ICFS/src/temp_permissions_table.h

/*
  ICFS: Interactively Controlled File System
  Copyright (C) 2024-2025  Fedir Kovalov

  This program can be distributed under the terms of the GNU GPLv2.
  See the file LICENSE.
*/

#ifndef TEMP_PERMISSIONS_TABLE_H
#define TEMP_PERMISSIONS_TABLE_H

#include "access_t.h"
#include "process_info.h"
#include "set_mode_t.h"

/**
 * Initializes the temporary permissions table.
 *
 * @return: 0 on success, -1 on failure (e.g. ENOMEM)
 */
int init_temp_permissions_table(void);

/**
 * Starts the temporary permissions table garbage_collector.
 *
 * @return: 0 on success, -1 on failure (e.g. ENOMEM)
 */
int init_garbage_collector(void);

/**
 * Destroys the temporary permissions table.
 *
 * @note: the table is guranteed to be destroyed if it is already initialized.
 * It does not indicate any errors whatsoever. If something goes wrong - you are
 * screwed.
 */
void destroy_temp_permissions_table(void);

/**
 * Checks if the process or any of it's parents have temporary access to the
 * file.
 *
 * @param filename: The file that the process is trying to access
 * @param pi: The process information
 * @return: access status - ALLOW, DENY or NDEF in case if no information was
 * found. Does not return ALLOW_TEMP.
 * @note: In case one of the parent processes is killed while this function
 * execution the result is not guranteed to be correct. It should only lead to
 * false negatives, though.
 */
access_t check_temp_access(const char *filename, struct process_info pi);

/**
 * Sets temporary access mode of the process to the file.
 *
 * @param filename: The file that the process is trying to access
 * @param pi: The process information
 * @param mode: Kind of access rule to be set - SET_DENY to deny access, and
 * SET_ALLOW to allow access.
 * @return: 0 on success, -1 on failure.
 */
int set_temp_access(const char *filename, struct process_info pi,
                    set_mode_t mode);

#endif // !TEMP_PERMISSIONS_TABLE_H