Skip to content

iceoryx_utils/internal/posix_wrapper/access_control.hpp🔗

Namespaces🔗

Name
iox
building block to easily create free function for logging in a library context
iox::posix

Classes🔗

Name
class iox::posix::AccessController
abstraction class for the management of access control lists (ACLs).

Source code🔗

// Copyright (c) 2019 by Robert Bosch GmbH. All rights reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0
#ifndef IOX_UTILS_POSIX_WRAPPER_ACCESS_CONTROL_HPP
#define IOX_UTILS_POSIX_WRAPPER_ACCESS_CONTROL_HPP

#include "iceoryx_utils/cxx/optional.hpp"
#include "iceoryx_utils/cxx/string.hpp"
#include "iceoryx_utils/cxx/vector.hpp"
#include "iceoryx_utils/platform/acl.hpp"

#include <cstdint>
#include <functional>
#include <iostream>
#include <memory>
#include <type_traits>

namespace iox
{
namespace posix
{
class AccessController
{
  public:
    using string_t = cxx::string<100>;

    static constexpr int32_t MaxNumOfPermissions = 20;

#if defined(QNX) || defined(QNX__) || defined(__QNX__)
    enum class Category : std::underlying_type<acl_tag_t>::type
#else
    enum class Category : acl_tag_t
#endif
    {
        USER = ACL_USER_OBJ,
        SPECIFIC_USER = ACL_USER,
        GROUP = ACL_GROUP_OBJ,
        SPECIFIC_GROUP = ACL_GROUP,
        OTHERS = ACL_OTHER,
    };

#if defined(QNX) || defined(QNX__) || defined(__QNX__)
    enum class Permission : std::underlying_type<acl_perm_t>::type
#else
    enum class Permission : acl_perm_t
#endif
    {
        READ = ACL_READ,
        WRITE = ACL_WRITE,
        READWRITE = Permission::READ | Permission::WRITE,
        NONE = 0
    };

    bool addPermissionEntry(const Category f_category, const Permission f_permission, const uint32_t f_id = -1u);

    bool addPermissionEntry(const Category f_category, const Permission f_permission, const string_t& f_name);

    bool writePermissionsToFile(const int32_t f_fileDescriptor) const;

  private:
    using smartAclPointer_t = std::unique_ptr<std::remove_pointer<acl_t>::type, std::function<void(acl_t)>>;

    struct PermissionEntry
    {
        unsigned int m_category;
        Permission m_permission;
        unsigned int m_id;
    };

    cxx::vector<PermissionEntry, MaxNumOfPermissions> m_permissions;

    smartAclPointer_t createACL(const int32_t f_numEntries) const;
    bool createACLEntry(const acl_t f_ACL, const PermissionEntry& f_entry) const;
    bool addAclPermission(acl_permset_t f_permset, acl_perm_t f_perm) const;

    bool m_useACLMask{false};
};
} // namespace posix
} // namespace iox

#endif // IOX_UTILS_POSIX_WRAPPER_ACCESS_CONTROL_HPP

Updated on 31 May 2022 at 15:29:15 CEST