[1624] in Moira
server changes, membership acls
daemon@ATHENA.MIT.EDU (Garry Zacheiss)
Mon Aug 7 04:56:10 2000
Message-Id: <200008070856.EAA16782@alice-whacker.mit.edu>
To: moiradev@MIT.EDU
Date: Mon, 07 Aug 2000 04:56:07 -0400
From: Garry Zacheiss <zacheiss@MIT.EDU>
part 2 of 4, this time with changes to the list related queries
(ulis, alis, glin). I've bumped the version number on all of them to
version 4.
Garry
Index: mr_server.h
===================================================================
RCS file: /afs/athena.mit.edu/astaff/project/moiradev/repository/moira/server/mr_server.h,v
retrieving revision 1.52
diff -c -r1.52 mr_server.h
*** mr_server.h 2000/06/29 18:22:54 1.52
--- mr_server.h 2000/08/07 06:15:10
***************
*** 162,167 ****
--- 162,170 ----
int followup_glin(struct query *q, struct save_queue *sq, struct validate *v,
int (*action)(int, char **, void *), void *actarg,
client *cl);
+ int followup_gsin(struct query *q, struct save_queue *sq, struct validate *v,
+ int (*action)(int, char **, void *), void *actarg,
+ client *cl);
int followup_gzcl(struct query *q, struct save_queue *sq, struct validate *v,
int (*action)(int, char **, void *), void *actarg,
client *cl);
Index: qaccess.pc
===================================================================
RCS file: /afs/athena.mit.edu/astaff/project/moiradev/repository/moira/server/qaccess.pc,v
retrieving revision 2.17
diff -c -r2.17 qaccess.pc
*** qaccess.pc 2000/07/05 19:33:26 2.17
--- qaccess.pc 2000/08/07 06:02:24
***************
*** 128,175 ****
{
EXEC SQL BEGIN DECLARE SECTION;
int list_id, acl_id, flags, gid, users_id, member_id, member_acl_id;
char acl_type[LIST_ACL_TYPE_SIZE], name[LIST_NAME_SIZE], *newname;
! char member_acl_type[LIST_ACL_TYPE_SIZE];
EXEC SQL END DECLARE SECTION;
int status;
list_id = *(int *)argv[0];
member_id = *(int *)argv[2];
! EXEC SQL SELECT acl_id, acl_type, gid, publicflg, name
! INTO :acl_id, :acl_type, :gid, :flags, :name
FROM list
WHERE list_id = :list_id;
if (sqlca.sqlerrd[2] != 1)
return MR_INTERNAL;
! /* Allow client to add self to public list or delete self from any
! * list. Also allow client to add a list they own to a public list
! * and remove a list they own from any list.
! */
! if ((((!strcmp("amtl", q->shortname) ||
! !strcmp("atml", q->shortname)) && flags) ||
! (!strcmp("dmfl", q->shortname))))
{
- if (!strcmp("USER", argv[1]) && *(int *)argv[2] == cl->users_id)
- return MR_SUCCESS;
- if (!strcmp("KERBEROS", argv[1]) && *(int *)argv[2] == -cl->client_id)
- return MR_SUCCESS;
- if (!strcmp("LIST", argv[1]) && !strcmp("dmfl", q->shortname))
- {
- EXEC SQL SELECT acl_id, acl_type INTO :member_acl_id,
- :member_acl_type
- FROM list
- WHERE list_id = :member_id;
-
- if (find_member(member_acl_type, member_acl_id, cl))
- return MR_SUCCESS;
- }
-
- } /* if update_list, don't allow them to change the GID or rename to
- a username other than their own */
- else if (!strcmp("ulis", q->shortname))
- {
if (!strcmp(argv[7], UNIQUE_GID))
{
if (gid != -1)
--- 128,155 ----
{
EXEC SQL BEGIN DECLARE SECTION;
int list_id, acl_id, flags, gid, users_id, member_id, member_acl_id;
+ int memacl_id;
char acl_type[LIST_ACL_TYPE_SIZE], name[LIST_NAME_SIZE], *newname;
! char member_acl_type[LIST_ACL_TYPE_SIZE], memacl_type[LIST_ACL_TYPE_SIZE];
EXEC SQL END DECLARE SECTION;
int status;
list_id = *(int *)argv[0];
member_id = *(int *)argv[2];
! EXEC SQL SELECT acl_id, acl_type, memacl_id, memacl_type,
! gid, publicflg, name
! INTO :acl_id, :acl_type, :memacl_id, :memacl_type,
! :gid, :flags, :name
FROM list
WHERE list_id = :list_id;
if (sqlca.sqlerrd[2] != 1)
return MR_INTERNAL;
! /* if update_list, don't allow them to change the GID or rename to a
! username other than their own */
! if (!strcmp("ulis", q->shortname))
{
if (!strcmp(argv[7], UNIQUE_GID))
{
if (gid != -1)
***************
*** 211,222 ****
return MR_PERM;
}
! /* check for client in access control list */
! status = find_member(acl_type, acl_id, cl);
! if (!status)
return MR_PERM;
! return MR_SUCCESS;
}
--- 191,229 ----
return MR_PERM;
}
! /* check for client in access control list and return success right
! * away if it's there. */
! if (find_member(acl_type, acl_id, cl))
! return MR_SUCCESS;
!
! /* If not amtl, atml, or dmfl, we lose. */
! if (strcmp(q->shortname, "amtl") && strcmp(q->shortname, "atml") &&
! strcmp(q->shortname, "dmfl"))
return MR_PERM;
+
+ if (find_member(memacl_type, memacl_id, cl))
+ return MR_SUCCESS;
+
+ if (flags || q->type == DELETE)
+ {
+ if (!strcmp("USER", argv[1]) && *(int *)argv[2] == cl->users_id)
+ return MR_SUCCESS;
+ if (!strcmp("KERBEROS", argv[1]) && *(int *)argv[2] == -cl->client_id)
+ return MR_SUCCESS;
+ if (!strcmp("LIST", argv[1]) && !strcmp("dmfl", q->shortname))
+ {
+ EXEC SQL SELECT acl_id, acl_type INTO :member_acl_id,
+ :member_acl_type
+ FROM list
+ WHERE list_id = :member_id;
+
+ if (find_member(member_acl_type, member_acl_id, cl))
+ return MR_SUCCESS;
+ }
+ }
! /* Otherwise fail. */
! return MR_PERM;
}
Index: qfollow.pc
===================================================================
RCS file: /afs/athena.mit.edu/astaff/project/moiradev/repository/moira/server/qfollow.pc,v
retrieving revision 2.16
diff -c -r2.16 qfollow.pc
*** qfollow.pc 2000/04/21 19:47:40 2.16
--- qfollow.pc 2000/08/07 06:23:02
***************
*** 564,590 ****
client *cl)
{
char **argv;
! int id, i, idx, status;
!
! idx = 7;
! if (!strcmp(q->shortname, "glin") && q->version > 2)
! idx = 8;
! if (!strcmp(q->shortname, "gsin"))
! idx = 11;
while (sq_get_data(sq, &argv))
{
mr_trim_args(q->vcnt, argv);
! status = fix_ace(argv[idx], &argv[idx + 1]);
if (status && status != MR_NO_MATCH)
return status;
! if (!strcmp(q->shortname, "glin") && atoi(argv[6]) == -1)
{
argv[6] = xrealloc(argv[6], strlen(UNIQUE_GID) + 1);
strcpy(argv[6], UNIQUE_GID);
}
}
return followup_fix_modby(q, sq, v, action, actarg, cl);
--- 586,635 ----
client *cl)
{
char **argv;
! int status;
while (sq_get_data(sq, &argv))
{
mr_trim_args(q->vcnt, argv);
! if (q->version == 2)
! status = fix_ace(argv[7], &argv[8]);
! else
! status = fix_ace(argv[8], &argv[9]);
if (status && status != MR_NO_MATCH)
return status;
+ if (q->version > 3)
+ {
+ status = fix_ace(argv[10], &argv[11]);
+ if (status && status != MR_NO_MATCH)
+ return status;
+ }
! if (atoi(argv[6]) == -1)
{
argv[6] = xrealloc(argv[6], strlen(UNIQUE_GID) + 1);
strcpy(argv[6], UNIQUE_GID);
}
+ }
+
+ return followup_fix_modby(q, sq, v, action, actarg, cl);
+ }
+
+ /* followup_gsin: fix the ace_name and modby. */
+ int followup_gsin(struct query *q, struct save_queue *sq, struct validate *v,
+ int (*action)(int, char *[], void *), void *actarg,
+ client *cl)
+ {
+ char **argv;
+ int status;
+
+ while (sq_get_data(sq, &argv))
+ {
+ mr_trim_args(q->vcnt, argv);
+
+ status = fix_ace(argv[11], &argv[12]);
+ if (status && status != MR_NO_MATCH)
+ return status;
}
return followup_fix_modby(q, sq, v, action, actarg, cl);
Index: qsupport.pc
===================================================================
RCS file: /afs/athena.mit.edu/astaff/project/moiradev/repository/moira/server/qsupport.pc,v
retrieving revision 2.25
diff -c -r2.25 qsupport.pc
*** qsupport.pc 2000/06/29 18:22:54 2.25
--- qsupport.pc 2000/08/07 07:52:30
***************
*** 551,558 ****
int acl_access_check(int list_id, client *cl)
{
EXEC SQL BEGIN DECLARE SECTION;
! int c1, c2, lid = list_id, acl_id;
! char acl_type[LIST_ACL_TYPE_SIZE];
EXEC SQL END DECLARE SECTION;
/* Check if the list is directly a capacl */
--- 551,558 ----
int acl_access_check(int list_id, client *cl)
{
EXEC SQL BEGIN DECLARE SECTION;
! int c1, c2, lid = list_id, acl_id, memacl_id;
! char acl_type[LIST_ACL_TYPE_SIZE], memacl_type[LIST_ACL_TYPE_SIZE];
EXEC SQL END DECLARE SECTION;
/* Check if the list is directly a capacl */
***************
*** 571,579 ****
if (cl->proxy_id)
return 1;
! EXEC SQL SELECT acl_type, acl_id INTO :acl_type, :acl_id
FROM list WHERE list_id=:lid;
! return !find_member(acl_type, acl_id, cl);
}
--- 571,587 ----
if (cl->proxy_id)
return 1;
! EXEC SQL SELECT acl_type, acl_id, memacl_type, memacl_id
! INTO :acl_type, :acl_id, :memacl_type, :memacl_id
FROM list WHERE list_id=:lid;
!
! if (!find_member(acl_type, acl_id, cl))
! {
! if (!find_member(memacl_type, memacl_id, cl))
! return 1;
! }
!
! return 0;
}
Index: queries2.c
===================================================================
RCS file: /afs/athena.mit.edu/astaff/project/moiradev/repository/moira/server/queries2.c,v
retrieving revision 2.73
diff -c -r2.73 queries2.c
*** queries2.c 2000/06/29 18:22:54 2.73
--- queries2.c 2000/08/07 07:22:01
***************
*** 1187,1199 ****
"ace_type", "ace_name", "description", "modtime", "modby", "modwith",
};
! static char *glin_fields[] = {
"name",
"name", "active", "publicflg", "hidden", "maillist", "grouplist", "gid",
"nfsgroup", "ace_type", "ace_name", "description", "modtime", "modby",
"modwith",
};
static struct validate glin_validate = {
0,
0,
--- 1187,1206 ----
"ace_type", "ace_name", "description", "modtime", "modby", "modwith",
};
! static char *glin3_fields[] = {
"name",
"name", "active", "publicflg", "hidden", "maillist", "grouplist", "gid",
"nfsgroup", "ace_type", "ace_name", "description", "modtime", "modby",
"modwith",
};
+ static char *glin_fields[] = {
+ "name",
+ "name", "active", "publicflg", "hidden", "maillist", "grouplist", "gid",
+ "nfsgroup", "ace_type", "ace_name", "memacl_type", "memacl_name",
+ "description", "modtime", "modby", "modwith",
+ };
+
static struct validate glin_validate = {
0,
0,
***************
*** 1236,1247 ****
set_modtime,
};
! static char *alis_fields[] = {
"name", "active", "publicflg", "hidden", "maillist", "grouplist", "gid",
"nfsgroup", "ace_type", "ace_name", "description",
};
! static struct valobj alis_valobj[] = {
{V_CHAR, 0, LIST_TABLE, "name"},
{V_NUM, 1},
{V_NUM, 2},
--- 1243,1254 ----
set_modtime,
};
! static char *alis3_fields[] = {
"name", "active", "publicflg", "hidden", "maillist", "grouplist", "gid",
"nfsgroup", "ace_type", "ace_name", "description",
};
! static struct valobj alis3_valobj[] = {
{V_CHAR, 0, LIST_TABLE, "name"},
{V_NUM, 1},
{V_NUM, 2},
***************
*** 1255,1263 ****
{V_LEN, 10, LIST_TABLE, "description"},
};
static struct validate alis_validate = {
alis_valobj,
! 11,
"name",
"name = '%s'",
1,
--- 1262,1304 ----
{V_LEN, 10, LIST_TABLE, "description"},
};
+ static struct validate alis3_validate = {
+ alis3_valobj,
+ 11,
+ "name",
+ "name = '%s'",
+ 1,
+ "list_id",
+ 0,
+ setup_alis,
+ set_modtime,
+ };
+
+ static char *alis_fields[] = {
+ "name", "active", "publicflg", "hidden", "maillist", "grouplist", "gid",
+ "nfsgroup", "ace_type", "ace_name", "memace_type", "memace_name",
+ "description",
+ };
+
+ static struct valobj alis_valobj[] = {
+ {V_CHAR, 0, LIST_TABLE, "name"},
+ {V_NUM, 1},
+ {V_NUM, 2},
+ {V_NUM, 3},
+ {V_NUM, 4},
+ {V_NUM, 5},
+ {V_NUM, 6},
+ {V_NUM, 7},
+ {V_TYPE, 8, 0, "ace_type", 0, MR_ACE},
+ {V_TYPEDATA, 9, 0, 0, "list_id", MR_ACE},
+ {V_TYPE, 10, 0, "ace_type", 0, MR_ACE},
+ {V_TYPEDATA, 11, 0, 0, "list_id", MR_ACE},
+ {V_LEN, 12, LIST_TABLE, "description"},
+ };
+
static struct validate alis_validate = {
alis_valobj,
! 13,
"name",
"name = '%s'",
1,
***************
*** 1299,1311 ****
set_modtime_by_id,
};
! static char *ulis_fields[] = {
"name",
"newname", "active", "publicflg", "hidden", "maillist", "grouplist", "gid",
"nfsgroup", "ace_type", "ace_name", "description",
};
! static struct valobj ulis_valobj[] = {
{V_ID, 0, LIST_TABLE, "name", "list_id", MR_LIST},
{V_RENAME, 1, LIST_TABLE, "name", "list_id", MR_NOT_UNIQUE},
{V_NUM, 2},
--- 1340,1352 ----
set_modtime_by_id,
};
! static char *ulis3_fields[] = {
"name",
"newname", "active", "publicflg", "hidden", "maillist", "grouplist", "gid",
"nfsgroup", "ace_type", "ace_name", "description",
};
! static struct valobj ulis3_valobj[] = {
{V_ID, 0, LIST_TABLE, "name", "list_id", MR_LIST},
{V_RENAME, 1, LIST_TABLE, "name", "list_id", MR_NOT_UNIQUE},
{V_NUM, 2},
***************
*** 1320,1327 ****
{V_LEN, 11, LIST_TABLE, "description"},
};
! static struct validate ulis_validate = {
! ulis_valobj,
12,
"name",
"list_id = %d",
--- 1361,1368 ----
{V_LEN, 11, LIST_TABLE, "description"},
};
! static struct validate ulis3_validate = {
! ulis3_valobj,
12,
"name",
"list_id = %d",
***************
*** 1332,1337 ****
--- 1373,1414 ----
set_modtime_by_id,
};
+ static char *ulis_fields[] = {
+ "name",
+ "newname", "active", "publicflg", "hidden", "maillist", "grouplist", "gid",
+ "nfsgroup", "ace_type", "ace_name", "memace_type", "memace_name",
+ "description",
+ };
+
+ static struct valobj ulis_valobj[] = {
+ {V_ID, 0, LIST_TABLE, "name", "list_id", MR_LIST},
+ {V_RENAME, 1, LIST_TABLE, "name", "list_id", MR_NOT_UNIQUE},
+ {V_NUM, 2},
+ {V_NUM, 3},
+ {V_NUM, 4},
+ {V_NUM, 5},
+ {V_NUM, 6},
+ {V_NUM, 7},
+ {V_NUM, 8},
+ {V_TYPE, 9, 0, "ace_type", 0, MR_ACE},
+ {V_TYPEDATA, 10, 0, 0, "list_id", MR_ACE},
+ {V_TYPE, 11, 0, "ace_type", 0, MR_ACE},
+ {V_TYPEDATA, 12, 0, 0, "list_id", MR_ACE},
+ {V_LEN, 13, LIST_TABLE, "description"},
+ };
+
+ static struct validate ulis_validate = {
+ ulis_valobj,
+ 14,
+ "name",
+ "list_id = %d",
+ 1,
+ "list_id",
+ access_list,
+ setup_alis,
+ set_modtime_by_id,
+ };
+
static char *dlis_fields[] = {
"name",
};
***************
*** 1562,1568 ****
0,
access_service,
0,
! followup_glin,
};
static char *qgsv_fields[] = {
--- 1639,1645 ----
0,
access_service,
0,
! followup_gsin,
};
static char *qgsv_fields[] = {
***************
*** 4163,4169 ****
"l",
LIST_TABLE,
"name, active, publicflg, hidden, maillist, grouplist, gid, nfsgroup, acl_type, acl_id, description, TO_CHAR(modtime, 'DD-mon-YYYY HH24:MI:SS'), modby, modwith FROM list",
! glin_fields,
14,
"name LIKE '%s'",
1,
--- 4256,4262 ----
"l",
LIST_TABLE,
"name, active, publicflg, hidden, maillist, grouplist, gid, nfsgroup, acl_type, acl_id, description, TO_CHAR(modtime, 'DD-mon-YYYY HH24:MI:SS'), modby, modwith FROM list",
! glin3_fields,
14,
"name LIKE '%s'",
1,
***************
*** 4172,4177 ****
--- 4265,4287 ----
},
{
+ /* Q_GLIN - GET_LIST_INFO, v4 */
+ "get_list_info",
+ "glin",
+ 4,
+ RETRIEVE,
+ "l",
+ LIST_TABLE,
+ "name, active, publicflg, hidden, maillist, grouplist, gid, nfsgroup, acl_type, acl_id, memacl_type, memacl_id, description, TO_CHAR(modtime, 'DD-mon-YYYY HH24:MI:SS'), modby, modwith FROM list",
+ glin_fields,
+ 16,
+ "name LIKE '%s'",
+ 1,
+ "name",
+ &glin_validate,
+ },
+
+ {
/* Q_EXLN - EXPAND_LIST_NAMES */
"expand_list_names",
"exln",
***************
*** 4214,4224 ****
"l",
LIST_TABLE,
"INTO list (name, active, publicflg, hidden, maillist, grouplist, gid, nfsgroup, acl_type, acl_id, description, list_id) VALUES ('%s', %s, %s, %s, %s, %s, %s, %s, '%s', %d, NVL('%s', CHR(0)), %s)",
! alis_fields,
11,
0,
0,
NULL,
&alis_validate,
},
--- 4324,4351 ----
"l",
LIST_TABLE,
"INTO list (name, active, publicflg, hidden, maillist, grouplist, gid, nfsgroup, acl_type, acl_id, description, list_id) VALUES ('%s', %s, %s, %s, %s, %s, %s, %s, '%s', %d, NVL('%s', CHR(0)), %s)",
! alis3_fields,
11,
0,
0,
NULL,
+ &alis3_validate,
+ },
+
+ {
+ /* Q_ALIS - ADD_LIST, v4 */ /* uses prefetch_value() for list_id */
+ "add_list",
+ "alis",
+ 4,
+ APPEND,
+ "l",
+ LIST_TABLE,
+ "INTO list (name, active, publicflg, hidden, maillist, grouplist, gid, nfsgroup, acl_type, acl_id, memacl_type, memacl_id, description, list_id) VALUES ('%s', %s, %s, %s, %s, %s, %s, %s, '%s', %d, '%s', %d, NVL('%s', CHR(0)), %s)",
+ alis_fields,
+ 13,
+ 0,
+ 0,
+ NULL,
&alis_validate,
},
***************
*** 4248,4258 ****
"l",
LIST_TABLE,
"list SET name = '%s', active = %s, publicflg = %s, hidden = %s, maillist = %s, grouplist = %s, gid = %s, nfsgroup = %s, acl_type = '%s', acl_id = %d, description = NVL('%s', CHR(0))",
! ulis_fields,
11,
"list_id = %d",
1,
NULL,
&ulis_validate,
},
--- 4375,4402 ----
"l",
LIST_TABLE,
"list SET name = '%s', active = %s, publicflg = %s, hidden = %s, maillist = %s, grouplist = %s, gid = %s, nfsgroup = %s, acl_type = '%s', acl_id = %d, description = NVL('%s', CHR(0))",
! ulis3_fields,
11,
"list_id = %d",
1,
NULL,
+ &ulis3_validate,
+ },
+
+ {
+ /* Q_ULIS, UPDATE_LIST, v4 */
+ "update_list",
+ "ulis",
+ 4,
+ UPDATE,
+ "l",
+ LIST_TABLE,
+ "list SET name = '%s', active = %s, publicflg = %s, hidden = %s, maillist = %s, grouplist = %s, gid = %s, nfsgroup = %s, acl_type = '%s', acl_id = %d, memacl_type = '%s', memacl_id = %d, description = NVL('%s', CHR(0))",
+ ulis_fields,
+ 13,
+ "list_id = %d",
+ 1,
+ NULL,
&ulis_validate,
},
