zookeeper-cpp
ZooKeeper Client for C++
acl.cpp
1 #include "acl.hpp"
2 
3 #include <ostream>
4 #include <sstream>
5 #include <tuple>
6 #include <utility>
7 
8 namespace zk
9 {
10 
12 // permission //
14 
15 std::ostream& operator<<(std::ostream& os, const permission& self)
16 {
17  if (self == permission::none)
18  return os << "none";
19  else if (self == permission::all)
20  return os << "all";
21 
22  bool first = true;
23  auto tick = [&] { return std::exchange(first, false) ? "" : "|"; };
24  if (allows(self, permission::read)) os << tick() << "read";
25  if (allows(self, permission::write)) os << tick() << "write";
26  if (allows(self, permission::create)) os << tick() << "create";
27  if (allows(self, permission::erase)) os << tick() << "erase";
28  if (allows(self, permission::admin)) os << tick() << "admin";
29 
30  return os;
31 }
32 
33 std::string to_string(const permission& self)
34 {
35  std::ostringstream os;
36  os << self;
37  return os.str();
38 }
39 
41 // acl_rule //
43 
44 acl_rule::acl_rule(std::string scheme, std::string id, permission permissions) :
45  _scheme(std::move(scheme)),
46  _id(std::move(id)),
47  _permissions(permissions)
48 { }
49 
50 acl_rule::~acl_rule() noexcept
51 { }
52 
53 std::size_t hash(const acl_rule& self)
54 {
55  return std::hash<std::string>{}(self.scheme())
56  ^ std::hash<std::string>{}(self.id())
57  ^ std::hash<unsigned int>{}(static_cast<unsigned int>(self.permissions()));
58 }
59 
60 bool operator==(const acl_rule& lhs, const acl_rule& rhs)
61 {
62  return lhs.scheme() == rhs.scheme()
63  && lhs.id() == rhs.id()
64  && lhs.permissions() == rhs.permissions();
65 }
66 
67 bool operator!=(const acl_rule& lhs, const acl_rule& rhs)
68 {
69  return !(lhs == rhs);
70 }
71 
72 bool operator< (const acl_rule& lhs, const acl_rule& rhs)
73 {
74  return std::tie(lhs.scheme(), lhs.id(), lhs.permissions()) < std::tie(rhs.scheme(), rhs.id(), rhs.permissions());
75 }
76 
77 bool operator<=(const acl_rule& lhs, const acl_rule& rhs)
78 {
79  return !(rhs < lhs);
80 }
81 
82 bool operator> (const acl_rule& lhs, const acl_rule& rhs)
83 {
84  return rhs < lhs;
85 }
86 
87 bool operator>=(const acl_rule& lhs, const acl_rule& rhs)
88 {
89  return !(lhs < rhs);
90 }
91 
92 std::ostream& operator<<(std::ostream& os, const acl_rule& self)
93 {
94  os << '(' << self.scheme();
95  if (!self.id().empty())
96  os << ':' << self.id();
97  os << ", " << self.permissions() << ')';
98  return os;
99 }
100 
101 std::string to_string(const acl_rule& self)
102 {
103  std::ostringstream os;
104  os << self;
105  return os.str();
106 }
107 
109 // acl //
111 
112 acl::acl(std::vector<acl_rule> rules) noexcept :
113  _impl(std::move(rules))
114 { }
115 
116 acl::~acl() noexcept
117 { }
118 
119 bool operator==(const acl& lhs, const acl& rhs)
120 {
121  return std::equal(lhs.cbegin(), lhs.cend(), rhs.cbegin(), rhs.cend());
122 }
123 
124 bool operator!=(const acl& lhs, const acl& rhs)
125 {
126  return !(lhs == rhs);
127 }
128 
129 std::ostream& operator<<(std::ostream& os, const acl& self)
130 {
131  os << '[';
132  bool first = true;
133  for (const auto& x : self)
134  {
135  if (first)
136  first = false;
137  else
138  os << ", ";
139  os << x;
140  }
141  return os << ']';
142 }
143 
144 std::string to_string(const acl& self)
145 {
146  std::ostringstream os;
147  os << self;
148  return os.str();
149 }
150 
152 // acls //
154 
155 const acl& acls::creator_all()
156 {
157  static acl instance = { { "auth", "", permission::all } };
158  return instance;
159 }
160 
161 const acl& acls::open_unsafe()
162 {
163  static acl instance = { { "world", "anyone", permission::all } };
164  return instance;
165 }
166 
167 const acl& acls::read_unsafe()
168 {
169  static acl instance = { { "world", "anyone", permission::read } };
170  return instance;
171 }
172 
173 }
zk
Definition: acl.cpp:8
zk::permission::all
You can do anything.
zk::acls::read_unsafe
static const acl & read_unsafe()
This ACL gives the world the ability to read.
Definition: acl.cpp:167
std
STL namespace.
zk::permission::admin
You can alter permissions on this node.
zk::acl_rule
An individual rule in an acl.
Definition: acl.hpp:67
zk::acl_rule::permissions
const permission & permissions() const
The permissions associated with this ACL.
Definition: acl.hpp:92
zk::allows
constexpr bool allows(permission self, permission perform)
Check that self allows it perform all operations.
Definition: acl.hpp:53
zk::acls::creator_all
static const acl & creator_all()
This ACL gives the creators authentication id&#39;s all permissions.
Definition: acl.cpp:155
zk::permission::none
No permissions are set (server could have been configured without ACL support).
zk::acls::open_unsafe
static const acl & open_unsafe()
This is a completely open ACL.
Definition: acl.cpp:161
zk::permission::create
You can create a child node.
zk::permission::read
You can access the data of a node and can list its children.
zk::acl_rule::id
const std::string & id() const
The ID of the user under the scheme.
Definition: acl.hpp:86
zk::acl_rule::scheme
const std::string & scheme() const
The authentication scheme this list is used for.
Definition: acl.hpp:78
zk::permission
permission
Describes the ability of a user to perform a certain action.
Definition: acl.hpp:23
zk::acl
An access control list is a wrapper around acl_rule instances.
Definition: acl.hpp:124
zk::permission::erase
You can erase a child node (but not necessarily this one).
zk::permission::write
You can set the data of a node.
zk::acl_rule::acl_rule
acl_rule(std::string scheme, std::string id, permission permissions)
Create an ACL under the given scheme and id with the given permissions.
Definition: acl.cpp:44