xref: /openbmc/qemu/authz/base.c (revision 5e6464f9c6756c95d036c4acf7ce557a7eb3a7be)
1 /*
2  * QEMU authorization framework base class
3  *
4  * Copyright (c) 2018 Red Hat, Inc.
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20 
21 #include "qemu/osdep.h"
22 #include "authz/base.h"
23 #include "qemu/module.h"
24 #include "trace.h"
25 
qauthz_is_allowed(QAuthZ * authz,const char * identity,Error ** errp)26 bool qauthz_is_allowed(QAuthZ *authz,
27                        const char *identity,
28                        Error **errp)
29 {
30     QAuthZClass *cls = QAUTHZ_GET_CLASS(authz);
31     bool allowed;
32 
33     allowed = cls->is_allowed(authz, identity, errp);
34     trace_qauthz_is_allowed(authz, identity, allowed);
35 
36     return allowed;
37 }
38 
39 
qauthz_is_allowed_by_id(const char * authzid,const char * identity,Error ** errp)40 bool qauthz_is_allowed_by_id(const char *authzid,
41                              const char *identity,
42                              Error **errp)
43 {
44     QAuthZ *authz;
45     Object *obj;
46     Object *container;
47 
48     container = object_get_objects_root();
49     obj = object_resolve_path_component(container,
50                                         authzid);
51     if (!obj) {
52         error_setg(errp, "Cannot find QAuthZ object ID %s",
53                    authzid);
54         return false;
55     }
56 
57     if (!object_dynamic_cast(obj, TYPE_QAUTHZ)) {
58         error_setg(errp, "Object '%s' is not a QAuthZ subclass",
59                    authzid);
60         return false;
61     }
62 
63     authz = QAUTHZ(obj);
64 
65     return qauthz_is_allowed(authz, identity, errp);
66 }
67 
68 
69 static const TypeInfo authz_info = {
70     .parent = TYPE_OBJECT,
71     .name = TYPE_QAUTHZ,
72     .instance_size = sizeof(QAuthZ),
73     .class_size = sizeof(QAuthZClass),
74     .abstract = true,
75 };
76 
qauthz_register_types(void)77 static void qauthz_register_types(void)
78 {
79     type_register_static(&authz_info);
80 }
81 
82 type_init(qauthz_register_types)
83 
84