[1595] in Moira
respun list access patch
daemon@ATHENA.MIT.EDU (Garry Zacheiss)
Fri Jun 30 18:27:58 2000
Message-Id: <200006302227.SAA06006@sweet-transvestite.mit.edu>
To: moiradev@MIT.EDU
Date: Fri, 30 Jun 2000 18:27:55 -0400
From: Garry Zacheiss <zacheiss@MIT.EDU>
As per discussion on moira-admin, here's the access_list() patch
redone to allow a user to remove a list they own from any list, but not
add a list they own to any public list.
Index: qaccess.pc
===================================================================
RCS file: /afs/athena.mit.edu/astaff/project/moiradev/repository/moira/server/qaccess.pc,v
retrieving revision 2.16
diff -c -r2.16 qaccess.pc
*** qaccess.pc 2000/06/02 19:46:21 2.16
--- qaccess.pc 2000/06/29 16:52:43
***************
*** 127,138 ****
int access_list(struct query *q, char *argv[], client *cl)
{
EXEC SQL BEGIN DECLARE SECTION;
! int list_id, acl_id, flags, gid, users_id;
char acl_type[LIST_ACL_TYPE_SIZE], name[LIST_NAME_SIZE], *newname;
EXEC SQL END DECLARE SECTION;
int status;
list_id = *(int *)argv[0];
EXEC SQL SELECT acl_id, acl_type, gid, publicflg, name
INTO :acl_id, :acl_type, :gid, :flags, :name
FROM list
--- 127,140 ----
int access_list(struct query *q, char *argv[], client *cl)
{
EXEC SQL BEGIN DECLARE SECTION;
! int list_id, acl_id, flags, gid, users_id, member_id, member_acl_id;
char acl_type[LIST_ACL_TYPE_SIZE], name[LIST_NAME_SIZE], *newname;
+ char member_acl_type[LIST_ACL_TYPE_SIZE];
EXEC SQL END DECLARE SECTION;
int status;
list_id = *(int *)argv[0];
+ member_id = *(int *)argv[2];
EXEC SQL SELECT acl_id, acl_type, gid, publicflg, name
INTO :acl_id, :acl_type, :gid, :flags, :name
FROM list
***************
*** 142,148 ****
return MR_INTERNAL;
/* Allow client to add self to public list or delete self from any
! * list.
*/
if ((((!strcmp("amtl", q->shortname) ||
!strcmp("atml", q->shortname)) && flags) ||
--- 144,151 ----
return MR_INTERNAL;
/* Allow client to add self to public list or delete self from any
! * list. Also allow client to add a list they own to a public list
! * and remove a list they own from any list.
*/
if ((((!strcmp("amtl", q->shortname) ||
!strcmp("atml", q->shortname)) && flags) ||
***************
*** 152,157 ****
--- 155,171 ----
return MR_SUCCESS;
if (!strcmp("KERBEROS", argv[1]) && *(int *)argv[2] == -cl->client_id)
return MR_SUCCESS;
+ if (!strcmp("LIST", argv[1]) && !strcmp("dmfl", q->shortname))
+ {
+ EXEC SQL SELECT acl_id, acl_type INTO :member_acl_id,
+ :member_acl_type
+ FROM list
+ WHERE list_id = :member_id;
+
+ if (find_member(member_acl_type, member_acl_id, cl))
+ return MR_SUCCESS;
+ }
+
} /* if update_list, don't allow them to change the GID or rename to
a username other than their own */
else if (!strcmp("ulis", q->shortname))
