The test was previously done in the caller but because
afb_auth_check_permission can now be called by other
callers, the test must be relocated.
Change-Id: I08a3a92afbe0b4dcfb223335b1e76b2d4aff005f
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
return afb_context_check_loa(&xreq->context, auth->loa);
case afb_auth_Permission:
return afb_context_check_loa(&xreq->context, auth->loa);
case afb_auth_Permission:
- if (xreq->cred && auth->text)
- return afb_auth_check_permission(xreq, auth->text);
- /* TODO: handle case of self permission */
- return 1;
+ return afb_auth_check_permission(xreq, auth->text);
case afb_auth_Or:
return afb_auth_check(xreq, auth->first) || afb_auth_check(xreq, auth->next);
case afb_auth_Or:
return afb_auth_check(xreq, auth->first) || afb_auth_check(xreq, auth->next);
+ if (!xreq->cred) {
+ /* case of permission for self */
+ return 1;
+ }
+ if (!permission) {
+ ERROR("Got a null permission!");
+ return 0;
+ }
+
/* cynara isn't reentrant */
pthread_mutex_lock(&mutex);
/* cynara isn't reentrant */
pthread_mutex_lock(&mutex);
#else
int afb_auth_check_permission(struct afb_xreq *xreq, const char *permission)
{
#else
int afb_auth_check_permission(struct afb_xreq *xreq, const char *permission)
{
- WARNING("Granting permission %s by default of backend", permission);
- return 1;
+ WARNING("Granting permission %s by default of backend", permission ?: "(null)");
+ return !!permission;