1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
// **********************************************************************
//
// Copyright (c) 2003-2017 ZeroC, Inc. All rights reserved.
//
// This copy of Ice is licensed to you under the terms described in the
// ICE_LICENSE file included in this distribution.
//
// **********************************************************************
#pragma once
[["cpp:header-ext:h", "objc:header-dir:objc", "js:ice-build"]]
[["cpp:include:Glacier2/Config.h"]]
#include <Glacier2/SSLInfo.ice>
["objc:prefix:GLACIER2"]
module Glacier2
{
/**
*
* This exception is raised if a client is denied the ability to create
* a session with the router.
*
**/
["preserve-slice"]
exception PermissionDeniedException
{
/**
*
* The reason why permission was denied.
*
**/
string reason;
};
/**
*
* The Glacier2 permissions verifier. This is called through the
* process of establishing a session.
*
* @see Router
*
**/
interface PermissionsVerifier
{
/**
*
* Check whether a user has permission to access the router.
*
* @param userId The user id for which to check permission.
*
* @param password The user's password.
*
* @param reason The reason why access was denied.
*
* @return True if access is granted, or false otherwise.
*
* @throws PermissionDeniedException Raised if the user access is
* denied. This can be raised in place of returning false with a
* reason set in the reason out parameter.
*
**/
["nonmutating", "cpp:const", "format:sliced"]
idempotent bool checkPermissions(string userId, string password, out string reason)
throws PermissionDeniedException;
};
/**
*
* The SSL Glacier2 permissions verifier. This is called through the
* process of establishing a session.
*
* @see Router
*
**/
interface SSLPermissionsVerifier
{
/**
*
* Check whether a user has permission to access the router.
*
* @param info The SSL information.
*
* @param reason The reason why access was denied.
*
* @return True if access is granted, or false otherwise.
*
* @throws PermissionDeniedException Raised if the user access is
* denied. This can be raised in place of returning false with a
* reason set in the reason out parameter.
*
* @see SSLInfo
*
**/
["nonmutating", "cpp:const", "format:sliced"]
idempotent bool authorize(SSLInfo info, out string reason)
throws PermissionDeniedException;
};
};
|
