Skip to content

iox::posix::AccessController🔗

abstraction class for the management of access control lists (ACLs). More...

#include <access_control.hpp>

Public Types🔗

Name
enum acl_tag_t Category { USER = ACL_USER_OBJ, SPECIFIC_USER = ACL_USER, GROUP = ACL_GROUP_OBJ, SPECIFIC_GROUP = ACL_GROUP, OTHERS = ACL_OTHER }
identifier for a permission entry (user, group, others, ...)
enum acl_perm_t Permission { READ = ACL_READ, WRITE = ACL_WRITE, READWRITE = Permission::READ
using cxx::string< 100 > string_t

Public Functions🔗

Name
bool addPermissionEntry(const Category f_category, const Permission f_permission, const uint32_t f_id =-1u)
define and store a specific permission entry to be used by writePermissionsToFile.
bool addPermissionEntry(const Category f_category, const Permission f_permission, const string_t & f_name)
just like addPermissionEntry(Category, Permission, int) but using a name instead of an id.
bool writePermissionsToFile(const int32_t f_fileDescriptor) const
Write permission entries stored by the AccessController to a file identified by a file descriptor.

Public Attributes🔗

Name
constexpr int32_t MaxNumOfPermissions
maximum number of permission entries the AccessController can store

Detailed Description🔗

class iox::posix::AccessController;

abstraction class for the management of access control lists (ACLs).

ACLs allow to define fine-grained access rights for files. In addition to the standard access rights, which can only distinguish between user/group/others, ACLs can be used to give specific access rights to named users and groups. ACL is part of the posix specification. The AccessController class is used to store ACL permission entries and provides a way to write those entries to a file. A permission entry can be seen as a combination of an access Category, a Permission and an optional name (used to identify specific users and groups.)

Public Types Documentation🔗

enum Category🔗

Enumerator Value Description
USER ACL_USER_OBJ
SPECIFIC_USER ACL_USER a specific user must be identified by a name
GROUP ACL_GROUP_OBJ
SPECIFIC_GROUP ACL_GROUP a specific group must be identified by a name
OTHERS ACL_OTHER

identifier for a permission entry (user, group, others, ...)

enum Permission🔗

Enumerator Value Description
READ ACL_READ
WRITE ACL_WRITE
READWRITE Permission::READ Permission::WRITE
NONE 0

access right for a permission entry

using string_t🔗

using iox::posix::AccessController::string_t =  cxx::string<100>;

Public Functions Documentation🔗

function addPermissionEntry🔗

bool addPermissionEntry(
    const Category f_category,
    const Permission f_permission,
    const uint32_t f_id =-1u
)

define and store a specific permission entry to be used by writePermissionsToFile.

Parameters:

  • [f_id] id of the user or group. For Category::SPECIFIC_USER or Category::SPECIFIC_GROUP the id is required. Otherwise writing the permission entry to a file will fail. For the default user/group/others categories the id is ignored and can therefore be left empty. Do not forget to add permissions of the standard user/group/others categories before writing to a file.
  • [f_permission] Permissions which should be applied to the category.
  • [f_id] The group or user id - depending on the category. For Category::USER, Category::GROUP and Category::OTHER the f_id is not required for everything else a valid group or user id is mandatory.

function addPermissionEntry🔗

bool addPermissionEntry(
    const Category f_category,
    const Permission f_permission,
    const string_t & f_name
)

just like addPermissionEntry(Category, Permission, int) but using a name instead of an id.

function writePermissionsToFile🔗

bool writePermissionsToFile(
    const int32_t f_fileDescriptor
) const

Write permission entries stored by the AccessController to a file identified by a file descriptor.

Parameters:

  • [f_fileDescriptor] identifier for a file (can be regular file, shared memory file, message queue file... everything is a file).

Return: true if succesful. If false, you can assume that the file has not been touched at all.

Public Attributes Documentation🔗

variable MaxNumOfPermissions🔗

static constexpr int32_t MaxNumOfPermissions = 20;

maximum number of permission entries the AccessController can store


Updated on 26 April 2021 at 15:31:01 CEST