mirror of
https://github.com/facebook/sapling.git
synced 2024-10-11 01:07:15 +03:00
f5b2123642
Summary: Give ThriftPermissionChecker flexibility by allowing it to access UserInfo if it needs to. This also gives ThriftPermissionChecker access to EdenConfig for use in future diffs. Reviewed By: wez Differential Revision: D17844453 fbshipit-source-id: 5f7badd084bfbe82bd6b3797ef68daa7b63741b5
43 lines
1.1 KiB
C++
43 lines
1.1 KiB
C++
/*
|
|
* Copyright (c) Facebook, Inc. and its affiliates.
|
|
*
|
|
* This software may be used and distributed according to the terms of the
|
|
* GNU General Public License version 2.
|
|
*/
|
|
#pragma once
|
|
|
|
#include <thrift/lib/cpp/TProcessorEventHandler.h>
|
|
#include <stdexcept>
|
|
|
|
namespace facebook {
|
|
namespace eden {
|
|
|
|
class ServerState;
|
|
|
|
class NotAuthorized : public std::runtime_error {
|
|
public:
|
|
using std::runtime_error::runtime_error;
|
|
};
|
|
|
|
/**
|
|
* Throws NotAuthorized in preRead if process connected to Eden's unix domain
|
|
* socket has an effective uid not allowed to access a given Thrift method.
|
|
*/
|
|
class ThriftPermissionChecker : public apache::thrift::TProcessorEventHandler {
|
|
public:
|
|
explicit ThriftPermissionChecker(std::shared_ptr<ServerState> serverState);
|
|
|
|
void* getContext(
|
|
const char* fn_name,
|
|
apache::thrift::TConnectionContext* connectionContext) override;
|
|
void freeContext(void* ctx, const char* fn_name) override;
|
|
|
|
void preRead(void* ctx, const char* fn_name) override;
|
|
|
|
private:
|
|
std::shared_ptr<ServerState> serverState_;
|
|
};
|
|
|
|
} // namespace eden
|
|
} // namespace facebook
|