mirror of
https://github.com/facebook/sapling.git
synced 2024-10-05 14:28:17 +03:00
9fa292b9ed
Reviewed By: genevievehelsel Differential Revision: D36429182 fbshipit-source-id: 7d355917abf463493c37139856810de13e1090ff
42 lines
1.1 KiB
C++
42 lines
1.1 KiB
C++
/*
|
|
* Copyright (c) Meta Platforms, Inc. and affiliates.
|
|
*
|
|
* This software may be used and distributed according to the terms of the
|
|
* GNU General Public License version 2.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <thrift/lib/cpp/TProcessorEventHandler.h>
|
|
#include <stdexcept>
|
|
|
|
namespace facebook::eden {
|
|
|
|
class ServerState;
|
|
|
|
class NotAuthorized : public std::runtime_error {
|
|
public:
|
|
using std::runtime_error::runtime_error;
|
|
};
|
|
|
|
/**
|
|
* Throws NotAuthorized in preRead if process connected to Eden's unix domain
|
|
* socket has an effective uid not allowed to access a given Thrift method.
|
|
*/
|
|
class ThriftPermissionChecker : public apache::thrift::TProcessorEventHandler {
|
|
public:
|
|
explicit ThriftPermissionChecker(std::shared_ptr<ServerState> serverState);
|
|
|
|
void* getContext(
|
|
const char* fn_name,
|
|
apache::thrift::TConnectionContext* connectionContext) override;
|
|
void freeContext(void* ctx, const char* fn_name) override;
|
|
|
|
void preRead(void* ctx, const char* fn_name) override;
|
|
|
|
private:
|
|
std::shared_ptr<ServerState> serverState_;
|
|
};
|
|
|
|
} // namespace facebook::eden
|