• D
    Auto-generate helpers for checking access control rules · 68602622
    Daniel P. Berrange 提交于
    Extend the 'gendispatch.pl' script to be able to generate
    three new types of file.
    
    - 'aclheader' - defines signatures of helper APIs for
      doing authorization checks. There is one helper API
      for each API requiring an auth check. Any @acl
      annotations result in a method being generated with
      a suffix of 'EnsureACL'. If the ACL check requires
      examination of flags, an extra 'flags' param will be
      present. Some examples
    
      extern int virConnectBaselineCPUEnsureACL(void);
      extern int virConnectDomainEventDeregisterEnsureACL(virDomainDefPtr domain);
      extern int virDomainAttachDeviceFlagsEnsureACL(virDomainDefPtr domain, unsigned int flags);
    
      Any @aclfilter annotations resuilt in a method being
      generated with a suffix of 'CheckACL'.
    
      extern int virConnectListAllDomainsCheckACL(virDomainDefPtr domain);
    
      These are used for filtering individual objects from APIs
      which return a list of objects
    
    - 'aclbody' - defines the actual implementation of the
      methods described above. This calls into the access
      manager APIs. A complex example:
    
        /* Returns: -1 on error (denied==error), 0 on allowed */
        int virDomainAttachDeviceFlagsEnsureACL(virConnectPtr conn,
                                                virDomainDefPtr domain,
                                                unsigned int flags)
        {
            virAccessManagerPtr mgr;
            int rv;
    
            if (!(mgr = virAccessManagerGetDefault()))
                return -1;
    
            if ((rv = virAccessManagerCheckDomain(mgr,
                                                  conn->driver->name,
                                                  domain,
                                                  VIR_ACCESS_PERM_DOMAIN_WRITE)) <= 0) {
                virObjectUnref(mgr);
                if (rv == 0)
                    virReportError(VIR_ERR_ACCESS_DENIED, NULL);
                return -1;
            }
            if (((flags & (VIR_DOMAIN_AFFECT_CONFIG|VIR_DOMAIN_AFFECT_LIVE)) == 0) &&
                (rv = virAccessManagerCheckDomain(mgr,
                                                  conn->driver->name,
                                                  domain,
                                                  VIR_ACCESS_PERM_DOMAIN_SAVE)) <= 0) {
                virObjectUnref(mgr);
                if (rv == 0)
                    virReportError(VIR_ERR_ACCESS_DENIED, NULL);
                return -1;
            }
            if (((flags & (VIR_DOMAIN_AFFECT_CONFIG)) == (VIR_DOMAIN_AFFECT_CONFIG)) &&
                (rv = virAccessManagerCheckDomain(mgr,
                                                  conn->driver->name,
                                                  domain,
                                                  VIR_ACCESS_PERM_DOMAIN_SAVE)) <= 0) {
                virObjectUnref(mgr);
                if (rv == 0)
                    virReportError(VIR_ERR_ACCESS_DENIED, NULL);
                return -1;
            }
            virObjectUnref(mgr);
            return 0;
        }
    
    - 'aclsyms' - generates a linker script to export the
       APIs to drivers. Some examples
    
      virConnectBaselineCPUEnsureACL;
      virConnectCompareCPUEnsureACL;
    Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
    68602622
.gitignore 4.4 KB