Consolidate objclass util services.
Signed-off-by: Yehuda Sadeh <yehuda@redhat.com>
set(librgw_common_srcs
services/svc_finisher.cc
- services/svc_mfa.cc
+ services/svc_cls.cc
services/svc_notify.cc
services/svc_quota.cc
services/svc_sync_modules.cc
#include "rgw_sync_module_pubsub.h"
#include "services/svc_sync_modules.h"
-#include "services/svc_mfa.h"
+#include "services/svc_cls.h"
#define dout_context g_ceph_context
#define dout_subsys ceph_subsys_rgw
}
real_time mtime = real_clock::now();
- string oid = store->svc.mfa->get_mfa_oid(user_id);
+ string oid = store->svc.cls->mfa.get_mfa_oid(user_id);
int ret = store->meta_mgr->mutate(rgw_otp_get_handler(), oid, mtime, &objv_tracker,
MDLOG_STATUS_WRITE, RGWMetadataHandler::APPLY_ALWAYS,
[&] {
- return store->svc.mfa->create_mfa(user_id, config, &objv_tracker, mtime, null_yield);
+ return store->svc.cls->mfa.create_mfa(user_id, config, &objv_tracker, mtime, null_yield);
});
if (ret < 0) {
cerr << "MFA creation failed, error: " << cpp_strerror(-ret) << std::endl;
}
real_time mtime = real_clock::now();
- string oid = store->svc.mfa->get_mfa_oid(user_id);
+ string oid = store->svc.cls->mfa.get_mfa_oid(user_id);
int ret = store->meta_mgr->mutate(rgw_otp_get_handler(), oid, mtime, &objv_tracker,
MDLOG_STATUS_WRITE, RGWMetadataHandler::APPLY_ALWAYS,
[&] {
- return store->svc.mfa->remove_mfa(user_id, totp_serial, &objv_tracker, mtime, null_yield);
+ return store->svc.cls->mfa.remove_mfa(user_id, totp_serial, &objv_tracker, mtime, null_yield);
});
if (ret < 0) {
cerr << "MFA removal failed, error: " << cpp_strerror(-ret) << std::endl;
}
rados::cls::otp::otp_info_t result;
- int ret = store->svc.mfa->get_mfa(user_id, totp_serial, &result, null_yield);
+ int ret = store->svc.cls->mfa.get_mfa(user_id, totp_serial, &result, null_yield);
if (ret < 0) {
if (ret == -ENOENT || ret == -ENODATA) {
cerr << "MFA serial id not found" << std::endl;
}
list<rados::cls::otp::otp_info_t> result;
- int ret = store->svc.mfa->list_mfa(user_id, &result, null_yield);
+ int ret = store->svc.cls->mfa.list_mfa(user_id, &result, null_yield);
if (ret < 0) {
cerr << "MFA listing failed, error: " << cpp_strerror(-ret) << std::endl;
return -ret;
}
list<rados::cls::otp::otp_info_t> result;
- int ret = store->svc.mfa->check_mfa(user_id, totp_serial, totp_pin.front(), null_yield);
+ int ret = store->svc.cls->mfa.check_mfa(user_id, totp_serial, totp_pin.front(), null_yield);
if (ret < 0) {
cerr << "MFA check failed, error: " << cpp_strerror(-ret) << std::endl;
return -ret;
}
rados::cls::otp::otp_info_t config;
- int ret = store->svc.mfa->get_mfa(user_id, totp_serial, &config, null_yield);
+ int ret = store->svc.cls->mfa.get_mfa(user_id, totp_serial, &config, null_yield);
if (ret < 0) {
if (ret == -ENOENT || ret == -ENODATA) {
cerr << "MFA serial id not found" << std::endl;
ceph::real_time now;
- ret = store->svc.mfa->otp_get_current_time(user_id, &now, null_yield);
+ ret = store->svc.cls->mfa.otp_get_current_time(user_id, &now, null_yield);
if (ret < 0) {
cerr << "ERROR: failed to fetch current time from osd: " << cpp_strerror(-ret) << std::endl;
return -ret;
/* now update the backend */
real_time mtime = real_clock::now();
- string oid = store->svc.mfa->get_mfa_oid(user_id);
+ string oid = store->svc.cls->mfa.get_mfa_oid(user_id);
ret = store->meta_mgr->mutate(rgw_otp_get_handler(), oid, mtime, &objv_tracker,
MDLOG_STATUS_WRITE, RGWMetadataHandler::APPLY_ALWAYS,
[&] {
- return store->svc.mfa->create_mfa(user_id, config, &objv_tracker, mtime, null_yield);
+ return store->svc.cls->mfa.create_mfa(user_id, config, &objv_tracker, mtime, null_yield);
});
if (ret < 0) {
cerr << "MFA update failed, error: " << cpp_strerror(-ret) << std::endl;
#include "rgw_tools.h"
#include "services/svc_zone.h"
-#include "services/svc_mfa.h"
+#include "services/svc_cls.h"
#define dout_subsys ceph_subsys_rgw
real_time mtime;
list<rados::cls::otp::otp_info_t> result;
- int r = store->svc.mfa->list_mfa(entry, &result, &objv_tracker, &mtime, null_yield);
+ int r = store->svc.cls->mfa.list_mfa(entry, &result, &objv_tracker, &mtime, null_yield);
if (r < 0) {
return r;
}
int ret = store->meta_mgr->mutate(this, entry, mtime, &objv_tracker,
MDLOG_STATUS_WRITE, sync_mode,
[&] {
- return store->svc.mfa->set_mfa(entry, devices, true, &objv_tracker, mtime, null_yield);
+ return store->svc.cls->mfa.set_mfa(entry, devices, true, &objv_tracker, mtime, null_yield);
});
if (ret < 0) {
return ret;
#include "rgw_zone.h"
#include "services/svc_zone.h"
-#include "services/svc_mfa.h"
+#include "services/svc_cls.h"
#include "include/ceph_assert.h"
#include "rgw_role.h"
return -EACCES;
}
- int ret = store->svc.mfa->check_mfa(user->user_id, serial, pin, null_yield);
+ int ret = store->svc.cls->mfa.check_mfa(user->user_id, serial, pin, null_yield);
if (ret < 0) {
ldpp_dout(dpp, 20) << "NOTICE: failed to check MFA, serial=" << serial << dendl;
return -EACCES;
#include "rgw_service.h"
#include "services/svc_finisher.h"
-#include "services/svc_mfa.h"
+#include "services/svc_cls.h"
#include "services/svc_notify.h"
#include "services/svc_rados.h"
#include "services/svc_zone.h"
bool raw)
{
finisher = std::make_unique<RGWSI_Finisher>(cct);
- mfa = std::make_unique<RGWSI_MFA>(cct);
+ cls = std::make_unique<RGWSI_Cls>(cct);
notify = std::make_unique<RGWSI_Notify>(cct);
rados = std::make_unique<RGWSI_RADOS>(cct);
zone = std::make_unique<RGWSI_Zone>(cct);
sysobj_cache = std::make_unique<RGWSI_SysObj_Cache>(cct);
}
finisher->init();
- mfa->init(zone.get(), rados.get());
+ cls->init(zone.get(), rados.get());
notify->init(zone.get(), rados.get(), finisher.get());
rados->init();
zone->init(sysobj.get(), rados.get(), sync_modules.get());
}
}
- r = mfa->start();
+ r = cls->start();
if (r < 0) {
- ldout(cct, 0) << "ERROR: failed to start mfa service (" << cpp_strerror(-r) << dendl;
+ ldout(cct, 0) << "ERROR: failed to start cls service (" << cpp_strerror(-r) << dendl;
return r;
}
}
finisher = _svc.finisher.get();
+ cls = _svc.cls.get();
notify = _svc.notify.get();
rados = _svc.rados.get();
zone = _svc.zone.get();
};
class RGWSI_Finisher;
-class RGWSI_MFA;
+class RGWSI_Cls;
class RGWSI_Notify;
class RGWSI_RADOS;
class RGWSI_Zone;
bool has_shutdown{false};
std::unique_ptr<RGWSI_Finisher> finisher;
- std::unique_ptr<RGWSI_MFA> mfa;
+ std::unique_ptr<RGWSI_Cls> cls;
std::unique_ptr<RGWSI_Notify> notify;
std::unique_ptr<RGWSI_RADOS> rados;
std::unique_ptr<RGWSI_Zone> zone;
RGWServices_Def _svc;
RGWSI_Finisher *finisher{nullptr};
- RGWSI_MFA *mfa{nullptr};
+ RGWSI_Cls *cls{nullptr};
RGWSI_Notify *notify{nullptr};
RGWSI_RADOS *rados{nullptr};
RGWSI_Zone *zone{nullptr};
--- /dev/null
+
+
+#include "svc_cls.h"
+#include "svc_rados.h"
+#include "svc_zone.h"
+
+#include "rgw/rgw_zone.h"
+
+#include "cls/otp/cls_otp_client.h"
+
+
+#define dout_subsys ceph_subsys_rgw
+
+
+int RGWSI_Cls::do_start()
+{
+ int r = mfa.do_start();
+ if (r < 0) {
+ ldout(cct, 0) << "ERROR: failed to start mfa service" << dendl;
+ return r;
+ }
+
+ return 0;
+}
+
+int RGWSI_Cls::MFA::get_mfa_obj(const rgw_user& user, std::optional<RGWSI_RADOS::Obj> *obj)
+{
+ string oid = get_mfa_oid(user);
+ rgw_raw_obj o(zone_svc->get_zone_params().otp_pool, oid);
+
+ obj->emplace(rados_svc->obj(o));
+ int r = (*obj)->open();
+ if (r < 0) {
+ ldout(cct, 4) << "failed to open rados context for " << o << dendl;
+ return r;
+ }
+
+ return 0;
+}
+
+int RGWSI_Cls::MFA::get_mfa_ref(const rgw_user& user, rgw_rados_ref *ref)
+{
+ std::optional<RGWSI_RADOS::Obj> obj;
+ int r = get_mfa_obj(user, &obj);
+ if (r < 0) {
+ return r;
+ }
+ *ref = obj->get_ref();
+ return 0;
+}
+
+int RGWSI_Cls::MFA::check_mfa(const rgw_user& user, const string& otp_id, const string& pin, optional_yield y)
+{
+ rgw_rados_ref ref;
+ int r = get_mfa_ref(user, &ref);
+ if (r < 0) {
+ return r;
+ }
+
+ rados::cls::otp::otp_check_t result;
+
+ r = rados::cls::otp::OTP::check(cct, ref.ioctx, ref.obj.oid, otp_id, pin, &result);
+ if (r < 0)
+ return r;
+
+ ldout(cct, 20) << "OTP check, otp_id=" << otp_id << " result=" << (int)result.result << dendl;
+
+ return (result.result == rados::cls::otp::OTP_CHECK_SUCCESS ? 0 : -EACCES);
+}
+
+void RGWSI_Cls::MFA::prepare_mfa_write(librados::ObjectWriteOperation *op,
+ RGWObjVersionTracker *objv_tracker,
+ const ceph::real_time& mtime)
+{
+ RGWObjVersionTracker ot;
+
+ if (objv_tracker) {
+ ot = *objv_tracker;
+ }
+
+ if (ot.write_version.tag.empty()) {
+ if (ot.read_version.tag.empty()) {
+ ot.generate_new_write_ver(cct);
+ } else {
+ ot.write_version = ot.read_version;
+ ot.write_version.ver++;
+ }
+ }
+
+ ot.prepare_op_for_write(op);
+ struct timespec mtime_ts = real_clock::to_timespec(mtime);
+ op->mtime2(&mtime_ts);
+}
+
+int RGWSI_Cls::MFA::create_mfa(const rgw_user& user, const rados::cls::otp::otp_info_t& config,
+ RGWObjVersionTracker *objv_tracker, const ceph::real_time& mtime, optional_yield y)
+{
+ std::optional<RGWSI_RADOS::Obj> obj;
+ int r = get_mfa_obj(user, &obj);
+ if (r < 0) {
+ return r;
+ }
+
+ librados::ObjectWriteOperation op;
+ prepare_mfa_write(&op, objv_tracker, mtime);
+ rados::cls::otp::OTP::create(&op, config);
+ r = obj->operate(&op, y);
+ if (r < 0) {
+ ldout(cct, 20) << "OTP create, otp_id=" << config.id << " result=" << (int)r << dendl;
+ return r;
+ }
+
+ return 0;
+}
+
+int RGWSI_Cls::MFA::remove_mfa(const rgw_user& user, const string& id,
+ RGWObjVersionTracker *objv_tracker,
+ const ceph::real_time& mtime,
+ optional_yield y)
+{
+ std::optional<RGWSI_RADOS::Obj> obj;
+ int r = get_mfa_obj(user, &obj);
+ if (r < 0) {
+ return r;
+ }
+
+ librados::ObjectWriteOperation op;
+ prepare_mfa_write(&op, objv_tracker, mtime);
+ rados::cls::otp::OTP::remove(&op, id);
+ r = obj->operate(&op, y);
+ if (r < 0) {
+ ldout(cct, 20) << "OTP remove, otp_id=" << id << " result=" << (int)r << dendl;
+ return r;
+ }
+
+ return 0;
+}
+
+int RGWSI_Cls::MFA::get_mfa(const rgw_user& user, const string& id, rados::cls::otp::otp_info_t *result,
+ optional_yield y)
+{
+ rgw_rados_ref ref;
+
+ int r = get_mfa_ref(user, &ref);
+ if (r < 0) {
+ return r;
+ }
+
+ r = rados::cls::otp::OTP::get(nullptr, ref.ioctx, ref.obj.oid, id, result);
+ if (r < 0) {
+ return r;
+ }
+
+ return 0;
+}
+
+int RGWSI_Cls::MFA::list_mfa(const rgw_user& user, list<rados::cls::otp::otp_info_t> *result,
+ optional_yield y)
+{
+ rgw_rados_ref ref;
+
+ int r = get_mfa_ref(user, &ref);
+ if (r < 0) {
+ return r;
+ }
+
+ r = rados::cls::otp::OTP::get_all(nullptr, ref.ioctx, ref.obj.oid, result);
+ if (r < 0) {
+ return r;
+ }
+
+ return 0;
+}
+
+int RGWSI_Cls::MFA::otp_get_current_time(const rgw_user& user, ceph::real_time *result,
+ optional_yield y)
+{
+ rgw_rados_ref ref;
+
+ int r = get_mfa_ref(user, &ref);
+ if (r < 0) {
+ return r;
+ }
+
+ r = rados::cls::otp::OTP::get_current_time(ref.ioctx, ref.obj.oid, result);
+ if (r < 0) {
+ return r;
+ }
+
+ return 0;
+}
+
+int RGWSI_Cls::MFA::set_mfa(const string& oid, const list<rados::cls::otp::otp_info_t>& entries,
+ bool reset_obj, RGWObjVersionTracker *objv_tracker,
+ const real_time& mtime,
+ optional_yield y)
+{
+ rgw_raw_obj o(zone_svc->get_zone_params().otp_pool, oid);
+ auto obj = rados_svc->obj(o);
+ int r = obj.open();
+ if (r < 0) {
+ ldout(cct, 4) << "failed to open rados context for " << o << dendl;
+ return r;
+ }
+ librados::ObjectWriteOperation op;
+ if (reset_obj) {
+ op.remove();
+ op.set_op_flags2(LIBRADOS_OP_FLAG_FAILOK);
+ op.create(false);
+ }
+ prepare_mfa_write(&op, objv_tracker, mtime);
+ rados::cls::otp::OTP::set(&op, entries);
+ r = obj.operate(&op, y);
+ if (r < 0) {
+ ldout(cct, 20) << "OTP set entries.size()=" << entries.size() << " result=" << (int)r << dendl;
+ return r;
+ }
+
+ return 0;
+}
+
+int RGWSI_Cls::MFA::list_mfa(const string& oid, list<rados::cls::otp::otp_info_t> *result,
+ RGWObjVersionTracker *objv_tracker, ceph::real_time *pmtime,
+ optional_yield y)
+{
+ rgw_raw_obj o(zone_svc->get_zone_params().otp_pool, oid);
+ auto obj = rados_svc->obj(o);
+ int r = obj.open();
+ if (r < 0) {
+ ldout(cct, 4) << "failed to open rados context for " << o << dendl;
+ return r;
+ }
+ auto& ref = obj.get_ref();
+ librados::ObjectReadOperation op;
+ struct timespec mtime_ts;
+ if (pmtime) {
+ op.stat2(nullptr, &mtime_ts, nullptr);
+ }
+ objv_tracker->prepare_op_for_read(&op);
+ r = rados::cls::otp::OTP::get_all(&op, ref.ioctx, ref.obj.oid, result);
+ if (r < 0) {
+ return r;
+ }
+ if (pmtime) {
+ *pmtime = ceph::real_clock::from_timespec(mtime_ts);
+ }
+
+ return 0;
+}
+
--- /dev/null
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation. See file COPYING.
+ *
+ */
+
+
+#pragma once
+
+#include "cls/otp/cls_otp_types.h"
+
+#include "rgw/rgw_service.h"
+
+#include "svc_rados.h"
+
+
+class RGWSI_Cls : public RGWServiceInstance
+{
+ RGWSI_Zone *zone_svc{nullptr};
+ RGWSI_RADOS *rados_svc{nullptr};
+
+ class ClsSubService : public RGWServiceInstance {
+ friend class RGWSI_Cls;
+
+ RGWSI_Cls *cls_svc{nullptr};
+ RGWSI_Zone *zone_svc{nullptr};
+ RGWSI_RADOS *rados_svc{nullptr};
+
+ void init(RGWSI_Cls *_cls_svc, RGWSI_Zone *_zone_svc, RGWSI_RADOS *_rados_svc) {
+ cls_svc = _cls_svc;
+ zone_svc = _cls_svc->zone_svc;
+ rados_svc = _cls_svc->rados_svc;
+ }
+
+ public:
+ ClsSubService(CephContext *cct) : RGWServiceInstance(cct) {}
+ };
+
+public:
+ class MFA : public ClsSubService {
+ int get_mfa_obj(const rgw_user& user, std::optional<RGWSI_RADOS::Obj> *obj);
+ int get_mfa_ref(const rgw_user& user, rgw_rados_ref *ref);
+
+ void prepare_mfa_write(librados::ObjectWriteOperation *op,
+ RGWObjVersionTracker *objv_tracker,
+ const ceph::real_time& mtime);
+
+ public:
+ MFA(CephContext *cct): ClsSubService(cct) {}
+
+ string get_mfa_oid(const rgw_user& user) {
+ return string("user:") + user.to_str();
+ }
+
+ int check_mfa(const rgw_user& user, const string& otp_id, const string& pin, optional_yield y);
+ int create_mfa(const rgw_user& user, const rados::cls::otp::otp_info_t& config,
+ RGWObjVersionTracker *objv_tracker, const ceph::real_time& mtime, optional_yield y);
+ int remove_mfa(const rgw_user& user, const string& id,
+ RGWObjVersionTracker *objv_tracker,
+ const ceph::real_time& mtime,
+ optional_yield y);
+ int get_mfa(const rgw_user& user, const string& id, rados::cls::otp::otp_info_t *result, optional_yield y);
+ int list_mfa(const rgw_user& user, list<rados::cls::otp::otp_info_t> *result, optional_yield y);
+ int otp_get_current_time(const rgw_user& user, ceph::real_time *result, optional_yield y);
+ int set_mfa(const string& oid, const list<rados::cls::otp::otp_info_t>& entries,
+ bool reset_obj, RGWObjVersionTracker *objv_tracker,
+ const real_time& mtime, optional_yield y);
+ int list_mfa(const string& oid, list<rados::cls::otp::otp_info_t> *result,
+ RGWObjVersionTracker *objv_tracker, ceph::real_time *pmtime, optional_yield y);
+ } mfa;
+
+ RGWSI_Cls(CephContext *cct): RGWServiceInstance(cct), mfa(cct) {}
+
+ void init(RGWSI_Zone *_zone_svc, RGWSI_RADOS *_rados_svc) {
+ rados_svc = _rados_svc;
+ zone_svc = _zone_svc;
+
+ mfa.init(this, zone_svc, rados_svc);
+ }
+
+ int do_start() override;
+};
+
+++ /dev/null
-
-
-#include "svc_mfa.h"
-#include "svc_rados.h"
-#include "svc_zone.h"
-
-#include "rgw/rgw_zone.h"
-
-#include "cls/otp/cls_otp_client.h"
-
-
-#define dout_subsys ceph_subsys_rgw
-
-
-int RGWSI_MFA::get_mfa_obj(const rgw_user& user, std::optional<RGWSI_RADOS::Obj> *obj) {
- string oid = get_mfa_oid(user);
- rgw_raw_obj o(zone_svc->get_zone_params().otp_pool, oid);
-
- obj->emplace(rados_svc->obj(o));
- int r = (*obj)->open();
- if (r < 0) {
- ldout(cct, 4) << "failed to open rados context for " << o << dendl;
- return r;
- }
-
- return 0;
-}
-
-int RGWSI_MFA::get_mfa_ref(const rgw_user& user, rgw_rados_ref *ref) {
- std::optional<RGWSI_RADOS::Obj> obj;
- int r = get_mfa_obj(user, &obj);
- if (r < 0) {
- return r;
- }
- *ref = obj->get_ref();
- return 0;
-}
-
-int RGWSI_MFA::check_mfa(const rgw_user& user, const string& otp_id, const string& pin, optional_yield y)
-{
- rgw_rados_ref ref;
- int r = get_mfa_ref(user, &ref);
- if (r < 0) {
- return r;
- }
-
- rados::cls::otp::otp_check_t result;
-
- r = rados::cls::otp::OTP::check(cct, ref.ioctx, ref.obj.oid, otp_id, pin, &result);
- if (r < 0)
- return r;
-
- ldout(cct, 20) << "OTP check, otp_id=" << otp_id << " result=" << (int)result.result << dendl;
-
- return (result.result == rados::cls::otp::OTP_CHECK_SUCCESS ? 0 : -EACCES);
-}
-
-void RGWSI_MFA::prepare_mfa_write(librados::ObjectWriteOperation *op,
- RGWObjVersionTracker *objv_tracker,
- const ceph::real_time& mtime)
-{
- RGWObjVersionTracker ot;
-
- if (objv_tracker) {
- ot = *objv_tracker;
- }
-
- if (ot.write_version.tag.empty()) {
- if (ot.read_version.tag.empty()) {
- ot.generate_new_write_ver(cct);
- } else {
- ot.write_version = ot.read_version;
- ot.write_version.ver++;
- }
- }
-
- ot.prepare_op_for_write(op);
- struct timespec mtime_ts = real_clock::to_timespec(mtime);
- op->mtime2(&mtime_ts);
-}
-
-int RGWSI_MFA::create_mfa(const rgw_user& user, const rados::cls::otp::otp_info_t& config,
- RGWObjVersionTracker *objv_tracker, const ceph::real_time& mtime, optional_yield y)
-{
- std::optional<RGWSI_RADOS::Obj> obj;
- int r = get_mfa_obj(user, &obj);
- if (r < 0) {
- return r;
- }
-
- librados::ObjectWriteOperation op;
- prepare_mfa_write(&op, objv_tracker, mtime);
- rados::cls::otp::OTP::create(&op, config);
- r = obj->operate(&op, y);
- if (r < 0) {
- ldout(cct, 20) << "OTP create, otp_id=" << config.id << " result=" << (int)r << dendl;
- return r;
- }
-
- return 0;
-}
-
-int RGWSI_MFA::remove_mfa(const rgw_user& user, const string& id,
- RGWObjVersionTracker *objv_tracker,
- const ceph::real_time& mtime,
- optional_yield y)
-{
- std::optional<RGWSI_RADOS::Obj> obj;
- int r = get_mfa_obj(user, &obj);
- if (r < 0) {
- return r;
- }
-
- librados::ObjectWriteOperation op;
- prepare_mfa_write(&op, objv_tracker, mtime);
- rados::cls::otp::OTP::remove(&op, id);
- r = obj->operate(&op, y);
- if (r < 0) {
- ldout(cct, 20) << "OTP remove, otp_id=" << id << " result=" << (int)r << dendl;
- return r;
- }
-
- return 0;
-}
-
-int RGWSI_MFA::get_mfa(const rgw_user& user, const string& id, rados::cls::otp::otp_info_t *result,
- optional_yield y)
-{
- rgw_rados_ref ref;
-
- int r = get_mfa_ref(user, &ref);
- if (r < 0) {
- return r;
- }
-
- r = rados::cls::otp::OTP::get(nullptr, ref.ioctx, ref.obj.oid, id, result);
- if (r < 0) {
- return r;
- }
-
- return 0;
-}
-
-int RGWSI_MFA::list_mfa(const rgw_user& user, list<rados::cls::otp::otp_info_t> *result,
- optional_yield y)
-{
- rgw_rados_ref ref;
-
- int r = get_mfa_ref(user, &ref);
- if (r < 0) {
- return r;
- }
-
- r = rados::cls::otp::OTP::get_all(nullptr, ref.ioctx, ref.obj.oid, result);
- if (r < 0) {
- return r;
- }
-
- return 0;
-}
-
-int RGWSI_MFA::otp_get_current_time(const rgw_user& user, ceph::real_time *result,
- optional_yield y)
-{
- rgw_rados_ref ref;
-
- int r = get_mfa_ref(user, &ref);
- if (r < 0) {
- return r;
- }
-
- r = rados::cls::otp::OTP::get_current_time(ref.ioctx, ref.obj.oid, result);
- if (r < 0) {
- return r;
- }
-
- return 0;
-}
-
-int RGWSI_MFA::set_mfa(const string& oid, const list<rados::cls::otp::otp_info_t>& entries,
- bool reset_obj, RGWObjVersionTracker *objv_tracker,
- const real_time& mtime,
- optional_yield y)
-{
- rgw_raw_obj o(zone_svc->get_zone_params().otp_pool, oid);
- auto obj = rados_svc->obj(o);
- int r = obj.open();
- if (r < 0) {
- ldout(cct, 4) << "failed to open rados context for " << o << dendl;
- return r;
- }
- librados::ObjectWriteOperation op;
- if (reset_obj) {
- op.remove();
- op.set_op_flags2(LIBRADOS_OP_FLAG_FAILOK);
- op.create(false);
- }
- prepare_mfa_write(&op, objv_tracker, mtime);
- rados::cls::otp::OTP::set(&op, entries);
- r = obj.operate(&op, y);
- if (r < 0) {
- ldout(cct, 20) << "OTP set entries.size()=" << entries.size() << " result=" << (int)r << dendl;
- return r;
- }
-
- return 0;
-}
-
-int RGWSI_MFA::list_mfa(const string& oid, list<rados::cls::otp::otp_info_t> *result,
- RGWObjVersionTracker *objv_tracker, ceph::real_time *pmtime,
- optional_yield y)
-{
- rgw_raw_obj o(zone_svc->get_zone_params().otp_pool, oid);
- auto obj = rados_svc->obj(o);
- int r = obj.open();
- if (r < 0) {
- ldout(cct, 4) << "failed to open rados context for " << o << dendl;
- return r;
- }
- auto& ref = obj.get_ref();
- librados::ObjectReadOperation op;
- struct timespec mtime_ts;
- if (pmtime) {
- op.stat2(nullptr, &mtime_ts, nullptr);
- }
- objv_tracker->prepare_op_for_read(&op);
- r = rados::cls::otp::OTP::get_all(&op, ref.ioctx, ref.obj.oid, result);
- if (r < 0) {
- return r;
- }
- if (pmtime) {
- *pmtime = ceph::real_clock::from_timespec(mtime_ts);
- }
-
- return 0;
-}
-
+++ /dev/null
-// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
-// vim: ts=8 sw=2 smarttab
-
-/*
- * Ceph - scalable distributed file system
- *
- * Copyright (C) 2019 Red Hat, Inc.
- *
- * This is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License version 2.1, as published by the Free Software
- * Foundation. See file COPYING.
- *
- */
-
-
-#pragma once
-
-#include "cls/otp/cls_otp_types.h"
-
-#include "rgw/rgw_service.h"
-
-#include "svc_rados.h"
-
-
-class RGWSI_MFA : public RGWServiceInstance
-{
- RGWSI_Zone *zone_svc{nullptr};
- RGWSI_RADOS *rados_svc{nullptr};
-
- int get_mfa_obj(const rgw_user& user, std::optional<RGWSI_RADOS::Obj> *obj);
- int get_mfa_ref(const rgw_user& user, rgw_rados_ref *ref);
-
- void prepare_mfa_write(librados::ObjectWriteOperation *op,
- RGWObjVersionTracker *objv_tracker,
- const ceph::real_time& mtime);
-
-public:
- RGWSI_MFA(CephContext *cct): RGWServiceInstance(cct) {}
-
- void init(RGWSI_Zone *_zone_svc, RGWSI_RADOS *_rados_svc) {
- rados_svc = _rados_svc;
- zone_svc = _zone_svc;
- }
-
- string get_mfa_oid(const rgw_user& user) {
- return string("user:") + user.to_str();
- }
-
- int check_mfa(const rgw_user& user, const string& otp_id, const string& pin, optional_yield y);
- int create_mfa(const rgw_user& user, const rados::cls::otp::otp_info_t& config,
- RGWObjVersionTracker *objv_tracker, const ceph::real_time& mtime, optional_yield y);
- int remove_mfa(const rgw_user& user, const string& id,
- RGWObjVersionTracker *objv_tracker,
- const ceph::real_time& mtime,
- optional_yield y);
- int get_mfa(const rgw_user& user, const string& id, rados::cls::otp::otp_info_t *result, optional_yield y);
- int list_mfa(const rgw_user& user, list<rados::cls::otp::otp_info_t> *result, optional_yield y);
- int otp_get_current_time(const rgw_user& user, ceph::real_time *result, optional_yield y);
- int set_mfa(const string& oid, const list<rados::cls::otp::otp_info_t>& entries,
- bool reset_obj, RGWObjVersionTracker *objv_tracker,
- const real_time& mtime, optional_yield y);
- int list_mfa(const string& oid, list<rados::cls::otp::otp_info_t> *result,
- RGWObjVersionTracker *objv_tracker, ceph::real_time *pmtime, optional_yield y);
-};
-
-
-
projects / ceph-ci.git / commitdiff