+++ /dev/null
-// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
-// vim: ts=8 sw=2 smarttab
-/*
- * Ceph - scalable distributed file system
- *
- * Copyright (C) 2014 Red Hat
- *
- * This is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License version 2.1, as published by the Free Software
- * Foundation. See file COPYING.
- *
- */
-
-
-#ifndef MDS_AUTH_CAPS_H
-#define MDS_AUTH_CAPS_H
-
-#include <vector>
-#include <string>
-#include <sstream>
-#include "include/types.h"
-#include "common/debug.h"
-
-// unix-style capabilities
-enum {
- MAY_READ = 1,
- MAY_WRITE = 2,
- MAY_EXECUTE = 4,
- MAY_CHOWN = 16,
- MAY_CHGRP = 32,
- MAY_SET_VXATTR = 64,
-};
-
-class CephContext;
-
-// what we can do
-struct MDSCapSpec {
- bool read, write, any;
-
- // True if the capability permits setting vxattrs (layout, quota, etc)
- bool set_vxattr;
-
- MDSCapSpec() : read(false), write(false), any(false), set_vxattr(false) {}
- MDSCapSpec(bool r, bool w, bool a, bool lop)
- : read(r), write(w), any(a), set_vxattr(lop) {}
-
- bool allow_all() const {
- return any;
- }
-
- bool allows(bool r, bool w) const {
- if (any)
- return true;
- if (r && !read)
- return false;
- if (w && !write)
- return false;
- return true;
- }
-
- bool allows_set_vxattr() const {
- return set_vxattr;
- }
-};
-
-// conditions before we are allowed to do it
-struct MDSCapMatch {
- static const int64_t MDS_AUTH_UID_ANY = -1;
-
- int64_t uid; // Require UID to be equal to this, if !=MDS_AUTH_UID_ANY
- std::vector<gid_t> gids; // Use these GIDs
- std::string path; // Require path to be child of this (may be "" or "/" for any)
-
- MDSCapMatch() : uid(MDS_AUTH_UID_ANY) {}
- MDSCapMatch(int64_t uid_, std::vector<gid_t>& gids_) : uid(uid_), gids(gids_) {}
- explicit MDSCapMatch(std::string path_)
- : uid(MDS_AUTH_UID_ANY), path(path_) {
- normalize_path();
- }
- MDSCapMatch(std::string path_, int64_t uid_, std::vector<gid_t>& gids_)
- : uid(uid_), gids(gids_), path(path_) {
- normalize_path();
- }
-
- void normalize_path();
-
- bool is_match_all() const
- {
- return uid == MDS_AUTH_UID_ANY && path == "";
- }
-
- // check whether this grant matches against a given file and caller uid:gid
- bool match(const std::string &target_path,
- const int caller_uid,
- const int caller_gid,
- const vector<uint64_t> *caller_gid_list) const;
-
- /**
- * Check whether this path *might* be accessible (actual permission
- * depends on the stronger check in match()).
- *
- * @param target_path filesystem path without leading '/'
- */
- bool match_path(const std::string &target_path) const;
-};
-
-struct MDSCapGrant {
- MDSCapSpec spec;
- MDSCapMatch match;
-
- MDSCapGrant(const MDSCapSpec &spec_, const MDSCapMatch &match_)
- : spec(spec_), match(match_) {}
- MDSCapGrant() {}
-};
-
-class MDSAuthCaps
-{
- CephContext *cct;
- std::vector<MDSCapGrant> grants;
-
-public:
- explicit MDSAuthCaps(CephContext *cct_=NULL)
- : cct(cct_) { }
-
- // this ctor is used by spirit/phoenix; doesn't need cct.
- explicit MDSAuthCaps(const std::vector<MDSCapGrant> &grants_)
- : cct(NULL), grants(grants_) { }
-
- void set_allow_all();
- bool parse(CephContext *cct, const std::string &str, std::ostream *err);
-
- bool allow_all() const;
- bool is_capable(const std::string &inode_path,
- uid_t inode_uid, gid_t inode_gid, unsigned inode_mode,
- uid_t uid, gid_t gid, const vector<uint64_t> *caller_gid_list,
- unsigned mask, uid_t new_uid, gid_t new_gid) const;
- bool path_capable(const std::string &inode_path) const;
-
- friend std::ostream &operator<<(std::ostream &out, const MDSAuthCaps &cap);
-};
-
-
-std::ostream &operator<<(std::ostream &out, const MDSCapMatch &match);
-std::ostream &operator<<(std::ostream &out, const MDSCapSpec &spec);
-std::ostream &operator<<(std::ostream &out, const MDSCapGrant &grant);
-std::ostream &operator<<(std::ostream &out, const MDSAuthCaps &cap);
-
-#endif // MDS_AUTH_CAPS_H