1 | /* |
2 | * QEMU authorization framework base class |
3 | * |
4 | * Copyright (c) 2018 Red Hat, Inc. |
5 | * |
6 | * This library is free software; you can redistribute it and/or |
7 | * modify it under the terms of the GNU Lesser General Public |
8 | * License as published by the Free Software Foundation; either |
9 | * version 2 of the License, or (at your option) any later version. |
10 | * |
11 | * This library is distributed in the hope that it will be useful, |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
14 | * Lesser General Public License for more details. |
15 | * |
16 | * You should have received a copy of the GNU Lesser General Public |
17 | * License along with this library; if not, see <http://www.gnu.org/licenses/>. |
18 | * |
19 | */ |
20 | |
21 | #include "qemu/osdep.h" |
22 | #include "authz/base.h" |
23 | #include "qemu/module.h" |
24 | #include "trace.h" |
25 | |
26 | bool qauthz_is_allowed(QAuthZ *authz, |
27 | const char *identity, |
28 | Error **errp) |
29 | { |
30 | QAuthZClass *cls = QAUTHZ_GET_CLASS(authz); |
31 | bool allowed; |
32 | |
33 | allowed = cls->is_allowed(authz, identity, errp); |
34 | trace_qauthz_is_allowed(authz, identity, allowed); |
35 | |
36 | return allowed; |
37 | } |
38 | |
39 | |
40 | bool qauthz_is_allowed_by_id(const char *authzid, |
41 | const char *identity, |
42 | Error **errp) |
43 | { |
44 | QAuthZ *authz; |
45 | Object *obj; |
46 | Object *container; |
47 | |
48 | container = object_get_objects_root(); |
49 | obj = object_resolve_path_component(container, |
50 | authzid); |
51 | if (!obj) { |
52 | error_setg(errp, "Cannot find QAuthZ object ID %s" , |
53 | authzid); |
54 | return false; |
55 | } |
56 | |
57 | if (!object_dynamic_cast(obj, TYPE_QAUTHZ)) { |
58 | error_setg(errp, "Object '%s' is not a QAuthZ subclass" , |
59 | authzid); |
60 | return false; |
61 | } |
62 | |
63 | authz = QAUTHZ(obj); |
64 | |
65 | return qauthz_is_allowed(authz, identity, errp); |
66 | } |
67 | |
68 | |
69 | static const TypeInfo authz_info = { |
70 | .parent = TYPE_OBJECT, |
71 | .name = TYPE_QAUTHZ, |
72 | .instance_size = sizeof(QAuthZ), |
73 | .class_size = sizeof(QAuthZClass), |
74 | .abstract = true, |
75 | }; |
76 | |
77 | static void qauthz_register_types(void) |
78 | { |
79 | type_register_static(&authz_info); |
80 | } |
81 | |
82 | type_init(qauthz_register_types) |
83 | |
84 | |