#include "afb-cred.h"
#include "verbose.h"
-static int check_permission(const char *permission, struct afb_xreq *xreq);
-
-int afb_auth_check(const struct afb_auth *auth, struct afb_xreq *xreq)
+int afb_auth_check(struct afb_xreq *xreq, const struct afb_auth *auth)
{
switch (auth->type) {
default:
return afb_context_check_loa(&xreq->context, auth->loa);
case afb_auth_Permission:
- return xreq->cred && auth->text && check_permission(auth->text, xreq);
+ if (xreq->cred && auth->text)
+ return afb_auth_check_permission(xreq, auth->text);
+ /* TODO: handle case of self permission */
+ return 1;
case afb_auth_Or:
- return afb_auth_check(auth->first, xreq) || afb_auth_check(auth->next, xreq);
+ return afb_auth_check(xreq, auth->first) || afb_auth_check(xreq, auth->next);
case afb_auth_And:
- return afb_auth_check(auth->first, xreq) && afb_auth_check(auth->next, xreq);
+ return afb_auth_check(xreq, auth->first) && afb_auth_check(xreq, auth->next);
case afb_auth_Not:
- return !afb_auth_check(auth->first, xreq);
+ return !afb_auth_check(xreq, auth->first);
case afb_auth_Yes:
return 1;
static cynara *handle;
static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
-static int check_permission(const char *permission, struct afb_xreq *xreq)
+int afb_auth_check_permission(struct afb_xreq *xreq, const char *permission)
{
int rc;
/*********************************************************************************/
#else
-static int check_permission(const char *permission, struct afb_xreq *xreq)
+int afb_auth_check_permission(struct afb_xreq *xreq, const char *permission)
{
WARNING("Granting permission %s by default of backend", permission);
return 1;
Code Review / src / app-framework-binder.git / blobdiff