mojo_service_manager/daemon/service_policy.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2022 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef MOJO_SERVICE_MANAGER_DAEMON_SERVICE_POLICY_H_
 #define MOJO_SERVICE_MANAGER_DAEMON_SERVICE_POLICY_H_

 #include <map>
 #include <set>
 #include <string>

 namespace chromeos {
 namespace mojo_service_manager {

 // Stores the access policies of a service.
 class ServicePolicy {
  public:
   ServicePolicy();
   ServicePolicy(const ServicePolicy&) = delete;
   ServicePolicy& operator=(const ServicePolicy&) = delete;
   ServicePolicy(ServicePolicy&&);
   ServicePolicy& operator=(ServicePolicy&&);
   ~ServicePolicy();

   // Sets a |security_context| as the owner of this service.
   void SetOwner(const std::string& security_context);

   // Adds a |security_context| as a requester of this service.
   void AddRequester(const std::string& security_context);

   // Merges another ServicePolicy into this one. Returns whether they can be
   // merged. This will try to merge all other fields even if a field cannot be
   // merged. The merge result of conflict fields are undefined.
   bool Merge(ServicePolicy another);

   // Returns whether |security_context| is an owner of this service.
   bool IsOwner(const std::string& security_context) const;

   // Returns whether |security_context| is a requester of this service.
   bool IsRequester(const std::string& security_context) const;

   // Gets the owner. It could be an empty string if the owner is not set.
   const std::string& owner() const { return owner_; }

   // Gets the requester set.
   const std::set<std::string>& requesters() const { return requesters_; }

  private:
   // The owner of this service.
   std::string owner_;
   // The requesters of this service.
   std::set<std::string> requesters_;

   // This accesses private fields to create ServicePolicy for testing.
   friend ServicePolicy CreateServicePolicyForTest(
       const std::string& owner, const std::set<std::string>& requesters);
 };

 // The map type which maps service names to service policies.
 using ServicePolicyMap = std::map<std::string, ServicePolicy>;

 // Merges two ServicePolicyMap. All the policies in |from| are extracted and are
 // merged into |to|. Returns whether the all the policies are merged
 // successfully. This will try to merge all other policies even if a policy
 // cannot be merged.
 bool MergeServicePolicyMaps(ServicePolicyMap* from, ServicePolicyMap* to);

 // Validates a service name. This only checks the characters are valid and is
 // equal to |[a-zA-Z0-9._-]+|.
 bool ValidateServiceName(const std::string& service_name);

 // Validates a security context. This only checks the characters are valid and
 // is equal to |[a-z0-9_:]+|.
 bool ValidateSecurityContext(const std::string& security_context);

 }  // namespace mojo_service_manager
 }  // namespace chromeos

 #endif  // MOJO_SERVICE_MANAGER_DAEMON_SERVICE_POLICY_H_
	// Copyright 2022 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef MOJO_SERVICE_MANAGER_DAEMON_SERVICE_POLICY_H_
	#define MOJO_SERVICE_MANAGER_DAEMON_SERVICE_POLICY_H_

	#include <map>
	#include <set>
	#include <string>

	namespace chromeos {
	namespace mojo_service_manager {

	// Stores the access policies of a service.
	class ServicePolicy {
	public:
	ServicePolicy();
	ServicePolicy(const ServicePolicy&) = delete;
	ServicePolicy& operator=(const ServicePolicy&) = delete;
	ServicePolicy(ServicePolicy&&);
	ServicePolicy& operator=(ServicePolicy&&);
	~ServicePolicy();

	// Sets a \|security_context\| as the owner of this service.
	void SetOwner(const std::string& security_context);

	// Adds a \|security_context\| as a requester of this service.
	void AddRequester(const std::string& security_context);

	// Merges another ServicePolicy into this one. Returns whether they can be
	// merged. This will try to merge all other fields even if a field cannot be
	// merged. The merge result of conflict fields are undefined.
	bool Merge(ServicePolicy another);

	// Returns whether \|security_context\| is an owner of this service.
	bool IsOwner(const std::string& security_context) const;

	// Returns whether \|security_context\| is a requester of this service.
	bool IsRequester(const std::string& security_context) const;

	// Gets the owner. It could be an empty string if the owner is not set.
	const std::string& owner() const { return owner_; }

	// Gets the requester set.
	const std::set<std::string>& requesters() const { return requesters_; }

	private:
	// The owner of this service.
	std::string owner_;
	// The requesters of this service.
	std::set<std::string> requesters_;

	// This accesses private fields to create ServicePolicy for testing.
	friend ServicePolicy CreateServicePolicyForTest(
	const std::string& owner, const std::set<std::string>& requesters);
	};

	// The map type which maps service names to service policies.
	using ServicePolicyMap = std::map<std::string, ServicePolicy>;

	// Merges two ServicePolicyMap. All the policies in \|from\| are extracted and are
	// merged into \|to\|. Returns whether the all the policies are merged
	// successfully. This will try to merge all other policies even if a policy
	// cannot be merged.
	bool MergeServicePolicyMaps(ServicePolicyMap* from, ServicePolicyMap* to);

	// Validates a service name. This only checks the characters are valid and is
	// equal to \|[a-zA-Z0-9._-]+\|.
	bool ValidateServiceName(const std::string& service_name);

	// Validates a security context. This only checks the characters are valid and
	// is equal to \|[a-z0-9_:]+\|.
	bool ValidateSecurityContext(const std::string& security_context);

	} // namespace mojo_service_manager
	} // namespace chromeos

	#endif // MOJO_SERVICE_MANAGER_DAEMON_SERVICE_POLICY_H_