[prev in list] [next in list] [prev in thread] [next in thread]
List: midgard-dev
Subject: [midgard-dev] cvs: /midgard-2.0/lib acl.c midgard.h
From: emiliano <midgard-dev () greywolves ! org>
Date: 2000-01-11 14:04:59
[Download RAW message or body]
emiliano Tue Jan 11 16:04:59 2000 EDT
Modified files:
/midgard-2.0/lib acl.c midgard.h
Log:
I used entity as both type and ID. Separated into entitytype and entityid.
Index: midgard-2.0/lib/acl.c
diff -u midgard-2.0/lib/acl.c:1.5 midgard-2.0/lib/acl.c:1.6
--- midgard-2.0/lib/acl.c:1.5 Tue Jan 4 17:35:32 2000
+++ midgard-2.0/lib/acl.c Tue Jan 4 18:44:42 2000
@@ -162,7 +162,7 @@
#define ACL_PARENT_FILE -3
#define ACL_PARENT_ARTICLE -2
#define ACL_PARENT_NONE -1
-#define ACL_TABLE_TOPIC 12 /* make sure this matches _acl_tables ! */
+#define ACL_TABLE_TOPIC 12 /* make sure this matches acl_tables ! */
/* This table is constructed by hand. Make sure the parent matches! */
typedef struct {
@@ -243,12 +243,12 @@
{
MidgardAclObject aclobject;
- aclobject->record = record;
- aclobject->table = acl_lookup_table(record.table);
+ aclobject.record = record;
+ aclobject.table = acl_lookup_table(record->table);
- if (aclobject->table == NULL) return FALSE;
+ if (aclobject.table == NULL) return FALSE;
- return acl_get_parent(midgard, aclobject, aclobject->table);
+ return acl_get_parent(midgard, &aclobject, aclobject.table);
}
static int acl_lookup_table(MidgardTable* table)
@@ -289,8 +289,8 @@
midgard_sql_init(midgard);
midgard_set_sql_int(access);
- midgard_set_sql_id(acl->record.id);
- midgard_set_sql_string(acl->record.table->name);
+ midgard_set_sql_id(acl->record->id);
+ midgard_set_sql_string(acl->record->table->name);
midgard_set_sql_int(scope);
midgard_set_sql_int(is_afa);
midgard_set_sql_id(midgard->user);
@@ -298,7 +298,7 @@
midgard_set_sql_id(midgard->user);
midgard_set_sql_id(midgard->user);
- rv = midgard_sql_get(midgard, _acl_tables[object->table].acl, ...)
+ rv = midgard_sql_get(midgard, acl_tables[object->table].acl, ...)
if (rv == MIDGARD_ERROR) grant = MIDGARD_ACL_GRANT_MU;
else grant = midgard_sql_get_int(0);
@@ -317,26 +317,27 @@
/* the ID is null, so we're trying once more for the original
table root, unless we've allready tried that
*/
- if (midgard_id_is_null(object->record.id))
+ if (midgard_id_is_null(object->record->id))
{
if (object->table == root_table) return FALSE;
object->table = root_table;
- object->record.table = acl_tables[root_table].table;
+ object->record->table = acl_tables[root_table].table;
return TRUE;
}
- /* configured to never has a parent, fall back to table root */
- if (parent_table == ACL_PARENT_NONE)
+ table = acl_tables + object->table;
+
+ /* configured to never have a parent, fall back to table root */
+ if (table->parent == ACL_PARENT_NONE)
{
- midgard_id_free(object->record.id);
- object->record.id = midgard_id_null();
+ midgard_id_free(object->record->id);
+ object->record->id = midgard_id_null();
return TRUE;
}
- table = acl_tables + object->table;
-
midgard_sql_init(midgard);
- rv = midgard_sql_get(midgard, table->get_parent, id, table->parent_fields);
+ rv = midgard_sql_get(midgard, table->get_parent, object->record->id,
+ table->parent_fields);
if (rv != MIDGARD_OK)
{
@@ -353,16 +354,16 @@
topic = midgard_sql_get_id(0);
replyto = midgard_sql_get_id(1);
- midgard_id_free(object->record.id);
+ midgard_id_free(object->record->id);
if (midgard_id_is_null(replyto))
{
object->table = ACL_TABLE_TOPIC;
- object->record.id = midgard_id_dup(topic);
+ object->record->id = midgard_id_dup(topic);
}
else
{
- object->record.id = midgard_id_dup(replyto);
+ object->record->id = midgard_id_dup(replyto);
}
midgard_id_free(topic);
@@ -374,10 +375,10 @@
*/
case ACL_PARENT_FILE:
case ACL_PARENT_ACL:
- midgard_id_free(object->record.id);
+ midgard_id_free(object->record->id);
object->table = acl_lookup_table_by_name(midgard_sql_get_string(0));
- object->record.id = midgard_sql_get_id(1);
+ object->record->id = midgard_sql_get_id(1);
if (object->table < 0) rv = MIDGARD_ERROR;
@@ -391,8 +392,8 @@
break;
}
- midgard_id_free(object->record.id);
- object->record.id = midgard_sql_get_id(0);
+ midgard_id_free(object->record->id);
+ object->record->id = midgard_sql_get_id(0);
object->table = table->parent;
break;
@@ -400,9 +401,9 @@
midgard_sql_done(midgard);
- object->record.table = acl_tables[object->table].table;
+ object->record->table = acl_tables[object->table].table;
- return ((rv == MIDGARD_OK) && (object->record.id != NULL));
+ return ((rv == MIDGARD_OK) && (object->record->id != NULL));
}
static int acl_check_chain(Midgard* midgard,
@@ -421,6 +422,11 @@
return FALSE;
}
+ if (! (obj_r.id = midgard_id_dup(id)) ) { return FALSE; }
+
+ obj_r.table = acl_tables[object.table].table;
+ object.record = &obj_r;
+
/* For AfA you allways need access via a parent. The ACL list for
an object can only be changed by admin or if you've been granted
CHILD scope AfA on a parent
@@ -428,22 +434,21 @@
if (afa) { status = MIDGARD_ACL_GRANT_MU; }
else
{
- if (! (obj_r.id = midgard_id_dup(id)) ) { return FALSE; }
-
- obj_r.table = _acl_tables[object.table].table;
- object.record = &obj_r;
-
status = acl_test(midgard, object, object, access,
MIDGARD_ACL_SCOPE_OBJECT, MIDGARD_ACL_TYPE_OBJECT);
- if (status != MIDGARD_ACL_GRANT_MU) { return status; }
+ if (status != MIDGARD_ACL_GRANT_MU)
+ {
+ midgard_id_free(object.record->id);
+ return status;
+ }
}
parent.table = object.table;
parent.record = &par_r;
- if (! (parent.record.id = midgard_id_dup(object->record.id)) )
+ if (! (parent.record->id = midgard_id_dup(object->record->id)) )
{
- midgard_id_free(object->record.id);
+ midgard_id_free(object.record->id);
return FALSE;
}
@@ -454,7 +459,8 @@
MIDGARD_ACL_SCOPE_CHILD, afa);
}
- midgard_id_free(parent.record.id);
+ midgard_id_free(object.record->id);
+ midgard_id_free(parent.record->id);
return (status == MIDGARD_ACL_GRANT_YES) ?
MIDGARD_ACL_GRANT_YES :
@@ -493,10 +499,13 @@
MidgardTable* table, MidgardId object,
int entitytype, MidgardId entity,
MidgardAccess access, boolean granted,
+ MidgardAclScope scope,
MidgardAclType afa
)
{
- /* sanity checks */
+ /* sanity checks. These will be optimized at some point, but
+ * clarity rules for the moment
+ */
if (entitytype == ACL_ENTITY_SELF && table != MIDGARD_PERSON)
return false;
@@ -507,6 +516,9 @@
&& access != MIDGARD_ACCESS_DELETE)
return false;
+ if (afa == MIDGARD_ACL_TYPE_AFA && scope != MIDGARD_ACL_SCOPE_CHILD)
+ return false;
+
/* AfA check */
if (! acl_check_chain(midgard, table, id, MIDGARD_ACCESS_CREATE,
MIDGARD_ACL_TYPE_AFA) )
@@ -521,7 +533,6 @@
/* TODO:
insert all values by midgard-lib sql method, or maybe ODBC
directly?
- Set scope to CHILD allways.
*/
return (rv == MIDGARD_OK);
@@ -531,6 +542,7 @@
MidgardTable* table, MidgardId object,
int entitytype, MidgardId entity,
MidgardAccess access, boolean granted,
+ MidgardAclScope scope,
MidgardAclType afa
)
{
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic