From ceda86453358e5b3019a19fe3063c28e9459fed8 Mon Sep 17 00:00:00 2001 From: Andrea Zagli Date: Fri, 25 Jun 2010 20:36:52 +0200 Subject: [PATCH] Accept NULL resource on rule definition, equal to allow the role to every resource. --- src/autoz.c | 42 ++++++++++++++++++++++++++++++++++++------ tests/test.c | 8 ++++++++ 2 files changed, 44 insertions(+), 6 deletions(-) diff --git a/src/autoz.c b/src/autoz.c index 741e107..58be4ee 100644 --- a/src/autoz.c +++ b/src/autoz.c @@ -267,7 +267,6 @@ autoz_allow (Autoz *autoz, AutozIRole *irole, AutozIResource *iresource) gchar *str_id; g_return_if_fail (IS_AUTOZ (autoz)); - g_return_if_fail (AUTOZ_IS_IRESOURCE (iresource)); priv = AUTOZ_GET_PRIVATE (autoz); @@ -278,11 +277,20 @@ autoz_allow (Autoz *autoz, AutozIRole *irole, AutozIResource *iresource) return; } - /* TODO accept also NULL resource (equal to allow to every resource) */ - resource = g_hash_table_lookup (priv->resources, autoz_iresource_get_resource_id (iresource)); - if (resource == NULL) + /* accept also NULL resource (equal to allow every resource) */ + if (iresource == NULL) { - return; + resource = NULL; + } + else + { + g_return_if_fail (AUTOZ_IS_IRESOURCE (iresource)); + + resource = g_hash_table_lookup (priv->resources, autoz_iresource_get_resource_id (iresource)); + if (resource == NULL) + { + return; + } } r = (Rule *)g_malloc0 (sizeof (Rule)); @@ -291,7 +299,7 @@ autoz_allow (Autoz *autoz, AutozIRole *irole, AutozIResource *iresource) str_id = g_strconcat (autoz_irole_get_role_id (r->role->irole), "|", - autoz_iresource_get_resource_id (r->resource->iresource), + (resource == NULL ? "NULL" : autoz_iresource_get_resource_id (r->resource->iresource)), NULL); if (g_hash_table_lookup (priv->rules, str_id) == NULL) @@ -311,11 +319,22 @@ _autoz_is_allowed (Autoz *autoz, Role *role, Resource *resource) ret = FALSE; + /* first trying for a rule for every resource */ + str_id = g_strconcat (autoz_irole_get_role_id (role->irole), + "|NULL", + NULL); + + if (g_hash_table_lookup (priv->rules, str_id) != NULL) + { + ret = TRUE; + } + str_id = g_strconcat (autoz_irole_get_role_id (role->irole), "|", autoz_iresource_get_resource_id (resource->iresource), NULL); + /* and after for specific resource */ if (g_hash_table_lookup (priv->rules, str_id) != NULL) { ret = TRUE; @@ -371,6 +390,17 @@ autoz_is_allowed (Autoz *autoz, AutozIRole *irole, AutozIResource *iresource) return ret; } + /* first trying for a rule for every resource */ + str_id = g_strconcat (autoz_irole_get_role_id (role->irole), + "|NULL", + NULL); + + if (g_hash_table_lookup (priv->rules, str_id) != NULL) + { + ret = TRUE; + } + + /* and after for specific resource */ str_id = g_strconcat (autoz_irole_get_role_id (role->irole), "|", autoz_iresource_get_resource_id (resource->iresource), diff --git a/tests/test.c b/tests/test.c index 820292f..2cec7f3 100644 --- a/tests/test.c +++ b/tests/test.c @@ -33,6 +33,12 @@ main (int argc, char **argv) autoz = autoz_new (); + autoz_add_role (autoz, AUTOZ_IROLE (autoz_role_new ("super-admin"))); + + autoz_allow (autoz, + autoz_get_role_from_id (autoz, "super-admin"), + NULL); + role_writer = autoz_role_new ("writer"); autoz_add_role (autoz, AUTOZ_IROLE (role_writer)); @@ -54,6 +60,8 @@ main (int argc, char **argv) autoz_allow (autoz, AUTOZ_IROLE (role_writer), AUTOZ_IRESOURCE (resource)); + g_message ("super-admin %s allowed to page.", + (autoz_is_allowed (autoz, autoz_get_role_from_id (autoz, "super-admin"), AUTOZ_IRESOURCE (resource)) ? "is" : "isn't")); g_message ("writer %s allowed to page.", (autoz_is_allowed (autoz, AUTOZ_IROLE (role_writer), AUTOZ_IRESOURCE (resource)) ? "is" : "isn't")); g_message ("writer-child %s allowed to page.", -- 2.49.0