endpoint_sec/event/event_od_attribute_value_add.rs
1//! [`EventOdAttributeValueAdd`]
2
3use std::ffi::OsStr;
4
5use endpoint_sec_sys::{es_event_od_attribute_value_add_t, es_od_record_type_t};
6
7use crate::{AuditToken, Process};
8
9/// Notification that an attribute value was added to a record.
10///
11/// Attributes conceptually have the type `Map String (Set String)`.
12/// Each OD record has a Map of attribute name to Set of attribute value.
13/// When an attribute value is added, it is inserted into the set of values for that name.
14#[doc(alias = "es_event_od_attribute_value_add_t")]
15pub struct EventOdAttributeValueAdd<'a> {
16 /// The raw reference.
17 pub(crate) raw: &'a es_event_od_attribute_value_add_t,
18 /// The version of the message.
19 pub(crate) version: u32,
20}
21
22impl<'a> EventOdAttributeValueAdd<'a> {
23 /// Process that instigated operation (XPC caller).
24 #[inline(always)]
25 pub fn instigator(&self) -> Option<Process<'a>> {
26 // Safety: 'a tied to self, object obtained through ES
27 let process = unsafe { self.raw.instigator()? };
28 Some(Process::new(process, self.version))
29 }
30
31 /// Audit token of the process that instigated this event.
32 pub fn instigator_token(&self) -> AuditToken {
33 #[cfg(feature = "macos_15_0_0")]
34 if self.version >= 8 {
35 return AuditToken(self.raw.instigator_token);
36 }
37
38 // On old versions, the process was always non-null, and we can get
39 // its token easily.
40 self.instigator().unwrap().audit_token()
41 }
42
43 /// Result code for the operation.
44 #[inline(always)]
45 pub fn error_code(&self) -> i32 {
46 self.raw.error_code
47 }
48 /// The type of the record to which the attribute value was added.
49 #[inline(always)]
50 pub fn record_type(&self) -> es_od_record_type_t {
51 self.raw.record_type
52 }
53
54 /// The name of the record to which the attribute value was added.
55 #[inline(always)]
56 pub fn record_name(&self) -> &'a OsStr {
57 // Safety: 'a tied to self, object obtained through ES
58 unsafe { self.raw.record_name.as_os_str() }
59 }
60
61 /// The name of the attribute to which the value was added.
62 #[inline(always)]
63 pub fn attribute_name(&self) -> &'a OsStr {
64 // Safety: 'a tied to self, object obtained through ES
65 unsafe { self.raw.attribute_name.as_os_str() }
66 }
67
68 /// The value that was added.
69 #[inline(always)]
70 pub fn attribute_value(&self) -> &'a OsStr {
71 // Safety: 'a tied to self, object obtained through ES
72 unsafe { self.raw.attribute_value.as_os_str() }
73 }
74
75 /// OD node being mutated.
76 ///
77 /// Typically one of "/Local/Default", "/LDAPv3/<server>" or "/Active Directory/<domain>".
78 #[inline(always)]
79 pub fn node_name(&self) -> &'a OsStr {
80 // Safety: 'a tied to self, object obtained through ES
81 unsafe { self.raw.node_name.as_os_str() }
82 }
83
84 /// Optional. If node_name is "/Local/Default", this is, the path of the database against which
85 /// OD is authenticating.
86 #[inline(always)]
87 pub fn db_path(&self) -> Option<&'a OsStr> {
88 if self.node_name() == OsStr::new("/Local/Default") {
89 // Safety: 'a tied to self, object obtained through ES
90 Some(unsafe { self.raw.db_path.as_os_str() })
91 } else {
92 None
93 }
94 }
95}
96
97// Safety: safe to send across threads: does not contain any interior mutability nor depend on current thread state
98unsafe impl Send for EventOdAttributeValueAdd<'_> {}
99// Safety: safe to share across threads: does not contain any interior mutability nor depend on current thread state
100unsafe impl Sync for EventOdAttributeValueAdd<'_> {}
101
102impl_debug_eq_hash_with_functions!(EventOdAttributeValueAdd<'a> with version; instigator, instigator_token, error_code, record_type, record_name, attribute_name, attribute_value, node_name, db_path);