Main Page | Namespace List | Class Hierarchy | Alphabetical List | Class List | Directories | File List | Namespace Members | Class Members | File Members | Related Pages

unisecuregen.h

Go to the documentation of this file.
00001 /* -*- Mode: C++ -*-
00002  * Worldvisions Weaver Software:
00003  *   Copyright (C) 1997-2002 Net Integration Technologies, Inc.
00004  * 
00005  */
00006 
00007 #ifndef __UNISECUREGEN_H
00008 #define __UNISECUREGEN_H
00009 
00010 #include "unifiltergen.h"
00011 #include "unipermgen.h"
00012 #include "wvstring.h"
00013 #include "wvstringlist.h"
00014 
00015 /**
00016  * UniSecureGen wraps a given generator and checks permissions (using a
00017  * Unix-style scheme) before responding to requests.  The permissions for
00018  * generator gen are stored in a parallel tree, perms.
00019  *
00020  * It is up to the caller to ensure that the UniPermGen is itself secure.
00021  * (The easiest way is probably to back it with an ini file in a secure
00022  * directory.)  Note that there is a race condition here: there is no locking
00023  * to be sure that the UniPermGen is not altered while a key is being looked
00024  * up.  This could come into play, for instance, if the exec permission is
00025  * removed from a subtree while the UniSecureGen is in the middle of
00026  * drilldown().
00027  *
00028  * UniSecureGen cannot be created with a moniker due to its extra methods.
00029  * Instead, just create one with new and mount it with UniConf::mountgen.
00030  */
00031 class UniSecureGen : public UniFilterGen
00032 {
00033     UniPermGen *perms;
00034     UniPermGen::Credentials cred;
00035 
00036 public:
00037     UniSecureGen(UniConfGen *_gen, UniPermGen *_perms);
00038     UniSecureGen(WvStringParm moniker, UniPermGen *_perms);
00039 
00040     void setcredentials(const UniPermGen::Credentials &_cred);
00041     void setcredentials(WvStringParm user, const WvStringList &groups);
00042     
00043     /** Overridden methods */
00044     virtual WvString get(const UniConfKey &key);
00045     virtual bool exists(const UniConfKey &key);
00046     virtual void set(const UniConfKey &key, WvStringParm value);
00047     virtual bool haschildren(const UniConfKey &key);
00048     virtual Iter *iterator(const UniConfKey &key);
00049 
00050 private:
00051 
00052     /** Check the perms tree for the given permission */
00053     bool findperm(const UniConfKey &key, UniPermGen::Type type);
00054 
00055     /**
00056      * Search the fullpath of key to be sure we are able to view each
00057      * element.  If we ever find a missing exec permission, return false
00058      * immediately.
00059      */
00060     bool drilldown(const UniConfKey &key);
00061 
00062     /** Override gencallback to check for permissions before sending a delta */
00063     virtual void gencallback(const UniConfKey &key, WvStringParm value,
00064             void *userdata);
00065 };
00066 
00067 
00068 #endif // __UNISECUREGEN_H

Generated on Wed Dec 15 15:08:10 2004 for WvStreams by  doxygen 1.3.9.1