int SearchUser(char *Name) { FILE *fil; /* * Allways reread the users file. */ if ((fil = fopen(usr_fil, "r")) == NULL) { memset(&usr, 0, sizeof(usr)); return FALSE; } fread(&usrhdr, sizeof(usrhdr), 1, fil); while (fread(&usr, usrhdr.recsize, 1, fil) == 1) { if (TestUser(Name)) { fclose(fil); return TRUE; } } fclose(fil); return FALSE; }
Bool16 QTAccessFile::AccessAllowed ( char *userName, char**groupArray, UInt32 numGroups, StrPtrLen *accessFileBufPtr, QTSS_ActionFlags inFlags,StrPtrLen* ioRealmNameStr, Bool16 *outAllowAnyUserPtr, void *extraDataPtr ) { if (NULL == accessFileBufPtr || NULL == accessFileBufPtr->Ptr || 0 == accessFileBufPtr->Len) return true; // nothing to check if (ioRealmNameStr != NULL && ioRealmNameStr->Ptr != NULL && ioRealmNameStr->Len > 0) ioRealmNameStr->Ptr[0] = 0; StringParser accessFileParser(accessFileBufPtr); QTSS_ActionFlags currentFlags = qtssActionFlagsRead; StrPtrLen line; StrPtrLen word; Bool16 haveUserName = false; Bool16 haveRealmResultBuffer = false; Bool16 haveGroups = false; *outAllowAnyUserPtr = false; haveUserName = HaveUser(userName, extraDataPtr); haveGroups = HaveGroups(groupArray, numGroups, extraDataPtr); haveRealmResultBuffer = HaveRealm(userName, ioRealmNameStr, extraDataPtr ); while( accessFileParser.GetDataRemaining() != 0 ) { accessFileParser.GetThruEOL(&line); // Read each line StringParser lineParser(&line); lineParser.ConsumeWhitespace();//skip over leading whitespace if (lineParser.GetDataRemaining() == 0) // must be an empty line continue; char firstChar = lineParser.PeekFast(); if ( (firstChar == '#') || (firstChar == '\0') ) continue; //skip over comments and blank lines... lineParser.ConsumeUntilWhitespace(&word); if ( word.Equal("<Limit") ) // a limit line { currentFlags = qtssActionFlagsNoFlags; // clear to no access lineParser.ConsumeWhitespace(); lineParser.ConsumeUntil( &word, sWhitespaceAndGreaterThanMask); // the flag <limit Read> or <limit Read > while (word.Len != 0) // compare each word in the line { if (word.Equal("WRITE") ) { currentFlags |= inFlags & qtssActionFlagsWrite; // accept following lines if inFlags has write } if (word.Equal("READ") ) { currentFlags |= inFlags & qtssActionFlagsRead; // accept following lines if inFlags has read } lineParser.ConsumeWhitespace(); lineParser.ConsumeUntil(&word, sWhitespaceAndGreaterThanMask); } continue; //done with limit line } if ( word.Equal("</Limit>") ) currentFlags = qtssActionFlagsRead; // set the current access state to the default of read access if (0 == (currentFlags & inFlags)) continue; // ignore lines because inFlags doesn't match the current access state if (haveRealmResultBuffer && word.Equal("AuthName") ) //realm name { lineParser.ConsumeWhitespace(); lineParser.GetThruEOL(&word); StringParser::UnQuote(&word);// if the parsed string is surrounded by quotes then remove them. GetRealm(&word, ioRealmNameStr, userName, extraDataPtr ); // we don't change the buffer len ioRealmNameStr->Len because we might have another AuthName tag to copy continue; // done with AuthName (realm) } if (word.Equal("require") ) { lineParser.ConsumeWhitespace(); lineParser.ConsumeUntilWhitespace(&word); if (haveUserName && word.Equal("valid-user") ) { return true; } if ( word.Equal("any-user") ) { *outAllowAnyUserPtr = true; return true; } if (!haveUserName) continue; if (word.Equal("user") ) { lineParser.ConsumeWhitespace(); lineParser.ConsumeUntilWhitespace(&word); while (word.Len != 0) // compare each word in the line { if (TestUser(&word, userName, extraDataPtr )) return true; lineParser.ConsumeWhitespace(); lineParser.ConsumeUntilWhitespace(&word); } continue; // done with "require user" line } if (haveGroups && word.Equal("group")) // check if we have groups for the user { lineParser.ConsumeWhitespace(); lineParser.ConsumeUntilWhitespace(&word); while (word.Len != 0) // compare each word in the line { if (TestGroup(&word, userName, groupArray, numGroups, extraDataPtr) ) return true; lineParser.ConsumeWhitespace(); lineParser.ConsumeUntilWhitespace(&word); } continue; // done with "require group" line } if (TestExtraData(&word, &lineParser, extraDataPtr)) return true; continue; // done with unparsed "require" line } } return false; // user or group not found }