int
_rsSpecificQuery( rsComm_t *rsComm, specificQueryInp_t *specificQueryInp,
genQueryOut_t **genQueryOut ) {
int status;
*genQueryOut = ( genQueryOut_t* )malloc( sizeof( genQueryOut_t ) );
memset( ( char * )*genQueryOut, 0, sizeof( genQueryOut_t ) );
status = chlSpecificQuery( *specificQueryInp, *genQueryOut );
if ( status == CAT_UNKNOWN_SPECIFIC_QUERY ) {
int i;
i = addRErrorMsg( &rsComm->rError, 0, "The SQL is not pre-defined.\n See 'iadmin h asq' (add specific query)" );
if ( i < 0 ) {
irods::log( i, "addErrorMsg failed" );
}
}
if ( status < 0 ) {
clearGenQueryOut( *genQueryOut );
free( *genQueryOut );
*genQueryOut = NULL;
if ( status != CAT_NO_ROWS_FOUND ) {
rodsLog( LOG_NOTICE,
"_rsSpecificQuery: specificQuery status = %d", status );
}
return status;
}
return status;
}
int
_rsGenQuery (rsComm_t *rsComm, genQueryInp_t *genQueryInp,
genQueryOut_t **genQueryOut)
{
int status;
static int ruleExecuted=0;
ruleExecInfo_t rei;
static int ruleResult=0;
static int PrePostProcForGenQueryFlag = -2;
int i, argc;
ruleExecInfo_t rei2;
char *args[MAX_NUM_OF_ARGS_IN_ACTION];
if (PrePostProcForGenQueryFlag < 0) {
if (getenv("PREPOSTPROCFORGENQUERYFLAG") != NULL)
PrePostProcForGenQueryFlag = 1;
else
PrePostProcForGenQueryFlag = 0;
}
memset ((char*)&rei2, 0, sizeof (ruleExecInfo_t));
rei2.rsComm = rsComm;
if (rsComm != NULL) {
rei2.uoic = &rsComm->clientUser;
rei2.uoip = &rsComm->proxyUser;
}
/* printGenQI(genQueryInp); for debug */
*genQueryOut = (genQueryOut_t*)malloc(sizeof(genQueryOut_t));
memset((char *)*genQueryOut, 0, sizeof(genQueryOut_t));
if (ruleExecuted==0) {
#if 0
msParam_t *outMsParam;
#endif
memset((char*)&rei,0,sizeof(rei));
rei.rsComm = rsComm;
if (rsComm != NULL) {
/* Include the user info for possible use by the rule. Note
that when this is called (as the agent is initializing),
this user info is not confirmed yet. For password
authentication though, the agent will soon exit if this
is not valid. But tor GSI, the user information may not
be present and/or may be changed when the authentication
completes, so it may not be safe to use this in a GSI
enabled environment. This addition of user information
was requested by ARCS/IVEC (Sean Fleming) to avoid a
local patch.
*/
rei.uoic = &rsComm->clientUser;
rei.uoip = &rsComm->proxyUser;
}
#ifdef RULE_ENGINE_N
if (getRuleEngineStatus() == UNINITIALIZED) {
/* Skip the call to run acAclPolicy if the Rule Engine
hasn't been initialized yet, which happens for a couple
initial queries made by the agent when starting up. The
new RE logs these types of errors and so this avoids that.
*/
status = -1;
}
else
#endif
{
status = applyRule ("acAclPolicy", NULL, &rei, NO_SAVE_REI);
ruleResult = rei.status;
}
if (status==0) {
ruleExecuted=1; /* No need to retry next time since it
succeeded. Since this is called at
startup, the Rule Engine may not be
initialized yet, in which case the
default setting is fine and we should
retry next time. */
#if 0
/* No longer need this as msiAclPolicy calls
chlGenQueryAccessControlSetup to set the flag. Leaving
it in the code for now in case needed later. */
outMsParam = getMsParamByLabel(&rei.inOutMsParamArray, "STRICT");
printf("outMsParam=%x\n",(int)outMsParam);
if (outMsParam != NULL) {
ruleResult=1;
}
#endif
}
#if 0
printf("rsGenQuery rule status=%d ruleResult=%d\n",status,ruleResult);
#endif
}
chlGenQueryAccessControlSetup(rsComm->clientUser.userName,
rsComm->clientUser.rodsZone,
rsComm->clientAddr,
rsComm->clientUser.authInfo.authFlag,
-1);
#if 0
rodsLog (LOG_NOTICE,
"_rsGenQuery debug: client %s %d proxy %s %d",
rsComm->clientUser.userName,
rsComm->clientUser.authInfo.authFlag,
rsComm->proxyUser.userName,
rsComm->proxyUser.authInfo.authFlag);
#endif
/** RAJA ADDED June 1 2009 for pre-post processing rule hooks **/
if (PrePostProcForGenQueryFlag == 1) {
args[0] = (char *) malloc(300);
sprintf(args[0],"%ld",(long) genQueryInp);
argc = 1;
i = applyRuleArg("acPreProcForGenQuery",args,argc, &rei2, NO_SAVE_REI);
free(args[0]);
if (i < 0) {
rodsLog (LOG_ERROR,
"rsGenQuery:acPreProcForGenQuery error,stat=%d", i);
if (i != NO_MICROSERVICE_FOUND_ERR)
return i;
}
}
/** RAJA ADDED June 1 2009 for pre-post processing rule hooks **/
status = chlGenQuery(*genQueryInp, *genQueryOut);
/** RAJA ADDED June 1 2009 for pre-post processing rule hooks **/
if (PrePostProcForGenQueryFlag == 1) {
args[0] = (char *) malloc(300);
args[1] = (char *) malloc(300);
args[2] = (char *) malloc(300);
sprintf(args[0],"%ld",(long) genQueryInp);
sprintf(args[1],"%ld",(long) *genQueryOut);
sprintf(args[2],"%d",status);
argc = 3;
i = applyRuleArg("acPostProcForGenQuery",args,argc, &rei2, NO_SAVE_REI);
free(args[0]);
free(args[1]);
free(args[2]);
if (i < 0) {
rodsLog (LOG_ERROR,
"rsGenQuery:acPostProcForGenQuery error,stat=%d", i);
if (i != NO_MICROSERVICE_FOUND_ERR)
return i;
}
}
/** RAJA ADDED June 1 2009 for pre-post processing rule hooks **/
if (status < 0) {
clearGenQueryOut (*genQueryOut);
free (*genQueryOut);
*genQueryOut = NULL;
if (status != CAT_NO_ROWS_FOUND) {
rodsLog (LOG_NOTICE,
"_rsGenQuery: genQuery status = %d", status);
}
return (status);
}
return (status);
}
int
_rsGenQuery( rsComm_t *rsComm, genQueryInp_t *genQueryInp,
genQueryOut_t **genQueryOut ) {
int status;
static int ruleExecuted = 0;
ruleExecInfo_t rei;
static int PrePostProcForGenQueryFlag = -2;
int i, argc;
ruleExecInfo_t rei2;
char *args[MAX_NUM_OF_ARGS_IN_ACTION];
if ( PrePostProcForGenQueryFlag < 0 ) {
if ( getenv( "PREPOSTPROCFORGENQUERYFLAG" ) != NULL ) {
PrePostProcForGenQueryFlag = 1;
}
else {
PrePostProcForGenQueryFlag = 0;
}
}
memset( ( char* )&rei2, 0, sizeof( ruleExecInfo_t ) );
rei2.rsComm = rsComm;
if ( rsComm != NULL ) {
rei2.uoic = &rsComm->clientUser;
rei2.uoip = &rsComm->proxyUser;
}
/* printGenQI(genQueryInp); for debug */
*genQueryOut = ( genQueryOut_t* )malloc( sizeof( genQueryOut_t ) );
memset( ( char * )*genQueryOut, 0, sizeof( genQueryOut_t ) );
if ( ruleExecuted == 0 ) {
memset( ( char* )&rei, 0, sizeof( rei ) );
rei.rsComm = rsComm;
if ( rsComm != NULL ) {
/* Include the user info for possible use by the rule. Note
that when this is called (as the agent is initializing),
this user info is not confirmed yet. For password
authentication though, the agent will soon exit if this
is not valid. But tor GSI, the user information may not
be present and/or may be changed when the authentication
completes, so it may not be safe to use this in a GSI
enabled environment. This addition of user information
was requested by ARCS/IVEC (Sean Fleming) to avoid a
local patch.
*/
rei.uoic = &rsComm->clientUser;
rei.uoip = &rsComm->proxyUser;
}
if ( getRuleEngineStatus() == UNINITIALIZED ) {
/* Skip the call to run acAclPolicy if the Rule Engine
hasn't been initialized yet, which happens for a couple
initial queries made by the agent when starting up. The
new RE logs these types of errors and so this avoids that.
*/
status = -1;
}
else {
status = applyRule( "acAclPolicy", NULL, &rei, NO_SAVE_REI );
}
if ( status == 0 ) {
ruleExecuted = 1; /* No need to retry next time since it
succeeded. Since this is called at
startup, the Rule Engine may not be
initialized yet, in which case the
default setting is fine and we should
retry next time. */
}
}
// =-=-=-=-=-=-=-
// verify that we are running a query for another agent connection
irods::server_properties& props = irods::server_properties::getInstance();
props.capture_if_needed();
std::string svr_sid;
irods::error err = props.get_property< std::string >( irods::AGENT_CONN_KW, svr_sid );
bool agent_conn_flg = err.ok();
// =-=-=-=-=-=-=-
// detect if a request for disable of strict acls is made
int acl_val = -1;
char* dis_kw = getValByKey( &genQueryInp->condInput, DISABLE_STRICT_ACL_KW );
if ( agent_conn_flg && dis_kw ) {
acl_val = 0;
}
// =-=-=-=-=-=-=-
// cache the old acl value for reuse later if necessary
int old_acl_val = chlGenQueryAccessControlSetup(
rsComm->clientUser.userName,
rsComm->clientUser.rodsZone,
rsComm->clientAddr,
rsComm->clientUser.authInfo.authFlag,
acl_val );
if ( PrePostProcForGenQueryFlag == 1 ) {
args[0] = ( char * ) malloc( 300 );
sprintf( args[0], "%ld", ( long ) genQueryInp );
argc = 1;
i = applyRuleArg( "acPreProcForGenQuery", args, argc, &rei2, NO_SAVE_REI );
free( args[0] );
if ( i < 0 ) {
rodsLog( LOG_ERROR,
"rsGenQuery:acPreProcForGenQuery error,stat=%d", i );
if ( i != NO_MICROSERVICE_FOUND_ERR ) {
return i;
}
}
}
/** RAJA ADDED June 1 2009 for pre-post processing rule hooks **/
status = chlGenQuery( *genQueryInp, *genQueryOut );
// =-=-=-=-=-=-=-
// if a disable was requested, repave with old value immediately
if ( agent_conn_flg && dis_kw ) {
chlGenQueryAccessControlSetup(
rsComm->clientUser.userName,
rsComm->clientUser.rodsZone,
rsComm->clientAddr,
rsComm->clientUser.authInfo.authFlag,
old_acl_val );
}
/** RAJA ADDED June 1 2009 for pre-post processing rule hooks **/
if ( PrePostProcForGenQueryFlag == 1 ) {
args[0] = ( char * ) malloc( 300 );
args[1] = ( char * ) malloc( 300 );
args[2] = ( char * ) malloc( 300 );
sprintf( args[0], "%ld", ( long ) genQueryInp );
sprintf( args[1], "%ld", ( long ) *genQueryOut );
sprintf( args[2], "%d", status );
argc = 3;
i = applyRuleArg( "acPostProcForGenQuery", args, argc, &rei2, NO_SAVE_REI );
free( args[0] );
free( args[1] );
free( args[2] );
if ( i < 0 ) {
rodsLog( LOG_ERROR,
"rsGenQuery:acPostProcForGenQuery error,stat=%d", i );
if ( i != NO_MICROSERVICE_FOUND_ERR ) {
return i;
}
}
}
/** RAJA ADDED June 1 2009 for pre-post processing rule hooks **/
if ( status < 0 ) {
clearGenQueryOut( *genQueryOut );
free( *genQueryOut );
*genQueryOut = NULL;
if ( status != CAT_NO_ROWS_FOUND ) {
rodsLog( LOG_NOTICE,
"_rsGenQuery: genQuery status = %d", status );
}
return status;
}
return status;
}
