[myserver-commit] [2753] Code refactoring.

myserver-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[myserver-commit] [2753] Code refactoring.

From:	Giuseppe Scrivano
Subject:	[myserver-commit] [2753] Code refactoring.
Date:	Fri, 15 Aug 2008 21:39:15 +0000

Revision: 2753
          http://svn.sv.gnu.org/viewvc/?view=rev&root=myserver&revision=2753
Author:   gscrivano
Date:     2008-08-15 21:39:14 +0000 (Fri, 15 Aug 2008)

Log Message:
-----------
Code refactoring.  Extracted SecurityManager::checkActions from 
SecurityManager::getPermissionMask

Modified Paths:
--------------
    trunk/myserver/include/security.h
    trunk/myserver/src/security.cpp

Modified: trunk/myserver/include/security.h
===================================================================
--- trunk/myserver/include/security.h   2008-08-15 20:37:19 UTC (rev 2752)
+++ trunk/myserver/include/security.h   2008-08-15 21:39:14 UTC (rev 2753)
@@ -106,5 +106,6 @@
   int getPermissionMask(SecurityToken* st, XmlParser* parser = 0);
 private:
   XmlParser* getParser(const char *sysDir);
+  bool checkActions(HttpThreadContext* td,  xmlNode *root);
 };
 #endif

Modified: trunk/myserver/src/security.cpp
===================================================================
--- trunk/myserver/src/security.cpp     2008-08-15 20:37:19 UTC (rev 2752)
+++ trunk/myserver/src/security.cpp     2008-08-15 21:39:14 UTC (rev 2753)
@@ -145,8 +145,8 @@
    */
   int actionsFound = 0;
   int tmpActionsFound = 0;
-   xmlNode *actionsNode = 0;
-   xmlNode *tmpActionsNode = 0;
+  xmlNode *actionsNode = 0;
+  xmlNode *tmpActionsNode = 0;
 
   tempPassword[0] = '\0';
   if(st && st->authType)
@@ -202,7 +202,7 @@
       if(actionsFound < 1)
       {
         actionsFound = 1;
-         actionsNode = doc->children->children;            
+        actionsNode = doc->children->children;            
       }
     }
 
@@ -281,10 +281,10 @@
         if(rightUser && (filePermissionsFound == 0) && 
            (userPermissionsFound == 0))
         {
-           if(tmpActionsFound == 2)
+          if(tmpActionsFound == 2)
           {
             actionsFound = 2;
-             actionsNode = tmpActionsNode;            
+            actionsNode = tmpActionsNode;            
           }   
           if(st->requiredPassword)
             strncpy(st->requiredPassword, tempPassword, 32);
@@ -314,10 +314,10 @@
       {
         if(!xmlStrcmp(node2->name, (const xmlChar *)"ACTION"))
         {
-           if(actionsFound <= 3)
+          if(actionsFound <= 3)
           {
             tmpActionsFound = 3;
-             tmpActionsNode = node->children;
+            tmpActionsNode = node->children;
           }                                   
         }      
         if(!xmlStrcmp(node2->name, (const xmlChar *)"USER"))
@@ -511,7 +511,33 @@
 
   }
 
-  for( ; st->td && actionsNode; actionsNode = actionsNode->next)
+  if(!SecurityManager::checkActions(st->td,  actionsNode))
+    return 0;
+
+  if(userPermissionsFound == 1)
+    return userPermissions;
+
+  if(filePermissionsFound == 1)
+    return filePermissions;
+
+  if(genericPermissionsFound == 1)
+    return genericPermissions;
+
+  return 0;
+}
+
+/*!
+ *Check if the specified actions deny the access to the resource.
+ *\param td The Thread Context.
+ *\param root The root node with actions.
+ *\return true if the action allows the access to the resource.
+ *\return false if the action denies the access to the resource.
+ */
+bool SecurityManager::checkActions(HttpThreadContext* td,  xmlNode *root)
+{
+  xmlNode* actionsNode = root;
+
+  for( ; td && actionsNode; actionsNode = actionsNode->next)
   {
     xmlAttr *attr = actionsNode->properties;
     int deny = 0;
@@ -519,12 +545,14 @@
     const char* name = 0;
     Regex value;
     string* headerVal = 0;
+
     if(strcmpi((const char*)actionsNode->name, "ACTION"))
       continue;
 
     if(actionsNode->children && actionsNode->children->content 
        && !strcmpi((const char*)actionsNode->children->content, "DENY"))
          deny = 1;
+
     if(!deny)
       continue;
 
@@ -535,8 +563,10 @@
       if(!strcmpi((const char*)attr->name, "VALUE"))
         value.compile((const char*)attr->children->content, REG_EXTENDED);     
    
     }
+
     if(name)
-      headerVal = st->td->request.getValue(name, 0);
+      headerVal = td->request.getValue(name, 0);
+
     if(!headerVal)
       continue;
 
@@ -546,21 +576,11 @@
      */
     if(value.isCompiled() && !value.exec(headerVal->c_str(), 1,&pm, 
                                          REG_NOTEOL))
-      return 0;
-    else
-      break;
+      return false;
   }
 
-  if(userPermissionsFound == 1)
-    return userPermissions;
+  return true;
 
-  if(filePermissionsFound == 1)
-    return filePermissions;
-
-  if(genericPermissionsFound == 1)
-    return genericPermissions;
-
-  return 0;
 }
 
 /*!

[Prev in Thread]

Current Thread

[Next in Thread]

[myserver-commit] [2753] Code refactoring., Giuseppe Scrivano <=

Prev by Date: [myserver-commit] [2752] Code refactoring.
Next by Date: [myserver-commit] [2754] Code refactoring for SecurityManager::getPermissionMask.
Previous by thread: [myserver-commit] [2752] Code refactoring.
Next by thread: [myserver-commit] [2754] Code refactoring for SecurityManager::getPermissionMask.
Index(es):
- Date
- Thread