Relax authorisation checlk for self

author José Bollo <jose.bollo@iot.bzh>

Mon, 29 May 2017 14:11:49 +0000 (16:11 +0200)

committer José Bollo <jose.bollo@iot.bzh>

Mon, 29 May 2017 14:11:49 +0000 (16:11 +0200)
author José Bollo <jose.bollo@iot.bzh>
Mon, 29 May 2017 14:11:49 +0000 (16:11 +0200)
committer José Bollo <jose.bollo@iot.bzh>
Mon, 29 May 2017 14:11:49 +0000 (16:11 +0200)
diff --git a/src/afb-auth.c b/src/afb-auth.c

index 82e6fd2..900ec4c 100644 (file)
--- a/src/afb-auth.c
+++ b/src/afb-auth.c
@@ -45,7 +45,10 @@ int afb_auth_check(const struct afb_auth *auth, struct afb_xreq *xreq)
                 return afb_context_check_loa(&xreq->context, auth->loa);
  
         case afb_auth_Permission:
-               return xreq->cred && auth->text && check_permission(auth->text, xreq);
+               if (xreq->cred && auth->text)
+                       return check_permission(auth->text, xreq);
+               /* TODO: handle case of self permission */
+               return 1;
  
         case afb_auth_Or:
                 return afb_auth_check(auth->first, xreq) || afb_auth_check(auth->next, xreq);
diff --git a/src/afb-hreq.c b/src/afb-hreq.c

index 62b322c..b87251b 100644 (file)
--- a/src/afb-hreq.c
+++ b/src/afb-hreq.c
@@ -982,7 +982,6 @@ struct afb_hreq *afb_hreq_create()
         if (hreq) {
                 /* init the request */
                 afb_xreq_init(&hreq->xreq, &afb_hreq_xreq_query_itf);
-               hreq->xreq.cred = afb_cred_current();
                 hreq->reqid = ++global_reqids;
         }
         return hreq;
diff --git a/src/afb-svc.c b/src/afb-svc.c

index ac01291..b4032e3 100644 (file)
--- a/src/afb-svc.c
+++ b/src/afb-svc.c
@@ -275,7 +275,6 @@ static struct svc_req *svcreq_create(struct afb_svc *svc, const char *api, const
                 afb_xreq_init(&svcreq->xreq, &afb_svc_xreq_itf);
                 afb_context_init(&svcreq->xreq.context, svc->session, NULL);
                 svcreq->xreq.context.validated = 1;
-               svcreq->xreq.cred = afb_cred_current();
                 copy = (char*)&svcreq[1];
                 memcpy(copy, api, lenapi);
                 svcreq->xreq.api = copy;
diff --git a/src/afb-ws-json1.c b/src/afb-ws-json1.c

index 3d1f29d..4b6c04e 100644 (file)
--- a/src/afb-ws-json1.c
+++ b/src/afb-ws-json1.c
@@ -129,8 +129,6 @@ struct afb_ws_json1 *afb_ws_json1_create(int fd, struct afb_apiset *apiset, stru
                 goto error4;
  
         result->cred = afb_cred_create_for_socket(fd);
-       if (!result->cred)
-               result->cred = afb_cred_current();
         result->apiset = afb_apiset_addref(apiset);
         return result;
author	José Bollo <jose.bollo@iot.bzh>
	Mon, 29 May 2017 14:11:49 +0000 (16:11 +0200)
committer	José Bollo <jose.bollo@iot.bzh>
	Mon, 29 May 2017 14:11:49 +0000 (16:11 +0200)
src/afb-auth.c		patch \| blob \| history
src/afb-hreq.c		patch \| blob \| history
src/afb-svc.c		patch \| blob \| history
src/afb-ws-json1.c		patch \| blob \| history