2 * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
20 * @brief Implementation of external libcynara-admin API
30 #include <types/Policy.h>
31 #include <types/PolicyBucket.h>
32 #include <types/PolicyBucketId.h>
33 #include <types/PolicyKey.h>
34 #include <types/PolicyResult.h>
35 #include <types/PolicyType.h>
37 #include <cynara-admin.h>
38 #include <cynara-admin-error.h>
40 #include <api/ApiInterface.h>
41 #include <logic/Logic.h>
44 Cynara::ApiInterface *impl;
46 cynara_admin(Cynara::ApiInterface *_impl) : impl(_impl) {
54 int cynara_admin_initialize(struct cynara_admin **pp_cynara_admin) {
56 return CYNARA_ADMIN_API_INVALID_PARAM;
59 *pp_cynara_admin = new cynara_admin(new Cynara::Logic);
60 } catch (const std::bad_alloc &ex) {
61 return CYNARA_ADMIN_API_OUT_OF_MEMORY;
66 LOGD("Cynara admin initialized");
68 return CYNARA_ADMIN_API_SUCCESS;
72 int cynara_admin_finish(struct cynara_admin *p_cynara_admin) {
73 delete p_cynara_admin;
75 return CYNARA_ADMIN_API_SUCCESS;
79 int cynara_admin_set_policies(struct cynara_admin *p_cynara_admin,
80 const struct cynara_admin_policy *const *policies) {
81 if (!p_cynara_admin || !p_cynara_admin->impl)
82 return CYNARA_ADMIN_API_INVALID_PARAM;
84 return CYNARA_ADMIN_API_INVALID_PARAM;
86 std::map<Cynara::PolicyBucketId, std::vector<Cynara::Policy>> insertOrUpdate;
87 std::map<Cynara::PolicyBucketId, std::vector<Cynara::PolicyKey>> remove;
89 auto key = ([](const cynara_admin_policy *policy)->Cynara::PolicyKey {
90 std::string wildcard(CYNARA_ADMIN_WILDCARD);
92 auto feature = ([&wildcard] (const char *str)->Cynara::PolicyKeyFeature {
93 if (wildcard.compare(str))
94 return Cynara::PolicyKeyFeature::create(str);
96 return Cynara::PolicyKeyFeature::createWildcard();
99 return Cynara::PolicyKey(feature(policy->client), feature(policy->user),
100 feature(policy->privilege));
104 for (auto i = policies; *i; i++) {
105 const cynara_admin_policy *policy = *i;
106 if(!policy->bucket || !policy->client || !policy->user || !policy->privilege)
107 return CYNARA_ADMIN_API_INVALID_PARAM;
109 switch (policy->result) {
110 case CYNARA_ADMIN_DELETE:
111 remove[policy->bucket].push_back(key(policy));
113 case CYNARA_ADMIN_DENY:
114 insertOrUpdate[policy->bucket].push_back(Cynara::Policy(key(policy),
115 Cynara::PredefinedPolicyType::DENY));
117 case CYNARA_ADMIN_ALLOW:
118 insertOrUpdate[policy->bucket].push_back(Cynara::Policy(key(policy),
119 Cynara::PredefinedPolicyType::ALLOW));
121 case CYNARA_ADMIN_BUCKET:
122 if (!policy->result_extra)
123 return CYNARA_ADMIN_API_INVALID_PARAM;
124 insertOrUpdate[policy->bucket].push_back(Cynara::Policy(key(policy),
125 Cynara::PolicyResult(
126 Cynara::PredefinedPolicyType::BUCKET,
127 policy->result_extra)));
129 case CYNARA_ADMIN_NONE:
131 return CYNARA_ADMIN_API_INVALID_PARAM;
134 } catch (const std::bad_alloc &ex) {
135 return CYNARA_ADMIN_API_OUT_OF_MEMORY;
138 return p_cynara_admin->impl->setPolicies(insertOrUpdate, remove);
142 int cynara_admin_set_bucket(struct cynara_admin *p_cynara_admin, const char *bucket,
143 int operation, const char *extra) {
144 if (!p_cynara_admin || !p_cynara_admin->impl)
145 return CYNARA_ADMIN_API_INVALID_PARAM;
147 return CYNARA_ADMIN_API_INVALID_PARAM;
149 std::string extraStr;
151 extraStr = extra ? extra : "";
152 } catch (const std::bad_alloc &ex) {
153 return CYNARA_ADMIN_API_OUT_OF_MEMORY;
156 case CYNARA_ADMIN_DELETE:
157 return p_cynara_admin->impl->removeBucket(bucket);
158 case CYNARA_ADMIN_DENY:
159 return p_cynara_admin->impl->insertOrUpdateBucket(bucket,
160 Cynara::PolicyResult(Cynara::PredefinedPolicyType::DENY, extraStr));
161 case CYNARA_ADMIN_ALLOW:
162 return p_cynara_admin->impl->insertOrUpdateBucket(bucket,
163 Cynara::PolicyResult(Cynara::PredefinedPolicyType::ALLOW, extraStr));
164 case CYNARA_ADMIN_NONE:
165 if (bucket != Cynara::defaultPolicyBucketId) {
166 return p_cynara_admin->impl->insertOrUpdateBucket(bucket,
167 Cynara::PolicyResult(Cynara::PredefinedPolicyType::NONE));
169 return CYNARA_ADMIN_API_OPERATION_NOT_ALLOWED;
170 case CYNARA_ADMIN_BUCKET:
172 return CYNARA_ADMIN_API_INVALID_PARAM;
177 int cynara_admin_check(struct cynara_admin *p_cynara_admin,
178 const char *start_bucket, const int recursive UNUSED,
179 const char *client, const char *user, const char *privilege,
180 int *result, char **result_extra) {
181 if (!p_cynara_admin || !p_cynara_admin->impl)
182 return CYNARA_ADMIN_API_INVALID_PARAM;
184 return CYNARA_ADMIN_API_INVALID_PARAM;
185 if (!client || !user || !privilege)
186 return CYNARA_ADMIN_API_INVALID_PARAM;
187 if (!result || !result_extra)
188 return CYNARA_ADMIN_API_INVALID_PARAM;
191 return CYNARA_ADMIN_API_SUCCESS;