-char *get_perm_string(struct json_object *o, int *pl)
-{
- struct json_object *x, *y;
- char *a, *b, *c;
- int l, n, i, L;
-
- /* value for permission */
- if (json_object_object_get_ex(o, "permission", &x)) {
- if (!json_object_is_type(x, json_type_string)) {
- fprintf(stderr, "permission must be a string. Was: %s\n", json_object_get_string(o));
- exit(1);
- }
- a = strdup(json_object_get_string(x));
- oom(a);
- *pl = 0;
- return a;
- }
-
- /* value for not */
- if (json_object_object_get_ex(o, "not", &x)) {
- a = get_perm_string(x, &l);
- b = malloc(6 + strlen(a));
- oom(b);
- if (l)
- stpcpy(stpcpy(stpcpy(b,"not("),a),")");
- else
- stpcpy(stpcpy(b,"not "),a);
- free(a);
- *pl = 0;
- return b;
- }
-
- /* value for and or or */
- if (json_object_object_get_ex(o, "allOf", &x))
- L = 1;
- else if (json_object_object_get_ex(o, "anyOf", &x))
- L = 2;
- else {
- fprintf(stderr, "unrecognized permission. Was: %s\n", json_object_get_string(o));
- exit(1);
- }
-
- /* check the array */
- if (!json_object_is_type(x, json_type_array)) {
- fprintf(stderr, "sequence must be an array. Was: %s\n", json_object_get_string(o));
- exit(1);
- }
- n = json_object_array_length(x);
- if (n == 0) {
- fprintf(stderr, "invalid empty sequence. Was: %s\n", json_object_get_string(o));
- exit(1);
- }
-
- /* process the array */
- if (n == 1)
- return get_perm_string(json_object_array_get_idx(x, 0), pl);
- b = NULL;
- i = 0;
- while (i != n) {
- y = json_object_array_get_idx(x, i);
- a = get_perm_string(y, &l);
- if (l > L) {
- c = malloc(3 + strlen(a));
- oom(c);
- stpcpy(stpcpy(stpcpy(c,"("),a),")");
- free(a);
- a = c;
- }
- if (!b)
- b = a;
- else {
- c = malloc(6 + strlen(a) + strlen(b));
- oom(c);
- stpcpy(stpcpy(stpcpy(c,b),L==2?" or ":" and "),a);
- free(a);
- free(b);
- b = c;
- }
- i++;
- }
- *pl = L;
- return b;
-}
-
-struct json_object *make_perm(struct json_object *o)
-{
- int l;
- char *permstr = get_perm_string(o, &l);
- return json_object_new_string(permstr);
-}
-
-void make_permissions(struct path path)
-{
- struct json_object *o, *x, *y;
- struct json_object_iterator ji, jn;
-
- if (json_object_object_get_ex(path.object, "permissions", &o)) {
-
- /* expand $refs of permissions */
- x = expand_$ref((struct path){ .object = o, .upper = &path });
- if (x != o)
- json_object_object_add(path.object, "permissions", x);
-
- /* makes the permissions */
- ji = json_object_iter_begin(o);
- jn = json_object_iter_end(o);
- while (!json_object_iter_equal(&ji, &jn)) {
- x = json_object_iter_peek_value(&ji);
- y = make_perm(x);
- if (x != y)
- json_object_object_add(o, json_object_iter_peek_name(&ji), y);
- json_object_iter_next(&ji);
- }
- }
-}