/**
* aux function to traverse g_hash_table of graph acls.
*/
void key_in(gpointer key, gpointer value, gpointer user_data) {
fs_rid *g = (fs_rid *)key;
struct _acl_sec_tuple *t = (struct _acl_sec_tuple *) user_data;
fs_rid_set *graph_keys = (fs_rid_set *)value;
if (!fs_rid_set_contains(graph_keys,t->user_key)) {
fs_rid_set_add(t->res,*g);
t->set_size++;
}
}
END_TEST
START_TEST (check_fs_rid_set_add_contains)
{
fs_rid_set *s = fs_rid_set_new();
fail_unless(s != NULL);
int i=0;
for (i=0; i < 1e4; i++) {
fs_rid_set_add(s, i);
}
for (i=0; i < 1e4; i++) {
fail_if(!fs_rid_set_contains(s,i));
}
fs_rid_set_free(s);
}
/**
* It discards graph rows that are not accesible by the query user
* m is the models (column 0) result of the bind
* inv_acl is the set of graphs that the query cannot access
* discarded returns a bit_array by reference with 0's in not accesible rows
*/
int fs_mark_discard_rows(fs_rid_vector *m, fs_rid_set *inv_acl, unsigned char **discarded) {
int qdiscarded = 0;
unsigned char *allow_access = NULL;
if (inv_acl) {
int count = fs_rid_vector_length(m);
for (int i=0 ; i<count ; i++) {
fs_rid rid_m = m->data[i];
if (fs_rid_set_contains(inv_acl, rid_m)) {
if (!allow_access) allow_access = fs_new_bit_array(count);
fs_bit_array_set(allow_access,i,0);
qdiscarded++;
}
}
}
if (allow_access)
*discarded = allow_access;
return qdiscarded;
}
/**
* decides wheter a user rid is admin or not
*/
static int is_admin(fs_rid_set *admins, fs_rid user_rid) {
/* if no admin users then all users are admins */
if (!admins)
return 1;
return fs_rid_set_contains(admins,user_rid);
}