diff options
| author | Brent Eagles <brent@zeroc.com> | 2006-06-05 16:03:09 +0000 |
|---|---|---|
| committer | Brent Eagles <brent@zeroc.com> | 2006-06-05 16:03:09 +0000 |
| commit | 64cc25d19077e937dac847c82b3ea62c5746a51e (patch) | |
| tree | 80a8c6bc2594bef177acbdff14f342ee4b4283a9 /cpp/src | |
| parent | Added IceSSL::DistinguishedName (diff) | |
| download | ice-64cc25d19077e937dac847c82b3ea62c5746a51e.tar.bz2 ice-64cc25d19077e937dac847c82b3ea62c5746a51e.tar.xz ice-64cc25d19077e937dac847c82b3ea62c5746a51e.zip | |
- Changes to align dynamic filtering with the current Glacier2Filters wiki
proposal.
- Some 3.1.0 prep work for the VC 6.0 windows installers.
Diffstat (limited to 'cpp/src')
| -rw-r--r-- | cpp/src/Glacier2/ClientBlobject.cpp | 134 | ||||
| -rw-r--r-- | cpp/src/Glacier2/ClientBlobject.h | 6 | ||||
| -rwxr-xr-x | cpp/src/Glacier2/FilterI.h | 340 | ||||
| -rw-r--r-- | cpp/src/Glacier2/ProxyVerifier.cpp | 140 | ||||
| -rw-r--r-- | cpp/src/Glacier2/SessionRouterI.cpp | 46 | ||||
| -rw-r--r-- | cpp/src/Ice/PropertyNames.cpp | 7 | ||||
| -rw-r--r-- | cpp/src/Ice/PropertyNames.h | 2 | ||||
| -rw-r--r-- | cpp/src/IceGrid/ObjectCache.cpp | 4 | ||||
| -rw-r--r-- | cpp/src/IceGrid/ServerCache.cpp | 4 | ||||
| -rw-r--r-- | cpp/src/IceGrid/SessionI.cpp | 4 |
10 files changed, 282 insertions, 405 deletions
diff --git a/cpp/src/Glacier2/ClientBlobject.cpp b/cpp/src/Glacier2/ClientBlobject.cpp index 76dcb388783..5e39c2362c0 100644 --- a/cpp/src/Glacier2/ClientBlobject.cpp +++ b/cpp/src/Glacier2/ClientBlobject.cpp @@ -21,36 +21,36 @@ class ClientBlobjectImpl { public: - ClientBlobjectImpl(const StringFilterManagerIPtr& categoryFilter, const StringFilterManagerIPtr& adapterFilter, - const IdentityFilterManagerIPtr& idFilter) : - _categoryFilter(categoryFilter), - _adapterIdFilter(adapterFilter), - _identityFilter(idFilter) + ClientBlobjectImpl(const StringSetIPtr& categories, const StringSetIPtr& adapters, + const IdentitySetIPtr& identities) : + _categories(categories), + _adapters(adapters), + _identities(identities) { } - StringFilterManagerIPtr - categoryFilter() + StringSetIPtr + categories() { - return _categoryFilter; + return _categories; } - StringFilterManagerIPtr - adapterIdFilter() + StringSetIPtr + adapterIds() { - return _adapterIdFilter; + return _adapters; } - IdentityFilterManagerIPtr - identityFilter() + IdentitySetIPtr + identities() { - return _identityFilter; + return _identities; } private: - const StringFilterManagerIPtr _categoryFilter; - const StringFilterManagerIPtr _adapterIdFilter; - const IdentityFilterManagerIPtr _identityFilter; + const StringSetIPtr _categories; + const StringSetIPtr _adapters; + const IdentitySetIPtr _identities; }; } @@ -113,30 +113,38 @@ Glacier2::ClientBlobject::ice_invoke_async(const Ice::AMD_Array_Object_ice_invok const std::pair<const Byte*, const Byte*>& inParams, const Current& current) { - if(!_impl->categoryFilter()->match(current.id.category)) + bool rejected = false; + + if(!_impl->categories()->empty()) { - if(_rejectTraceLevel >= 1) + if(!_impl->categories()->match(current.id.category)) { - Trace out(_logger, "Glacier2"); - out << "rejecting request\n"; - out << "identity: " << _communicator->identityToString(current.id); + if(_rejectTraceLevel >= 1) + { + Trace out(_logger, "Glacier2"); + out << "rejecting request\n"; + out << "identity: " << _communicator->identityToString(current.id); + } + rejected = true; } - ObjectNotExistException ex(__FILE__, __LINE__); - ex.id = current.id; - throw ex; } - if(!_impl->identityFilter()->match(current.id)) + if(!_impl->identities()->empty()) { - if(_rejectTraceLevel >= 1) + if(_impl->identities()->match(current.id)) { - Trace out(_logger, "Glacier2"); - out << "rejecting request\n"; - out << "identity: " << _communicator->identityToString(current.id); + rejected = false; + } + else + { + if(_rejectTraceLevel >= 1) + { + Trace out(_logger, "Glacier2"); + out << "rejecting request\n"; + out << "identity: " << _communicator->identityToString(current.id); + } + rejected = true; } - ObjectNotExistException ex(__FILE__, __LINE__); - ex.id = current.id; - throw ex; } ObjectPrx proxy = _routingTable->get(current.id); @@ -158,14 +166,26 @@ Glacier2::ClientBlobject::ice_invoke_async(const Ice::AMD_Array_Object_ice_invok } string adapterId = proxy->ice_getAdapterId(); - if(!adapterId.empty() && !_impl->adapterIdFilter()->match(adapterId)) + + if(!adapterId.empty() && !_impl->adapterIds()->empty()) { - if(_rejectTraceLevel >= 1) + if(_impl->adapterIds()->match(adapterId)) + { + rejected = false; + } + else { - Trace out(_logger, "Glacier2"); - out << "rejecting request\n"; - out << "identity: " << _communicator->identityToString(current.id); + if(_rejectTraceLevel >= 1) + { + Trace out(_logger, "Glacier2"); + out << "rejecting request\n"; + out << "identity: " << _communicator->identityToString(current.id); + } } + } + + if(rejected) + { ObjectNotExistException ex(__FILE__, __LINE__); ex.id = current.id; throw ex; @@ -193,13 +213,8 @@ Glacier2::ClientBlobject::create(const CommunicatorPtr& communicator, const stri allow = props->getProperty("Glacier2.Filter.Category.Accept"); } - string reject = props->getProperty("Glacier2.Filter.Category.Reject"); - bool acceptOverride = props->getPropertyAsIntWithDefault("Glacier2.Filter.Category.AcceptOverride", 0) == 1; - vector<string> allowSeq; - vector<string> rejectSeq; stringToSeq(allow, allowSeq); - stringToSeq(reject, rejectSeq); int addUserMode = props->getPropertyAsInt("Glacier2.AddUserToAllowCategories"); if(addUserMode == 0) @@ -218,47 +233,40 @@ Glacier2::ClientBlobject::create(const CommunicatorPtr& communicator, const stri allowSeq.push_back('_' + userId); // Add user id with prepended underscore to allowed categories. } } - StringFilterManagerIPtr categoryFilter = new StringFilterManagerI(allowSeq, rejectSeq, acceptOverride); + StringSetIPtr categoryFilter = new StringSetI(allowSeq); // // TODO: refactor initialization of filters. // allow = props->getProperty("Glacier2.Filter.AdapterId.Accept"); - reject = props->getProperty("Glacier2.Filter.AdapterId.Reject"); - acceptOverride = props->getPropertyAsIntWithDefault("Glacier2.Filter.AdapterId.AcceptOverride", 0) == 1; stringToSeq(allow, allowSeq); - stringToSeq(reject, rejectSeq); - StringFilterManagerIPtr adapterIdFilter = new StringFilterManagerI(allowSeq, rejectSeq, acceptOverride); + StringSetIPtr adapterIdFilter = new StringSetI(allowSeq); // // TODO: Object id's from configurations? // IdentitySeq allowIdSeq; - IdentitySeq rejectIdSeq; - allow = props->getProperty("Glacier2.Filter.AdapterId.Accept"); - reject = props->getProperty("Glacier2.Filter.AdapterId.Reject"); - acceptOverride = props->getPropertyAsIntWithDefault("Glacier2.Filter.AdapterId.AcceptOverride", 0) == 1; + allow = props->getProperty("Glacier2.Filter.Identity.Accept"); stringToSeq(allow, allowSeq); - stringToSeq(reject, rejectSeq); - IdentityFilterManagerIPtr identityFilter = new IdentityFilterManagerI(allowIdSeq, rejectIdSeq, false); + IdentitySetIPtr identityFilter = new IdentitySetI(allowIdSeq); return new ClientBlobject(communicator, new ClientBlobjectImpl(categoryFilter, adapterIdFilter, identityFilter)); } -StringFilterManagerPtr -ClientBlobject::categoryFilter() +StringSetPtr +ClientBlobject::categories() { - return _impl->categoryFilter(); + return _impl->categories(); } -StringFilterManagerPtr -ClientBlobject::adapterIdFilter() +StringSetPtr +ClientBlobject::adapterIds() { - return _impl->adapterIdFilter(); + return _impl->adapterIds(); } -IdentityFilterManagerPtr -ClientBlobject::identityFilter() +IdentitySetPtr +ClientBlobject::identities() { - return _impl->identityFilter(); + return _impl->identities(); } diff --git a/cpp/src/Glacier2/ClientBlobject.h b/cpp/src/Glacier2/ClientBlobject.h index b4581359f8c..728ec59111c 100644 --- a/cpp/src/Glacier2/ClientBlobject.h +++ b/cpp/src/Glacier2/ClientBlobject.h @@ -37,9 +37,9 @@ public: static ClientBlobjectPtr create(const Ice::CommunicatorPtr&, const std::string&); - StringFilterManagerPtr categoryFilter(); - StringFilterManagerPtr adapterIdFilter(); - IdentityFilterManagerPtr identityFilter(); + StringSetPtr categories(); + StringSetPtr adapterIds(); + IdentitySetPtr identities(); private: const RoutingTablePtr _routingTable; diff --git a/cpp/src/Glacier2/FilterI.h b/cpp/src/Glacier2/FilterI.h index 85e96e21444..0245c5cf2a2 100755 --- a/cpp/src/Glacier2/FilterI.h +++ b/cpp/src/Glacier2/FilterI.h @@ -19,7 +19,7 @@ namespace Glacier2 { -template <typename T, class P, class AlreadyExists, class DoesNotExist> +template <typename T, class P> class FilterT : public P, public IceUtil::Monitor<IceUtil::Mutex> { public: @@ -32,25 +32,13 @@ public: typedef typename std::vector<T>::iterator iterator; typedef typename std::list<iterator>::iterator literator; - FilterT(const std::vector<T>&, const std::vector<T>&, const bool); + FilterT(const std::vector<T>&); // // Slice to C++ mapping. // - virtual void addAccept(const std::vector<T>&, const Ice::Current&); - virtual void removeAccept(const std::vector<T>&, const Ice::Current&); - - virtual void setAccept(const std::vector<T>&, const Ice::Current&); - virtual std::vector<T> getAccept(const Ice::Current&) const; - - virtual void addReject(const std::vector<T>&, const Ice::Current&); - virtual void removeReject(const std::vector<T>&, const Ice::Current&); - - virtual void setReject(const std::vector<T>&, const Ice::Current&); - virtual std::vector<T> getReject(const Ice::Current&) const; - - virtual bool getAcceptOverride(const Ice::Current&) const; - virtual void setAcceptOverride(bool value, const Ice::Current&); + virtual void add(const std::vector<T>&, const Ice::Current&); + virtual void remove(const std::vector<T>&, const Ice::Current&); // // Internal functions. @@ -62,267 +50,123 @@ public: // // Empty vectors mean no filtering, so all matches will succeed. // - if(_accept.size() == 0 && _reject.size() == 0) + if(_items.size() == 0) { return true; } - bool result; - - if(_reject.size() == 0) - { - // - // No reject filters, treat mode as default reject. - // - result = binary_search(_accept.begin(), _accept.end(), candidate); - } - else if(_accept.size() == 0) - { - // - // No accept filters, treat mode as default accept. - // - result = !binary_search(_reject.begin(), _reject.end(), candidate); - } - else - { - // - // We have both accept and reject filters. We need to consider - // the _acceptOverride flag. - // - if(_acceptOverride) - { - result = !binary_search(_reject.begin(), _reject.end(), candidate); - if(!result) - { - result = binary_search(_accept.begin(), _accept.end(), candidate); - } - } - else - { - result = binary_search(_accept.begin(), _accept.end(), candidate); - if(result) - { - result = !binary_search(_reject.begin(), _reject.end(), candidate); - } - - } - } - return result; - } - -private: - - std::vector<T> _accept; - std::vector<T> _reject; - bool _acceptOverride; - - void - addImpl(std::vector<T>& dest, const std::vector<T>& additions) - { - // - // Sort the filter elements first, erasing duplicates. Then we can - // simply use the STL merge algorithm to add to our list of filters. - // - std::vector<T> newItems(additions); - sort(newItems.begin(), newItems.end()); - newItems.erase(unique(newItems.begin(), newItems.end()), newItems.end()); - - IceUtil::Monitor<IceUtil::Mutex>::Lock lock(*this); - std::vector<T> merged(dest.size() + newItems.size()); - merge(newItems.begin(), newItems.end(), dest.begin(), dest.end(), merged.begin()); - iterator split = unique(merged.begin(), merged.end()); - if(split != merged.end()) - { - AlreadyExists e; - copy(split, merged.end(), e.duplicates.begin()); - throw e; - } - swap(dest, merged); + return binary_search(_items.begin(), _items.end(), candidate); } - void - removeImpl(std::vector<T>& dest, const std::vector<T>& deletions) + bool + empty() const { - // - // Our removal algorithm depends on the filter elements to be - // removed to be sorted in the same order as our current elements. - // - std::vector<T> toRemove(dest); - sort(toRemove.begin(), toRemove.end()); - toRemove.erase(unique(toRemove.begin(), toRemove.end()), toRemove.end()); - - IceUtil::Monitor<IceUtil::Mutex>::Lock lock(*this); - - // - // Our vectors are both sorted, so if we keep track of our first - // match between the current set and the set of items to be removed, - // we do not need to traverse the whole of the current set each - // time. We also use a list of deletions instead of erasing things - // itemwise. - // - - // - // The presence of the 'typename' is a GCC specific workaround. The - // iterator types apparently resolve to a 'void' in GCC type - // causing compiler errors. - // - const_iterator r = toRemove.begin(); - iterator mark = dest.begin(); - std::list<iterator> deleteList; - std::vector<T> notFound; - - while(r != toRemove.end()) - { - iterator i = mark; - bool found = false; - while(i != dest.end() && r != toRemove.end()) - { - if(*r == *i) - { - // - // We want this list to be in LIFO order because we are - // going to erase things from the tail forward. - // - deleteList.push_front(i); - ++i; - ++r; - mark = i; - found = true; - } - else - { - ++i; - } - } - - // - // If we didn't find the entry in our list of constraints, - // store it and move on. We want the complete list of - // constraints that weren't found to give a meaningful - // exception. - // - if(!found) - { - notFound.push_back(*r); - } - - if(r == toRemove.end()) - { - break; - } - ++r; - } - - if(notFound.size() > 0) - { - DoesNotExist e; - e.missing = notFound; - throw e; - } - - for(literator i = deleteList.begin(); i != deleteList.end(); ++i) - { - dest.erase(*i); - } + return _items.size() == 0; } + +private: + + std::vector<T> _items; }; -template<class T, class P, class AlreadyExists, class DoesNotExist> -FilterT<T, P, AlreadyExists, DoesNotExist>::FilterT(const std::vector<T>& accept, const std::vector<T>& reject, const bool acceptOverride): - _accept(accept), - _reject(reject), - _acceptOverride(acceptOverride) +template<class T, class P> +FilterT<T, P>::FilterT(const std::vector<T>& accept): + _items(accept) { - sort(_accept.begin(), _accept.end()); - _accept.erase(unique(_accept.begin(), _accept.end()), _accept.end()); - sort(_reject.begin(), _reject.end()); - _reject.erase(unique(_reject.begin(), _reject.end()), _reject.end()); + sort(_items.begin(), _items.end()); + _items.erase(unique(_items.begin(), _items.end()), _items.end()); } -template<class T, class P, class AlreadyExists, class DoesNotExist> void -FilterT<T, P, AlreadyExists, DoesNotExist>::addAccept(const std::vector<T>& additions, const Ice::Current&) +template<class T, class P> void +FilterT<T, P>::add(const std::vector<T>& additions, const Ice::Current&) { - addImpl(_accept, additions); -} - -template<class T, class P, class AlreadyExists, class DoesNotExist> void -FilterT<T, P, AlreadyExists, DoesNotExist>::removeAccept(const std::vector<T>& deletions, const Ice::Current&) -{ - removeImpl(_accept, deletions); -} - -template<class T, class P, class AlreadyExists, class DoesNotExist> void -FilterT<T, P, AlreadyExists, DoesNotExist>::setAccept(const std::vector<T>& filterElements, const Ice::Current&) -{ - std::vector<T> newItems(filterElements); + // + // Sort the filter elements first, erasing duplicates. Then we can + // simply use the STL merge algorithm to add to our list of filters. + // + std::vector<T> newItems(additions); sort(newItems.begin(), newItems.end()); newItems.erase(unique(newItems.begin(), newItems.end()), newItems.end()); - IceUtil::Monitor<IceUtil::Mutex>::Lock lock(*this); - swap(newItems, _accept); -} -template<class T, class P, class AlreadyExists, class DoesNotExist> std::vector<T> -FilterT<T, P, AlreadyExists, DoesNotExist>::getAccept(const Ice::Current&) const -{ IceUtil::Monitor<IceUtil::Mutex>::Lock lock(*this); - return _accept; + std::vector<T> merged(_items.size() + newItems.size()); + merge(newItems.begin(), newItems.end(), _items.begin(), _items.end(), merged.begin()); + merged.erase(unique(merged.begin(), merged.end()), merged.end()); + swap(_items, merged); } -template<class T, class P, class AlreadyExists, class DoesNotExist> void -FilterT<T, P, AlreadyExists, DoesNotExist>::addReject(const std::vector<T>& additions, const Ice::Current&) +template<class T, class P> void +FilterT<T, P>::remove(const std::vector<T>& deletions, const Ice::Current&) { - addImpl(_reject, additions); -} - -template<class T, class P, class AlreadyExists, class DoesNotExist> void -FilterT<T, P, AlreadyExists, DoesNotExist>::removeReject(const std::vector<T>& deletions, const Ice::Current&) -{ - removeImpl(_reject, deletions); -} + // + // Our removal algorithm depends on the filter elements to be + // removed to be sorted in the same order as our current elements. + // + std::vector<T> toRemove(deletions); + sort(toRemove.begin(), toRemove.end()); + toRemove.erase(unique(toRemove.begin(), toRemove.end()), toRemove.end()); -template<class T, class P, class AlreadyExists, class DoesNotExist> void -FilterT<T, P, AlreadyExists, DoesNotExist>::setReject(const std::vector<T>& filterElements, const Ice::Current&) -{ - std::vector<T> newItems(filterElements); - sort(newItems.begin(), newItems.end()); - newItems.erase(unique(newItems.begin(), newItems.end()), newItems.end()); IceUtil::Monitor<IceUtil::Mutex>::Lock lock(*this); - swap(newItems, _reject); -} -template<class T, class P, class AlreadyExists, class DoesNotExist> std::vector<T> -FilterT<T, P, AlreadyExists, DoesNotExist>::getReject(const Ice::Current&) const -{ - IceUtil::Monitor<IceUtil::Mutex>::Lock lock(*this); - return _reject; -} + // + // Our vectors are both sorted, so if we keep track of our first + // match between the current set and the set of items to be removed, + // we do not need to traverse the whole of the current set each + // time. We also use a list of deletions instead of erasing things + // itemwise. + // -template<class T, class P, class AlreadyExists, class DoesNotExist> bool -FilterT<T, P, AlreadyExists, DoesNotExist>::getAcceptOverride(const Ice::Current&) const -{ - IceUtil::Monitor<IceUtil::Mutex>::Lock lock(*this); - return _acceptOverride; -} + // + // The presence of the 'typename' is a GCC specific workaround. The + // iterator types apparently resolve to a 'void' in GCC type + // causing compiler errors. + // + const_iterator r = toRemove.begin(); + iterator mark = _items.begin(); + std::list<iterator> deleteList; + + while(r != toRemove.end()) + { + iterator i = mark; + bool found = false; + while(i != _items.end() && r != toRemove.end()) + { + if(*r == *i) + { + // + // We want this list to be in LIFO order because we are + // going to erase things from the tail forward. + // + deleteList.push_front(i); + ++i; + ++r; + mark = i; + found = true; + } + else + { + ++i; + } + } -template<class T, class P, class AlreadyExists, class DoesNotExist> void -FilterT<T, P, AlreadyExists, DoesNotExist>::setAcceptOverride(bool value, const Ice::Current&) -{ - IceUtil::Monitor<IceUtil::Mutex>::Lock lock(*this); - _acceptOverride = value; -} + if(r == toRemove.end()) + { + break; + } + ++r; + } -typedef FilterT<Ice::Identity, Glacier2::IdentityFilterManager, Glacier2::DuplicateIdentityConstraintsException, - Glacier2::IdentityConstraintsDoNotExistException> IdentityFilterManagerI; -typedef IceUtil::Handle< FilterT<Ice::Identity, Glacier2::IdentityFilterManager, - Glacier2::DuplicateIdentityConstraintsException, - Glacier2::IdentityConstraintsDoNotExistException> > IdentityFilterManagerIPtr; + for(literator i = deleteList.begin(); i != deleteList.end(); ++i) + { + _items.erase(*i); + } +} -typedef FilterT<std::string, Glacier2::StringFilterManager, Glacier2::DuplicateStringConstraintsException, - Glacier2::StringConstraintsDoNotExistException> StringFilterManagerI; -typedef IceUtil::Handle< FilterT<std::string, Glacier2::StringFilterManager, - Glacier2::DuplicateStringConstraintsException, - Glacier2::StringConstraintsDoNotExistException> > StringFilterManagerIPtr; +typedef FilterT<Ice::Identity, Glacier2::IdentitySet> IdentitySetI; +typedef IceUtil::Handle< FilterT<Ice::Identity, Glacier2::IdentitySet> > IdentitySetIPtr; +typedef FilterT<std::string, Glacier2::StringSet> StringSetI; +typedef IceUtil::Handle< FilterT<std::string, Glacier2::StringSet> > StringSetIPtr; }; diff --git a/cpp/src/Glacier2/ProxyVerifier.cpp b/cpp/src/Glacier2/ProxyVerifier.cpp index e40124d46d2..e9204595f46 100644 --- a/cpp/src/Glacier2/ProxyVerifier.cpp +++ b/cpp/src/Glacier2/ProxyVerifier.cpp @@ -119,6 +119,22 @@ public: virtual const char* toString() const = 0; }; +class MatchesAny : public AddressMatcher +{ +public: + bool + match(const string&, string::size_type&) + { + return true; + } + + const char* + toString() const + { + return "(ANY)"; + } +}; + // // Match the start of a string (i.e. position == 0). Occurs when filter // string starts with a set of characters followed by a wildcard or @@ -145,7 +161,7 @@ public: return result; } - virtual const char* + const char* toString() const { return _description.c_str(); @@ -420,6 +436,7 @@ public: } }; + // // AddressMatcher factories abstract away the logic of which matching // objects need to be created depending on the state of the filter @@ -685,73 +702,84 @@ parseProperty(const string& property, vector<ProxyRule*>& rules) bool inGroup = false; AddressMatcherFactory* currentFactory = &startsWithFactory; - for(current = 0; current < addr.size(); ++current) + if(addr == "*") { - if(addr[current] == '*') + // + // Special case. Match everything. + // + currentRuleSet.push_back(new MatchesAny); + allRules.push_back(new AddressRule(currentRuleSet, portMatch)); + } + else + { + for(current = 0; current < addr.size(); ++current) { - if(inGroup) + if(addr[current] == '*') { - InitializationException ex(__FILE__, __LINE__); - ex.reason = "wildcards not permitted in groups"; - throw ex; + if(inGroup) + { + InitializationException ex(__FILE__, __LINE__); + ex.reason = "wildcards not permitted in groups"; + throw ex; + } + // + // current == mark when the wildcard is at the head of a + // string or directly after a group. + // + if(current != mark) + { + currentRuleSet.push_back(currentFactory->create(addr.substr(mark, current-mark))); + } + currentFactory = &wildCardFactory; + mark = current + 1; } - // - // current == mark when the wildcard is at the head of a - // string or directly after a group. - // - if(current != mark) + else if(addr[current] == '[') { - currentRuleSet.push_back(currentFactory->create(addr.substr(mark, current-mark))); + // ??? what does it mean if current == mark? + if(current != mark) + { + currentRuleSet.push_back(currentFactory->create(addr.substr(mark, current-mark))); + currentFactory = &followingFactory; + } + inGroup = true; + mark = current + 1; } - currentFactory = &wildCardFactory; - mark = current + 1; - } - else if(addr[current] == '[') - { - // ??? what does it mean if current == mark? - if(current != mark) + else if(addr[current] == ']') { - currentRuleSet.push_back(currentFactory->create(addr.substr(mark, current-mark))); + if(!inGroup) + { + InitializationException ex(__FILE__, __LINE__); + ex.reason = "group close without group start"; + throw ex; + } + inGroup = false; + if(mark == current) + { + InitializationException ex(__FILE__, __LINE__); + ex.reason = "empty group"; + throw ex; + } + string group = addr.substr(mark, current - mark); + vector<int> numbers; + vector<Range> ranges; + parseGroup(group, numbers, ranges); + currentRuleSet.push_back(currentFactory->create(numbers, ranges)); currentFactory = &followingFactory; + mark = current + 1; } - inGroup = true; - mark = current + 1; } - else if(addr[current] == ']') + currentFactory = &endsWithFactory; + + if(inGroup) { - if(!inGroup) - { - InitializationException ex(__FILE__, __LINE__); - ex.reason = "group close without group start"; - throw ex; - } - inGroup = false; - if(mark == current) - { - InitializationException ex(__FILE__, __LINE__); - ex.reason = "empty group"; - throw ex; - } - string group = addr.substr(mark, current - mark); - vector<int> numbers; - vector<Range> ranges; - parseGroup(group, numbers, ranges); - currentRuleSet.push_back(currentFactory->create(numbers, ranges)); - currentFactory = &followingFactory; - mark = current + 1; + InitializationException ex(__FILE__, __LINE__); + ex.reason = "unclosed group"; + throw ex; + } + if(mark != current) + { + currentRuleSet.push_back(currentFactory->create(addr.substr(mark, current - mark))); } - } - currentFactory = &endsWithFactory; - - if(inGroup) - { - InitializationException ex(__FILE__, __LINE__); - ex.reason = "unclosed group"; - throw ex; - } - if(mark != current) - { - currentRuleSet.push_back(currentFactory->create(addr.substr(mark, current - mark))); } allRules.push_back(new AddressRule(currentRuleSet, portMatch)); } diff --git a/cpp/src/Glacier2/SessionRouterI.cpp b/cpp/src/Glacier2/SessionRouterI.cpp index 9fdeeed882d..ad1e21eca51 100644 --- a/cpp/src/Glacier2/SessionRouterI.cpp +++ b/cpp/src/Glacier2/SessionRouterI.cpp @@ -30,32 +30,32 @@ class SessionControlI : public SessionControl public: SessionControlI(const SessionRouterIPtr& sessionRouter, const ConnectionPtr& connection, - const StringFilterManagerPrx& categoryFilter, const StringFilterManagerPrx& adapterIdFilter, - const IdentityFilterManagerPrx& identityFilter) : + const StringSetPrx& categories, const StringSetPrx& adapterIds, + const IdentitySetPrx& identities) : _sessionRouter(sessionRouter), _connection(connection), - _categoryFilter(categoryFilter), - _identityFilter(identityFilter), - _adapterIdFilter(adapterIdFilter) + _categories(categories), + _identities(identities), + _adapterIds(adapterIds) { } - virtual StringFilterManagerPrx - categoryFilter(const Current& current) + virtual StringSetPrx + categories(const Current& current) { - return _categoryFilter; + return _categories; } - virtual StringFilterManagerPrx - adapterIdFilter(const Current& current) + virtual StringSetPrx + adapterIds(const Current& current) { - return _adapterIdFilter; + return _adapterIds; } - virtual IdentityFilterManagerPrx - identityFilter(const Current& current) + virtual IdentitySetPrx + identities(const Current& current) { - return _identityFilter; + return _identities; } virtual void @@ -68,9 +68,9 @@ private: const SessionRouterIPtr _sessionRouter; const ConnectionPtr _connection; - const StringFilterManagerPrx _categoryFilter; - const IdentityFilterManagerPrx _identityFilter; - const StringFilterManagerPrx _adapterIdFilter; + const StringSetPrx _categories; + const IdentitySetPrx _identities; + const StringSetPrx _adapterIds; }; class ClientLocator : public ServantLocator @@ -836,14 +836,14 @@ Glacier2::SessionRouterI::createSessionInternal(const string& userId, bool allow SessionControlPrx control; if(_adminAdapter) { - StringFilterManagerPrx catFilterPrx = StringFilterManagerPrx::uncheckedCast( - _adminAdapter->addWithUUID(clientBlobject->categoryFilter())); + StringSetPrx catFilterPrx = StringSetPrx::uncheckedCast( + _adminAdapter->addWithUUID(clientBlobject->categories())); categoryFilterId = catFilterPrx->ice_getIdentity(); - StringFilterManagerPrx adapterFilterPrx = StringFilterManagerPrx::uncheckedCast( - _adminAdapter->addWithUUID(clientBlobject->adapterIdFilter())); + StringSetPrx adapterFilterPrx = StringSetPrx::uncheckedCast( + _adminAdapter->addWithUUID(clientBlobject->adapterIds())); adapterIdFilterId = adapterFilterPrx->ice_getIdentity(); - IdentityFilterManagerPrx idFilterPrx = IdentityFilterManagerPrx::uncheckedCast( - _adminAdapter->addWithUUID(clientBlobject->identityFilter())); + IdentitySetPrx idFilterPrx = IdentitySetPrx::uncheckedCast( + _adminAdapter->addWithUUID(clientBlobject->identities())); identityFilterId = idFilterPrx->ice_getIdentity(); control = SessionControlPrx::uncheckedCast( diff --git a/cpp/src/Ice/PropertyNames.cpp b/cpp/src/Ice/PropertyNames.cpp index 562920e8f0f..582639e77ee 100644 --- a/cpp/src/Ice/PropertyNames.cpp +++ b/cpp/src/Ice/PropertyNames.cpp @@ -7,7 +7,7 @@ // // ********************************************************************** -// Generated by makeprops.py from file `../config/PropertyNames.def', Fri Jun 2 14:16:34 2006 +// Generated by makeprops.py from file `../config/PropertyNames.def', Mon Jun 5 13:25:31 2006 // IMPORTANT: Do not edit this file -- any edits made here will be lost! @@ -300,11 +300,8 @@ const char* IceInternal::PropertyNames::Glacier2Props[] = "Glacier2.Filter.Address.AcceptOverride", "Glacier2.Filter.MaxProxyLength", "Glacier2.Filter.Category.Accept", - "Glacier2.Filter.Category.Reject", - "Glacier2.Filter.Category.AcceptOverride", "Glacier2.Filter.AdapterId.Accept", - "Glacier2.Filter.AdapterId.Reject", - "Glacier2.Filter.AdapterId.AcceptOverride", + "Glacier2.Filter.Identity.Accept", "Glacier2.CryptPasswords", "Glacier2.InstanceName", "Glacier2.PermissionsVerifier", diff --git a/cpp/src/Ice/PropertyNames.h b/cpp/src/Ice/PropertyNames.h index ee61f4a50b8..2bb8111c320 100644 --- a/cpp/src/Ice/PropertyNames.h +++ b/cpp/src/Ice/PropertyNames.h @@ -7,7 +7,7 @@ // // ********************************************************************** -// Generated by makeprops.py from file `../config/PropertyNames.def', Fri Jun 2 14:16:34 2006 +// Generated by makeprops.py from file `../config/PropertyNames.def', Mon Jun 5 13:25:31 2006 // IMPORTANT: Do not edit this file -- any edits made here will be lost! diff --git a/cpp/src/IceGrid/ObjectCache.cpp b/cpp/src/IceGrid/ObjectCache.cpp index 65cb547315e..29132c8c221 100644 --- a/cpp/src/IceGrid/ObjectCache.cpp +++ b/cpp/src/IceGrid/ObjectCache.cpp @@ -372,7 +372,7 @@ ObjectEntry::allocated(const SessionIPtr& session) { Ice::IdentitySeq seq(1); seq.push_back(_info.proxy->ice_getIdentity()); - ctl->identityFilter()->addAccept(seq); + ctl->identities()->add(seq); } catch(const Ice::ObjectNotExistException&) { @@ -395,7 +395,7 @@ ObjectEntry::released(const SessionIPtr& session) { Ice::IdentitySeq seq(1); seq.push_back(_info.proxy->ice_getIdentity()); - ctl->identityFilter()->removeAccept(seq); + ctl->identities()->remove(seq); } catch(const Ice::ObjectNotExistException&) { diff --git a/cpp/src/IceGrid/ServerCache.cpp b/cpp/src/IceGrid/ServerCache.cpp index 2d3f969845d..9a4aa545d95 100644 --- a/cpp/src/IceGrid/ServerCache.cpp +++ b/cpp/src/IceGrid/ServerCache.cpp @@ -814,7 +814,7 @@ ServerEntry::allocated(const SessionIPtr& session) { seq.push_back(p->first); } - ctl->adapterIdFilter()->addAccept(seq); + ctl->adapterIds()->add(seq); } catch(const Ice::ObjectNotExistException&) { @@ -855,7 +855,7 @@ ServerEntry::released(const SessionIPtr& session) { seq.push_back(p->first); } - ctl->adapterIdFilter()->removeAccept(seq); + ctl->adapterIds()->remove(seq); } catch(const Ice::ObjectNotExistException&) { diff --git a/cpp/src/IceGrid/SessionI.cpp b/cpp/src/IceGrid/SessionI.cpp index d765d1c7ac3..068ec868515 100644 --- a/cpp/src/IceGrid/SessionI.cpp +++ b/cpp/src/IceGrid/SessionI.cpp @@ -319,7 +319,7 @@ ClientSessionManagerI::create(const string& user, const Glacier2::SessionControl id.name = "Registry"; ids.push_back(id); ids.push_back(s->ice_getIdentity()); - ctl->identityFilter()->addAccept(ids); + ctl->identities()->add(ids); } catch(const Ice::LocalException&) { @@ -385,7 +385,7 @@ ClientSSLSessionManagerI::create(const Glacier2::SSLInfo& info, const Glacier2:: id.name = "Registry"; ids.push_back(id); ids.push_back(s->ice_getIdentity()); - ctl->identityFilter()->addAccept(ids); + ctl->identities()->add(ids); } catch(const Ice::LocalException&) { |