xref: /openbmc/qemu/authz/base.c (revision 750541c492018e01bad5f34b087397ee6a0b835b)
1 /*
2  * QEMU authorization framework base class
3  *
4  * Copyright (c) 2018 Red Hat, Inc.
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20 
21 #include "qemu/osdep.h"
22 #include "authz/base.h"
23 #include "trace.h"
24 
25 bool qauthz_is_allowed(QAuthZ *authz,
26                        const char *identity,
27                        Error **errp)
28 {
29     QAuthZClass *cls = QAUTHZ_GET_CLASS(authz);
30     bool allowed;
31 
32     allowed = cls->is_allowed(authz, identity, errp);
33     trace_qauthz_is_allowed(authz, identity, allowed);
34 
35     return allowed;
36 }
37 
38 
39 bool qauthz_is_allowed_by_id(const char *authzid,
40                              const char *identity,
41                              Error **errp)
42 {
43     QAuthZ *authz;
44     Object *obj;
45     Object *container;
46 
47     container = object_get_objects_root();
48     obj = object_resolve_path_component(container,
49                                         authzid);
50     if (!obj) {
51         error_setg(errp, "Cannot find QAuthZ object ID %s",
52                    authzid);
53         return false;
54     }
55 
56     if (!object_dynamic_cast(obj, TYPE_QAUTHZ)) {
57         error_setg(errp, "Object '%s' is not a QAuthZ subclass",
58                    authzid);
59         return false;
60     }
61 
62     authz = QAUTHZ(obj);
63 
64     return qauthz_is_allowed(authz, identity, errp);
65 }
66 
67 
68 static const TypeInfo authz_info = {
69     .parent = TYPE_OBJECT,
70     .name = TYPE_QAUTHZ,
71     .instance_size = sizeof(QAuthZ),
72     .class_size = sizeof(QAuthZClass),
73     .abstract = true,
74 };
75 
76 static void qauthz_register_types(void)
77 {
78     type_register_static(&authz_info);
79 }
80 
81 type_init(qauthz_register_types)
82 
83