%files -n libcynara-commons-devel
%{_includedir}/cynara/cynara-policy-types.h
+%{_includedir}/cynara/plugin/ExternalPluginInterface.h
%{_includedir}/cynara/types/PolicyResult.h
%{_includedir}/cynara/types/PolicyType.h
%{_libdir}/libcynara-commons.so
%files -n libcynara-plugin-devel
%{_includedir}/cynara/cynara-plugin.h
+%{_includedir}/cynara/cynara-client-plugin.h
%{_libdir}/pkgconfig/cynara-plugin.pc
%files -n cynara-tests
m_cache = std::make_shared<CapacityCache>();
auto naiveInterpreter = std::make_shared<NaiveInterpreter>();
- m_cache->registerPlugin(PredefinedPolicyType::ALLOW, naiveInterpreter);
- m_cache->registerPlugin(PredefinedPolicyType::DENY, naiveInterpreter);
+ for (auto &type : naiveInterpreter->getSupportedPolicyTypes()) {
+ m_cache->registerPlugin(type, naiveInterpreter);
+ }
}
Logic::~Logic() {
SET(LIB_CYNARA_COMMON_SOURCES
${LIB_CYNARA_COMMON_PATH}/cache/CapacityCache.cpp
+ ${LIB_CYNARA_COMMON_PATH}/plugins/NaiveInterpreter.cpp
)
ADD_DEFINITIONS("-fvisibility=default")
#include <string>
#include <cynara-client.h>
-#include <plugins/PluginInterface.h>
+#include <cynara-client-plugin.h>
#include <types/ClientSession.h>
#include <types/PolicyKey.h>
#include <types/PolicyResult.h>
const PolicyKey &key,
const PolicyResult &result) = 0;
- void registerPlugin(const PolicyType policyType, InterpreterInterfacePtr plugin) {
+ void registerPlugin(const PolicyType policyType, ClientPluginInterfacePtr plugin) {
m_plugins[policyType] = plugin;
}
virtual ~PluginCache() {};
protected:
- std::map<PolicyType, InterpreterInterfacePtr> m_plugins;
+ std::map<PolicyType, ClientPluginInterfacePtr> m_plugins;
};
} // namespace Cynara
}
//Is it still usable?
- InterpreterInterfacePtr plugin = pluginIt->second;
+ ClientPluginInterfacePtr plugin = pluginIt->second;
auto &prevSession = std::get<1>(cachedValue);
auto usageIt = std::get<2>(cachedValue);
bool updateSession = false;
--- /dev/null
+/*
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/**
+ * @file src/client-common/plugins/NaiveInterpreter.cpp
+ * @author Zofia Abramowska <z.abramowska@samsung.com>
+ * @version 1.0
+ * @brief This file contains NaiveInterpreter supported types definition.
+ */
+
+#include <plugins/NaiveInterpreter.h>
+
+namespace Cynara {
+
+ const std::vector<PolicyType> NaiveInterpreter::s_supportedTypes =
+ {PredefinedPolicyType::ALLOW, PredefinedPolicyType::DENY};
+
+}
namespace Cynara {
-class NaiveInterpreter : public InterpreterInterface {
+class NaiveInterpreter : public ClientPluginInterface {
+public:
bool isUsable(const ClientSession &session UNUSED, const ClientSession &prevSession UNUSED,
bool &updateSession UNUSED, PolicyResult &result UNUSED) {
return true;
else
return CYNARA_API_ACCESS_DENIED;
}
+
+ const std::vector<PolicyType> &getSupportedPolicyTypes(void) {
+ return s_supportedTypes;
+ }
+private:
+ static const std::vector<PolicyType> s_supportedTypes;
};
} // namespace Cynara
+++ /dev/null
-/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-/**
- * @file src/client-common/plugins/PluginInterface.h
- * @author Zofia Abramowska <z.abramowska@samsung.com>
- * @version 1.0
- * @brief This file contains plugin interface definitions.
- */
-
-#ifndef SRC_CLIENT_COMMON_PLUGINS_PLUGININTERFACE_H_
-#define SRC_CLIENT_COMMON_PLUGINS_PLUGININTERFACE_H_
-
-#include <memory>
-
-#include <types/ClientSession.h>
-#include <types/PolicyResult.h>
-
-namespace Cynara {
-
-class InterpreterInterface;
-typedef std::shared_ptr<InterpreterInterface> InterpreterInterfacePtr;
-
-class InterpreterInterface {
-public:
- virtual bool isCacheable(const ClientSession &session, const PolicyResult &result) = 0;
- virtual bool isUsable(const ClientSession &session, const ClientSession &prevSession,
- bool &updateSession, PolicyResult &result) = 0;
- virtual int toResult(const ClientSession &session, PolicyResult &result) = 0;
-
- virtual ~InterpreterInterface() {};
-};
-
-} // namespace Cynara
-
-#endif // SRC_CLIENT_COMMON_PLUGINS_PLUGININTERFACE_H_
std::make_shared<ProtocolClient>());
m_cache = std::make_shared<CapacityCache>();
auto naiveInterpreter = std::make_shared<NaiveInterpreter>();
- m_cache->registerPlugin(PredefinedPolicyType::ALLOW, naiveInterpreter);
- m_cache->registerPlugin(PredefinedPolicyType::DENY, naiveInterpreter);
- m_cache->registerPlugin(PredefinedPolicyType::BUCKET, naiveInterpreter);
+ for (auto &type : naiveInterpreter->getSupportedPolicyTypes()) {
+ m_cache->registerPlugin(type, naiveInterpreter);
+ }
}
int Logic::check(const std::string &client, const ClientSession &session, const std::string &user,
${COMMON_PATH}/types/PolicyType.h
DESTINATION ${INCLUDE_INSTALL_DIR}/cynara/types
)
+INSTALL(FILES
+ ${COMMON_PATH}/plugin/ExternalPluginInterface.h
+ DESTINATION ${INCLUDE_INSTALL_DIR}/cynara/plugin
+ )
--- /dev/null
+/*
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file src/common/plugin/ExternalPluginInterface.h
+ * @author Zofia Abramowska <z.abramowska@samsung.com>
+ * @version 1.0
+ * @brief This file defines cynara side external plugin interface
+ */
+
+#ifndef SRC_COMMON_PLUGIN_EXTERNALPLUGININTERFACE_H_
+#define SRC_COMMON_PLUGIN_EXTERNALPLUGININTERFACE_H_
+
+#include <vector>
+
+#include <types/PolicyType.h>
+
+namespace Cynara {
+
+class ExternalPluginInterface;
+
+/**
+ * Type of function used for creating objects implementing ExternalPluginInterface.
+ * Inside plugin library function with create_t signature should have symbol
+ * named "create".
+ */
+typedef ExternalPluginInterface *(*create_t)(void);
+
+/**
+ * Type of function used for destroying objects created with "create".
+ * Inside plugin library function with destroy_t signature should have symbol
+ * named "destroy".
+ */
+typedef void (*destroy_t)(ExternalPluginInterface *);
+
+class ExternalPluginInterface {
+public:
+
+ /**
+ * Policy type supported by plugin.
+ */
+ virtual const std::vector<PolicyType> &getSupportedPolicyTypes(void) = 0;
+ virtual ~ExternalPluginInterface() {}
+};
+
+} // namespace Cynara
+
+#endif /* SRC_COMMON_PLUGIN_EXTERNALPLUGININTERFACE_H_ */
${CYNARA_PATH}/include/cynara-admin-types.h
${CYNARA_PATH}/include/cynara-client.h
${CYNARA_PATH}/include/cynara-client-async.h
+ ${CYNARA_PATH}/include/cynara-client-plugin.h
${CYNARA_PATH}/include/cynara-creds-commons.h
${CYNARA_PATH}/include/cynara-creds-dbus.h
${CYNARA_PATH}/include/cynara-creds-socket.h
--- /dev/null
+/*
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/**
+ * @file src/include/cynara-client-plugin.h
+ * @author Zofia Abramowska <z.abramowska@samsung.com>
+ * @version 1.0
+ * @brief This file defines cynara client side of external plugin interface -
+ * ClientPluginInterface.
+ */
+
+#ifndef CYNARACLIENTPLUGIN_H_
+#define CYNARACLIENTPLUGIN_H_
+
+#include <memory>
+
+#include <plugin/ExternalPluginInterface.h>
+#include <types/ClientSession.h>
+#include <types/PolicyResult.h>
+
+namespace Cynara {
+
+class ClientPluginInterface;
+typedef std::shared_ptr<ClientPluginInterface> ClientPluginInterfacePtr;
+
+/**
+ * A class defining external plugins interface.
+ * These plugins work inside of cynara client library. They interpret
+ * PolicyResult returned by cynara in terms of:
+ * a) cacheability - tells, whether value should be cached (for e.g. policyType like
+ * ALLOW_ONCE should not be cached)
+ * b) usability - whether cache entry can still be used (for e.g. policy allowing access for
+ * given type)
+ * c) value - translates PolicyResult to CYNARA_API_ACCESS_ALLOWED or CYNARA_API_ACCESS_DENIED
+ *
+ * Plugin implementing ClientPluginInterface must implement ExternalPluginInterface.
+ * Creation/destruction functions with signatures compatible to Cynara::create_t and
+ * Cynara::destroy_t must be provided as factories of ClientPluginInterface.
+ */
+class ClientPluginInterface : public ExternalPluginInterface {
+public:
+
+ /**
+ * Return entry cacheability
+ */
+ virtual bool isCacheable(const ClientSession &session, const PolicyResult &result) = 0;
+ /**
+ * Return entry cacheability
+ */
+ virtual bool isUsable(const ClientSession &session, const ClientSession &prevSession,
+ bool &updateSession, PolicyResult &result) = 0;
+ /**
+ * Translate PolicyResult to CYNARA_API_ACCESS_ALLOWED or CYNARA_API_ACCESS_DENIED
+ */
+ virtual int toResult(const ClientSession &session, PolicyResult &result) = 0;
+
+ virtual ~ClientPluginInterface() {};
+};
+
+}
+
+#endif // CYNARACLIENTPLUGIN_H_
* @file src/include/cynara-plugin.h
* @author Zofia Abramowska <z.abramowska@samsung.com>
* @version 1.0
- * @brief This file defines cynara side external plugin interface
+ * @brief This file defines cynara service side of external plugin interface -
+ * ServicePluginInterface
*/
#ifndef CYNARA_PLUGIN_H_
#include <string>
#include <vector>
+#include <plugin/ExternalPluginInterface.h>
#include <types/PolicyResult.h>
#include <types/PolicyType.h>
namespace Cynara {
-class ExternalPluginInterface;
-
-/**
- * Type of function used for creating objects implementing ExternalPluginInterface.
- * Inside plugin library function with create_t signature should have symbol
- * named "create".
- */
-typedef ExternalPluginInterface *(*create_t)(void);
-/**
- * Type of function used for destroying objects created with "create".
- * Inside plugin library function with destroy_t signature should have symbol
- * named "destroy".
- */
-typedef void (*destroy_t)(ExternalPluginInterface *);
-
-// These typedefs will be defined in external headers
+//These typedefs will be defined in external headers
typedef std::string PluginData;
typedef std::string AgentType;
-typedef std::vector<PolicyType> PolicyTypes;
+
+class ServicePluginInterface;
+typedef std::shared_ptr<ServicePluginInterface> ServicePluginInterfacePtr;
/**
* A class defining external plugins interface.
* response through check instantly or require communication
* with given type of agent. Agent must be registered through
* cynara-agent API.
+ *
+ * Plugin implementing ServicePluginInterface must implement ExternalPluginInterface.
+ * Creation/destruction functions with signatures compatible to Cynara::create_t and
+ * Cynara::destroy_t must be provided as factories of ServicePluginInterface.
*/
-class ExternalPluginInterface {
+class ServicePluginInterface : public ExternalPluginInterface {
public:
/**
* Enum indicating status of calling plugin method.
};
/**
- * Policy type supported by plugin.
- */
- virtual PolicyTypes getSupportedPolicyTypes(void) = 0;
-
- /**
* Asks plugin, what kind of permission does client, user and privilege has.
*
* @param[in] client
const std::string &privilege, const PluginData &agentData,
PolicyResult &result) noexcept = 0;
- virtual ~ExternalPluginInterface() {};
+ virtual ~ServicePluginInterface() {};
};
* @brief This file implements main class of logic layer in cynara service
*/
+#include <signal.h>
+
#include <log/log.h>
#include <common.h>
#include <exceptions/BucketNotExistsException.h>
#include <exceptions/InvalidBucketIdException.h>
#include <exceptions/PluginErrorException.h>
#include <exceptions/PluginNotFoundException.h>
+#include <exceptions/UnexpectedErrorException.h>
-#include <signal.h>
+#include <cynara-plugin.h>
#include <main/Cynara.h>
#include <request/AdminCheckRequest.h>
#include <response/CancelResponse.h>
#include <response/CheckResponse.h>
#include <response/CodeResponse.h>
-#include <storage/Storage.h>
-
#include <sockets/SocketManager.h>
+#include <storage/Storage.h>
#include "Logic.h"
throw PluginNotFoundException(result);
}
+ ServicePluginInterfacePtr servicePlugin =
+ std::dynamic_pointer_cast<ServicePluginInterface>(plugin);
+ if (!plugin) {
+ throw PluginNotFoundException(result);
+ }
+
AgentType requiredAgent;
PluginData pluginData;
- auto ret = plugin->check(key.client().toString(), key.user().toString(),
- key.privilege().toString(), result, requiredAgent, pluginData);
+ auto ret = servicePlugin->check(key.client().toString(), key.user().toString(),
+ key.privilege().toString(), result, requiredAgent, pluginData);
switch (ret) {
- case ExternalPluginInterface::PluginStatus::ANSWER_READY:
+ case ServicePluginInterface::PluginStatus::ANSWER_READY:
return true;
- case ExternalPluginInterface::PluginStatus::ANSWER_NOTREADY:
+ case ServicePluginInterface::PluginStatus::ANSWER_NOTREADY:
//todo send request to agent
//context should be saved in plugin in order to return answer when ready
return false;
return;
}
- PolicyTypes policies = pluginPtr->getSupportedPolicyTypes();
+ auto policies = pluginPtr->getSupportedPolicyTypes();
if (policies.empty()) {
LOGE("Plugin <%s> does not support any type!", path.c_str());
return;
#include <memory>
#include <string>
-#include <cynara-plugin.h>
+#include <plugin/ExternalPluginInterface.h>
namespace Cynara {
typedef std::shared_ptr<ExternalPluginInterface> ExternalPluginPtr;
projects / platform / core / security / cynara.git / commitdiff