diff options
Diffstat (limited to '')
| -rw-r--r-- | src/mds/MDSAuthCaps.h | 116 |
1 files changed, 94 insertions, 22 deletions
diff --git a/src/mds/MDSAuthCaps.h b/src/mds/MDSAuthCaps.h index 5fcbb1f2f..bbb2589b3 100644 --- a/src/mds/MDSAuthCaps.h +++ b/src/mds/MDSAuthCaps.h @@ -19,6 +19,7 @@ #include <string_view> #include <vector> +#include "include/encoding.h" #include "include/common_fwd.h" #include "include/types.h" #include "common/debug.h" @@ -101,35 +102,31 @@ private: struct MDSCapMatch { static const int64_t MDS_AUTH_UID_ANY = -1; - MDSCapMatch() : uid(MDS_AUTH_UID_ANY), fs_name(std::string()) {} + MDSCapMatch() {} - MDSCapMatch(int64_t uid_, std::vector<gid_t>& gids_) : - uid(uid_), gids(gids_), fs_name(std::string()) {} + MDSCapMatch(const std::string& fsname_, const std::string& path_, + bool root_squash_, int64_t uid_=MDS_AUTH_UID_ANY, + const std::vector<gid_t>& gids_={}) { + fs_name = std::move(fsname_); + path = std::move(path_); + root_squash = root_squash_; + uid = (uid_ == 0) ? -1 : uid_; + gids = gids_; - explicit MDSCapMatch(const std::string &path_) - : uid(MDS_AUTH_UID_ANY), path(path_), fs_name(std::string()) { normalize_path(); } - explicit MDSCapMatch(std::string path, std::string fs_name) : - uid(MDS_AUTH_UID_ANY), path(std::move(path)), fs_name(std::move(fs_name)) - { - normalize_path(); - } - - explicit MDSCapMatch(std::string path, std::string fs_name, bool root_squash_) : - uid(MDS_AUTH_UID_ANY), path(std::move(path)), fs_name(std::move(fs_name)), root_squash(root_squash_) - { - normalize_path(); - } - - MDSCapMatch(const std::string& path_, int64_t uid_, std::vector<gid_t>& gids_) - : uid(uid_), gids(gids_), path(path_), fs_name(std::string()) { - normalize_path(); + const MDSCapMatch& operator=(const MDSCapMatch& m) { + uid = m.uid; + gids = m.gids; + path = m.path; + fs_name = m.fs_name; + root_squash = m.root_squash; + return *this; } void normalize_path(); - + bool is_match_all() const { return uid == MDS_AUTH_UID_ANY && path == ""; @@ -149,12 +146,68 @@ struct MDSCapMatch { */ bool match_path(std::string_view target_path) const; - int64_t uid; // Require UID to be equal to this, if !=MDS_AUTH_UID_ANY + void encode(ceph::buffer::list& bl) const { + ENCODE_START(1, 1, bl); + encode(uid, bl); + encode(gids, bl); + encode(path, bl); + encode(fs_name, bl); + encode(root_squash, bl); + ENCODE_FINISH(bl); + } + + void decode(ceph::buffer::list::const_iterator& p) { + DECODE_START(1, p); + decode(uid, p); + decode(gids, p); + decode(path, p); + decode(fs_name, p); + decode(root_squash, p); + DECODE_FINISH(p); + } + + // Require UID to be equal to this, if !=MDS_AUTH_UID_ANY + int64_t uid = MDS_AUTH_UID_ANY; std::vector<gid_t> gids; // Use these GIDs std::string path; // Require path to be child of this (may be "" or "/" for any) std::string fs_name; bool root_squash=false; }; +WRITE_CLASS_ENCODER(MDSCapMatch) + +struct MDSCapAuth { + MDSCapAuth() {} + MDSCapAuth(MDSCapMatch m, bool r, bool w) : + match(m), readable(r), writeable(w) {} + + const MDSCapAuth& operator=(const MDSCapAuth& m) { + match = m.match; + readable = m.readable; + writeable = m.writeable; + return *this; + } + + void encode(ceph::buffer::list& bl) const { + ENCODE_START(1, 1, bl); + encode(match, bl); + encode(readable, bl); + encode(writeable, bl); + ENCODE_FINISH(bl); + } + + void decode(ceph::buffer::list::const_iterator& p) { + DECODE_START(1, p); + decode(match, p); + decode(readable, p); + decode(writeable, p); + DECODE_FINISH(p); + } + + MDSCapMatch match; + bool readable; + bool writeable; +}; +WRITE_CLASS_ENCODER(MDSCapAuth) struct MDSCapGrant { MDSCapGrant(const MDSCapSpec &spec_, const MDSCapMatch &match_, @@ -223,12 +276,31 @@ public: return false; } + void get_cap_auths(std::vector<MDSCapAuth> *cap_auths) + { + for (const auto& grant : grants) { + cap_auths->emplace_back(MDSCapAuth(grant.match, + grant.spec.allow_read(), + grant.spec.allow_write())); + } + } + + bool root_squash_in_caps() const { + for (const MDSCapGrant &g : grants) { + if (g.match.root_squash) { + return true; + } + } + return false; + } + friend std::ostream &operator<<(std::ostream &out, const MDSAuthCaps &cap); private: std::vector<MDSCapGrant> grants; }; std::ostream &operator<<(std::ostream &out, const MDSCapMatch &match); +std::ostream &operator<<(std::ostream &out, const MDSCapAuth &auth); std::ostream &operator<<(std::ostream &out, const MDSCapSpec &spec); std::ostream &operator<<(std::ostream &out, const MDSCapGrant &grant); std::ostream &operator<<(std::ostream &out, const MDSAuthCaps &cap); |