| 12
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114
 115
 116
 117
 118
 119
 120
 121
 122
 123
 124
 125
 126
 127
 128
 129
 130
 131
 132
 133
 134
 135
 136
 137
 138
 139
 140
 141
 142
 143
 144
 145
 146
 147
 148
 149
 150
 151
 152
 153
 154
 155
 156
 157
 158
 159
 160
 161
 162
 163
 164
 165
 166
 167
 168
 169
 170
 171
 172
 173
 174
 175
 176
 177
 178
 179
 180
 181
 182
 183
 184
 185
 186
 187
 188
 189
 190
 191
 192
 193
 194
 195
 196
 197
 198
 199
 200
 201
 202
 203
 204
 205
 206
 207
 208
 209
 210
 211
 212
 213
 214
 215
 216
 217
 218
 219
 220
 221
 222
 223
 224
 225
 226
 227
 228
 229
 230
 231
 232
 233
 234
 235
 236
 237
 238
 239
 240
 241
 242
 243
 244
 245
 246
 247
 248
 249
 250
 251
 252
 253
 254
 255
 256
 257
 258
 259
 260
 261
 262
 263
 264
 265
 266
 267
 268
 269
 270
 271
 272
 273
 274
 275
 276
 277
 278
 279
 280
 281
 282
 283
 284
 285
 286
 287
 288
 289
 290
 291
 292
 293
 294
 295
 296
 297
 298
 299
 300
 301
 302
 303
 304
 305
 306
 307
 308
 309
 310
 311
 312
 313
 314
 315
 316
 317
 318
 319
 320
 321
 322
 323
 324
 325
 326
 327
 328
 329
 330
 331
 332
 333
 334
 335
 336
 337
 338
 339
 340
 341
 342
 343
 344
 345
 346
 347
 348
 349
 350
 351
 352
 353
 354
 355
 356
 357
 358
 359
 360
 361
 362
 363
 364
 365
 366
 367
 368
 369
 370
 371
 372
 373
 374
 375
 376
 377
 378
 379
 380
 381
 382
 383
 384
 385
 386
 387
 388
 389
 390
 391
 392
 393
 394
 395
 396
 397
 398
 399
 400
 401
 
 | /*----- PROTECTED REGION ID(TangoAccessControl.h) ENABLED START -----*/
//=============================================================================
//
// file :        TangoAccessControl.h
//
// description : Include for the TangoAccessControl class.
//
// project :     Tango Access Control Management.
//
//
// Copyright (C) :      2004,2005,2006,2007,2008,2009,2010,2011,2012,2013,2014
//						European Synchrotron Radiation Facility
//                      BP 220, Grenoble 38043
//                      FRANCE
//
// This file is part of Tango.
//
// Tango is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// 
// Tango is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
// 
// You should have received a copy of the GNU General Public License
// along with Tango.  If not, see <http://www.gnu.org/licenses/>.
//
//
// $Author$
//
// $Revision$
// $Date$
//
//=============================================================================
//                This file is generated by POGO
//        (Program Obviously used to Generate tango Object)
//=============================================================================
#ifndef TANGOACCESSCONTROL_H
#define TANGOACCESSCONTROL_H
#include <tango/tango.h>
#include "AccessControl.h"
#include <mysql.h>
#ifndef LIBMARIADB
#if MYSQL_VERSION_ID >= 80001
typedef bool my_bool;
#endif
#endif
#define	CONTROL_SYSTEM				"CtrlSystem"
#define SERVICE_PROP_NAME			"Services"
#define ServiceName					"AccessControl"
#define InatanceName				"tango"
 
#define AC_SQLError 				"AC_SQLError"
#define AC_IncorrectArguments		"AC_IncorrectArguments"
#define AC_AlreadyExists			"AC_AlreadyExists"
#define	STARTER_DEVNAME_HEADER	"tango/admin/"
typedef struct {
	std::string	user;
	std::string	device;
	std::string	address;
	std::string	rights;
}
AccessStruct;
//	Define time measuremnt type (depends on OS)
#ifndef WIN32
#	define	TimeVal	struct timeval
#	define	GetTime(t)	gettimeofday(&t, NULL);
#	define	Elapsed(before, after)	\
		1000.0*(after.tv_sec-before.tv_sec) + \
		((double)after.tv_usec-before.tv_usec) / 1000
#else
static LARGE_INTEGER	cpu_freq;
#	define	TimeVal	LARGE_INTEGER
#	define	GetTime(t)	w_gettimeofday(&t);
#	define	Elapsed(before, after)		\
		(cpu_freq.QuadPart==0) ? 0.0 :	\
			(double) (after.QuadPart - before.QuadPart)/cpu_freq.QuadPart * 1000;
#endif	/*	WIN32		*/
/*----- PROTECTED REGION END -----*/	//	TangoAccessControl.h
/**
 *  TangoAccessControl class description:
 *    This class is a conceate class inherited from AccessControl abstract class.<Br>
 *    <Br>
 *    This class defines how to manage the TANGO access control.<Br>
 *    It implements commands for tool to defines access for users, devices and IP addresses.<Br>
 *    It implements also commands used by client API to check access for specified user, device and address.<Br>
 *    And it implements register and unregister it as TANGO service.
 */
namespace TangoAccessControl_ns
{
/*----- PROTECTED REGION ID(TangoAccessControl::Additional Class Declarations) ENABLED START -----*/
		//		Additional Class Declarations
class DummyDev: public Tango::Connection
{
public:
	DummyDev():Tango::Connection(true) {};
	virtual std::string get_corba_name(bool) {std::string str;return str;}
	virtual std::string build_corba_name() {std::string str;return str;}
	virtual int get_lock_ctr() {return 0;}
	virtual void set_lock_ctr(int) {};
	virtual std::string dev_name() {std::string str;return str;}
	int get_env_var(const char *cc,std::string &str_ref) {return Tango::Connection::get_env_var(cc,str_ref);}
};
	/*----- PROTECTED REGION END -----*/	//	TangoAccessControl::Additional Class Declarations
class TangoAccessControl : public AccessControl_ns::AccessControl
{
/*----- PROTECTED REGION ID(TangoAccessControl::Data Members) ENABLED START -----*/
	//		Add your own data members
public:
	/*----- PROTECTED REGION END -----*/	//	TangoAccessControl::Data Members
//	Constructors and destructors
public:
	/**
	 * Constructs a newly device object.
	 *
	 *	@param cl	Class.
	 *	@param s 	Device Name
	 */
	TangoAccessControl(Tango::DeviceClass *cl,std::string &s);
	/**
	 * Constructs a newly device object.
	 *
	 *	@param cl	Class.
	 *	@param s 	Device Name
	 */
	TangoAccessControl(Tango::DeviceClass *cl,const char *s);
	/**
	 * Constructs a newly device object.
	 *
	 *	@param cl	Class.
	 *	@param s 	Device name
	 *	@param d	Device description.
	 */
	TangoAccessControl(Tango::DeviceClass *cl,const char *s,const char *d);
	/**
	 * The device object destructor.
	 */
	~TangoAccessControl() {delete_device();};
//	Miscellaneous methods
public:
	/*
	 *	will be called at device destruction or at init command.
	 */
	void delete_device();
	/*
	 *	Initialize the device
	 */
	virtual void init_device();
	/*
	 *	Always executed method before execution command method.
	 */
	virtual void always_executed_hook();
//	Attribute methods
public:
	//--------------------------------------------------------
	/*
	 *	Method      : TangoAccessControl::read_attr_hardware()
	 *	Description : Hardware acquisition for attributes.
	 */
	//--------------------------------------------------------
	virtual void read_attr_hardware(std::vector<long> &attr_list);
	//--------------------------------------------------------
	/**
	 *	Method      : TangoAccessControl::add_dynamic_attributes()
	 *	Description : Add dynamic attributes if any.
	 */
	//--------------------------------------------------------
	void add_dynamic_attributes();
//	Command related methods
public:
	/**
	 *	Command AddAddressForUser related method
	 *	Description: Add an address for the specified user..
	 *
	 *	@param argin user name, address
	 */
	virtual void add_address_for_user(const Tango::DevVarStringArray *argin);
	virtual bool is_AddAddressForUser_allowed(const CORBA::Any &any);
	/**
	 *	Command AddDeviceForUser related method
	 *	Description: Add a device and rights for the specified user..
	 *
	 *	@param argin user name, device adn value
	 */
	virtual void add_device_for_user(const Tango::DevVarStringArray *argin);
	virtual bool is_AddDeviceForUser_allowed(const CORBA::Any &any);
	/**
	 *	Command CloneUser related method
	 *	Description: Copy addresses and devices from source user to target user.
	 *
	 *	@param argin [0] - source user name.\n[1] - target user name.
	 */
	virtual void clone_user(const Tango::DevVarStringArray *argin);
	virtual bool is_CloneUser_allowed(const CORBA::Any &any);
	/**
	 *	Command GetAccess related method
	 *	Description: Check access for specified user, device, address
	 *                    and returns access (read or write).
	 *
	 *	@param argin [0] - User name
	 *               [1] - IP Address
	 *               [2] - Device
	 *	@returns access for specified inputs  read/write.
	 */
	virtual Tango::DevString get_access(const Tango::DevVarStringArray *argin);
	virtual bool is_GetAccess_allowed(const CORBA::Any &any);
	/**
	 *	Command GetAccessForMultiIP related method
	 *	Description: Check access for specified user, device and addresses
	 *                    and returns access (read or write).
	 *
	 *	@param argin [0] - User name
	 *               [1] - Device
	 *               [2] - IP Address #1
	 *               [3] - IP Address #2
	 *               [4] - IP Address #3
	 *               [5] - IP Address #4
	 *               ......
	 *	@returns access for specified inputs  read/write.
	 */
	virtual Tango::DevString get_access_for_multi_ip(const Tango::DevVarStringArray *argin);
	virtual bool is_GetAccessForMultiIP_allowed(const CORBA::Any &any);
	/**
	 *	Command GetAddressByUser related method
	 *	Description: Returns address list  found for the specified user.
	 *
	 *	@param argin user name.
	 *	@returns Addresses found for the specified user.
	 */
	virtual Tango::DevVarStringArray *get_address_by_user(Tango::DevString argin);
	virtual bool is_GetAddressByUser_allowed(const CORBA::Any &any);
	/**
	 *	Command GetAllowedCommandClassList related method
	 *	Description: Returns the class names which have AllowedAccessCmd property defined.
	 *
	 *	@returns Class names which have AllowedAccessCmd property defined.
	 */
	virtual Tango::DevVarStringArray *get_allowed_command_class_list();
	virtual bool is_GetAllowedCommandClassList_allowed(const CORBA::Any &any);
	/**
	 *	Command GetAllowedCommands related method
	 *	Description: Returns allowed command list found in database for specified device
	 *               It search the class of the specified device and then uses the class property <b>AllowedAccessCmd</b>
	 *
	 *	@param argin Device name OR Device Class name
	 *	@returns Allowed commands found in database for specified device
	 */
	virtual Tango::DevVarStringArray *get_allowed_commands(Tango::DevString argin);
	virtual bool is_GetAllowedCommands_allowed(const CORBA::Any &any);
	/**
	 *	Command GetDeviceByUser related method
	 *	Description: Returns devices and rights found for the specified user.
	 *
	 *	@param argin user name.
	 *	@returns devices and rights found for the specified user.
	 */
	virtual Tango::DevVarStringArray *get_device_by_user(Tango::DevString argin);
	virtual bool is_GetDeviceByUser_allowed(const CORBA::Any &any);
	/**
	 *	Command GetDeviceClass related method
	 *	Description: Returns class for specified device.
	 *
	 *	@param argin Device name
	 *	@returns Class found in database for specified device
	 */
	virtual Tango::DevString get_device_class(Tango::DevString argin);
	virtual bool is_GetDeviceClass_allowed(const CORBA::Any &any);
	/**
	 *	Command GetUsers related method
	 *	Description: Returns user list found in table access_address.
	 *
	 *	@returns Users find in table access_address.
	 */
	virtual Tango::DevVarStringArray *get_users();
	virtual bool is_GetUsers_allowed(const CORBA::Any &any);
	/**
	 *	Command RegisterService related method
	 *	Description: Register device as a TANGO service.
	 *
	 */
	virtual void register_service();
	virtual bool is_RegisterService_allowed(const CORBA::Any &any);
	/**
	 *	Command RemoveAddressForUser related method
	 *	Description: Remove an address for the specified user..
	 *
	 *	@param argin user name, address
	 */
	virtual void remove_address_for_user(const Tango::DevVarStringArray *argin);
	virtual bool is_RemoveAddressForUser_allowed(const CORBA::Any &any);
	/**
	 *	Command RemoveDeviceForUser related method
	 *	Description: Remove a device and its rights for the specified user..
	 *
	 *	@param argin user name, device and value
	 */
	virtual void remove_device_for_user(const Tango::DevVarStringArray *argin);
	virtual bool is_RemoveDeviceForUser_allowed(const CORBA::Any &any);
	/**
	 *	Command RemoveUser related method
	 *	Description: Remove all records for specified user.
	 *
	 *	@param argin user name
	 */
	virtual void remove_user(Tango::DevString argin);
	virtual bool is_RemoveUser_allowed(const CORBA::Any &any);
	/**
	 *	Command UnregisterService related method
	 *	Description: Unregister device as a TANGO service.
	 *
	 */
	virtual void unregister_service();
	virtual bool is_UnregisterService_allowed(const CORBA::Any &any);
	//--------------------------------------------------------
	/**
	 *	Method      : TangoAccessControl::add_dynamic_commands()
	 *	Description : Add dynamic commands if any.
	 */
	//--------------------------------------------------------
	void add_dynamic_commands();
/*----- PROTECTED REGION ID(TangoAccessControl::Additional Method prototypes) ENABLED START -----*/
	//	Additional Method prototypes
protected :	
	MYSQL mysql;
	std::string         removeFQDN(std::string s);
	void           mysql_connection();
	void           simple_query(std::string sql_query,const char *method);
	MYSQL_RES     *query(std::string sql_query,const char *method);
	std::vector<std::string> get_dev_members(std::string &devname);
	std::vector<std::string> get_ip_add_members(std::string &devname);
	std::vector<AccessStruct>
		get_access_for_user_address(std::string &user, std::string &ip_add);
	std::string get_access_for_user_device(std::string &user, std::string &device);
	std::string get_rigths(std::vector<AccessStruct> as, std::vector<std::string> members);
	bool match(std::string expression, std::string member);
	void register_service(std::string servicename, std::string instname, std::string devname);
	void unregister_service(std::string servicename, std::string instname, std::string devname);
	/*----- PROTECTED REGION END -----*/	//	TangoAccessControl::Additional Method prototypes
};
/*----- PROTECTED REGION ID(TangoAccessControl::Additional Classes Definitions) ENABLED START -----*/
	//	Additional Classes definitions
	/*----- PROTECTED REGION END -----*/	//	TangoAccessControl::Additional Classes Definitions
}	//	End of namespace
#endif   //	TangoAccessControl_H
 |