--- /dev/null
+#ifndef CEPH_RGW_ROLE_H
+#define CEPH_RGW_ROLE_H
+
+class RGWRole
+{
+ static const string role_name_oid_prefix;
+ static const string role_oid_prefix;
+ static const string role_path_oid_prefix;
+ static const string role_arn_prefix;
+ static constexpr int MAX_ROLE_NAME_LEN = 64;
+ static constexpr int MAX_PATH_NAME_LEN = 512;
+
+ CephContext *cct;
+ RGWRados *store;
+ string id;
+ string name;
+ string path;
+ string arn;
+ string creation_date;
+ string trust_policy;
+ map<string, string> perm_policy_map;
+ string tenant;
+
+ int store_info(bool exclusive);
+ int store_name(bool exclusive);
+ int store_path(bool exclusive);
+ int read_id(const string& role_name, const string& tenant, string& role_id);
+ int read_name();
+ int read_info();
+ void set_id(const string& id) { this->id = id; }
+ bool validate_input();
+ void extract_name_tenant(const std::string& str);
+
+public:
+ RGWRole(CephContext *cct,
+ RGWRados *store,
+ string name,
+ string path,
+ string trust_policy,
+ string tenant)
+ : cct(cct),
+ store(store),
+ name(std::move(name)),
+ path(std::move(path)),
+ trust_policy(std::move(trust_policy)),
+ tenant(std::move(tenant)) {
+ if (this->path.empty())
+ this->path = "/";
+ extract_name_tenant(this->name);
+ }
+
+ RGWRole(CephContext *cct,
+ RGWRados *store,
+ string name,
+ string tenant)
+ : cct(cct),
+ store(store),
+ name(std::move(name)),
+ tenant(std::move(tenant)) {
+ extract_name_tenant(this->name);
+ }
+
+ RGWRole(CephContext *cct,
+ RGWRados *store,
+ string id)
+ : cct(cct),
+ store(store),
+ id(std::move(id)) {}
+
+ RGWRole(CephContext *cct,
+ RGWRados *store)
+ : cct(cct),
+ store(store) {}
+
+ RGWRole() {}
+
+ ~RGWRole() = default;
+
+ void encode(bufferlist& bl) const {
+ ENCODE_START(2, 1, bl);
+ ::encode(id, bl);
+ ::encode(name, bl);
+ ::encode(path, bl);
+ ::encode(arn, bl);
+ ::encode(creation_date, bl);
+ ::encode(trust_policy, bl);
+ ::encode(perm_policy_map, bl);
+ ::encode(tenant, bl);
+ ENCODE_FINISH(bl);
+ }
+
+ void decode(bufferlist::iterator& bl) {
+ DECODE_START(2, bl);
+ ::decode(id, bl);
+ ::decode(name, bl);
+ ::decode(path, bl);
+ ::decode(arn, bl);
+ ::decode(creation_date, bl);
+ ::decode(trust_policy, bl);
+ ::decode(perm_policy_map, bl);
+ if (struct_v >= 2) {
+ ::decode(tenant, bl);
+ }
+ DECODE_FINISH(bl);
+ }
+
+ const string& get_id() const { return id; }
+ const string& get_name() const { return name; }
+ const string& get_path() const { return path; }
+ const string& get_create_date() const { return creation_date; }
+ const string& get_assume_role_policy() const { return trust_policy;}
+
+ int create(bool exclusive);
+ int delete_obj();
+ int get();
+ int get_by_id();
+ int update();
+ void update_trust_policy(string& trust_policy);
+ void set_perm_policy(const string& policy_name, const string& perm_policy);
+ vector<string> get_role_policy_names();
+ int get_role_policy(const string& policy_name, string& perm_policy);
+ int delete_policy(const string& policy_name);
+ void dump(Formatter *f) const;
+ void decode_json(JSONObj *obj);
+
+ static const string& get_names_oid_prefix();
+ static const string& get_info_oid_prefix();
+ static const string& get_path_oid_prefix();
+ static int get_roles_by_path_prefix(RGWRados *store,
+ CephContext *cct,
+ const string& path_prefix,
+ const string& tenant,
+ vector<RGWRole>& roles);
+};
+WRITE_CLASS_ENCODER(RGWRole)
+#endif /* CEPH_RGW_ROLE_H */
+