Definition at line 350 of file XrdSciTokensAccess.cc.
◆ XrdAccRules()
XrdAccRules::XrdAccRules |
( |
uint64_t |
expiry_time, |
|
|
const std::string & |
username, |
|
|
const std::string & |
token_subject, |
|
|
const std::string & |
issuer, |
|
|
const std::vector< MapRule > & |
rules, |
|
|
const std::vector< std::string > & |
groups, |
|
|
uint32_t |
authz_strategy |
|
) |
| |
|
inline |
Definition at line 353 of file XrdSciTokensAccess.cc.
355 :
356 m_authz_strategy(authz_strategy),
357 m_expiry_time(expiry_time),
358 m_username(username),
359 m_token_subject(token_subject),
360 m_issuer(issuer),
361 m_map_rules(rules),
363 {}
const std::vector< std::string > & groups() const
◆ ~XrdAccRules()
XrdAccRules::~XrdAccRules |
( |
| ) |
|
|
inline |
◆ apply()
Definition at line 367 of file XrdSciTokensAccess.cc.
367 {
368 for (const auto & rule : m_rules) {
369
370 if (rule.first != oper)
371 continue;
372
373
374 if (rule.second == "/")
375 return true;
376
377
379 return true;
380 } else {
381
384 return true;
385 }
386 }
387 return false;
388 }
@ AOP_Stat
exists(), stat()
static bool is_subdirectory(const std::string &dir, const std::string &subdir)
References AOP_Mkdir, AOP_Stat, and is_subdirectory().
◆ expired()
bool XrdAccRules::expired |
( |
| ) |
const |
|
inline |
◆ get_authz_strategy()
uint32_t XrdAccRules::get_authz_strategy |
( |
| ) |
const |
|
inline |
◆ get_default_username()
const std::string & XrdAccRules::get_default_username |
( |
| ) |
const |
|
inline |
◆ get_issuer()
const std::string & XrdAccRules::get_issuer |
( |
| ) |
const |
|
inline |
◆ get_token_subject()
const std::string & XrdAccRules::get_token_subject |
( |
| ) |
const |
|
inline |
◆ get_username()
std::string XrdAccRules::get_username |
( |
const std::string & |
req_path | ) |
const |
|
inline |
Definition at line 399 of file XrdSciTokensAccess.cc.
400 {
401 for (const auto &rule : m_map_rules) {
402 std::string name = rule.match(m_token_subject, m_username, req_path, m_groups);
403 if (!name.empty()) {
404 return name;
405 }
406 }
407 return "";
408 }
◆ groups()
const std::vector< std::string > & XrdAccRules::groups |
( |
| ) |
const |
|
inline |
◆ parse()
void XrdAccRules::parse |
( |
const AccessRulesRaw & |
rules | ) |
|
|
inline |
Definition at line 392 of file XrdSciTokensAccess.cc.
392 {
393 m_rules.reserve(rules.size());
394 for (const auto &entry : rules) {
395 m_rules.emplace_back(entry.first, entry.second);
396 }
397 }
◆ size()
size_t XrdAccRules::size |
( |
| ) |
const |
|
inline |
◆ str()
const std::string XrdAccRules::str |
( |
| ) |
const |
|
inline |
Definition at line 410 of file XrdSciTokensAccess.cc.
411 {
412 std::stringstream ss;
413 ss << "mapped_username=" << m_username << ", subject=" << m_token_subject
414 << ", issuer=" << m_issuer;
415 if (!m_groups.empty()) {
416 ss << ", groups=";
417 bool first=true;
418 for (const auto &group : m_groups) {
419 ss << (first ? "" : ",") << group;
420 first = false;
421 }
422 }
423 if (!m_rules.empty()) {
424 ss << ", authorizations=" << AccessRuleStr(m_rules);
425 }
426 return ss.str();
427 }
The documentation for this class was generated from the following file: