#include "own_tree.hpp"
-#include "print_content.hpp"
#include <boost/tokenizer.hpp>
#include <unordered_map>
#include <deque>
__root->add(tokens, item.getDecision(), item.isPrefix());
}
-DecisionItem OwnershipTree::getDecisionItem(const MatchItemOwn& item) const
-{
- if (item.getName().length() == 0) {
- return Decision::DENY;
- }
-
- auto tokens = tokenize(item.getName());
- return __root->getDecisionItem(tokens);
-}
-
-void OwnershipTree::printTreeLevel(const TreeNode& node, const std::string& indent) const
-{
- std::cerr << indent << "| " << node.__token << " (" << node.__children.size() << ") | "
- << node.__own_decision_item << " " << node.__own_prefix_decision_item << std::endl;
-
- for (const auto& i : node.__children)
- printTreeLevel(*i.second, indent + "\t");
-}
-
-void OwnershipTree::printTree() const
-{
- printTreeLevel(*__root, "");
-}
-
-size_t OwnershipTree::getSize() const
-{
- return __root->getSize();
-}
-
-
TreeNode::TreeNode(std::string token)
:__token(token), __own_prefix_decision_item(Decision::ANY), __own_decision_item(Decision::ANY)
{}
it->second->add(tokens, decision, is_prefix);
}
-size_t TreeNode::getSize() const
-{
- size_t size = sizeof(*this) + get_string_heap_allocated_memory(__token) + __own_decision_item.getSize()
- + __own_prefix_decision_item.getSize();
-
- for (const auto& i : __children)
- size += sizeof(i) + get_string_heap_allocated_memory(i.first) + i.second->getSize();
-
- return size;
-}
-
void TreeNode::setDecisionItem(const DecisionItem& decision, const bool is_prefix)
{
if (is_prefix) {
const std::unordered_map<std::string, std::shared_ptr<TreeNode>> &TreeNode::getChildren() const {
return __children;
}
-
-DecisionItem TreeNode::getDecisionItem(std::deque<std::string>& tokens) const
-{
- if (tokens.empty()) {
- if (__own_decision_item.getDecision() != Decision::ANY) {
- return __own_decision_item;
- } else {
- return __own_prefix_decision_item;
- }
- }
-
- const auto& token = tokens.front();
- auto it = __children.find(token);
- if (it == __children.end()) {
- return __own_prefix_decision_item;
- }
- assert(it != __children.end());
- tokens.pop_front();
-
- DecisionItem child_decision = it->second->getDecisionItem(tokens);
- if (child_decision.getDecision() == Decision::ANY) {
- return __own_prefix_decision_item;
- }
- return child_decision;
-}
#pragma once
-#include "tslog.hpp"
#include "policy.hpp"
#include "own_tree.hpp"
-#include "print_content.hpp"
#include <vector>
namespace ldp_xml_parser {
protected:
/** Vector with policy items */
std::vector<TI> m_items;
- typedef typename decltype(m_items)::const_reverse_iterator PolicyConstIterator;
- PolicyConstIterator begin() const { return m_items.rbegin(); }
- PolicyConstIterator end() const { return m_items.rend(); }
public:
typedef TI item_type;
*/
void addItem(TI &item) { m_items.push_back(std::move(item)); }
- void printContent() const {
- for (const auto& i : m_items)
- std::cerr << i << std::endl;
- }
-
- size_t getSize() const {
- size_t size = m_items.capacity() * sizeof(typename decltype(m_items)::value_type);
- for (const auto& i : m_items)
- size += i.getSize();
- return size;
- }
-
const std::vector<TI> &getItems() const { return m_items; }
};
-/****************** PolicySRBase: a base for send/receive policies ************************/
-/** Class containing policy with send/receive rules */
-template <typename TI>
-class PolicySRBase : public PolicyBase<TI> {
-public:
- DecisionItem getDecisionItem(const typename TI::match_type &item) const {
- for (auto &i : *this) {
- tslog::log_verbose("-read: ", i.getDecision(), " ", i, "\n");
-
- if (item.match(i.getType(), i.getInterface(), i.getPath(),
- i.getMember(), i.getName(), i.isNamePrefix())) {
- tslog::log_verbose("-matched: ", i.getDecision(), " ", i, "\n");
-
- return i.getDecision();
- }
- }
- return Decision::ANY;
- }
-};
-
-/****************** PolicySend ************************/
-class PolicySend : public PolicySRBase<ItemSend> {
-public:
- static constexpr const char *name = "send";
-};
-
-/****************** PolicyReceive ************************/
-class PolicyReceive : public PolicySRBase<ItemReceive> {
-public:
- static constexpr const char *name = "receive";
-};
-
-/****************** PolicyAccess ************************/
-class PolicyAccess : public PolicyBase<ItemAccess> {
-public:
- static constexpr const char *name = "access";
- DecisionItem getDecisionItem(const typename item_type::match_type &item) const {
- for (auto i : *this) {
- if (item.match(i.getType(), i.getUid(), i.getGid())) {
- return i.getDecision();
- }
- }
- return Decision::ANY;
- }
-};
+using PolicySend = PolicyBase<ItemSend>;
+using PolicyReceive = PolicyBase<ItemReceive>;
+using PolicyAccess = PolicyBase<ItemAccess>;
/****************** PolicyOwn ************************/
/** Class containing policy with ownership rules */
*/
void addItem(const ItemOwn &item) { ownership_tree.addItem(item); }
- DecisionItem getDecisionItem(const MatchItemOwn& item) const {
- return ownership_tree.getDecisionItem(item);
- }
-
- void printContent() const { ownership_tree.printTree(); }
-
- size_t getSize() const { return ownership_tree.getSize(); }
const OwnershipTree &getTree() const { return ownership_tree; };
-
- static constexpr const char *name = "own";
};
}
#include "storage_backend_xml.hpp"
#include "policy_containers.hpp"
#include "xml_parser.hpp"
+#include "tslog.hpp"
+#include "print_content.hpp"
+
+#include <cassert>
using namespace ldp_xml_parser;
template <typename T>
void addItemGroup(gid_t gid, T &item) { group[gid].addItem(item); }
- void printContent() const {
- for (const auto& i : user) {
- std::cerr << "user: " << i.first << std::endl;
- i.second.printContent();
- }
-
- for (const auto& i : group) {
- std::cerr << "group: " << i.first << std::endl;
- i.second.printContent();
- }
- }
-
- size_t getSize() const {
- size_t size = user.size() * sizeof(typename decltype(user)::value_type);
- for (const auto& i : user)
- size += i.second.getSize();
-
- size += group.size() * sizeof(typename decltype(group)::value_type);
- for (const auto& i : group)
- size += i.second.getSize();
- return size;
- }
-
public:
- const P *getPolicyUser(uid_t uid) const {
- tslog::log("---policy_type = USER =", uid, "\n");
-
- auto it = user.find(uid);
- if (it == user.end()) {
- tslog::log_verbose("GetPolicy: Out of Range exception\n");
- return nullptr;
- }
- return &(it->second);
- }
-
- const P *getPolicyGroup(gid_t gid) const {
- tslog::log("---policy_type = GROUP = ", gid, "\n");
-
- auto it = group.find(gid);
- if (it == group.end()) {
- tslog::log_verbose("GetPolicy: Out of Range exception\n");
- return nullptr;
- }
- return &(it->second);
- }
-
const std::map<uid_t, P> &getPoliciesUser() const { return user; }
const std::map<uid_t, P> &getPoliciesGroup() const { return group; }
};
template <typename T>
void addItemGroup(gid_t, T &) { assert(false); }
-
- void printContent() const {}
- size_t getSize() const { return 0; }
};
/****************** PolicySet ************************/
const P &getRefPolicyContextMandatory() const { return contextMandatory; }
const P &getRefPolicyContextDefault() const { return contextDefault; }
-
- const P *getPolicyContextMandatory() const {
- tslog::log("---policy_type = CONTEXT = MANDATORY\n");
- return &contextMandatory;
- }
-
- const P *getPolicyContextDefault() const {
- tslog::log("---policy_type = CONTEXT = DEFAULT\n");
- return &contextDefault;
- }
-
- void printSet() const {
- std::cerr << "context default" << std::endl;
- contextDefault.printContent();
- std::cerr << "context mandatory" << std::endl;
- contextMandatory.printContent();
-
- UG::printContent();
-
- std::cerr << "Memory consumption: " << getSetSize() << " B" << std::endl;
- }
-
- size_t getSetSize() const {
- size_t size = sizeof(*this);
-
- size += contextMandatory.getSize();
- size += contextDefault.getSize();
-
- size += UG::getSize();
- return size;
- }
};
/****************** StorageBackendXML ************************/
const typename MatchPolicy<T>::policy_set_type &getPolicySet() const;
template <typename T>
typename MatchPolicy<T>::policy_set_type &getPolicySet();
-
- template <typename T,
- typename P = typename MatchPolicy<T>::policy_type,
- typename PS = typename MatchPolicy<T>::policy_set_type,
- typename ...Args>
- DecisionItem getDecisionItem(const T &item,
- const P *(PS::*f)(Args ... args) const,
- Args ...args) const;
};
/* Tie MatchItems with proper policy sets.
* The below DEF_GET_POLICY_SET defines specialization for MatchPolicy<T> template,
* and a specialization of StorageBackendXMLImpl::getPolicySet template function
*
- * Specialization for MatchPolicy<T> provides field 'policy_type' which specifies
- * a type of policy used within 'field' parameter, and field 'policy_set_type'
+ * Specialization for MatchPolicy<T> provides field 'policy_set_type'
* which specifies a type of the 'field' parameter.
* Specialization of StorageBackendXMLImpl::getPolicySet returns the 'field'.
*
* For example: DEF_GET_POLICY_SET(MatchItemOwn, m_own_set) defines equivalent to
* MatchPolicy<MatchItemOwn> {
- * typedef PolicyOwn policy_type;
* typedef PolicySet<PolicyOwn> policy_set_type;
* }
* PolicySet<PolicyOwn> &getPolicySet<MatchItemOwn> const;
*
* Thanks to this construction we do not need to manually specify PolicyOwn in functions that
* know MatchItemOwn - it is inferred.
- *
*/
#define DEF_GET_POLICY_SET(T, field) \
template <> struct StorageBackendXML::StorageBackendXMLImpl::MatchPolicy<T> { \
- typedef decltype(field)::policy_type policy_type; \
typedef decltype(field) policy_set_type; \
}; \
template <> struct StorageBackendXML::StorageBackendXMLImpl::MatchPolicy<typename decltype(StorageBackendXML::StorageBackendXMLImpl::field)::policy_type> { \
#undef DEF_GET_POLICY_SET
-template <typename T, typename P, typename PS, typename ...Args>
-DecisionItem StorageBackendXML::StorageBackendXMLImpl::getDecisionItem(const T &item,
- const P *(PS::*f)(Args ... args) const,
- Args ...args) const
-{
- const auto &policySet = getPolicySet<T>();
- typedef typename std::remove_reference<decltype(policySet)>::type PolicySetType;
-
- auto policy = (policySet.*f)(args...);
- if (nullptr == policy)
- return Decision::ANY;
-
- tslog::log_verbose("Checking ", PolicySetType::policy_type::name, " policy for: ", item, "\n");
-
- return policy->getDecisionItem(item);
-}
-
template <typename T>
void StorageBackendXML::addItem(const ldp_xml_parser::PolicyType policy_type,
const ldp_xml_parser::PolicyTypeValue policy_type_value,
return parser.parsePolicyConfigFile() == 0;
}
-void StorageBackendXML::printContent() const {
- #define PRINT_SET(x) \
- std::cerr << std::endl << "----" #x "----" << std::endl; \
- (x).printSet();
-
- PRINT_SET(pimpl->m_own_set)
- PRINT_SET(pimpl->m_send_set)
- PRINT_SET(pimpl->m_receive_set)
- PRINT_SET(pimpl->m_access_set)
-
- #undef PRINT_SET
-}
-
template <typename T>
const T &StorageBackendXML::getPolicyContextMandatory() const {
return pimpl->getPolicySet<T>().getRefPolicyContextMandatory();
return pimpl->getPolicySet<T>().getPoliciesGroup();
}
-template <typename T>
-bool StorageBackendXML::existsPolicyForGroup(gid_t gid) const {
- return pimpl->getPolicySet<T>().getPolicyGroup(gid) != nullptr;
-}
-
-template <typename T>
-ldp_xml_parser::DecisionItem StorageBackendXML::getDecisionItemContextMandatory(const T &item) const {
- return pimpl->getDecisionItem<T>(item, &StorageBackendXMLImpl::MatchPolicy<T>::policy_set_type::getPolicyContextMandatory);
-}
-
-template <typename T>
-ldp_xml_parser::DecisionItem StorageBackendXML::getDecisionItemContextDefault(const T &item) const {
- return pimpl->getDecisionItem<T>(item, &StorageBackendXMLImpl::MatchPolicy<T>::policy_set_type::getPolicyContextDefault);
-}
-
-template <typename T>
-ldp_xml_parser::DecisionItem StorageBackendXML::getDecisionItemUser(uid_t uid, const T &item) const {
- return pimpl->getDecisionItem<T>(item, &StorageBackendXMLImpl::MatchPolicy<T>::policy_set_type::getPolicyUser, uid);
-}
-
-template <typename T>
-ldp_xml_parser::DecisionItem StorageBackendXML::getDecisionItemGroup(gid_t gid, const T &item) const {
- return pimpl->getDecisionItem<T>(item, &StorageBackendXMLImpl::MatchPolicy<T>::policy_set_type::getPolicyGroup, gid);
-}
-
StorageBackendXML::StorageBackendXML() : pimpl{new StorageBackendXMLImpl} {
}
/* Explicit instantiation is needed for used public template methods defined in this file.
*/
#define T_INSTANTIATION(T) \
- template ldp_xml_parser::DecisionItem StorageBackendXML::getDecisionItemContextMandatory(const MatchItem##T &item) const; \
- template ldp_xml_parser::DecisionItem StorageBackendXML::getDecisionItemContextDefault(const MatchItem##T &item) const; \
template void StorageBackendXML::addItem(const PolicyType policy_type, const PolicyTypeValue policy_type_value, Item##T &item); \
template const Policy##T &StorageBackendXML::getPolicyContextMandatory() const; \
template const Policy##T &StorageBackendXML::getPolicyContextDefault() const;
#undef T_INSTANTIATION
#define T_INSTANTIATION(T) \
- template bool StorageBackendXML::existsPolicyForGroup<MatchItem##T>(gid_t gid) const; \
- template ldp_xml_parser::DecisionItem StorageBackendXML::getDecisionItemUser(uid_t uid, const MatchItem##T &item) const; \
- template ldp_xml_parser::DecisionItem StorageBackendXML::getDecisionItemGroup(gid_t gid, const MatchItem##T &item) const; \
template const std::map<gid_t, Policy##T> &StorageBackendXML::getPoliciesGroup() const; \
template const std::map<uid_t, Policy##T> &StorageBackendXML::getPoliciesUser() const;