17 #ifndef __COMMON_HTTP_HPP__ 18 #define __COMMON_HTTP_HPP__ 50 struct hash<
mesos::authorization::Action>
56 result_type
operator()(
const argument_type& action)
const 103 const google::protobuf::Message& message);
108 template <
typename Message>
111 const std::string& body)
113 switch (contentType) {
114 case ContentType::PROTOBUF: {
116 if (!message.ParseFromString(body)) {
117 return Error(
"Failed to parse body into a protobuf object");
121 case ContentType::JSON: {
124 return Error(
"Failed to parse body into JSON: " + value.
error());
127 return ::protobuf::parse<Message>(value.
get());
129 case ContentType::RECORDIO: {
130 return Error(
"Deserializing a RecordIO stream is not supported");
147 template <
typename Event>
155 contentType(_contentType),
156 streamId(_streamId) {}
158 template <
typename Message>
159 bool send(
const Message& message)
166 std::string record =
serialize(contentType, e);
172 bool send(
const std::string& event)
179 return writer.close();
184 return writer.readerClosed();
227 template <
typename T>
229 const std::map<std::string, double>&
metrics)
243 const google::protobuf::Descriptor* descriptor = T::descriptor();
245 int field = T::kMetricsFieldNumber;
248 descriptor->FindFieldByNumber(field)->name(),
250 foreachpair (
const std::string& key,
double value, metrics) {
252 const google::protobuf::Descriptor* descriptor =
253 v1::Metric::descriptor();
257 field = v1::Metric::kNameFieldNumber;
259 descriptor->FindFieldByNumber(field)->name(), key);
261 field = v1::Metric::kValueFieldNumber;
263 descriptor->FindFieldByNumber(field)->name(), value);
273 template <
typename T>
275 const std::map<std::string, double>&
metrics)
288 auto serializeMetric = [](
const std::string& key,
double value) {
290 google::protobuf::io::StringOutputStream stream(&output);
291 google::protobuf::io::CodedOutputStream writer(&stream);
293 google::protobuf::internal::WireFormatLite::WriteString(
294 v1::Metric::kNameFieldNumber, key, &writer);
295 google::protobuf::internal::WireFormatLite::WriteDouble(
296 v1::Metric::kValueFieldNumber, value, &writer);
308 google::protobuf::io::StringOutputStream stream(&output);
309 google::protobuf::io::CodedOutputStream writer(&stream);
311 foreachpair (
const std::string& key,
double value, metrics) {
312 google::protobuf::internal::WireFormatLite::WriteBytes(
313 T::kMetricsFieldNumber,
314 serializeMetric(key, value),
344 const google::protobuf::RepeatedPtrField<Resource>& resources);
372 std::initializer_list<authorization::Action> actions);
375 authorization::Action action,
378 if (!approvers.contains(action)) {
380 <<
"Attempted to authorize principal " 382 <<
" for unexpected action " << authorization::Action_Name(action);
387 return approvers.at(action)->approved(
object);
395 template <authorization::Action action,
typename... Args>
409 LOG(WARNING) <<
"Failed to authorize principal " 411 <<
"' for action " << authorization::Action_Name(action)
412 <<
": " << approval.
error();
417 return approval.
get();
425 authorization::Action,
426 std::shared_ptr<const ObjectApprover>>&& _approvers,
428 : principal(_principal),
429 approvers(
std::move(_approvers)) {}
437 inline bool ObjectApprovers::approved<authorization::VIEW_ROLE>(
438 const Resource& resource)
const 441 if (resource.has_role() && resource.role() !=
"*" &&
442 !approved<authorization::VIEW_ROLE>(resource.role())) {
449 foreach (Resource::ReservationInfo reservation, resource.reservations()) {
450 if (!approved<authorization::VIEW_ROLE>(reservation.role())) {
455 if (resource.has_allocation_info() &&
456 !approved<authorization::VIEW_ROLE>(
457 resource.allocation_info().role())) {
470 template <
typename T>
478 targetId_.set_value(
id.
get());
479 targetId = targetId_;
485 if (targetId.isNone()) {
489 return candidateId.value() == targetId->value();
505 const std::string& endpoint,
506 const std::string& method,
524 const std::string& realm,
525 const std::vector<std::string>& httpAuthenticatorNames,
547 #endif // __COMMON_HTTP_HPP__
size_t result_type
Definition: http.hpp:52
ContentType
Definition: http.hpp:43
Definition: errorbase.hpp:36
Definition: resource_quantities.hpp:192
Future< Response > request(const Request &request, bool streamedResponse=false)
Asynchronously sends an HTTP request to the process and returns the HTTP response once the entire res...
T & get()&
Definition: try.hpp:80
Definition: authorizer.hpp:53
id::UUID streamId
Definition: http.hpp:189
std::string encode(const std::string &record)
Returns the "Record-IO" encoded record.
Definition: recordio.hpp:63
bool approved(const Args &...args) const
Definition: http.hpp:396
bool streamingMediaType(ContentType contentType)
Definition: resource_quantities.hpp:63
std::string serializeGetMetrics(const std::map< std::string, double > &metrics)
Definition: http.hpp:274
constexpr char DEFAULT_BASIC_HTTP_AUTHENTICATEE[]
Definition: http.hpp:79
process::Future< Nothing > closed() const
Definition: http.hpp:182
Result< ProcessStatus > status(pid_t pid)
Definition: proc.hpp:166
Definition: resources.hpp:83
Definition: type_utils.hpp:619
result_type operator()(const argument_type &action) const
Definition: http.hpp:56
Capability
Definition: capabilities.hpp:35
Try< bool > approved(authorization::Action action, const ObjectApprover::Object &object) const
Definition: http.hpp:374
Definition: jsonify.hpp:255
bool close()
Definition: http.hpp:177
Option< T > targetId
Definition: http.hpp:493
bool isSome() const
Definition: option.hpp:116
mesos::v1::scheduler::Event Event
Definition: mesos.hpp:2852
Definition: hashmap.hpp:38
constexpr char DEFAULT_JWT_HTTP_AUTHENTICATOR[]
Definition: http.hpp:82
void logResponse(const process::http::Request &request, const process::http::Response &response)
void logRequest(const process::http::Request &request)
Used to filter results for API handlers.
Definition: http.hpp:471
static UUID random()
Definition: uuid.hpp:38
void field(const std::string &key, const T &value)
Definition: jsonify.hpp:347
Try< Message > deserialize(ContentType contentType, const std::string &body)
Definition: http.hpp:109
void json(JSON::ObjectWriter *writer, const TaskStatus &status)
bool send(const Message &message)
Definition: http.hpp:159
JSON::Object model(const google::protobuf::Map< std::string, Value_Scalar > &map)
StreamingHttpConnection(const process::http::Pipe::Writer &_writer, ContentType _contentType, id::UUID _streamId=id::UUID::random())
Definition: http.hpp:150
std::function< void(JSON::ObjectWriter *)> jsonifyGetMetrics(const std::map< std::string, double > &metrics)
Definition: http.hpp:228
Definition: jsonify.hpp:326
ContentType contentType
Definition: http.hpp:188
#define foreachpair(KEY, VALUE, ELEMS)
Definition: foreach.hpp:51
bool accept(const T &candidateId) const
Definition: http.hpp:483
Try< Value > parse(const std::string &s)
Returns the OCI v1 descriptor, image index, image manifest and image configuration from the given str...
Definition: json.hpp:978
Definition: protobuf.hpp:61
static Try error(const E &e)
Definition: try.hpp:43
Try< Nothing > initializeHttpAuthenticators(const std::string &realm, const std::vector< std::string > &httpAuthenticatorNames, const Option< Credentials > &credentials=None(), const Option< std::string > &jwtSecretKey=None())
Helper function to create HTTP authenticators for a given realm and register in libprocess.
#define UNREACHABLE()
Definition: unreachable.hpp:22
constexpr char DEFAULT_BASIC_HTTP_AUTHENTICATOR[]
Definition: http.hpp:76
Iterable< V > map(F &&f, const Iterable< U, Us... > &input)
Definition: lambda.hpp:46
Definition: attributes.hpp:24
bool isError() const
Definition: try.hpp:78
bool send(const std::string &event)
Definition: http.hpp:172
Try< uint32_t > type(const std::string &path)
IDAcceptor(const Option< std::string > &id=None())
Definition: http.hpp:474
Try< Nothing > create(const std::string &hierarchy, const std::string &cgroup, bool recursive=false)
VolumeCapability evolve(const CSIVolume::VolumeCapability &capability)
std::string serialize(ContentType contentType, const google::protobuf::Message &message)
process::Future< bool > authorizeEndpoint(const std::string &endpoint, const std::string &method, const Option< Authorizer * > &authorizer, const Option< process::http::authentication::Principal > &principal)
This interface represents a function object returned by the authorizer which can be used locally (and...
Definition: authorizer.hpp:47
std::string stringify(int flags)
process::http::Pipe::Writer writer
Definition: http.hpp:187
mesos::authorization::Action argument_type
Definition: http.hpp:54
PID< MetricsProcess > metrics
const Option< process::http::authentication::Principal > principal
Definition: http.hpp:420
Definition: representation.hpp:72
Try< bool > approved(const Option< ObjectApprover::Object > &object) const noexceptoverride
This method returns whether access to the specified object is authorized or not, or Error...
Definition: http.hpp:358
Definition: jsonify.hpp:296
Definition: attributes.hpp:32