From 0552bff66f450d8fd66dda8ed10444b1150a9e20 Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Thu, 17 Jul 2014 14:38:56 +0200 Subject: [PATCH 01/16] Change cache interface and add simple implementations Change CacheInterface so it supports different plugins Implement naive plugin Implement class responsible for getting values from server Change-Id: I8ca21a65ec9b9dfcbc922270d2b1351797bbd92d --- src/client/CMakeLists.txt | 3 +- src/client/cache/CacheInterface.h | 55 +++++++++++---- src/client/cache/CapacityCache.cpp | 135 ++++++++++++++++++++++++++++++++++++ src/client/cache/CapacityCache.h | 69 ++++++++++++++++++ src/client/cache/NaiveInterpreter.h | 49 +++++++++++++ src/client/cache/NoCache.cpp | 39 ----------- src/client/cache/NoCache.h | 56 --------------- src/client/cache/PolicyGetter.cpp | 66 ++++++++++++++++++ src/client/cache/PolicyGetter.h | 54 +++++++++++++++ src/client/logic/Logic.cpp | 67 ++++-------------- src/client/logic/Logic.h | 5 +- src/common/types/PolicyResult.h | 1 + 12 files changed, 434 insertions(+), 165 deletions(-) create mode 100644 src/client/cache/CapacityCache.cpp create mode 100644 src/client/cache/CapacityCache.h create mode 100644 src/client/cache/NaiveInterpreter.h delete mode 100644 src/client/cache/NoCache.cpp delete mode 100644 src/client/cache/NoCache.h create mode 100644 src/client/cache/PolicyGetter.cpp create mode 100644 src/client/cache/PolicyGetter.h diff --git a/src/client/CMakeLists.txt b/src/client/CMakeLists.txt index 72db5f1..4431556 100644 --- a/src/client/CMakeLists.txt +++ b/src/client/CMakeLists.txt @@ -23,7 +23,8 @@ SET(CYNARA_LIB_CYNARA_PATH ${CYNARA_PATH}/client) SET(LIB_CYNARA_SOURCES ${CYNARA_LIB_CYNARA_PATH}/api/client-api.cpp - ${CYNARA_LIB_CYNARA_PATH}/cache/NoCache.cpp + ${CYNARA_LIB_CYNARA_PATH}/cache/CapacityCache.cpp + ${CYNARA_LIB_CYNARA_PATH}/cache/PolicyGetter.cpp ${CYNARA_LIB_CYNARA_PATH}/logic/Logic.cpp ) diff --git a/src/client/cache/CacheInterface.h b/src/client/cache/CacheInterface.h index acfbd7e..22c4cb9 100644 --- a/src/client/cache/CacheInterface.h +++ b/src/client/cache/CacheInterface.h @@ -16,37 +16,66 @@ /* * @file CacheInterface.h * @author Lukasz Wojciechowski + * @author Zofia Abramowska * @version 1.0 - * @brief This file contains cache interface definition. + * @brief This file contains cache interface definitions. */ #ifndef SRC_CLIENT_CACHE_CACHEINTERFACE_H_ #define SRC_CLIENT_CACHE_CACHEINTERFACE_H_ +#include #include #include +#include #include #include - -#include +#include namespace Cynara { -class CacheInterface; -typedef std::shared_ptr CacheInterfacePtr; +class InterpreterInterface; +typedef std::shared_ptr InterpreterInterfacePtr; + +class PluginCache; +typedef std::shared_ptr PluginCachePtr; + +class ResultGetterInterface; +typedef std::shared_ptr ResultGetterInterfacePtr; + +class ResultGetterInterface { +public: + virtual cynara_api_result requestResult(const PolicyKey &key, PolicyResult &result) noexcept = 0; + virtual ~ResultGetterInterface() = default; +}; + +class InterpreterInterface { +public: + virtual bool isCacheable(const PolicyResult &result) noexcept = 0; + virtual bool isUsable(const PolicyResult &result) noexcept = 0; + virtual cynara_api_result toResult(const PolicyResult &result) noexcept = 0; + + virtual ~InterpreterInterface() = default; +}; -class CacheInterface { +class PluginCache { public: - CacheInterface() = default; - virtual ~CacheInterface() = default; + PluginCache(ResultGetterInterfacePtr getter) : m_getter(getter) {} + virtual cynara_api_result get(const std::string &session, const PolicyKey &key) = 0; + void registerPlugin(const PolicyType policyType, InterpreterInterfacePtr plugin) { + m_plugins[policyType] = plugin; + } + virtual void clear(void) { + m_plugins.clear(); + } + virtual ~PluginCache() = default; - virtual cynara_api_result check(const std::string &session, const PolicyKey &key) = 0; - virtual cynara_api_result updateAndCheck(const std::string &session, const PolicyKey &key, - const PolicyResult &result) = 0; - virtual void clear(void) = 0; +protected: + std::map m_plugins; + ResultGetterInterfacePtr m_getter; }; } // namespace Cynara -#endif /* SRC_CLIENT_CACHE_CACHEINTERFACE_H_ */ +#endif // SRC_CLIENT_CACHE_CACHEINTERFACE_H_ diff --git a/src/client/cache/CapacityCache.cpp b/src/client/cache/CapacityCache.cpp new file mode 100644 index 0000000..6b9f48e --- /dev/null +++ b/src/client/cache/CapacityCache.cpp @@ -0,0 +1,135 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file CapacityCache.cpp + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains capacity cache implementation. + */ + +#include + +#include + +#include + +namespace Cynara { + +cynara_api_result CapacityCache::get(const std::string &session, const PolicyKey &key) { + //This can be very time heavy. This part is welcomed to be optimized. + if (session != m_session) { + LOGD("Session changed from %s to %s.", m_session.c_str(), session.c_str()); + m_keyValue.clear(); + m_keyUsage.clear(); + m_session = session; + } + auto resultIt = m_keyValue.find(keyToString(key)); + //Do we have entry in cache? + if (resultIt == m_keyValue.end()) { + LOGD("No entry for client=%s user=%s privilege=%s.", + key.client().toString().c_str(), + key.user().toString().c_str(), + key.privilege().toString().c_str()); + return update(key); + } else { + LOGD("Entry available for client=%s user=%s privilege=%s", + key.client().toString().c_str(), + key.user().toString().c_str(), + key.privilege().toString().c_str()); + + auto pluginIt = m_plugins.find(resultIt->second.first.policyType()); + if (pluginIt == m_plugins.end()) { + LOGE("No plugin registered for given PolicyType : %" PRIu16, + resultIt->second.first.policyType()); + return cynara_api_result::CYNARA_API_ACCESS_DENIED; + } + + //Is it still usable? + InterpreterInterfacePtr plugin = pluginIt->second; + if (plugin->isUsable(resultIt->second.first)) { + LOGD("Entry usable."); + m_keyUsage.splice(m_keyUsage.begin(), m_keyUsage, resultIt->second.second); + return plugin->toResult(resultIt->second.first); + } else { + //remove from list and map and update + LOGD("Entry not usable."); + auto usage_it = resultIt->second.second; + m_keyUsage.erase(usage_it); + m_keyValue.erase(resultIt); + return update(key); + } + } +} + +void CapacityCache::clear(void) { + m_keyUsage.clear(); + m_keyValue.clear(); + m_session.clear(); +} + +std::string CapacityCache::keyToString(const PolicyKey &key) { + const char separator = '\1'; + auto clientStr = key.client().toString(); + auto privilegeStr = key.privilege().toString(); + auto userStr = key.user().toString(); + return clientStr + privilegeStr + userStr + separator + + std::to_string(clientStr.size()) + separator + + std::to_string(privilegeStr.size()) + separator + + std::to_string(userStr.size()); +} + +void CapacityCache::evict(void) { + + auto lastUsedKey = m_keyUsage.back(); + m_keyUsage.pop_back(); + + auto value_it = m_keyValue.find(lastUsedKey); + m_keyValue.erase(value_it); +} + +cynara_api_result CapacityCache::update(const PolicyKey &key) { + cynara_api_result ret; + PolicyResult result; + if ((ret = m_getter->requestResult(key, result)) != cynara_api_result::CYNARA_API_SUCCESS) { + LOGE("Error fetching new entry."); + return ret; + } + LOGD("Fetched new entry."); + auto pluginIt = m_plugins.find(result.policyType()); + + //No registered plugin for returned type of policy + if (pluginIt == m_plugins.end()) { + LOGE("No registered plugin for given PolicyType: %" PRIu16, + result.policyType()); + return cynara_api_result::CYNARA_API_ACCESS_DENIED; + } + auto plugin = pluginIt->second; + + if (m_capacity != 0) { + if (plugin->isCacheable(result)) { + LOGD("Entry cacheable"); + if (m_keyValue.size() == m_capacity) { + LOGD("Capacity reached."); + evict(); + } + m_keyUsage.push_front(keyToString(key)); + m_keyValue[keyToString(key)] = std::make_pair(result, m_keyUsage.begin()); + } + } + return plugin->toResult(result); +} + +} // namespace Cynara diff --git a/src/client/cache/CapacityCache.h b/src/client/cache/CapacityCache.h new file mode 100644 index 0000000..b5c4a1f --- /dev/null +++ b/src/client/cache/CapacityCache.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file CapacityCache.h + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains capacity cache header. + */ + +#ifndef SRC_CLIENT_CACHE_CAPACITYCACHE_H_ +#define SRC_CLIENT_CACHE_CAPACITYCACHE_H_ + +#include +#include + +#include + +namespace Cynara { + +class CapacityCache : public PluginCache { +public: + static const std::size_t CACHE_DEFAULT_CAPACITY = 10000; + + CapacityCache(ResultGetterInterfacePtr getter, + std::size_t capacity = CACHE_DEFAULT_CAPACITY) : + PluginCache(getter), + m_capacity(capacity) {} + + cynara_api_result get(const std::string &session, + const PolicyKey &key); + void clear(void); + +private: + typedef std::list KeyUsageList; + typedef std::map> KeyValueMap; + + static std::string keyToString(const PolicyKey &key); + void evict(void); + cynara_api_result update(const PolicyKey &key); + + std::size_t m_capacity; + std::string m_session; + + KeyUsageList m_keyUsage; + KeyValueMap m_keyValue; +}; + +} //namespace Cynara + +#endif // SRC_CLIENT_CACHE_CAPACITYCACHE_H_ + + + + diff --git a/src/client/cache/NaiveInterpreter.h b/src/client/cache/NaiveInterpreter.h new file mode 100644 index 0000000..6b96d4b --- /dev/null +++ b/src/client/cache/NaiveInterpreter.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file NaiveInterpreter.h + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains PolicyType naive interpreter implementation. + */ +#ifndef SRC_CLIENT_CACHE_NAIVEINTERPRETER_H_ +#define SRC_CLIENT_CACHE_NAIVEINTERPRETER_H_ + +#include +#include + +namespace Cynara { + +class NaiveInterpreter : public InterpreterInterface { + bool isUsable(const PolicyResult &result UNUSED) noexcept { + return true; + } + bool isCacheable(const PolicyResult &result UNUSED) noexcept { + return true; + } + cynara_api_result toResult(const PolicyResult &result) noexcept { + if (result.policyType() == PredefinedPolicyType::ALLOW) + return cynara_api_result::CYNARA_API_SUCCESS; + else + return cynara_api_result::CYNARA_API_ACCESS_DENIED; + } +}; + +} // namespace Cynara + +#endif // SRC_CLIENT_CACHE_NAIVEINTERPRETER_H_ + + diff --git a/src/client/cache/NoCache.cpp b/src/client/cache/NoCache.cpp deleted file mode 100644 index c9220e3..0000000 --- a/src/client/cache/NoCache.cpp +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ -/* - * @file NoCache.cpp - * @author Lukasz Wojciechowski - * @version 1.0 - * @brief This file contains implementation of NoCache class - stub for no-cache version - */ - -#include -#include - -#include "NoCache.h" - -namespace Cynara { - -cynara_api_result NoCache::updateAndCheck(const std::string &session UNUSED, - const PolicyKey &key UNUSED, - const PolicyResult &result) { - if (result.policyType() == PredefinedPolicyType::ALLOW) - return cynara_api_result::CYNARA_API_SUCCESS; - else - return cynara_api_result::CYNARA_API_ACCESS_DENIED; -} - -} // namespace Cynara diff --git a/src/client/cache/NoCache.h b/src/client/cache/NoCache.h deleted file mode 100644 index c4330b1..0000000 --- a/src/client/cache/NoCache.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ -/* - * @file NoCache.h - * @author Lukasz Wojciechowski - * @version 1.0 - * @brief This file contains definition of NoCache class - stub for no-cache version - */ - -#ifndef SRC_CLIENT_CACHE_NOCACHE_H_ -#define SRC_CLIENT_CACHE_NOCACHE_H_ - -#include - -#include -#include -#include - -#include -#include - -namespace Cynara { - -class NoCache : public CacheInterface { -public: - NoCache() = default; - virtual ~NoCache() = default; - - virtual cynara_api_result check(const std::string &session UNUSED, - const PolicyKey &key UNUSED) { - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; - } - - virtual cynara_api_result updateAndCheck(const std::string &session, const PolicyKey &key, - const PolicyResult &result); - - virtual void clear(void) { - } -}; - -} // namespace Cynara - -#endif /* SRC_CLIENT_CACHE_NOCACHE_H_ */ diff --git a/src/client/cache/PolicyGetter.cpp b/src/client/cache/PolicyGetter.cpp new file mode 100644 index 0000000..e383f9f --- /dev/null +++ b/src/client/cache/PolicyGetter.cpp @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file PolicyGetter.cpp + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains PolicyResult getter class implementation. + */ + +#include + +#include +#include +#include +#include +#include +#include + +#include + +namespace Cynara { + +cynara_api_result PolicyGetter::requestResult(const PolicyKey &key, PolicyResult &result) noexcept { + ProtocolFrameSequenceNumber sequenceNumber = generateSequenceNumber(); + + //Ask cynara service + CheckResponsePtr checkResponse; + try { + RequestPtr request = std::make_shared(key, sequenceNumber); + ResponsePtr response = m_socketClient->askCynaraServer(request); + if (!response) { + LOGW("Disconnected by cynara server."); + return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; + } + checkResponse = std::dynamic_pointer_cast(response); + if (!checkResponse) { + LOGC("Critical error. Casting Response to CheckResponse failed."); + return cynara_api_result::CYNARA_API_ACCESS_DENIED; + } + + LOGD("checkResponse: policyType = %" PRIu16 ", metadata = %s", + checkResponse->m_resultRef.policyType(), + checkResponse->m_resultRef.metadata().c_str()); + } catch (const ServerConnectionErrorException &ex) { + LOGE("Cynara service not available."); + return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; + } + + result = checkResponse->m_resultRef; + return cynara_api_result::CYNARA_API_SUCCESS; +} + +} // namespace Cynara diff --git a/src/client/cache/PolicyGetter.h b/src/client/cache/PolicyGetter.h new file mode 100644 index 0000000..fec6797 --- /dev/null +++ b/src/client/cache/PolicyGetter.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file PolicyGetter.h + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains Cynara PolicyResult getter implementation. + */ + +#ifndef SRC_CLIENT_CACHE_POLICYGETTER_H_ +#define SRC_CLIENT_CACHE_POLICYGETTER_H_ + +#include + +#include +#include + + +namespace Cynara { + +class PolicyGetter : public ResultGetterInterface { +public: + PolicyGetter(const SocketClientPtr &socketClient) : m_socketClient(socketClient) {} + cynara_api_result requestResult(const PolicyKey &key, PolicyResult &result) noexcept; + +private: + ProtocolFrameSequenceNumber generateSequenceNumber(void) { + static ProtocolFrameSequenceNumber sequenceNumber = 0; + return ++sequenceNumber; + } + + SocketClientPtr m_socketClient; +}; + +} //namespace Cynara + +#endif // SRC_CLIENT_CACHE_POLICYGETTER_H_ + + + + diff --git a/src/client/logic/Logic.cpp b/src/client/logic/Logic.cpp index ecdf34b..c2d9cb6 100644 --- a/src/client/logic/Logic.cpp +++ b/src/client/logic/Logic.cpp @@ -23,20 +23,14 @@ #include #include -#include -#include -#include #include #include -#include -#include -#include -#include #include #include -#include -#include +#include +#include +#include #include "Logic.h" namespace Cynara { @@ -44,56 +38,25 @@ namespace Cynara { const std::string clientSocketPath("/run/cynara/cynara.socket"); Logic::Logic() { - m_socketClient = std::make_shared(clientSocketPath, - std::make_shared()); - m_cache = std::make_shared(); + m_cache = std::make_shared( + std::make_shared( + std::make_shared(clientSocketPath, + std::make_shared()))); + auto naiveInterpreter = std::make_shared(); + m_cache->registerPlugin(PredefinedPolicyType::ALLOW, naiveInterpreter); + m_cache->registerPlugin(PredefinedPolicyType::DENY, naiveInterpreter); + m_cache->registerPlugin(PredefinedPolicyType::BUCKET, naiveInterpreter); } -ProtocolFrameSequenceNumber generateSequenceNumber(void) { - static ProtocolFrameSequenceNumber sequenceNumber = 0; - return ++sequenceNumber; -} - -cynara_api_result Logic::check(const std::string &client, const std::string &session UNUSED, +cynara_api_result Logic::check(const std::string &client, const std::string &session, const std::string &user, const std::string &privilege) noexcept { PolicyKey key(client, user, privilege); - auto cacheResponse = m_cache->check(session, key); - if(cacheResponse != cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE) - return cacheResponse; - - ProtocolFrameSequenceNumber sequenceNumber = generateSequenceNumber(); - - //Ask cynara service - CheckResponsePtr checkResponse; - try { - RequestPtr request = std::make_shared(key, sequenceNumber); - ResponsePtr response = m_socketClient->askCynaraServer(request); - if (!response) { - LOGW("Disconnected by cynara server."); - onDisconnected(); - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; - } - checkResponse = std::dynamic_pointer_cast(response); - if (!checkResponse) { - LOGC("Critical error. Casting Response to CheckResponse failed."); - throw UnexpectedErrorException("Error casting Response to CheckResponse"); - } - - LOGD("checkResponse: policyType = %d, metadata = %s", - (int)checkResponse->m_resultRef.policyType(), - checkResponse->m_resultRef.metadata().c_str()); - } catch (const ServerConnectionErrorException &ex) { - LOGE("Cynara service not available."); + auto ret = m_cache->get(session, key); + if (ret == cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE) onDisconnected(); - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; - } catch (const std::exception &ex) { - LOGE("Error during check of privilege: %s", ex.what()); - return cynara_api_result::CYNARA_API_ACCESS_DENIED; - } - - return m_cache->updateAndCheck(session, key, checkResponse->m_resultRef); + return ret; } void Logic::onDisconnected(void) { diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index 06950d8..b2eb486 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -25,8 +25,6 @@ #include -#include - #include #include @@ -34,8 +32,7 @@ namespace Cynara { class Logic : public ApiInterface { private: - SocketClientPtr m_socketClient; - CacheInterfacePtr m_cache; + PluginCachePtr m_cache; void onDisconnected(void); diff --git a/src/common/types/PolicyResult.h b/src/common/types/PolicyResult.h index a8febc2..a9369d8 100644 --- a/src/common/types/PolicyResult.h +++ b/src/common/types/PolicyResult.h @@ -34,6 +34,7 @@ public: typedef std::string PolicyMetadata; public: + PolicyResult() : m_type(PredefinedPolicyType::DENY) {} PolicyResult(const PolicyType &policyType) : m_type(policyType) {} PolicyResult(const PolicyType &policyType, const PolicyMetadata &metadata) : m_type(policyType), m_metadata(metadata) {} -- 2.7.4 From 9adc695c9985c4d8223a877eac8ee1fa8631f64e Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 15:12:14 +0200 Subject: [PATCH 02/16] Change enum to defines in libcynara-client This change makes client API functions compatible with return type. Change-Id: I3973b66e27060dbc4c9374840de5182bde314121 --- src/client/api/ApiInterface.h | 4 ++-- src/client/api/client-api.cpp | 12 ++++++------ src/client/cache/CacheInterface.h | 9 ++++++--- src/client/cache/CapacityCache.cpp | 12 ++++++------ src/client/cache/CapacityCache.h | 5 ++--- src/client/cache/NaiveInterpreter.h | 6 +++--- src/client/cache/PolicyGetter.cpp | 10 +++++----- src/client/cache/PolicyGetter.h | 2 +- src/client/logic/Logic.cpp | 6 +++--- src/client/logic/Logic.h | 4 ++-- src/include/cynara-client.h | 13 +++++-------- 11 files changed, 41 insertions(+), 42 deletions(-) diff --git a/src/client/api/ApiInterface.h b/src/client/api/ApiInterface.h index c9d6daa..f268508 100644 --- a/src/client/api/ApiInterface.h +++ b/src/client/api/ApiInterface.h @@ -33,8 +33,8 @@ public: ApiInterface() = default; virtual ~ApiInterface() = default; - virtual cynara_api_result check(const std::string &client, const std::string &session, - const std::string &user, const std::string &privilege) = 0; + virtual int check(const std::string &client, const std::string &session, + const std::string &user, const std::string &privilege) = 0; }; } // namespace Cynara diff --git a/src/client/api/client-api.cpp b/src/client/api/client-api.cpp index 8b34981..186e043 100644 --- a/src/client/api/client-api.cpp +++ b/src/client/api/client-api.cpp @@ -45,12 +45,12 @@ CYNARA_API int cynara_initialize(cynara **pp_cynara, const cynara_configuration *p_conf UNUSED) { if (!pp_cynara) - return cynara_api_result::CYNARA_API_INVALID_PARAM; + return CYNARA_API_INVALID_PARAM; try { *pp_cynara = new cynara(new Cynara::Logic); } catch (const std::bad_alloc &ex) { - return cynara_api_result::CYNARA_API_OUT_OF_MEMORY; + return CYNARA_API_OUT_OF_MEMORY; } init_log(); @@ -59,7 +59,7 @@ int cynara_initialize(cynara **pp_cynara, const cynara_configuration *p_conf UNU LOGD("Cynara client initialized"); - return cynara_api_result::CYNARA_API_SUCCESS; + return CYNARA_API_SUCCESS; } CYNARA_API @@ -67,7 +67,7 @@ int cynara_finish(cynara *p_cynara) { delete p_cynara; - return cynara_api_result::CYNARA_API_SUCCESS; + return CYNARA_API_SUCCESS; } CYNARA_API @@ -75,9 +75,9 @@ int cynara_check(cynara *p_cynara, const char *client, const char *client_sessio const char *privilege) { if(!p_cynara || !p_cynara->impl) - return cynara_api_result::CYNARA_API_INVALID_PARAM; + return CYNARA_API_INVALID_PARAM; if(!client || !client_session || !user || !privilege) - return cynara_api_result::CYNARA_API_INVALID_PARAM; + return CYNARA_API_INVALID_PARAM; return p_cynara->impl->check(client, client_session, user, privilege); } diff --git a/src/client/cache/CacheInterface.h b/src/client/cache/CacheInterface.h index 22c4cb9..f325a42 100644 --- a/src/client/cache/CacheInterface.h +++ b/src/client/cache/CacheInterface.h @@ -46,7 +46,7 @@ typedef std::shared_ptr ResultGetterInterfacePtr; class ResultGetterInterface { public: - virtual cynara_api_result requestResult(const PolicyKey &key, PolicyResult &result) noexcept = 0; + virtual int requestResult(const PolicyKey &key, PolicyResult &result) noexcept = 0; virtual ~ResultGetterInterface() = default; }; @@ -54,7 +54,7 @@ class InterpreterInterface { public: virtual bool isCacheable(const PolicyResult &result) noexcept = 0; virtual bool isUsable(const PolicyResult &result) noexcept = 0; - virtual cynara_api_result toResult(const PolicyResult &result) noexcept = 0; + virtual int toResult(const PolicyResult &result) noexcept = 0; virtual ~InterpreterInterface() = default; }; @@ -62,13 +62,16 @@ public: class PluginCache { public: PluginCache(ResultGetterInterfacePtr getter) : m_getter(getter) {} - virtual cynara_api_result get(const std::string &session, const PolicyKey &key) = 0; + virtual int get(const std::string &session, const PolicyKey &key) = 0; + void registerPlugin(const PolicyType policyType, InterpreterInterfacePtr plugin) { m_plugins[policyType] = plugin; } + virtual void clear(void) { m_plugins.clear(); } + virtual ~PluginCache() = default; protected: diff --git a/src/client/cache/CapacityCache.cpp b/src/client/cache/CapacityCache.cpp index 6b9f48e..f5a3df5 100644 --- a/src/client/cache/CapacityCache.cpp +++ b/src/client/cache/CapacityCache.cpp @@ -28,7 +28,7 @@ namespace Cynara { -cynara_api_result CapacityCache::get(const std::string &session, const PolicyKey &key) { +int CapacityCache::get(const std::string &session, const PolicyKey &key) { //This can be very time heavy. This part is welcomed to be optimized. if (session != m_session) { LOGD("Session changed from %s to %s.", m_session.c_str(), session.c_str()); @@ -54,7 +54,7 @@ cynara_api_result CapacityCache::get(const std::string &session, const PolicyKey if (pluginIt == m_plugins.end()) { LOGE("No plugin registered for given PolicyType : %" PRIu16, resultIt->second.first.policyType()); - return cynara_api_result::CYNARA_API_ACCESS_DENIED; + return CYNARA_API_ACCESS_DENIED; } //Is it still usable? @@ -100,10 +100,10 @@ void CapacityCache::evict(void) { m_keyValue.erase(value_it); } -cynara_api_result CapacityCache::update(const PolicyKey &key) { - cynara_api_result ret; +int CapacityCache::update(const PolicyKey &key) { + int ret; PolicyResult result; - if ((ret = m_getter->requestResult(key, result)) != cynara_api_result::CYNARA_API_SUCCESS) { + if ((ret = m_getter->requestResult(key, result)) != CYNARA_API_SUCCESS) { LOGE("Error fetching new entry."); return ret; } @@ -114,7 +114,7 @@ cynara_api_result CapacityCache::update(const PolicyKey &key) { if (pluginIt == m_plugins.end()) { LOGE("No registered plugin for given PolicyType: %" PRIu16, result.policyType()); - return cynara_api_result::CYNARA_API_ACCESS_DENIED; + return CYNARA_API_ACCESS_DENIED; } auto plugin = pluginIt->second; diff --git a/src/client/cache/CapacityCache.h b/src/client/cache/CapacityCache.h index b5c4a1f..39ca928 100644 --- a/src/client/cache/CapacityCache.h +++ b/src/client/cache/CapacityCache.h @@ -39,8 +39,7 @@ public: PluginCache(getter), m_capacity(capacity) {} - cynara_api_result get(const std::string &session, - const PolicyKey &key); + int get(const std::string &session, const PolicyKey &key); void clear(void); private: @@ -51,7 +50,7 @@ private: static std::string keyToString(const PolicyKey &key); void evict(void); - cynara_api_result update(const PolicyKey &key); + int update(const PolicyKey &key); std::size_t m_capacity; std::string m_session; diff --git a/src/client/cache/NaiveInterpreter.h b/src/client/cache/NaiveInterpreter.h index 6b96d4b..9ae333f 100644 --- a/src/client/cache/NaiveInterpreter.h +++ b/src/client/cache/NaiveInterpreter.h @@ -34,11 +34,11 @@ class NaiveInterpreter : public InterpreterInterface { bool isCacheable(const PolicyResult &result UNUSED) noexcept { return true; } - cynara_api_result toResult(const PolicyResult &result) noexcept { + int toResult(const PolicyResult &result) noexcept { if (result.policyType() == PredefinedPolicyType::ALLOW) - return cynara_api_result::CYNARA_API_SUCCESS; + return CYNARA_API_SUCCESS; else - return cynara_api_result::CYNARA_API_ACCESS_DENIED; + return CYNARA_API_ACCESS_DENIED; } }; diff --git a/src/client/cache/PolicyGetter.cpp b/src/client/cache/PolicyGetter.cpp index e383f9f..8bf1a39 100644 --- a/src/client/cache/PolicyGetter.cpp +++ b/src/client/cache/PolicyGetter.cpp @@ -33,7 +33,7 @@ namespace Cynara { -cynara_api_result PolicyGetter::requestResult(const PolicyKey &key, PolicyResult &result) noexcept { +int PolicyGetter::requestResult(const PolicyKey &key, PolicyResult &result) noexcept { ProtocolFrameSequenceNumber sequenceNumber = generateSequenceNumber(); //Ask cynara service @@ -43,12 +43,12 @@ cynara_api_result PolicyGetter::requestResult(const PolicyKey &key, PolicyResult ResponsePtr response = m_socketClient->askCynaraServer(request); if (!response) { LOGW("Disconnected by cynara server."); - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; + return CYNARA_API_SERVICE_NOT_AVAILABLE; } checkResponse = std::dynamic_pointer_cast(response); if (!checkResponse) { LOGC("Critical error. Casting Response to CheckResponse failed."); - return cynara_api_result::CYNARA_API_ACCESS_DENIED; + return CYNARA_API_ACCESS_DENIED; } LOGD("checkResponse: policyType = %" PRIu16 ", metadata = %s", @@ -56,11 +56,11 @@ cynara_api_result PolicyGetter::requestResult(const PolicyKey &key, PolicyResult checkResponse->m_resultRef.metadata().c_str()); } catch (const ServerConnectionErrorException &ex) { LOGE("Cynara service not available."); - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; + return CYNARA_API_SERVICE_NOT_AVAILABLE; } result = checkResponse->m_resultRef; - return cynara_api_result::CYNARA_API_SUCCESS; + return CYNARA_API_SUCCESS; } } // namespace Cynara diff --git a/src/client/cache/PolicyGetter.h b/src/client/cache/PolicyGetter.h index fec6797..c653887 100644 --- a/src/client/cache/PolicyGetter.h +++ b/src/client/cache/PolicyGetter.h @@ -34,7 +34,7 @@ namespace Cynara { class PolicyGetter : public ResultGetterInterface { public: PolicyGetter(const SocketClientPtr &socketClient) : m_socketClient(socketClient) {} - cynara_api_result requestResult(const PolicyKey &key, PolicyResult &result) noexcept; + int requestResult(const PolicyKey &key, PolicyResult &result) noexcept; private: ProtocolFrameSequenceNumber generateSequenceNumber(void) { diff --git a/src/client/logic/Logic.cpp b/src/client/logic/Logic.cpp index c2d9cb6..b3492ff 100644 --- a/src/client/logic/Logic.cpp +++ b/src/client/logic/Logic.cpp @@ -48,13 +48,13 @@ Logic::Logic() { m_cache->registerPlugin(PredefinedPolicyType::BUCKET, naiveInterpreter); } -cynara_api_result Logic::check(const std::string &client, const std::string &session, - const std::string &user, const std::string &privilege) noexcept +int Logic::check(const std::string &client, const std::string &session, const std::string &user, + const std::string &privilege) noexcept { PolicyKey key(client, user, privilege); auto ret = m_cache->get(session, key); - if (ret == cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE) + if (ret == CYNARA_API_SERVICE_NOT_AVAILABLE) onDisconnected(); return ret; } diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index b2eb486..34ec54c 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -40,8 +40,8 @@ public: Logic(); virtual ~Logic() = default; - virtual cynara_api_result check(const std::string &client, const std::string &session, - const std::string &user, const std::string &privilege) noexcept; + virtual int check(const std::string &client, const std::string &session, + const std::string &user, const std::string &privilege) noexcept; }; } // namespace Cynara diff --git a/src/include/cynara-client.h b/src/include/cynara-client.h index 3ceeaa6..f984966 100644 --- a/src/include/cynara-client.h +++ b/src/include/cynara-client.h @@ -31,23 +31,20 @@ * @{ */ -enum cynara_api_result -{ /*! \brief indicating the result of the one specific API is successful or access is allowed */ - CYNARA_API_SUCCESS, +#define CYNARA_API_SUCCESS 0 /*! \brief indicating that access that was checked is denied */ - CYNARA_API_ACCESS_DENIED, +#define CYNARA_API_ACCESS_DENIED -1 /*! \brief indicating system is running out of memory state */ - CYNARA_API_OUT_OF_MEMORY, +#define CYNARA_API_OUT_OF_MEMORY -2 /*! \brief indicating the API's parameter is malformed */ - CYNARA_API_INVALID_PARAM, +#define CYNARA_API_INVALID_PARAM -3 /*! \brief service not available */ - CYNARA_API_SERVICE_NOT_AVAILABLE -}; +#define CYNARA_API_SERVICE_NOT_AVAILABLE -4 /** @}*/ #ifdef __cplusplus -- 2.7.4 From 4824525a4f51b6217cb682b4bd65b64010ab44b0 Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 16:33:17 +0200 Subject: [PATCH 03/16] Add disconnectAllClients() function in SocketManager Function disconnects all clients connected to client interface socket. Boolean field m_client and accessor methods are added to Descriptor class to distinguish client connections from other. Change-Id: Ic3cc382fa3056153e25df05ed8c0eba2872adf7f --- src/service/sockets/Descriptor.cpp | 3 ++- src/service/sockets/Descriptor.h | 9 +++++++++ src/service/sockets/SocketManager.cpp | 33 ++++++++++++++++++++++----------- src/service/sockets/SocketManager.h | 7 +++++-- 4 files changed, 38 insertions(+), 14 deletions(-) diff --git a/src/service/sockets/Descriptor.cpp b/src/service/sockets/Descriptor.cpp index f58d28e..df7ddb4 100644 --- a/src/service/sockets/Descriptor.cpp +++ b/src/service/sockets/Descriptor.cpp @@ -24,7 +24,7 @@ namespace Cynara { -Descriptor::Descriptor() : m_listen(false), m_used(false), m_protocol(nullptr) { +Descriptor::Descriptor() : m_listen(false), m_used(false), m_client(false), m_protocol(nullptr) { } bool Descriptor::hasDataToWrite(void) const { @@ -56,6 +56,7 @@ RawBuffer &Descriptor::prepareWriteBuffer(void) { void Descriptor::clear(void) { m_listen = false; m_used = false; + m_client = false; m_readQueue.clear(); m_writeQueue.clear(); m_writeBuffer.clear(); diff --git a/src/service/sockets/Descriptor.h b/src/service/sockets/Descriptor.h index b49ef03..be9e62a 100644 --- a/src/service/sockets/Descriptor.h +++ b/src/service/sockets/Descriptor.h @@ -37,6 +37,7 @@ class Descriptor { private: bool m_listen; bool m_used; + bool m_client; BinaryQueue m_readQueue; BinaryQueue m_writeQueue; @@ -55,6 +56,10 @@ public: return m_used; } + bool isClient(void) const { + return m_client; + } + bool hasDataToWrite(void) const; const ProtocolPtr protocol(void) const { @@ -79,6 +84,10 @@ public: m_used = used; } + void setClient(bool client) { + m_client = client; + } + void pushReadBuffer(const RawBuffer &readbuffer); RequestPtr extractRequest(void); diff --git a/src/service/sockets/SocketManager.cpp b/src/service/sockets/SocketManager.cpp index 55edc02..0c269af 100644 --- a/src/service/sockets/SocketManager.cpp +++ b/src/service/sockets/SocketManager.cpp @@ -74,8 +74,9 @@ void SocketManager::init(void) { const mode_t clientSocketUMask(0); const mode_t adminSocketUMask(0077); - createDomainSocket(std::make_shared(), clientSocketPath, clientSocketUMask); - createDomainSocket(std::make_shared(), adminSocketPath, adminSocketUMask); + createDomainSocket(std::make_shared(), clientSocketPath, clientSocketUMask, + true); + createDomainSocket(std::make_shared(), adminSocketPath, adminSocketUMask, false); createSignalSocket(std::make_shared()); LOGI("SocketManger init done"); } @@ -192,18 +193,18 @@ void SocketManager::readyForAccept(int fd) { LOGD("SocketManger readyForAccept on fd [%d] start", fd); struct sockaddr_un clientAddr; unsigned int clientLen = sizeof(clientAddr); - int client = accept4(fd, (struct sockaddr*) &clientAddr, &clientLen, SOCK_NONBLOCK); - if (client == -1) { + int clientFd = accept4(fd, (struct sockaddr*) &clientAddr, &clientLen, SOCK_NONBLOCK); + if (clientFd == -1) { int err = errno; LOGW("Error in accept on socket [%d]: <%s>", fd, strerror(err)); return; } - LOGD("Accept on sock [%d]. New client socket opened [%d]", fd, client); + LOGD("Accept on sock [%d]. New client socket opened [%d]", fd, clientFd); - auto &desc = createDescriptor(client); + auto &desc = createDescriptor(clientFd, m_fds[fd].isClient()); desc.setListen(false); desc.setProtocol(m_fds[fd].protocol()->clone()); - addReadSocket(client); + addReadSocket(clientFd); LOGD("SocketManger readyForAccept on fd [%d] done", fd); } @@ -243,12 +244,13 @@ bool SocketManager::handleRead(int fd, const RawBuffer &readbuffer) { return true; } -void SocketManager::createDomainSocket(ProtocolPtr protocol, const std::string &path, mode_t mask) { +void SocketManager::createDomainSocket(ProtocolPtr protocol, const std::string &path, mode_t mask, + bool client) { int fd = getSocketFromSystemD(path); if (fd == -1) fd = createDomainSocketHelp(path, mask); - auto &desc = createDescriptor(fd); + auto &desc = createDescriptor(fd, client); desc.setListen(true); desc.setProtocol(protocol); addReadSocket(fd); @@ -349,7 +351,7 @@ void SocketManager::createSignalSocket(ProtocolPtr protocol) { return; } - auto &desc = createDescriptor(fd); + auto &desc = createDescriptor(fd, false); desc.setListen(false); desc.setProtocol(protocol); addReadSocket(fd); @@ -357,7 +359,7 @@ void SocketManager::createSignalSocket(ProtocolPtr protocol) { LOGD("Signal socket: [%d] added.", fd); } -Descriptor &SocketManager::createDescriptor(int fd) { +Descriptor &SocketManager::createDescriptor(int fd, bool client) { if (fd > m_maxDesc) { m_maxDesc = fd; if (fd >= static_cast(m_fds.size())) @@ -365,6 +367,7 @@ Descriptor &SocketManager::createDescriptor(int fd) { } auto &desc = m_fds[fd]; desc.setUsed(true); + desc.setClient(client); return desc; } @@ -388,4 +391,12 @@ RequestTakerPtr SocketManager::requestTaker(void) { return std::static_pointer_cast(m_logic); } +void SocketManager::disconnectAllClients(void) { + for(int i = 0; i <= m_maxDesc; ++i) { + auto &desc = m_fds[i]; + if(desc.isUsed() && desc.isClient() && !desc.isListen()) + closeSocket(i); + } +} + } // namespace Cynara diff --git a/src/service/sockets/SocketManager.h b/src/service/sockets/SocketManager.h index ae0906b..6154322 100644 --- a/src/service/sockets/SocketManager.h +++ b/src/service/sockets/SocketManager.h @@ -54,6 +54,8 @@ public: m_logic.reset(); } + void disconnectAllClients(void); + private: LogicPtr m_logic; @@ -75,12 +77,13 @@ private: void closeSocket(int fd); bool handleRead(int fd, const RawBuffer &readbuffer); - void createDomainSocket(ProtocolPtr protocol, const std::string &path, mode_t mask); + void createDomainSocket(ProtocolPtr protocol, const std::string &path, mode_t mask, + bool client); static int createDomainSocketHelp(const std::string &path, mode_t mask); static int getSocketFromSystemD(const std::string &path); void createSignalSocket(ProtocolPtr protocol); - Descriptor &createDescriptor(int fd); + Descriptor &createDescriptor(int fd, bool client); void addReadSocket(int fd); void removeReadSocket(int fd); -- 2.7.4 From 235aab099e043f219a2b1605eeed96a823e4c12d Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 16:36:13 +0200 Subject: [PATCH 04/16] Disconnect all clients from cynara when policy rules change All actions that should be run when cynara policies change are grouped in onPoliciesChanged() function. Change-Id: I30687fc35258b448fcccc2d54955b57d8cbc82af --- src/service/logic/Logic.cpp | 12 +++++++++--- src/service/logic/Logic.h | 1 + 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/service/logic/Logic.cpp b/src/service/logic/Logic.cpp index 739add2..377bcce 100644 --- a/src/service/logic/Logic.cpp +++ b/src/service/logic/Logic.cpp @@ -91,7 +91,7 @@ bool Logic::check(RequestContextPtr context UNUSED, const PolicyKey &key, void Logic::execute(RequestContextPtr context, InsertOrUpdateBucketRequestPtr request) { m_storage->addOrUpdateBucket(request->bucketId(), request->result()); - m_storage->save(); + onPoliciesChanged(); context->returnResponse(context, std::make_shared(CodeResponse::Code::OK, request->sequenceNumber())); @@ -101,7 +101,7 @@ void Logic::execute(RequestContextPtr context, RemoveBucketRequestPtr request) { auto code = CodeResponse::Code::OK; try { m_storage->deleteBucket(request->bucketId()); - m_storage->save(); + onPoliciesChanged(); } catch (const BucketNotExistsException &ex) { code = CodeResponse::Code::NO_BUCKET; } catch (const DefaultBucketDeletionException &ex) { @@ -116,7 +116,7 @@ void Logic::execute(RequestContextPtr context, SetPoliciesRequestPtr request) { try { m_storage->insertPolicies(request->policiesToBeInsertedOrUpdated()); m_storage->deletePolicies(request->policiesToBeRemoved()); - m_storage->save(); + onPoliciesChanged(); } catch (const BucketNotExistsException &ex) { code = CodeResponse::Code::NO_BUCKET; } @@ -124,4 +124,10 @@ void Logic::execute(RequestContextPtr context, SetPoliciesRequestPtr request) { request->sequenceNumber())); } +void Logic::onPoliciesChanged(void) { + m_storage->save(); + m_socketManager->disconnectAllClients(); + //todo remove all saved contexts (if there will be any saved contexts) +} + } // namespace Cynara diff --git a/src/service/logic/Logic.h b/src/service/logic/Logic.h index e21419a..4e8a476 100644 --- a/src/service/logic/Logic.h +++ b/src/service/logic/Logic.h @@ -62,6 +62,7 @@ private: bool check(RequestContextPtr context, const PolicyKey &key, PolicyResult& result); + void onPoliciesChanged(void); }; } // namespace Cynara -- 2.7.4 From cc514ea58727ba22576eb567acb2a70ba01b58ec Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 17:35:49 +0200 Subject: [PATCH 05/16] Check if connection to cynara is valid Change-Id: I1a406ce6aa092cc75f452493ec22996e675a57ea --- src/client/logic/Logic.cpp | 9 +++++---- src/client/logic/Logic.h | 3 +++ src/common/sockets/Socket.cpp | 26 +++++++++++++++++++++++++- src/common/sockets/Socket.h | 5 +++++ src/common/sockets/SocketClient.cpp | 6 +++++- src/common/sockets/SocketClient.h | 2 ++ 6 files changed, 45 insertions(+), 6 deletions(-) diff --git a/src/client/logic/Logic.cpp b/src/client/logic/Logic.cpp index b3492ff..dbdcf36 100644 --- a/src/client/logic/Logic.cpp +++ b/src/client/logic/Logic.cpp @@ -38,10 +38,8 @@ namespace Cynara { const std::string clientSocketPath("/run/cynara/cynara.socket"); Logic::Logic() { - m_cache = std::make_shared( - std::make_shared( - std::make_shared(clientSocketPath, - std::make_shared()))); + m_socket = std::make_shared(clientSocketPath, std::make_shared()); + m_cache = std::make_shared(std::make_shared(m_socket)); auto naiveInterpreter = std::make_shared(); m_cache->registerPlugin(PredefinedPolicyType::ALLOW, naiveInterpreter); m_cache->registerPlugin(PredefinedPolicyType::DENY, naiveInterpreter); @@ -53,6 +51,9 @@ int Logic::check(const std::string &client, const std::string &session, const st { PolicyKey key(client, user, privilege); + if (!m_socket->isConnected()) + onDisconnected(); + auto ret = m_cache->get(session, key); if (ret == CYNARA_API_SERVICE_NOT_AVAILABLE) onDisconnected(); diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index 34ec54c..e9f2c23 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -25,6 +25,8 @@ #include +#include + #include #include @@ -33,6 +35,7 @@ namespace Cynara { class Logic : public ApiInterface { private: PluginCachePtr m_cache; + SocketClientPtr m_socket; void onDisconnected(void); diff --git a/src/common/sockets/Socket.cpp b/src/common/sockets/Socket.cpp index e666262..c61134a 100644 --- a/src/common/sockets/Socket.cpp +++ b/src/common/sockets/Socket.cpp @@ -203,7 +203,7 @@ bool Socket::sendToServer(BinaryQueue &queue) { return true; } -bool Socket::receiveFromServer(BinaryQueue &queue) +bool Socket::waitAndReceiveFromServer(BinaryQueue &queue) { if (!waitForSocket(POLLIN)) { LOGE("Error in poll(POLLIN)"); @@ -228,4 +228,28 @@ bool Socket::receiveFromServer(BinaryQueue &queue) return true; } +bool Socket::receiveFromServer(BinaryQueue &queue) +{ + RawBuffer readBuffer(BUFSIZ); + ssize_t size = TEMP_FAILURE_RETRY(read(m_sock, readBuffer.data(), BUFSIZ)); + + if (size == -1) { + int err = errno; + if (err == EAGAIN) { + LOGD("is connected, but no data available"); + return true; + } + LOGE("'read' function error [%d] : <%s>", err, strerror(err)); + throw UnexpectedErrorException(err, strerror(err)); + } + + if (size == 0) { + LOGW("read return 0 / Connection closed by server."); + return false; + } + queue.appendCopy(readBuffer.data(), size); + + return true; +} + } // namespace Cynara diff --git a/src/common/sockets/Socket.h b/src/common/sockets/Socket.h index 7ea8c61..2754142 100644 --- a/src/common/sockets/Socket.h +++ b/src/common/sockets/Socket.h @@ -71,6 +71,11 @@ public: //returns false if connection was lost //throws ServerConnectionErrorException if cannot connect server (or timeout) //throws other exceptions in critical situations + bool waitAndReceiveFromServer(BinaryQueue &queue); + + //returns true if data was successfully read from server + //returns false if connection was lost + //throws other exceptions in critical situations bool receiveFromServer(BinaryQueue &queue); }; diff --git a/src/common/sockets/SocketClient.cpp b/src/common/sockets/SocketClient.cpp index 6eff9f5..d9de1f8 100644 --- a/src/common/sockets/SocketClient.cpp +++ b/src/common/sockets/SocketClient.cpp @@ -52,7 +52,7 @@ ResponsePtr SocketClient::askCynaraServer(RequestPtr request) { // receive response from cynara while (true) { - if (!m_socket.receiveFromServer(m_readQueue)) { + if (!m_socket.waitAndReceiveFromServer(m_readQueue)) { LOGW("Error receiving response from Cynara. Service not available."); return nullptr; } @@ -63,4 +63,8 @@ ResponsePtr SocketClient::askCynaraServer(RequestPtr request) { } } +bool SocketClient::isConnected(void) { + return m_socket.isConnected() && m_socket.receiveFromServer(m_readQueue); +} + } // namespace Cynara diff --git a/src/common/sockets/SocketClient.h b/src/common/sockets/SocketClient.h index 04f0436..fae5ba3 100644 --- a/src/common/sockets/SocketClient.h +++ b/src/common/sockets/SocketClient.h @@ -51,6 +51,8 @@ public: //returns pointer to response // or nullptr when connection to cynara service is lost ResponsePtr askCynaraServer(RequestPtr request); + + bool isConnected(void); }; } // namespace Cynara -- 2.7.4 From 5b42c327b0f752ebc009ba866db6a7e639287b2a Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 18:13:37 +0200 Subject: [PATCH 06/16] Handle SIGPIPE more elegant way Remove SIGPIPE ignoring in libraries. Use send with MSG_NOSIGNAL instead of write in libraries Socket classes. Change-Id: I2876d0ae80a21c7e2e3314f718c974cb7a1d389f --- src/admin/api/admin-api.cpp | 3 --- src/client/api/client-api.cpp | 3 --- src/common/CMakeLists.txt | 1 - src/common/sockets/Socket.cpp | 4 ++-- src/common/system/signals.cpp | 41 ----------------------------------------- src/common/system/signals.h | 30 ------------------------------ 6 files changed, 2 insertions(+), 80 deletions(-) delete mode 100644 src/common/system/signals.cpp delete mode 100644 src/common/system/signals.h diff --git a/src/admin/api/admin-api.cpp b/src/admin/api/admin-api.cpp index 3c72744..d6e6a12 100644 --- a/src/admin/api/admin-api.cpp +++ b/src/admin/api/admin-api.cpp @@ -27,7 +27,6 @@ #include #include -#include #include #include #include @@ -62,8 +61,6 @@ int cynara_admin_initialize(struct cynara_admin **pp_cynara_admin) { init_log(); - ignore_sigpipe(); - LOGD("Cynara admin initialized"); return CYNARA_ADMIN_API_SUCCESS; diff --git a/src/client/api/client-api.cpp b/src/client/api/client-api.cpp index 186e043..b6f139f 100644 --- a/src/client/api/client-api.cpp +++ b/src/client/api/client-api.cpp @@ -25,7 +25,6 @@ #include #include -#include #include #include @@ -55,8 +54,6 @@ int cynara_initialize(cynara **pp_cynara, const cynara_configuration *p_conf UNU init_log(); - ignore_sigpipe(); - LOGD("Cynara client initialized"); return CYNARA_API_SUCCESS; diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index 5f25aea..aef2ae7 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -42,7 +42,6 @@ SET(COMMON_SOURCES ${COMMON_PATH}/response/ResponseTaker.cpp ${COMMON_PATH}/sockets/Socket.cpp ${COMMON_PATH}/sockets/SocketClient.cpp - ${COMMON_PATH}/system/signals.cpp ${COMMON_PATH}/types/PolicyBucket.cpp ${COMMON_PATH}/types/PolicyKey.cpp ${COMMON_PATH}/types/PolicyKeyHelpers.cpp diff --git a/src/common/sockets/Socket.cpp b/src/common/sockets/Socket.cpp index c61134a..1c5ac3c 100644 --- a/src/common/sockets/Socket.cpp +++ b/src/common/sockets/Socket.cpp @@ -182,8 +182,8 @@ bool Socket::sendToServer(BinaryQueue &queue) { LOGE("Error in poll(POLLOUT)"); throw ServerConnectionErrorException(); } - ssize_t t = TEMP_FAILURE_RETRY(write(m_sock, buffer.data() + done, - buffer.size() - done)); + ssize_t t = TEMP_FAILURE_RETRY(send(m_sock, buffer.data() + done, + buffer.size() - done, MSG_NOSIGNAL)); if (t == -1) { int err = errno; if (err == EPIPE) { diff --git a/src/common/system/signals.cpp b/src/common/system/signals.cpp deleted file mode 100644 index 6d74f4b..0000000 --- a/src/common/system/signals.cpp +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Lukasz Wojciechowski - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file signals.cpp - * @author Adam Malinowski - * @version 1.0 - * @brief Implementation of signal related functions - */ - -#include -#include - -#include - -#include "signals.h" - -void ignore_sigpipe(void) -{ - struct sigaction act; - - memset(&act, 0, sizeof(act)); - act.sa_handler = SIG_IGN; - - if (sigaction(SIGPIPE, &act, NULL)) - LOGE("sigaction failed during setting SIGPIPE handler to ignore"); -} diff --git a/src/common/system/signals.h b/src/common/system/signals.h deleted file mode 100644 index ef21ebb..0000000 --- a/src/common/system/signals.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Lukasz Wojciechowski - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file signals.h - * @author Adam Malinowski - * @version 1.0 - * @brief Declaration of signal related functions - */ - -#ifndef SRC_COMMON_SYSTEM_SIGNALS_H_ -#define SRC_COMMON_SYSTEM_SIGNALS_H_ - -void ignore_sigpipe(void); - -#endif /* SRC_COMMON_SYSTEM_SIGNALS_H_ */ -- 2.7.4 From 7155f2d34363ac078c093fad920adc1bdeb28390 Mon Sep 17 00:00:00 2001 From: Aleksander Zdyb Date: Fri, 1 Aug 2014 09:45:16 +0200 Subject: [PATCH 07/16] Disallow pointing to nonexistent buckets Storage::insertPolicies() now cares, if bucket pointed by inserted policies exists. Change-Id: I113de2ead6ae17d18eb9a5928ef0181bee2f67d3 --- src/service/storage/Storage.cpp | 19 ++++++++++++++++ test/storage/storage/policies.cpp | 46 ++++++++++++++++++++++++++++++++++----- 2 files changed, 59 insertions(+), 6 deletions(-) diff --git a/src/service/storage/Storage.cpp b/src/service/storage/Storage.cpp index f8e7b8a..7f92c34 100644 --- a/src/service/storage/Storage.cpp +++ b/src/service/storage/Storage.cpp @@ -24,6 +24,7 @@ #include #include +#include #include "exceptions/DefaultBucketDeletionException.h" #include #include @@ -79,6 +80,24 @@ PolicyResult Storage::minimalPolicy(const PolicyBucket &bucket, const PolicyKey } void Storage::insertPolicies(const std::map> &policiesByBucketId) { + + auto pointedBucketExists = [this] (const Policy &policy) -> void { + if (policy.result().policyType() == PredefinedPolicyType::BUCKET) { + const auto &bucketId = policy.result().metadata(); + if (m_backend.hasBucket(bucketId) == false) { + throw BucketNotExistsException(bucketId); + } + } + }; + + // TODO: Rewrite, when transactions are supported + // Check if all of buckets exist + for (const auto &group : policiesByBucketId) { + const auto &policies = group.second; + std::for_each(policies.cbegin(), policies.cend(), pointedBucketExists); + } + + // Then insert policies for (const auto &group : policiesByBucketId) { const PolicyBucketId &bucketId = group.first; const auto &policies = group.second; diff --git a/test/storage/storage/policies.cpp b/test/storage/storage/policies.cpp index fbe40fa..54e0455 100644 --- a/test/storage/storage/policies.cpp +++ b/test/storage/storage/policies.cpp @@ -28,6 +28,7 @@ #include #include +#include #include #include #include @@ -78,6 +79,10 @@ TEST(storage, deleteBucketWithLinkedPolicies) { TEST(storage, insertPolicies) { using ::testing::Pointee; using ::testing::Return; + using PredefinedPolicyType::ALLOW; + using PredefinedPolicyType::BUCKET; + using PredefinedPolicyType::DENY; + FakeStorageBackend backend; Storage storage(backend); @@ -86,22 +91,24 @@ TEST(storage, insertPolicies) { typedef std::pair> BucketPolicyPair; - auto createPolicy = [] (const std::string &keySuffix, const PolicyType &type) -> Policy { - return Policy(Helpers::generatePolicyKey(keySuffix), type); + auto createPolicy = [] (const std::string &keySuffix, const PolicyResult &result) -> Policy { + return Policy(Helpers::generatePolicyKey(keySuffix), result); }; std::map> policiesToInsert = { BucketPolicyPair(testBucket1, { - createPolicy("1", PredefinedPolicyType::ALLOW), - createPolicy("2", PredefinedPolicyType::DENY), - createPolicy("3", PredefinedPolicyType::DENY) + createPolicy("1", ALLOW), + createPolicy("2", DENY), + createPolicy("3", DENY) }), BucketPolicyPair(testBucket2, { - createPolicy("4", PredefinedPolicyType::ALLOW), + createPolicy("4", { BUCKET, testBucket1 }), createPolicy("5", PredefinedPolicyType::ALLOW) }) }; + EXPECT_CALL(backend, hasBucket(testBucket1)).WillOnce(Return(true)); + for (const auto &group : policiesToInsert) { const auto &bucketId = group.first; const auto &policies = group.second; @@ -113,3 +120,30 @@ TEST(storage, insertPolicies) { storage.insertPolicies(policiesToInsert); } + +TEST(storage, insertPointingToNonexistentBucket) { + using ::testing::Pointee; + using ::testing::Return; + FakeStorageBackend backend; + Storage storage(backend); + + PolicyBucketId testBucketId = "test-bucket-1"; + PolicyBucketId nonexistentBucketId = "nonexistent"; + + typedef std::pair> BucketPolicyPair; + + auto createPolicy = [] (const std::string &keySuffix, const PolicyResult &result) -> Policy { + return Policy(Helpers::generatePolicyKey(keySuffix), result); + }; + + std::map> policiesToInsert = { + BucketPolicyPair(testBucketId, { + createPolicy("1", { PredefinedPolicyType::DENY }), + createPolicy("2", { PredefinedPolicyType::BUCKET, nonexistentBucketId }), + }), + }; + + EXPECT_CALL(backend, hasBucket(nonexistentBucketId)).WillOnce(Return(false)); + + ASSERT_THROW(storage.insertPolicies(policiesToInsert), BucketNotExistsException); +} -- 2.7.4 From 69d41ab34958afe806bf8673f55af47f670b681f Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Fri, 1 Aug 2014 12:29:02 +0200 Subject: [PATCH 08/16] Release version 0.2.0 Change-Id: Ied0ad56182536bbd0012bc3bf68f7ec3ea1dcc6f --- packaging/cynara.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/cynara.spec b/packaging/cynara.spec index a872b29..a3d82f0 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -1,6 +1,6 @@ Name: cynara Summary: Cynara service with client libraries -Version: 0.1.0 +Version: 0.2.0 Release: 1 Group: Security/Access Control License: Apache-2.0 -- 2.7.4 From f32215d2aeff3b2c24d801690d2ae60e442bf75f Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 13:39:33 +0200 Subject: [PATCH 09/16] Fix format string concatenating in log message Change-Id: I945ca6a4fcc80ff83415b285b761369356757e6a --- src/common/protocol/ProtocolAdmin.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/protocol/ProtocolAdmin.cpp b/src/common/protocol/ProtocolAdmin.cpp index 1a6ff67..a42f8fc 100644 --- a/src/common/protocol/ProtocolAdmin.cpp +++ b/src/common/protocol/ProtocolAdmin.cpp @@ -213,7 +213,7 @@ void ProtocolAdmin::execute(RequestContextPtr context, RemoveBucketRequestPtr re } void ProtocolAdmin::execute(RequestContextPtr context, SetPoliciesRequestPtr request) { - LOGD("Serializing SetPoliciesRequestPtr: sequenceNumber [%u], insertOrUpdate count [%zu]", + LOGD("Serializing SetPoliciesRequestPtr: sequenceNumber [%u], insertOrUpdate count [%zu], " "remove count [%zu]", static_cast(request->sequenceNumber()), request->policiesToBeInsertedOrUpdated().size(), request->policiesToBeRemoved().size()); -- 2.7.4 From 24815d050799b0f46a9caeee8aedaefa033489a2 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 13:43:17 +0200 Subject: [PATCH 10/16] Add missing include in InMemoryStorageBackend.cpp file Change-Id: I82e40449ce7f797d656482af39749d6879298860 --- src/service/storage/InMemoryStorageBackend.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/service/storage/InMemoryStorageBackend.cpp b/src/service/storage/InMemoryStorageBackend.cpp index e46e485..dc802e2 100644 --- a/src/service/storage/InMemoryStorageBackend.cpp +++ b/src/service/storage/InMemoryStorageBackend.cpp @@ -24,6 +24,7 @@ #include #include #include +#include #include #include #include -- 2.7.4 From 629833fb521b7b61ab2c4cbb8a1b5930acfbd645 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 14:02:20 +0200 Subject: [PATCH 11/16] Change member initialization This change is needed by other compilers to build without error. Change-Id: I38826a3c72fed96f948ad1b1eaf9735bd3f5b99f --- src/service/storage/InMemoryStorageBackend.cpp | 2 ++ src/service/storage/InMemoryStorageBackend.h | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/service/storage/InMemoryStorageBackend.cpp b/src/service/storage/InMemoryStorageBackend.cpp index dc802e2..9fee197 100644 --- a/src/service/storage/InMemoryStorageBackend.cpp +++ b/src/service/storage/InMemoryStorageBackend.cpp @@ -49,6 +49,8 @@ namespace Cynara { +const std::string InMemoryStorageBackend::m_indexFileName = "buckets"; + void InMemoryStorageBackend::load(void) { std::string indexFilename = m_dbPath + m_indexFileName; diff --git a/src/service/storage/InMemoryStorageBackend.h b/src/service/storage/InMemoryStorageBackend.h index 68d042e..be187bb 100644 --- a/src/service/storage/InMemoryStorageBackend.h +++ b/src/service/storage/InMemoryStorageBackend.h @@ -70,7 +70,7 @@ protected: private: std::string m_dbPath; Buckets m_buckets; - const std::string m_indexFileName = "buckets"; + static const std::string m_indexFileName; protected: virtual Buckets &buckets(void) { -- 2.7.4 From dd800411de0c60833227b59084cf6d157b9b8f76 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 14:09:56 +0200 Subject: [PATCH 12/16] Add 'class' keyword in friend class declaration Change-Id: I1a63573faf35313b600439678198112cd9a6dcd9 --- src/common/types/PolicyKey.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/types/PolicyKey.h b/src/common/types/PolicyKey.h index ae9774e..f7d0fe0 100644 --- a/src/common/types/PolicyKey.h +++ b/src/common/types/PolicyKey.h @@ -33,7 +33,7 @@ namespace Cynara { class PolicyKey; class PolicyKeyFeature { -friend PolicyKey; +friend class PolicyKey; public: typedef std::string ValueType; -- 2.7.4 From 90f40c36c40d99533afc4326a9804c6a65f4e9e3 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 14:12:13 +0200 Subject: [PATCH 13/16] Change default virtual destructor from '= default' to '{}' '= default' seems to be problematic. Some compilers give error: "declared virtual cannot be defaulted in the class body". Change-Id: Iaca3a70f64e45309430bc010883a87fcdc536d1b --- src/admin/api/ApiInterface.h | 2 +- src/admin/logic/Logic.h | 2 +- src/client/api/ApiInterface.h | 2 +- src/client/cache/CacheInterface.h | 6 +++--- src/client/logic/Logic.h | 2 +- src/common/exceptions/BucketDeserializationException.h | 1 + src/common/exceptions/BucketNotExistsException.h | 2 +- src/common/exceptions/BucketRecordCorruptedException.h | 2 +- src/common/exceptions/BucketSerializationException.h | 1 + src/common/exceptions/CannotCreateFileException.h | 2 +- src/common/exceptions/DefaultBucketDeletionException.h | 2 +- src/common/exceptions/DescriptorNotExistsException.h | 2 +- src/common/exceptions/Exception.h | 2 +- src/common/exceptions/FileNotFoundException.h | 2 +- src/common/exceptions/InitException.h | 2 +- src/common/exceptions/InvalidProtocolException.h | 2 +- src/common/exceptions/NotImplementedException.h | 2 +- src/common/exceptions/NullPointerException.h | 2 +- src/common/exceptions/OutOfDataException.h | 2 +- src/common/exceptions/PluginNotFoundException.h | 2 +- src/common/exceptions/ServerConnectionErrorException.h | 2 +- src/common/exceptions/UnexpectedErrorException.h | 2 +- src/common/protocol/Protocol.h | 2 +- src/common/protocol/ProtocolFrame.h | 2 +- src/common/protocol/ProtocolFrameHeader.h | 2 +- src/common/protocol/ProtocolSerialization.h | 4 ++-- src/common/request/CheckRequest.h | 2 +- src/common/request/InsertOrUpdateBucketRequest.h | 2 +- src/common/request/RemoveBucketRequest.h | 2 +- src/common/request/Request.h | 2 +- src/common/request/RequestTaker.h | 2 +- src/common/request/SetPoliciesRequest.h | 2 +- src/common/request/SignalRequest.h | 2 +- src/common/response/CheckResponse.h | 2 +- src/common/response/CodeResponse.h | 2 +- src/common/response/Response.h | 2 +- src/common/response/ResponseTaker.h | 2 +- src/common/sockets/SocketClient.h | 2 +- src/service/storage/InMemoryStorageBackend.h | 2 +- src/service/storage/StorageSerializer.h | 2 +- test/storage/serializer/bucket_load.cpp | 2 +- test/storage/serializer/serialize.cpp | 2 +- 42 files changed, 45 insertions(+), 43 deletions(-) diff --git a/src/admin/api/ApiInterface.h b/src/admin/api/ApiInterface.h index 9c513f6..eb2b17b 100644 --- a/src/admin/api/ApiInterface.h +++ b/src/admin/api/ApiInterface.h @@ -39,7 +39,7 @@ namespace Cynara { class ApiInterface { public: ApiInterface() = default; - virtual ~ApiInterface() = default; + virtual ~ApiInterface() {}; virtual int setPolicies(const std::map> &insertOrUpdate, const std::map> &remove) noexcept = 0; diff --git a/src/admin/logic/Logic.h b/src/admin/logic/Logic.h index d61c7e8..2d349f3 100644 --- a/src/admin/logic/Logic.h +++ b/src/admin/logic/Logic.h @@ -40,7 +40,7 @@ private: public: Logic(); - virtual ~Logic() = default; + virtual ~Logic() {}; virtual int setPolicies(const std::map> &insertOrUpdate, const std::map> &remove) noexcept; diff --git a/src/client/api/ApiInterface.h b/src/client/api/ApiInterface.h index f268508..73bcec5 100644 --- a/src/client/api/ApiInterface.h +++ b/src/client/api/ApiInterface.h @@ -31,7 +31,7 @@ namespace Cynara { class ApiInterface { public: ApiInterface() = default; - virtual ~ApiInterface() = default; + virtual ~ApiInterface() {}; virtual int check(const std::string &client, const std::string &session, const std::string &user, const std::string &privilege) = 0; diff --git a/src/client/cache/CacheInterface.h b/src/client/cache/CacheInterface.h index f325a42..0279fdb 100644 --- a/src/client/cache/CacheInterface.h +++ b/src/client/cache/CacheInterface.h @@ -47,7 +47,7 @@ typedef std::shared_ptr ResultGetterInterfacePtr; class ResultGetterInterface { public: virtual int requestResult(const PolicyKey &key, PolicyResult &result) noexcept = 0; - virtual ~ResultGetterInterface() = default; + virtual ~ResultGetterInterface() {}; }; class InterpreterInterface { @@ -56,7 +56,7 @@ public: virtual bool isUsable(const PolicyResult &result) noexcept = 0; virtual int toResult(const PolicyResult &result) noexcept = 0; - virtual ~InterpreterInterface() = default; + virtual ~InterpreterInterface() {}; }; class PluginCache { @@ -72,7 +72,7 @@ public: m_plugins.clear(); } - virtual ~PluginCache() = default; + virtual ~PluginCache() {}; protected: std::map m_plugins; diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index e9f2c23..ec298da 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -41,7 +41,7 @@ private: public: Logic(); - virtual ~Logic() = default; + virtual ~Logic() {}; virtual int check(const std::string &client, const std::string &session, const std::string &user, const std::string &privilege) noexcept; diff --git a/src/common/exceptions/BucketDeserializationException.h b/src/common/exceptions/BucketDeserializationException.h index 2a00555..01d9a80 100644 --- a/src/common/exceptions/BucketDeserializationException.h +++ b/src/common/exceptions/BucketDeserializationException.h @@ -30,6 +30,7 @@ namespace Cynara { class BucketDeserializationException : public DatabaseException { public: BucketDeserializationException(const PolicyBucketId &bucketId) : m_bucketId(bucketId) {} + ~BucketDeserializationException() noexcept {}; const std::string message(void) const { if (m_message.empty()) { diff --git a/src/common/exceptions/BucketNotExistsException.h b/src/common/exceptions/BucketNotExistsException.h index 54c942e..18eb190 100644 --- a/src/common/exceptions/BucketNotExistsException.h +++ b/src/common/exceptions/BucketNotExistsException.h @@ -34,7 +34,7 @@ class BucketNotExistsException : public Exception { public: BucketNotExistsException() = delete; BucketNotExistsException(const PolicyBucketId &bucketId) : m_bucketId(bucketId) {} - virtual ~BucketNotExistsException() = default; + virtual ~BucketNotExistsException() noexcept {}; virtual const std::string message(void) const { return "BucketNotExistsException"; diff --git a/src/common/exceptions/BucketRecordCorruptedException.h b/src/common/exceptions/BucketRecordCorruptedException.h index 227c1d9..8152a77 100644 --- a/src/common/exceptions/BucketRecordCorruptedException.h +++ b/src/common/exceptions/BucketRecordCorruptedException.h @@ -31,7 +31,7 @@ namespace Cynara { class BucketRecordCorruptedException : public Exception { public: BucketRecordCorruptedException(void) = delete; - virtual ~BucketRecordCorruptedException(void) = default; + virtual ~BucketRecordCorruptedException() noexcept {}; BucketRecordCorruptedException(const std::string &line) : m_lineNumber(0), m_line(line) {} diff --git a/src/common/exceptions/BucketSerializationException.h b/src/common/exceptions/BucketSerializationException.h index 8882ff4..83f3397 100644 --- a/src/common/exceptions/BucketSerializationException.h +++ b/src/common/exceptions/BucketSerializationException.h @@ -30,6 +30,7 @@ namespace Cynara { class BucketSerializationException : public DatabaseException { public: BucketSerializationException(const PolicyBucketId &bucketId) : m_bucketId(bucketId) {} + ~BucketSerializationException() noexcept {}; const std::string message(void) const { if (m_message.empty()) { diff --git a/src/common/exceptions/CannotCreateFileException.h b/src/common/exceptions/CannotCreateFileException.h index bb3f937..cfdfb49 100644 --- a/src/common/exceptions/CannotCreateFileException.h +++ b/src/common/exceptions/CannotCreateFileException.h @@ -32,7 +32,7 @@ namespace Cynara { class CannotCreateFileException : public DatabaseException { public: CannotCreateFileException(const std::string &filename) : m_filename(filename) {}; - virtual ~CannotCreateFileException() = default; + virtual ~CannotCreateFileException() noexcept {}; const std::string message(void) const { if (m_message.empty()) { diff --git a/src/common/exceptions/DefaultBucketDeletionException.h b/src/common/exceptions/DefaultBucketDeletionException.h index 6a92ec5..92e1a73 100644 --- a/src/common/exceptions/DefaultBucketDeletionException.h +++ b/src/common/exceptions/DefaultBucketDeletionException.h @@ -32,7 +32,7 @@ namespace Cynara { class DefaultBucketDeletionException : public Exception { public: DefaultBucketDeletionException() = default; - virtual ~DefaultBucketDeletionException() = default; + virtual ~DefaultBucketDeletionException() noexcept {}; virtual const std::string message(void) const { return "DefaultBucketDeletionException"; diff --git a/src/common/exceptions/DescriptorNotExistsException.h b/src/common/exceptions/DescriptorNotExistsException.h index 5dd9553..095ffba 100644 --- a/src/common/exceptions/DescriptorNotExistsException.h +++ b/src/common/exceptions/DescriptorNotExistsException.h @@ -43,7 +43,7 @@ public: m_whatMsg = stream.str(); } - virtual ~DescriptorNotExistsException() = default; + virtual ~DescriptorNotExistsException() noexcept {}; virtual const std::string message(void) const { return m_whatMsg; diff --git a/src/common/exceptions/Exception.h b/src/common/exceptions/Exception.h index b709060..74ded47 100644 --- a/src/common/exceptions/Exception.h +++ b/src/common/exceptions/Exception.h @@ -33,7 +33,7 @@ public: m_backtrace = Backtrace::getBacktrace(); } - virtual ~Exception() = default; + virtual ~Exception() noexcept {}; virtual const char *what(void) const noexcept { if(m_whatMessage.empty()) { diff --git a/src/common/exceptions/FileNotFoundException.h b/src/common/exceptions/FileNotFoundException.h index e353c19..bce1fcb 100644 --- a/src/common/exceptions/FileNotFoundException.h +++ b/src/common/exceptions/FileNotFoundException.h @@ -32,7 +32,7 @@ namespace Cynara { class FileNotFoundException : public DatabaseException { public: FileNotFoundException(const std::string &filename) : m_filename(filename) {}; - virtual ~FileNotFoundException() = default; + virtual ~FileNotFoundException() noexcept {}; const std::string message(void) const { if (m_message.empty()) { diff --git a/src/common/exceptions/InitException.h b/src/common/exceptions/InitException.h index d06e1d7..c51cb5b 100644 --- a/src/common/exceptions/InitException.h +++ b/src/common/exceptions/InitException.h @@ -32,7 +32,7 @@ namespace Cynara { class InitException : public Exception { public: InitException() = default; - virtual ~InitException() = default; + virtual ~InitException() noexcept {}; virtual const std::string message(void) const { return "InitException"; diff --git a/src/common/exceptions/InvalidProtocolException.h b/src/common/exceptions/InvalidProtocolException.h index a2d65d1..33053e9 100644 --- a/src/common/exceptions/InvalidProtocolException.h +++ b/src/common/exceptions/InvalidProtocolException.h @@ -59,7 +59,7 @@ public: } - virtual ~InvalidProtocolException() = default; + virtual ~InvalidProtocolException() noexcept {}; virtual const std::string message(void) const { return m_whatMessage; diff --git a/src/common/exceptions/NotImplementedException.h b/src/common/exceptions/NotImplementedException.h index ceabb9a..3d1882a 100644 --- a/src/common/exceptions/NotImplementedException.h +++ b/src/common/exceptions/NotImplementedException.h @@ -32,7 +32,7 @@ namespace Cynara { class NotImplementedException : public Exception { public: NotImplementedException() = default; - virtual ~NotImplementedException() = default; + virtual ~NotImplementedException() noexcept {}; virtual const std::string message(void) const { return "NotImplementedException"; diff --git a/src/common/exceptions/NullPointerException.h b/src/common/exceptions/NullPointerException.h index ffd0bef..02db1c5 100644 --- a/src/common/exceptions/NullPointerException.h +++ b/src/common/exceptions/NullPointerException.h @@ -42,7 +42,7 @@ public: + std::string(">"); } - virtual ~NullPointerException() = default; + virtual ~NullPointerException() noexcept {}; virtual const std::string message(void) const { return m_whatMsg; diff --git a/src/common/exceptions/OutOfDataException.h b/src/common/exceptions/OutOfDataException.h index 827eb7a..c0b63bd 100644 --- a/src/common/exceptions/OutOfDataException.h +++ b/src/common/exceptions/OutOfDataException.h @@ -44,7 +44,7 @@ public: m_whatMsg = stream.str(); } - virtual ~OutOfDataException() = default; + virtual ~OutOfDataException() noexcept {}; virtual const std::string message(void) const { return m_whatMsg; diff --git a/src/common/exceptions/PluginNotFoundException.h b/src/common/exceptions/PluginNotFoundException.h index 345fd1d..4e422d3 100644 --- a/src/common/exceptions/PluginNotFoundException.h +++ b/src/common/exceptions/PluginNotFoundException.h @@ -45,7 +45,7 @@ public: m_whatMessage = stream.str(); } - virtual ~PluginNotFoundException() = default; + virtual ~PluginNotFoundException() noexcept {}; virtual const std::string message(void) const { return m_whatMessage; diff --git a/src/common/exceptions/ServerConnectionErrorException.h b/src/common/exceptions/ServerConnectionErrorException.h index a5a7b08..88a5e47 100644 --- a/src/common/exceptions/ServerConnectionErrorException.h +++ b/src/common/exceptions/ServerConnectionErrorException.h @@ -32,7 +32,7 @@ namespace Cynara { class ServerConnectionErrorException : public Exception { public: ServerConnectionErrorException() = default; - virtual ~ServerConnectionErrorException() = default; + virtual ~ServerConnectionErrorException() noexcept {}; virtual const std::string message(void) const { return "ServerConnectionError"; } diff --git a/src/common/exceptions/UnexpectedErrorException.h b/src/common/exceptions/UnexpectedErrorException.h index a7d100b..f3fca09 100644 --- a/src/common/exceptions/UnexpectedErrorException.h +++ b/src/common/exceptions/UnexpectedErrorException.h @@ -49,7 +49,7 @@ public: m_whatMessage = stream.str(); } - virtual ~UnexpectedErrorException() = default; + virtual ~UnexpectedErrorException() noexcept {}; virtual const std::string message(void) const { return m_whatMessage; diff --git a/src/common/protocol/Protocol.h b/src/common/protocol/Protocol.h index daf001c..5069cff 100644 --- a/src/common/protocol/Protocol.h +++ b/src/common/protocol/Protocol.h @@ -40,7 +40,7 @@ typedef std::shared_ptr ProtocolPtr; class Protocol : public RequestTaker, public ResponseTaker { public: Protocol() = default; - virtual ~Protocol() = default; + virtual ~Protocol() {}; virtual ProtocolPtr clone(void) = 0; diff --git a/src/common/protocol/ProtocolFrame.h b/src/common/protocol/ProtocolFrame.h index 709196e..f3c64b8 100644 --- a/src/common/protocol/ProtocolFrame.h +++ b/src/common/protocol/ProtocolFrame.h @@ -40,7 +40,7 @@ class ProtocolFrame: public IStream { public: ProtocolFrame(ProtocolFrameHeaderPtr frameHeader, BinaryQueuePtr headerContent); - virtual ~ProtocolFrame() = default; + virtual ~ProtocolFrame() {}; ProtocolFrameHeaderPtr frameHeader(void) { return m_frameHeader; diff --git a/src/common/protocol/ProtocolFrameHeader.h b/src/common/protocol/ProtocolFrameHeader.h index 0db0d6b..6560255 100644 --- a/src/common/protocol/ProtocolFrameHeader.h +++ b/src/common/protocol/ProtocolFrameHeader.h @@ -46,7 +46,7 @@ private: public: ProtocolFrameHeader(BinaryQueuePtr headerContent = nullptr); - virtual ~ProtocolFrameHeader() = default; + virtual ~ProtocolFrameHeader() {}; virtual void read(size_t num, void *bytes); virtual void write(size_t num, const void *bytes); diff --git a/src/common/protocol/ProtocolSerialization.h b/src/common/protocol/ProtocolSerialization.h index 532f78b..f3acff7 100644 --- a/src/common/protocol/ProtocolSerialization.h +++ b/src/common/protocol/ProtocolSerialization.h @@ -38,7 +38,7 @@ class IStream { public: virtual void read(size_t num, void *bytes) = 0; virtual void write(size_t num, const void *bytes) = 0; - virtual ~IStream() = default; + virtual ~IStream() {}; }; // Serializable interface @@ -47,7 +47,7 @@ public: /* ISerializable(){}; * ISerializable(IStream&){}; */ virtual void serialize(IStream &) const = 0; - virtual ~ISerializable() = default; + virtual ~ISerializable() {}; }; struct ProtocolSerialization { diff --git a/src/common/request/CheckRequest.h b/src/common/request/CheckRequest.h index 03135c7..7262347 100644 --- a/src/common/request/CheckRequest.h +++ b/src/common/request/CheckRequest.h @@ -40,7 +40,7 @@ public: Request(sequenceNumber), m_key(key) { } - virtual ~CheckRequest() = default; + virtual ~CheckRequest() {}; const PolicyKey &key(void) const { return m_key; diff --git a/src/common/request/InsertOrUpdateBucketRequest.h b/src/common/request/InsertOrUpdateBucketRequest.h index b166d71..2cf03ce 100644 --- a/src/common/request/InsertOrUpdateBucketRequest.h +++ b/src/common/request/InsertOrUpdateBucketRequest.h @@ -43,7 +43,7 @@ public: Request(sequenceNumber), m_bucketId(bucketId), m_result(result) { } - virtual ~InsertOrUpdateBucketRequest() = default; + virtual ~InsertOrUpdateBucketRequest() {}; const PolicyBucketId &bucketId(void) const { return m_bucketId; diff --git a/src/common/request/RemoveBucketRequest.h b/src/common/request/RemoveBucketRequest.h index ff49a43..49ef2a0 100644 --- a/src/common/request/RemoveBucketRequest.h +++ b/src/common/request/RemoveBucketRequest.h @@ -40,7 +40,7 @@ public: : Request(sequenceNumber), m_bucketId(bucketId) { } - virtual ~RemoveBucketRequest() = default; + virtual ~RemoveBucketRequest() {}; const PolicyBucketId &bucketId(void) const { return m_bucketId; diff --git a/src/common/request/Request.h b/src/common/request/Request.h index ac92398..9b9a2d2 100644 --- a/src/common/request/Request.h +++ b/src/common/request/Request.h @@ -33,7 +33,7 @@ class Request { public: Request(ProtocolFrameSequenceNumber sequenceNumber) : m_sequenceNumber(sequenceNumber) { } - virtual ~Request() = default; + virtual ~Request() {}; virtual void execute(RequestPtr self, RequestTakerPtr taker, RequestContextPtr context) const = 0; diff --git a/src/common/request/RequestTaker.h b/src/common/request/RequestTaker.h index 0c3ff7d..9d0a10f 100644 --- a/src/common/request/RequestTaker.h +++ b/src/common/request/RequestTaker.h @@ -30,7 +30,7 @@ namespace Cynara { class RequestTaker { public: RequestTaker() = default; - virtual ~RequestTaker() = default; + virtual ~RequestTaker() {}; virtual void execute(RequestContextPtr context, CheckRequestPtr request); virtual void execute(RequestContextPtr context, InsertOrUpdateBucketRequestPtr request); diff --git a/src/common/request/SetPoliciesRequest.h b/src/common/request/SetPoliciesRequest.h index d876ad1..afb8f14 100644 --- a/src/common/request/SetPoliciesRequest.h +++ b/src/common/request/SetPoliciesRequest.h @@ -49,7 +49,7 @@ public: m_removePolicies(removePolicies) { } - virtual ~SetPoliciesRequest() = default; + virtual ~SetPoliciesRequest() {}; const std::map> &policiesToBeInsertedOrUpdated(void) const { return m_insertOrUpdatePolicies; diff --git a/src/common/request/SignalRequest.h b/src/common/request/SignalRequest.h index f9d1422..068834d 100644 --- a/src/common/request/SignalRequest.h +++ b/src/common/request/SignalRequest.h @@ -38,7 +38,7 @@ public: SignalRequest(struct signalfd_siginfo sigInfo) : Request(0), m_sigInfo(sigInfo) { } - virtual ~SignalRequest() = default; + virtual ~SignalRequest() {}; virtual void execute(RequestPtr self, RequestTakerPtr taker, RequestContextPtr context) const; diff --git a/src/common/response/CheckResponse.h b/src/common/response/CheckResponse.h index 1f49648..1ca69f3 100644 --- a/src/common/response/CheckResponse.h +++ b/src/common/response/CheckResponse.h @@ -39,7 +39,7 @@ public: Response(sequenceNumber), m_resultRef(result) { } - virtual ~CheckResponse() = default; + virtual ~CheckResponse() {}; virtual void execute(ResponsePtr self, ResponseTakerPtr taker, RequestContextPtr context) const; diff --git a/src/common/response/CodeResponse.h b/src/common/response/CodeResponse.h index ec04e03..96d04c6 100644 --- a/src/common/response/CodeResponse.h +++ b/src/common/response/CodeResponse.h @@ -43,7 +43,7 @@ public: Response(sequenceNumber), m_code(code) { } - virtual ~CodeResponse() = default; + virtual ~CodeResponse() {}; virtual void execute(ResponsePtr self, ResponseTakerPtr taker, RequestContextPtr context) const; diff --git a/src/common/response/Response.h b/src/common/response/Response.h index e85de48..0731975 100644 --- a/src/common/response/Response.h +++ b/src/common/response/Response.h @@ -33,7 +33,7 @@ class Response { public: Response(ProtocolFrameSequenceNumber sequenceNumber) : m_sequenceNumber(sequenceNumber) { }; - virtual ~Response() = default; + virtual ~Response() {}; virtual void execute(ResponsePtr self, ResponseTakerPtr taker, RequestContextPtr context) const = 0; diff --git a/src/common/response/ResponseTaker.h b/src/common/response/ResponseTaker.h index 545f60f..8aede4d 100644 --- a/src/common/response/ResponseTaker.h +++ b/src/common/response/ResponseTaker.h @@ -31,7 +31,7 @@ namespace Cynara { class ResponseTaker { public: ResponseTaker() = default; - virtual ~ResponseTaker() = default; + virtual ~ResponseTaker() {}; virtual void execute(RequestContextPtr context, CheckResponsePtr response); virtual void execute(RequestContextPtr context, CodeResponsePtr response); diff --git a/src/common/sockets/SocketClient.h b/src/common/sockets/SocketClient.h index fae5ba3..7553a5a 100644 --- a/src/common/sockets/SocketClient.h +++ b/src/common/sockets/SocketClient.h @@ -46,7 +46,7 @@ private: public: SocketClient(const std::string &socketPath, ProtocolPtr protocol); - virtual ~SocketClient() = default; + virtual ~SocketClient() {}; //returns pointer to response // or nullptr when connection to cynara service is lost diff --git a/src/service/storage/InMemoryStorageBackend.h b/src/service/storage/InMemoryStorageBackend.h index be187bb..d811edd 100644 --- a/src/service/storage/InMemoryStorageBackend.h +++ b/src/service/storage/InMemoryStorageBackend.h @@ -44,7 +44,7 @@ class InMemoryStorageBackend : public StorageBackend { public: InMemoryStorageBackend(const std::string &path) : m_dbPath(path) { } - virtual ~InMemoryStorageBackend() = default; + virtual ~InMemoryStorageBackend() {}; virtual void load(void); virtual void save(void); diff --git a/src/service/storage/StorageSerializer.h b/src/service/storage/StorageSerializer.h index a995265..55ec2cd 100644 --- a/src/service/storage/StorageSerializer.h +++ b/src/service/storage/StorageSerializer.h @@ -45,7 +45,7 @@ public: BucketStreamOpener; StorageSerializer(std::shared_ptr os); - virtual ~StorageSerializer() = default; + virtual ~StorageSerializer() {}; virtual void dump(const Buckets &buckets, BucketStreamOpener streamOpener); diff --git a/test/storage/serializer/bucket_load.cpp b/test/storage/serializer/bucket_load.cpp index 3c2096e..8e5b2df 100644 --- a/test/storage/serializer/bucket_load.cpp +++ b/test/storage/serializer/bucket_load.cpp @@ -43,7 +43,7 @@ MATCHER_P(PolicyAtPtrEq, policy, "") { class BucketDeserializerFixture : public ::testing::Test { public: - virtual ~BucketDeserializerFixture() = default; + virtual ~BucketDeserializerFixture() {}; PolicyPtr createPolicy(const PolicyKey &pk, const PolicyResult &pr) { return std::make_shared(pk, pr); diff --git a/test/storage/serializer/serialize.cpp b/test/storage/serializer/serialize.cpp index 07804f4..ad55495 100644 --- a/test/storage/serializer/serialize.cpp +++ b/test/storage/serializer/serialize.cpp @@ -56,7 +56,7 @@ public: class StorageSerializerFixture : public ::testing::Test { public: - virtual ~StorageSerializerFixture() = default; + virtual ~StorageSerializerFixture() {}; Cynara::Buckets buckets; FakeStreamForBucketId fakeStreamOpener; -- 2.7.4 From 88cebd4b4739baf26d06114b40efb28cbd43a9a4 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Wed, 6 Aug 2014 15:12:15 +0200 Subject: [PATCH 14/16] Move user and group creating section from %post to %pre scriptlet This change is needed for creating cynara local state directory with proper user and group. Change-Id: I50d353f7fee1e352c7377a8902a237519c0a6491 --- packaging/cynara.spec | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/packaging/cynara.spec b/packaging/cynara.spec index a3d82f0..937fbea 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -104,13 +104,7 @@ mkdir -p %{buildroot}/%{state_path} ln -s ../cynara.socket %{buildroot}/usr/lib/systemd/system/sockets.target.wants/cynara.socket ln -s ../cynara-admin.socket %{buildroot}/usr/lib/systemd/system/sockets.target.wants/cynara-admin.socket -%post -### Add file capabilities if needed -### setcap/getcap binary are useful. To use them you must install libcap and libcap-tools packages -### In such case uncomment Requires with those packages - -systemctl daemon-reload - +%pre id -g %{group_name} > /dev/null 2>&1 if [ $? -eq 1 ]; then groupadd %{group_name} -r > /dev/null 2>&1 @@ -121,6 +115,13 @@ if [ $? -eq 1 ]; then useradd -m %{user_name} -r > /dev/null 2>&1 fi +%post +### Add file capabilities if needed +### setcap/getcap binary are useful. To use them you must install libcap and libcap-tools packages +### In such case uncomment Requires with those packages + +systemctl daemon-reload + if [ $1 = 1 ]; then systemctl enable %{name}.service fi -- 2.7.4 From 895c4129ad96d10029491fc514caad6475f38d7d Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Wed, 6 Aug 2014 21:18:47 +0200 Subject: [PATCH 15/16] Release version 0.2.1 Change-Id: Ibae38957b9c8e359b351ce888358e7554af1b8ee --- packaging/cynara.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/cynara.spec b/packaging/cynara.spec index 937fbea..8d9c94f 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -1,6 +1,6 @@ Name: cynara Summary: Cynara service with client libraries -Version: 0.2.0 +Version: 0.2.1 Release: 1 Group: Security/Access Control License: Apache-2.0 -- 2.7.4 From afb766d37eaed3409323efe82e957f99455bfb02 Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Fri, 1 Aug 2014 15:20:52 +0200 Subject: [PATCH 16/16] Merge cynara and cynara-tests spec files Change-Id: I254584d5ef8a5e546be8bec4eb9e9629199306bc --- CMakeLists.txt | 2 ++ .../cynara-tests.manifest | 0 packaging/cynara.spec | 18 ++++++++++- packaging_tests/cynara-tests.spec | 31 ------------------- test/CMakeLists.txt | 36 +++------------------- 5 files changed, 24 insertions(+), 63 deletions(-) rename {packaging_tests => packaging}/cynara-tests.manifest (100%) delete mode 100644 packaging_tests/cynara-tests.spec diff --git a/CMakeLists.txt b/CMakeLists.txt index 85bcfdb..354d39b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -57,7 +57,9 @@ SET(TARGET_CYNARA "cynara") SET(TARGET_LIB_CYNARA "cynara-client") SET(TARGET_LIB_CYNARA_ADMIN "cynara-admin") SET(TARGET_CYNARA_COMMON "cynara-commons") +SET(TARGET_CYNARA_TESTS "cynara-tests") ADD_SUBDIRECTORY(src) +ADD_SUBDIRECTORY(test) ADD_SUBDIRECTORY(build) ADD_SUBDIRECTORY(systemd) diff --git a/packaging_tests/cynara-tests.manifest b/packaging/cynara-tests.manifest similarity index 100% rename from packaging_tests/cynara-tests.manifest rename to packaging/cynara-tests.manifest diff --git a/packaging/cynara.spec b/packaging/cynara.spec index 8d9c94f..8bb7e14 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -8,6 +8,7 @@ Source0: %{name}-%{version}.tar.gz Source1001: cynara.manifest Source1002: libcynara-client.manifest Source1003: libcynara-admin.manifest +Source1004: cynara-tests.manifest Requires: default-ac-domains BuildRequires: cmake BuildRequires: zip @@ -29,7 +30,8 @@ BuildRequires: pkgconfig(libunwind) %endif %description -service and client libraries (libcynara-client, libcynara-admin) +service, client libraries (libcynara-client, libcynara-admin) +and tests (cynara-tests) ####################################################### %package -n libcynara-client @@ -66,6 +68,15 @@ Requires: libcynara-admin = %{version}-%{release} admin client library (devel) for setting, listing and removing policies ####################################################### +%package -n cynara-tests +Summary: Cynara - cynara test binaries +BuildRequires: pkgconfig(gmock) + +%description -n cynara-tests +Cynara tests + +####################################################### + %package -n cynara-devel Summary: Cynara service (devel) Requires: cynara = %{version}-%{release} @@ -78,6 +89,7 @@ service (devel version) cp -a %{SOURCE1001} . cp -a %{SOURCE1002} . cp -a %{SOURCE1003} . +cp -a %{SOURCE1004} . %build %if 0%{?sec_build_binary_debug_enable} @@ -199,3 +211,7 @@ fi %{_includedir}/cynara/cynara-admin.h %{_libdir}/libcynara-admin.so %{_libdir}/pkgconfig/cynara-admin.pc + +%files -n cynara-tests +%manifest cynara-tests.manifest +%attr(755,root,root) /usr/bin/cynara-tests diff --git a/packaging_tests/cynara-tests.spec b/packaging_tests/cynara-tests.spec deleted file mode 100644 index 8b1de31..0000000 --- a/packaging_tests/cynara-tests.spec +++ /dev/null @@ -1,31 +0,0 @@ -Name: cynara-tests -Summary: Cynara tests -Version: 0.0.1 -Release: 1 -Group: Development/Testing -License: Apache-2.0 -Source0: %{name}-%{version}.tar.gz -Source1001: cynara-tests.manifest -BuildRequires: cmake -BuildRequires: pkgconfig(gmock) - -%description -Cynara tests - -%global build_type %{?build_type:%build_type}%{!?build_type:RELEASE} - -%prep -%setup -q -cp -a %{SOURCE1001} . - -%build -%cmake test -DCMAKE_BUILD_TYPE=%{?build_type} \ - -DCMAKE_VERBOSE_MAKEFILE=ON -make %{?jobs:-j%jobs} - -%install -%make_install - -%files -%manifest cynara-tests.manifest -%attr(755,root,root) /usr/bin/cynara-tests diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index b391a4c..820279f 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -16,47 +16,21 @@ # @author Aleksander Zdyb # @brief Cmake for tests # - -############################# Check minimum CMake version ##################### - -CMAKE_MINIMUM_REQUIRED(VERSION 2.8.3) -PROJECT("cynara-tests") - -############################# cmake packages ################################## - -INCLUDE(FindPkgConfig) - -############################# compiler flags ################################## - -SET(CMAKE_C_FLAGS_DEBUG "-g -O0 -ggdb") -SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++0x -O0 -ggdb -Wp,-U_FORTIFY_SOURCE") -SET(CMAKE_C_FLAGS_RELEASE "-g -O2") -SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++0x -O2") - -# Set compiler warning flags -ADD_DEFINITIONS("-Werror") # Make all warnings into errors. -ADD_DEFINITIONS("-Wall") # Generate all warnings -ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings -ADD_DEFINITIONS("-DCYNARA_NO_LOGS") # Disable building logs - -MESSAGE(STATUS "CMAKE_BUILD_TYPE: ${CMAKE_BUILD_TYPE}") - -SET(TARGET_CYNARA_TESTS "cynara-tests") - PKG_CHECK_MODULES(PKGS REQUIRED gmock_main) -SET(CYNARA_SRC ${PROJECT_SOURCE_DIR}/../src) +ADD_DEFINITIONS("-DCYNARA_NO_LOGS") +SET(CYNARA_SRC ${PROJECT_SOURCE_DIR}/src) SET(CYNARA_SOURCES_FOR_TESTS - ${CYNARA_SRC}/service/storage/Storage.cpp ${CYNARA_SRC}/common/types/PolicyBucket.cpp + ${CYNARA_SRC}/common/types/PolicyKey.cpp ${CYNARA_SRC}/common/types/PolicyKeyHelpers.cpp + ${CYNARA_SRC}/common/types/PolicyType.cpp + ${CYNARA_SRC}/service/storage/Storage.cpp ${CYNARA_SRC}/service/storage/InMemoryStorageBackend.cpp ${CYNARA_SRC}/service/storage/BucketDeserializer.cpp ${CYNARA_SRC}/service/storage/StorageDeserializer.cpp ${CYNARA_SRC}/service/storage/StorageSerializer.cpp - ${CYNARA_SRC}/common/types/PolicyKey.cpp - ${CYNARA_SRC}/common/types/PolicyType.cpp ) SET(CYNARA_TESTS_SOURCES -- 2.7.4