1 kumpf 1.4 //%/////////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 kumpf 1.4 // Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Company, IBM,
|
4 mike 1.2 // The Open Group, Tivoli Systems
5 //
6 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
7 kumpf 1.4 // of this software and associated documentation files (the "Software"), to
8 // deal in the Software without restriction, including without limitation the
9 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
10 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
11 // furnished to do so, subject to the following conditions:
12 //
|
13 kumpf 1.4 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
14 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
15 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
16 kumpf 1.4 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
17 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
18 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
19 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
21 //
|
22 kumpf 1.4 //==============================================================================
|
23 mike 1.2 //
24 // Author: Sushma Fernandes (sushma_fernandes@hp.com)
25 //
26 // Modified By: Nag Boranna, Hewlett Packard Company (nagaraja_boranna@hp.com)
27 //
28 //%////////////////////////////////////////////////////////////////////////////
29
30
31 ///////////////////////////////////////////////////////////////////////////////
32 //
33 // This file implements the functionality required to manage password file.
34 //
35 ///////////////////////////////////////////////////////////////////////////////
36
37 #ifndef Pegasus_AuthorizationHandler_h
38 #define Pegasus_AuthorizationHandler_h
39
40 #include <cctype>
41 #include <fstream>
42
43 #include <Pegasus/Common/Config.h>
44 mike 1.2 #include <Pegasus/Common/String.h>
45 #include <Pegasus/Repository/CIMRepository.h>
46
47 #include <Pegasus/Security/UserManager/Linkage.h>
48
49 PEGASUS_NAMESPACE_BEGIN
50
51 ///////////////////////////////////////////////////////////////////////////////
52 // Auth Table
53 //////////////////////////////////////////////////////////////////////////////
54
55 typedef HashTable<String, String, EqualFunc<String>, HashFunc<String> > AuthTable;
56
|
57 kumpf 1.3 /** This class implements the functionality required to manage user authorizations.
58 It provides methods to get, set, remove and verify the user authorizations at
59 namespace level.
60 */
|
61 mike 1.2
62 class PEGASUS_USERMANAGER_LINKAGE AuthorizationHandler
63 {
64
65 private:
66
67 //
68 // Authorization cache
69 //
70 AuthTable _authTable;
71
72 //
73 // Repository handle
74 //
75 CIMRepository* _repository;
76
77 protected:
78
|
79 kumpf 1.3 /** Load the user information from the Repository.
|
80 mike 1.2 */
81 void _loadAllAuthorizations ();
82
83
84 public:
85
86 /** Constructor. */
87 AuthorizationHandler(CIMRepository* repository);
88
89 /** Destructor. */
90 ~AuthorizationHandler();
91
|
92 kumpf 1.3 /** Verify whether the spcefied namespace is a valid namespace.
93 @param nameSpace string containing the namespace name.
94 @return true if the specified name space is valid and exists, false otherwise.
|
95 mike 1.2 */
96 Boolean verifyNamespace( const String& nameSpace );
97
|
98 kumpf 1.3 /** Verify whether the specified operation has authorization to be performed
99 by the specified user.
100 @param userName string containing the user name.
101 @param nameSpace string containing the namespace name.
102 @param cimMethodName string containing the cim method name.
103 @return true if the specified user has authorizations to run the specified CIM
104 operation on the specified namespace, false otherwise.
|
105 mike 1.2 */
106 Boolean verifyAuthorization(
107 const String& userName,
108 const String& nameSpace,
109 const String& cimMethodName);
110
|
111 kumpf 1.3 /** Set the authorization to the specified user on the specified namespace.
112 @param userName string containing the user name.
113 @param nameSpace string containing the namespace name.
114 @param auth string containing the authorizations.
|
115 mike 1.2 */
116 void setAuthorization(
117 const String& userName,
118 const String& nameSpace,
119 const String& auth);
120
|
121 kumpf 1.3 /** Remove the authorizations of the specified user on the specified namespace.
122 @param userName string containing the user name.
123 @param nameSpace string containing the namespace name.
|
124 mike 1.2 */
125 void removeAuthorization(
126 const String& userName,
127 const String& nameSpace);
128
|
129 kumpf 1.3 /** Get the authorizations of the specified user on the specified namespace.
130 @param userName string containing the user name.
131 @param nameSpace string containing the namespace name.
132 @return a string containing the authorizations.
|
133 mike 1.2 */
134 String getAuthorization(
135 const String& userName,
136 const String& nameSpace);
137 };
138
139 PEGASUS_NAMESPACE_END
140
141 #endif /* Pegasus_AuthorizationHandler_h */
142
|