fixes some acl safs

Fri, 30 Dec 2016 19:43:41 +0100

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Fri, 30 Dec 2016 19:43:41 +0100
changeset 143
6bf5d2f37425
parent 142
55298bc9ed28
child 144
4b546c4f25ed

fixes some acl safs

src/server/safs/pathcheck.c file | annotate | diff | comparison | revisions
--- a/src/server/safs/pathcheck.c	Fri Dec 30 18:47:26 2016 +0100
+++ b/src/server/safs/pathcheck.c	Fri Dec 30 19:43:41 2016 +0100
@@ -65,6 +65,14 @@
         return REQ_ABORTED;
     }
     
+    char *method = pblock_findval("method", pb);
+    if(method) {
+        char *m = pblock_findkeyval(pb_key_method, rq->reqpb);
+        if(strcmp(method, m)) {
+            return REQ_NOACTION;
+        }
+    }
+    
     uint32_t access_mask = 0;
     ssize_t n = 0;
     sstr_t *rights = sstrsplit(sstr(mask_str), sstrn(",", 1), &n);
@@ -73,6 +81,8 @@
         access_mask = access_mask | accstr2int(right);
     }
     
+    rq->aclreqaccess = access_mask;
+    
     return REQ_PROCEED;
 }
 
@@ -100,7 +110,7 @@
 
 
 int check_acl(pblock *pb, Session *sn, Request *rq) {
-    int access_mask = ACL_READ_DATA; // TODO: check method and path
+    int access_mask = ACL_READ_DATA | rq->aclreqaccess; // TODO: check method and path
     
     int ret = acl_evaluate(sn, rq, access_mask);
     if(ret == REQ_ABORTED) {

mercurial