Pawel Wieczorek [Mon, 12 Jan 2015 12:45:21 +0000 (13:45 +0100)]
Move bucket separators to PathConfig::StoragePath
This patch removes both bucket separators - for fields as well as for
records - from StorageSerializer. To this point they could be accessed
using provided static member functions. This is no longer possible, as
StorageSerializer has to be rewritten using templates.
Change-Id: Ib010bd0b125a1a93da9983d9bdd7b8f75cbbc191
Pawel Wieczorek [Thu, 4 Dec 2014 10:45:40 +0000 (11:45 +0100)]
Move storage consts to PatchConfig::StoragePath
Put all default values of Cynara storage consts into config namespace.
Change-Id: If0bfaca58708b575bfada41448f000272e54182e
Pawel Wieczorek [Wed, 12 Nov 2014 17:02:34 +0000 (18:02 +0100)]
Move migration tool to its parent directory
This patch drops creation of additional directory "cynara" in /usr/sbin.
According to FHS, there must not be placed any directories. Migration
scripts will get common prefix ("cynara-db-") and will be placed there
directly.
What is more, regardless of its actual contents, no executable in
/usr/sbin has file extension. This patch removes extension from main
migration tool script.
Change-Id: I4f5ccbf1e86815d4b4aa4e785dc01d8188d90fd5
Pawel Wieczorek [Wed, 4 Feb 2015 11:11:19 +0000 (12:11 +0100)]
Modify version check during package upgrade
Cynara has to determine its currently installed version during package
upgrade. Doing RPM queries from inside install-time scripts isn't
recommended. Necessary information is obtained from Cynara's version
information.
However, not all Cynara releases provided mechanism of reporting its
version. In case of lack of it, following fallback mechanism is
provided: version information is extracted from a name of a file that
Cynara depends on, which currently is
"<libdir>/libcynara-commons.so.<version>".
Change-Id: I5c9a2abf123d91a32513980e3f9c24112d59547c
Pawel Wieczorek [Tue, 17 Feb 2015 09:28:02 +0000 (10:28 +0100)]
Add tests for version reporting
This patch adds tests for calling main Cynara executable with additional
options. Following call scenarios are checked (both long and short
options):
* print version,
* print help,
* unknown option.
Change-Id: Ibab5d7a081fd1da8b98a59c9a242fd17725cd400
Pawel Wieczorek [Wed, 21 Jan 2015 13:12:42 +0000 (14:12 +0100)]
Add version information to the main executable
In order to comply with GNU Coding Standards for command-line
interfaces, Cynara has to report its current version.
Cynara now responds to two command-line options:
* -V, --version prints installed version of Cynara,
* -h, --help prints help message.
Change-Id: I386a09d00f1542cbff8db6a4b9eb2ac9a7fab9fb
Pawel Wieczorek [Tue, 17 Feb 2015 15:29:15 +0000 (16:29 +0100)]
Add quiet fixture for commandline tests
This patch introduces fixture which suppresses printing output to
std::cout or std::cerr. Data is redirected to temporary buffers and
accessible from there.
Change-Id: Ia1b8b240be95d1d672a56cd9eaf6e13320bb375b
Pawel Wieczorek [Mon, 16 Feb 2015 16:14:12 +0000 (17:14 +0100)]
Make commandline tests fixture more generic
CyadCommandlineTest fixture can be reused for tests of Cynara's
commandline interface (and others, if necessary). Its functionality is
now moved to BaseCommandlineTest fixture.
Commons for tests will be placed in "test-common", because name "common"
was already taken - it's a place for storing tests of Cynara's commons.
Change-Id: I57a5c894ed03ee349a30dae922ec669003eaac5c
Aleksander Zdyb [Mon, 12 Jan 2015 12:01:24 +0000 (13:01 +0100)]
Add performance tests for InMemoryStorageBackend
Methods of InMemoryStorageBackend::hasBucket()
and InMemoryStorageBackend::createBucket() are checked
against possible performance issues.
Change-Id: I0f65b77cab6ae88f62a495f0e34c38e391c61773
Adam Malinowski [Thu, 12 Feb 2015 14:39:53 +0000 (15:39 +0100)]
Fix (de)serializing sizes of strings & containers
Additionally fix (de)serializing bool as its size is implementation
specific and remove unused code.
Change-Id: I5389b2191b827a2da5dfe0d967064b10ca9d4a73
Adam Malinowski [Fri, 6 Feb 2015 08:58:02 +0000 (09:58 +0100)]
Introduce logging of privilege checks (AUDIT)
Added functionality saves privilege checking responses in systemd
journal. Such entries may be filtered using CYNARA_LOG_TYPE=AUDIT
field. Logging depends on configuration based on environment variable
CYNARA_AUDIT_LEVEL which may take one of following values:
* NONE - nothing will be saved
* DENY - only DENY responses will be saved (DEFAULT behaviour)
* ALLOW - only ALLOW respones will be saved
* OTHER - other policy types e.g. plugin specific
* ALL - all above responses will be saved
Change-Id: Iaa46f3c579660784ffe5edc0c2120b822fb0061a
Aleksander Zdyb [Mon, 9 Feb 2015 12:30:26 +0000 (13:30 +0100)]
Support human-readable policy type names
Policy type is no longer parsed in CyadCommandlineParser,
but rather forwarded to CommandsDispatcher in raw form.
Apparent small feature, but required changes across many
layers. Refactoring of CyadCommandlineDispatcherTest was
needed in order to apply fixes to tests.
Change-Id: I9528554afdb5c0747c3f9ef550bf3362cd8c8084
Aleksander Zdyb [Mon, 2 Feb 2015 13:11:47 +0000 (14:11 +0100)]
Print error messages to stderr in Cyad
Every dispatched command checks return value from Cynara API
and prints possible error message using cynara_strerror() function.
Call to cynara_strerror() is not of course subject to above
check & print routine.
Change-Id: I008d1fbd592061646478b47be8ae53bbc408cb1b
Aleksander Zdyb [Thu, 22 Jan 2015 10:25:00 +0000 (11:25 +0100)]
Add API description of cynara_strerror()
Introduce new API call of cynara_strerror() used to obtain error
message from error number.
Change-Id: Ibd5b5a2af700a04fe8b3bfea8fde715b17db3a61
Zofia Abramowska [Thu, 12 Feb 2015 16:39:21 +0000 (17:39 +0100)]
Fix pluginCheck in service logic
Change-Id: I835c471b38756a9d3cee1ddfe4c4b90591744aa4
Zofia Abramowska [Tue, 10 Feb 2015 15:53:39 +0000 (16:53 +0100)]
Add client protocol side implementation of simple check
Change-Id: I379bf96ac664827d89379b1df36d903864749a4b
Zofia Abramowska [Mon, 9 Feb 2015 15:14:34 +0000 (16:14 +0100)]
Add logic side implementation of simple check
Add implementation of client and service logic side implementation
of simple check API and request and response handling.
Change-Id: Ie59fb86e20fae383196025580b164c15e855bc62
Zofia Abramowska [Tue, 10 Feb 2015 15:21:42 +0000 (16:21 +0100)]
Create request and response types for simple check client API call
Create SimpleCheckResponse and SimpleCheckRequest.
Change-Id: I75796fb035ac9dfd5ecbe1e8bfc68d37a55ba6f4
Zofia Abramowska [Tue, 3 Feb 2015 13:13:40 +0000 (14:13 +0100)]
Add new cynara_simple_check synchronous client API
New API description put in synchronous client header.
New return code added - CYNARA_API_ACCESS_NOT_RESOLVED.
Mockup function to Logic added.
Change-Id: I57968b3e17cf70c3b294af1faf8158e265ffe2b6
Zofia Abramowska [Tue, 3 Feb 2015 12:02:26 +0000 (13:02 +0100)]
Fix possible memory leaks in Logic initialization
Change for:
* client logic
* client-async logic
* admin logic
* agent logic
Change-Id: Ie2f4db0324652a24d1e4755a888fff4e713eac8c
Zofia Abramowska [Wed, 14 Jan 2015 13:06:07 +0000 (14:06 +0100)]
Add logic implementation of configuration
Add optional configuration parameter to client logic creation.
Change-Id: I66091d539b66803e069bcf7c6223017cc5e65e39
Zofia Abramowska [Wed, 14 Jan 2015 12:49:46 +0000 (13:49 +0100)]
Add api side implementation of configuration
Add implementation of cynara client (both async and sync) configuration
initialization, destruction and cache size option setting.
Change-Id: I34a81cb7c1578fc9a51944b73478ace3b623b9cc
Zofia Abramowska [Tue, 13 Jan 2015 14:28:46 +0000 (15:28 +0100)]
Add API descriptions of cynara-configuration calls
Introduce three new API calls specific for
cynara_configuration creation, destruction and cache size setting.
Change-Id: Id24175765ebff71b18bfdd4fd94c9a671c0035dc
Zofia Abramowska [Tue, 13 Jan 2015 14:24:17 +0000 (15:24 +0100)]
Add API descriptions of cynara-async-configuration calls
Introduce three new API calls specific for cynara_async_configuration
creation, destruction and cache size setting.
Change-Id: I51665a2885c6de3a49ebd30dcfc10a733707673b
Radoslaw Bartosiak [Wed, 21 Jan 2015 15:12:57 +0000 (16:12 +0100)]
Fix catching exceptions in socket helper functions
Cynara socket helpers functions could throw exceptions (GET_CRED
macro in cders-socket-inner.cpp used std::to_string()).
Fixed it with Cynara::tryCatch().
Change-Id: Ic0db847bc04e9817d1afa86310452147f9678431
Signed-off-by: Radoslaw Bartosiak <r.bartosiak@samsung.com>
Lukasz Wojciechowski [Fri, 16 Jan 2015 10:32:46 +0000 (11:32 +0100)]
Release 0.5.0
Change-Id: Iaf6d9ba8649a23477ba08dc50ccac2044ffa48b6
Lukasz Wojciechowski [Fri, 16 Jan 2015 12:21:46 +0000 (13:21 +0100)]
Fix missing predefined policies description in offline
Predefined policies description were returned only in online
admin mode. Offline admin mode returned just policy types
provided by plugins.
Now both offline and online mode return predefined and plugin
provided policy types.
Change-Id: I890062638a8d2d54dc67edd4a883cfccea5f3905
Aleksander Zdyb [Fri, 16 Jan 2015 09:50:55 +0000 (10:50 +0100)]
Implement --list-policies-descriptions option
Change-Id: I5be0664a33191863d7a38ab1b5e42004a77b912e
Aleksander Zdyb [Fri, 16 Jan 2015 09:06:12 +0000 (10:06 +0100)]
Implement --list-policies option in Cyad
Change-Id: Ib20721f04dc4c43ee92f5e279cdf764dbaf2cc2a
Aleksander Zdyb [Tue, 13 Jan 2015 08:17:04 +0000 (09:17 +0100)]
Refactorize command-line & friends
This refactoring run mostly deals with cumbersome
and redundant command-line options framework.
Change-Id: I62369d9faaf0414314e1ea5e450fac2eb7319534
Aleksander Zdyb [Mon, 5 Jan 2015 10:09:57 +0000 (11:09 +0100)]
Implement --check in Cyad
This option is used to do administrative checks
in Cynara's database.
Change-Id: I2900826610aa91d3a3c9cc042d59c7cd9f541547
Aleksander Zdyb [Mon, 5 Jan 2015 07:52:59 +0000 (08:52 +0100)]
Add -k, --bucket to help message
The option was missing in --set-policy (-s) documentation.
Change-Id: If66c2d068040cbf4d7875cc3cf3083decf6aeba0
Aleksander Zdyb [Fri, 2 Jan 2015 07:04:22 +0000 (08:04 +0100)]
Implement --erase option in Cyad
This option runs cynara_admin_erase() API function
to erase policies from Cynara's database.
Change-Id: I3659971657ef23fcd1c27850f56f32e57938aa6d
Aleksander Zdyb [Fri, 2 Jan 2015 07:46:09 +0000 (08:46 +0100)]
Introduce HumanReadableParser
A set of helper functions to parse human readable
values from command-line.
Change-Id: Ic2b8865f04f1f75afa66f3640f1eedcdff22c71d
Aleksander Zdyb [Fri, 2 Jan 2015 07:10:07 +0000 (08:10 +0100)]
Rename --policy to --type in Cyad
Option of --policy has been renamed to --type (-t)
to let --privilege have -p as short option (formerly -r).
Change-Id: Idaf2db21e33707e4472e962c2d9d6d695549dbdf
Lukasz Wojciechowski [Tue, 13 Jan 2015 19:38:08 +0000 (20:38 +0100)]
Verify PolicyType on service and offline client side
Verification of PolicyTypes was removed from libcynara-admin library.
Now it is added to Cynara service and cynara offline admin with full
plugin support. It means, that validation passes only for predefined
types or types provided by loaded cynara service plugins.
In case, the validation fails, new CodeResponse::Code::NO_POLICY_TYPE
value is returned from service to libcynara admin side and
CYNARA_API_INVALID_PARAM is returned from cynara_admin_set_policies()
or cynara_admin_set_bucket() functions.
Change-Id: Id1a85aafaa4feb31d8513e819c78736813a9ff38
Lukasz Wojciechowski [Tue, 13 Jan 2015 17:05:20 +0000 (18:05 +0100)]
Remove checking PolicyType in libcynara-admin
Two libcynara-admin API functions:
* cynara_admin_set_policies
* cynara_admin_set_bucket
have checked validity of PolicyType. Except for special values
(like NONE, BUCKET, DELETE) they accepted only ALLOW and DENY
policy types. No other policy types defined by plugins were able
to be set.
This patch removes described checks leaving only special values
handling. All other types (including ALLOW and DENY) are passed
to cynara service.
The only check that is done verifies if given policy type can
be casted into Cynara::PolicyType.
Change-Id: Iedb0434bd35d4085e977fe86d07ed33a1f89cdc7
Marcin Niesluchowski [Mon, 5 Jan 2015 11:22:21 +0000 (12:22 +0100)]
Fix bug keeping write and read queue on disconnect
Read and write binary queues are not cleared in asynchronous client
after disconnect happens. Add clearing function in connect() and
completeConnection() functions of SocketClientAsync class, when connection
state changes.
Change-Id: I18f5d13a1a21d0b99ebe456bfafd4487df9c1767
Lukasz Wojciechowski [Wed, 31 Dec 2014 01:21:48 +0000 (02:21 +0100)]
Bring back lost feature of loading client plugins
Patch "Remove loading plugins from PluginManager constructor"
removed loading plugins from PluginManager constructor.
Loading plugins was manually added to cynara service start procedure.
However PluginManager is used also in client libraries - that was
forgotten and is fixed in this patch.
Change-Id: I9bb93720fbfcf2275bff40699ea039c6ae1872dc
Lukasz Wojciechowski [Tue, 30 Dec 2014 18:22:46 +0000 (19:22 +0100)]
Remove never used offline-admin header
Change-Id: I22f12755352d230a2ae5eacf8f8040b93a0e7ead
Lukasz Wojciechowski [Tue, 30 Dec 2014 17:41:12 +0000 (18:41 +0100)]
Implement offline listing of policy descriptions
PluginManager instance is created when list of policy descriptions
is needed. Created object loads service plugins and creates required
list.
Change-Id: I9d7d5d31afb13f21c53545bd3ad8553c0a9a745b
Lukasz Wojciechowski [Tue, 30 Dec 2014 13:11:16 +0000 (14:11 +0100)]
Call acquireDatabase() in OfflineLogic API functions
Call of OfflineLogic::acquireDatabase() has been moved from
centralized point in Logic to every single call of OfflineLogic
API functions, because some functions does not require database.
So there is no need to load it.
Now database is loaded only in case, when it is needed.
Change-Id: I26131a257e85c79b97a96a748b4eb22ea96dd531
Lukasz Wojciechowski [Tue, 30 Dec 2014 12:27:55 +0000 (13:27 +0100)]
Remove loading plugins from PluginManager constructor
Loading plugins can be done also by offline API while executing
listing of available policy descriptions. That is why loading plugins
should be done only in case when database lock is aquired.
PluginManager::loadPlugin() has been changed to public and is
ran manually during cynara service startup.
Change-Id: Ie5b9276049bda08fb14d2a7620613afe5e0942f4
Adam Malinowski [Tue, 30 Dec 2014 11:21:00 +0000 (12:21 +0100)]
Make logs available in devel package
Header for logs is now installed for cynara related components
that want to use cynara logs e.g. plugins.
Change-Id: I174ce7ed4770cbf76511716e879885cffca32316
Adam Malinowski [Tue, 30 Dec 2014 11:04:39 +0000 (12:04 +0100)]
Adjust logs to C++ string stream
Now macros LOGx() accept:
* sprintf style messages e.g. LOGE("Error: [%d]", 69);
* C++ string stream e.g. LOGE("Error: [" << 69 << "]");
Change-Id: I9bbfd2dfd595c6f42f2bcba09f02d207da1c6062
Adam Malinowski [Mon, 29 Dec 2014 19:25:53 +0000 (20:25 +0100)]
Add missing include file in common install section
types/PolicyDescription.h was missing in common/CMakeLists.txt
install section.
Change-Id: Ia7afde0ef8723d680d4aaa9ba9dee7f3533bf828
Aleksander Zdyb [Sat, 20 Dec 2014 12:42:34 +0000 (13:42 +0100)]
Assemble all Cyad's components
Change-Id: I1a711cad7d5aba0508ef41f308cddcc7a0704b28
Aleksander Zdyb [Mon, 15 Dec 2014 12:58:31 +0000 (13:58 +0100)]
Implement --set-policy option in Cyad
Policies can be added or altered one by one or in bulk mode.
Option --bulk accepts file name as an argument.
The "-" value means standard input.
Change-Id: I479a29fd5ff43463f6f78d7865468bd84e1642ee
Aleksander Zdyb [Mon, 15 Dec 2014 12:49:46 +0000 (13:49 +0100)]
Implement --set-bucket and --delete-bucket in Cyad
Change-Id: I61065bb8364d8cb33821c8a7be20a4b756522b43
Aleksander Zdyb [Mon, 15 Dec 2014 09:26:12 +0000 (10:26 +0100)]
Add CyadCommandlineParser
Only --help option is currently supported.
There is also errors handling implemented.
Change-Id: I81b9aae457c49518e42582653b8c29a84b4870ac
Aleksander Zdyb [Fri, 12 Dec 2014 13:25:08 +0000 (14:25 +0100)]
Support --bulk in --set-policy in Cyad
Change-Id: I3c6792fc1f5da1d5ce8c7ca5cca2bc7380154902
Aleksander Zdyb [Fri, 12 Dec 2014 12:53:25 +0000 (13:53 +0100)]
Add --set-policy option to Cyad
Change-Id: I62dedb73c9f486cc071d2f80d93721fd81a07d13
Aleksander Zdyb [Sat, 20 Dec 2014 12:05:23 +0000 (13:05 +0100)]
Add --set-bucket and --delete-bucket to Cyad
Change-Id: I54b8199b3daf59bf9a8f81222391e42980ba2f41
Aleksander Zdyb [Sat, 20 Dec 2014 11:49:27 +0000 (12:49 +0100)]
Introduce CommandsDispatcher
Change-Id: I220422f667c32c673e0b55b04d9faac39d840037
Aleksander Zdyb [Tue, 9 Dec 2014 13:17:49 +0000 (14:17 +0100)]
Introduce AdminPolicyParser::parse()
This function parses input stream and returns
a CynaraAdminPolicies collection.
It uses parsing functions from cynara-storage library.
Change-Id: I3615563a2a8184a5c39b88952af795abd8399748
Aleksander Zdyb [Sat, 6 Dec 2014 13:58:00 +0000 (14:58 +0100)]
Make BucketDeserializer::parseKey() public
This static function will be needed in Cyad.
Change-Id: Iccc28a9ea6754e23ba7878a07546d426af9e0c9a
Aleksander Zdyb [Tue, 9 Dec 2014 12:42:33 +0000 (13:42 +0100)]
Introduce DispatcherIO
BaseDispatcherIO provides interface for wrapping
and aggregating I/O streams. The wrapping is needed
mainly for testing purposes, but in near future will
be used for printing messages, errors, etc.
DispatcherIO is a target implementation, while
FakeDispatcherIO is a stub for testing.
Change-Id: I1ce231c3bbaf5f7f483358478cdf1eb5ff618589
Aleksander Zdyb [Tue, 9 Dec 2014 12:22:55 +0000 (13:22 +0100)]
Introduce CynaraAdminPolicies
This is a collection of cynara_admin_policy structs.
It helps to manage memory and creates a convenient
wrapper while still allowing to pass it to API calls.
Change-Id: I61e39dbab88cbbbef07a0bd5ace4967d20336b17
Aleksander Zdyb [Tue, 9 Dec 2014 11:37:44 +0000 (12:37 +0100)]
Introduce AdminApiWrapper
BaseAdminApiWrapper provides interface for wrapping
functions of cynara-admin API. The wrapping is needed
mainly for testing purposes.
AdminApiWrapper is a target implementation, while
FakeAdminApiWrapper is a mock for testing.
Change-Id: I0b4afb89d8b4bec62693cf070f2a5a90f1148b79
Aleksander Zdyb [Tue, 9 Dec 2014 11:23:37 +0000 (12:23 +0100)]
Introduce Cyad
A command-line tool for managing Cynara's database.
Change-Id: I3731f0c3166469c2e4e43dff9e4593adfc66106e
Adam Malinowski [Wed, 17 Dec 2014 18:34:38 +0000 (19:34 +0100)]
Fix searching plugin in CapacityCache::update()
Also put procedure finding plugin into method as it repeats twice.
Change-Id: Icd77e45f77637a7e52871aa8d2b2c9d8d4af925d
Adam Malinowski [Wed, 17 Dec 2014 18:19:20 +0000 (19:19 +0100)]
Add debug info in plugins loading mechanism
Change-Id: Ifebe1dcb8b985764b3cbcdbf9f3bb3d0462ad234
Adam Malinowski [Wed, 17 Dec 2014 16:45:08 +0000 (17:45 +0100)]
Make logs initialized in the very begining of libs
Change-Id: I44bffd736e29c59c9d0d929906e43816dcf927d2
Adam Malinowski [Tue, 9 Dec 2014 08:56:06 +0000 (09:56 +0100)]
Fix unregistering agents on contextClosed event
Also:
* fix agent talkers removing
* optimize check requests removing
Change-Id: I0f0251783f00a90a5e3004638b08878255251eb8
Lukasz Wojciechowski [Sun, 28 Dec 2014 00:38:33 +0000 (01:38 +0100)]
Add serialization tests for DescriptionList
Add tests checking serialization/deserialization of DescriptionListRequest
and DescriptionListResponse implementation in ProtocolAdmin.
Change-Id: Ic3579436f361cbf9a9d60393de733c800c52181d
Zofia Abramowska [Tue, 23 Dec 2014 12:51:36 +0000 (13:51 +0100)]
Implement plugin description listing in admin protocol layer
Change-Id: Id8de44b255234fec8a4bd85091283db2f00be205
Zofia Abramowska [Mon, 22 Dec 2014 17:03:21 +0000 (18:03 +0100)]
Implement plugin description listing in service logic
Change-Id: I426edc48d77768b2841fb96ee35eb6eb01cfae11
Zofia Abramowska [Mon, 22 Dec 2014 16:27:21 +0000 (17:27 +0100)]
Implement plugin description listing in admin logic
Change-Id: I82f82a7dc31cad4349c91ac61a36b70e00c2929a
Zofia Abramowska [Mon, 22 Dec 2014 15:40:16 +0000 (16:40 +0100)]
Redo admin logic template
Template askCynaraAndInterpreteCodeResponse replaced with more general
getResponse.
Change-Id: I3d4ba04ebc5fb279a4eefbe9657a627822c39fc2
Zofia Abramowska [Mon, 22 Dec 2014 12:19:15 +0000 (13:19 +0100)]
Add classes for plugin description listing request and response
DescritpionListRequest used for asking cynara for list of internal
and external plugin description.
DescriptionListResponse used for sending this list back to client.
Change-Id: I047747efcf69ecf7f15747e890ffe1b2b98132f1
Zofia Abramowska [Fri, 19 Dec 2014 09:52:22 +0000 (10:52 +0100)]
Add api side implementation of plugin descriptions listing
Add:
* description of api function cynara_admin_list_policies_descriptions
* implementation in admin-api
* utilities for creating null terminated array
Change-Id: I4b7d56757e22fab4cce81665f16ceef61f3a0e2c
Zofia Abramowska [Tue, 16 Dec 2014 15:48:58 +0000 (16:48 +0100)]
Add listing types of policies
Change-Id: Iab51f7ec232fb711ac6945be1ce71effa7e59ef1
Aleksander Zdyb [Tue, 23 Dec 2014 13:21:47 +0000 (14:21 +0100)]
Implement detection of online/offline mode in admin
Change-Id: I93a2af08266d7606491abf4f89bf16663c7d0e15
Aleksander Zdyb [Wed, 17 Dec 2014 09:24:11 +0000 (10:24 +0100)]
Rename admin's Logic to OnlineLogic
This is a preparation to implement OfflineLogic.
Change-Id: Ica6e7dfe12ac9bc921f77e2c5d08bc539373ed07
Aleksander Zdyb [Tue, 23 Dec 2014 13:11:15 +0000 (14:11 +0100)]
Inherit from Exception in FileLockAcquiringException
Change-Id: I40eb3f6b906f34261f8c6b6596e0afb503e41e7a
Aleksander Zdyb [Mon, 27 Oct 2014 13:49:11 +0000 (14:49 +0100)]
Lock database in Cynara::init()
Change-Id: Ib90550c8dd26af899d9749901b3ab3e043fe3e2a
Aleksander Zdyb [Tue, 23 Dec 2014 12:54:32 +0000 (13:54 +0100)]
Introduce Lockable in FileLock
FileLock now operates on lockable object instead
of a file path and internal file descriptor.
Lockable is an abstraction of file descriptor.
Change-Id: Ie17905a4455492956e5162d90add488ca6f3080c
Aleksander Zdyb [Mon, 27 Oct 2014 13:45:58 +0000 (14:45 +0100)]
Don't create database directory
This functionality was replaced by database migration tool
and database directory is always present.
Change-Id: Ib5f1f8a6c2887534f2c4f0ae3c85245d69818a14
Aleksander Zdyb [Mon, 27 Oct 2014 13:44:14 +0000 (14:44 +0100)]
Add StoragePath::lockfile path
Change-Id: I16242dd8da7435661ee65698541e935ea9105cf1
Pawel Wieczorek [Mon, 22 Dec 2014 08:29:43 +0000 (09:29 +0100)]
Remove surplus read permissions for migration tool
In order to prevent possibility of non-authorised usage of migration
tool read permissions for wrapper script are now retracted.
Change-Id: I40d3f7cea0a9597863d0d75f168b2dea9ec64d6d
Lukasz Wojciechowski [Thu, 18 Dec 2014 13:18:53 +0000 (14:18 +0100)]
Add processing EraseRequest on serviceLogic layer
Process EraseRequest, pass data to Storage layer.
Save database in case of successful erase.
Return CodeResponse to sender of EraseRequest.
Change-Id: I9bddfff64bf8b8e11f36ccac85ab5bb715f69c4f
Lukasz Wojciechowski [Thu, 18 Dec 2014 13:04:09 +0000 (14:04 +0100)]
Implement erasePolicies() in Storage
Implementation add StorageBackend::erasePolicies() in base class and
its implementation in InMemoryStorageBackend.
In Storage class erasePolicies() just passes this request to backend.
PolicyBucket class was enhanced with getSubBuckets() method returning
set of all IDs of subbuckets. Subbucket is a bucket that can be reached
with policy (type==BUCKET) from current bucket.
Change-Id: I90598aa916857a917d911068da1a1c18c69391a5
Lukasz Wojciechowski [Tue, 16 Dec 2014 12:36:38 +0000 (13:36 +0100)]
Handle EraseRequest in admin library Logic layer
Create EraseRequest and wait for CodeResponse. Interprete it
and return proper code to admin API layer.
Change-Id: I35ba3573fdf8a455c5a42020e918a6a7b17c0a46
Lukasz Wojciechowski [Tue, 16 Dec 2014 12:13:24 +0000 (13:13 +0100)]
Add tests for EraseRequest serialization
Add tests for checking equality of objects and binary data
in serialization / deserialization of EraseRequest
by ProtocolAdmin.
Change-Id: I25c2768572d6aa419c1635586437e7bf673d301f
Lukasz Wojciechowski [Tue, 16 Dec 2014 11:52:04 +0000 (12:52 +0100)]
Add serialization of EraseRequest with ProtocolAdmin
Add serialization and deserialization of request for
erasing multiple policies matching filter key.
Provide new OpCode (28) for EraseRequest.
Change-Id: Ib2370e98e6edae3fbb6a6457ebc5c58590f27580
Lukasz Wojciechowski [Fri, 19 Dec 2014 08:37:55 +0000 (09:37 +0100)]
Add EraseRequest class
EraseRequest class will be used to send request for erasing multiple
policies matching filter key from cynara database.
Change-Id: I32f8ef4449ecfcc2b32061a609a9beb442823c64
Lukasz Wojciechowski [Fri, 19 Dec 2014 08:35:24 +0000 (09:35 +0100)]
Fix documentation and code style in requests folder
Fix invalid file paths in ListRequest.* files.
Break to long line in RequestTaker.cpp
Change-Id: Icee52525c5413be1cc754d588773151689eb52f7
Lukasz Wojciechowski [Tue, 16 Dec 2014 09:48:20 +0000 (10:48 +0100)]
Implement cynara_admin_erase() in admin API layer
Implementation:
* checks validity of parameters,
* translates parameters to C++ objects used in higher layers,
* catches all exceptions,
* runs erasePolicies() method from admin Logic object.
Change-Id: I6d4f0be5f20e283c41839b9618da2dac1c36f858
Lukasz Wojciechowski [Tue, 16 Dec 2014 09:24:46 +0000 (10:24 +0100)]
Introduce new admin API function cynara_admin_erase()
cynara_admin_erase() can be used to erase multiple policies matching
given filter key (client, user, privilege). Erasing starts in given
bucket and then can step into nested buckets if recursive flag is
enabled.
Filter key can use CYNARA_ADMIN_ANY to match any value of client,
user or privilege.
Change-Id: Ib2eb55e864828b4b073a177bc6fea468ec3911c8
Zofia Abramowska [Fri, 19 Dec 2014 09:57:22 +0000 (10:57 +0100)]
Fix wrong null terminated list deallocation
Fixed wrong iteration on null terminated list in deallocating function.
Change-Id: I1f344cbfdcf775aedd3f7e0eb00518cfec423bc2
Rafal Krypa [Tue, 2 Dec 2014 12:57:33 +0000 (13:57 +0100)]
build: unbreak out-of-tree build of cynara-db-migration
Fix "make install" failing on cynara-db-migration when building out-of-tree.
Change-Id: I4a0c90a32e91e25de279d084d3a3801a1f0bb1b2
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Lukasz Wojciechowski [Sat, 6 Dec 2014 00:25:25 +0000 (01:25 +0100)]
Test usage of AdminCheck Req/Resp by ProtocolAdmin
Test serialization and deserialization of AdminCheckRequest
and AdminCheckResponse objects by ProtocolAdmin.
Change-Id: Ia8923dbeaf0d03c29fd77bde3758375df59e1bc6
Lukasz Wojciechowski [Fri, 5 Dec 2014 23:37:20 +0000 (00:37 +0100)]
Respond to AdminCheckRequest with AdminCheckResponse
Change implementation of both service and admin library Logic layers
so they use AdminCheckResponse instead of CheckResponse as a reply
for AdminCheckRequest.
This change allows passing additional information about existence
or vacancy of start bucket given in AdminCheckRequest.
In case of vacancy of such bucket in cynara database cynara-admin
library returns CYNARA_API_BUCKET_NOT_FOUND from cynara_admin_check()
function.
This fixes also a bug that was hidden in service Logic. Passing
unexisting bucket causes cynara service to stop because of an unhandled
exception.
Change-Id: Ibf65a69c35ba92ea62bee91a67f43975b97052ca
Lukasz Wojciechowski [Fri, 5 Dec 2014 22:54:02 +0000 (23:54 +0100)]
Serialize AdminCheckResponse by ProtocolAdmin
Add serialization and deserialization of AdminCheckResponse
by ProtocolAdmin.
Change-Id: I727c44f5a599537887d75dca724c56a448107368
Lukasz Wojciechowski [Fri, 5 Dec 2014 21:07:18 +0000 (22:07 +0100)]
Introduce AdminCheckResponse class
AdminCheckResponse is class for responses to AdminCheckRequests.
It differs from CheckResponse as it contains additional information
about existence of start bucket. Start bucket is BucketId provided
by AdminCheckRequest from which policy search is started.
Change-Id: I9858cfdb8a0acc0016a080eb850bbc65ec081a98
Lukasz Wojciechowski [Sun, 30 Nov 2014 00:48:42 +0000 (01:48 +0100)]
Implement listPolicies() in service Logic layer
Implementation lists policies from Storage and returns filled
vector of Policies. It catches also BucketNotExistsException that
is thrown when invalid bucket is passed in ListRequest.
Change-Id: I7b3777b70f654d9a7324c6203e9f25eebb029f1e
Lukasz Wojciechowski [Sat, 29 Nov 2014 23:46:28 +0000 (00:46 +0100)]
Implement listing Policies in Storage
Implement listPolicies() in Storage and InMemoryStorageBackend.
UnitTests for Storage::listPolicies() were added.
Change-Id: I113c3c0f9b5c1d1d5cbed44e3d23d5d7e489a227
Lukasz Wojciechowski [Sat, 29 Nov 2014 23:19:55 +0000 (00:19 +0100)]
Implement listPolicies() in libcynara-admin Logic
Implementation sends ListRequest object to cynara service
and expects ListResponse.
Change-Id: I5602e815a0b5070b79a02538b1823290380d66c8
Lukasz Wojciechowski [Sat, 29 Nov 2014 22:24:00 +0000 (23:24 +0100)]
Add tests for ListRequest and ListResponse
Added tests cover testing serialization and deserialization
of ListRequest and ListResponse classes by ProtocolAdmin.
Change-Id: I19915d4712be51217a2be17776a21751cff4218d
Lukasz Wojciechowski [Sat, 29 Nov 2014 16:22:29 +0000 (17:22 +0100)]
Handle ListResponse by ProtocolAdmin
Add serialization and deserialization of ListResponse.
Change-Id: I7df388bf105183732d76cc1c37122919ca6d23df
projects / platform / core / security / cynara.git / log