From: Andrea Zagli Date: Sat, 17 Sep 2016 07:31:25 +0000 (+0200) Subject: Renamed files and autotools variables. X-Git-Url: https://saetta.ns0.it/gitweb?a=commitdiff_plain;h=c70b3ec8f451a938907c7941a04c8ec0a96664d8;p=zakautho%2Flibzakautho Renamed files and autotools variables. --- diff --git a/autogen.sh b/autogen.sh index 8904930..5b99b33 100755 --- a/autogen.sh +++ b/autogen.sh @@ -4,13 +4,13 @@ srcdir=`dirname $0` test -z "$srcdir" && srcdir=. -PKG_NAME="libautoz" +PKG_NAME="libzakautho" (test -f $srcdir/configure.ac \ && test -d $srcdir/src \ - && test -f $srcdir/src/autoz.h) || { + && test -f $srcdir/src/autho.h) || { echo -n "**Error**: Directory "\`$srcdir\'" does not look like the" - echo " top-level libautoz directory" + echo " top-level libzakautho directory" exit 1 } diff --git a/configure.ac b/configure.ac index fa68d5f..bb37bb6 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ AC_PREREQ(2.65) AC_INIT([libzakautho], [0.0.5], [azagli@libero.it]) -AC_CONFIG_SRCDIR([src/autoz.c]) +AC_CONFIG_SRCDIR([src/autho.c]) AC_CONFIG_HEADER([config.h]) AM_INIT_AUTOMAKE(-Wall) @@ -32,11 +32,11 @@ AC_PROG_RANLIB GTK_DOC_CHECK # Checks for libraries. -PKG_CHECK_MODULES(AUTOZ, [libxml-2.0 >= 2.7 - libgda-5.0 >= 5.0.0]) +PKG_CHECK_MODULES(ZAKAUTHO, [libxml-2.0 >= 2.7 + libgda-5.0 >= 5.0.0]) -AC_SUBST(AUTOZ_CFLAGS) -AC_SUBST(AUTOZ_LIBS) +AC_SUBST(ZAKAUTHO_CFLAGS) +AC_SUBST(ZAKAUTHO_LIBS) # Checks for header files. AC_HEADER_STDC diff --git a/src/Makefile.am b/src/Makefile.am index c5ab778..6c028fb 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,11 +1,11 @@ -LIBS = $(AUTOZ_LIBS) +LIBS = $(ZAKAUTHO_LIBS) -AM_CPPFLAGS = $(AUTOZ_CFLAGS) \ +AM_CPPFLAGS = $(ZAKAUTHO_CFLAGS) \ -DG_LOG_DOMAIN=\"ZakAutho\" lib_LTLIBRARIES = libzakautho.la -libzakautho_la_SOURCES = autoz.c \ +libzakautho_la_SOURCES = autho.c \ resource_interface.c \ role_interface.c \ resource.c \ @@ -13,7 +13,7 @@ libzakautho_la_SOURCES = autoz.c \ libzakautho_la_LDFLAGS = -no-undefined -libzakautho_include_HEADERS = autoz.h \ +libzakautho_include_HEADERS = autho.h \ resource_interface.h \ role_interface.h \ resource.h \ diff --git a/src/autho.c b/src/autho.c new file mode 100644 index 0000000..e97e740 --- /dev/null +++ b/src/autho.c @@ -0,0 +1,2358 @@ +/* + * Copyright (C) 2010-2016 Andrea Zagli + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include "autho.h" + +#include "role.h" +#include "resource.h" + +typedef struct _Role Role; +struct _Role + { + ZakAuthoIRole *irole; + GList *parents; /* struct Role */ + }; + +typedef struct _Resource Resource; +struct _Resource + { + ZakAuthoIResource *iresource; + GList *parents; /* struct Resource */ + }; + +typedef struct _Rule Rule; +struct _Rule + { + Role *role; + Resource *resource; + }; + +typedef enum ZakAuthoIsAllowed + { + ZAK_AUTHO_ALLOWED, + ZAK_AUTHO_DENIED, + ZAK_AUTHO_NOT_FOUND + } ZakAuthoIsAllowed; + +static void zak_autho_class_init (ZakAuthoClass *class); +static void zak_autho_init (ZakAutho *zak_autho); + +static ZakAuthoIsAllowed _zak_autho_is_allowed_role (ZakAutho *zak_autho, Role *role, Resource *resource, gboolean exclude_null); +static ZakAuthoIsAllowed _zak_autho_is_allowed_resource (ZakAutho *zak_autho, Role *role, Resource *resource); + +static gboolean _zak_autho_delete_table_content (GdaConnection *gdacon, const gchar *table_prefix); +static guint _zak_autho_find_new_table_id (GdaConnection *gdacon, const gchar *table_name); +static guint _zak_autho_get_role_id_db (GdaConnection *gdacon, const gchar *table_name, const gchar *role_id); +static guint _zak_autho_get_resource_id_db (GdaConnection *gdacon, const gchar *table_name, const gchar *resource_id); + +static void _zak_autho_check_updated (ZakAutho *zak_autho); + +static Role *_zak_autho_get_role_from_id (ZakAutho *zak_autho, const gchar *role_id); +static Resource *_zak_autho_get_resource_from_id (ZakAutho *zak_autho, const gchar *resource_id); + +static gchar *_zak_autho_remove_role_name_prefix_from_id (ZakAutho *zak_autho, const gchar *role_id); +static gchar *_zak_autho_remove_resource_name_prefix_from_id (ZakAutho *zak_autho, const gchar *resource_id); + +static void zak_autho_set_property (GObject *object, + guint property_id, + const GValue *value, + GParamSpec *pspec); +static void zak_autho_get_property (GObject *object, + guint property_id, + GValue *value, + GParamSpec *pspec); + +#define ZAK_AUTHO_GET_PRIVATE(obj) (G_TYPE_INSTANCE_GET_PRIVATE ((obj), ZAK_TYPE_AUTHO, ZakAuthoPrivate)) + +typedef struct _ZakAuthoPrivate ZakAuthoPrivate; +struct _ZakAuthoPrivate + { + gchar *role_name_prefix; + gchar *resource_name_prefix; + + GHashTable *roles; /* struct Role */ + GHashTable *resources; /* struct Resource */ + + GHashTable *rules_allow; /* struct Rule */ + GHashTable *rules_deny; /* struct Rule */ + + GdaConnection *gdacon; + gchar *table_prefix; + GDateTime *gdt_last_load; + gboolean on_loading; + }; + +G_DEFINE_TYPE (ZakAutho, zak_autho, G_TYPE_OBJECT) + +static void +zak_autho_class_init (ZakAuthoClass *class) +{ + GObjectClass *object_class = G_OBJECT_CLASS (class); + + object_class->set_property = zak_autho_set_property; + object_class->get_property = zak_autho_get_property; + + g_type_class_add_private (object_class, sizeof (ZakAuthoPrivate)); +} + +static void +zak_autho_init (ZakAutho *zak_autho) +{ + ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + priv->role_name_prefix = NULL; + priv->resource_name_prefix = NULL; + + priv->roles = g_hash_table_new (g_str_hash, g_str_equal); + priv->resources = g_hash_table_new (g_str_hash, g_str_equal); + + priv->rules_allow = g_hash_table_new (g_str_hash, g_str_equal); + priv->rules_deny = g_hash_table_new (g_str_hash, g_str_equal); + + priv->gdacon = NULL; + priv->table_prefix = NULL; + priv->gdt_last_load = NULL; + priv->on_loading = FALSE; +} + +/** + * zak_autho_new: + * + * Returns: the newly created #ZakAutho object. + */ +ZakAutho +*zak_autho_new () +{ + return ZAK_AUTHO (g_object_new (zak_autho_get_type (), NULL)); +} + +/** + * zak_autho_set_role_name_prefix: + * @zak_autho: an #ZakAutho object. + * @prefix: + * + */ +void +zak_autho_set_role_name_prefix (ZakAutho *zak_autho, const gchar *prefix) +{ + ZakAuthoPrivate *priv; + + g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + if (priv->role_name_prefix != NULL) + { + g_free (priv->role_name_prefix); + } + + if (prefix == NULL) + { + priv->role_name_prefix = NULL; + } + else + { + priv->role_name_prefix = g_strdup (prefix); + } +} + +/** + * zak_autho_get_role_name_prefix: + * @zak_autho: an #ZakAutho object. + * + */ +const gchar +*zak_autho_get_role_name_prefix (ZakAutho *zak_autho) +{ + ZakAuthoPrivate *priv; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), NULL); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + return priv->role_name_prefix == NULL ? NULL : g_strdup (priv->role_name_prefix); +} + +/** + * zak_autho_set_resource_name_prefix: + * @zak_autho: an #ZakAutho object. + * @prefix: + * + */ +void +zak_autho_set_resource_name_prefix (ZakAutho *zak_autho, const gchar *prefix) +{ + ZakAuthoPrivate *priv; + + g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + if (priv->resource_name_prefix != NULL) + { + g_free (priv->resource_name_prefix); + } + + if (prefix == NULL) + { + priv->resource_name_prefix = NULL; + } + else + { + priv->resource_name_prefix = g_strdup (prefix); + } +} + +/** + * zak_autho_get_resource_name_prefix: + * @zak_autho: an #ZakAutho object. + * + */ +const gchar +*zak_autho_get_resource_name_prefix (ZakAutho *zak_autho) +{ + ZakAuthoPrivate *priv; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), NULL); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + return priv->resource_name_prefix == NULL ? NULL : g_strdup (priv->resource_name_prefix); +} + +/** + * zak_autho_add_role: + * @zak_autho: an #ZakAutho object. + * @irole: + * + */ +void +zak_autho_add_role (ZakAutho *zak_autho, ZakAuthoIRole *irole) +{ + zak_autho_add_role_with_parents (zak_autho, irole, NULL); +} + +/** + * zak_autho_add_role_with_parents: + * @zak_autho: an #ZakAutho object. + * @irole: + * @...: + * + */ +void +zak_autho_add_role_with_parents (ZakAutho *zak_autho, ZakAuthoIRole *irole, ...) +{ + ZakAuthoPrivate *priv; + + const gchar *role_id; + const gchar *role_id_parent; + + g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); + g_return_if_fail (ZAK_AUTHO_IS_IROLE (irole)); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + role_id = zak_autho_irole_get_role_id (irole); + + if (g_hash_table_lookup (priv->roles, role_id) == NULL) + { + va_list args; + Role *role; + + ZakAuthoIRole *irole_parent; + Role *role_parent; + + role = (Role *)g_malloc0 (sizeof (Role)); + role->irole = irole; + role->parents = NULL; + + va_start (args, irole); + while ((irole_parent = va_arg (args, ZakAuthoIRole *)) != NULL) + { + role_id_parent = zak_autho_irole_get_role_id (irole_parent); + if (g_strcmp0 (role_id, role_id_parent) == 0) + { + g_warning ("The parent cannot be himself (%s).", role_id); + } + else + { + role_parent = g_hash_table_lookup (priv->roles, role_id_parent); + if (role_parent != NULL) + { + role->parents = g_list_append (role->parents, role_parent); + } + else + { + g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole_parent)); + } + } + } + va_end (args); + + g_hash_table_insert (priv->roles, (gpointer)role_id, (gpointer)role); + } + else + { + g_warning ("Role «%s» not found.", role_id); + } +} + +/** + * zak_autho_add_parent_to_role: + * @zak_autho: an #ZakAutho object. + * @irole: + * @irole_parent: + * + */ +void +zak_autho_add_parent_to_role (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIRole *irole_parent) +{ + zak_autho_add_parents_to_role (zak_autho, irole, irole_parent, NULL); +} + +/** + * zak_autho_add_parents_to_role: + * @zak_autho: an #ZakAutho object. + * @irole: + * @...: + * + */ +void +zak_autho_add_parents_to_role (ZakAutho *zak_autho, ZakAuthoIRole *irole, ...) +{ + ZakAuthoPrivate *priv; + + Role *role; + + const gchar *role_id; + const gchar *role_id_parent; + + g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); + g_return_if_fail (ZAK_AUTHO_IS_IROLE (irole)); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + role_id = zak_autho_irole_get_role_id (irole); + + role = g_hash_table_lookup (priv->roles, role_id); + if (role != NULL) + { + va_list args; + + ZakAuthoIRole *irole_parent; + Role *role_parent; + + va_start (args, irole); + while ((irole_parent = va_arg (args, ZakAuthoIRole *)) != NULL) + { + role_id_parent = zak_autho_irole_get_role_id (irole_parent); + if (g_strcmp0 (role_id, role_id_parent) == 0) + { + g_warning ("The parent cannot be himself (%s).", role_id); + } + else + { + role_parent = g_hash_table_lookup (priv->roles, role_id_parent); + if (role_parent != NULL) + { + role->parents = g_list_append (role->parents, role_parent); + } + else + { + g_warning ("Role «%s» not found.", role_id); + } + } + } + va_end (args); + } + else + { + g_warning ("Role «%s» not found.", role_id); + } +} + +/** + * zak_autho_role_is_child: + * @zak_autho: an #ZakAutho object. + * @irole: an #ZakAuthoIRole object. + * @irole_parent: an #ZakAuthoIRole object. + * + * Returns: #TRUE if @irole is a @irole_parent's child; #FALSE otherwise. + */ +gboolean +zak_autho_role_is_child (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIRole *irole_parent) +{ + ZakAuthoPrivate *priv; + gboolean ret; + + Role *role; + Role *role_parent; + const gchar *role_id_parent; + GList *parent; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + g_return_val_if_fail (ZAK_AUTHO_IS_IROLE (irole), FALSE); + g_return_val_if_fail (ZAK_AUTHO_IS_IROLE (irole_parent), FALSE); + + _zak_autho_check_updated (zak_autho); + + ret = FALSE; + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + role = g_hash_table_lookup (priv->roles, zak_autho_irole_get_role_id (irole)); + if (role == NULL) + { + g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole)); + return ret; + } + role_id_parent = zak_autho_irole_get_role_id (irole_parent); + role_parent = g_hash_table_lookup (priv->roles, role_id_parent); + if (role_parent == NULL) + { + g_warning ("Role parent «%s» not found.", role_id_parent); + return ret; + } + + parent = g_list_first (role->parents); + while (parent != NULL) + { + /* TODO recursion */ + role_parent = (Role *)parent->data; + if (g_strcmp0 (role_id_parent, zak_autho_irole_get_role_id (role_parent->irole)) == 0) + { + ret = TRUE; + break; + } + + parent = g_list_next (parent); + } + + return ret; +} + +static Role +*_zak_autho_get_role_from_id (ZakAutho *zak_autho, const gchar *role_id) +{ + ZakAuthoPrivate *priv; + Role *role; + + gchar *_role_id; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), NULL); + + _zak_autho_check_updated (zak_autho); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + if (priv->role_name_prefix != NULL) + { + _role_id = g_strdup_printf ("%s%s", priv->role_name_prefix, role_id); + } + else + { + _role_id = g_strdup (role_id); + } + + role = g_hash_table_lookup (priv->roles, _role_id); + g_free (_role_id); + + return role; +} + +/** + * zak_autho_get_role_from_id: + * @zak_autho: an #ZakAutho object. + * @role_id: + * + */ +ZakAuthoIRole +*zak_autho_get_role_from_id (ZakAutho *zak_autho, const gchar *role_id) +{ + Role *role; + + role = _zak_autho_get_role_from_id (zak_autho, role_id); + if (role == NULL) + { + return NULL; + } + else + { + return role->irole; + } +} + +/** + * zak_autho_add_resource: + * @zak_autho: an #ZakAutho object. + * @iresource: + * + */ +void +zak_autho_add_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource) +{ + zak_autho_add_resource_with_parents (zak_autho, iresource, NULL); +} + +/** + * zak_autho_add_resource_with_parents: + * @zak_autho: an #ZakAutho object. + * @iresource: + * @...: + * + */ +void +zak_autho_add_resource_with_parents (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ...) +{ + ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + const gchar *resource_id; + const gchar *resource_id_parent; + + g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); + g_return_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource)); + + resource_id = zak_autho_iresource_get_resource_id (iresource); + + if (g_hash_table_lookup (priv->resources, resource_id) == NULL) + { + va_list args; + Resource *resource; + + ZakAuthoIResource *iresource_parent; + Resource *resource_parent; + + resource = (Resource *)g_malloc0 (sizeof (Resource)); + resource->iresource = iresource; + resource->parents = NULL; + + va_start (args, iresource); + while ((iresource_parent = va_arg (args, ZakAuthoIResource *)) != NULL) + { + resource_id_parent = zak_autho_iresource_get_resource_id (iresource_parent); + if (g_strcmp0 (resource_id, resource_id_parent) == 0) + { + g_warning ("The parent cannot be himself (%s).", resource_id); + } + else + { + resource_parent = g_hash_table_lookup (priv->resources, resource_id_parent); + if (resource_parent != NULL) + { + resource->parents = g_list_append (resource->parents, resource_parent); + } + else + { + g_warning ("Resource «%s» not found.", zak_autho_iresource_get_resource_id (iresource_parent)); + } + } + } + va_end (args); + + g_hash_table_insert (priv->resources, (gpointer)resource_id, (gpointer)resource); + } + else + { + g_warning ("Resource «%s» not found.", resource_id); + } +} + +/** + * zak_autho_add_parent_to_resource: + * @zak_autho: an #ZakAutho object. + * @iresource: an #ZakAuthoIResource object. + * @iresource_parent: an #ZakAuthoIResource object. + * + */ +void +zak_autho_add_parent_to_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ZakAuthoIResource *iresource_parent) +{ + zak_autho_add_parents_to_resource (zak_autho, iresource, iresource_parent, NULL); +} + +/** + * zak_autho_add_parents_to_resource: + * @zak_autho: an #ZakAutho object. + * @iresource: + * @...: + * + */ +void +zak_autho_add_parents_to_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ...) +{ + ZakAuthoPrivate *priv; + + Resource *resource; + + const gchar *resource_id; + const gchar *resource_id_parent; + + g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); + g_return_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource)); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + resource_id = zak_autho_iresource_get_resource_id (iresource); + + resource = g_hash_table_lookup (priv->resources, resource_id); + if (resource != NULL) + { + va_list args; + + ZakAuthoIResource *iresource_parent; + Resource *resource_parent; + + va_start (args, iresource); + while ((iresource_parent = va_arg (args, ZakAuthoIResource *)) != NULL) + { + resource_id_parent = zak_autho_iresource_get_resource_id (iresource_parent); + if (g_strcmp0 (resource_id, resource_id_parent) == 0) + { + g_warning ("The parent cannot be himself (%s).", resource_id); + } + else + { + resource_parent = g_hash_table_lookup (priv->resources, resource_id_parent); + if (resource_parent != NULL) + { + resource->parents = g_list_append (resource->parents, resource_parent); + } + else + { + g_warning ("Resource «%s» not found.", resource_id); + } + } + } + va_end (args); + } + else + { + g_warning ("Resource «%s» not found.", resource_id); + } +} + +/** + * zak_autho_resource_is_child: + * @zak_autho: an #ZakAutho object. + * @iresource: an #ZakAuthoIResource object. + * @iresource_parent: an #ZakAuthoIResource object. + * + * Returns: #TRUE if @iresource is a @iresource_parent's child; #FALSE otherwise. + */ +gboolean +zak_autho_resource_is_child (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ZakAuthoIResource *iresource_parent) +{ + ZakAuthoPrivate *priv; + gboolean ret; + + Resource *resource; + Resource *resource_parent; + const gchar *resource_id_parent; + GList *parent; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + g_return_val_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource), FALSE); + g_return_val_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource_parent), FALSE); + + _zak_autho_check_updated (zak_autho); + + ret = FALSE; + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + resource = g_hash_table_lookup (priv->resources, zak_autho_iresource_get_resource_id (iresource)); + if (resource == NULL) + { + g_warning ("Resource «%s» not found.", zak_autho_iresource_get_resource_id (iresource)); + return ret; + } + resource_id_parent = zak_autho_iresource_get_resource_id (iresource_parent); + resource_parent = g_hash_table_lookup (priv->resources, resource_id_parent); + if (resource_parent == NULL) + { + g_warning ("Resource parent «%s» not found.", resource_id_parent); + return ret; + } + + parent = g_list_first (resource->parents); + while (parent != NULL) + { + /* TODO recursion */ + resource_parent = (Resource *)parent->data; + if (g_strcmp0 (resource_id_parent, zak_autho_iresource_get_resource_id (resource_parent->iresource)) == 0) + { + ret = TRUE; + break; + } + + parent = g_list_next (parent); + } + + return ret; +} + +static Resource +*_zak_autho_get_resource_from_id (ZakAutho *zak_autho, const gchar *resource_id) +{ + ZakAuthoPrivate *priv; + Resource *resource; + + gchar *_resource_id; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), NULL); + + _zak_autho_check_updated (zak_autho); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + if (priv->resource_name_prefix != NULL) + { + _resource_id = g_strdup_printf ("%s%s", priv->resource_name_prefix, resource_id); + } + else + { + _resource_id = g_strdup (resource_id); + } + + resource = g_hash_table_lookup (priv->resources, _resource_id); + g_free (_resource_id); + + return resource; +} + +/** + * zak_autho_get_resource_from_id: + * @zak_autho: an #ZakAutho object. + * @resource_id: + * + */ +ZakAuthoIResource +*zak_autho_get_resource_from_id (ZakAutho *zak_autho, const gchar *resource_id) +{ + Resource *resource; + + resource = _zak_autho_get_resource_from_id (zak_autho, resource_id); + if (resource == NULL) + { + return NULL; + } + else + { + return resource->iresource; + } +} + +/** + * zak_autho_allow: + * @zak_autho: an #ZakAutho object. + * @irole: + * @iresource: + * + */ +void +zak_autho_allow (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource) +{ + ZakAuthoPrivate *priv; + + Role *role; + Resource *resource; + + Rule *r; + + gchar *str_id; + + g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + /* check if exists */ + role = g_hash_table_lookup (priv->roles, zak_autho_irole_get_role_id (irole)); + if (role == NULL) + { + g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole)); + return; + } + + /* accept also NULL resource (equal to allow every resource) */ + if (iresource == NULL) + { + resource = NULL; + } + else + { + g_return_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource)); + + resource = g_hash_table_lookup (priv->resources, zak_autho_iresource_get_resource_id (iresource)); + if (resource == NULL) + { + g_warning ("Resource «%s» not found.", zak_autho_iresource_get_resource_id (iresource)); + return; + } + } + + r = (Rule *)g_malloc0 (sizeof (Rule)); + r->role = role; + r->resource = resource; + + str_id = g_strconcat (zak_autho_irole_get_role_id (r->role->irole), + "|", + (resource == NULL ? "NULL" : zak_autho_iresource_get_resource_id (r->resource->iresource)), + NULL); + + if (g_hash_table_lookup (priv->rules_allow, str_id) == NULL) + { + g_hash_table_insert (priv->rules_allow, str_id, r); + } +} + +/** + * zak_autho_deny: + * @zak_autho: an #ZakAutho object. + * @irole: + * @iresource: + * + */ +void +zak_autho_deny (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource) +{ + ZakAuthoPrivate *priv; + + Role *role; + Resource *resource; + + Rule *r; + + gchar *str_id; + + g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + /* check if exists */ + role = g_hash_table_lookup (priv->roles, zak_autho_irole_get_role_id (irole)); + if (role == NULL) + { + g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole)); + return; + } + + /* accept also NULL resource (equal to deny every resource) */ + if (iresource == NULL) + { + resource = NULL; + } + else + { + g_return_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource)); + + resource = g_hash_table_lookup (priv->resources, zak_autho_iresource_get_resource_id (iresource)); + if (resource == NULL) + { + return; + } + } + + r = (Rule *)g_malloc0 (sizeof (Rule)); + r->role = role; + r->resource = resource; + + str_id = g_strconcat (zak_autho_irole_get_role_id (r->role->irole), + "|", + (resource == NULL ? "NULL" : zak_autho_iresource_get_resource_id (r->resource->iresource)), + NULL); + + if (g_hash_table_lookup (priv->rules_deny, str_id) == NULL) + { + g_hash_table_insert (priv->rules_deny, str_id, r); + } +} + +static ZakAuthoIsAllowed +_zak_autho_is_allowed_role (ZakAutho *zak_autho, Role *role, Resource *resource, gboolean exclude_null) +{ + ZakAuthoIsAllowed ret; + + gchar *str_id; + + ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + ret = ZAK_AUTHO_NOT_FOUND; + + if (!exclude_null) + { + /* first trying for a rule for every resource */ + str_id = g_strconcat (zak_autho_irole_get_role_id (role->irole), + "|NULL", + NULL); + + if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) + { + ret = ZAK_AUTHO_DENIED; + return ret; + } + if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) + { + ret = ZAK_AUTHO_ALLOWED; + return ret; + } + } + + /* and after for specific resource */ + str_id = g_strconcat (zak_autho_irole_get_role_id (role->irole), + "|", + zak_autho_iresource_get_resource_id (resource->iresource), + NULL); + + if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) + { + ret = ZAK_AUTHO_DENIED; + return ret; + } + if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) + { + ret = ZAK_AUTHO_ALLOWED; + return ret; + } + + if (ret == ZAK_AUTHO_NOT_FOUND && resource->parents != NULL) + { + /* trying parents */ + GList *parents; + + parents = g_list_first (resource->parents); + while (parents != NULL) + { + ret = _zak_autho_is_allowed_resource (zak_autho, role, (Resource *)parents->data); + if (ret != ZAK_AUTHO_NOT_FOUND) + { + break; + } + + parents = g_list_next (parents); + } + } + + if (ret == ZAK_AUTHO_NOT_FOUND && role->parents != NULL) + { + /* trying parents */ + GList *parents; + + parents = g_list_first (role->parents); + while (parents != NULL) + { + ret = _zak_autho_is_allowed_role (zak_autho, (Role *)parents->data, resource, exclude_null); + if (ret != ZAK_AUTHO_NOT_FOUND) + { + break; + } + + parents = g_list_next (parents); + } + } + + return ret; +} + +static ZakAuthoIsAllowed +_zak_autho_is_allowed_resource (ZakAutho *zak_autho, Role *role, Resource *resource) +{ + ZakAuthoIsAllowed ret; + + gchar *str_id; + + ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + ret = ZAK_AUTHO_NOT_FOUND; + + str_id = g_strconcat (zak_autho_irole_get_role_id (role->irole), + "|", + zak_autho_iresource_get_resource_id (resource->iresource), + NULL); + + if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) + { + ret = ZAK_AUTHO_DENIED; + return ret; + } + else if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) + { + ret = ZAK_AUTHO_ALLOWED; + return ret; + } + else if (resource->parents != NULL) + { + /* trying parents */ + GList *parents; + + parents = g_list_first (resource->parents); + while (parents != NULL) + { + ret = _zak_autho_is_allowed_resource (zak_autho, role, (Resource *)parents->data); + if (ret != ZAK_AUTHO_NOT_FOUND) + { + break; + } + + parents = g_list_next (parents); + } + } + + return ret; +} + +static gchar +*_zak_autho_remove_role_name_prefix_from_id (ZakAutho *zak_autho, const gchar *role_id) +{ + gchar *ret; + + ZakAuthoPrivate *priv; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + ret = NULL; + + if (priv->role_name_prefix == NULL + || strlen (priv->role_name_prefix) > strlen (role_id)) + { + ret = g_strdup (role_id); + } + else + { + ret = g_strdup (role_id + strlen (priv->role_name_prefix)); + } + + return ret; +} + +static gchar +*_zak_autho_remove_resource_name_prefix_from_id (ZakAutho *zak_autho, const gchar *resource_id) +{ + gchar *ret; + + ZakAuthoPrivate *priv; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + ret = NULL; + + if (priv->resource_name_prefix == NULL + || strlen (priv->resource_name_prefix) > strlen (resource_id)) + { + ret = g_strdup (resource_id); + } + else + { + ret = g_strdup (resource_id + strlen (priv->resource_name_prefix)); + } + + return ret; +} + +/** + * zak_autho_is_allowed: + * @zak_autho: an #ZakAutho object. + * @irole: an #ZakAuthoIRole object. + * @iresource: an #ZakAuthoIResource object. + * @exclude_null: whether or not to exclude roles allowed to every resource. + * + */ +gboolean +zak_autho_is_allowed (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource, gboolean exclude_null) +{ + gboolean ret; + ZakAuthoIsAllowed isAllowed; + + Role *role; + Resource *resource; + + gchar *str_id; + + ZakAuthoPrivate *priv; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + g_return_val_if_fail (ZAK_AUTHO_IS_IROLE (irole), FALSE); + + _zak_autho_check_updated (zak_autho); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + ret = FALSE; + isAllowed = ZAK_AUTHO_NOT_FOUND; + + role = _zak_autho_get_role_from_id (zak_autho, _zak_autho_remove_role_name_prefix_from_id (zak_autho, zak_autho_irole_get_role_id (irole))); + if (role == NULL) + { + g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole)); + return ret; + } + + if (!exclude_null) + { + /* first trying for a rule for every resource */ + str_id = g_strconcat (zak_autho_irole_get_role_id (irole), + "|NULL", + NULL); + + if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) + { + ret = FALSE; + return ret; + } + if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) + { + ret = TRUE; + return ret; + } + } + + g_return_val_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource), FALSE); + + resource = _zak_autho_get_resource_from_id (zak_autho, _zak_autho_remove_resource_name_prefix_from_id (zak_autho, zak_autho_iresource_get_resource_id (iresource))); + if (resource == NULL) + { + g_warning ("Resource «%s» not found.", zak_autho_iresource_get_resource_id (iresource)); + return ret; + } + + /* and after for specific resource */ + str_id = g_strconcat (zak_autho_irole_get_role_id (irole), + "|", + zak_autho_iresource_get_resource_id (iresource), + NULL); + + if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) + { + ret = FALSE; + return ret; + } + if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) + { + ret = TRUE; + return ret; + } + + if (!ret && resource->parents != NULL) + { + /* trying parents */ + GList *parents; + + parents = g_list_first (resource->parents); + while (parents != NULL) + { + isAllowed = _zak_autho_is_allowed_resource (zak_autho, role, (Resource *)parents->data); + if (isAllowed == ZAK_AUTHO_DENIED) + { + ret = FALSE; + break; + } + else if (isAllowed == ZAK_AUTHO_ALLOWED) + { + ret = TRUE; + break; + } + + parents = g_list_next (parents); + } + } + + if (!ret && isAllowed == ZAK_AUTHO_NOT_FOUND && role->parents != NULL) + { + /* trying parents */ + GList *parents; + + parents = g_list_first (role->parents); + while (parents != NULL) + { + isAllowed = _zak_autho_is_allowed_role (zak_autho, (Role *)parents->data, resource, exclude_null); + if (isAllowed == ZAK_AUTHO_DENIED) + { + ret = FALSE; + break; + } + else if (isAllowed == ZAK_AUTHO_ALLOWED) + { + ret = TRUE; + break; + } + + parents = g_list_next (parents); + } + } + + return ret; +} + +/** + * zak_autho_clear: + * @zak_autho: + * + */ +gboolean +zak_autho_clear (ZakAutho *zak_autho) +{ + gboolean ret; + + ZakAuthoPrivate *priv; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + ret = TRUE; + + g_hash_table_destroy (priv->roles); + g_hash_table_destroy (priv->resources); + g_hash_table_destroy (priv->rules_allow); + g_hash_table_destroy (priv->rules_deny); + + priv->roles = g_hash_table_new (g_str_hash, g_str_equal); + priv->resources = g_hash_table_new (g_str_hash, g_str_equal); + priv->rules_allow = g_hash_table_new (g_str_hash, g_str_equal); + priv->rules_deny = g_hash_table_new (g_str_hash, g_str_equal); + + return ret; +} + +/** + * zak_autho_get_xml: + * @zak_autho: an #ZakAutho object. + * + */ +xmlNodePtr +zak_autho_get_xml (ZakAutho *zak_autho) +{ + ZakAuthoPrivate *priv; + xmlNodePtr ret; + xmlNodePtr xnode_parent; + xmlNodePtr xnode; + + GHashTableIter iter; + gpointer key, value; + + Role *role; + Resource *resource; + Rule *rule; + + GList *parent; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + ret = xmlNewNode (NULL, "zak_autho"); + + /* roles */ + g_hash_table_iter_init (&iter, priv->roles); + while (g_hash_table_iter_next (&iter, &key, &value)) + { + xnode_parent = xmlNewNode (NULL, "role"); + + role = (Role *)value; + xmlSetProp (xnode_parent, "id", zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); + + xmlAddChild (ret, xnode_parent); + + parent = role->parents; + while (parent != NULL) + { + xnode = xmlNewNode (NULL, "parent"); + + role = (Role *)parent->data; + xmlSetProp (xnode, "id", zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); + + xmlAddChild (xnode_parent, xnode); + + parent = g_list_next (parent); + } + } + + /* resources */ + g_hash_table_iter_init (&iter, priv->resources); + while (g_hash_table_iter_next (&iter, &key, &value)) + { + xnode_parent = xmlNewNode (NULL, "resource"); + + resource = (Resource *)value; + xmlSetProp (xnode_parent, "id", zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); + + xmlAddChild (ret, xnode_parent); + + parent = resource->parents; + while (parent != NULL) + { + xnode = xmlNewNode (NULL, "parent"); + + resource = (Resource *)parent->data; + xmlSetProp (xnode, "id", zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); + + xmlAddChild (xnode_parent, xnode); + + parent = g_list_next (parent); + } + } + + /* rules allow */ + g_hash_table_iter_init (&iter, priv->rules_allow); + while (g_hash_table_iter_next (&iter, &key, &value)) + { + xnode = xmlNewNode (NULL, "rule"); + + xmlSetProp (xnode, "allow", "yes"); + + rule = (Rule *)value; + xmlSetProp (xnode, "role", zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (rule->role->irole))); + if (rule->resource != NULL) + { + xmlSetProp (xnode, "resource", zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (rule->resource->iresource))); + } + else + { + xmlSetProp (xnode, "resource", ""); + } + + xmlAddChild (ret, xnode); + } + + /* rules deny */ + g_hash_table_iter_init (&iter, priv->rules_deny); + while (g_hash_table_iter_next (&iter, &key, &value)) + { + xnode = xmlNewNode (NULL, "rule"); + + xmlSetProp (xnode, "allow", "no"); + + rule = (Rule *)value; + xmlSetProp (xnode, "role", zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (rule->role->irole))); + if (rule->resource != NULL) + { + xmlSetProp (xnode, "resource", zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (rule->resource->iresource))); + } + else + { + xmlSetProp (xnode, "resource", "all"); + } + + xmlAddChild (ret, xnode); + } + + return ret; +} + +/** + * zak_autho_load_from_xml: + * @zak_autho: an #ZakAutho object. + * @xnode: + * @replace: + * + */ +gboolean +zak_autho_load_from_xml (ZakAutho *zak_autho, xmlNodePtr xnode, gboolean replace) +{ + gboolean ret; + + ZakAuthoPrivate *priv; + + xmlNodePtr current; + xmlNodePtr current_parent; + + ZakAuthoIRole *irole; + ZakAuthoIResource *iresource; + gchar *prop; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + g_return_val_if_fail (xnode != NULL, FALSE); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + ret = TRUE; + + if (replace) + { + /* clearing current authorizations */ + zak_autho_clear (zak_autho); + } + + if (xmlStrcmp (xnode->name, "zak_autho") != 0) + { + g_warning ("Invalid xml structure."); + ret = FALSE; + } + else + { + current = xnode->children; + while (current != NULL) + { + if (!xmlNodeIsText (current)) + { + if (xmlStrcmp (current->name, "role") == 0) + { + prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "id"))); + if (g_strcmp0 (prop, "") != 0) + { + irole = ZAK_AUTHO_IROLE (zak_autho_role_new (prop)); + g_free (prop); + zak_autho_add_role (zak_autho, irole); + + current_parent = current->children; + while (current_parent != NULL) + { + if (!xmlNodeIsText (current_parent) && + xmlStrcmp (current_parent->name, "parent") == 0) + { + prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current_parent, "id"))); + if (g_strcmp0 (prop, "") != 0) + { + zak_autho_add_parent_to_role (zak_autho, irole, zak_autho_get_role_from_id (zak_autho, prop)); + } + g_free (prop); + } + current_parent = current_parent->next; + } + } + } + else if (xmlStrcmp (current->name, "resource") == 0) + { + prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "id"))); + if (g_strcmp0 (prop, "") != 0) + { + iresource = ZAK_AUTHO_IRESOURCE (zak_autho_resource_new (prop)); + zak_autho_add_resource (zak_autho, iresource); + g_free (prop); + + current_parent = current->children; + while (current_parent != NULL) + { + if (!xmlNodeIsText (current_parent) && + xmlStrcmp (current_parent->name, "parent") == 0) + { + prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current_parent, "id"))); + if (g_strcmp0 (prop, "") != 0) + { + zak_autho_add_parent_to_resource (zak_autho, iresource, zak_autho_get_resource_from_id (zak_autho, prop)); + } + g_free (prop); + } + current_parent = current_parent->next; + } + } + } + else if (xmlStrcmp (current->name, "rule") == 0) + { + prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "role"))); + irole = zak_autho_get_role_from_id (zak_autho, prop); + if (irole != NULL) + { + prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "resource"))); + if (g_strcmp0 (prop, "") == 0) + { + iresource = NULL; + } + else + { + iresource = zak_autho_get_resource_from_id (zak_autho, prop); + } + g_free (prop); + + prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "allow"))); + if (g_strcmp0 (prop, "yes") == 0) + { + zak_autho_allow (zak_autho, irole, iresource); + } + else + { + zak_autho_deny (zak_autho, irole, iresource); + } + g_free (prop); + } + } + } + + current = current->next; + } + } + + return ret; +} + +static gboolean +_zak_autho_delete_table_content (GdaConnection *gdacon, const gchar *table_prefix) +{ + gboolean ret; + + gchar *sql; + GError *error; + + ret = TRUE; + + error = NULL; + sql = g_strdup_printf ("DELETE FROM %sroles", table_prefix); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on deleting roles table content: %s", + error->message != NULL ? error->message : "No details"); + } + error = NULL; + sql = g_strdup_printf ("DELETE FROM %sroles_parents", table_prefix); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on deleting roles_parents table content: %s", + error->message != NULL ? error->message : "No details"); + } + error = NULL; + sql = g_strdup_printf ("DELETE FROM %sresources", table_prefix); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on deleting resources table content: %s", + error->message != NULL ? error->message : "No details"); + } + error = NULL; + sql = g_strdup_printf ("DELETE FROM %sresources_parents", table_prefix); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on deleting resources_parents table content: %s", + error->message != NULL ? error->message : "No details"); + } + error = NULL; + sql = g_strdup_printf ("DELETE FROM %srules", table_prefix); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on deleting rules table content: %s", + error->message != NULL ? error->message : "No details"); + } + + return ret; +} + +static guint +_zak_autho_find_new_table_id (GdaConnection *gdacon, const gchar *table_name) +{ + gchar *sql; + GError *error; + GdaDataModel *dm; + + guint new_id; + + error = NULL; + sql = g_strdup_printf ("SELECT COALESCE (MAX (id), 0) FROM %s", + table_name); + dm = gda_connection_execute_select_command (gdacon, sql, &error); + g_free (sql); + if (dm != NULL && gda_data_model_get_n_rows (dm) == 1) + { + new_id = g_value_get_int (gda_data_model_get_value_at (dm, 0, 0, &error)); + new_id++; + } + else if (dm == NULL || error != NULL) + { + new_id = 0; + g_warning ("Problem on getting new id from table «%s»: %s", + error->message != NULL ? error->message : "no details"); + } + else + { + new_id = 1; + } + g_object_unref (dm); + + return new_id; +} + +static guint +_zak_autho_get_role_id_db (GdaConnection *gdacon, const gchar *table_name, const gchar *role_id) +{ + gchar *sql; + GError *error; + GdaDataModel *dm; + + guint id; + + id = 0; + + error = NULL; + sql = g_strdup_printf ("SELECT id FROM %s" + " WHERE role_id = '%s'", + table_name, + role_id); + dm = gda_connection_execute_select_command (gdacon, sql, &error); + g_free (sql); + if (dm != NULL && gda_data_model_get_n_rows (dm) == 1) + { + id = g_value_get_int (gda_data_model_get_value_at (dm, 0, 0, &error)); + } + else if (error != NULL) + { + g_warning ("Problem on getting role id from table «%s»: %s", + error->message != NULL ? error->message : "no details"); + } + g_object_unref (dm); + + return id; +} + +static guint +_zak_autho_get_resource_id_db (GdaConnection *gdacon, const gchar *table_name, const gchar *resource_id) +{ + gchar *sql; + GError *error; + GdaDataModel *dm; + + guint id; + + id = 0; + + error = NULL; + sql = g_strdup_printf ("SELECT id FROM %s" + " WHERE resource_id = '%s'", + table_name, + resource_id); + dm = gda_connection_execute_select_command (gdacon, sql, &error); + g_free (sql); + if (dm != NULL && gda_data_model_get_n_rows (dm) == 1) + { + id = g_value_get_int (gda_data_model_get_value_at (dm, 0, 0, &error)); + } + else if (error != NULL) + { + g_warning ("Problem on getting resource id from table «%s»: %s", + error->message != NULL ? error->message : "no details"); + } + g_object_unref (dm); + + return id; +} + +/** + * zak_autho_save_to_db: + * @zak_autho: an #ZakAutho object. + * @gdacon: + * @table_prefix: + * @replace: + * + */ +gboolean +zak_autho_save_to_db (ZakAutho *zak_autho, GdaConnection *gdacon, + const gchar *table_prefix, gboolean replace) +{ + ZakAuthoPrivate *priv; + + gboolean ret; + + gboolean in_trans; + + gchar *prefix; + + gchar *sql; + GError *error; + + GHashTableIter iter; + gpointer key, value; + + Role *role; + Resource *resource; + Rule *rule; + + GList *parent; + + gchar *table_name; + gchar *table_name_parent; + + guint new_id; + guint id_parent; + guint id_roles; + guint id_resources; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + g_return_val_if_fail (GDA_IS_CONNECTION (gdacon), FALSE); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + ret = TRUE; + + error = NULL; + in_trans = gda_connection_begin_transaction (gdacon, "zak_autho-save-to-db", 0, &error); + if (!in_trans) + { + g_warning ("Error on starting transaction: %s", + error != NULL && error->message != NULL ? error->message : "No details"); + } + + if (table_prefix == NULL) + { + prefix = g_strdup (""); + } + else + { + prefix = g_strstrip (g_strdup (table_prefix)); + } + + if (replace) + { + /* deleting table's content */ + _zak_autho_delete_table_content (gdacon, prefix); + } + + /* roles */ + table_name = g_strdup_printf ("%sroles", prefix); + table_name_parent = g_strdup_printf ("%s_parents", table_name); + g_hash_table_iter_init (&iter, priv->roles); + while (g_hash_table_iter_next (&iter, &key, &value)) + { + new_id = _zak_autho_find_new_table_id (gdacon, table_name); + if (new_id <= 0) + { + ret = FALSE; + break; + } + + role = (Role *)value; + + error = NULL; + sql = g_strdup_printf ("INSERT INTO %s" + " (id, role_id)" + " VALUES (%d, '%s')", + table_name, + new_id, + zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on saving role «%s»: %s", + zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole)), + error->message != NULL ? error->message : "no details"); + continue; + } + + parent = role->parents; + while (parent != NULL) + { + role = (Role *)parent->data; + + id_parent = _zak_autho_get_role_id_db (gdacon, table_name, zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); + if (id_parent > 0) + { + error = NULL; + sql = g_strdup_printf ("INSERT INTO %s" + " (id_roles, id_roles_parent)" + " VALUES (%d, %d)", + table_name_parent, + new_id, + id_parent); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on saving role parent «%s»: %s", + zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole)), + error->message != NULL ? error->message : "no details"); + continue; + } + } + else + { + g_warning ("Unable to find parent role «%s»", + zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); + } + + parent = g_list_next (parent); + } + } + + if (!ret) + { + g_warning ("Unable to save roles"); + } + + ret = TRUE; + + /* resources */ + table_name = g_strdup_printf ("%sresources", prefix); + table_name_parent = g_strdup_printf ("%s_parents", table_name); + g_hash_table_iter_init (&iter, priv->resources); + while (g_hash_table_iter_next (&iter, &key, &value)) + { + new_id = _zak_autho_find_new_table_id (gdacon, table_name); + if (new_id <= 0) + { + ret = FALSE; + break; + } + + resource = (Resource *)value; + + error = NULL; + sql = g_strdup_printf ("INSERT INTO %s" + " (id, resource_id)" + " VALUES (%d, '%s')", + table_name, + new_id, + zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on saving resource «%s»: %s", + zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource)), + error->message != NULL ? error->message : "no details"); + continue; + } + + parent = resource->parents; + while (parent != NULL) + { + resource = (Resource *)parent->data; + + id_parent = _zak_autho_get_resource_id_db (gdacon, table_name, zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); + if (id_parent > 0) + { + error = NULL; + sql = g_strdup_printf ("INSERT INTO %s" + " (id_resources, id_resources_parent)" + " VALUES (%d, %d)", + table_name_parent, + new_id, + id_parent); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on saving resource parent «%s»: %s", + zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource)), + error->message != NULL ? error->message : "no details"); + continue; + } + } + else + { + g_warning ("Unable to find parent resource «%s»", + zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); + } + + parent = g_list_next (parent); + } + } + + if (!ret) + { + g_warning ("Unable to save resources"); + } + + /* rules allow */ + table_name = g_strdup_printf ("%srules", prefix); + table_name_parent = g_strdup_printf ("%s_parents", table_name); + g_hash_table_iter_init (&iter, priv->rules_allow); + while (g_hash_table_iter_next (&iter, &key, &value)) + { + new_id = _zak_autho_find_new_table_id (gdacon, table_name); + if (new_id <= 0) + { + ret = FALSE; + break; + } + + rule = (Rule *)value; + + id_roles = _zak_autho_get_role_id_db (gdacon, g_strdup_printf ("%sroles", prefix), zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (rule->role->irole))); + if (id_roles > 0) + { + if (rule->resource != NULL) + { + id_resources = _zak_autho_get_resource_id_db (gdacon, g_strdup_printf ("%sresources", prefix), zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (rule->resource->iresource))); + } + else + { + id_resources = 0; + } + + error = NULL; + sql = g_strdup_printf ("INSERT INTO %s" + " (id, type, id_roles, id_resources)" + " VALUES (%d, 1, %d, %d)", + table_name, + new_id, + id_roles, + id_resources); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on saving rule: %s", + error->message != NULL ? error->message : "no details"); + } + } + } + + /* rules deny */ + g_hash_table_iter_init (&iter, priv->rules_deny); + while (g_hash_table_iter_next (&iter, &key, &value)) + { + new_id = _zak_autho_find_new_table_id (gdacon, table_name); + if (new_id <= 0) + { + ret = FALSE; + break; + } + + rule = (Rule *)value; + + id_roles = _zak_autho_get_role_id_db (gdacon, g_strdup_printf ("%sroles", prefix), zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (rule->role->irole))); + if (id_roles > 0) + { + if (rule->resource != NULL) + { + id_resources = _zak_autho_get_resource_id_db (gdacon, g_strdup_printf ("%sresources", prefix), zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (rule->resource->iresource))); + } + else + { + id_resources = 0; + } + + error = NULL; + sql = g_strdup_printf ("INSERT INTO %s" + " (id, type, id_roles, id_resources)" + " VALUES (%d, 2, %d, %d)", + table_name, + new_id, + id_roles, + id_resources); + gda_connection_execute_non_select_command (gdacon, sql, &error); + g_free (sql); + if (error != NULL) + { + g_warning ("Error on saving rule: %s", + error->message != NULL ? error->message : "no details"); + } + } + } + + error = NULL; + if (in_trans && !gda_connection_commit_transaction (gdacon, "zak_autho-save-to-db", &error)) + { + g_warning ("Error on committing transaction: %s", + error != NULL && error->message != NULL ? error->message : "No details"); + } + else + { + ret = TRUE; + } + + return ret; +} + +/** + * zak_autho_load_from_db: + * @zak_autho: an #ZakAutho object. + * @gdacon: + * @table_prefix: + * @replace: + * + */ +gboolean +zak_autho_load_from_db (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace) +{ + ZakAuthoPrivate *priv; + + gboolean ret; + + gchar *prefix; + + gchar *sql; + GError *error; + GdaDataModel *dm; + + const GValue *gval; + gchar *role_id; + gchar *resource_id; + guint rule_type; + + ZakAuthoIRole *irole; + ZakAuthoIRole *irole_parent; + ZakAuthoIResource *iresource; + ZakAuthoIResource *iresource_parent; + Rule *rule; + + guint row; + guint rows; + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + g_return_val_if_fail (GDA_IS_CONNECTION (gdacon), FALSE); + + priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + priv->on_loading = TRUE; + + ret = TRUE; + + if (replace) + { + /* clearing current authorizations */ + zak_autho_clear (zak_autho); + } + + if (table_prefix == NULL) + { + prefix = g_strdup (""); + } + else + { + prefix = g_strstrip (g_strdup (table_prefix)); + } + + /* roles */ + error = NULL; + sql = g_strdup_printf ("SELECT role_id FROM %sroles ORDER BY id", + prefix); + dm = gda_connection_execute_select_command (gdacon, sql, &error); + g_free (sql); + if (dm != NULL && error == NULL) + { + rows = gda_data_model_get_n_rows (dm); + for (row = 0; row < rows; row++) + { + error = NULL; + irole = ZAK_AUTHO_IROLE (zak_autho_role_new (gda_value_stringify (gda_data_model_get_value_at (dm, 0, row, &error)))); + zak_autho_add_role (zak_autho, irole); + } + } + else if (error != NULL) + { + g_warning ("Error on reading table «%sroles»: %s", + prefix, + error->message != NULL ? error->message : "no details"); + } + g_object_unref (dm); + + /* roles parents */ + error = NULL; + sql = g_strdup_printf ("SELECT r1.role_id, r2.role_id" + " FROM %sroles_parents AS rp" + " INNER JOIN %sroles AS r1 ON rp.id_roles = r1.id" + " INNER JOIN %sroles AS r2 ON rp.id_roles_parent = r2.id" + " ORDER BY rp.id_roles, rp.id_roles_parent", + prefix, + prefix, + prefix); + dm = gda_connection_execute_select_command (gdacon, sql, &error); + g_free (sql); + if (dm != NULL && error == NULL) + { + rows = gda_data_model_get_n_rows (dm); + for (row = 0; row < rows; row++) + { + error = NULL; + irole = ZAK_AUTHO_IROLE (zak_autho_role_new (gda_value_stringify (gda_data_model_get_value_at (dm, 0, row, &error)))); + error = NULL; + irole_parent = ZAK_AUTHO_IROLE (zak_autho_role_new (gda_value_stringify (gda_data_model_get_value_at (dm, 1, row, &error)))); + zak_autho_add_parent_to_role (zak_autho, irole, irole_parent); + } + } + else if (error != NULL) + { + g_warning ("Error on reading table «%sroles_parents»: %s", + prefix, + error->message != NULL ? error->message : "no details"); + } + g_object_unref (dm); + + /* resources */ + error = NULL; + sql = g_strdup_printf ("SELECT resource_id FROM %sresources ORDER BY id", + prefix); + dm = gda_connection_execute_select_command (gdacon, sql, &error); + g_free (sql); + if (dm != NULL && error == NULL) + { + rows = gda_data_model_get_n_rows (dm); + for (row = 0; row < rows; row++) + { + error = NULL; + iresource = ZAK_AUTHO_IRESOURCE (zak_autho_resource_new (gda_value_stringify (gda_data_model_get_value_at (dm, 0, row, &error)))); + zak_autho_add_resource (zak_autho, iresource); + } + } + else if (error != NULL) + { + g_warning ("Error on reading table «%sresources»: %s", + prefix, + error->message != NULL ? error->message : "no details"); + } + g_object_unref (dm); + + /* resources parents */ + error = NULL; + sql = g_strdup_printf ("SELECT r1.resource_id, r2.resource_id" + " FROM %sresources_parents AS rp" + " INNER JOIN %sresources AS r1 ON rp.id_resources = r1.id" + " INNER JOIN %sresources AS r2 ON rp.id_resources_parent = r2.id" + " ORDER BY rp.id_resources, rp.id_resources_parent", + prefix, + prefix, + prefix); + dm = gda_connection_execute_select_command (gdacon, sql, &error); + g_free (sql); + if (dm != NULL && error == NULL) + { + rows = gda_data_model_get_n_rows (dm); + for (row = 0; row < rows; row++) + { + error = NULL; + iresource = ZAK_AUTHO_IRESOURCE (zak_autho_resource_new (gda_value_stringify (gda_data_model_get_value_at (dm, 0, row, &error)))); + error = NULL; + iresource_parent = ZAK_AUTHO_IRESOURCE (zak_autho_resource_new (gda_value_stringify (gda_data_model_get_value_at (dm, 1, row, &error)))); + zak_autho_add_parent_to_resource (zak_autho, iresource, iresource_parent); + } + } + else if (error != NULL) + { + g_warning ("Error on reading table «%sresources_parents»: %s", + prefix, + error->message != NULL ? error->message : "no details"); + } + g_object_unref (dm); + + /* rules */ + error = NULL; + sql = g_strdup_printf ("SELECT ru.type, ro.role_id, re.resource_id" + " FROM %srules AS ru" + " LEFT JOIN %sroles AS ro ON ru.id_roles = ro.id" + " LEFT JOIN %sresources AS re ON ru.id_resources = re.id", + prefix, + prefix, + prefix); + dm = gda_connection_execute_select_command (gdacon, sql, &error); + g_free (sql); + if (dm != NULL && error == NULL) + { + rows = gda_data_model_get_n_rows (dm); + for (row = 0; row < rows; row++) + { + error = NULL; + gval = gda_data_model_get_value_at (dm, 1, row, &error); + if (gval == NULL || error != NULL) + { + g_warning ("Error on reading role_id value: %s", + error != NULL && error->message != NULL ? error->message : "no details"); + } + else if (gval != NULL && error == NULL && !gda_value_is_null (gval)) + { + role_id = gda_value_stringify (gval); + irole = zak_autho_get_role_from_id (zak_autho, role_id); + if (irole != NULL) + { + error = NULL; + gval = gda_data_model_get_value_at (dm, 2, row, &error); + if (gval == NULL || gda_value_is_null (gval)) + { + if (error != NULL) + { + g_warning ("Error on reading resource value: %s", + error != NULL && error->message != NULL ? error->message : "no details"); + } + iresource = NULL; + } + else + { + resource_id = gda_value_stringify (gval); + iresource = zak_autho_get_resource_from_id (zak_autho, resource_id); + } + + error = NULL; + gval = gda_data_model_get_value_at (dm, 0, row, &error); + if (gval == NULL || error != NULL) + { + g_warning ("Error on reading type value: %s", + error != NULL && error->message != NULL ? error->message : "no details"); + } + else if (gval != NULL && error == NULL && !gda_value_is_null (gval)) + { + rule_type = g_value_get_int (gval); + if (rule_type == 1) + { + zak_autho_allow (zak_autho, irole, iresource); + } + else if (rule_type == 2) + { + zak_autho_deny (zak_autho, irole, iresource); + } + else + { + g_warning ("Rule type %d not admitted", rule_type); + } + } + } + } + } + } + else if (error != NULL) + { + g_warning ("Error on reading table «%srules»: %s", + prefix, + error->message != NULL ? error->message : "no details"); + } + g_object_unref (dm); + + g_free (prefix); + + if (priv->gdt_last_load != NULL) + { + g_date_time_unref (priv->gdt_last_load); + } + priv->gdt_last_load = g_date_time_new_now_local (); + + priv->on_loading = FALSE; + + return ret; +} + +gboolean +zak_autho_load_from_db_with_monitor (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace) +{ + ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); + g_return_val_if_fail (GDA_IS_CONNECTION (gdacon), FALSE); + + priv->gdacon = gdacon; + if (table_prefix == NULL) + { + if (priv->table_prefix != NULL) + { + g_free (priv->table_prefix); + } + priv->table_prefix = g_strdup (""); + } + else + { + priv->table_prefix = g_strdup (table_prefix); + } + + zak_autho_load_from_db (zak_autho, gdacon, table_prefix, replace); +} + +static void +_zak_autho_check_updated (ZakAutho *zak_autho) +{ + GError *error; + gchar *sql; + GdaDataModel *dm; + + const GValue *gval; + const GdaTimestamp *gda_timestamp; + GDateTime *gda_datetime; + + ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); + + if (priv->on_loading) + { + return; + } + + if (!GDA_IS_CONNECTION (priv->gdacon)) + { + return; + } + + error = NULL; + sql = g_strdup_printf ("SELECT update FROM %stimestamp_update", + priv->table_prefix); + dm = gda_connection_execute_select_command (priv->gdacon, sql, &error); + g_free (sql); + if (dm != NULL && error == NULL && gda_data_model_get_n_rows (dm) > 0) + { + gval = gda_data_model_get_value_at (dm, 0, 0, NULL); + if (!gda_value_is_null (gval)) + { + gda_timestamp = gda_value_get_timestamp (gval); + gda_datetime = g_date_time_new_local (gda_timestamp->year, + gda_timestamp->month, + gda_timestamp->day, + gda_timestamp->hour, + gda_timestamp->minute, + gda_timestamp->second); + + if (g_date_time_compare (priv->gdt_last_load, gda_datetime) < 0) + { + /* to reload */ + zak_autho_load_from_db_with_monitor (zak_autho, priv->gdacon, priv->table_prefix, TRUE); + } + g_date_time_unref (gda_datetime); + } + } + else if (error != NULL) + { + g_warning ("Error on reading table «%stimestamp_update»: %s", + priv->table_prefix, + error->message != NULL ? error->message : "no details"); + } + g_object_unref (dm); +} + +/* PRIVATE */ +static void +zak_autho_set_property (GObject *object, + guint property_id, + const GValue *value, + GParamSpec *pspec) +{ + ZakAutho *zak_autho = (ZakAutho *)object; + ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + switch (property_id) + { + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); + break; + } +} + +static void +zak_autho_get_property (GObject *object, + guint property_id, + GValue *value, + GParamSpec *pspec) +{ + ZakAutho *zak_autho = (ZakAutho *)object; + ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); + + switch (property_id) + { + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); + break; + } +} diff --git a/src/autho.h b/src/autho.h new file mode 100644 index 0000000..a8f0064 --- /dev/null +++ b/src/autho.h @@ -0,0 +1,102 @@ +/* + * Copyright (C) 2010-2015 Andrea Zagli + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef __LIB_ZAK_AUTHO_H__ +#define __LIB_ZAK_AUTHO_H__ + +#include +#include + +#include +#include + + +G_BEGIN_DECLS + + +#include "role_interface.h" +#include "resource_interface.h" + +#define ZAK_TYPE_AUTHO (zak_autho_get_type ()) +#define ZAK_AUTHO(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), ZAK_TYPE_AUTHO, ZakAutho)) +#define ZAK_AUTHO_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), ZAK_TYPE_AUTHO, ZakAuthoClass)) +#define IS_ZAK_AUTHO(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), ZAK_TYPE_AUTHO)) +#define IS_ZAK_AUTHO_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), ZAK_TYPE_AUTHO)) +#define ZAK_AUTHO_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), ZAK_TYPE_AUTHO, ZakAuthoClass)) + + +typedef struct _ZakAutho ZakAutho; +typedef struct _ZakAuthoClass ZakAuthoClass; + +struct _ZakAutho + { + GObject parent; + }; + +struct _ZakAuthoClass + { + GObjectClass parent_class; + }; + +GType zak_autho_get_type (void) G_GNUC_CONST; + + +ZakAutho *zak_autho_new (void); + +void zak_autho_set_role_name_prefix (ZakAutho *zak_autho, const gchar *prefix); +const gchar *zak_autho_get_role_name_prefix (ZakAutho *zak_autho); +void zak_autho_set_resource_name_prefix (ZakAutho *zak_autho, const gchar *prefix); +const gchar *zak_autho_get_resource_name_prefix (ZakAutho *zak_autho); + +void zak_autho_add_role (ZakAutho *zak_autho, ZakAuthoIRole *irole); +void zak_autho_add_role_with_parents (ZakAutho *zak_autho, ZakAuthoIRole *irole, ...); +void zak_autho_add_parent_to_role (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIRole *irole_parent); +void zak_autho_add_parents_to_role (ZakAutho *zak_autho, ZakAuthoIRole *irole, ...); + +gboolean zak_autho_role_is_child (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIRole *irole_parent); + +ZakAuthoIRole *zak_autho_get_role_from_id (ZakAutho *zak_autho, const gchar *role_id); + +void zak_autho_add_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource); +void zak_autho_add_resource_with_parents (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ...); +void zak_autho_add_parent_to_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ZakAuthoIResource *iresource_parent); +void zak_autho_add_parents_to_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ...); + +gboolean zak_autho_resource_is_child (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ZakAuthoIResource *iresource_parent); + +ZakAuthoIResource *zak_autho_get_resource_from_id (ZakAutho *zak_autho, const gchar *resource_id); + +void zak_autho_allow (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource); +void zak_autho_deny (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource); + +gboolean zak_autho_is_allowed (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource, gboolean exclude_null); + +gboolean zak_autho_clear (ZakAutho *zak_autho); + +xmlNodePtr zak_autho_get_xml (ZakAutho *zak_autho); +gboolean zak_autho_load_from_xml (ZakAutho *zak_autho, xmlNodePtr xnode, gboolean replace); + +gboolean zak_autho_save_to_db (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace); +gboolean zak_autho_load_from_db (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace); +gboolean zak_autho_load_from_db_with_monitor (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace); + + +G_END_DECLS + + +#endif /* __LIB_ZAK_AUTHO_H__ */ diff --git a/src/autoz.c b/src/autoz.c deleted file mode 100644 index 6e6a56d..0000000 --- a/src/autoz.c +++ /dev/null @@ -1,2358 +0,0 @@ -/* - * Copyright (C) 2010-2015 Andrea Zagli - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2.1 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - */ - -#ifdef HAVE_CONFIG_H - #include -#endif - -#include -#include - -#include "autoz.h" - -#include "role.h" -#include "resource.h" - -typedef struct _Role Role; -struct _Role - { - ZakAuthoIRole *irole; - GList *parents; /* struct Role */ - }; - -typedef struct _Resource Resource; -struct _Resource - { - ZakAuthoIResource *iresource; - GList *parents; /* struct Resource */ - }; - -typedef struct _Rule Rule; -struct _Rule - { - Role *role; - Resource *resource; - }; - -typedef enum ZakAuthoIsAllowed - { - ZAK_AUTHO_ALLOWED, - ZAK_AUTHO_DENIED, - ZAK_AUTHO_NOT_FOUND - } ZakAuthoIsAllowed; - -static void zak_autho_class_init (ZakAuthoClass *class); -static void zak_autho_init (ZakAutho *zak_autho); - -static ZakAuthoIsAllowed _zak_autho_is_allowed_role (ZakAutho *zak_autho, Role *role, Resource *resource, gboolean exclude_null); -static ZakAuthoIsAllowed _zak_autho_is_allowed_resource (ZakAutho *zak_autho, Role *role, Resource *resource); - -static gboolean _zak_autho_delete_table_content (GdaConnection *gdacon, const gchar *table_prefix); -static guint _zak_autho_find_new_table_id (GdaConnection *gdacon, const gchar *table_name); -static guint _zak_autho_get_role_id_db (GdaConnection *gdacon, const gchar *table_name, const gchar *role_id); -static guint _zak_autho_get_resource_id_db (GdaConnection *gdacon, const gchar *table_name, const gchar *resource_id); - -static void _zak_autho_check_updated (ZakAutho *zak_autho); - -static Role *_zak_autho_get_role_from_id (ZakAutho *zak_autho, const gchar *role_id); -static Resource *_zak_autho_get_resource_from_id (ZakAutho *zak_autho, const gchar *resource_id); - -static gchar *_zak_autho_remove_role_name_prefix_from_id (ZakAutho *zak_autho, const gchar *role_id); -static gchar *_zak_autho_remove_resource_name_prefix_from_id (ZakAutho *zak_autho, const gchar *resource_id); - -static void zak_autho_set_property (GObject *object, - guint property_id, - const GValue *value, - GParamSpec *pspec); -static void zak_autho_get_property (GObject *object, - guint property_id, - GValue *value, - GParamSpec *pspec); - -#define ZAK_AUTHO_GET_PRIVATE(obj) (G_TYPE_INSTANCE_GET_PRIVATE ((obj), ZAK_TYPE_AUTHO, ZakAuthoPrivate)) - -typedef struct _ZakAuthoPrivate ZakAuthoPrivate; -struct _ZakAuthoPrivate - { - gchar *role_name_prefix; - gchar *resource_name_prefix; - - GHashTable *roles; /* struct Role */ - GHashTable *resources; /* struct Resource */ - - GHashTable *rules_allow; /* struct Rule */ - GHashTable *rules_deny; /* struct Rule */ - - GdaConnection *gdacon; - gchar *table_prefix; - GDateTime *gdt_last_load; - gboolean on_loading; - }; - -G_DEFINE_TYPE (ZakAutho, zak_autho, G_TYPE_OBJECT) - -static void -zak_autho_class_init (ZakAuthoClass *class) -{ - GObjectClass *object_class = G_OBJECT_CLASS (class); - - object_class->set_property = zak_autho_set_property; - object_class->get_property = zak_autho_get_property; - - g_type_class_add_private (object_class, sizeof (ZakAuthoPrivate)); -} - -static void -zak_autho_init (ZakAutho *zak_autho) -{ - ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - priv->role_name_prefix = NULL; - priv->resource_name_prefix = NULL; - - priv->roles = g_hash_table_new (g_str_hash, g_str_equal); - priv->resources = g_hash_table_new (g_str_hash, g_str_equal); - - priv->rules_allow = g_hash_table_new (g_str_hash, g_str_equal); - priv->rules_deny = g_hash_table_new (g_str_hash, g_str_equal); - - priv->gdacon = NULL; - priv->table_prefix = NULL; - priv->gdt_last_load = NULL; - priv->on_loading = FALSE; -} - -/** - * zak_autho_new: - * - * Returns: the newly created #ZakAutho object. - */ -ZakAutho -*zak_autho_new () -{ - return ZAK_AUTHO (g_object_new (zak_autho_get_type (), NULL)); -} - -/** - * zak_autho_set_role_name_prefix: - * @zak_autho: an #ZakAutho object. - * @prefix: - * - */ -void -zak_autho_set_role_name_prefix (ZakAutho *zak_autho, const gchar *prefix) -{ - ZakAuthoPrivate *priv; - - g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - if (priv->role_name_prefix != NULL) - { - g_free (priv->role_name_prefix); - } - - if (prefix == NULL) - { - priv->role_name_prefix = NULL; - } - else - { - priv->role_name_prefix = g_strdup (prefix); - } -} - -/** - * zak_autho_get_role_name_prefix: - * @zak_autho: an #ZakAutho object. - * - */ -const gchar -*zak_autho_get_role_name_prefix (ZakAutho *zak_autho) -{ - ZakAuthoPrivate *priv; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), NULL); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - return priv->role_name_prefix == NULL ? NULL : g_strdup (priv->role_name_prefix); -} - -/** - * zak_autho_set_resource_name_prefix: - * @zak_autho: an #ZakAutho object. - * @prefix: - * - */ -void -zak_autho_set_resource_name_prefix (ZakAutho *zak_autho, const gchar *prefix) -{ - ZakAuthoPrivate *priv; - - g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - if (priv->resource_name_prefix != NULL) - { - g_free (priv->resource_name_prefix); - } - - if (prefix == NULL) - { - priv->resource_name_prefix = NULL; - } - else - { - priv->resource_name_prefix = g_strdup (prefix); - } -} - -/** - * zak_autho_get_resource_name_prefix: - * @zak_autho: an #ZakAutho object. - * - */ -const gchar -*zak_autho_get_resource_name_prefix (ZakAutho *zak_autho) -{ - ZakAuthoPrivate *priv; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), NULL); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - return priv->resource_name_prefix == NULL ? NULL : g_strdup (priv->resource_name_prefix); -} - -/** - * zak_autho_add_role: - * @zak_autho: an #ZakAutho object. - * @irole: - * - */ -void -zak_autho_add_role (ZakAutho *zak_autho, ZakAuthoIRole *irole) -{ - zak_autho_add_role_with_parents (zak_autho, irole, NULL); -} - -/** - * zak_autho_add_role_with_parents: - * @zak_autho: an #ZakAutho object. - * @irole: - * @...: - * - */ -void -zak_autho_add_role_with_parents (ZakAutho *zak_autho, ZakAuthoIRole *irole, ...) -{ - ZakAuthoPrivate *priv; - - const gchar *role_id; - const gchar *role_id_parent; - - g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); - g_return_if_fail (ZAK_AUTHO_IS_IROLE (irole)); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - role_id = zak_autho_irole_get_role_id (irole); - - if (g_hash_table_lookup (priv->roles, role_id) == NULL) - { - va_list args; - Role *role; - - ZakAuthoIRole *irole_parent; - Role *role_parent; - - role = (Role *)g_malloc0 (sizeof (Role)); - role->irole = irole; - role->parents = NULL; - - va_start (args, irole); - while ((irole_parent = va_arg (args, ZakAuthoIRole *)) != NULL) - { - role_id_parent = zak_autho_irole_get_role_id (irole_parent); - if (g_strcmp0 (role_id, role_id_parent) == 0) - { - g_warning ("The parent cannot be himself (%s).", role_id); - } - else - { - role_parent = g_hash_table_lookup (priv->roles, role_id_parent); - if (role_parent != NULL) - { - role->parents = g_list_append (role->parents, role_parent); - } - else - { - g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole_parent)); - } - } - } - va_end (args); - - g_hash_table_insert (priv->roles, (gpointer)role_id, (gpointer)role); - } - else - { - g_warning ("Role «%s» not found.", role_id); - } -} - -/** - * zak_autho_add_parent_to_role: - * @zak_autho: an #ZakAutho object. - * @irole: - * @irole_parent: - * - */ -void -zak_autho_add_parent_to_role (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIRole *irole_parent) -{ - zak_autho_add_parents_to_role (zak_autho, irole, irole_parent, NULL); -} - -/** - * zak_autho_add_parents_to_role: - * @zak_autho: an #ZakAutho object. - * @irole: - * @...: - * - */ -void -zak_autho_add_parents_to_role (ZakAutho *zak_autho, ZakAuthoIRole *irole, ...) -{ - ZakAuthoPrivate *priv; - - Role *role; - - const gchar *role_id; - const gchar *role_id_parent; - - g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); - g_return_if_fail (ZAK_AUTHO_IS_IROLE (irole)); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - role_id = zak_autho_irole_get_role_id (irole); - - role = g_hash_table_lookup (priv->roles, role_id); - if (role != NULL) - { - va_list args; - - ZakAuthoIRole *irole_parent; - Role *role_parent; - - va_start (args, irole); - while ((irole_parent = va_arg (args, ZakAuthoIRole *)) != NULL) - { - role_id_parent = zak_autho_irole_get_role_id (irole_parent); - if (g_strcmp0 (role_id, role_id_parent) == 0) - { - g_warning ("The parent cannot be himself (%s).", role_id); - } - else - { - role_parent = g_hash_table_lookup (priv->roles, role_id_parent); - if (role_parent != NULL) - { - role->parents = g_list_append (role->parents, role_parent); - } - else - { - g_warning ("Role «%s» not found.", role_id); - } - } - } - va_end (args); - } - else - { - g_warning ("Role «%s» not found.", role_id); - } -} - -/** - * zak_autho_role_is_child: - * @zak_autho: an #ZakAutho object. - * @irole: an #ZakAuthoIRole object. - * @irole_parent: an #ZakAuthoIRole object. - * - * Returns: #TRUE if @irole is a @irole_parent's child; #FALSE otherwise. - */ -gboolean -zak_autho_role_is_child (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIRole *irole_parent) -{ - ZakAuthoPrivate *priv; - gboolean ret; - - Role *role; - Role *role_parent; - const gchar *role_id_parent; - GList *parent; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - g_return_val_if_fail (ZAK_AUTHO_IS_IROLE (irole), FALSE); - g_return_val_if_fail (ZAK_AUTHO_IS_IROLE (irole_parent), FALSE); - - _zak_autho_check_updated (zak_autho); - - ret = FALSE; - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - role = g_hash_table_lookup (priv->roles, zak_autho_irole_get_role_id (irole)); - if (role == NULL) - { - g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole)); - return ret; - } - role_id_parent = zak_autho_irole_get_role_id (irole_parent); - role_parent = g_hash_table_lookup (priv->roles, role_id_parent); - if (role_parent == NULL) - { - g_warning ("Role parent «%s» not found.", role_id_parent); - return ret; - } - - parent = g_list_first (role->parents); - while (parent != NULL) - { - /* TODO recursion */ - role_parent = (Role *)parent->data; - if (g_strcmp0 (role_id_parent, zak_autho_irole_get_role_id (role_parent->irole)) == 0) - { - ret = TRUE; - break; - } - - parent = g_list_next (parent); - } - - return ret; -} - -static Role -*_zak_autho_get_role_from_id (ZakAutho *zak_autho, const gchar *role_id) -{ - ZakAuthoPrivate *priv; - Role *role; - - gchar *_role_id; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), NULL); - - _zak_autho_check_updated (zak_autho); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - if (priv->role_name_prefix != NULL) - { - _role_id = g_strdup_printf ("%s%s", priv->role_name_prefix, role_id); - } - else - { - _role_id = g_strdup (role_id); - } - - role = g_hash_table_lookup (priv->roles, _role_id); - g_free (_role_id); - - return role; -} - -/** - * zak_autho_get_role_from_id: - * @zak_autho: an #ZakAutho object. - * @role_id: - * - */ -ZakAuthoIRole -*zak_autho_get_role_from_id (ZakAutho *zak_autho, const gchar *role_id) -{ - Role *role; - - role = _zak_autho_get_role_from_id (zak_autho, role_id); - if (role == NULL) - { - return NULL; - } - else - { - return role->irole; - } -} - -/** - * zak_autho_add_resource: - * @zak_autho: an #ZakAutho object. - * @iresource: - * - */ -void -zak_autho_add_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource) -{ - zak_autho_add_resource_with_parents (zak_autho, iresource, NULL); -} - -/** - * zak_autho_add_resource_with_parents: - * @zak_autho: an #ZakAutho object. - * @iresource: - * @...: - * - */ -void -zak_autho_add_resource_with_parents (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ...) -{ - ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - const gchar *resource_id; - const gchar *resource_id_parent; - - g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); - g_return_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource)); - - resource_id = zak_autho_iresource_get_resource_id (iresource); - - if (g_hash_table_lookup (priv->resources, resource_id) == NULL) - { - va_list args; - Resource *resource; - - ZakAuthoIResource *iresource_parent; - Resource *resource_parent; - - resource = (Resource *)g_malloc0 (sizeof (Resource)); - resource->iresource = iresource; - resource->parents = NULL; - - va_start (args, iresource); - while ((iresource_parent = va_arg (args, ZakAuthoIResource *)) != NULL) - { - resource_id_parent = zak_autho_iresource_get_resource_id (iresource_parent); - if (g_strcmp0 (resource_id, resource_id_parent) == 0) - { - g_warning ("The parent cannot be himself (%s).", resource_id); - } - else - { - resource_parent = g_hash_table_lookup (priv->resources, resource_id_parent); - if (resource_parent != NULL) - { - resource->parents = g_list_append (resource->parents, resource_parent); - } - else - { - g_warning ("Resource «%s» not found.", zak_autho_iresource_get_resource_id (iresource_parent)); - } - } - } - va_end (args); - - g_hash_table_insert (priv->resources, (gpointer)resource_id, (gpointer)resource); - } - else - { - g_warning ("Resource «%s» not found.", resource_id); - } -} - -/** - * zak_autho_add_parent_to_resource: - * @zak_autho: an #ZakAutho object. - * @iresource: an #ZakAuthoIResource object. - * @iresource_parent: an #ZakAuthoIResource object. - * - */ -void -zak_autho_add_parent_to_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ZakAuthoIResource *iresource_parent) -{ - zak_autho_add_parents_to_resource (zak_autho, iresource, iresource_parent, NULL); -} - -/** - * zak_autho_add_parents_to_resource: - * @zak_autho: an #ZakAutho object. - * @iresource: - * @...: - * - */ -void -zak_autho_add_parents_to_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ...) -{ - ZakAuthoPrivate *priv; - - Resource *resource; - - const gchar *resource_id; - const gchar *resource_id_parent; - - g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); - g_return_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource)); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - resource_id = zak_autho_iresource_get_resource_id (iresource); - - resource = g_hash_table_lookup (priv->resources, resource_id); - if (resource != NULL) - { - va_list args; - - ZakAuthoIResource *iresource_parent; - Resource *resource_parent; - - va_start (args, iresource); - while ((iresource_parent = va_arg (args, ZakAuthoIResource *)) != NULL) - { - resource_id_parent = zak_autho_iresource_get_resource_id (iresource_parent); - if (g_strcmp0 (resource_id, resource_id_parent) == 0) - { - g_warning ("The parent cannot be himself (%s).", resource_id); - } - else - { - resource_parent = g_hash_table_lookup (priv->resources, resource_id_parent); - if (resource_parent != NULL) - { - resource->parents = g_list_append (resource->parents, resource_parent); - } - else - { - g_warning ("Resource «%s» not found.", resource_id); - } - } - } - va_end (args); - } - else - { - g_warning ("Resource «%s» not found.", resource_id); - } -} - -/** - * zak_autho_resource_is_child: - * @zak_autho: an #ZakAutho object. - * @iresource: an #ZakAuthoIResource object. - * @iresource_parent: an #ZakAuthoIResource object. - * - * Returns: #TRUE if @iresource is a @iresource_parent's child; #FALSE otherwise. - */ -gboolean -zak_autho_resource_is_child (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ZakAuthoIResource *iresource_parent) -{ - ZakAuthoPrivate *priv; - gboolean ret; - - Resource *resource; - Resource *resource_parent; - const gchar *resource_id_parent; - GList *parent; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - g_return_val_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource), FALSE); - g_return_val_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource_parent), FALSE); - - _zak_autho_check_updated (zak_autho); - - ret = FALSE; - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - resource = g_hash_table_lookup (priv->resources, zak_autho_iresource_get_resource_id (iresource)); - if (resource == NULL) - { - g_warning ("Resource «%s» not found.", zak_autho_iresource_get_resource_id (iresource)); - return ret; - } - resource_id_parent = zak_autho_iresource_get_resource_id (iresource_parent); - resource_parent = g_hash_table_lookup (priv->resources, resource_id_parent); - if (resource_parent == NULL) - { - g_warning ("Resource parent «%s» not found.", resource_id_parent); - return ret; - } - - parent = g_list_first (resource->parents); - while (parent != NULL) - { - /* TODO recursion */ - resource_parent = (Resource *)parent->data; - if (g_strcmp0 (resource_id_parent, zak_autho_iresource_get_resource_id (resource_parent->iresource)) == 0) - { - ret = TRUE; - break; - } - - parent = g_list_next (parent); - } - - return ret; -} - -static Resource -*_zak_autho_get_resource_from_id (ZakAutho *zak_autho, const gchar *resource_id) -{ - ZakAuthoPrivate *priv; - Resource *resource; - - gchar *_resource_id; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), NULL); - - _zak_autho_check_updated (zak_autho); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - if (priv->resource_name_prefix != NULL) - { - _resource_id = g_strdup_printf ("%s%s", priv->resource_name_prefix, resource_id); - } - else - { - _resource_id = g_strdup (resource_id); - } - - resource = g_hash_table_lookup (priv->resources, _resource_id); - g_free (_resource_id); - - return resource; -} - -/** - * zak_autho_get_resource_from_id: - * @zak_autho: an #ZakAutho object. - * @resource_id: - * - */ -ZakAuthoIResource -*zak_autho_get_resource_from_id (ZakAutho *zak_autho, const gchar *resource_id) -{ - Resource *resource; - - resource = _zak_autho_get_resource_from_id (zak_autho, resource_id); - if (resource == NULL) - { - return NULL; - } - else - { - return resource->iresource; - } -} - -/** - * zak_autho_allow: - * @zak_autho: an #ZakAutho object. - * @irole: - * @iresource: - * - */ -void -zak_autho_allow (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource) -{ - ZakAuthoPrivate *priv; - - Role *role; - Resource *resource; - - Rule *r; - - gchar *str_id; - - g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - /* check if exists */ - role = g_hash_table_lookup (priv->roles, zak_autho_irole_get_role_id (irole)); - if (role == NULL) - { - g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole)); - return; - } - - /* accept also NULL resource (equal to allow every resource) */ - if (iresource == NULL) - { - resource = NULL; - } - else - { - g_return_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource)); - - resource = g_hash_table_lookup (priv->resources, zak_autho_iresource_get_resource_id (iresource)); - if (resource == NULL) - { - g_warning ("Resource «%s» not found.", zak_autho_iresource_get_resource_id (iresource)); - return; - } - } - - r = (Rule *)g_malloc0 (sizeof (Rule)); - r->role = role; - r->resource = resource; - - str_id = g_strconcat (zak_autho_irole_get_role_id (r->role->irole), - "|", - (resource == NULL ? "NULL" : zak_autho_iresource_get_resource_id (r->resource->iresource)), - NULL); - - if (g_hash_table_lookup (priv->rules_allow, str_id) == NULL) - { - g_hash_table_insert (priv->rules_allow, str_id, r); - } -} - -/** - * zak_autho_deny: - * @zak_autho: an #ZakAutho object. - * @irole: - * @iresource: - * - */ -void -zak_autho_deny (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource) -{ - ZakAuthoPrivate *priv; - - Role *role; - Resource *resource; - - Rule *r; - - gchar *str_id; - - g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - /* check if exists */ - role = g_hash_table_lookup (priv->roles, zak_autho_irole_get_role_id (irole)); - if (role == NULL) - { - g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole)); - return; - } - - /* accept also NULL resource (equal to deny every resource) */ - if (iresource == NULL) - { - resource = NULL; - } - else - { - g_return_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource)); - - resource = g_hash_table_lookup (priv->resources, zak_autho_iresource_get_resource_id (iresource)); - if (resource == NULL) - { - return; - } - } - - r = (Rule *)g_malloc0 (sizeof (Rule)); - r->role = role; - r->resource = resource; - - str_id = g_strconcat (zak_autho_irole_get_role_id (r->role->irole), - "|", - (resource == NULL ? "NULL" : zak_autho_iresource_get_resource_id (r->resource->iresource)), - NULL); - - if (g_hash_table_lookup (priv->rules_deny, str_id) == NULL) - { - g_hash_table_insert (priv->rules_deny, str_id, r); - } -} - -static ZakAuthoIsAllowed -_zak_autho_is_allowed_role (ZakAutho *zak_autho, Role *role, Resource *resource, gboolean exclude_null) -{ - ZakAuthoIsAllowed ret; - - gchar *str_id; - - ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - ret = ZAK_AUTHO_NOT_FOUND; - - if (!exclude_null) - { - /* first trying for a rule for every resource */ - str_id = g_strconcat (zak_autho_irole_get_role_id (role->irole), - "|NULL", - NULL); - - if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) - { - ret = ZAK_AUTHO_DENIED; - return ret; - } - if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) - { - ret = ZAK_AUTHO_ALLOWED; - return ret; - } - } - - /* and after for specific resource */ - str_id = g_strconcat (zak_autho_irole_get_role_id (role->irole), - "|", - zak_autho_iresource_get_resource_id (resource->iresource), - NULL); - - if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) - { - ret = ZAK_AUTHO_DENIED; - return ret; - } - if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) - { - ret = ZAK_AUTHO_ALLOWED; - return ret; - } - - if (ret == ZAK_AUTHO_NOT_FOUND && resource->parents != NULL) - { - /* trying parents */ - GList *parents; - - parents = g_list_first (resource->parents); - while (parents != NULL) - { - ret = _zak_autho_is_allowed_resource (zak_autho, role, (Resource *)parents->data); - if (ret != ZAK_AUTHO_NOT_FOUND) - { - break; - } - - parents = g_list_next (parents); - } - } - - if (ret == ZAK_AUTHO_NOT_FOUND && role->parents != NULL) - { - /* trying parents */ - GList *parents; - - parents = g_list_first (role->parents); - while (parents != NULL) - { - ret = _zak_autho_is_allowed_role (zak_autho, (Role *)parents->data, resource, exclude_null); - if (ret != ZAK_AUTHO_NOT_FOUND) - { - break; - } - - parents = g_list_next (parents); - } - } - - return ret; -} - -static ZakAuthoIsAllowed -_zak_autho_is_allowed_resource (ZakAutho *zak_autho, Role *role, Resource *resource) -{ - ZakAuthoIsAllowed ret; - - gchar *str_id; - - ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - ret = ZAK_AUTHO_NOT_FOUND; - - str_id = g_strconcat (zak_autho_irole_get_role_id (role->irole), - "|", - zak_autho_iresource_get_resource_id (resource->iresource), - NULL); - - if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) - { - ret = ZAK_AUTHO_DENIED; - return ret; - } - else if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) - { - ret = ZAK_AUTHO_ALLOWED; - return ret; - } - else if (resource->parents != NULL) - { - /* trying parents */ - GList *parents; - - parents = g_list_first (resource->parents); - while (parents != NULL) - { - ret = _zak_autho_is_allowed_resource (zak_autho, role, (Resource *)parents->data); - if (ret != ZAK_AUTHO_NOT_FOUND) - { - break; - } - - parents = g_list_next (parents); - } - } - - return ret; -} - -static gchar -*_zak_autho_remove_role_name_prefix_from_id (ZakAutho *zak_autho, const gchar *role_id) -{ - gchar *ret; - - ZakAuthoPrivate *priv; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - ret = NULL; - - if (priv->role_name_prefix == NULL - || strlen (priv->role_name_prefix) > strlen (role_id)) - { - ret = g_strdup (role_id); - } - else - { - ret = g_strdup (role_id + strlen (priv->role_name_prefix)); - } - - return ret; -} - -static gchar -*_zak_autho_remove_resource_name_prefix_from_id (ZakAutho *zak_autho, const gchar *resource_id) -{ - gchar *ret; - - ZakAuthoPrivate *priv; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - ret = NULL; - - if (priv->resource_name_prefix == NULL - || strlen (priv->resource_name_prefix) > strlen (resource_id)) - { - ret = g_strdup (resource_id); - } - else - { - ret = g_strdup (resource_id + strlen (priv->resource_name_prefix)); - } - - return ret; -} - -/** - * zak_autho_is_allowed: - * @zak_autho: an #ZakAutho object. - * @irole: an #ZakAuthoIRole object. - * @iresource: an #ZakAuthoIResource object. - * @exclude_null: whether or not to exclude roles allowed to every resource. - * - */ -gboolean -zak_autho_is_allowed (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource, gboolean exclude_null) -{ - gboolean ret; - ZakAuthoIsAllowed isAllowed; - - Role *role; - Resource *resource; - - gchar *str_id; - - ZakAuthoPrivate *priv; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - g_return_val_if_fail (ZAK_AUTHO_IS_IROLE (irole), FALSE); - - _zak_autho_check_updated (zak_autho); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - ret = FALSE; - isAllowed = ZAK_AUTHO_NOT_FOUND; - - role = _zak_autho_get_role_from_id (zak_autho, _zak_autho_remove_role_name_prefix_from_id (zak_autho, zak_autho_irole_get_role_id (irole))); - if (role == NULL) - { - g_warning ("Role «%s» not found.", zak_autho_irole_get_role_id (irole)); - return ret; - } - - if (!exclude_null) - { - /* first trying for a rule for every resource */ - str_id = g_strconcat (zak_autho_irole_get_role_id (irole), - "|NULL", - NULL); - - if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) - { - ret = FALSE; - return ret; - } - if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) - { - ret = TRUE; - return ret; - } - } - - g_return_val_if_fail (ZAK_AUTHO_IS_IRESOURCE (iresource), FALSE); - - resource = _zak_autho_get_resource_from_id (zak_autho, _zak_autho_remove_resource_name_prefix_from_id (zak_autho, zak_autho_iresource_get_resource_id (iresource))); - if (resource == NULL) - { - g_warning ("Resource «%s» not found.", zak_autho_iresource_get_resource_id (iresource)); - return ret; - } - - /* and after for specific resource */ - str_id = g_strconcat (zak_autho_irole_get_role_id (irole), - "|", - zak_autho_iresource_get_resource_id (iresource), - NULL); - - if (g_hash_table_lookup (priv->rules_deny, str_id) != NULL) - { - ret = FALSE; - return ret; - } - if (g_hash_table_lookup (priv->rules_allow, str_id) != NULL) - { - ret = TRUE; - return ret; - } - - if (!ret && resource->parents != NULL) - { - /* trying parents */ - GList *parents; - - parents = g_list_first (resource->parents); - while (parents != NULL) - { - isAllowed = _zak_autho_is_allowed_resource (zak_autho, role, (Resource *)parents->data); - if (isAllowed == ZAK_AUTHO_DENIED) - { - ret = FALSE; - break; - } - else if (isAllowed == ZAK_AUTHO_ALLOWED) - { - ret = TRUE; - break; - } - - parents = g_list_next (parents); - } - } - - if (!ret && isAllowed == ZAK_AUTHO_NOT_FOUND && role->parents != NULL) - { - /* trying parents */ - GList *parents; - - parents = g_list_first (role->parents); - while (parents != NULL) - { - isAllowed = _zak_autho_is_allowed_role (zak_autho, (Role *)parents->data, resource, exclude_null); - if (isAllowed == ZAK_AUTHO_DENIED) - { - ret = FALSE; - break; - } - else if (isAllowed == ZAK_AUTHO_ALLOWED) - { - ret = TRUE; - break; - } - - parents = g_list_next (parents); - } - } - - return ret; -} - -/** - * zak_autho_clear: - * @zak_autho: - * - */ -gboolean -zak_autho_clear (ZakAutho *zak_autho) -{ - gboolean ret; - - ZakAuthoPrivate *priv; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - ret = TRUE; - - g_hash_table_destroy (priv->roles); - g_hash_table_destroy (priv->resources); - g_hash_table_destroy (priv->rules_allow); - g_hash_table_destroy (priv->rules_deny); - - priv->roles = g_hash_table_new (g_str_hash, g_str_equal); - priv->resources = g_hash_table_new (g_str_hash, g_str_equal); - priv->rules_allow = g_hash_table_new (g_str_hash, g_str_equal); - priv->rules_deny = g_hash_table_new (g_str_hash, g_str_equal); - - return ret; -} - -/** - * zak_autho_get_xml: - * @zak_autho: an #ZakAutho object. - * - */ -xmlNodePtr -zak_autho_get_xml (ZakAutho *zak_autho) -{ - ZakAuthoPrivate *priv; - xmlNodePtr ret; - xmlNodePtr xnode_parent; - xmlNodePtr xnode; - - GHashTableIter iter; - gpointer key, value; - - Role *role; - Resource *resource; - Rule *rule; - - GList *parent; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - ret = xmlNewNode (NULL, "zak_autho"); - - /* roles */ - g_hash_table_iter_init (&iter, priv->roles); - while (g_hash_table_iter_next (&iter, &key, &value)) - { - xnode_parent = xmlNewNode (NULL, "role"); - - role = (Role *)value; - xmlSetProp (xnode_parent, "id", zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); - - xmlAddChild (ret, xnode_parent); - - parent = role->parents; - while (parent != NULL) - { - xnode = xmlNewNode (NULL, "parent"); - - role = (Role *)parent->data; - xmlSetProp (xnode, "id", zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); - - xmlAddChild (xnode_parent, xnode); - - parent = g_list_next (parent); - } - } - - /* resources */ - g_hash_table_iter_init (&iter, priv->resources); - while (g_hash_table_iter_next (&iter, &key, &value)) - { - xnode_parent = xmlNewNode (NULL, "resource"); - - resource = (Resource *)value; - xmlSetProp (xnode_parent, "id", zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); - - xmlAddChild (ret, xnode_parent); - - parent = resource->parents; - while (parent != NULL) - { - xnode = xmlNewNode (NULL, "parent"); - - resource = (Resource *)parent->data; - xmlSetProp (xnode, "id", zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); - - xmlAddChild (xnode_parent, xnode); - - parent = g_list_next (parent); - } - } - - /* rules allow */ - g_hash_table_iter_init (&iter, priv->rules_allow); - while (g_hash_table_iter_next (&iter, &key, &value)) - { - xnode = xmlNewNode (NULL, "rule"); - - xmlSetProp (xnode, "allow", "yes"); - - rule = (Rule *)value; - xmlSetProp (xnode, "role", zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (rule->role->irole))); - if (rule->resource != NULL) - { - xmlSetProp (xnode, "resource", zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (rule->resource->iresource))); - } - else - { - xmlSetProp (xnode, "resource", ""); - } - - xmlAddChild (ret, xnode); - } - - /* rules deny */ - g_hash_table_iter_init (&iter, priv->rules_deny); - while (g_hash_table_iter_next (&iter, &key, &value)) - { - xnode = xmlNewNode (NULL, "rule"); - - xmlSetProp (xnode, "allow", "no"); - - rule = (Rule *)value; - xmlSetProp (xnode, "role", zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (rule->role->irole))); - if (rule->resource != NULL) - { - xmlSetProp (xnode, "resource", zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (rule->resource->iresource))); - } - else - { - xmlSetProp (xnode, "resource", "all"); - } - - xmlAddChild (ret, xnode); - } - - return ret; -} - -/** - * zak_autho_load_from_xml: - * @zak_autho: an #ZakAutho object. - * @xnode: - * @replace: - * - */ -gboolean -zak_autho_load_from_xml (ZakAutho *zak_autho, xmlNodePtr xnode, gboolean replace) -{ - gboolean ret; - - ZakAuthoPrivate *priv; - - xmlNodePtr current; - xmlNodePtr current_parent; - - ZakAuthoIRole *irole; - ZakAuthoIResource *iresource; - gchar *prop; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - g_return_val_if_fail (xnode != NULL, FALSE); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - ret = TRUE; - - if (replace) - { - /* clearing current authorizations */ - zak_autho_clear (zak_autho); - } - - if (xmlStrcmp (xnode->name, "zak_autho") != 0) - { - g_warning ("Invalid xml structure."); - ret = FALSE; - } - else - { - current = xnode->children; - while (current != NULL) - { - if (!xmlNodeIsText (current)) - { - if (xmlStrcmp (current->name, "role") == 0) - { - prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "id"))); - if (g_strcmp0 (prop, "") != 0) - { - irole = ZAK_AUTHO_IROLE (zak_autho_role_new (prop)); - g_free (prop); - zak_autho_add_role (zak_autho, irole); - - current_parent = current->children; - while (current_parent != NULL) - { - if (!xmlNodeIsText (current_parent) && - xmlStrcmp (current_parent->name, "parent") == 0) - { - prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current_parent, "id"))); - if (g_strcmp0 (prop, "") != 0) - { - zak_autho_add_parent_to_role (zak_autho, irole, zak_autho_get_role_from_id (zak_autho, prop)); - } - g_free (prop); - } - current_parent = current_parent->next; - } - } - } - else if (xmlStrcmp (current->name, "resource") == 0) - { - prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "id"))); - if (g_strcmp0 (prop, "") != 0) - { - iresource = ZAK_AUTHO_IRESOURCE (zak_autho_resource_new (prop)); - zak_autho_add_resource (zak_autho, iresource); - g_free (prop); - - current_parent = current->children; - while (current_parent != NULL) - { - if (!xmlNodeIsText (current_parent) && - xmlStrcmp (current_parent->name, "parent") == 0) - { - prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current_parent, "id"))); - if (g_strcmp0 (prop, "") != 0) - { - zak_autho_add_parent_to_resource (zak_autho, iresource, zak_autho_get_resource_from_id (zak_autho, prop)); - } - g_free (prop); - } - current_parent = current_parent->next; - } - } - } - else if (xmlStrcmp (current->name, "rule") == 0) - { - prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "role"))); - irole = zak_autho_get_role_from_id (zak_autho, prop); - if (irole != NULL) - { - prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "resource"))); - if (g_strcmp0 (prop, "") == 0) - { - iresource = NULL; - } - else - { - iresource = zak_autho_get_resource_from_id (zak_autho, prop); - } - g_free (prop); - - prop = g_strstrip (g_strdup ((gchar *)xmlGetProp (current, "allow"))); - if (g_strcmp0 (prop, "yes") == 0) - { - zak_autho_allow (zak_autho, irole, iresource); - } - else - { - zak_autho_deny (zak_autho, irole, iresource); - } - g_free (prop); - } - } - } - - current = current->next; - } - } - - return ret; -} - -static gboolean -_zak_autho_delete_table_content (GdaConnection *gdacon, const gchar *table_prefix) -{ - gboolean ret; - - gchar *sql; - GError *error; - - ret = TRUE; - - error = NULL; - sql = g_strdup_printf ("DELETE FROM %sroles", table_prefix); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on deleting roles table content: %s", - error->message != NULL ? error->message : "No details"); - } - error = NULL; - sql = g_strdup_printf ("DELETE FROM %sroles_parents", table_prefix); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on deleting roles_parents table content: %s", - error->message != NULL ? error->message : "No details"); - } - error = NULL; - sql = g_strdup_printf ("DELETE FROM %sresources", table_prefix); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on deleting resources table content: %s", - error->message != NULL ? error->message : "No details"); - } - error = NULL; - sql = g_strdup_printf ("DELETE FROM %sresources_parents", table_prefix); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on deleting resources_parents table content: %s", - error->message != NULL ? error->message : "No details"); - } - error = NULL; - sql = g_strdup_printf ("DELETE FROM %srules", table_prefix); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on deleting rules table content: %s", - error->message != NULL ? error->message : "No details"); - } - - return ret; -} - -static guint -_zak_autho_find_new_table_id (GdaConnection *gdacon, const gchar *table_name) -{ - gchar *sql; - GError *error; - GdaDataModel *dm; - - guint new_id; - - error = NULL; - sql = g_strdup_printf ("SELECT COALESCE (MAX (id), 0) FROM %s", - table_name); - dm = gda_connection_execute_select_command (gdacon, sql, &error); - g_free (sql); - if (dm != NULL && gda_data_model_get_n_rows (dm) == 1) - { - new_id = g_value_get_int (gda_data_model_get_value_at (dm, 0, 0, &error)); - new_id++; - } - else if (dm == NULL || error != NULL) - { - new_id = 0; - g_warning ("Problem on getting new id from table «%s»: %s", - error->message != NULL ? error->message : "no details"); - } - else - { - new_id = 1; - } - g_object_unref (dm); - - return new_id; -} - -static guint -_zak_autho_get_role_id_db (GdaConnection *gdacon, const gchar *table_name, const gchar *role_id) -{ - gchar *sql; - GError *error; - GdaDataModel *dm; - - guint id; - - id = 0; - - error = NULL; - sql = g_strdup_printf ("SELECT id FROM %s" - " WHERE role_id = '%s'", - table_name, - role_id); - dm = gda_connection_execute_select_command (gdacon, sql, &error); - g_free (sql); - if (dm != NULL && gda_data_model_get_n_rows (dm) == 1) - { - id = g_value_get_int (gda_data_model_get_value_at (dm, 0, 0, &error)); - } - else if (error != NULL) - { - g_warning ("Problem on getting role id from table «%s»: %s", - error->message != NULL ? error->message : "no details"); - } - g_object_unref (dm); - - return id; -} - -static guint -_zak_autho_get_resource_id_db (GdaConnection *gdacon, const gchar *table_name, const gchar *resource_id) -{ - gchar *sql; - GError *error; - GdaDataModel *dm; - - guint id; - - id = 0; - - error = NULL; - sql = g_strdup_printf ("SELECT id FROM %s" - " WHERE resource_id = '%s'", - table_name, - resource_id); - dm = gda_connection_execute_select_command (gdacon, sql, &error); - g_free (sql); - if (dm != NULL && gda_data_model_get_n_rows (dm) == 1) - { - id = g_value_get_int (gda_data_model_get_value_at (dm, 0, 0, &error)); - } - else if (error != NULL) - { - g_warning ("Problem on getting resource id from table «%s»: %s", - error->message != NULL ? error->message : "no details"); - } - g_object_unref (dm); - - return id; -} - -/** - * zak_autho_save_to_db: - * @zak_autho: an #ZakAutho object. - * @gdacon: - * @table_prefix: - * @replace: - * - */ -gboolean -zak_autho_save_to_db (ZakAutho *zak_autho, GdaConnection *gdacon, - const gchar *table_prefix, gboolean replace) -{ - ZakAuthoPrivate *priv; - - gboolean ret; - - gboolean in_trans; - - gchar *prefix; - - gchar *sql; - GError *error; - - GHashTableIter iter; - gpointer key, value; - - Role *role; - Resource *resource; - Rule *rule; - - GList *parent; - - gchar *table_name; - gchar *table_name_parent; - - guint new_id; - guint id_parent; - guint id_roles; - guint id_resources; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - g_return_val_if_fail (GDA_IS_CONNECTION (gdacon), FALSE); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - ret = TRUE; - - error = NULL; - in_trans = gda_connection_begin_transaction (gdacon, "zak_autho-save-to-db", 0, &error); - if (!in_trans) - { - g_warning ("Error on starting transaction: %s", - error != NULL && error->message != NULL ? error->message : "No details"); - } - - if (table_prefix == NULL) - { - prefix = g_strdup (""); - } - else - { - prefix = g_strstrip (g_strdup (table_prefix)); - } - - if (replace) - { - /* deleting table's content */ - _zak_autho_delete_table_content (gdacon, prefix); - } - - /* roles */ - table_name = g_strdup_printf ("%sroles", prefix); - table_name_parent = g_strdup_printf ("%s_parents", table_name); - g_hash_table_iter_init (&iter, priv->roles); - while (g_hash_table_iter_next (&iter, &key, &value)) - { - new_id = _zak_autho_find_new_table_id (gdacon, table_name); - if (new_id <= 0) - { - ret = FALSE; - break; - } - - role = (Role *)value; - - error = NULL; - sql = g_strdup_printf ("INSERT INTO %s" - " (id, role_id)" - " VALUES (%d, '%s')", - table_name, - new_id, - zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on saving role «%s»: %s", - zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole)), - error->message != NULL ? error->message : "no details"); - continue; - } - - parent = role->parents; - while (parent != NULL) - { - role = (Role *)parent->data; - - id_parent = _zak_autho_get_role_id_db (gdacon, table_name, zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); - if (id_parent > 0) - { - error = NULL; - sql = g_strdup_printf ("INSERT INTO %s" - " (id_roles, id_roles_parent)" - " VALUES (%d, %d)", - table_name_parent, - new_id, - id_parent); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on saving role parent «%s»: %s", - zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole)), - error->message != NULL ? error->message : "no details"); - continue; - } - } - else - { - g_warning ("Unable to find parent role «%s»", - zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (role->irole))); - } - - parent = g_list_next (parent); - } - } - - if (!ret) - { - g_warning ("Unable to save roles"); - } - - ret = TRUE; - - /* resources */ - table_name = g_strdup_printf ("%sresources", prefix); - table_name_parent = g_strdup_printf ("%s_parents", table_name); - g_hash_table_iter_init (&iter, priv->resources); - while (g_hash_table_iter_next (&iter, &key, &value)) - { - new_id = _zak_autho_find_new_table_id (gdacon, table_name); - if (new_id <= 0) - { - ret = FALSE; - break; - } - - resource = (Resource *)value; - - error = NULL; - sql = g_strdup_printf ("INSERT INTO %s" - " (id, resource_id)" - " VALUES (%d, '%s')", - table_name, - new_id, - zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on saving resource «%s»: %s", - zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource)), - error->message != NULL ? error->message : "no details"); - continue; - } - - parent = resource->parents; - while (parent != NULL) - { - resource = (Resource *)parent->data; - - id_parent = _zak_autho_get_resource_id_db (gdacon, table_name, zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); - if (id_parent > 0) - { - error = NULL; - sql = g_strdup_printf ("INSERT INTO %s" - " (id_resources, id_resources_parent)" - " VALUES (%d, %d)", - table_name_parent, - new_id, - id_parent); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on saving resource parent «%s»: %s", - zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource)), - error->message != NULL ? error->message : "no details"); - continue; - } - } - else - { - g_warning ("Unable to find parent resource «%s»", - zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (resource->iresource))); - } - - parent = g_list_next (parent); - } - } - - if (!ret) - { - g_warning ("Unable to save resources"); - } - - /* rules allow */ - table_name = g_strdup_printf ("%srules", prefix); - table_name_parent = g_strdup_printf ("%s_parents", table_name); - g_hash_table_iter_init (&iter, priv->rules_allow); - while (g_hash_table_iter_next (&iter, &key, &value)) - { - new_id = _zak_autho_find_new_table_id (gdacon, table_name); - if (new_id <= 0) - { - ret = FALSE; - break; - } - - rule = (Rule *)value; - - id_roles = _zak_autho_get_role_id_db (gdacon, g_strdup_printf ("%sroles", prefix), zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (rule->role->irole))); - if (id_roles > 0) - { - if (rule->resource != NULL) - { - id_resources = _zak_autho_get_resource_id_db (gdacon, g_strdup_printf ("%sresources", prefix), zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (rule->resource->iresource))); - } - else - { - id_resources = 0; - } - - error = NULL; - sql = g_strdup_printf ("INSERT INTO %s" - " (id, type, id_roles, id_resources)" - " VALUES (%d, 1, %d, %d)", - table_name, - new_id, - id_roles, - id_resources); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on saving rule: %s", - error->message != NULL ? error->message : "no details"); - } - } - } - - /* rules deny */ - g_hash_table_iter_init (&iter, priv->rules_deny); - while (g_hash_table_iter_next (&iter, &key, &value)) - { - new_id = _zak_autho_find_new_table_id (gdacon, table_name); - if (new_id <= 0) - { - ret = FALSE; - break; - } - - rule = (Rule *)value; - - id_roles = _zak_autho_get_role_id_db (gdacon, g_strdup_printf ("%sroles", prefix), zak_autho_irole_get_role_id (ZAK_AUTHO_IROLE (rule->role->irole))); - if (id_roles > 0) - { - if (rule->resource != NULL) - { - id_resources = _zak_autho_get_resource_id_db (gdacon, g_strdup_printf ("%sresources", prefix), zak_autho_iresource_get_resource_id (ZAK_AUTHO_IRESOURCE (rule->resource->iresource))); - } - else - { - id_resources = 0; - } - - error = NULL; - sql = g_strdup_printf ("INSERT INTO %s" - " (id, type, id_roles, id_resources)" - " VALUES (%d, 2, %d, %d)", - table_name, - new_id, - id_roles, - id_resources); - gda_connection_execute_non_select_command (gdacon, sql, &error); - g_free (sql); - if (error != NULL) - { - g_warning ("Error on saving rule: %s", - error->message != NULL ? error->message : "no details"); - } - } - } - - error = NULL; - if (in_trans && !gda_connection_commit_transaction (gdacon, "zak_autho-save-to-db", &error)) - { - g_warning ("Error on committing transaction: %s", - error != NULL && error->message != NULL ? error->message : "No details"); - } - else - { - ret = TRUE; - } - - return ret; -} - -/** - * zak_autho_load_from_db: - * @zak_autho: an #ZakAutho object. - * @gdacon: - * @table_prefix: - * @replace: - * - */ -gboolean -zak_autho_load_from_db (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace) -{ - ZakAuthoPrivate *priv; - - gboolean ret; - - gchar *prefix; - - gchar *sql; - GError *error; - GdaDataModel *dm; - - const GValue *gval; - gchar *role_id; - gchar *resource_id; - guint rule_type; - - ZakAuthoIRole *irole; - ZakAuthoIRole *irole_parent; - ZakAuthoIResource *iresource; - ZakAuthoIResource *iresource_parent; - Rule *rule; - - guint row; - guint rows; - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - g_return_val_if_fail (GDA_IS_CONNECTION (gdacon), FALSE); - - priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - priv->on_loading = TRUE; - - ret = TRUE; - - if (replace) - { - /* clearing current authorizations */ - zak_autho_clear (zak_autho); - } - - if (table_prefix == NULL) - { - prefix = g_strdup (""); - } - else - { - prefix = g_strstrip (g_strdup (table_prefix)); - } - - /* roles */ - error = NULL; - sql = g_strdup_printf ("SELECT role_id FROM %sroles ORDER BY id", - prefix); - dm = gda_connection_execute_select_command (gdacon, sql, &error); - g_free (sql); - if (dm != NULL && error == NULL) - { - rows = gda_data_model_get_n_rows (dm); - for (row = 0; row < rows; row++) - { - error = NULL; - irole = ZAK_AUTHO_IROLE (zak_autho_role_new (gda_value_stringify (gda_data_model_get_value_at (dm, 0, row, &error)))); - zak_autho_add_role (zak_autho, irole); - } - } - else if (error != NULL) - { - g_warning ("Error on reading table «%sroles»: %s", - prefix, - error->message != NULL ? error->message : "no details"); - } - g_object_unref (dm); - - /* roles parents */ - error = NULL; - sql = g_strdup_printf ("SELECT r1.role_id, r2.role_id" - " FROM %sroles_parents AS rp" - " INNER JOIN %sroles AS r1 ON rp.id_roles = r1.id" - " INNER JOIN %sroles AS r2 ON rp.id_roles_parent = r2.id" - " ORDER BY rp.id_roles, rp.id_roles_parent", - prefix, - prefix, - prefix); - dm = gda_connection_execute_select_command (gdacon, sql, &error); - g_free (sql); - if (dm != NULL && error == NULL) - { - rows = gda_data_model_get_n_rows (dm); - for (row = 0; row < rows; row++) - { - error = NULL; - irole = ZAK_AUTHO_IROLE (zak_autho_role_new (gda_value_stringify (gda_data_model_get_value_at (dm, 0, row, &error)))); - error = NULL; - irole_parent = ZAK_AUTHO_IROLE (zak_autho_role_new (gda_value_stringify (gda_data_model_get_value_at (dm, 1, row, &error)))); - zak_autho_add_parent_to_role (zak_autho, irole, irole_parent); - } - } - else if (error != NULL) - { - g_warning ("Error on reading table «%sroles_parents»: %s", - prefix, - error->message != NULL ? error->message : "no details"); - } - g_object_unref (dm); - - /* resources */ - error = NULL; - sql = g_strdup_printf ("SELECT resource_id FROM %sresources ORDER BY id", - prefix); - dm = gda_connection_execute_select_command (gdacon, sql, &error); - g_free (sql); - if (dm != NULL && error == NULL) - { - rows = gda_data_model_get_n_rows (dm); - for (row = 0; row < rows; row++) - { - error = NULL; - iresource = ZAK_AUTHO_IRESOURCE (zak_autho_resource_new (gda_value_stringify (gda_data_model_get_value_at (dm, 0, row, &error)))); - zak_autho_add_resource (zak_autho, iresource); - } - } - else if (error != NULL) - { - g_warning ("Error on reading table «%sresources»: %s", - prefix, - error->message != NULL ? error->message : "no details"); - } - g_object_unref (dm); - - /* resources parents */ - error = NULL; - sql = g_strdup_printf ("SELECT r1.resource_id, r2.resource_id" - " FROM %sresources_parents AS rp" - " INNER JOIN %sresources AS r1 ON rp.id_resources = r1.id" - " INNER JOIN %sresources AS r2 ON rp.id_resources_parent = r2.id" - " ORDER BY rp.id_resources, rp.id_resources_parent", - prefix, - prefix, - prefix); - dm = gda_connection_execute_select_command (gdacon, sql, &error); - g_free (sql); - if (dm != NULL && error == NULL) - { - rows = gda_data_model_get_n_rows (dm); - for (row = 0; row < rows; row++) - { - error = NULL; - iresource = ZAK_AUTHO_IRESOURCE (zak_autho_resource_new (gda_value_stringify (gda_data_model_get_value_at (dm, 0, row, &error)))); - error = NULL; - iresource_parent = ZAK_AUTHO_IRESOURCE (zak_autho_resource_new (gda_value_stringify (gda_data_model_get_value_at (dm, 1, row, &error)))); - zak_autho_add_parent_to_resource (zak_autho, iresource, iresource_parent); - } - } - else if (error != NULL) - { - g_warning ("Error on reading table «%sresources_parents»: %s", - prefix, - error->message != NULL ? error->message : "no details"); - } - g_object_unref (dm); - - /* rules */ - error = NULL; - sql = g_strdup_printf ("SELECT ru.type, ro.role_id, re.resource_id" - " FROM %srules AS ru" - " LEFT JOIN %sroles AS ro ON ru.id_roles = ro.id" - " LEFT JOIN %sresources AS re ON ru.id_resources = re.id", - prefix, - prefix, - prefix); - dm = gda_connection_execute_select_command (gdacon, sql, &error); - g_free (sql); - if (dm != NULL && error == NULL) - { - rows = gda_data_model_get_n_rows (dm); - for (row = 0; row < rows; row++) - { - error = NULL; - gval = gda_data_model_get_value_at (dm, 1, row, &error); - if (gval == NULL || error != NULL) - { - g_warning ("Error on reading role_id value: %s", - error != NULL && error->message != NULL ? error->message : "no details"); - } - else if (gval != NULL && error == NULL && !gda_value_is_null (gval)) - { - role_id = gda_value_stringify (gval); - irole = zak_autho_get_role_from_id (zak_autho, role_id); - if (irole != NULL) - { - error = NULL; - gval = gda_data_model_get_value_at (dm, 2, row, &error); - if (gval == NULL || gda_value_is_null (gval)) - { - if (error != NULL) - { - g_warning ("Error on reading resource value: %s", - error != NULL && error->message != NULL ? error->message : "no details"); - } - iresource = NULL; - } - else - { - resource_id = gda_value_stringify (gval); - iresource = zak_autho_get_resource_from_id (zak_autho, resource_id); - } - - error = NULL; - gval = gda_data_model_get_value_at (dm, 0, row, &error); - if (gval == NULL || error != NULL) - { - g_warning ("Error on reading type value: %s", - error != NULL && error->message != NULL ? error->message : "no details"); - } - else if (gval != NULL && error == NULL && !gda_value_is_null (gval)) - { - rule_type = g_value_get_int (gval); - if (rule_type == 1) - { - zak_autho_allow (zak_autho, irole, iresource); - } - else if (rule_type == 2) - { - zak_autho_deny (zak_autho, irole, iresource); - } - else - { - g_warning ("Rule type %d not admitted", rule_type); - } - } - } - } - } - } - else if (error != NULL) - { - g_warning ("Error on reading table «%srules»: %s", - prefix, - error->message != NULL ? error->message : "no details"); - } - g_object_unref (dm); - - g_free (prefix); - - if (priv->gdt_last_load != NULL) - { - g_date_time_unref (priv->gdt_last_load); - } - priv->gdt_last_load = g_date_time_new_now_local (); - - priv->on_loading = FALSE; - - return ret; -} - -gboolean -zak_autho_load_from_db_with_monitor (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace) -{ - ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - g_return_val_if_fail (IS_ZAK_AUTHO (zak_autho), FALSE); - g_return_val_if_fail (GDA_IS_CONNECTION (gdacon), FALSE); - - priv->gdacon = gdacon; - if (table_prefix == NULL) - { - if (priv->table_prefix != NULL) - { - g_free (priv->table_prefix); - } - priv->table_prefix = g_strdup (""); - } - else - { - priv->table_prefix = g_strdup (table_prefix); - } - - zak_autho_load_from_db (zak_autho, gdacon, table_prefix, replace); -} - -static void -_zak_autho_check_updated (ZakAutho *zak_autho) -{ - GError *error; - gchar *sql; - GdaDataModel *dm; - - const GValue *gval; - const GdaTimestamp *gda_timestamp; - GDateTime *gda_datetime; - - ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - g_return_if_fail (IS_ZAK_AUTHO (zak_autho)); - - if (priv->on_loading) - { - return; - } - - if (!GDA_IS_CONNECTION (priv->gdacon)) - { - return; - } - - error = NULL; - sql = g_strdup_printf ("SELECT update FROM %stimestamp_update", - priv->table_prefix); - dm = gda_connection_execute_select_command (priv->gdacon, sql, &error); - g_free (sql); - if (dm != NULL && error == NULL && gda_data_model_get_n_rows (dm) > 0) - { - gval = gda_data_model_get_value_at (dm, 0, 0, NULL); - if (!gda_value_is_null (gval)) - { - gda_timestamp = gda_value_get_timestamp (gval); - gda_datetime = g_date_time_new_local (gda_timestamp->year, - gda_timestamp->month, - gda_timestamp->day, - gda_timestamp->hour, - gda_timestamp->minute, - gda_timestamp->second); - - if (g_date_time_compare (priv->gdt_last_load, gda_datetime) < 0) - { - /* to reload */ - zak_autho_load_from_db_with_monitor (zak_autho, priv->gdacon, priv->table_prefix, TRUE); - } - g_date_time_unref (gda_datetime); - } - } - else if (error != NULL) - { - g_warning ("Error on reading table «%stimestamp_update»: %s", - priv->table_prefix, - error->message != NULL ? error->message : "no details"); - } - g_object_unref (dm); -} - -/* PRIVATE */ -static void -zak_autho_set_property (GObject *object, - guint property_id, - const GValue *value, - GParamSpec *pspec) -{ - ZakAutho *zak_autho = (ZakAutho *)object; - ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - switch (property_id) - { - default: - G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); - break; - } -} - -static void -zak_autho_get_property (GObject *object, - guint property_id, - GValue *value, - GParamSpec *pspec) -{ - ZakAutho *zak_autho = (ZakAutho *)object; - ZakAuthoPrivate *priv = ZAK_AUTHO_GET_PRIVATE (zak_autho); - - switch (property_id) - { - default: - G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); - break; - } -} diff --git a/src/autoz.h b/src/autoz.h deleted file mode 100644 index a8f0064..0000000 --- a/src/autoz.h +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (C) 2010-2015 Andrea Zagli - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2.1 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - */ - -#ifndef __LIB_ZAK_AUTHO_H__ -#define __LIB_ZAK_AUTHO_H__ - -#include -#include - -#include -#include - - -G_BEGIN_DECLS - - -#include "role_interface.h" -#include "resource_interface.h" - -#define ZAK_TYPE_AUTHO (zak_autho_get_type ()) -#define ZAK_AUTHO(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), ZAK_TYPE_AUTHO, ZakAutho)) -#define ZAK_AUTHO_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), ZAK_TYPE_AUTHO, ZakAuthoClass)) -#define IS_ZAK_AUTHO(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), ZAK_TYPE_AUTHO)) -#define IS_ZAK_AUTHO_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), ZAK_TYPE_AUTHO)) -#define ZAK_AUTHO_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), ZAK_TYPE_AUTHO, ZakAuthoClass)) - - -typedef struct _ZakAutho ZakAutho; -typedef struct _ZakAuthoClass ZakAuthoClass; - -struct _ZakAutho - { - GObject parent; - }; - -struct _ZakAuthoClass - { - GObjectClass parent_class; - }; - -GType zak_autho_get_type (void) G_GNUC_CONST; - - -ZakAutho *zak_autho_new (void); - -void zak_autho_set_role_name_prefix (ZakAutho *zak_autho, const gchar *prefix); -const gchar *zak_autho_get_role_name_prefix (ZakAutho *zak_autho); -void zak_autho_set_resource_name_prefix (ZakAutho *zak_autho, const gchar *prefix); -const gchar *zak_autho_get_resource_name_prefix (ZakAutho *zak_autho); - -void zak_autho_add_role (ZakAutho *zak_autho, ZakAuthoIRole *irole); -void zak_autho_add_role_with_parents (ZakAutho *zak_autho, ZakAuthoIRole *irole, ...); -void zak_autho_add_parent_to_role (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIRole *irole_parent); -void zak_autho_add_parents_to_role (ZakAutho *zak_autho, ZakAuthoIRole *irole, ...); - -gboolean zak_autho_role_is_child (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIRole *irole_parent); - -ZakAuthoIRole *zak_autho_get_role_from_id (ZakAutho *zak_autho, const gchar *role_id); - -void zak_autho_add_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource); -void zak_autho_add_resource_with_parents (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ...); -void zak_autho_add_parent_to_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ZakAuthoIResource *iresource_parent); -void zak_autho_add_parents_to_resource (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ...); - -gboolean zak_autho_resource_is_child (ZakAutho *zak_autho, ZakAuthoIResource *iresource, ZakAuthoIResource *iresource_parent); - -ZakAuthoIResource *zak_autho_get_resource_from_id (ZakAutho *zak_autho, const gchar *resource_id); - -void zak_autho_allow (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource); -void zak_autho_deny (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource); - -gboolean zak_autho_is_allowed (ZakAutho *zak_autho, ZakAuthoIRole *irole, ZakAuthoIResource *iresource, gboolean exclude_null); - -gboolean zak_autho_clear (ZakAutho *zak_autho); - -xmlNodePtr zak_autho_get_xml (ZakAutho *zak_autho); -gboolean zak_autho_load_from_xml (ZakAutho *zak_autho, xmlNodePtr xnode, gboolean replace); - -gboolean zak_autho_save_to_db (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace); -gboolean zak_autho_load_from_db (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace); -gboolean zak_autho_load_from_db_with_monitor (ZakAutho *zak_autho, GdaConnection *gdacon, const gchar *table_prefix, gboolean replace); - - -G_END_DECLS - - -#endif /* __LIB_ZAK_AUTHO_H__ */ diff --git a/tests/Makefile.am b/tests/Makefile.am index 8f12fb9..694c834 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1,7 +1,7 @@ -LIBS = $(AUTOZ_LIBS) \ +LIBS = $(ZAKAUTHO_LIBS) \ -export-dynamic -AM_CPPFLAGS = $(AUTOZ_CFLAGS) \ +AM_CPPFLAGS = $(ZAKAUTHO_CFLAGS) \ -I$(top_srcdir)/src \ -DGUIDIR="\"@abs_builddir@\"" diff --git a/tests/test.c b/tests/test.c index 8ce2581..554b6f9 100644 --- a/tests/test.c +++ b/tests/test.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010-2015 Andrea Zagli + * Copyright (C) 2010-2016 Andrea Zagli * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -20,7 +20,7 @@ #include -#include "autoz.h" +#include "autho.h" #include "role.h" #include "resource.h" diff --git a/tests/test_from_xml.c b/tests/test_from_xml.c index f71349e..6c05562 100644 --- a/tests/test_from_xml.c +++ b/tests/test_from_xml.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010-2015 Andrea Zagli + * Copyright (C) 2010-2016 Andrea Zagli * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -20,7 +20,7 @@ #include -#include "autoz.h" +#include "autho.h" int main (int argc, char **argv) diff --git a/tests/test_from_xml_to_db.c b/tests/test_from_xml_to_db.c index 342f6dc..0582fa7 100644 --- a/tests/test_from_xml_to_db.c +++ b/tests/test_from_xml_to_db.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010-2015 Andrea Zagli + * Copyright (C) 2010-2016 Andrea Zagli * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -22,7 +22,7 @@ #include -#include "autoz.h" +#include "autho.h" int main (int argc, char **argv)