/**
Verifies that the user has permission to login with the
given type. If the permission fails, an oilsEvent is returned
to the caller.
@return -1 if the permission check failed, 0 if the permission
is granted
*/
static int oilsAuthCheckLoginPerm(
osrfMethodContext* ctx, const jsonObject* userObj, const char* type ) {
if(!(userObj && type)) return -1;
oilsEvent* perm = NULL;
if(!strcasecmp(type, OILS_AUTH_OPAC)) {
char* permissions[] = { "OPAC_LOGIN" };
perm = oilsUtilsCheckPerms( oilsFMGetObjectId( userObj ), -1, permissions, 1 );
} else if(!strcasecmp(type, OILS_AUTH_STAFF)) {
char* permissions[] = { "STAFF_LOGIN" };
perm = oilsUtilsCheckPerms( oilsFMGetObjectId( userObj ), -1, permissions, 1 );
} else if(!strcasecmp(type, OILS_AUTH_TEMP)) {
char* permissions[] = { "STAFF_LOGIN" };
perm = oilsUtilsCheckPerms( oilsFMGetObjectId( userObj ), -1, permissions, 1 );
} else if(!strcasecmp(type, OILS_AUTH_PERSIST)) {
char* permissions[] = { "PERSISTENT_LOGIN" };
perm = oilsUtilsCheckPerms( oilsFMGetObjectId( userObj ), -1, permissions, 1 );
}
if(perm) {
osrfAppRespondComplete( ctx, oilsEventToJSON(perm) );
oilsEventFree(perm);
return -1;
}
return 0;
}
/**
Verifies that the user has permission to login with the given type.
Caller is responsible for freeing returned oilsEvent.
@return oilsEvent* if the permission check failed, NULL otherwise.
*/
static oilsEvent* oilsAuthCheckLoginPerm(osrfMethodContext* ctx,
int user_id, int org_id, const char* type ) {
// For backwards compatibility, check all login permissions
// using the root org unit as the context org unit.
org_id = -1;
char* perms[1];
if (!strcasecmp(type, OILS_AUTH_OPAC)) {
perms[0] = "OPAC_LOGIN";
} else if (!strcasecmp(type, OILS_AUTH_STAFF)) {
perms[0] = "STAFF_LOGIN";
} else if (!strcasecmp(type, OILS_AUTH_TEMP)) {
perms[0] = "STAFF_LOGIN";
} else if (!strcasecmp(type, OILS_AUTH_PERSIST)) {
perms[0] = "PERSISTENT_LOGIN";
}
return oilsUtilsCheckPerms(user_id, org_id, perms, 1);
}
