static void formDisplayUser(webs_t wp, char_t *path, char_t *query)
{
char_t *userid, *ok, *temp;
bool_t enabled;
a_assert(wp);
userid = websGetVar(wp, T("user"), T(""));
ok = websGetVar(wp, T("ok"), T(""));
websHeader(wp);
websWrite(wp, T("<body>"));
if (gstricmp(ok, T("ok")) != 0) {
websWrite(wp, T("Display User Cancelled"));
} else if (umUserExists(userid) == FALSE) {
websWrite(wp, T("ERROR: User <b>%s</b> not found.\n"), userid);
} else {
websWrite(wp, T("<h2>User ID: <b>%s</b></h2>\n"), userid);
temp = umGetUserGroup(userid);
websWrite(wp, T("<h3>User Group: <b>%s</b></h3>\n"), temp);
enabled = umGetUserEnabled(userid);
websWrite(wp, T("<h3>Enabled: <b>%d</b></h3>\n"), enabled);
}
websWrite(wp, T("</body>\n"));
websFooter(wp);
websDone(wp, 200);
}
bool_t umUserCanAccessURL(char_t *user, char_t *url)
{
accessMeth_t amURL;
char_t *group, *usergroup, *urlHavingLimit;
short priv;
a_assert(user && *user);
a_assert(url && *url);
/*
* Make sure user exists
*/
if (!umUserExists(user)) {
return FALSE;
}
/*
* Make sure user is enabled
*/
if (!umGetUserEnabled(user)) {
return FALSE;
}
/*
* Make sure user has sufficient privileges (any will do)
*/
usergroup = umGetUserGroup(user);
priv = umGetGroupPrivilege(usergroup);
if (priv == 0) {
return FALSE;
}
/*
* Make sure user's group is enabled
*/
if (!umGetGroupEnabled(usergroup)) {
return FALSE;
}
/*
* The access method of the user group must not be AM_NONE
*/
if (umGetGroupAccessMethod(usergroup) == AM_NONE) {
return FALSE;
}
/*
* Check to see if there is an Access Limit for this URL
*/
urlHavingLimit = umGetAccessLimit(url);
if (urlHavingLimit) {
amURL = umGetAccessLimitMethod(urlHavingLimit);
group = umGetAccessLimitGroup(urlHavingLimit);
bfree(B_L, urlHavingLimit);
} else {
/*
* If there isn't an access limit for the URL, user has full access
*/
return TRUE;
}
/*
* If the access method for the URL is AM_NONE then
* the file "doesn't exist".
*/
if (amURL == AM_NONE) {
return FALSE;
}
/*
* If Access Limit has a group specified, then the user must be a
* member of that group
*/
if (group && *group) {
if (usergroup && (gstrcmp(group, usergroup) != 0)) {
return FALSE;
}
}
/*
* Otherwise, user can access the URL
*/
return TRUE;
}
bool_t umUserCanAccessURL(char_t *user, char_t *url)
{
accessMeth_t amURL;
char_t *group, *usergroup, *urlHavingLimit;
short priv;
a_assert(user && *user);
a_assert(url && *url);
/*
* Make sure user exists
*/
if (!umUserExists(user)) {
return FALSE;
}
/*
* Make sure user is enabled
*/
if (!umGetUserEnabled(user)) {
return FALSE;
}
/*
* Make sure user has sufficient privileges (any will do)
*/
usergroup = umGetUserGroup(user);
priv = umGetGroupPrivilege(usergroup);
if (priv == 0) {
return FALSE;
}
/*
* Make sure user's group is enabled
*/
if (!umGetGroupEnabled(usergroup)) {
return FALSE;
}
/*
* The access method of the user group must not be AM_NONE
*/
if (umGetGroupAccessMethod(usergroup) == AM_NONE) {
return FALSE;
}
/*
* Check to see if there is an Access Limit for this URL
*/
urlHavingLimit = umGetAccessLimit(url);
if (urlHavingLimit) {
amURL = umGetAccessLimitMethod(urlHavingLimit);
group = umGetAccessLimitGroup(urlHavingLimit);
bfree(B_L, urlHavingLimit);
} else {
/*
* If there isn't an access limit for the URL, user has full access
*/
return TRUE;
}
/*
* If the access method for the URL is AM_NONE then
* the file "doesn't exist".
*/
if (amURL == AM_NONE) {
return FALSE;
}
/*
* If Access Limit has a group specified, then the user must be a
* member of that group
*/
if (group && *group) {
#ifdef qHierarchicalAccess
/*
* If we are compiling with the hierarchical access extensions, we
* instead call the user-provided function that checks to see whether
* the current user's access level is greater than or equal to the
* access level required for this URL.
*/
return dmfCanAccess(usergroup, group);
#else
if (usergroup && (gstrcmp(group, usergroup) != 0)) {
return FALSE;
}
#endif
}
/*
* Otherwise, user can access the URL
*/
return TRUE;
}