src/admin/api/admin-api.cpp

   1 /*
   2  *  Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *  Licensed under the Apache License, Version 2.0 (the "License");
   5  *  you may not use this file except in compliance with the License.
   6  *  You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *  Unless required by applicable law or agreed to in writing, software
  11  *  distributed under the License is distributed on an "AS IS" BASIS,
  12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *  See the License for the specific language governing permissions and
  14  *  limitations under the License
  15  */
  16 /*
  17  * @file        admin-api.cpp
  18  * @author      Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
  19  * @version     1.0
  20  * @brief       Implementation of external libcynara-admin API
  21  */
  22
  23 #include <map>
  24 #include <new>
  25 #include <string>
  26 #include <vector>
  27
  28 #include <common.h>
  29 #include <log/log.h>
  30 #include <types/Policy.h>
  31 #include <types/PolicyBucket.h>
  32 #include <types/PolicyBucketId.h>
  33 #include <types/PolicyKey.h>
  34 #include <types/PolicyResult.h>
  35 #include <types/PolicyType.h>
  36
  37 #include <cynara-admin.h>
  38 #include <cynara-admin-error.h>
  39
  40 #include <api/ApiInterface.h>
  41 #include <logic/Logic.h>
  42
  43 struct cynara_admin {
  44     Cynara::ApiInterface *impl;
  45
  46     cynara_admin(Cynara::ApiInterface *_impl) : impl(_impl) {
  47     }
  48     ~cynara_admin() {
  49         delete impl;
  50     }
  51 };
  52
  53 CYNARA_API
  54 int cynara_admin_initialize(struct cynara_admin **pp_cynara_admin) {
  55     if (!pp_cynara_admin)
  56         return CYNARA_ADMIN_API_INVALID_PARAM;
  57
  58     try {
  59         *pp_cynara_admin = new cynara_admin(new Cynara::Logic);
  60     } catch (const std::bad_alloc &ex) {
  61         return CYNARA_ADMIN_API_OUT_OF_MEMORY;
  62     }
  63
  64     init_log();
  65
  66     LOGD("Cynara admin initialized");
  67
  68     return CYNARA_ADMIN_API_SUCCESS;
  69 }
  70
  71 CYNARA_API
  72 int cynara_admin_finish(struct cynara_admin *p_cynara_admin) {
  73     delete p_cynara_admin;
  74
  75     return CYNARA_ADMIN_API_SUCCESS;
  76 }
  77
  78 CYNARA_API
  79 int cynara_admin_set_policies(struct cynara_admin *p_cynara_admin,
  80                               const struct cynara_admin_policy *const *policies) {
  81     if (!p_cynara_admin || !p_cynara_admin->impl)
  82         return CYNARA_ADMIN_API_INVALID_PARAM;
  83     if (!policies)
  84         return CYNARA_ADMIN_API_INVALID_PARAM;
  85
  86     std::map<Cynara::PolicyBucketId, std::vector<Cynara::Policy>> insertOrUpdate;
  87     std::map<Cynara::PolicyBucketId, std::vector<Cynara::PolicyKey>> remove;
  88
  89     auto key = ([](const cynara_admin_policy *policy)->Cynara::PolicyKey {
  90         std::string wildcard(CYNARA_ADMIN_WILDCARD);
  91
  92         auto feature = ([&wildcard] (const char *str)->Cynara::PolicyKeyFeature {
  93             if (wildcard.compare(str))
  94                 return Cynara::PolicyKeyFeature::create(str);
  95             else
  96                 return Cynara::PolicyKeyFeature::createWildcard();
  97         });
  98
  99         return Cynara::PolicyKey(feature(policy->client), feature(policy->user),
 100                                  feature(policy->privilege));
 101     });
 102
 103     try {
 104         for (auto i = policies; *i; i++) {
 105             const cynara_admin_policy *policy = *i;
 106             if(!policy->bucket || !policy->client || !policy->user || !policy->privilege)
 107                 return CYNARA_ADMIN_API_INVALID_PARAM;
 108
 109             switch (policy->result) {
 110                 case CYNARA_ADMIN_DELETE:
 111                     remove[policy->bucket].push_back(key(policy));
 112                     break;
 113                 case CYNARA_ADMIN_DENY:
 114                     insertOrUpdate[policy->bucket].push_back(Cynara::Policy(key(policy),
 115                                                         Cynara::PredefinedPolicyType::DENY));
 116                     break;
 117                 case CYNARA_ADMIN_ALLOW:
 118                     insertOrUpdate[policy->bucket].push_back(Cynara::Policy(key(policy),
 119                                                         Cynara::PredefinedPolicyType::ALLOW));
 120                     break;
 121                 case CYNARA_ADMIN_BUCKET:
 122                     if (!policy->result_extra)
 123                         return CYNARA_ADMIN_API_INVALID_PARAM;
 124                     insertOrUpdate[policy->bucket].push_back(Cynara::Policy(key(policy),
 125                                                         Cynara::PolicyResult(
 126                                                         Cynara::PredefinedPolicyType::BUCKET,
 127                                                         policy->result_extra)));
 128                     break;
 129                 case CYNARA_ADMIN_NONE:
 130                 default:
 131                     return CYNARA_ADMIN_API_INVALID_PARAM;
 132             }
 133         }
 134     } catch (const std::bad_alloc &ex) {
 135         return CYNARA_ADMIN_API_OUT_OF_MEMORY;
 136     }
 137
 138     return p_cynara_admin->impl->setPolicies(insertOrUpdate, remove);
 139 }
 140
 141 CYNARA_API
 142 int cynara_admin_set_bucket(struct cynara_admin *p_cynara_admin, const char *bucket,
 143                             int operation, const char *extra) {
 144     if (!p_cynara_admin || !p_cynara_admin->impl)
 145         return CYNARA_ADMIN_API_INVALID_PARAM;
 146     if (!bucket)
 147         return CYNARA_ADMIN_API_INVALID_PARAM;
 148
 149     std::string extraStr;
 150     try {
 151          extraStr = extra ? extra : "";
 152     } catch (const std::bad_alloc &ex) {
 153         return CYNARA_ADMIN_API_OUT_OF_MEMORY;
 154     }
 155     switch (operation) {
 156         case CYNARA_ADMIN_DELETE:
 157             return p_cynara_admin->impl->removeBucket(bucket);
 158         case CYNARA_ADMIN_DENY:
 159             return p_cynara_admin->impl->insertOrUpdateBucket(bucket,
 160                 Cynara::PolicyResult(Cynara::PredefinedPolicyType::DENY, extraStr));
 161         case CYNARA_ADMIN_ALLOW:
 162             return p_cynara_admin->impl->insertOrUpdateBucket(bucket,
 163                 Cynara::PolicyResult(Cynara::PredefinedPolicyType::ALLOW, extraStr));
 164         case CYNARA_ADMIN_NONE:
 165             if (bucket != Cynara::defaultPolicyBucketId) {
 166                 return p_cynara_admin->impl->insertOrUpdateBucket(bucket,
 167                     Cynara::PolicyResult(Cynara::PredefinedPolicyType::NONE));
 168             }
 169             return CYNARA_ADMIN_API_OPERATION_NOT_ALLOWED;
 170         case CYNARA_ADMIN_BUCKET:
 171         default:
 172             return CYNARA_ADMIN_API_INVALID_PARAM;
 173     }
 174 }
 175
 176 CYNARA_API
 177 int cynara_admin_check(struct cynara_admin *p_cynara_admin,
 178                        const char *start_bucket, const int recursive UNUSED,
 179                        const char *client, const char *user, const char *privilege,
 180                        int *result, char **result_extra) {
 181     if (!p_cynara_admin || !p_cynara_admin->impl)
 182         return CYNARA_ADMIN_API_INVALID_PARAM;
 183     if (!start_bucket)
 184         return CYNARA_ADMIN_API_INVALID_PARAM;
 185     if (!client || !user || !privilege)
 186         return CYNARA_ADMIN_API_INVALID_PARAM;
 187     if (!result || !result_extra)
 188         return CYNARA_ADMIN_API_INVALID_PARAM;
 189
 190     //just mock-up
 191     return CYNARA_ADMIN_API_SUCCESS;
 192 }