![[bottom]](../icons/bottom.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[first]](../icons/n_first.png){kind=icon}
![[last]](../icons/n_last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
1 /*
2 * Copyright 2004-2024 the Pacemaker project contributors
3 *
4 * The version control history for this file may have further details.
5 *
6 * This source code is licensed under the GNU Lesser General Public License
7 * version 2.1 or later (LGPLv2.1+) WITHOUT ANY WARRANTY.
8 */
9 #ifndef PCMK__PCMKI_PCMKI_ACL__H
10 #define PCMK__PCMKI_PCMKI_ACL__H
11
12 #include <crm/common/xml.h>
13
14 #ifdef __cplusplus
15 extern "C" {
16 #endif
17
18 // How ACLs can be displayed (for cibadmin --show-access)
19 enum pcmk__acl_render_how {
20 pcmk__acl_render_none = 0,
21 pcmk__acl_render_namespace,
22 pcmk__acl_render_text,
23 pcmk__acl_render_color,
24 pcmk__acl_render_default,
25 };
26
27 // Minimum CIB schema version that can be used to annotate and display ACLs
28 #define PCMK__COMPAT_ACL_2_MIN_INCL "pacemaker-2.0"
29
30 /*!
31 * \brief Annotate CIB with XML namespaces indicating ACL evaluation results
32 *
33 * \param[in] cred Credential whose ACL perspective to switch to
34 * \param[in] cib_doc CIB XML to annotate
35 * \param[out] acl_evaled_doc Where to store annotated CIB XML
36 *
37 * \return A standard Pacemaker return code (pcmk_rc_ok on success,
38 * pcmk_rc_already if ACLs were not applicable,
39 * pcmk_rc_schema_validation if the validation schema version
40 * is unsupported, or EINVAL or ENOMEM when appropriate.
41 * \note This supports CIBs validated with the pacemaker-2.0 schema or newer.
42 */
43 int pcmk__acl_annotate_permissions(const char *cred, const xmlDoc *cib_doc,
44 xmlDoc **acl_evaled_doc);
45
46 /*!
47 * \internal
48 * \brief Create a string representation of a CIB showing ACL evaluation results
49 *
50 * \param[in,out] annotated_doc XML annotated by pcmk__acl_annotate_permissions
51 * \param[in] how Desired rendering
52 * \param[out] doc_txt_ptr Where to put the final outcome string
53 *
54 * \return A standard Pacemaker return code
55 *
56 * \note This function will free \p annotated_doc, which should not be used
57 * after calling this function.
58 * \todo This function could use more extensive testing for resource leaks.
59 */
60 int pcmk__acl_evaled_render(xmlDoc *annotated_doc, enum pcmk__acl_render_how,
61 xmlChar **doc_txt_ptr);
62
63 #ifdef __cplusplus
64 }
65 #endif
66
67 #endif // PCMK__PCMKI_PCMKI_ACL__H
![[top]](../icons/top.png){kind=icon}
![[bottom]](../icons/n_bottom.png){kind=icon}
*/