ARPA2 Common Libraries  2.6.2
Macros | Typedefs
Collaboration diagram for Access Types:

Macros

#define ACCESS_RIGHT(c)   ( 1 << (c - 'A') )
 Map an uppercase letter to an Access Right. More...
 
#define ACCESS_ADMIN   ACCESS_RIGHT('A')
 
#define ACCESS_SERVICE   ACCESS_RIGHT('S')
 
#define ACCESS_CONFIG   ACCESS_RIGHT('F')
 
#define ACCESS_OPERATE   ACCESS_RIGHT('T')
 
#define ACCESS_DELETE   ACCESS_RIGHT('D')
 
#define ACCESS_CREATE   ACCESS_RIGHT('C')
 
#define ACCESS_EXECUTE   ACCESS_RIGHT('X')
 
#define ACCESS_WRITE   ACCESS_RIGHT('W')
 
#define ACCESS_READ   ACCESS_RIGHT('R')
 
#define ACCESS_PROVE   ACCESS_RIGHT('P')
 
#define ACCESS_KNOW   ACCESS_RIGHT('K')
 
#define ACCESS_OWNER   ACCESS_RIGHT('O')
 
#define ACCESS_VISITOR   ACCESS_RIGHT('V')
 
#define ACCESS_FORBIDDEN   0
 
#define ACCESS_ADMIN_UP   ( ACCESS_ADMIN | 0 )
 
#define ACCESS_SERVICE_UP   ( ACCESS_SERVICE | ACCESS_ADMIN_UP )
 
#define ACCESS_CONFIG_UP   ( ACCESS_CONFIG | ACCESS_SERVICE_UP )
 
#define ACCESS_OPERATE_UP   ( ACCESS_OPERATE | ACCESS_CONFIG_UP )
 
#define ACCESS_DELETE_UP   ( ACCESS_DELETE | ACCESS_OPERATE_UP )
 
#define ACCESS_CREATE_UP   ( ACCESS_CREATE | ACCESS_DELETE_UP )
 
#define ACCESS_EXECUTE_UP   ( ACCESS_EXECUTE | ACCESS_CREATE_UP )
 
#define ACCESS_WRITE_UP   ( ACCESS_WRITE | ACCESS_EXECUTE_UP )
 
#define ACCESS_READ_UP   ( ACCESS_READ | ACCESS_WRITE_UP )
 
#define ACCESS_PROVE_UP   ( ACCESS_PROVE | ACCESS_READ_UP )
 
#define ACCESS_KNOW_UP   ( ACCESS_KNOW | ACCESS_PROVE_UP )
 
#define ACCESS_OWNER_UP   ( ACCESS_OWNER | ACCESS_KNOW_UP )
 
#define ACCESS_VISITOR_UP   ( ACCESS_VISITOR | ACCESS_OWNER_UP )
 
#define ACCESS_ADMIN_DOWN   ( ACCESS_ADMIN | ACCESS_SERVICE_DOWN )
 
#define ACCESS_SERVICE_DOWN   ( ACCESS_SERVICE | ACCESS_CONFIG_DOWN )
 
#define ACCESS_CONFIG_DOWN   ( ACCESS_CONFIG | ACCESS_OPERATE_DOWN )
 
#define ACCESS_OPERATE_DOWN   ( ACCESS_OPERATE | ACCESS_DELETE_DOWN )
 
#define ACCESS_DELETE_DOWN   ( ACCESS_DELETE | ACCESS_CREATE_DOWN )
 
#define ACCESS_CREATE_DOWN   ( ACCESS_CREATE | ACCESS_EXECUTE_DOWN )
 
#define ACCESS_EXECUTE_DOWN   ( ACCESS_EXECUTE | ACCESS_WRITE_DOWN )
 
#define ACCESS_WRITE_DOWN   ( ACCESS_WRITE | ACCESS_READ_DOWN )
 
#define ACCESS_READ_DOWN   ( ACCESS_READ | ACCESS_PROVE_DOWN )
 
#define ACCESS_PROVE_DOWN   ( ACCESS_PROVE | ACCESS_KNOW_DOWN )
 
#define ACCESS_KNOW_DOWN   ( ACCESS_KNOW | ACCESS_OWNER_DOWN )
 
#define ACCESS_OWNER_DOWN   ( ACCESS_OWNER | ACCESS_VISITOR_DOWN )
 
#define ACCESS_VISITOR_DOWN   ( ACCESS_VISITOR | 0 )
 

Typedefs

typedef rules_domain access_domain
 Access Domains are UTF-8 representations of a Fully Qualified Domain Name. More...
 
typedef rules_type access_type
 Access Types are 128-bit "well-known service identities". More...
 
typedef rules_name access_name
 Access Names represent instances of an Access Type. More...
 
typedef rules_flags access_rights
 Access Rights in a bit mask. More...
 

Detailed Description

Access defines a number of types. Several of them are taken from a lower layer, namely the Rules. This lower layer is more abstract and we redefine or wrap several of these lower types to form higher-level concepts.

Macro Definition Documentation

◆ ACCESS_RIGHT

#define ACCESS_RIGHT (   c)    ( 1 << (c - 'A') )

Map an uppercase letter to an Access Right.

Use bit 0 for 'A', bit 1 for 'B' and so on. Only capital letters are mapped, and the caller should be certain not to map anything else to a Rules Flag.

This definition is the same as RULES_FLAG().

Typedef Documentation

◆ access_domain

Access Domains are UTF-8 representations of a Fully Qualified Domain Name.

These names have no initial or trailing dots, they have at least one inner dot and they have been mapped from the DNS wire format Punycode for international names to UTF-8. The wire form was a valid DNS name.

Note the value of this mapping: Code should have only one form to deal with, and Punycode is both specific to one protocol and confusing. It also cannot be processed like any other internationalised code. So we choose an internal form that maps to a standard form.

See A2ID_BUFSIZE for a discussion of the size that a domain in this form can take. This is normally supported as part of the a2id_t and a2sel_t definitions in ARPA2 software.

The NULL value is invalid as an Access Domain. This means that software can use it to indicate absense of a domain in places where it accepts optional parameters.

This definition is the same as for rules_domain. It can be stored in LDAP as an accessDomain attribute.

◆ access_name

Access Names represent instances of an Access Type.

Where the Access Type is "well-known", it is instantiated by an access_domain and this Access Name. The general Access Name format is a UTF-8 string with a NUL terminator, but its format is defined by the Access Type.

The purpose of the Access Name is to allow generic software to fill it, perhaps with user-supplied templates or regular expressions taking content from an application's context. This allows the generation of an Access Name even in applications that are not aware of the semantics of an Access Type. As an example, a generic web server may take elements from the path and/or query paramters and use those in a string templated that is printed into an environment variable to be supplied to some software for Access Control.

The value NULL is not a proper access_name. Depending on the definition for the given access_type, an empty string may be a valid form. Note that this means that NULL can be used to indicate absense of an Rules Name in places where software can optionally handle Rules Names.

This definition is the same as for rules_name.

◆ access_rights

Access Rights in a bit mask.

Access may set Rights named A through Z in short FLAGS words. Encode A in bit 0 through Z in bit 25 of a 32-bit unsigned integer.

This definition is the same as rules_flags.

◆ access_type

Access Types are 128-bit "well-known service identities".

We write an Access Type in UUID form, but code that prepares for taking it up use the canonical form of 16 bytes of which the UUID shows the per-byte hex form with a couple of dashes. These 16 bytes are used in message digests.

The Access Type serves as a "well-known identifier" for a class of uses. For instance, we might have one for the idea of "file storage" that could span many application areas but be the same across vendors and protocols and software suites. Or we might have one for "git access", regardless of the method being SSH, HTTPS, local file system or other.

Access Types need further refinment to properly localise them. First of all, the rules_domain has to be distinguished, so policy rights assigned in one domain cannot pass over to another domain. Furthermore, every Access Types defines a UTF-8 string format for an access_name that can distinguish instances within the well-known class below the domain. In the Git example, the Access Name could be a name for a repository.

The all-zero value is not a valid access_type. This means that zeroing an rules_type will not cause presumptious use of a valid access_type.

This definition is the same as for rules_type.