From 91c12808e08fb30e58a3d2e008569933f409d6db Mon Sep 17 00:00:00 2001 From: =?utf8?q?Jos=C3=A9=20Bollo?= Date: Mon, 4 Sep 2017 10:34:52 +0200 Subject: [PATCH] afb-auth: improve afb_auth_check_permission MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The test was previously done in the caller but because afb_auth_check_permission can now be called by other callers, the test must be relocated. Change-Id: I08a3a92afbe0b4dcfb223335b1e76b2d4aff005f Signed-off-by: José Bollo --- src/afb-auth.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/src/afb-auth.c b/src/afb-auth.c index 17d355b0..ff4ff9da 100644 --- a/src/afb-auth.c +++ b/src/afb-auth.c @@ -43,10 +43,7 @@ int afb_auth_check(struct afb_xreq *xreq, const struct afb_auth *auth) return afb_context_check_loa(&xreq->context, auth->loa); case afb_auth_Permission: - if (xreq->cred && auth->text) - return afb_auth_check_permission(xreq, auth->text); - /* TODO: handle case of self permission */ - return 1; + return afb_auth_check_permission(xreq, auth->text); case afb_auth_Or: return afb_auth_check(xreq, auth->first) || afb_auth_check(xreq, auth->next); @@ -75,6 +72,15 @@ int afb_auth_check_permission(struct afb_xreq *xreq, const char *permission) { int rc; + if (!xreq->cred) { + /* case of permission for self */ + return 1; + } + if (!permission) { + ERROR("Got a null permission!"); + return 0; + } + /* cynara isn't reentrant */ pthread_mutex_lock(&mutex); @@ -99,8 +105,8 @@ int afb_auth_check_permission(struct afb_xreq *xreq, const char *permission) #else int afb_auth_check_permission(struct afb_xreq *xreq, const char *permission) { - WARNING("Granting permission %s by default of backend", permission); - return 1; + WARNING("Granting permission %s by default of backend", permission ?: "(null)"); + return !!permission; } #endif -- 2.16.6