1 | #ifndef __ABAC_HH__ |
---|
2 | #define __ABAC_HH__ |
---|
3 | |
---|
4 | #include <string> |
---|
5 | #include <vector> |
---|
6 | |
---|
7 | namespace ABAC { |
---|
8 | extern "C" { |
---|
9 | #include "abac.h" |
---|
10 | } |
---|
11 | |
---|
12 | class Role { |
---|
13 | public: |
---|
14 | Role() : m_role(NULL) { } // do not use: here for swig |
---|
15 | Role(abac_role_t *role) { m_role = abac_role_dup(role); } |
---|
16 | Role(char *role_name) { m_role = abac_role_from_string(role_name); } |
---|
17 | Role(const Role &role) { m_role = abac_role_dup(role.m_role); } |
---|
18 | ~Role() { abac_role_free(m_role); } |
---|
19 | |
---|
20 | bool is_principal() const { return abac_role_is_principal(m_role); } |
---|
21 | bool is_role() const { return abac_role_is_role(m_role); } |
---|
22 | bool is_linking() const { return abac_role_is_linking(m_role); } |
---|
23 | |
---|
24 | char *string() const { return abac_role_string(m_role); } |
---|
25 | char *linked_role() const { return abac_role_linked_role(m_role); } |
---|
26 | char *role_name() const { return abac_role_role_name(m_role); } |
---|
27 | char *principal() const { return abac_role_principal(m_role); } |
---|
28 | |
---|
29 | private: |
---|
30 | abac_role_t *m_role; |
---|
31 | }; |
---|
32 | |
---|
33 | class Credential { |
---|
34 | public: |
---|
35 | Credential() : m_cred(NULL) { } // do not use: here for swig |
---|
36 | Credential(abac_credential_t *cred) : |
---|
37 | m_head(abac_credential_head(cred)), |
---|
38 | m_tail(abac_credential_tail(cred)), |
---|
39 | m_cred(abac_credential_dup(cred)) |
---|
40 | { } |
---|
41 | Credential(const Credential &cred) : |
---|
42 | m_head(cred.m_head), |
---|
43 | m_tail(cred.m_tail), |
---|
44 | m_cred(abac_credential_dup(cred.m_cred)) |
---|
45 | { } |
---|
46 | ~Credential() { abac_credential_free(m_cred); } |
---|
47 | |
---|
48 | const Role &head() { return m_head; } |
---|
49 | const Role &tail() { return m_tail; } |
---|
50 | abac_chunk_t attribute_cert() { return abac_credential_attribute_cert(m_cred); } |
---|
51 | abac_chunk_t issuer_cert() { return abac_credential_issuer_cert(m_cred); } |
---|
52 | |
---|
53 | private: |
---|
54 | abac_credential_t *m_cred; |
---|
55 | Role m_head, m_tail; |
---|
56 | }; |
---|
57 | |
---|
58 | class Context { |
---|
59 | public: |
---|
60 | Context() { m_ctx = abac_context_new(); } |
---|
61 | Context(const Context &context) { m_ctx = abac_context_dup(context.m_ctx); } |
---|
62 | ~Context() { abac_context_free(m_ctx); } |
---|
63 | |
---|
64 | /* see abac.h for possible return values */ |
---|
65 | int load_id_file(char *filename) { return abac_context_load_id_file(m_ctx, filename); } |
---|
66 | int load_id_chunk(abac_chunk_t cert) { return abac_context_load_id_chunk(m_ctx, cert); } |
---|
67 | int load_attribute_file(char *filename) { return abac_context_load_attribute_file(m_ctx, filename); } |
---|
68 | int load_attribute_chunk(abac_chunk_t cert) { return abac_context_load_attribute_chunk(m_ctx, cert); } |
---|
69 | |
---|
70 | /* load an entire directory full of certs */ |
---|
71 | void load_directory(char *path) { abac_context_load_directory(m_ctx, path); } |
---|
72 | |
---|
73 | /* abac query, returns a vector of credentials on success, NULL on fail */ |
---|
74 | std::vector<Credential> query(char *role, char *principal, bool &success) { |
---|
75 | abac_credential_t **creds, **end; |
---|
76 | int i, success_int; |
---|
77 | |
---|
78 | creds = abac_context_query(m_ctx, role, principal, &success_int); |
---|
79 | success = success_int; |
---|
80 | |
---|
81 | for (i = 0; creds[i] != NULL; ++i) |
---|
82 | ; |
---|
83 | |
---|
84 | end = &creds[i]; |
---|
85 | std::vector<Credential> credentials = std::vector<Credential>(creds, end); |
---|
86 | |
---|
87 | abac_context_credentials_free(creds); |
---|
88 | |
---|
89 | return credentials; |
---|
90 | } |
---|
91 | |
---|
92 | std::vector<Credential> credentials() { |
---|
93 | abac_credential_t **creds, **end; |
---|
94 | int i; |
---|
95 | |
---|
96 | creds = abac_context_credentials(m_ctx); |
---|
97 | for (i = 0; creds[i] != NULL; ++i) |
---|
98 | ; |
---|
99 | |
---|
100 | end = &creds[i]; |
---|
101 | std::vector<Credential> credentials = std::vector<Credential>(creds, end); |
---|
102 | |
---|
103 | abac_context_credentials_free(creds); |
---|
104 | return credentials; |
---|
105 | } |
---|
106 | |
---|
107 | private: |
---|
108 | abac_context_t *m_ctx; |
---|
109 | }; |
---|
110 | } |
---|
111 | |
---|
112 | #endif /* __ABAC_HH__ */ |
---|