services/role/roled/internal/dispatcher.go - release.go.x.ref - Git at Google

 // Copyright 2015 The Vanadium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package internal

 import (
 	"encoding/json"
 	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"

 	"v.io/v23/context"
 	"v.io/v23/rpc"
 	"v.io/v23/security"
 	"v.io/v23/verror"

 	"v.io/x/ref/internal/logger"
 	"v.io/x/ref/services/discharger"
 	"v.io/x/ref/services/role"
 )

 const requiredSuffix = security.ChainSeparator + role.RoleSuffix

 // NewDispatcher returns a dispatcher object for a role service and its
 // associated discharger service.
 // The configRoot is the top level directory where the role configuration files
 // are stored.
 // The dischargerLocation is the object name or address of the discharger
 // service for the third-party caveats attached to the role blessings returned
 // by the role service.
 func NewDispatcher(configRoot, dischargerLocation string) rpc.Dispatcher {
 	return &dispatcher{&serverConfig{configRoot, dischargerLocation}}
 }

 type serverConfig struct {
 	root               string
 	dischargerLocation string
 }

 type dispatcher struct {
 	config *serverConfig
 }

 func (d *dispatcher) Lookup(_ *context.T, suffix string) (interface{}, security.Authorizer, error) {
 	if len(suffix) == 0 {
 		return discharger.DischargerServer(&dischargerImpl{d.config}), security.AllowEveryone(), nil
 	}
 	fileName := filepath.Join(d.config.root, filepath.FromSlash(suffix+".conf"))
 	if !strings.HasPrefix(fileName, d.config.root) {
 		// Guard against ".." in the suffix that could be used to read
 		// files outside of the config root.
 		return nil, nil, verror.New(verror.ErrNoExistOrNoAccess, nil)
 	}
 	roleConfig, err := loadExpandedConfig(fileName, nil)
 	if err != nil && !os.IsNotExist(err) {
 		// The config file exists, but we failed to read it for some
 		// reason. This is likely a server configuration error.
 		logger.Global().Errorf("loadConfig(%q, %q): %v", d.config.root, suffix, err)
 		return nil, nil, verror.Convert(verror.ErrInternal, nil, err)
 	}
 	obj := &roleService{serverConfig: d.config, role: suffix, roleConfig: roleConfig}
 	return role.RoleServer(obj), &authorizer{roleConfig}, nil
 }

 type authorizer struct {
 	config *Config
 }

 func (a *authorizer) Authorize(ctx *context.T, call security.Call) error {
 	if call.Method() == "__Glob" {
 		// The Glob implementation only shows objects that the caller
 		// has access to. So this blanket approval is OK.
 		return nil
 	}
 	if a.config == nil {
 		return verror.New(verror.ErrNoExistOrNoAccess, ctx)
 	}
 	remoteBlessingNames, _ := security.RemoteBlessingNames(ctx, call)

 	if hasAccess(a.config, remoteBlessingNames) {
 		return nil
 	}
 	return verror.New(verror.ErrNoExistOrNoAccess, ctx)
 }

 func hasAccess(c *Config, blessingNames []string) bool {
 	for _, pattern := range c.Members {
 		if pattern.MatchedBy(blessingNames...) {
 			return true
 		}
 	}
 	return false
 }

 func loadExpandedConfig(fileName string, seenFiles map[string]struct{}) (*Config, error) {
 	if seenFiles == nil {
 		seenFiles = make(map[string]struct{})
 	}
 	if _, seen := seenFiles[fileName]; seen {
 		return nil, nil
 	}
 	seenFiles[fileName] = struct{}{}
 	c, err := loadConfig(fileName)
 	if err != nil {
 		return nil, err
 	}
 	parentDir := filepath.Dir(fileName)
 	for _, imp := range c.ImportMembers {
 		f := filepath.Join(parentDir, filepath.FromSlash(imp+".conf"))
 		ic, err := loadExpandedConfig(f, seenFiles)
 		if err != nil {
 			continue
 		}
 		if ic == nil {
 			continue
 		}
 		c.Members = append(c.Members, ic.Members...)
 	}
 	c.ImportMembers = nil
 	dedupMembers(c)
 	return c, nil
 }

 func loadConfig(fileName string) (*Config, error) {
 	contents, err := ioutil.ReadFile(fileName)
 	if err != nil {
 		return nil, err
 	}
 	var c Config
 	if err := json.Unmarshal(contents, &c); err != nil {
 		return nil, err
 	}
 	for i, pattern := range c.Members {
 		if p := string(pattern); !strings.HasSuffix(p, requiredSuffix) {
 			c.Members[i] = security.BlessingPattern(p + requiredSuffix)
 		}
 	}
 	return &c, nil
 }

 func dedupMembers(c *Config) {
 	members := make(map[security.BlessingPattern]struct{})
 	for _, m := range c.Members {
 		members[m] = struct{}{}
 	}
 	c.Members = []security.BlessingPattern{}
 	for m := range members {
 		c.Members = append(c.Members, m)
 	}
 }
	// Copyright 2015 The Vanadium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package internal

	import (
	"encoding/json"
	"io/ioutil"
	"os"
	"path/filepath"
	"strings"

	"v.io/v23/context"
	"v.io/v23/rpc"
	"v.io/v23/security"
	"v.io/v23/verror"

	"v.io/x/ref/internal/logger"
	"v.io/x/ref/services/discharger"
	"v.io/x/ref/services/role"
	)

	const requiredSuffix = security.ChainSeparator + role.RoleSuffix

	// NewDispatcher returns a dispatcher object for a role service and its
	// associated discharger service.
	// The configRoot is the top level directory where the role configuration files
	// are stored.
	// The dischargerLocation is the object name or address of the discharger
	// service for the third-party caveats attached to the role blessings returned
	// by the role service.
	func NewDispatcher(configRoot, dischargerLocation string) rpc.Dispatcher {
	return &dispatcher{&serverConfig{configRoot, dischargerLocation}}
	}

	type serverConfig struct {
	root string
	dischargerLocation string
	}

	type dispatcher struct {
	config *serverConfig
	}

	func (d dispatcher) Lookup(_ context.T, suffix string) (interface{}, security.Authorizer, error) {
	if len(suffix) == 0 {
	return discharger.DischargerServer(&dischargerImpl{d.config}), security.AllowEveryone(), nil
	}
	fileName := filepath.Join(d.config.root, filepath.FromSlash(suffix+".conf"))
	if !strings.HasPrefix(fileName, d.config.root) {
	// Guard against ".." in the suffix that could be used to read
	// files outside of the config root.
	return nil, nil, verror.New(verror.ErrNoExistOrNoAccess, nil)
	}
	roleConfig, err := loadExpandedConfig(fileName, nil)
	if err != nil && !os.IsNotExist(err) {
	// The config file exists, but we failed to read it for some
	// reason. This is likely a server configuration error.
	logger.Global().Errorf("loadConfig(%q, %q): %v", d.config.root, suffix, err)
	return nil, nil, verror.Convert(verror.ErrInternal, nil, err)
	}
	obj := &roleService{serverConfig: d.config, role: suffix, roleConfig: roleConfig}
	return role.RoleServer(obj), &authorizer{roleConfig}, nil
	}

	type authorizer struct {
	config *Config
	}

	func (a authorizer) Authorize(ctx context.T, call security.Call) error {
	if call.Method() == "__Glob" {
	// The Glob implementation only shows objects that the caller
	// has access to. So this blanket approval is OK.
	return nil
	}
	if a.config == nil {
	return verror.New(verror.ErrNoExistOrNoAccess, ctx)
	}
	remoteBlessingNames, _ := security.RemoteBlessingNames(ctx, call)

	if hasAccess(a.config, remoteBlessingNames) {
	return nil
	}
	return verror.New(verror.ErrNoExistOrNoAccess, ctx)
	}

	func hasAccess(c *Config, blessingNames []string) bool {
	for _, pattern := range c.Members {
	if pattern.MatchedBy(blessingNames...) {
	return true
	}
	}
	return false
	}

	func loadExpandedConfig(fileName string, seenFiles map[string]struct{}) (*Config, error) {
	if seenFiles == nil {
	seenFiles = make(map[string]struct{})
	}
	if _, seen := seenFiles[fileName]; seen {
	return nil, nil
	}
	seenFiles[fileName] = struct{}{}
	c, err := loadConfig(fileName)
	if err != nil {
	return nil, err
	}
	parentDir := filepath.Dir(fileName)
	for _, imp := range c.ImportMembers {
	f := filepath.Join(parentDir, filepath.FromSlash(imp+".conf"))
	ic, err := loadExpandedConfig(f, seenFiles)
	if err != nil {
	continue
	}
	if ic == nil {
	continue
	}
	c.Members = append(c.Members, ic.Members...)
	}
	c.ImportMembers = nil
	dedupMembers(c)
	return c, nil
	}

	func loadConfig(fileName string) (*Config, error) {
	contents, err := ioutil.ReadFile(fileName)
	if err != nil {
	return nil, err
	}
	var c Config
	if err := json.Unmarshal(contents, &c); err != nil {
	return nil, err
	}
	for i, pattern := range c.Members {
	if p := string(pattern); !strings.HasSuffix(p, requiredSuffix) {
	c.Members[i] = security.BlessingPattern(p + requiredSuffix)
	}
	}
	return &c, nil
	}

	func dedupMembers(c *Config) {
	members := make(map[security.BlessingPattern]struct{})
	for _, m := range c.Members {
	members[m] = struct{}{}
	}
	c.Members = []security.BlessingPattern{}
	for m := range members {
	c.Members = append(c.Members, m)
	}
	}