Code Review
/
src
/
app-framework-binder.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Update the url of the project
[src/app-framework-binder.git]
/
src
/
afb-auth.c
diff --git
a/src/afb-auth.c
b/src/afb-auth.c
index
82e6fd2
..
2f5daf0
100644
(file)
--- a/
src/afb-auth.c
+++ b/
src/afb-auth.c
@@
-17,7
+17,6
@@
*/
#define _GNU_SOURCE
*/
#define _GNU_SOURCE
-#define AFB_BINDING_PRAGMA_NO_VERBOSE_MACRO
#include <stdlib.h>
#include <stdlib.h>
@@
-29,9
+28,7
@@
#include "afb-cred.h"
#include "verbose.h"
#include "afb-cred.h"
#include "verbose.h"
-static int check_permission(const char *permission, struct afb_xreq *xreq);
-
-int afb_auth_check(const struct afb_auth *auth, struct afb_xreq *xreq)
+int afb_auth_check(struct afb_xreq *xreq, const struct afb_auth *auth)
{
switch (auth->type) {
default:
{
switch (auth->type) {
default:
@@
-45,16
+42,16
@@
int afb_auth_check(const struct afb_auth *auth, struct afb_xreq *xreq)
return afb_context_check_loa(&xreq->context, auth->loa);
case afb_auth_Permission:
return afb_context_check_loa(&xreq->context, auth->loa);
case afb_auth_Permission:
- return
xreq->cred && auth->text && check_permission(auth->text, xreq
);
+ return
afb_auth_has_permission(xreq, auth->text
);
case afb_auth_Or:
case afb_auth_Or:
- return afb_auth_check(
auth->first, xreq) || afb_auth_check(auth->next, xreq
);
+ return afb_auth_check(
xreq, auth->first) || afb_auth_check(xreq, auth->next
);
case afb_auth_And:
case afb_auth_And:
- return afb_auth_check(
auth->first, xreq) && afb_auth_check(auth->next, xreq
);
+ return afb_auth_check(
xreq, auth->first) && afb_auth_check(xreq, auth->next
);
case afb_auth_Not:
case afb_auth_Not:
- return !afb_auth_check(
auth->first, xreq
);
+ return !afb_auth_check(
xreq, auth->first
);
case afb_auth_Yes:
return 1;
case afb_auth_Yes:
return 1;
@@
-70,10
+67,19
@@
int afb_auth_check(const struct afb_auth *auth, struct afb_xreq *xreq)
static cynara *handle;
static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
static cynara *handle;
static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
-
static int check_permission(const char *permission, struct afb_xreq *xreq
)
+
int afb_auth_has_permission(struct afb_xreq *xreq, const char *permission
)
{
int rc;
{
int rc;
+ if (!xreq->cred) {
+ /* case of permission for self */
+ return 1;
+ }
+ if (!permission) {
+ ERROR("Got a null permission!");
+ return 0;
+ }
+
/* cynara isn't reentrant */
pthread_mutex_lock(&mutex);
/* cynara isn't reentrant */
pthread_mutex_lock(&mutex);
@@
-96,10
+102,10
@@
static int check_permission(const char *permission, struct afb_xreq *xreq)
/*********************************************************************************/
#else
/*********************************************************************************/
#else
-
static int check_permission(const char *permission, struct afb_xreq *xreq
)
+
int afb_auth_has_permission(struct afb_xreq *xreq, const char *permission
)
{
{
- WARNING("Granting permission %s by default of backend", permission);
- return
1
;
+ WARNING("Granting permission %s by default of backend", permission
?: "(null)"
);
+ return
!!permission
;
}
#endif
}
#endif