DTNMA Reference Tools v2.1.0 - 13.gc5c0bac
Delay-Tolerant Networking Management Architecture (DTNMA) Tool Suite
Loading...
Searching...
No Matches
Data Structures | Macros | Typedefs | Functions
acl.h File Reference
#include "amm/ident.h"
#include "cace/ari/base.h"
#include <m-atomic.h>
#include <m-deque.h>
#include <m-rbtree.h>
#include <m-bptree.h>
#include <stdint.h>
+ Include dependency graph for acl.h:
+ This graph shows which files directly or indirectly include this file:

Data Structures

struct  refda_acl_group_t
 A single entry of the ACL group table. More...
 
struct  refda_acl_access_t
 A single entry of the ACL access table. More...
 
struct  refda_acl_t
 Storage of the agent ACL and its derived caches. More...
 

Macros

#define M_OPL_refda_acl_group_t()   (INIT(API_2(refda_acl_group_init)), CLEAR(API_2(refda_acl_group_deinit)))
 
#define M_OPL_refda_acl_access_t()   (INIT(API_2(refda_acl_access_init)), CLEAR(API_2(refda_acl_access_deinit)))
 

Typedefs

typedef cace_ari_uint refda_acl_id_t
 Identifier for ACL groups and access items.
 
typedef struct refda_agent_s refda_agent_t
 

Functions

void refda_acl_group_init (refda_acl_group_t *obj)
 
void refda_acl_group_deinit (refda_acl_group_t *obj)
 
void refda_acl_access_init (refda_acl_access_t *obj)
 
void refda_acl_access_deinit (refda_acl_access_t *obj)
 
void refda_acl_access_get_str_id (m_string_t out, const refda_acl_access_t *obj, bool append)
 
void refda_acl_init (refda_acl_t *obj)
 
void refda_acl_deinit (refda_acl_t *obj)
 
int refda_acl_search_endpoint (refda_agent_t *agent, const cace_ari_t *endpoint, refda_acl_id_tree_t groups)
 Search in an ACL for a specific endpoint.
 
bool refda_acl_search_permission (refda_agent_t *agent, const refda_acl_id_tree_t groups, const cace_amm_obj_desc_t *acc_obj, const cace_amm_obj_desc_ptr_set_t perm_objs, refda_amm_ident_base_ptr_set_t match)
 Search in an ACL for specific access.
 
bool refda_acl_search_one_permission (refda_agent_t *agent, const refda_acl_id_tree_t groups, const cace_amm_obj_desc_t *acc_obj, const cace_amm_obj_desc_t *perm_obj, refda_amm_ident_base_ptr_set_t match)
 This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts. This searches for a single permission perm_obj which avoids needing to construct a permission set.
 

Macro Definition Documentation

◆ M_OPL_refda_acl_access_t

#define M_OPL_refda_acl_access_t ( )    (INIT(API_2(refda_acl_access_init)), CLEAR(API_2(refda_acl_access_deinit)))

◆ M_OPL_refda_acl_group_t

#define M_OPL_refda_acl_group_t ( )    (INIT(API_2(refda_acl_group_init)), CLEAR(API_2(refda_acl_group_deinit)))

Typedef Documentation

◆ refda_acl_id_t

typedef cace_ari_uint refda_acl_id_t

Identifier for ACL groups and access items.

The group ID zero is reserved for the agent itself.

◆ refda_agent_t

typedef struct refda_agent_s refda_agent_t

Function Documentation

◆ refda_acl_access_deinit()

void refda_acl_access_deinit ( refda_acl_access_t obj)

References CHKVOID, refda_acl_access_t::groups, refda_acl_access_t::id, and refda_acl_access_t::permissions.

◆ refda_acl_access_get_str_id()

void refda_acl_access_get_str_id ( m_string_t  out,
const refda_acl_access_t obj,
bool  append 
)

References refda_acl_access_t::id.

◆ refda_acl_access_init()

void refda_acl_access_init ( refda_acl_access_t obj)

References refda_acl_access_t::added_at, CACE_ARI_INIT_UNDEFINED, CHKVOID, refda_acl_access_t::groups, refda_acl_access_t::id, refda_acl_access_t::permissions, and refda_acl_access_t::updated_at.

◆ refda_acl_deinit()

void refda_acl_deinit ( refda_acl_t obj)

References refda_acl_t::access, refda_acl_t::access_by_group, CHKVOID, refda_acl_t::groups, refda_acl_t::perm_base, and refda_acl_t::perm_produce.

Referenced by refda_agent_deinit().

◆ refda_acl_group_deinit()

void refda_acl_group_deinit ( refda_acl_group_t obj)

References CHKVOID, refda_acl_group_t::id, refda_acl_group_t::member_pats, and refda_acl_group_t::name.

◆ refda_acl_group_init()

void refda_acl_group_init ( refda_acl_group_t obj)

References refda_acl_group_t::added_at, CACE_ARI_INIT_UNDEFINED, CHKVOID, refda_acl_group_t::id, refda_acl_group_t::member_pats, refda_acl_group_t::name, and refda_acl_group_t::updated_at.

◆ refda_acl_init()

void refda_acl_init ( refda_acl_t obj)

References refda_acl_t::access, refda_acl_t::access_by_group, CHKVOID, refda_acl_t::generation, refda_acl_t::groups, refda_acl_t::perm_base, and refda_acl_t::perm_produce.

Referenced by refda_agent_init().

◆ refda_acl_search_endpoint()

int refda_acl_search_endpoint ( refda_agent_t agent,
const cace_ari_t endpoint,
refda_acl_id_tree_t  groups 
)

Search in an ACL for a specific endpoint.

Parameters
[in]agentThe agent state for reference lookup.
[in]endpointThe endpoint to search for.
[out]groupsThe set of groups to add to.
Returns
Zero if successful, which may result in empty groups.

References refda_agent_t::acl, refda_agent_t::acl_mutex, agent, CACE_ARI_TEXT_ENC_OPTS_DEFAULT, cace_ari_text_encode(), CACE_LOG_CRIT, CACE_LOG_DEBUG, CACE_LOG_INFO, cace_log_is_enabled_for(), CHKERR1, refda_acl_t::groups, refda_acl_group_t::id, refda_acl_group_t::member_pats, and refda_endpoint_pat_match().

Referenced by refda_runctx_check_acl().

◆ refda_acl_search_one_permission()

bool refda_acl_search_one_permission ( refda_agent_t agent,
const refda_acl_id_tree_t  groups,
const cace_amm_obj_desc_t acc_obj,
const cace_amm_obj_desc_t perm_obj,
refda_amm_ident_base_ptr_set_t  match 
)

This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts. This searches for a single permission perm_obj which avoids needing to construct a permission set.

References agent, and refda_acl_search_permission().

Referenced by refda_valprod_run().

◆ refda_acl_search_permission()

bool refda_acl_search_permission ( refda_agent_t agent,
const refda_acl_id_tree_t  groups,
const cace_amm_obj_desc_t acc_obj,
const cace_amm_obj_desc_ptr_set_t  perm_objs,
refda_amm_ident_base_ptr_set_t  match 
)

Search in an ACL for specific access.

Parameters
[in]agentThe agent state for reference lookup.
[in]groupsThe set of groups to filter-in.
[in]acc_objThe object being accessed.
[in]perm_objsThe set of permission objects to filter-in.
[out]matchThe matching permissions.
Returns
True if permission is present and the match is non-empty.

References refda_acl_t::access_by_group, refda_agent_t::acl, refda_agent_t::acl_mutex, agent, CACE_LOG_CRIT, CACE_LOG_DEBUG, cace_log_is_enabled_for(), refda_amm_ident_base_t::deref, cace_amm_lookup_t::obj, and refda_acl_access_t::permissions.

Referenced by refda_acl_search_one_permission().