e744336385
C-6: ConnectorRuntime enforces capability_mask per operation.
READ-only ACs cannot invoke MUTATE operations (wipe, lock, retire).
C-7: AC validated against database (exists, active, not expired)
before connector invocation.
C-9: Delegated AC capability bounded by delegator's capability.
C-10: Command counter uses atomic SQL increment with limit check.
M-23: expire_stale() uses same atomic SQL pattern.
H-1: Sensitive credential fields hidden from repr/logs via repr=False.
H-2: Stub backend requires ALLOW_STUB_CREDENTIALS=true to activate.
H-3: Kerberos backend raises CredentialResolutionError instead of
returning stub ticket.
H-4: Chronicle INTENT emitted before execution, RESULT after.
H-5: device_id validated as UUID before Graph API URL interpolation.
H-8: ConnectorRuntime enforces governance for all connector invocations.
Signed-off-by: Tyler King <tking@guildhouse.dev>
31 lines
867 B
C++
31 lines
867 B
C++
#ifndef GREENLET_THREAD_SUPPORT_HPP
|
|
#define GREENLET_THREAD_SUPPORT_HPP
|
|
|
|
/**
|
|
* Defines various utility functions to help greenlet integrate well
|
|
* with threads. This used to be needed when we supported Python
|
|
* 2.7 on Windows, which used a very old compiler. We wrote an
|
|
* alternative implementation using Python APIs and POSIX or Windows
|
|
* APIs, but that's no longer needed. So this file is a shadow of its
|
|
* former self --- but may be needed in the future.
|
|
*/
|
|
|
|
#include <stdexcept>
|
|
#include <thread>
|
|
#include <mutex>
|
|
|
|
#include "greenlet_compiler_compat.hpp"
|
|
|
|
namespace greenlet {
|
|
typedef std::mutex Mutex;
|
|
typedef std::lock_guard<Mutex> LockGuard;
|
|
class LockInitError : public std::runtime_error
|
|
{
|
|
public:
|
|
LockInitError(const char* what) : std::runtime_error(what)
|
|
{};
|
|
};
|
|
};
|
|
|
|
|
|
#endif /* GREENLET_THREAD_SUPPORT_HPP */
|