Interface for implementing an authorization backend.
More...
|
int | ua_authorization_init (uint32_t max_users, uint32_t max_groups) |
| Initialize structures needed for managing user and group authorization. More...
|
|
void | ua_authorization_clear (void) |
| Delete all users and groups and clear structures for managing users and groups.
|
|
int | ua_authorization_get_default_perm (struct ua_perm_ctx *perm, enum ua_nodeclass nc) |
| Get the current default permissions.
|
|
int | ua_authorization_get_user_info (const struct ua_string *username, struct ua_user_ctx *user_ctx, enum ua_messagesecuritymode mode) |
| Get the user context for a given user. More...
|
|
ua_statuscode | ua_authorization_is_attrreadable (ua_node_t node, struct ua_user_ctx *user) |
| Check if the attributes of a node are readable by the user. More...
|
|
ua_statuscode | ua_authorization_is_attrwritable (ua_node_t node, struct ua_user_ctx *user) |
| Check if the attributes of a node are writable by the user. More...
|
|
ua_statuscode | ua_authorization_is_executable (ua_node_t node, struct ua_user_ctx *user) |
| Check if a method is executeable by the user. More...
|
|
ua_statuscode | ua_authorization_is_eventreadable (ua_node_t node, struct ua_user_ctx *user) |
| Check if the user may read the events of an object. More...
|
|
ua_statuscode | ua_authorization_is_readable (ua_node_t node, struct ua_user_ctx *user) |
| Check if the value of a variable is readable by the user. More...
|
|
ua_statuscode | ua_authorization_is_writable (ua_node_t node, struct ua_user_ctx *user) |
| Check if the value of a variable is writable by the user. More...
|
|
ua_statuscode | ua_authorization_is_historyreadable (ua_node_t node, struct ua_user_ctx *user) |
| Check if the history of a variable is readable by the user. More...
|
|
ua_statuscode | ua_authorization_is_historyinsertable (ua_node_t node, struct ua_user_ctx *user) |
| Check if the user can insert values in the history of a variable. More...
|
|
ua_statuscode | ua_authorization_is_historymodifiable (ua_node_t node, struct ua_user_ctx *user) |
| Check if the user can modify the history of a variable. More...
|
|
ua_statuscode | ua_authorization_is_historydeletable (ua_node_t node, struct ua_user_ctx *user) |
| Check if the user can delete values from the history of a variable. More...
|
|
int | ua_authorization_load_from_file (const char *users_file, const char *groups_file) |
| Load authorization information from files. More...
|
|
void | ua_authorization_print_c_code (struct ua_filestream *f, struct ua_perm_ctx *perm) |
| Print the ua_perm_ctx structure as C code. More...
|
|
Interface for implementing an authorization backend.
The functions declared here must be implemented by every authorization backend. Further functionallity is backend specific and thus implemented in the backend like inode.
◆ ua_authorization_get_user_info()
Get the user context for a given user.
- Parameters
-
username | Name of the user. |
user_ctx | The user context. |
mode | The messagesecuritymode of the user's connection to the server. |
- Returns
- 0 on success or errorcode on failure.
◆ ua_authorization_init()
int ua_authorization_init |
( |
uint32_t |
max_users, |
|
|
uint32_t |
max_groups |
|
) |
| |
Initialize structures needed for managing user and group authorization.
- Parameters
-
max_users | Maximum number of users, that can be added. |
max_groups | Maximum number of groups, that can be added. |
- Returns
- 0 on success or errorcode on failure.
◆ ua_authorization_is_attrreadable()
Check if the attributes of a node are readable by the user.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_is_attrwritable()
Check if the attributes of a node are writable by the user.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_is_eventreadable()
Check if the user may read the events of an object.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_is_executable()
Check if a method is executeable by the user.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_is_historydeletable()
Check if the user can delete values from the history of a variable.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_is_historyinsertable()
Check if the user can insert values in the history of a variable.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_is_historymodifiable()
Check if the user can modify the history of a variable.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_is_historyreadable()
Check if the history of a variable is readable by the user.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_is_readable()
Check if the value of a variable is readable by the user.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_is_writable()
Check if the value of a variable is writable by the user.
- Returns
- 0 if true or statuscode if access is denied.
◆ ua_authorization_load_from_file()
int ua_authorization_load_from_file |
( |
const char * |
users_file, |
|
|
const char * |
groups_file |
|
) |
| |
Load authorization information from files.
Backends based on users and groups might use the parameters to specify a user and group file to load the information from. Other backends might give these parameters other semantics.
- Returns
- 0 on success or errorcode on failure.
◆ ua_authorization_print_c_code()
Print the ua_perm_ctx structure as C code.
- Parameters
-
f | Filedescriptor to write to. |
perm | The ua_perm_ctx structure to print. |