interreality.org [VOS]
[Home] [About]
[Screenshots]
 [Download]
[News]
 [Community]
[Documentation] [Manual]
[Bugs & Requests] [Wiki]

/home/tetron/hack/vos/libs/vos/vos/acl.hh

Go to the documentation of this file.
00001 #ifndef _ACL_HH_
00002 #define _ACL_HH_
00003 
00004 #include <vos/vos/iterator.hh>
00005 
00006 namespace VOS {
00007     class Identity;
00008     class Group;
00009     class VobjectIterator;
00010 
00011     /** @class AccessControlList acl.hh vos/vos/acl.hh
00012         @ingroup libvos
00013 
00014         Class for managing an Access Control List (ACL).  The access
00015         control list is a mapping from a specific set of policies to a
00016         specific set of identities and groups to which these policies
00017         should be applied.
00018     */
00019     class VOS_API AccessControlList : public VUtil::RefCounted
00020     {
00021     private:
00022         mutable boost::mutex acl_mutex;
00023 
00024         mutable std::set<Identity*> identity_members;
00025         mutable std::set<Group*> group_members;
00026         std::map<std::string, std::string> policies; // domain:policy
00027 
00028     public:
00029         /** Constructor @param policy a comma-separated list of
00030             policies in the form "domain:policy" that identify this
00031             ACL
00032         */
00033         AccessControlList(const std::string& policy);
00034 
00035         /** Takes a comma-separated list of policies in the form
00036             "domain:policy" and sorts them, producing the "canonical"
00037             string representation.
00038          */
00039         static std::string canonicalizeName(const std::string& policy);
00040 
00041         /** @return a comma-separated list of policies in the form
00042             "domain:policy" that identify this ACL
00043         */
00044         std::string getPolicyName() const;
00045 
00046         /** @return the Vobjects the make up this list, of type either Identity or
00047             Group, use meta_cast
00048         */
00049         VobjectIterator getMembers() const;
00050 
00051         /** Return the policy for a specific domain. */
00052         std::string getPolicy(const std::string& domain);
00053 
00054         /** Add an identity to the list. */
00055         void add(Identity*);
00056 
00057         /** Add a group to the list. */
00058         void add(Group*);
00059 
00060         /** Remove an identity from the list. */
00061         void remove(Identity*);
00062 
00063         /** Remove a group from the list. */
00064         void remove(Group*);
00065 
00066         /** @return true if this identity appears in this list */
00067         bool hasIdentity(Identity*) const;
00068 
00069         /** @return true if this group appears in this list */
00070         bool hasGroup(Group*) const;
00071 
00072         /** @return true if this identity is a member of a group that
00073            is in this list */
00074         bool hasGroupWith(Identity* id) const;
00075 
00076         static std::string mapToString(const std::map<std::string, std::string>& policies);
00077         static void stringToMap(const std::string& aclname, std::map<std::string, std::string>& policies);
00078     };
00079 }
00080 
00081 namespace VUtil {
00082     template<> inline void iteratorReleaseItem(VOS::AccessControlList** v)
00083     {
00084         (*v)->release();
00085     }
00086 }
00087 
00088 namespace VOS {
00089     /** @class ACLIterator acl.hh vos/vos/acl.hh
00090         @ingroup libvos
00091     */
00092     class VOS_API ACLIterator : public VUtil::Iterator<AccessControlList*>
00093     {
00094     public:
00095         ACLIterator() : VUtil::Iterator<AccessControlList*>() { }
00096         ACLIterator(const ACLIterator& i) : VUtil::Iterator<AccessControlList*>(i) { }
00097         ACLIterator(const std::map<std::string, AccessControlList*>& aclset) {
00098             items->resize(aclset.size());
00099             int c = 0;
00100             for(std::map<std::string, AccessControlList*>::const_iterator i = aclset.begin();
00101                 i != aclset.end();
00102                 i++)
00103             {
00104                 (*items)[c] = (*i).second;
00105                                 (*items)[c]->acquire();
00106                 c++;
00107             }
00108         }
00109         ACLIterator(const std::vector<AccessControlList*>& aclset) {
00110             items->resize(aclset.size());
00111             for(unsigned int i = 0; i < aclset.size(); i++) {
00112                 (*items)[i] = aclset[i];
00113                                 (*items)[i]->acquire();
00114             }
00115         }
00116 
00117                 VUtil::vRef<AccessControlList> operator*() {
00118                     if(pos < items->size())
00119                         return VUtil::vRef<AccessControlList>((*items)[pos], true);
00120             else return VUtil::vRef<AccessControlList>();
00121         }
00122     };
00123 };
00124 
00125 #endif