From 4d03f7b637ae429b24f0dd3cc4a51a4f23de333c Mon Sep 17 00:00:00 2001 From: Radoslaw Zarzynski Date: Mon, 7 Nov 2016 13:47:09 +0100 Subject: [PATCH] rgw: introduce the rgw::auth::Applier interface. Signed-off-by: Radoslaw Zarzynski --- src/rgw/rgw_auth.h | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/src/rgw/rgw_auth.h b/src/rgw/rgw_auth.h index 7b4d5986e61..be35fbaa03e 100644 --- a/src/rgw/rgw_auth.h +++ b/src/rgw/rgw_auth.h @@ -407,6 +407,34 @@ inline std::ostream& operator<<(std::ostream& out, } +/* Interface for classes applying changes to request state/RADOS store + * imposed by a particular rgw::auth::Engine. + * + * In contrast to rgw::auth::Engine, implementations of this interface + * are allowed to handle req_state or RGWRados in the read-write manner. + * + * It's expected that most (if not all) of implementations will also + * conform to rgw::auth::Identity interface to provide authorization + * policy (ACLs, account's ownership and entitlement). */ +class IdentityApplier : public Identity { +public: + typedef std::unique_ptr aplptr_t; + + virtual ~IdentityApplier() {}; + + /* Fill provided RGWUserInfo with information about the account that + * RGWOp will operate on. Errors are handled solely through exceptions. + * + * XXX: be aware that the "account" term refers to rgw_user. The naming + * is legacy. */ + virtual void load_acct_info(RGWUserInfo& user_info) const = 0; /* out */ + + /* Apply any changes to request state. This method will be most useful for + * TempURL of Swift API or AWSv4. */ + virtual void modify_request_state(req_state * s) const {} /* in/out */ +}; + + /* Interface class for authentication backends (auth engines) in RadosGW. * * An engine is supposed only to authenticate (not authorize!) requests