2011-05-24 16:32:39 +04:00
/* -------------------------------------------------------------------------- */
2018-01-02 20:27:37 +03:00
/* Copyright 2002-2018, OpenNebula Project, OpenNebula Systems */
2011-05-24 16:32:39 +04:00
/* */
/* Licensed under the Apache License, Version 2.0 (the "License"); you may */
/* not use this file except in compliance with the License. You may obtain */
/* a copy of the License at */
/* */
/* http://www.apache.org/licenses/LICENSE-2.0 */
/* */
/* Unless required by applicable law or agreed to in writing, software */
/* distributed under the License is distributed on an "AS IS" BASIS, */
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. */
/* See the License for the specific language governing permissions and */
/* limitations under the License. */
/* -------------------------------------------------------------------------- */
# ifndef REQUEST_H_
# define REQUEST_H_
# include <xmlrpc-c/base.hpp>
# include <xmlrpc-c/registry.hpp>
# include "RequestManager.h"
2012-05-31 18:51:07 +04:00
# include "AuthRequest.h"
2012-01-03 05:58:23 +04:00
# include "PoolObjectSQL.h"
2012-06-16 01:33:50 +04:00
# include "Quotas.h"
2011-05-24 16:32:39 +04:00
using namespace std ;
2016-01-30 15:55:13 +03:00
/**
* This class represents the dynamic attributes : specific for a request of the
* same method .
*/
struct RequestAttributes
{
public :
int uid ; /**< id of the user */
int gid ; /**< id of the user's group */
string uname ; /**< name of the user */
string gname ; /**< name of the user's group */
string password ; /**< password of the user */
set < int > group_ids ; /**< set of user's group ids */
string session ; /**< Session from ONE XML-RPC API */
int req_id ; /**< Request ID for log messages */
int umask ; /**< User umask for new objects */
xmlrpc_c : : value * retval ; /**< Return value from libxmlrpc-c */
PoolObjectSQL : : ObjectType resp_obj ; /**< object type */
int resp_id ; /**< Id of the object */
string resp_msg ; /**< Additional response message */
2016-02-08 14:32:27 +03:00
RequestAttributes ( )
{
resp_obj = PoolObjectSQL : : NONE ;
2017-04-28 20:35:57 +03:00
resp_id = - 1 ;
resp_msg = " " ;
2016-02-08 14:32:27 +03:00
} ;
2016-01-30 15:55:13 +03:00
RequestAttributes ( const RequestAttributes & ra )
{
uid = ra . uid ;
gid = ra . gid ;
uname = ra . uname ;
gname = ra . gname ;
password = ra . password ;
2016-04-21 11:48:14 +03:00
group_ids = ra . group_ids ;
2016-01-30 15:55:13 +03:00
session = ra . session ;
2016-04-21 11:48:14 +03:00
req_id = ra . req_id ;
2016-01-30 15:55:13 +03:00
2016-04-21 11:48:14 +03:00
umask = ra . umask ;
retval = ra . retval ;
2016-01-30 15:55:13 +03:00
resp_obj = ra . resp_obj ;
resp_id = ra . resp_id ;
resp_msg = ra . resp_msg ;
} ;
RequestAttributes ( int _uid , int _gid , const RequestAttributes & ra )
{
uid = _uid ;
gid = _gid ;
password = " " ;
2016-04-21 11:48:14 +03:00
group_ids = ra . group_ids ;
2016-01-30 15:55:13 +03:00
uname = " " ;
gname = " " ;
umask = 0 ;
session = ra . session ;
2016-04-21 11:48:14 +03:00
req_id = ra . req_id ;
umask = ra . umask ;
2016-01-30 15:55:13 +03:00
retval = ra . retval ;
resp_obj = PoolObjectSQL : : NONE ;
resp_id = - 1 ;
resp_msg = " " ;
} ;
2018-05-23 15:42:57 +03:00
2018-05-23 15:50:15 +03:00
bool is_admin ( ) const
2018-05-23 15:42:57 +03:00
{
return uid = = UserPool : : ONEADMIN_ID | |
group_ids . count ( GroupPool : : ONEADMIN_ID ) = = 1 ;
}
2018-05-23 15:50:15 +03:00
bool is_oneadmin ( ) const
2018-05-23 15:42:57 +03:00
{
return uid = = UserPool : : ONEADMIN_ID ;
}
2018-05-23 15:50:15 +03:00
bool is_oneadmin_group ( ) const
2018-05-23 15:42:57 +03:00
{
return gid = = GroupPool : : ONEADMIN_ID ;
}
2016-01-30 15:55:13 +03:00
} ;
2011-05-24 17:23:07 +04:00
/**
* The Request Class represents the basic abstraction for the OpenNebula
* XML - RPC API . This interface must be implemented by any XML - RPC API call
*/
2011-05-24 16:32:39 +04:00
class Request : public xmlrpc_c : : method
{
public :
2011-05-24 17:23:07 +04:00
/**
* Error codes for the XML - RPC API
*/
enum ErrorCode {
2011-05-24 19:31:27 +04:00
SUCCESS = 0x0000 ,
2011-05-24 17:23:07 +04:00
AUTHENTICATION = 0x0100 ,
AUTHORIZATION = 0x0200 ,
2011-05-24 19:31:27 +04:00
NO_EXISTS = 0x0400 ,
ACTION = 0x0800 ,
XML_RPC_API = 0x1000 ,
INTERNAL = 0x2000 ,
2018-01-24 17:33:12 +03:00
ALLOCATE = 0x4000 ,
LOCKED = 0x8000
2011-05-24 17:23:07 +04:00
} ;
2016-01-30 15:55:13 +03:00
/**
* Gets a string representation for the Auth object in the
* request .
* @ param ob object for the auth operation
* @ return string equivalent of the object
*/
static string object_name ( PoolObjectSQL : : ObjectType ob ) ;
2014-10-28 20:52:48 +03:00
/**
* Sets the format string to log xml - rpc method calls . The format string
* interprets the following sequences :
* % i - - request id
* % m - - method name
* % u - - user id
* % U - - user name
* % l - - param list
* % p - - user password
* % g - - group id
* % G - - group name
* % a - - auth token
* % % - - %
*/
static void set_call_log_format ( const string & log_format )
{
format_str = log_format ;
}
2011-05-24 16:32:39 +04:00
protected :
2016-01-30 15:55:13 +03:00
/* ---------------------------------------------------------------------- */
/* Static Request Attributes: shared among request of the same method */
/* ---------------------------------------------------------------------- */
2012-01-03 05:58:23 +04:00
PoolSQL * pool ; /**< Pool of objects */
string method_name ; /**< The name of the XML-RPC method */
2011-05-28 06:03:09 +04:00
2012-01-03 05:58:23 +04:00
PoolObjectSQL : : ObjectType auth_object ; /**< Auth object for the request */
AuthRequest : : Operation auth_op ; /**< Auth operation for the request */
2011-05-26 02:59:50 +04:00
2014-10-28 18:23:09 +03:00
set < int > hidden_params ;
2014-10-28 20:52:48 +03:00
static string format_str ;
2017-05-07 22:52:34 +03:00
bool log_method_call ; //Write method call and result to the log
2017-05-08 11:47:42 +03:00
bool leader_only ; //Method can be only execute by leaders or solo servers
2017-05-25 00:57:37 +03:00
static const long long xmlrpc_timeout ; //Timeout (ms) for request forwarding
2017-05-08 20:48:41 +03:00
2016-01-30 15:55:13 +03:00
/* ---------------------------------------------------------------------- */
/* Class Constructors */
/* ---------------------------------------------------------------------- */
Request ( const string & mn , const string & signature , const string & help ) :
pool ( 0 ) , method_name ( mn )
2011-05-24 16:32:39 +04:00
{
_signature = signature ;
_help = help ;
2014-10-28 18:23:09 +03:00
hidden_params . clear ( ) ;
2017-05-07 22:52:34 +03:00
log_method_call = true ;
2017-05-08 11:47:42 +03:00
leader_only = true ;
2011-05-24 16:32:39 +04:00
} ;
virtual ~ Request ( ) { } ;
2016-01-30 15:55:13 +03:00
/* ---------------------------------------------------------------------- */
/* Methods to execute the request when received at the server */
/* ---------------------------------------------------------------------- */
/**
* Wraps the actual execution function by authorizing the user
* and calling the request_execute virtual function
* @ param _paramlist list of XML parameters
* @ param _retval value to be returned to the client
*/
virtual void execute ( xmlrpc_c : : paramList const & _paramList ,
xmlrpc_c : : value * const _retval ) ;
2011-05-26 02:59:50 +04:00
/**
2016-01-27 15:29:30 +03:00
* Actual Execution method for the request . Must be implemented by the
* XML - RPC requests
* @ param _paramlist of the XML - RPC call ( complete list )
2011-07-07 14:45:13 +04:00
* @ param att the specific request attributes
2011-05-26 02:59:50 +04:00
*/
2016-01-27 15:29:30 +03:00
virtual void request_execute ( xmlrpc_c : : paramList const & _paramList ,
RequestAttributes & att ) = 0 ;
2011-07-01 19:33:37 +04:00
/**
2016-01-27 15:29:30 +03:00
* Locks the requested object , gets information , and unlocks it
2011-07-01 19:33:37 +04:00
*
2016-01-27 15:29:30 +03:00
* @ param pool object pool
* @ param id of the object
* @ param type of the object
* @ param att the specific request attributes
2012-06-28 15:21:19 +04:00
*
2016-01-27 15:29:30 +03:00
* @ param perms returns the object ' s permissions
* @ param name returns the object ' s name
* @ param throw_error send error response to client if object not found
2012-05-30 04:20:16 +04:00
*
2016-01-27 15:29:30 +03:00
* @ return 0 on success , - 1 otherwise
2012-05-30 04:20:16 +04:00
*/
2016-01-30 15:55:13 +03:00
int get_info ( PoolSQL * pool ,
int id ,
PoolObjectSQL : : ObjectType type ,
RequestAttributes & att ,
PoolObjectAuth & perms ,
string & name ,
bool throw_error ) ;
/* ---------------------------------------------------------------------- */
/* Methods to send response to xml-rpc client */
/* ---------------------------------------------------------------------- */
2011-05-24 16:32:39 +04:00
/**
* Builds an XML - RPC response updating retval . After calling this function
* the xml - rpc excute method should return
* @ param val to be returned to the client
2011-07-07 14:45:13 +04:00
* @ param att the specific request attributes
2011-05-24 16:32:39 +04:00
*/
2011-07-07 14:45:13 +04:00
void success_response ( int val , RequestAttributes & att ) ;
2011-05-24 16:32:39 +04:00
/**
* Builds an XML - RPC response updating retval . After calling this function
* the xml - rpc excute method should return
* @ param val string to be returned to the client
2011-07-07 14:45:13 +04:00
* @ param att the specific request attributes
2011-05-24 16:32:39 +04:00
*/
2011-07-07 14:45:13 +04:00
void success_response ( const string & val , RequestAttributes & att ) ;
2011-05-24 16:32:39 +04:00
2015-05-12 13:48:59 +03:00
/**
* Builds an XML - RPC response updating retval . After calling this function
* the xml - rpc execute method should return
* @ param val to be returned to the client
* @ param att the specific request attributes
*/
void success_response ( bool val , RequestAttributes & att ) ;
2011-05-24 16:32:39 +04:00
/**
* Builds an XML - RPC response updating retval . After calling this function
2016-01-30 15:55:13 +03:00
* the xml - rpc excute method should return . A descriptive error message
* is constructed using att . resp_obj , att . resp_id and / or att . resp_msg and
* the ErrorCode
2011-05-24 16:32:39 +04:00
* @ param ec error code for this call
2016-01-30 15:55:13 +03:00
* @ param ra the specific request attributes
2011-05-24 16:32:39 +04:00
*/
2016-01-30 15:55:13 +03:00
void failure_response ( ErrorCode ec , RequestAttributes & ra ) ;
2016-01-27 15:29:30 +03:00
2016-02-08 18:40:38 +03:00
/**
* Builds an error response . A descriptive error message
* is constructed using att . resp_obj , att . resp_id and / or att . resp_msg and
* the ErrorCode
* @ param ec error code for this call
* @ param att the specific request attributes
*/
string failure_message ( ErrorCode ec , RequestAttributes & att ) ;
2016-01-30 15:55:13 +03:00
/* ---------------------------------------------------------------------- */
/* Authorization methods for requests */
/* ---------------------------------------------------------------------- */
2012-02-28 20:59:03 +04:00
/**
2016-01-27 15:29:30 +03:00
* Performs a basic authorization for this request using the uid / gid
* from the request . The function gets the object from the pool to get
* the public attribute and its owner . The authorization is based on
* object and type of operation for the request .
* @ param oid of the object , can be - 1 for objects to be created , or
* pools .
* @ param att the specific request attributes
2012-02-28 20:59:03 +04:00
*
2016-01-27 15:29:30 +03:00
* @ return true if the user is authorized .
2012-02-28 20:59:03 +04:00
*/
2016-01-27 15:29:30 +03:00
bool basic_authorization ( int oid , RequestAttributes & att )
{
return basic_authorization ( oid , auth_op , att ) ;
} ;
2012-10-02 18:25:57 +04:00
/**
2016-01-27 15:29:30 +03:00
* Performs a basic authorization for this request using the uid / gid
* from the request . The function gets the object from the pool to get
* the public attribute and its owner . The authorization is based on
* object and type of operation for the request .
* @ param oid of the object , can be - 1 for objects to be created , or
* pools .
* @ param op operation of the request .
* @ param att the specific request attributes
2012-10-02 18:25:57 +04:00
*
2016-01-27 15:29:30 +03:00
* @ return true if the user is authorized .
2012-10-02 18:25:57 +04:00
*/
2016-01-27 15:29:30 +03:00
bool basic_authorization ( int oid , AuthRequest : : Operation op ,
2016-01-30 15:55:13 +03:00
RequestAttributes & att ) ;
2012-10-02 18:25:57 +04:00
2016-04-11 13:25:02 +03:00
/**
* Performs a basic authorization for this request using the uid / gid
* from the request . The function gets the object from the pool to get
* the public attribute and its owner . The authorization is based on
* object and type of operation for the request .
* @ param pool object pool
* @ param oid of the object , can be - 1 for objects to be created , or
* pools .
* @ param op operation of the request .
* @ param att the specific request attributes
*
* @ return SUCCESS if the user is authorized .
*/
static ErrorCode basic_authorization (
PoolSQL * pool ,
int oid ,
AuthRequest : : Operation op ,
PoolObjectSQL : : ObjectType auth_object ,
RequestAttributes & att ) ;
2012-10-02 18:25:57 +04:00
/**
2016-01-27 15:29:30 +03:00
* Performs a basic quota check for this request using the uid / gid
* from the request . Usage counters are updated for the user / group .
* On case of error , the failure_response return values are set
2012-10-02 18:25:57 +04:00
*
2016-01-27 15:29:30 +03:00
* @ param tmpl describing the object
* @ param object type of the object
* @ param att the specific request attributes
*
* @ return true if the user is authorized .
2012-10-02 18:25:57 +04:00
*/
2016-01-30 15:55:13 +03:00
bool quota_authorization ( Template * tmpl , Quotas : : QuotaType qtype ,
RequestAttributes & att ) ;
2012-06-09 00:14:40 +04:00
2014-10-28 19:40:30 +03:00
/**
2016-01-27 15:29:30 +03:00
* Performs a basic quota check for this request using the uid / gid
* from the request . Usage counters are updated for the user / group .
* On case of error , the failure_response return values is not set , instead
* the error reason is returned in error_str
2014-10-28 19:40:30 +03:00
*
2016-01-27 15:29:30 +03:00
* @ param tmpl describing the object
* @ param object type of the object
* @ param att the specific request attributes
*
* @ param error_str Error reason , if any
* @ return true if the user is authorized .
2014-10-28 19:40:30 +03:00
*/
2016-01-30 15:55:13 +03:00
static bool quota_authorization ( Template * tmpl , Quotas : : QuotaType qtype ,
RequestAttributes & att , string & error_str ) ;
2012-06-09 00:14:40 +04:00
2016-01-27 15:29:30 +03:00
/**
* Performs rollback on usage counters for a previous quota check operation
* for the request .
* @ param tmpl describing the object
* @ param att the specific request attributes
*/
2016-01-30 15:55:13 +03:00
static void quota_rollback ( Template * tmpl , Quotas : : QuotaType qtype ,
RequestAttributes & att ) ;
2018-04-04 15:49:44 +03:00
/**
* @ param tmpl describing the object
* @ param att the specific request attributes
*/
ErrorCode as_uid_gid ( Template * tmpl , RequestAttributes & att ) ;
2016-01-30 15:55:13 +03:00
private :
/* ---------------------------------------------------------------------- */
/* Functions to manage user and group quotas */
/* ---------------------------------------------------------------------- */
static bool user_quota_authorization ( Template * tmpl , Quotas : : QuotaType qtype ,
RequestAttributes & att , string & error_str ) ;
static bool group_quota_authorization ( Template * tmpl , Quotas : : QuotaType qtype ,
RequestAttributes & att , string & error_str ) ;
static void user_quota_rollback ( Template * tmpl , Quotas : : QuotaType qtype ,
RequestAttributes & att ) ;
2012-06-09 00:14:40 +04:00
2016-01-30 15:55:13 +03:00
static void group_quota_rollback ( Template * tmpl , Quotas : : QuotaType qtype ,
RequestAttributes & att ) ;
/**
* Builds an XML - RPC response updating retval . After calling this function
* the xml - rpc excute method should return
* @ param ec error code for this call
* @ param va string representation of the error
* @ param ra the specific request attributes
*/
void failure_response ( ErrorCode ec , const string & va , RequestAttributes & ra ) ;
/**
* Logs the method invocation , including the arguments
* @ param att the specific request attributes
* @ param paramList list of XML parameters
* @ param format_str for the log
* @ param hidden_params params not to be shown
*/
static void log_method_invoked ( const RequestAttributes & att ,
const xmlrpc_c : : paramList & paramList , const string & format_str ,
const std : : string & method_name , const std : : set < int > & hidden_params ) ;
/**
* Logs the method result , including the output data or error message
*
* @ param att the specific request attributes
* @ param method_name that produced the error
*/
static void log_result ( const RequestAttributes & att ,
const std : : string & method_name ) ;
/**
* Formats and adds a xmlrpc_c : : value to oss .
*
* @ param v value to format
* @ param oss stream to write v
*/
2018-03-23 12:23:16 +03:00
static void log_xmlrpc_value ( const xmlrpc_c : : value & v , std : : ostringstream & oss , const int limit ) ;
// Default number of character to show in the log. Option %l<number>
const static int DEFAULT_LOG_LIMIT = 20 ;
2011-05-24 16:32:39 +04:00
} ;
2011-05-26 02:59:50 +04:00
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */
2011-05-24 16:32:39 +04:00
# endif //REQUEST_H_