[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[myserver-commit] [2753] Code refactoring.
From: |
Giuseppe Scrivano |
Subject: |
[myserver-commit] [2753] Code refactoring. |
Date: |
Fri, 15 Aug 2008 21:39:15 +0000 |
Revision: 2753
http://svn.sv.gnu.org/viewvc/?view=rev&root=myserver&revision=2753
Author: gscrivano
Date: 2008-08-15 21:39:14 +0000 (Fri, 15 Aug 2008)
Log Message:
-----------
Code refactoring. Extracted SecurityManager::checkActions from
SecurityManager::getPermissionMask
Modified Paths:
--------------
trunk/myserver/include/security.h
trunk/myserver/src/security.cpp
Modified: trunk/myserver/include/security.h
===================================================================
--- trunk/myserver/include/security.h 2008-08-15 20:37:19 UTC (rev 2752)
+++ trunk/myserver/include/security.h 2008-08-15 21:39:14 UTC (rev 2753)
@@ -106,5 +106,6 @@
int getPermissionMask(SecurityToken* st, XmlParser* parser = 0);
private:
XmlParser* getParser(const char *sysDir);
+ bool checkActions(HttpThreadContext* td, xmlNode *root);
};
#endif
Modified: trunk/myserver/src/security.cpp
===================================================================
--- trunk/myserver/src/security.cpp 2008-08-15 20:37:19 UTC (rev 2752)
+++ trunk/myserver/src/security.cpp 2008-08-15 21:39:14 UTC (rev 2753)
@@ -145,8 +145,8 @@
*/
int actionsFound = 0;
int tmpActionsFound = 0;
- xmlNode *actionsNode = 0;
- xmlNode *tmpActionsNode = 0;
+ xmlNode *actionsNode = 0;
+ xmlNode *tmpActionsNode = 0;
tempPassword[0] = '\0';
if(st && st->authType)
@@ -202,7 +202,7 @@
if(actionsFound < 1)
{
actionsFound = 1;
- actionsNode = doc->children->children;
+ actionsNode = doc->children->children;
}
}
@@ -281,10 +281,10 @@
if(rightUser && (filePermissionsFound == 0) &&
(userPermissionsFound == 0))
{
- if(tmpActionsFound == 2)
+ if(tmpActionsFound == 2)
{
actionsFound = 2;
- actionsNode = tmpActionsNode;
+ actionsNode = tmpActionsNode;
}
if(st->requiredPassword)
strncpy(st->requiredPassword, tempPassword, 32);
@@ -314,10 +314,10 @@
{
if(!xmlStrcmp(node2->name, (const xmlChar *)"ACTION"))
{
- if(actionsFound <= 3)
+ if(actionsFound <= 3)
{
tmpActionsFound = 3;
- tmpActionsNode = node->children;
+ tmpActionsNode = node->children;
}
}
if(!xmlStrcmp(node2->name, (const xmlChar *)"USER"))
@@ -511,7 +511,33 @@
}
- for( ; st->td && actionsNode; actionsNode = actionsNode->next)
+ if(!SecurityManager::checkActions(st->td, actionsNode))
+ return 0;
+
+ if(userPermissionsFound == 1)
+ return userPermissions;
+
+ if(filePermissionsFound == 1)
+ return filePermissions;
+
+ if(genericPermissionsFound == 1)
+ return genericPermissions;
+
+ return 0;
+}
+
+/*!
+ *Check if the specified actions deny the access to the resource.
+ *\param td The Thread Context.
+ *\param root The root node with actions.
+ *\return true if the action allows the access to the resource.
+ *\return false if the action denies the access to the resource.
+ */
+bool SecurityManager::checkActions(HttpThreadContext* td, xmlNode *root)
+{
+ xmlNode* actionsNode = root;
+
+ for( ; td && actionsNode; actionsNode = actionsNode->next)
{
xmlAttr *attr = actionsNode->properties;
int deny = 0;
@@ -519,12 +545,14 @@
const char* name = 0;
Regex value;
string* headerVal = 0;
+
if(strcmpi((const char*)actionsNode->name, "ACTION"))
continue;
if(actionsNode->children && actionsNode->children->content
&& !strcmpi((const char*)actionsNode->children->content, "DENY"))
deny = 1;
+
if(!deny)
continue;
@@ -535,8 +563,10 @@
if(!strcmpi((const char*)attr->name, "VALUE"))
value.compile((const char*)attr->children->content, REG_EXTENDED);
}
+
if(name)
- headerVal = st->td->request.getValue(name, 0);
+ headerVal = td->request.getValue(name, 0);
+
if(!headerVal)
continue;
@@ -546,21 +576,11 @@
*/
if(value.isCompiled() && !value.exec(headerVal->c_str(), 1,&pm,
REG_NOTEOL))
- return 0;
- else
- break;
+ return false;
}
- if(userPermissionsFound == 1)
- return userPermissions;
+ return true;
- if(filePermissionsFound == 1)
- return filePermissions;
-
- if(genericPermissionsFound == 1)
- return genericPermissions;
-
- return 0;
}
/*!
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [myserver-commit] [2753] Code refactoring.,
Giuseppe Scrivano <=