1 /* 2 * QEMU authorization framework base class 3 * 4 * Copyright (c) 2018 Red Hat, Inc. 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 * 19 */ 20 21 #include "qemu/osdep.h" 22 #include "authz/base.h" 23 #include "qemu/module.h" 24 #include "trace.h" 25 26 bool qauthz_is_allowed(QAuthZ *authz, 27 const char *identity, 28 Error **errp) 29 { 30 QAuthZClass *cls = QAUTHZ_GET_CLASS(authz); 31 bool allowed; 32 33 allowed = cls->is_allowed(authz, identity, errp); 34 trace_qauthz_is_allowed(authz, identity, allowed); 35 36 return allowed; 37 } 38 39 40 bool qauthz_is_allowed_by_id(const char *authzid, 41 const char *identity, 42 Error **errp) 43 { 44 QAuthZ *authz; 45 Object *obj; 46 Object *container; 47 48 container = object_get_objects_root(); 49 obj = object_resolve_path_component(container, 50 authzid); 51 if (!obj) { 52 error_setg(errp, "Cannot find QAuthZ object ID %s", 53 authzid); 54 return false; 55 } 56 57 if (!object_dynamic_cast(obj, TYPE_QAUTHZ)) { 58 error_setg(errp, "Object '%s' is not a QAuthZ subclass", 59 authzid); 60 return false; 61 } 62 63 authz = QAUTHZ(obj); 64 65 return qauthz_is_allowed(authz, identity, errp); 66 } 67 68 69 static const TypeInfo authz_info = { 70 .parent = TYPE_OBJECT, 71 .name = TYPE_QAUTHZ, 72 .instance_size = sizeof(QAuthZ), 73 .class_size = sizeof(QAuthZClass), 74 .abstract = true, 75 }; 76 77 static void qauthz_register_types(void) 78 { 79 type_register_static(&authz_info); 80 } 81 82 type_init(qauthz_register_types) 83 84