include/dmlite/cpp/authn.h

Go to the documentation of this file.
00001 /// @file   include/dmlite/cpp/authn.h
00002 /// @brief  Authentication API. Any sort of security check is plugin-specific.
00003 /// @author Alejandro Álvarez Ayllón <aalvarez@cern.ch>
00004 #ifndef DMLITE_CPP_AUTHN_H
00005 #define DMLITE_CPP_AUTHN_H
00006 
00007 #include "dmlite/common/config.h"
00008 #include "base.h"
00009 #include "exceptions.h"
00010 #include "utils/extensible.h"
00011 
00012 #include <string>
00013 #include <vector>
00014 
00015 namespace dmlite {
00016   
00017   // Forward declarations.
00018   class PluginManager;
00019   class StackInstance;
00020   
00021   /// Security credentials. To be filled by the front-end.
00022   struct SecurityCredentials: public Extensible {
00023     std::string mech;
00024     std::string clientName;
00025     std::string remoteAddress;
00026     std::string sessionId;
00027     
00028     std::vector<std::string> fqans;
00029     
00030     bool operator == (const SecurityCredentials&) const;
00031     bool operator != (const SecurityCredentials&) const;
00032     bool operator <  (const SecurityCredentials&) const;
00033     bool operator >  (const SecurityCredentials&) const;
00034   };
00035   
00036   /// User information.
00037   /// To be filled by the Authn plugin with whichever data
00038   /// it is needed. (i.e. uid for LCGDM Adapter)
00039   /// To be used by other plugins whenever they need it.
00040   /// IMPORTANT: This means plugins must be compatible with the Authn
00041   ///            put in charge of security.
00042   struct UserInfo: public Extensible {
00043     std::string name;
00044     
00045     bool operator == (const UserInfo&) const;
00046     bool operator != (const UserInfo&) const;
00047     bool operator <  (const UserInfo&) const;
00048     bool operator >  (const UserInfo&) const;
00049   };
00050   
00051   /// Group information
00052   /// See UserInfo
00053   struct GroupInfo: public Extensible {
00054     std::string name;
00055     
00056     bool operator == (const GroupInfo&) const;
00057     bool operator != (const GroupInfo&) const;
00058     bool operator <  (const GroupInfo&) const;
00059     bool operator >  (const GroupInfo&) const;
00060   };
00061   
00062 
00063   /// Security context. To be created by the Authn.
00064   struct SecurityContext {
00065     SecurityContext() {}
00066     
00067     SecurityContext(const SecurityCredentials& c,
00068                     const UserInfo& u,
00069                     std::vector<GroupInfo>& g):
00070                       credentials(c), user(u), groups(g) {}
00071     
00072     SecurityCredentials    credentials;
00073     
00074     UserInfo               user;
00075     std::vector<GroupInfo> groups;
00076     
00077     bool operator == (const SecurityContext&) const;
00078     bool operator != (const SecurityContext&) const;
00079     bool operator <  (const SecurityContext&) const;
00080     bool operator >  (const SecurityContext&) const;
00081   };
00082   
00083   
00084 
00085   /// User and group handling.
00086   ///@note This is the only interface not inheriting from BaseInterface.
00087   class Authn {
00088    public:
00089     /// Destructor
00090     virtual ~Authn();
00091 
00092     /// String ID of the user DB implementation.
00093     virtual std::string getImplId(void) const throw() = 0;
00094 
00095     /// Create a security context from the credentials.
00096     /// @param cred The security credentials.
00097     /// @return     A newly created SecurityContext.
00098     virtual SecurityContext* createSecurityContext(const SecurityCredentials& cred) throw (DmException);
00099 
00100     /// Create a default security context.
00101     /// @return     A newly created SecurityContext.
00102     virtual SecurityContext* createSecurityContext(void) throw (DmException);
00103 
00104     /// Create a new group.
00105     /// @param groupName The group name.
00106     /// @return          The new group.
00107     virtual GroupInfo newGroup(const std::string& groupName) throw (DmException);
00108 
00109     /// Get a specific group.
00110     /// @param groupName The group name.
00111     /// @return          The group.
00112     virtual GroupInfo getGroup(const std::string& groupName) throw (DmException);
00113     
00114     /// Get a specific group using an alternative key.
00115     /// @param key   The key name.
00116     /// @param value They value to search for.
00117     /// @return      The group.
00118     /// @note        The implementation will throw an exception if the field
00119     ///              can not be used as key.
00120     virtual GroupInfo getGroup(const std::string& key,
00121                                const boost::any& value) throw (DmException);
00122     
00123     /// Get the group list.
00124     virtual std::vector<GroupInfo> getGroups(void) throw (DmException);
00125     
00126     /// Update group info. 'name' identify uniquely the group.
00127     /// @param group The group metadata to update.
00128     virtual void updateGroup(const GroupInfo& group) throw (DmException);
00129     
00130     /// Delete a group.
00131     virtual void deleteGroup(const std::string& groupName) throw (DmException);
00132 
00133     /// Create a new user.
00134     /// @param userName The user name.
00135     /// @return         The new user.
00136     virtual UserInfo newUser(const std::string& userName) throw (DmException);
00137 
00138     /// Get a specific user.
00139     /// @param userName The user name.
00140     /// @return         The user.
00141     virtual UserInfo getUser(const std::string& userName) throw (DmException);
00142     
00143     /// Get a specific user using an alternative key.
00144     /// @param key   The key name.
00145     /// @param value They value to search for.
00146     /// @return      The user.
00147     /// @note        The implementation will throw an exception if the field
00148     ///              can not be used as key.
00149     virtual UserInfo getUser(const std::string& key,
00150                              const boost::any& value) throw (DmException);
00151     
00152     /// Get the user list.
00153     virtual std::vector<UserInfo> getUsers(void) throw (DmException);
00154     
00155     /// Update user info. 'name' identify uniquely the user.
00156     /// @param user The user metadata to update.
00157     virtual void updateUser(const UserInfo& user) throw (DmException);
00158     
00159     /// Delete a user.
00160     virtual void deleteUser(const std::string& userName) throw (DmException);
00161 
00162     /// Get the mapping of a user/group. Additionaly, new users and groups MAY
00163     /// be created by the implementation.
00164     /// @param userName   The user name.
00165     /// @param groupNames The different groups. Can be empty.
00166     /// @param user       Pointer to an UserInfo struct where to put the data.
00167     /// @param groups     Pointer to a vector where the group mapping will be put.
00168     /// @note If groupNames is empty, grid mapfile will be used to retrieve the default group.
00169     virtual void getIdMap(const std::string& userName,
00170                           const std::vector<std::string>& groupNames,
00171                           UserInfo* user,
00172                           std::vector<GroupInfo>* groups) throw (DmException);
00173   };
00174 
00175 
00176   /// AuthnFactory
00177   class AuthnFactory: public virtual BaseFactory {
00178    public:
00179     /// Destructor
00180     virtual ~AuthnFactory();
00181 
00182    protected:
00183     // Stack instance is allowed to instantiate Authn
00184     friend class StackInstance;
00185 
00186     /// Children of AuthnFactory are allowed to instantiate too (decorator)
00187     static Authn* createAuthn(AuthnFactory* factory,
00188                               PluginManager* pm) throw (DmException);
00189 
00190     /// Instantiate a implementation of Authn
00191     virtual Authn* createAuthn(PluginManager* pm) throw (DmException);
00192   };
00193 
00194 };
00195 
00196 #endif // DMLITE_CPP_AUTH_H

Generated on 28 Apr 2014 for dmlite by  doxygen 1.4.7