qemu

FORK: QEMU emulator
git clone https://git.neptards.moe/neptards/qemu.git
Log | Files | Refs | Submodules | LICENSE

list.h (2770B)

      1 /*
      2  * QEMU list authorization driver
      3  *
      4  * Copyright (c) 2018 Red Hat, Inc.
      5  *
      6  * This library is free software; you can redistribute it and/or
      7  * modify it under the terms of the GNU Lesser General Public
      8  * License as published by the Free Software Foundation; either
      9  * version 2.1 of the License, or (at your option) any later version.
     10  *
     11  * This library is distributed in the hope that it will be useful,
     12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
     13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     14  * Lesser General Public License for more details.
     15  *
     16  * You should have received a copy of the GNU Lesser General Public
     17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
     18  *
     19  */
     20 
     21 #ifndef QAUTHZ_LIST_H
     22 #define QAUTHZ_LIST_H
     23 
     24 #include "authz/base.h"
     25 #include "qapi/qapi-types-authz.h"
     26 #include "qom/object.h"
     27 
     28 #define TYPE_QAUTHZ_LIST "authz-list"
     29 
     30 OBJECT_DECLARE_SIMPLE_TYPE(QAuthZList,
     31                            QAUTHZ_LIST)
     32 
     33 
     34 
     35 /**
     36  * QAuthZList:
     37  *
     38  * This authorization driver provides a list mechanism
     39  * for granting access by matching user names against a
     40  * list of globs. Each match rule has an associated policy
     41  * and a catch all policy applies if no rule matches
     42  *
     43  * To create an instance of this class via QMP:
     44  *
     45  *  {
     46  *    "execute": "object-add",
     47  *    "arguments": {
     48  *      "qom-type": "authz-list",
     49  *      "id": "authz0",
     50  *      "props": {
     51  *        "rules": [
     52  *           { "match": "fred", "policy": "allow", "format": "exact" },
     53  *           { "match": "bob", "policy": "allow", "format": "exact" },
     54  *           { "match": "danb", "policy": "deny", "format": "exact" },
     55  *           { "match": "dan*", "policy": "allow", "format": "glob" }
     56  *        ],
     57  *        "policy": "deny"
     58  *      }
     59  *    }
     60  *  }
     61  *
     62  */
     63 struct QAuthZList {
     64     QAuthZ parent_obj;
     65 
     66     QAuthZListPolicy policy;
     67     QAuthZListRuleList *rules;
     68 };
     69 
     70 
     71 
     72 
     73 QAuthZList *qauthz_list_new(const char *id,
     74                             QAuthZListPolicy policy,
     75                             Error **errp);
     76 
     77 ssize_t qauthz_list_append_rule(QAuthZList *auth,
     78                                 const char *match,
     79                                 QAuthZListPolicy policy,
     80                                 QAuthZListFormat format,
     81                                 Error **errp);
     82 
     83 ssize_t qauthz_list_insert_rule(QAuthZList *auth,
     84                                 const char *match,
     85                                 QAuthZListPolicy policy,
     86                                 QAuthZListFormat format,
     87                                 size_t index,
     88                                 Error **errp);
     89 
     90 ssize_t qauthz_list_delete_rule(QAuthZList *auth,
     91                                 const char *match);
     92 
     93 
     94 #endif /* QAUTHZ_LIST_H */