Checklist.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #ifndef SQUID_SRC_ACL_CHECKLIST_H
10 #define SQUID_SRC_ACL_CHECKLIST_H
11 
12 #include "acl/Acl.h"
13 #include "acl/InnerNode.h"
14 #include "cbdata.h"
15 
16 #include <optional>
17 #include <stack>
18 #include <vector>
19 
20 class HttpRequest;
21 
23 typedef void ACLCB(Acl::Answer, void *);
24 
30 class ACLChecklist
31 {
32 
33 public:
34 
36  using AsyncStarter = void (ACLFilledChecklist &, const Acl::Node &);
37 
38 public:
39  ACLChecklist();
40  virtual ~ACLChecklist();
41 
62  Acl::Answer const & fastCheck();
63 
85  const Acl::Answer &fastCheck(const ACLList *);
86 
89  bool goAsync(AsyncStarter, const Acl::Node &);
90 
93  bool matchChild(const Acl::InnerNode *parent, Acl::Nodes::const_iterator pos);
94 
96  bool keepMatching() const { return !finished() && !asyncInProgress(); }
97 
99  bool finished() const { return finished_; }
101  bool asyncInProgress() const { return asyncStage_ != asyncNone; }
104  void markFinished(const Acl::Answer &newAnswer, const char *reason);
105 
106  const Acl::Answer &currentAnswer() const { return answer_; }
107 
109  bool bannedAction(const Acl::Answer &action) const;
111  void banAction(const Acl::Answer &action);
112 
113  // XXX: ACLs that need request or reply have to use ACLFilledChecklist and
114  // should do their own checks so that we do not have to povide these two
115  // for ACL::checklistMatches to use
116  virtual bool hasRequest() const = 0;
117  virtual bool hasReply() const = 0;
118  virtual bool hasAle() const = 0;
120  virtual void syncAle(HttpRequest *adaptedRequest, const char *logUri) const = 0;
122  virtual void verifyAle() const = 0;
123 
125  void changeAcl(const acl_access *);
126 
128  void setLastCheckedName(const SBuf &name) { lastCheckedName_ = name; }
129 
130 protected:
151  void nonBlockingCheck(ACLCB * callback, void *callback_data);
152 
153 private:
156  void checkCallback(const char *abortReason);
157 
158  void matchAndFinish();
159 
162  Acl::TreePointer swapAcl(const acl_access *);
163 
164  Acl::TreePointer accessList;
165 
166 public:
167 
168  ACLCB *callback;
169  void *callback_data;
170 
173  void resumeNonBlockingCheck();
174 
175 private: /* internal methods */
177  class Breadcrumb
178  {
179  public:
180  Breadcrumb(): parent(nullptr) {}
181  Breadcrumb(const Acl::InnerNode *aParent, Acl::Nodes::const_iterator aPos): parent(aParent), position(aPos) {}
182  bool operator ==(const Breadcrumb &b) const { return parent == b.parent && (!parent || position == b.position); }
183  bool operator !=(const Breadcrumb &b) const { return !this->operator ==(b); }
184  void clear() { parent = nullptr; }
185  RefCount<const Acl::InnerNode> parent;
186  Acl::Nodes::const_iterator position;
187  };
188 
190  typedef enum { nmrMatch, nmrMismatch, nmrFinished, nmrNeedsAsync }
191  NodeMatchingResult;
192 
194  void preCheck(const char *what);
195  bool prepNonBlocking();
196  void completeNonBlocking();
197  void calcImplicitAnswer();
198 
199  bool asyncCaller_;
200  bool occupied_;
201  bool finished_;
202  Acl::Answer answer_;
203 
204  enum AsyncStage { asyncNone, asyncStarting, asyncRunning, asyncFailed };
205  AsyncStage asyncStage_;
206  Breadcrumb matchLoc_;
207  Breadcrumb asyncLoc_;
208  unsigned asyncLoopDepth_;
209 
210  bool callerGone();
211 
213  std::stack<Breadcrumb> matchPath;
215  std::vector<Acl::Answer> bannedActions_;
216 
218  std::optional<SBuf> lastCheckedName_;
219 };
220 
221 #endif /* SQUID_SRC_ACL_CHECKLIST_H */
222 
ACLChecklist::AsyncStarter
void(ACLFilledChecklist &, const Acl::Node &) AsyncStarter
a function that initiates asynchronous ACL checks; see goAsync()
Definition: Checklist.h:36
ACLChecklist::finished_
bool finished_
Definition: Checklist.h:201
ACLChecklist::verifyAle
virtual void verifyAle() const =0
warns if there are uninitialized ALE components and fills them
ACLChecklist::matchPath
std::stack< Breadcrumb > matchPath
suspended (due to an async lookup) matches() in the ACL tree
Definition: Checklist.h:213
ACLChecklist::accessList
Acl::TreePointer accessList
Definition: Checklist.h:164
ACLChecklist::NodeMatchingResult
NodeMatchingResult
possible outcomes when trying to match a single ACL node in a list
Definition: Checklist.h:190
ACLChecklist::banAction
void banAction(const Acl::Answer &action)
add action to the list of banned actions
Definition: Checklist.cc:358
ACLChecklist::keepMatching
bool keepMatching() const
Whether we should continue to match tree nodes or stop/pause.
Definition: Checklist.h:96
SBuf
Definition: SBuf.h:93
ACLChecklist::goAsync
bool goAsync(AsyncStarter, const Acl::Node &)
Definition: Checklist.cc:104
ACLChecklist::lastCheckedName_
std::optional< SBuf > lastCheckedName_
the name of the last evaluated ACL (if any ACLs were evaluated)
Definition: Checklist.h:218
ACLChecklist::hasAle
virtual bool hasAle() const =0
ACLChecklist::callback
ACLCB * callback
Definition: Checklist.h:168
Acl::InnerNode
An intermediate Acl::Node tree node. Manages a collection of child tree nodes.
Definition: InnerNode.h:22
ACLChecklist::Breadcrumb
Position of a child node within an Acl::Node tree.
Definition: Checklist.h:177
ACLChecklist::currentAnswer
const Acl::Answer & currentAnswer() const
Definition: Checklist.h:106
ACLChecklist::asyncInProgress
bool asyncInProgress() const
async call has been started and has not finished (or failed) yet
Definition: Checklist.h:101
ACLCB
void ACLCB(Acl::Answer, void *)
ACL checklist callback.
Definition: Checklist.h:23
ACLChecklist::Breadcrumb::parent
RefCount< const Acl::InnerNode > parent
intermediate node in the ACL tree
Definition: Checklist.h:185
ACLChecklist::setLastCheckedName
void setLastCheckedName(const SBuf &name)
remember the name of the last ACL being evaluated
Definition: Checklist.h:128
ACLChecklist::finished
bool finished() const
whether markFinished() was called
Definition: Checklist.h:99
ACLChecklist::swapAcl
Acl::TreePointer swapAcl(const acl_access *)
change the current ACL list
Definition: Checklist.cc:193
ACLChecklist::callback_data
void * callback_data
Definition: Checklist.h:169
ACLChecklist::fastCheck
const Acl::Answer & fastCheck()
Definition: Checklist.cc:298
ACLChecklist::Breadcrumb::operator==
bool operator==(const Breadcrumb &b) const
Definition: Checklist.h:182
ACLChecklist::bannedActions_
std::vector< Acl::Answer > bannedActions_
the list of actions which must ignored during acl checks
Definition: Checklist.h:215
ACLChecklist::hasRequest
virtual bool hasRequest() const =0
ACLChecklist::markFinished
void markFinished(const Acl::Answer &newAnswer, const char *reason)
Definition: Checklist.cc:45
ACLChecklist::Breadcrumb::operator!=
bool operator!=(const Breadcrumb &b) const
Definition: Checklist.h:183
ACLChecklist::calcImplicitAnswer
void calcImplicitAnswer()
Definition: Checklist.cc:326
ACLChecklist::changeAcl
void changeAcl(const acl_access *)
change the current ACL list
Definition: Checklist.cc:187
ACLChecklist::syncAle
virtual void syncAle(HttpRequest *adaptedRequest, const char *logUri) const =0
assigns uninitialized adapted_request and url ALE components
ACLChecklist::completeNonBlocking
void completeNonBlocking()
Definition: Checklist.cc:34
ACLChecklist::hasReply
virtual bool hasReply() const =0
ACLChecklist::callerGone
bool callerGone()
Definition: Checklist.cc:344
ACLChecklist::preCheck
void preCheck(const char *what)
prepare for checking ACLs; called once per check
Definition: Checklist.cc:56
ACLChecklist::Breadcrumb::Breadcrumb
Breadcrumb(const Acl::InnerNode *aParent, Acl::Nodes::const_iterator aPos)
Definition: Checklist.h:181
ACLChecklist::~ACLChecklist
virtual ~ACLChecklist()
Definition: Checklist.cc:180
ACLChecklist::asyncLoopDepth_
unsigned asyncLoopDepth_
how many times the current async state has resumed
Definition: Checklist.h:208
ACLChecklist::answer_
Acl::Answer answer_
Definition: Checklist.h:202
ACLChecklist::Breadcrumb::position
Acl::Nodes::const_iterator position
child position inside parent
Definition: Checklist.h:186
ACLChecklist::asyncStage_
AsyncStage asyncStage_
Definition: Checklist.h:205
Acl::Node
Definition: Node.h:25
ACLChecklist::matchAndFinish
void matchAndFinish()
performs (or resumes) an ACL tree match and, if successful, sets the action
Definition: Checklist.cc:257
ACLChecklist::prepNonBlocking
bool prepNonBlocking()
common parts of nonBlockingCheck() and resumeNonBlockingCheck()
Definition: Checklist.cc:21
ACLChecklist::asyncCaller_
bool asyncCaller_
whether the caller supports async/slow ACLs
Definition: Checklist.h:199
ACLChecklist::asyncLoc_
Breadcrumb asyncLoc_
currentNode_ that called goAsync()
Definition: Checklist.h:207
ACLChecklist::matchChild
bool matchChild(const Acl::InnerNode *parent, Acl::Nodes::const_iterator pos)
Definition: Checklist.cc:70
ACLChecklist::matchLoc_
Breadcrumb matchLoc_
location of the node running matches() now
Definition: Checklist.h:206
ACLChecklist::checkCallback
void checkCallback(const char *abortReason)
Definition: Checklist.cc:146
ACLChecklist::nonBlockingCheck
void nonBlockingCheck(ACLCB *callback, void *callback_data)
Definition: Checklist.cc:206
ACLChecklist::resumeNonBlockingCheck
void resumeNonBlockingCheck()
Definition: Checklist.cc:230
ACLChecklist::bannedAction
bool bannedAction(const Acl::Answer &action) const
whether the action is banned or not
Definition: Checklist.cc:350
ACLChecklist::occupied_
bool occupied_
whether a check (fast or non-blocking) is in progress
Definition: Checklist.h:200

 

Introduction

Documentation

Support

Miscellaneous