1 karl 1.10 //%2006////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.7 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.6 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.7 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.8 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 karl 1.10 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
12 // EMC Corporation; Symantec Corporation; The Open Group.
|
13 mike 1.2 //
14 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
15 kumpf 1.4 // of this software and associated documentation files (the "Software"), to
16 // deal in the Software without restriction, including without limitation the
17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
18 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
19 // furnished to do so, subject to the following conditions:
|
20 karl 1.10 //
|
21 kumpf 1.4 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
22 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
24 kumpf 1.4 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
27 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 //
|
30 kumpf 1.4 //==============================================================================
|
31 mike 1.2 //
32 //%////////////////////////////////////////////////////////////////////////////
33
34
35 ///////////////////////////////////////////////////////////////////////////////
|
36 david.dillard 1.9 //
37 // This file implements the functionality required to manage password file.
|
38 mike 1.2 //
39 ///////////////////////////////////////////////////////////////////////////////
40
41 #ifndef Pegasus_AuthorizationHandler_h
42 #define Pegasus_AuthorizationHandler_h
43
44 #include <Pegasus/Common/Config.h>
45 #include <Pegasus/Common/String.h>
46 #include <Pegasus/Repository/CIMRepository.h>
47
48 #include <Pegasus/Security/UserManager/Linkage.h>
49
50 PEGASUS_NAMESPACE_BEGIN
51
52 ///////////////////////////////////////////////////////////////////////////////
53 // Auth Table
54 //////////////////////////////////////////////////////////////////////////////
55
|
56 kumpf 1.11 typedef HashTable<String, String, EqualFunc<String>, HashFunc<String> >
57 AuthTable;
|
58 mike 1.2
|
59 kumpf 1.11 /**
60 This class implements the functionality required to manage user
61 authorizations. It provides methods to get, set, remove and verify the
62 user authorizations at namespace level.
|
63 kumpf 1.3 */
|
64 mike 1.2 class PEGASUS_USERMANAGER_LINKAGE AuthorizationHandler
65 {
66 private:
67
68 //
69 // Authorization cache
70 //
|
71 kumpf 1.11 AuthTable _authTable;
|
72 mike 1.2
73 //
74 // Repository handle
75 //
|
76 kumpf 1.11 CIMRepository* _repository;
|
77 mike 1.2
78 protected:
79
|
80 kumpf 1.3 /** Load the user information from the Repository.
|
81 mike 1.2 */
|
82 kumpf 1.11 void _loadAllAuthorizations();
|
83 mike 1.2
84 public:
85
86 /** Constructor. */
87 AuthorizationHandler(CIMRepository* repository);
88
89 /** Destructor. */
90 ~AuthorizationHandler();
91
|
92 kumpf 1.3 /** Verify whether the spcefied namespace is a valid namespace.
|
93 kumpf 1.11 @param nameSpace string containing the namespace name.
94 @return true if the specified name space is valid and exists, false
95 otherwise.
96 */
97 Boolean verifyNamespace(const CIMNamespaceName& nameSpace);
98
99 /**
100 Verify whether the specified operation has authorization to be
101 performed by the specified user.
102 @param userName string containing the user name.
103 @param nameSpace string containing the namespace name.
104 @param cimMethodName string containing the cim method name.
105 @return true if the specified user has authorizations to run the
106 specified CIM operation on the specified namespace, false otherwise.
|
107 mike 1.2 */
108 Boolean verifyAuthorization(
|
109 kumpf 1.11 const String& userName,
110 const CIMNamespaceName& nameSpace,
111 const CIMName& cimMethodName);
112
113 /**
114 Set the authorization to the specified user on the specified namespace.
115 @param userName string containing the user name.
116 @param nameSpace string containing the namespace name.
117 @param auth string containing the authorizations.
|
118 mike 1.2 */
119 void setAuthorization(
|
120 kumpf 1.11 const String& userName,
121 const CIMNamespaceName& nameSpace,
122 const String& auth);
123
124 /**
125 Remove the authorizations of the specified user on the specified
126 namespace.
127 @param userName string containing the user name.
128 @param nameSpace string containing the namespace name.
|
129 mike 1.2 */
130 void removeAuthorization(
|
131 kumpf 1.11 const String& userName,
132 const CIMNamespaceName& nameSpace);
|
133 mike 1.2
|
134 kumpf 1.11 /**
135 Get the authorizations of the specified user on the specified namespace.
136 @param userName string containing the user name.
137 @param nameSpace string containing the namespace name.
138 @return a string containing the authorizations.
|
139 mike 1.2 */
140 String getAuthorization(
|
141 kumpf 1.11 const String& userName,
142 const CIMNamespaceName& nameSpace);
|
143 mike 1.2 };
144
145 PEGASUS_NAMESPACE_END
146
147 #endif /* Pegasus_AuthorizationHandler_h */
148
|