xref: /openbmc/qemu/authz/simple.c (revision b696f2c6ba8c92ffb5eca49b88a5c7276d0a3e1e) 
1fb5c4ebcSDaniel P. Berrangé /*
2fb5c4ebcSDaniel P. Berrangé  * QEMU simple authorization driver
3fb5c4ebcSDaniel P. Berrangé  *
4fb5c4ebcSDaniel P. Berrangé  * Copyright (c) 2018 Red Hat, Inc.
5fb5c4ebcSDaniel P. Berrangé  *
6fb5c4ebcSDaniel P. Berrangé  * This library is free software; you can redistribute it and/or
7fb5c4ebcSDaniel P. Berrangé  * modify it under the terms of the GNU Lesser General Public
8fb5c4ebcSDaniel P. Berrangé  * License as published by the Free Software Foundation; either
9036a80cdSChetan Pant  * version 2.1 of the License, or (at your option) any later version.
10fb5c4ebcSDaniel P. Berrangé  *
11fb5c4ebcSDaniel P. Berrangé  * This library is distributed in the hope that it will be useful,
12fb5c4ebcSDaniel P. Berrangé  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13fb5c4ebcSDaniel P. Berrangé  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14fb5c4ebcSDaniel P. Berrangé  * Lesser General Public License for more details.
15fb5c4ebcSDaniel P. Berrangé  *
16fb5c4ebcSDaniel P. Berrangé  * You should have received a copy of the GNU Lesser General Public
17fb5c4ebcSDaniel P. Berrangé  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18fb5c4ebcSDaniel P. Berrangé  *
19fb5c4ebcSDaniel P. Berrangé  */
20fb5c4ebcSDaniel P. Berrangé 
21fb5c4ebcSDaniel P. Berrangé #include "qemu/osdep.h"
22fb5c4ebcSDaniel P. Berrangé #include "authz/simple.h"
2345b1f68cSMarkus Armbruster #include "trace.h"
240b8fa32fSMarkus Armbruster #include "qemu/module.h"
25fb5c4ebcSDaniel P. Berrangé #include "qom/object_interfaces.h"
26fb5c4ebcSDaniel P. Berrangé 
qauthz_simple_is_allowed(QAuthZ * authz,const char * identity,Error ** errp)27fb5c4ebcSDaniel P. Berrangé static bool qauthz_simple_is_allowed(QAuthZ *authz,
28fb5c4ebcSDaniel P. Berrangé                                      const char *identity,
29fb5c4ebcSDaniel P. Berrangé                                      Error **errp)
30fb5c4ebcSDaniel P. Berrangé {
31fb5c4ebcSDaniel P. Berrangé     QAuthZSimple *sauthz = QAUTHZ_SIMPLE(authz);
32fb5c4ebcSDaniel P. Berrangé 
33fb5c4ebcSDaniel P. Berrangé     trace_qauthz_simple_is_allowed(authz, sauthz->identity, identity);
34fb5c4ebcSDaniel P. Berrangé     return g_str_equal(identity, sauthz->identity);
35fb5c4ebcSDaniel P. Berrangé }
36fb5c4ebcSDaniel P. Berrangé 
37fb5c4ebcSDaniel P. Berrangé static void
qauthz_simple_prop_set_identity(Object * obj,const char * value,Error ** errp G_GNUC_UNUSED)38fb5c4ebcSDaniel P. Berrangé qauthz_simple_prop_set_identity(Object *obj,
39fb5c4ebcSDaniel P. Berrangé                                 const char *value,
40fb5c4ebcSDaniel P. Berrangé                                 Error **errp G_GNUC_UNUSED)
41fb5c4ebcSDaniel P. Berrangé {
42fb5c4ebcSDaniel P. Berrangé     QAuthZSimple *sauthz = QAUTHZ_SIMPLE(obj);
43fb5c4ebcSDaniel P. Berrangé 
44fb5c4ebcSDaniel P. Berrangé     g_free(sauthz->identity);
45fb5c4ebcSDaniel P. Berrangé     sauthz->identity = g_strdup(value);
46fb5c4ebcSDaniel P. Berrangé }
47fb5c4ebcSDaniel P. Berrangé 
48fb5c4ebcSDaniel P. Berrangé 
49fb5c4ebcSDaniel P. Berrangé static char *
qauthz_simple_prop_get_identity(Object * obj,Error ** errp G_GNUC_UNUSED)50fb5c4ebcSDaniel P. Berrangé qauthz_simple_prop_get_identity(Object *obj,
51fb5c4ebcSDaniel P. Berrangé                                 Error **errp G_GNUC_UNUSED)
52fb5c4ebcSDaniel P. Berrangé {
53fb5c4ebcSDaniel P. Berrangé     QAuthZSimple *sauthz = QAUTHZ_SIMPLE(obj);
54fb5c4ebcSDaniel P. Berrangé 
55fb5c4ebcSDaniel P. Berrangé     return g_strdup(sauthz->identity);
56fb5c4ebcSDaniel P. Berrangé }
57fb5c4ebcSDaniel P. Berrangé 
58fb5c4ebcSDaniel P. Berrangé 
59fb5c4ebcSDaniel P. Berrangé static void
qauthz_simple_finalize(Object * obj)60fb5c4ebcSDaniel P. Berrangé qauthz_simple_finalize(Object *obj)
61fb5c4ebcSDaniel P. Berrangé {
62fb5c4ebcSDaniel P. Berrangé     QAuthZSimple *sauthz = QAUTHZ_SIMPLE(obj);
63fb5c4ebcSDaniel P. Berrangé 
64fb5c4ebcSDaniel P. Berrangé     g_free(sauthz->identity);
65fb5c4ebcSDaniel P. Berrangé }
66fb5c4ebcSDaniel P. Berrangé 
67fb5c4ebcSDaniel P. Berrangé 
68fb5c4ebcSDaniel P. Berrangé static void
qauthz_simple_complete(UserCreatable * uc,Error ** errp)69*c2aa8a3dSKevin Wolf qauthz_simple_complete(UserCreatable *uc, Error **errp)
70*c2aa8a3dSKevin Wolf {
71*c2aa8a3dSKevin Wolf     QAuthZSimple *sauthz = QAUTHZ_SIMPLE(uc);
72*c2aa8a3dSKevin Wolf 
73*c2aa8a3dSKevin Wolf     if (!sauthz->identity) {
74*c2aa8a3dSKevin Wolf         error_setg(errp, "The 'identity' property must be set");
75*c2aa8a3dSKevin Wolf         return;
76*c2aa8a3dSKevin Wolf     }
77*c2aa8a3dSKevin Wolf }
78*c2aa8a3dSKevin Wolf 
79*c2aa8a3dSKevin Wolf 
80*c2aa8a3dSKevin Wolf static void
qauthz_simple_class_init(ObjectClass * oc,void * data)81fb5c4ebcSDaniel P. Berrangé qauthz_simple_class_init(ObjectClass *oc, void *data)
82fb5c4ebcSDaniel P. Berrangé {
83fb5c4ebcSDaniel P. Berrangé     QAuthZClass *authz = QAUTHZ_CLASS(oc);
84*c2aa8a3dSKevin Wolf     UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
85fb5c4ebcSDaniel P. Berrangé 
86*c2aa8a3dSKevin Wolf     ucc->complete = qauthz_simple_complete;
87fb5c4ebcSDaniel P. Berrangé     authz->is_allowed = qauthz_simple_is_allowed;
88fb5c4ebcSDaniel P. Berrangé 
89fb5c4ebcSDaniel P. Berrangé     object_class_property_add_str(oc, "identity",
90fb5c4ebcSDaniel P. Berrangé                                   qauthz_simple_prop_get_identity,
91d2623129SMarkus Armbruster                                   qauthz_simple_prop_set_identity);
92fb5c4ebcSDaniel P. Berrangé }
93fb5c4ebcSDaniel P. Berrangé 
94fb5c4ebcSDaniel P. Berrangé 
qauthz_simple_new(const char * id,const char * identity,Error ** errp)95fb5c4ebcSDaniel P. Berrangé QAuthZSimple *qauthz_simple_new(const char *id,
96fb5c4ebcSDaniel P. Berrangé                                 const char *identity,
97fb5c4ebcSDaniel P. Berrangé                                 Error **errp)
98fb5c4ebcSDaniel P. Berrangé {
99fb5c4ebcSDaniel P. Berrangé     return QAUTHZ_SIMPLE(
100fb5c4ebcSDaniel P. Berrangé         object_new_with_props(TYPE_QAUTHZ_SIMPLE,
101fb5c4ebcSDaniel P. Berrangé                               object_get_objects_root(),
102fb5c4ebcSDaniel P. Berrangé                               id, errp,
103fb5c4ebcSDaniel P. Berrangé                               "identity", identity,
104fb5c4ebcSDaniel P. Berrangé                               NULL));
105fb5c4ebcSDaniel P. Berrangé }
106fb5c4ebcSDaniel P. Berrangé 
107fb5c4ebcSDaniel P. Berrangé 
108fb5c4ebcSDaniel P. Berrangé static const TypeInfo qauthz_simple_info = {
109fb5c4ebcSDaniel P. Berrangé     .parent = TYPE_QAUTHZ,
110fb5c4ebcSDaniel P. Berrangé     .name = TYPE_QAUTHZ_SIMPLE,
111fb5c4ebcSDaniel P. Berrangé     .instance_size = sizeof(QAuthZSimple),
112fb5c4ebcSDaniel P. Berrangé     .instance_finalize = qauthz_simple_finalize,
113fb5c4ebcSDaniel P. Berrangé     .class_init = qauthz_simple_class_init,
114fb5c4ebcSDaniel P. Berrangé     .interfaces = (InterfaceInfo[]) {
115fb5c4ebcSDaniel P. Berrangé         { TYPE_USER_CREATABLE },
116fb5c4ebcSDaniel P. Berrangé         { }
117fb5c4ebcSDaniel P. Berrangé     }
118fb5c4ebcSDaniel P. Berrangé };
119fb5c4ebcSDaniel P. Berrangé 
120fb5c4ebcSDaniel P. Berrangé 
121fb5c4ebcSDaniel P. Berrangé static void
qauthz_simple_register_types(void)122fb5c4ebcSDaniel P. Berrangé qauthz_simple_register_types(void)
123fb5c4ebcSDaniel P. Berrangé {
124fb5c4ebcSDaniel P. Berrangé     type_register_static(&qauthz_simple_info);
125fb5c4ebcSDaniel P. Berrangé }
126fb5c4ebcSDaniel P. Berrangé 
127fb5c4ebcSDaniel P. Berrangé 
128fb5c4ebcSDaniel P. Berrangé type_init(qauthz_simple_register_types);
129