {} // The access object is never deleted
102 
103 private:
104 
105 XrdAccPrivs Access(const char *id, const Access_ID_Type idtype,
106  const char *path, const Access_Operation oper);
107 
108 struct XrdAccAccess_Tables Atab;
109 
110 XrdSysXSLock Access_Context;
111 
112 XrdAccAudit *Auditor;
113 };
114 #endif
Generated by   doxygen 1.8.1.2