コード例 #1
0
///////////////////////////////////////////////////////////////
//
// CResource::CommitAclRequest
//
// Right will be created if not exists
// Can't fail
//
///////////////////////////////////////////////////////////////
void CResource::CommitAclRequest ( const SAclRequest& request )
{
    CAccessControlListRight* pAclRight = GetAutoAcl ()->AddRight ( request.rightName.GetName (), request.rightName.GetType (), request.bAccess );

    pAclRight->SetRightAccess ( request.bAccess );
    pAclRight->SetAttributeValue ( "pending", request.bPending ? "true" : "false" );
    pAclRight->SetAttributeValue ( "who", request.strWho );
    pAclRight->SetAttributeValue ( "date", request.strDate );
}
コード例 #2
0
bool CAccessControlListManager::Load ( void )
{
    // Eventually destroy the previously loaded xml
    if ( m_pXML )
    {
        delete m_pXML;
    }

    // Load the XML
    m_pXML = g_pServerInterface->GetXML ()->CreateXML ( GetFileName ().c_str () );
    if ( !m_pXML )
    {
        CLogger::ErrorPrintf ( "Error loading Access Control List file\n" );
        return false;
    }

    // Parse it
    if ( !m_pXML->Parse () )
    {
        CLogger::ErrorPrintf ( "Error parsing Access Control List file\n" );
        return false;
    }

    // Grab the XML root node
    m_pRootNode = m_pXML->GetRootNode ();
    if ( !m_pRootNode )
    {
        CLogger::ErrorPrintf ( "Missing root node ('ACL')\n" );
        return false;
    }

    // Clear previous ACL stuff
    ClearACLs ();
    ClearGroups ();

    // load the acl's
    CXMLNode* pSubNode = NULL;
    unsigned int uiSubNodesCount = m_pRootNode->GetSubNodeCount ();
    for ( unsigned int i = 0 ; i < uiSubNodesCount ; i++ )
    {
        pSubNode = m_pRootNode->GetSubNode ( i );
        if ( !pSubNode ) continue;

        if ( pSubNode->GetTagName ().compare ( "acl" ) == 0 )
        {
            CXMLAttribute* pAttribute = pSubNode->GetAttributes ().Find ( "name" );
            if ( pAttribute )
            {
                CAccessControlList* pACL = AddACL ( pAttribute->GetValue ().c_str () );

                CXMLNode* pSubSubNode = NULL;
                unsigned int uiSubSubNodesCount = pSubNode->GetSubNodeCount ();
                for ( unsigned int j = 0 ; j < uiSubSubNodesCount ; j++ )
                {
                    // If this subnode doesn't exist, return to the for loop and continue it
                    pSubSubNode = pSubNode->GetSubNode ( j );
                    if ( !pSubSubNode ) continue;

                    // Check that this subsub node is named "right"
                    if ( pSubSubNode->GetTagName ().compare ( "right" ) == 0 )
                    {
                        // Grab the name and the access attributes
                        CXMLAttribute* pNameAttribute = pSubSubNode->GetAttributes ().Find ( "name" );
                        CXMLAttribute* pAccessAttribute = pSubSubNode->GetAttributes ().Find ( "access" );
                        if ( pNameAttribute && pAccessAttribute )
                        {
                            // See if the access attribute is true or false
                            bool bAccess = false;
                            std::string strAccess = pAccessAttribute->GetValue ();

                            if ( stricmp ( strAccess.c_str (), "true" ) == 0 ||
                                 stricmp ( strAccess.c_str (), "yes" ) == 0 ||
                                 strcmp ( strAccess.c_str (), "1" ) == 0 )
                            {
                                bAccess = true;
                            }

                            // Grab the name of the 'right' name
                            const char *szRightName = pNameAttribute->GetValue ().c_str ();

                            // Create the rights control list
                            CAccessControlListRight* pRight = NULL;
                            if ( StringBeginsWith ( szRightName, "command." ) )
                            {
                                pRight = pACL->AddRight ( &szRightName[8], CAccessControlListRight::RIGHT_TYPE_COMMAND, bAccess );
                            }
                            else if ( StringBeginsWith ( szRightName, "function." ) )
                            {
                                pRight = pACL->AddRight ( &szRightName[9], CAccessControlListRight::RIGHT_TYPE_FUNCTION, bAccess );
                            }
                            else if ( StringBeginsWith ( szRightName, "resource." ) )
                            {
                                pRight = pACL->AddRight ( &szRightName[9], CAccessControlListRight::RIGHT_TYPE_RESOURCE, bAccess );
                            }
                            else if ( StringBeginsWith ( szRightName, "general." ) )
                            {
                                pRight = pACL->AddRight ( &szRightName[8], CAccessControlListRight::RIGHT_TYPE_GENERAL, bAccess );
                            }
                            else continue;

                            // Set all the extra attributes
                            for ( uint i = 0 ; i < pSubSubNode->GetAttributes ().Count () ; i++ )
                            {
                                CXMLAttribute* pAttribute = pSubSubNode->GetAttributes ().Get ( i );
                                pRight->SetAttributeValue ( pAttribute->GetName (), pAttribute->GetValue () );
                            }
                        }
                    }
                }
            }
        }
    }

    // Load the groups
    pSubNode = NULL;
    uiSubNodesCount = m_pRootNode->GetSubNodeCount ();
    for ( unsigned int i = 0 ; i < uiSubNodesCount ; i++ )
    {
        pSubNode = m_pRootNode->GetSubNode ( i );
        if ( !pSubNode ) continue;

        if ( pSubNode->GetTagName ().compare ( "group" ) == 0 )
        {
            CXMLAttribute* pAttribute = pSubNode->GetAttributes ().Find ( "name" );
            if ( pAttribute )
            {
                CAccessControlListGroup* pGroup = AddGroup ( pAttribute->GetValue ().c_str () );

                CXMLNode* pSubSubNode = NULL;
                unsigned int uiSubSubNodesCount = pSubNode->GetSubNodeCount ();
                for ( unsigned int j = 0 ; j < uiSubSubNodesCount ; j++ )
                {
                    pSubSubNode = pSubNode->GetSubNode ( j );
                    if ( !pSubSubNode ) continue;

                    if ( pSubSubNode->GetTagName ().compare ( "object" ) == 0 )
                    {
                        CXMLAttribute* pSubAttribute = pSubSubNode->GetAttributes ().Find ( "name" );
                        if ( pSubAttribute )
                        {
                            const char *szAccountName = pSubAttribute->GetValue ().c_str ();

                            if ( StringBeginsWith ( szAccountName, "user." ) )
                            {
                                pGroup->AddObject ( &szAccountName[5], CAccessControlListGroupObject::OBJECT_TYPE_USER );
                            }
                            else if ( StringBeginsWith ( szAccountName, "resource." ) )
                            {
                                pGroup->AddObject ( &szAccountName[9], CAccessControlListGroupObject::OBJECT_TYPE_RESOURCE );
                            }
                        }
                    }
                    else if ( pSubSubNode->GetTagName ().compare ( "acl" ) == 0 )
                    {
                        CXMLAttribute* pSubAttribute = pSubSubNode->GetAttributes ().Find ( "name" );
                        if ( pSubAttribute )
                        {
                            CAccessControlList* pACL = GetACL ( pSubAttribute->GetValue ().c_str () );
                            if ( pACL )
                            {
                                pGroup->AddACL ( pACL );
                            }
                        }
                    }
                }
            }
        }
    }

    m_bNeedsSave = false;
    return true;
}