summaryrefslogtreecommitdiffstats
path: root/src/mds/MDSAuthCaps.h
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/mds/MDSAuthCaps.h116
1 files changed, 94 insertions, 22 deletions
diff --git a/src/mds/MDSAuthCaps.h b/src/mds/MDSAuthCaps.h
index 5fcbb1f2f..bbb2589b3 100644
--- a/src/mds/MDSAuthCaps.h
+++ b/src/mds/MDSAuthCaps.h
@@ -19,6 +19,7 @@
#include <string_view>
#include <vector>
+#include "include/encoding.h"
#include "include/common_fwd.h"
#include "include/types.h"
#include "common/debug.h"
@@ -101,35 +102,31 @@ private:
struct MDSCapMatch {
static const int64_t MDS_AUTH_UID_ANY = -1;
- MDSCapMatch() : uid(MDS_AUTH_UID_ANY), fs_name(std::string()) {}
+ MDSCapMatch() {}
- MDSCapMatch(int64_t uid_, std::vector<gid_t>& gids_) :
- uid(uid_), gids(gids_), fs_name(std::string()) {}
+ MDSCapMatch(const std::string& fsname_, const std::string& path_,
+ bool root_squash_, int64_t uid_=MDS_AUTH_UID_ANY,
+ const std::vector<gid_t>& gids_={}) {
+ fs_name = std::move(fsname_);
+ path = std::move(path_);
+ root_squash = root_squash_;
+ uid = (uid_ == 0) ? -1 : uid_;
+ gids = gids_;
- explicit MDSCapMatch(const std::string &path_)
- : uid(MDS_AUTH_UID_ANY), path(path_), fs_name(std::string()) {
normalize_path();
}
- explicit MDSCapMatch(std::string path, std::string fs_name) :
- uid(MDS_AUTH_UID_ANY), path(std::move(path)), fs_name(std::move(fs_name))
- {
- normalize_path();
- }
-
- explicit MDSCapMatch(std::string path, std::string fs_name, bool root_squash_) :
- uid(MDS_AUTH_UID_ANY), path(std::move(path)), fs_name(std::move(fs_name)), root_squash(root_squash_)
- {
- normalize_path();
- }
-
- MDSCapMatch(const std::string& path_, int64_t uid_, std::vector<gid_t>& gids_)
- : uid(uid_), gids(gids_), path(path_), fs_name(std::string()) {
- normalize_path();
+ const MDSCapMatch& operator=(const MDSCapMatch& m) {
+ uid = m.uid;
+ gids = m.gids;
+ path = m.path;
+ fs_name = m.fs_name;
+ root_squash = m.root_squash;
+ return *this;
}
void normalize_path();
-
+
bool is_match_all() const
{
return uid == MDS_AUTH_UID_ANY && path == "";
@@ -149,12 +146,68 @@ struct MDSCapMatch {
*/
bool match_path(std::string_view target_path) const;
- int64_t uid; // Require UID to be equal to this, if !=MDS_AUTH_UID_ANY
+ void encode(ceph::buffer::list& bl) const {
+ ENCODE_START(1, 1, bl);
+ encode(uid, bl);
+ encode(gids, bl);
+ encode(path, bl);
+ encode(fs_name, bl);
+ encode(root_squash, bl);
+ ENCODE_FINISH(bl);
+ }
+
+ void decode(ceph::buffer::list::const_iterator& p) {
+ DECODE_START(1, p);
+ decode(uid, p);
+ decode(gids, p);
+ decode(path, p);
+ decode(fs_name, p);
+ decode(root_squash, p);
+ DECODE_FINISH(p);
+ }
+
+ // Require UID to be equal to this, if !=MDS_AUTH_UID_ANY
+ int64_t uid = MDS_AUTH_UID_ANY;
std::vector<gid_t> gids; // Use these GIDs
std::string path; // Require path to be child of this (may be "" or "/" for any)
std::string fs_name;
bool root_squash=false;
};
+WRITE_CLASS_ENCODER(MDSCapMatch)
+
+struct MDSCapAuth {
+ MDSCapAuth() {}
+ MDSCapAuth(MDSCapMatch m, bool r, bool w) :
+ match(m), readable(r), writeable(w) {}
+
+ const MDSCapAuth& operator=(const MDSCapAuth& m) {
+ match = m.match;
+ readable = m.readable;
+ writeable = m.writeable;
+ return *this;
+ }
+
+ void encode(ceph::buffer::list& bl) const {
+ ENCODE_START(1, 1, bl);
+ encode(match, bl);
+ encode(readable, bl);
+ encode(writeable, bl);
+ ENCODE_FINISH(bl);
+ }
+
+ void decode(ceph::buffer::list::const_iterator& p) {
+ DECODE_START(1, p);
+ decode(match, p);
+ decode(readable, p);
+ decode(writeable, p);
+ DECODE_FINISH(p);
+ }
+
+ MDSCapMatch match;
+ bool readable;
+ bool writeable;
+};
+WRITE_CLASS_ENCODER(MDSCapAuth)
struct MDSCapGrant {
MDSCapGrant(const MDSCapSpec &spec_, const MDSCapMatch &match_,
@@ -223,12 +276,31 @@ public:
return false;
}
+ void get_cap_auths(std::vector<MDSCapAuth> *cap_auths)
+ {
+ for (const auto& grant : grants) {
+ cap_auths->emplace_back(MDSCapAuth(grant.match,
+ grant.spec.allow_read(),
+ grant.spec.allow_write()));
+ }
+ }
+
+ bool root_squash_in_caps() const {
+ for (const MDSCapGrant &g : grants) {
+ if (g.match.root_squash) {
+ return true;
+ }
+ }
+ return false;
+ }
+
friend std::ostream &operator<<(std::ostream &out, const MDSAuthCaps &cap);
private:
std::vector<MDSCapGrant> grants;
};
std::ostream &operator<<(std::ostream &out, const MDSCapMatch &match);
+std::ostream &operator<<(std::ostream &out, const MDSCapAuth &auth);
std::ostream &operator<<(std::ostream &out, const MDSCapSpec &spec);
std::ostream &operator<<(std::ostream &out, const MDSCapGrant &grant);
std::ostream &operator<<(std::ostream &out, const MDSAuthCaps &cap);