{
using qi::char_;
using qi::int_;
+ using qi::uint_;
using qi::lexeme;
using qi::alnum;
using qi::_val;
// match := [path=<path>] [uid=<uid> [gids=<gid>[,<gid>...]]
path %= (spaces >> lit("path") >> lit('=') >> (quoted_path | unquoted_path));
- uid %= (spaces >> lit("uid") >> lit('=') >> int_);
- intlist %= (int_ % lit(','));
- gidlist %= -(spaces >> lit("gids") >> lit('=') >> intlist);
+ uid %= (spaces >> lit("uid") >> lit('=') >> uint_);
+ uintlist %= (uint_ % lit(','));
+ gidlist %= -(spaces >> lit("gids") >> lit('=') >> uintlist);
match = -(
(uid >> gidlist)[_val = phoenix::construct<MDSCapMatch>(_1, _2)] |
(path >> uid >> gidlist)[_val = phoenix::construct<MDSCapMatch>(_1, _2, _3)] |
qi::rule<Iterator, string()> quoted_path, unquoted_path;
qi::rule<Iterator, MDSCapSpec()> capspec;
qi::rule<Iterator, string()> path;
- qi::rule<Iterator, int()> uid;
- qi::rule<Iterator, std::vector<int>() > intlist;
- qi::rule<Iterator, std::vector<int>() > gidlist;
+ qi::rule<Iterator, uint32_t()> uid;
+ qi::rule<Iterator, std::vector<uint32_t>() > uintlist;
+ qi::rule<Iterator, std::vector<uint32_t>() > gidlist;
qi::rule<Iterator, MDSCapMatch()> match;
qi::rule<Iterator, MDSCapGrant()> grant;
qi::rule<Iterator, std::vector<MDSCapGrant>()> grants;
* This is true if any of the 'grant' clauses in the capability match the
* requested path + op.
*/
-bool MDSAuthCaps::is_capable(const std::string &path, int uid, unsigned mask) const
+bool MDSAuthCaps::is_capable(const std::string &path, uid_t uid, unsigned mask) const
{
for (std::vector<MDSCapGrant>::const_iterator i = grants.begin();
i != grants.end();
out << "uid=" << match.uid;
if (!match.gids.empty()) {
out << " gids=";
- for (std::vector<int>::const_iterator p = match.gids.begin();
+ for (std::vector<gid_t>::const_iterator p = match.gids.begin();
p != match.gids.end();
++p) {
if (p != match.gids.begin())
#include <vector>
#include <string>
#include <sstream>
+#include "include/types.h"
// unix-style capabilities
enum {
// conditions before we are allowed to do it
struct MDSCapMatch {
- static const int MDS_AUTH_UID_ANY = -1;
+ static const int64_t MDS_AUTH_UID_ANY = -1;
static const std::string MDS_AUTH_PATH_ROOT;
- int uid; // Require UID to be equal to this, if !=MDS_AUTH_UID_ANY
- std::vector<int> gids; // Use these GIDs
- std::string path; // Require path to be child of this (may be "/" for any)
+ int64_t uid; // Require UID to be equal to this, if !=MDS_AUTH_UID_ANY
+ std::vector<gid_t> gids; // Use these GIDs
+ std::string path; // Require path to be child of this (may be "/" for any)
MDSCapMatch() : uid(MDS_AUTH_UID_ANY), path(MDS_AUTH_PATH_ROOT) {}
- MDSCapMatch(int uid_, std::vector<int>& gids_)
+ MDSCapMatch(int64_t uid_, std::vector<gid_t>& gids_)
: uid(uid_), gids(gids_), path(MDS_AUTH_PATH_ROOT) {}
MDSCapMatch(std::string path_) : uid(MDS_AUTH_UID_ANY), path(path_) {}
- MDSCapMatch(std::string path_, int uid_, std::vector<int>& gids_)
+ MDSCapMatch(std::string path_, int64_t uid_, std::vector<gid_t>& gids_)
: uid(uid_), gids(gids_), path(path_) {}
bool is_match_all() const
bool parse(const std::string &str, std::ostream *err);
bool allow_all() const;
- bool is_capable(const std::string &path, int uid, unsigned mask) const;
+ bool is_capable(const std::string &path, uid_t uid, unsigned mask) const;
friend std::ostream &operator<<(std::ostream &out, const MDSAuthCaps &cap);
};
projects / ceph.git / commitdiff