/proc/self/cwd/source/extensions/filters/common/rbac/engine.h

Source
#pragma once

#include "envoy/http/filter.h"
#include "envoy/http/header_map.h"
#include "envoy/network/connection.h"
#include "envoy/stream_info/stream_info.h"

namespace Envoy {
namespace Extensions {
namespace Filters {
namespace Common {
namespace RBAC {

/**
 * Shared logic for evaluating RBAC policies.
 */
class RoleBasedAccessControlEngine {
public:
  virtual ~RoleBasedAccessControlEngine() = default;

  /**
   * Handles action-specific operations and returns whether or not the request is permitted.
   *
   * @param connection the downstream connection used to identify the action/principal.
   * @param headers    the headers of the incoming request used to identify the action/principal. An
   *                   empty map should be used if there are no headers available.
   * @param info       the per-request or per-connection stream info with additional information
   *                   about the action/principal. Can be modified by the LOG Action.
   * @param effective_policy_id  it will be filled by the matching policy's ID,
   *                   which is used to identity the source of the allow/deny.
   */
  virtual bool handleAction(const Network::Connection& connection,
                            const Envoy::Http::RequestHeaderMap& headers,
                            StreamInfo::StreamInfo& info,
                            std::string* effective_policy_id) const PURE;

  /**
   * Handles action-specific operations and returns whether or not the request is permitted.
   *
   * @param connection the downstream connection used to identify the action/principal.
   * @param info       the per-request or per-connection stream info with additional information
   *                   about the action/principal. Can be modified by the LOG Action.
   * @param effective_policy_id  it will be filled by the matching policy's ID,
   *                   which is used to identity the source of the allow/deny.
   */
  virtual bool handleAction(const Network::Connection& connection, StreamInfo::StreamInfo& info,
                            std::string* effective_policy_id) const PURE;
};

} // namespace RBAC
} // namespace Common
} // namespace Filters
} // namespace Extensions
} // namespace Envoy

Line	Count	Source
1		#pragma once
2
3		#include "envoy/http/filter.h"
4		#include "envoy/http/header_map.h"
5		#include "envoy/network/connection.h"
6		#include "envoy/stream_info/stream_info.h"
7
8		namespace Envoy {
9		namespace Extensions {
10		namespace Filters {
11		namespace Common {
12		namespace RBAC {
13
14		/**
15		* Shared logic for evaluating RBAC policies.
16		*/
17		class RoleBasedAccessControlEngine {
18		public:
19	4.43k	virtual ~RoleBasedAccessControlEngine() = default;
20
21		/**
22		* Handles action-specific operations and returns whether or not the request is permitted.
23		*
24		* @param connection the downstream connection used to identify the action/principal.
25		* @param headers the headers of the incoming request used to identify the action/principal. An
26		* empty map should be used if there are no headers available.
27		* @param info the per-request or per-connection stream info with additional information
28		* about the action/principal. Can be modified by the LOG Action.
29		* @param effective_policy_id it will be filled by the matching policy's ID,
30		* which is used to identity the source of the allow/deny.
31		*/
32		virtual bool handleAction(const Network::Connection& connection,
33		const Envoy::Http::RequestHeaderMap& headers,
34		StreamInfo::StreamInfo& info,
35		std::string* effective_policy_id) const PURE;
36
37		/**
38		* Handles action-specific operations and returns whether or not the request is permitted.
39		*
40		* @param connection the downstream connection used to identify the action/principal.
41		* @param info the per-request or per-connection stream info with additional information
42		* about the action/principal. Can be modified by the LOG Action.
43		* @param effective_policy_id it will be filled by the matching policy's ID,
44		* which is used to identity the source of the allow/deny.
45		*/
46		virtual bool handleAction(const Network::Connection& connection, StreamInfo::StreamInfo& info,
47		std::string* effective_policy_id) const PURE;
48		};
49
50		} // namespace RBAC
51		} // namespace Common
52		} // namespace Filters
53		} // namespace Extensions
54		} // namespace Envoy

Coverage Report

Created: 2023-11-12 09:30