Exemplo n.º 1
0
accessMeth_t umGetAccessMethodForURL(char_t *url)
{
	accessMeth_t	amRet;
	char_t			*urlHavingLimit, *group;
	
	urlHavingLimit = umGetAccessLimit(url);
	if (urlHavingLimit) {
		group = umGetAccessLimitGroup(urlHavingLimit);

		if (group && *group) {
			amRet = umGetGroupAccessMethod(group);
		} else {
			amRet = umGetAccessLimitMethod(urlHavingLimit);
		}

		bfree(B_L, urlHavingLimit);
	} else {
		amRet = AM_FULL;
	}

	return amRet;
}
Exemplo n.º 2
0
bool_t umUserCanAccessURL(char_t *user, char_t *url)
{
	accessMeth_t	amURL;
	char_t			*group, *usergroup, *urlHavingLimit;
	short			priv;
	
	a_assert(user && *user);
	a_assert(url && *url);

/*
 *	Make sure user exists
 */
	if (!umUserExists(user)) {
		return FALSE;
	}

/*
 *	Make sure user is enabled
 */
	if (!umGetUserEnabled(user)) {
		return FALSE;
	}

/*
 *	Make sure user has sufficient privileges (any will do)
 */
	usergroup = umGetUserGroup(user);
	priv = umGetGroupPrivilege(usergroup);
	if (priv == 0) {
		return FALSE;
	}

/*
 *	Make sure user's group is enabled
 */
	if (!umGetGroupEnabled(usergroup)) {
		return FALSE;
	}

/*
 *	The access method of the user group must not be AM_NONE
 */
	if (umGetGroupAccessMethod(usergroup) == AM_NONE) {
		return FALSE;
	}

/*
 *	Check to see if there is an Access Limit for this URL
 */
	urlHavingLimit = umGetAccessLimit(url);
	if (urlHavingLimit) {
		amURL = umGetAccessLimitMethod(urlHavingLimit);
		group = umGetAccessLimitGroup(urlHavingLimit);
		bfree(B_L, urlHavingLimit);
	} else {
/*
 *		If there isn't an access limit for the URL, user has full access
 */
		return TRUE;
	}

/*
 *	If the access method for the URL is AM_NONE then 
 *	the file "doesn't exist".
 */
	if (amURL == AM_NONE) {
		return FALSE;
	} 
	
/*
 *	If Access Limit has a group specified, then the user must be a 
 *	member of that group
 */
	if (group && *group) {
		if (usergroup && (gstrcmp(group, usergroup) != 0)) {
			return FALSE;
		}
	} 

/*
 *	Otherwise, user can access the URL 
 */
	return TRUE;
}
Exemplo n.º 3
0
bool_t umUserCanAccessURL(char_t *user, char_t *url)
{
	accessMeth_t	amURL;
	char_t			*group, *usergroup, *urlHavingLimit;
	short			priv;

	a_assert(user && *user);
	a_assert(url && *url);

/*
 *	Make sure user exists
 */
	if (!umUserExists(user)) {
		return FALSE;
	}

/*
 *	Make sure user is enabled
 */
	if (!umGetUserEnabled(user)) {
		return FALSE;
	}

/*
 *	Make sure user has sufficient privileges (any will do)
 */
	usergroup = umGetUserGroup(user);
	priv = umGetGroupPrivilege(usergroup);
	if (priv == 0) {
		return FALSE;
	}

/*
 *	Make sure user's group is enabled
 */
	if (!umGetGroupEnabled(usergroup)) {
		return FALSE;
	}

/*
 *	The access method of the user group must not be AM_NONE
 */
	if (umGetGroupAccessMethod(usergroup) == AM_NONE) {
		return FALSE;
	}

/*
 *	Check to see if there is an Access Limit for this URL
 */
	urlHavingLimit = umGetAccessLimit(url);
	if (urlHavingLimit) {
		amURL = umGetAccessLimitMethod(urlHavingLimit);
		group = umGetAccessLimitGroup(urlHavingLimit);
		bfree(B_L, urlHavingLimit);
	} else {
/*
 *		If there isn't an access limit for the URL, user has full access
 */
		return TRUE;
	}

/*
 *	If the access method for the URL is AM_NONE then
 *	the file "doesn't exist".
 */
	if (amURL == AM_NONE) {
		return FALSE;
	}

/*
 *	If Access Limit has a group specified, then the user must be a
 *	member of that group
 */
	if (group && *group) {
#ifdef qHierarchicalAccess
      /*
       * If we are compiling with the hierarchical access extensions, we
       * instead call the user-provided function that checks to see whether
       * the current user's access level is greater than or equal to the
       * access level required for this URL.
       */
      return dmfCanAccess(usergroup, group);

#else
		if (usergroup && (gstrcmp(group, usergroup) != 0)) {
			return FALSE;

		}
#endif
	}

/*
 *	Otherwise, user can access the URL
 */
	return TRUE;

}