summaryrefslogblamecommitdiffstats
path: root/include/authz/list.h
blob: a88cdbbcf8e3f0709986e408f0adf52ef7bc9685 (plain) (tree) 
c8c99887d1 ^




















a8b991b52d ^


c8c99887d1 ^













063603d43e ^


c8c99887d1 ^



































































a8b991b52d ^

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

21
22

23
24
25
26
27
28
29
30
31
32
33
34
35

36
37

38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104

105




















                                                                               

                     












                                                         

                                     


































































                                                                       
                          
/*
 * QEMU list authorization driver
 *
 * Copyright (c) 2018 Red Hat, Inc.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
 *
 */

#ifndef QAUTHZ_LIST_H
#define QAUTHZ_LIST_H

#include "authz/base.h"
#include "qapi/qapi-types-authz.h"

#define TYPE_QAUTHZ_LIST "authz-list"

#define QAUTHZ_LIST_CLASS(klass)                        \
    OBJECT_CLASS_CHECK(QAuthZListClass, (klass),        \
                       TYPE_QAUTHZ_LIST)
#define QAUTHZ_LIST_GET_CLASS(obj)              \
    OBJECT_GET_CLASS(QAuthZListClass, (obj),    \
                      TYPE_QAUTHZ_LIST)
#define QAUTHZ_LIST(obj) \
    OBJECT_CHECK(QAuthZList, (obj), \
                 TYPE_QAUTHZ_LIST)

typedef struct QAuthZList QAuthZList;
typedef struct QAuthZListClass QAuthZListClass;


/**
 * QAuthZList:
 *
 * This authorization driver provides a list mechanism
 * for granting access by matching user names against a
 * list of globs. Each match rule has an associated policy
 * and a catch all policy applies if no rule matches
 *
 * To create an instance of this class via QMP:
 *
 *  {
 *    "execute": "object-add",
 *    "arguments": {
 *      "qom-type": "authz-list",
 *      "id": "authz0",
 *      "props": {
 *        "rules": [
 *           { "match": "fred", "policy": "allow", "format": "exact" },
 *           { "match": "bob", "policy": "allow", "format": "exact" },
 *           { "match": "danb", "policy": "deny", "format": "exact" },
 *           { "match": "dan*", "policy": "allow", "format": "glob" }
 *        ],
 *        "policy": "deny"
 *      }
 *    }
 *  }
 *
 */
struct QAuthZList {
    QAuthZ parent_obj;

    QAuthZListPolicy policy;
    QAuthZListRuleList *rules;
};


struct QAuthZListClass {
    QAuthZClass parent_class;
};


QAuthZList *qauthz_list_new(const char *id,
                            QAuthZListPolicy policy,
                            Error **errp);

ssize_t qauthz_list_append_rule(QAuthZList *auth,
                                const char *match,
                                QAuthZListPolicy policy,
                                QAuthZListFormat format,
                                Error **errp);

ssize_t qauthz_list_insert_rule(QAuthZList *auth,
                                const char *match,
                                QAuthZListPolicy policy,
                                QAuthZListFormat format,
                                size_t index,
                                Error **errp);

ssize_t qauthz_list_delete_rule(QAuthZList *auth,
                                const char *match);


#endif /* QAUTHZ_LIST_H */
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-12-22 20:44:05 +0100