X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fafb-auth.c;h=9d54a03b376cf51c36705cda5c9649a64488ffb7;hb=b355a2a65511c32aaaddf289d70395f872bd4b26;hp=5c62f9f70f7a4b9d5c28e3289ef9e7f7558ceed7;hpb=718de20a3cf830ba2da0a6c37e4588e4df251f1d;p=src%2Fapp-framework-binder.git

diff --git a/src/afb-auth.c b/src/afb-auth.c
index 5c62f9f7..9d54a03b 100644
--- a/src/afb-auth.c
+++ b/src/afb-auth.c
@@ -29,8 +29,6 @@
 #include "afb-cred.h"
 #include "verbose.h"
 
-static int check_permission(struct afb_xreq *xreq, const char *permission);
-
 int afb_auth_check(struct afb_xreq *xreq, const struct afb_auth *auth)
 {
 	switch (auth->type) {
@@ -45,10 +43,7 @@ int afb_auth_check(struct afb_xreq *xreq, const struct afb_auth *auth)
 		return afb_context_check_loa(&xreq->context, auth->loa);
 
 	case afb_auth_Permission:
-		if (xreq->cred && auth->text)
-			return check_permission(xreq, auth->text);
-		/* TODO: handle case of self permission */
-		return 1;
+		return afb_auth_has_permission(xreq, auth->text);
 
 	case afb_auth_Or:
 		return afb_auth_check(xreq, auth->first) || afb_auth_check(xreq, auth->next);
@@ -73,10 +68,19 @@ int afb_auth_check(struct afb_xreq *xreq, const struct afb_auth *auth)
 static cynara *handle;
 static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
 
-static int check_permission(struct afb_xreq *xreq, const char *permission)
+int afb_auth_has_permission(struct afb_xreq *xreq, const char *permission)
 {
 	int rc;
 
+	if (!xreq->cred) {
+		/* case of permission for self */
+		return 1;
+	}
+	if (!permission) {
+		ERROR("Got a null permission!");
+		return 0;
+	}
+
 	/* cynara isn't reentrant */
 	pthread_mutex_lock(&mutex);
 
@@ -99,10 +103,10 @@ static int check_permission(struct afb_xreq *xreq, const char *permission)
 
 /*********************************************************************************/
 #else
-static int check_permission(struct afb_xreq *xreq, const char *permission)
+int afb_auth_has_permission(struct afb_xreq *xreq, const char *permission)
 {
-	WARNING("Granting permission %s by default of backend", permission);
-	return 1;
+	WARNING("Granting permission %s by default of backend", permission ?: "(null)");
+	return !!permission;
 }
 #endif