[thirdparty/squid.git] / src / acl / Acl.h

/*
 * $Id$
 *
 *
 * SQUID Web Proxy Cache          http://www.squid-cache.org/
 * ----------------------------------------------------------
 *
 *  Squid is the result of efforts by numerous individuals from
 *  the Internet community; see the CONTRIBUTORS file for full
 *  details.   Many organizations have provided support for Squid's
 *  development; see the SPONSORS file for full details.  Squid is
 *  Copyrighted (C) 2001 by the Regents of the University of
 *  California; see the COPYRIGHT file for full details.  Squid
 *  incorporates software developed and/or copyrighted by other
 *  sources; see the CREDITS file for full details.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 *
 * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
 */

#ifndef SQUID_ACL_H
#define SQUID_ACL_H

#include "Array.h"
#include "cbdata.h"
#include "defines.h"
#include "dlink.h"
#include "MemPool.h"
#include "structs.h"

#if HAVE_OSTREAM
#include <ostream>
#endif

class ConfigParser;
class ACLChecklist;

/// \ingroup ACLAPI
class ACL
{

public:
    void *operator new(size_t);
    void operator delete(void *);

    static ACL *Factory (char const *);
    static void ParseAclLine(ConfigParser &parser, ACL ** head);
    static void Initialize();
    static ACL* FindByName(const char *name);

    ACL();
    virtual ~ACL();
    virtual ACL *clone()const = 0;
    virtual void parse() = 0;
    virtual char const *typeString() const = 0;
    virtual bool isProxyAuth() const;
    virtual bool requiresRequest() const;
    virtual bool requiresReply() const;
    virtual int match(ACLChecklist * checklist) = 0;
    virtual wordlist *dump() const = 0;
    virtual bool empty () const = 0;
    virtual bool valid () const;
    int checklistMatches(ACLChecklist *);

    int cacheMatchAcl(dlink_list * cache, ACLChecklist *);
    virtual int matchForCache(ACLChecklist *checklist);

    virtual void prepareForUse() {}

    char name[ACL_NAME_SZ];
    char *cfgline;
    ACL *next;

public:

    class Prototype
    {

    public:
        Prototype ();
        Prototype (ACL const *, char const *);
        ~Prototype();
        static bool Registered(char const *);
        static ACL *Factory (char const *);

    private:
        ACL const*prototype;
        char const *typeString;

    private:
        static Vector<Prototype const *> * Registry;
        static void *Initialized;
        typedef Vector<Prototype const*>::iterator iterator;
        typedef Vector<Prototype const*>::const_iterator const_iterator;
        void registerMe();
    };
};

/// \ingroup ACLAPI
typedef enum {
    // Authorization ACL result states
    ACCESS_DENIED,
    ACCESS_ALLOWED,
    ACCESS_DUNNO,

    // Authentication ACL result states
    ACCESS_AUTH_REQUIRED,    // Missing Credentials
} aclMatchCode;

/// \ingroup ACLAPI
/// ACL check answer; TODO: Rename to Acl::Answer
class allow_t
{
public:
    // not explicit: allow "aclMatchCode to allow_t" conversions (for now)
    allow_t(const aclMatchCode aCode): code(aCode), kind(0) {}

    allow_t(): code(ACCESS_DUNNO), kind(0) {}

    bool operator ==(const aclMatchCode aCode) const {
        return code == aCode;
    }

    bool operator !=(const aclMatchCode aCode) const {
        return !(*this == aCode);
    }

    operator aclMatchCode() const {
        return code;
    }

    aclMatchCode code; ///< ACCESS_* code
    int kind; ///< which custom access list verb matched
};

inline std::ostream &
operator <<(std::ostream &o, const allow_t a)
{
    switch (a) {
    case ACCESS_DENIED:
        o << "DENIED";
        break;
    case ACCESS_ALLOWED:
        o << "ALLOWED";
        break;
    case ACCESS_DUNNO:
        o << "DUNNO";
        break;
    case ACCESS_AUTH_REQUIRED:
        o << "AUTH_REQUIRED";
        break;
    }
    return o;
}

/// \ingroup ACLAPI
class acl_access
{

public:
    void *operator new(size_t);
    void operator delete(void *);
    allow_t allow;
    ACLList *aclList;
    char *cfgline;
    acl_access *next;

private:
    CBDATA_CLASS(acl_access);
};

/// \ingroup ACLAPI
class ACLList
{

public:
    MEMPROXY_CLASS(ACLList);

    ACLList();
    void negated(bool isNegated);
    bool matches (ACLChecklist *)const;
    int op;
    ACL *_acl;
    ACLList *next;
};

MEMPROXY_CLASS_INLINE(ACLList);

/// \ingroup ACLAPI
class acl_proxy_auth_match_cache
{

public:
    MEMPROXY_CLASS(acl_proxy_auth_match_cache);
    dlink_node link;
    int matchrv;
    void *acl_data;
};

MEMPROXY_CLASS_INLINE(acl_proxy_auth_match_cache);

/// \ingroup ACLAPI
extern const char *AclMatchedName;	/* NULL */

#endif /* SQUID_ACL_H */
Commit	Line	Data
b67e2c8c	1	/*
262a0e14	2	* $Id$
b67e2c8c	3	*
	4	*
	5	* SQUID Web Proxy Cache http://www.squid-cache.org/
	6	* ----------------------------------------------------------
	7	*
	8	* Squid is the result of efforts by numerous individuals from
	9	* the Internet community; see the CONTRIBUTORS file for full
	10	* details. Many organizations have provided support for Squid's
	11	* development; see the SPONSORS file for full details. Squid is
	12	* Copyrighted (C) 2001 by the Regents of the University of
	13	* California; see the COPYRIGHT file for full details. Squid
	14	* incorporates software developed and/or copyrighted by other
	15	* sources; see the CREDITS file for full details.
	16	*
	17	* This program is free software; you can redistribute it and/or modify
	18	* it under the terms of the GNU General Public License as published by
	19	* the Free Software Foundation; either version 2 of the License, or
	20	* (at your option) any later version.
26ac0430	21	*
b67e2c8c	22	* This program is distributed in the hope that it will be useful,
	23	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	24	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	25	* GNU General Public License for more details.
26ac0430	26	*
b67e2c8c	27	* You should have received a copy of the GNU General Public License
	28	* along with this program; if not, write to the Free Software
	29	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
	30	*
	31	*
	32	* Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
	33	*/
	34
	35	#ifndef SQUID_ACL_H
	36	#define SQUID_ACL_H
63be0a78	37
8000a965	38	#include "Array.h"
aa839030	39	#include "cbdata.h"
582c2af2	40	#include "defines.h"
25b6a907	41	#include "dlink.h"
582c2af2 FC	42	#include "MemPool.h"
582c2af2 FC	43	#include "structs.h"
29b17d63	44
b1a20197 AJ	45	#if HAVE_OSTREAM
	46	#include <ostream>
	47	#endif
	48
a9f20260	49	class ConfigParser;
c15d448c	50	class ACLChecklist;
8000a965	51
63be0a78	52	/// \ingroup ACLAPI
62e76326	53	class ACL
	54	{
	55
	56	public:
29b17d63	57	void *operator new(size_t);
29b17d63	58	void operator delete(void *);
8000a965	59
8000a965	60	static ACL Factory (char const );
a9f20260	61	static void ParseAclLine(ConfigParser &parser, ACL ** head);
b0dd28ba	62	static void Initialize();
225b7b10	63	static ACL* FindByName(const char *name);
225b7b10	64
8000a965	65	ACL();
8000a965	66	virtual ~ACL();
b0dd28ba	67	virtual ACL *clone()const = 0;
	68	virtual void parse() = 0;
	69	virtual char const *typeString() const = 0;
8000a965	70	virtual bool isProxyAuth() const;
8000a965	71	virtual bool requiresRequest() const;
b0dd28ba	72	virtual bool requiresReply() const;
b0dd28ba	73	virtual int match(ACLChecklist * checklist) = 0;
b0dd28ba	74	virtual wordlist *dump() const = 0;
4b0f5de8	75	virtual bool empty () const = 0;
4b0f5de8	76	virtual bool valid () const;
8000a965	77	int checklistMatches(ACLChecklist *);
62e76326	78
225b7b10	79	int cacheMatchAcl(dlink_list * cache, ACLChecklist *);
225b7b10	80	virtual int matchForCache(ACLChecklist *checklist);
8000a965	81
b0dd28ba	82	virtual void prepareForUse() {}
b0dd28ba	83
8000a965	84	char name[ACL_NAME_SZ];
	85	char *cfgline;
	86	ACL *next;
62e76326	87
62e76326	88	public:
	89
	90	class Prototype
	91	{
	92
	93	public:
	94	Prototype ();
	95	Prototype (ACL const , char const );
	96	~Prototype();
	97	static bool Registered(char const *);
	98	static ACL Factory (char const );
	99
	100	private:
	101	ACL const*prototype;
	102	char const *typeString;
	103
	104	private:
	105	static Vector<Prototype const > Registry;
	106	static void *Initialized;
	107	typedef Vector<Prototype const*>::iterator iterator;
	108	typedef Vector<Prototype const*>::const_iterator const_iterator;
	109	void registerMe();
8000a965	110	};
29b17d63	111	};
29b17d63	112
b50e327b AJ	113	/// \ingroup ACLAPI
b50e327b AJ	114	typedef enum {
7dfddb79	115	// Authorization ACL result states
b50e327b AJ	116	ACCESS_DENIED,
b50e327b AJ	117	ACCESS_ALLOWED,
2efeb0b7	118	ACCESS_DUNNO,
7dfddb79 AJ	119
7dfddb79 AJ	120	// Authentication ACL result states
7dfddb79	121	ACCESS_AUTH_REQUIRED, // Missing Credentials
f5f2ec03 AR	122	} aclMatchCode;
	123
	124	/// \ingroup ACLAPI
	125	/// ACL check answer; TODO: Rename to Acl::Answer
87f237a9 A	126	class allow_t
87f237a9 A	127	{
f5f2ec03 AR	128	public:
	129	// not explicit: allow "aclMatchCode to allow_t" conversions (for now)
	130	allow_t(const aclMatchCode aCode): code(aCode), kind(0) {}
	131
	132	allow_t(): code(ACCESS_DUNNO), kind(0) {}
	133
	134	bool operator ==(const aclMatchCode aCode) const {
	135	return code == aCode;
	136	}
	137
	138	bool operator !=(const aclMatchCode aCode) const {
	139	return !(*this == aCode);
	140	}
	141
	142	operator aclMatchCode() const {
	143	return code;
	144	}
	145
	146	aclMatchCode code; ///< ACCESS_* code
	147	int kind; ///< which custom access list verb matched
	148	};
	149
b1a20197 AJ	150	inline std::ostream &
	151	operator <<(std::ostream &o, const allow_t a)
	152	{
11796ba9	153	switch (a) {
b1a20197 AJ	154	case ACCESS_DENIED:
	155	o << "DENIED";
	156	break;
	157	case ACCESS_ALLOWED:
	158	o << "ALLOWED";
	159	break;
	160	case ACCESS_DUNNO:
	161	o << "DUNNO";
	162	break;
	163	case ACCESS_AUTH_REQUIRED:
	164	o << "AUTH_REQUIRED";
	165	break;
b1a20197 AJ	166	}
	167	return o;
	168	}
	169
63be0a78	170	/// \ingroup ACLAPI
62e76326	171	class acl_access
	172	{
	173
	174	public:
8000a965	175	void *operator new(size_t);
8000a965	176	void operator delete(void *);
8000a965	177	allow_t allow;
76cd39d7	178	ACLList *aclList;
8000a965	179	char *cfgline;
8000a965	180	acl_access *next;
62e76326	181
62e76326	182	private:
8000a965	183	CBDATA_CLASS(acl_access);
	184	};
	185
63be0a78	186	/// \ingroup ACLAPI
62e76326	187	class ACLList
	188	{
	189
	190	public:
b001e822	191	MEMPROXY_CLASS(ACLList);
8000a965	192
	193	ACLList();
	194	void negated(bool isNegated);
	195	bool matches (ACLChecklist *)const;
	196	int op;
97427e90	197	ACL *_acl;
8000a965	198	ACLList *next;
8000a965	199	};
b67e2c8c	200
63be0a78	201	MEMPROXY_CLASS_INLINE(ACLList);
b001e822	202
63be0a78	203	/// \ingroup ACLAPI
25b6a907	204	class acl_proxy_auth_match_cache
	205	{
	206
	207	public:
	208	MEMPROXY_CLASS(acl_proxy_auth_match_cache);
	209	dlink_node link;
	210	int matchrv;
	211	void *acl_data;
	212	};
	213
	214	MEMPROXY_CLASS_INLINE(acl_proxy_auth_match_cache);
	215
c15d448c AR	216	/// \ingroup ACLAPI
	217	extern const char AclMatchedName; / NULL */
	218
b67e2c8c	219	#endif /* SQUID_ACL_H */