pacemaker  2.1.5-b7adf64e51
Scalable High-Availability cluster resource manager
Macros | Functions
pcmk_acl.c File Reference
#include <crm_internal.h>
#include <stdio.h>
#include <sys/types.h>
#include <pwd.h>
#include <string.h>
#include <stdlib.h>
#include <stdarg.h>
#include <libxml/parser.h>
#include <libxml/tree.h>
#include <libxml/xpath.h>
#include <libxslt/transform.h>
#include <libxslt/variables.h>
#include <libxslt/xsltutils.h>
#include <crm/crm.h>
#include <crm/msg_xml.h>
#include <crm/common/xml.h>
#include <crm/common/xml_internal.h>
#include <crm/common/internal.h>
#include <pacemaker-internal.h>
Include dependency graph for pcmk_acl.c:

Go to the source code of this file.

Macros

#define ACL_NS_PREFIX   "http://clusterlabs.org/ns/pacemaker/access/"
 
#define ACL_NS_Q_PREFIX   "pcmk-access-"
 
#define ACL_NS_Q_WRITABLE   (const xmlChar *) ACL_NS_Q_PREFIX "writable"
 
#define ACL_NS_Q_READABLE   (const xmlChar *) ACL_NS_Q_PREFIX "readable"
 
#define ACL_NS_Q_DENIED   (const xmlChar *) ACL_NS_Q_PREFIX "denied"
 

Functions

int pcmk__acl_annotate_permissions (const char *cred, xmlDoc *cib_doc, xmlDoc **acl_evaled_doc)
 Mark CIB with namespace-encoded result of ACLs eval'd per credential. More...
 
int pcmk__acl_evaled_render (xmlDoc *annotated_doc, enum pcmk__acl_render_how how, xmlChar **doc_txt_ptr)
 

Macro Definition Documentation

◆ ACL_NS_PREFIX

#define ACL_NS_PREFIX   "http://clusterlabs.org/ns/pacemaker/access/"

Definition at line 34 of file pcmk_acl.c.

◆ ACL_NS_Q_DENIED

#define ACL_NS_Q_DENIED   (const xmlChar *) ACL_NS_Q_PREFIX "denied"

Definition at line 38 of file pcmk_acl.c.

◆ ACL_NS_Q_PREFIX

#define ACL_NS_Q_PREFIX   "pcmk-access-"

Definition at line 35 of file pcmk_acl.c.

◆ ACL_NS_Q_READABLE

#define ACL_NS_Q_READABLE   (const xmlChar *) ACL_NS_Q_PREFIX "readable"

Definition at line 37 of file pcmk_acl.c.

◆ ACL_NS_Q_WRITABLE

#define ACL_NS_Q_WRITABLE   (const xmlChar *) ACL_NS_Q_PREFIX "writable"

Definition at line 36 of file pcmk_acl.c.

Function Documentation

◆ pcmk__acl_annotate_permissions()

int pcmk__acl_annotate_permissions ( const char *  cred,
xmlDoc *  cib_doc,
xmlDoc **  acl_evaled_doc 
)

Mark CIB with namespace-encoded result of ACLs eval'd per credential.

Parameters
[in]cred_typecredential type that cred represents
[in]credcredential whose ACL perspective to switch to
[in]cib_docXML document representing CIB
[out]acl_evaled_docXML document representing CIB, with said namespace-based annotations throughout
Returns
A standard Pacemaker return code Namely:
  • pcmk_rc_ok upon success,
  • pcmk_rc_already if ACLs were not applicable,
  • pcmk_rc_schema_validation if the validation schema version is unsupported (see note), or
  • EINVAL or ENOMEM as appropriate;
Note
Only supported schemas are those following acls-2.0.rng, that is, those validated with pacemaker-2.0.rng and newer.

Definition at line 188 of file pcmk_acl.c.

◆ pcmk__acl_evaled_render()

int pcmk__acl_evaled_render ( xmlDoc *  annotated_doc,
enum pcmk__acl_render_how  how,
xmlChar **  doc_txt_ptr 
)

Definition at line 243 of file pcmk_acl.c.