Main Page
Related Pages
Modules
Namespaces
Namespace List
Namespace Members
All
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Functions
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Variables
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Typedefs
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
r
s
t
u
v
w
y
z
Enumerations
a
b
c
d
e
f
g
h
i
j
l
m
n
o
p
r
s
t
u
v
w
Enumerator
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
r
s
t
u
z
Classes
Class List
Class Hierarchy
Class Members
All
:
[
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
~
Functions
[
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
~
Variables
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Typedefs
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
r
s
t
u
v
w
y
Enumerations
a
b
c
d
e
f
h
i
k
l
m
n
o
p
r
s
t
u
v
w
Enumerator
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
z
Properties
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
r
s
t
u
v
w
Related Functions
:
a
b
c
d
e
f
g
h
i
j
l
m
n
o
p
q
r
s
t
u
v
w
z
Files
File List
File Members
All
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Functions
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
z
Variables
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Typedefs
_
a
b
c
d
e
f
g
h
i
k
l
m
n
o
p
q
r
s
t
u
v
w
x
z
Enumerations
_
a
b
c
d
e
f
g
h
i
k
l
m
n
o
p
r
s
t
u
v
w
x
Enumerator
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
r
s
t
u
v
w
x
Macros
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
grpc
src
core
lib
security
authorization
grpc_authorization_engine.cc
Go to the documentation of this file.
1
// Copyright 2021 gRPC authors.
2
//
3
// Licensed under the Apache License, Version 2.0 (the "License");
4
// you may not use this file except in compliance with the License.
5
// You may obtain a copy of the License at
6
//
7
// http://www.apache.org/licenses/LICENSE-2.0
8
//
9
// Unless required by applicable law or agreed to in writing, software
10
// distributed under the License is distributed on an "AS IS" BASIS,
11
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
// See the License for the specific language governing permissions and
13
// limitations under the License.
14
15
#include <
grpc/support/port_platform.h
>
16
17
#include "
src/core/lib/security/authorization/grpc_authorization_engine.h
"
18
19
#include <algorithm>
20
#include <map>
21
#include <utility>
22
23
#include "absl/memory/memory.h"
24
25
namespace
grpc_core
{
26
27
GrpcAuthorizationEngine::GrpcAuthorizationEngine
(
Rbac
policy)
28
: action_(policy.
action
) {
29
for
(
auto
& sub_policy : policy.
policies
) {
30
Policy
policy;
31
policy.
name
= sub_policy.first;
32
policy.
matcher
= absl::make_unique<PolicyAuthorizationMatcher>(
33
std::move
(sub_policy.second));
34
policies_
.push_back(
std::move
(policy));
35
}
36
}
37
38
GrpcAuthorizationEngine::GrpcAuthorizationEngine
(
39
GrpcAuthorizationEngine
&& other) noexcept
40
: action_(other.action_), policies_(
std::move
(other.policies_)) {}
41
42
GrpcAuthorizationEngine
&
GrpcAuthorizationEngine::operator=
(
43
GrpcAuthorizationEngine
&& other) noexcept {
44
action_ = other.
action_
;
45
policies_ =
std::move
(other.policies_);
46
return
*
this
;
47
}
48
49
AuthorizationEngine::Decision
GrpcAuthorizationEngine::Evaluate
(
50
const
EvaluateArgs
&
args
)
const
{
51
Decision
decision;
52
bool
matches =
false
;
53
for
(
const
auto
& policy :
policies_
) {
54
if
(policy.matcher->Matches(
args
)) {
55
matches =
true
;
56
decision.
matching_policy_name
= policy.name;
57
break
;
58
}
59
}
60
decision.
type
= (matches == (
action_
==
Rbac::Action::kAllow
))
61
?
Decision::Type::kAllow
62
: Decision::Type::kDeny;
63
return
decision;
64
}
65
66
}
// namespace grpc_core
grpc_core::EvaluateArgs
Definition:
evaluate_args.h:34
grpc_core::GrpcAuthorizationEngine::Policy::matcher
std::unique_ptr< AuthorizationMatcher > matcher
Definition:
grpc_authorization_engine.h:61
grpc_core::AuthorizationEngine::Decision::type
Type type
Definition:
authorization_engine.h:35
grpc_core
Definition:
call_metric_recorder.h:31
grpc_core::AuthorizationEngine::Decision
Definition:
authorization_engine.h:30
grpc_core::GrpcAuthorizationEngine::GrpcAuthorizationEngine
GrpcAuthorizationEngine(Rbac::Action action)
Definition:
grpc_authorization_engine.h:42
grpc_core::GrpcAuthorizationEngine::operator=
GrpcAuthorizationEngine & operator=(GrpcAuthorizationEngine &&other) noexcept
Definition:
grpc_authorization_engine.cc:42
grpc_core::GrpcAuthorizationEngine
Definition:
grpc_authorization_engine.h:39
asyncio_get_stats.args
args
Definition:
asyncio_get_stats.py:40
absl::move
constexpr absl::remove_reference_t< T > && move(T &&t) noexcept
Definition:
abseil-cpp/absl/utility/utility.h:221
grpc_core::GrpcAuthorizationEngine::Policy
Definition:
grpc_authorization_engine.h:59
grpc_core::GrpcAuthorizationEngine::Evaluate
Decision Evaluate(const EvaluateArgs &args) const override
Definition:
grpc_authorization_engine.cc:49
grpc_core::GrpcAuthorizationEngine::action_
Rbac::Action action_
Definition:
grpc_authorization_engine.h:63
grpc_core::Rbac
Definition:
rbac_policy.h:35
grpc_authorization_engine.h
client.action
action
Definition:
examples/python/xds/client.py:49
grpc_core::Rbac::policies
std::map< std::string, Policy > policies
Definition:
rbac_policy.h:173
testing::internal::kAllow
@ kAllow
Definition:
cares/cares/test/gmock-1.8.0/gmock/gmock.h:9540
grpc_core::Rbac::Action::kAllow
@ kAllow
grpc_core::GrpcAuthorizationEngine::policies_
std::vector< Policy > policies_
Definition:
grpc_authorization_engine.h:64
grpc_core::AuthorizationEngine::Decision::matching_policy_name
std::string matching_policy_name
Definition:
authorization_engine.h:36
grpc_core::GrpcAuthorizationEngine::Policy::name
std::string name
Definition:
grpc_authorization_engine.h:60
port_platform.h
grpc
Author(s):
autogenerated on Thu Mar 13 2025 02:59:47