| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182 |
- // Copyright 2018 Proyectos y Sistemas de Mantenimiento SL (eProsima).
- //
- // Licensed under the Apache License, Version 2.0 (the "License");
- // you may not use this file except in compliance with the License.
- // You may obtain a copy of the License at
- //
- // http://www.apache.org/licenses/LICENSE-2.0
- //
- // Unless required by applicable law or agreed to in writing, software
- // distributed under the License is distributed on an "AS IS" BASIS,
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- // See the License for the specific language governing permissions and
- // limitations under the License.
- /*!
- * @file AccessControl.h
- */
- #ifndef _FASTDDS_RTPS_SECURITY_ACCESSCONTROL_ACCESSCONTROL_H_
- #define _FASTDDS_RTPS_SECURITY_ACCESSCONTROL_ACCESSCONTROL_H_
- #include <fastdds/rtps/security/common/Handle.h>
- #include <fastdds/rtps/common/Token.h>
- namespace eprosima {
- namespace fastrtps {
- namespace rtps {
- class RTPSParticipantAttributes;
- class ParticipantProxyData;
- class WriterProxyData;
- class ReaderProxyData;
- namespace security {
- class Authentication;
- class SecurityException;
- struct ParticipantSecurityAttributes;
- struct EndpointSecurityAttributes;
- class Logging;
- class AccessControl
- {
- public:
- virtual ~AccessControl() = default;
- virtual PermissionsHandle* validate_local_permissions(
- Authentication& auth_plugin,
- const IdentityHandle& identity,
- const uint32_t domain_id,
- const RTPSParticipantAttributes& participant_attr,
- SecurityException& exception) = 0;
- virtual bool get_permissions_token(
- PermissionsToken** permissions_token,
- const PermissionsHandle& handle,
- SecurityException& exception) = 0;
- virtual bool return_permissions_token(
- PermissionsToken* token,
- SecurityException& exception) = 0;
- virtual bool get_permissions_credential_token(
- PermissionsCredentialToken** permissions_credential_token,
- const PermissionsHandle& handle,
- SecurityException& exception) = 0;
- virtual bool return_permissions_credential_token(
- PermissionsCredentialToken* token,
- SecurityException& exception) = 0;
- virtual bool return_permissions_handle(
- PermissionsHandle* permissions_handle,
- SecurityException& exception) = 0;
- virtual PermissionsHandle* validate_remote_permissions(
- Authentication& auth_plugin,
- const IdentityHandle& local_identity_handle,
- const PermissionsHandle& local_permissions_handle,
- const IdentityHandle& remote_identity_handle,
- const PermissionsToken& remote_permissions_token,
- const PermissionsCredentialToken& remote_credential_token,
- SecurityException& exception) = 0;
- virtual bool check_create_participant(
- const PermissionsHandle& local_handle,
- const uint32_t domain_id,
- const RTPSParticipantAttributes& qos,
- SecurityException& exception) = 0;
- virtual bool check_remote_participant(
- const PermissionsHandle& remote_handle,
- const uint32_t domain_id,
- const ParticipantProxyData&,
- SecurityException& exception) = 0;
- //TODO (Ricardo) Future
- /*
- virtual bool check_create_datawriter(const PermissionsHandle& local_handle,
- const uint32_t domain_id, const std::string& topic_name,
- const WriterQos& qos, const PartitionQosPolicy& partition,
- SecurityException& exception) = 0;
- virtual bool check_create_datareader(const PermissionsHandle& local_handle,
- const uint32_t domain_id, const std::string& topic_name,
- const ReaderQos& qos, const PartitionQosPolicy& partition,
- SecurityException& exception) = 0;
- */
- virtual bool check_create_datawriter(
- const PermissionsHandle& local_handle,
- const uint32_t domain_id,
- const std::string& topic_name,
- const std::vector<std::string>& partitions,
- SecurityException& exception) = 0;
- virtual bool check_create_datareader(
- const PermissionsHandle& local_handle,
- const uint32_t domain_id,
- const std::string& topic_name,
- const std::vector<std::string>& partitions,
- SecurityException& exception) = 0;
- virtual bool check_remote_datawriter(
- const PermissionsHandle& remote_handle,
- const uint32_t domain_id,
- const WriterProxyData& publication_data,
- SecurityException& exception) = 0;
- virtual bool check_remote_datareader(
- const PermissionsHandle& remote_handle,
- const uint32_t domain_id,
- const ReaderProxyData& subscription_data,
- bool& relay_only,
- SecurityException& exception) = 0;
- virtual bool get_participant_sec_attributes(
- const PermissionsHandle& local_handle,
- ParticipantSecurityAttributes& attributes,
- SecurityException& exception) = 0;
- virtual bool get_datawriter_sec_attributes(
- const PermissionsHandle& permissions_handle,
- const std::string& topic_name,
- const std::vector<std::string>& partitions,
- EndpointSecurityAttributes& attributes,
- SecurityException& exception) = 0;
- virtual bool get_datareader_sec_attributes(
- const PermissionsHandle& permissions_handle,
- const std::string& topic_name,
- const std::vector<std::string>& partitions,
- EndpointSecurityAttributes& attributes,
- SecurityException& exception) = 0;
- bool set_logger(
- Logging* logger,
- SecurityException& /*exception*/)
- {
- logger_ = logger;
- return true;
- }
- protected:
- const Logging* get_logger()
- {
- return logger_;
- }
- private:
- Logging* logger_ = nullptr;
- };
- } //namespace security
- } //namespace rtps
- } //namespace fastrtps
- } //namespace eprosima
- #endif // _FASTDDS_RTPS_SECURITY_ACCESSCONTROL_ACCESSCONTROL_H_
|
