The access fields for view and namespaces. Fix problem with args. Patch by Camilo A. Arboleda

git-svn-id: https://klish.googlecode.com/svn/trunk@471 0eaa4687-2ee9-07dd-09d9-bcdd2d2dd5fb

clish.xsd

@@ -156,6 +156,7 @@
         <xs:attribute name="prompt" type="xs:string" use="optional"/>
         <xs:attribute name="depth" type="xs:string" use="optional" default="0"/>
         <xs:attribute name="restore" type="restore_t" use="optional" default="none"/>
+        <xs:attribute name="access" type="xs:string" use="optional"/>
     </xs:complexType>
     <!--
 *******************************************************
@@ -413,6 +414,7 @@
         <xs:attribute name="completion" type="bool_t" use="optional" default="true"/>
         <xs:attribute name="context_help" type="bool_t" use="optional" default="false"/>
         <xs:attribute name="inherit" type="bool_t" use="optional" default="true"/>
+        <xs:attribute name="access" type="xs:string" use="optional"/>
     </xs:complexType>
 
 <!--

clish/callback_access.c

@@ -33,11 +33,11 @@ bool_t clish_access_callback(const clish_shell_t * shell, const char *access)
 	ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;
 	group_list = (gid_t *)malloc(ngroups_max * sizeof(gid_t));
 
-	/* get the groups for the current user */
+	/* Get the groups for the current user */
 	num_groups = getgroups(ngroups_max, group_list);
 	assert(num_groups != -1);
 
-	/* now check these against the access provided */
+	/* Now check these against the access provided */
 	/* The external loop goes trough the list of valid groups */
 	/* The allowed groups are indicated by a colon-separated (:) list. */
 	for (tmp_access = strtok_r(full_access, ":", &saveptr);

clish/ptype/ptype.c

@@ -550,6 +550,7 @@ void
 clish_ptype__set_preprocess(clish_ptype_t * this,
 	clish_ptype_preprocess_e preprocess)
 {
+	assert(!this->preprocess);
 	this->preprocess = preprocess;
 }
 

clish/shell.h

@@ -311,6 +311,8 @@ clish_ptype_t *clish_shell_find_create_ptype(clish_shell_t * instance,
 	const char *pattern,
 	clish_ptype_method_e method,
 	clish_ptype_preprocess_e preprocess);
+clish_ptype_t *clish_shell_find_ptype(clish_shell_t *instance,
+	const char *name);
 int clish_shell_xml_read(clish_shell_t * instance, const char *filename);
 void clish_shell_help(clish_shell_t * instance, const char *line);
 bool_t clish_shell_exec_action(clish_action_t *action,

clish/shell/shell_new.c

@@ -79,6 +79,14 @@ static void clish_shell_init(clish_shell_t * this,
 		"Interactive flag", tmp_ptype);
 	clish_param__set_hidden(this->param_interactive, BOOL_TRUE);
 
+	/* PTYPE for args */
+	tmp_ptype = clish_shell_find_create_ptype(this,
+		"internal_ARGS",
+		"Arguments", "[^\\]+",
+		CLISH_PTYPE_REGEXP,
+		CLISH_PTYPE_NONE);
+	assert(tmp_ptype);
+
 	/* Push non-NULL istream */
 	if (istream)
 		clish_shell_push_fd(this, istream, stop_on_error);

clish/shell/shell_ptype.c

@@ -1,9 +1,18 @@
 /*
  * shell_find_create_ptype.c
  */
-#include "private.h"
 
 #include <assert.h>
+
+#include "private.h"
+
+/*--------------------------------------------------------- */
+clish_ptype_t *clish_shell_find_ptype(clish_shell_t *this,
+	const char *name)
+{
+	return lub_bintree_find(&this->ptype_tree, name);
+}
+
 /*--------------------------------------------------------- */
 clish_ptype_t *clish_shell_find_create_ptype(clish_shell_t * this,
 	const char *name, const char *text, const char *pattern,

clish/shell/shell_tinyxml.cpp

@@ -118,6 +118,18 @@ static void process_view(clish_shell_t * shell, TiXmlElement * element, void *)
 	const char *prompt = element->Attribute("prompt");
 	const char *depth = element->Attribute("depth");
 	const char *restore = element->Attribute("restore");
+	const char *access = element->Attribute("access");
+	bool allowed = true;
+
+	/* Check permissions */
+	if (access) {
+		allowed = false;
+		if (shell->client_hooks->access_fn)
+			allowed = shell->client_hooks->access_fn(shell, access)
+				? true : false;
+	}
+	if (!allowed)
+		return;
 
 	// re-use a view if it already exists
 	view = clish_shell_find_create_view(shell, name, prompt);
@@ -200,13 +212,12 @@ process_command(clish_shell_t * shell, TiXmlElement * element, void *parent)
 	const char *interrupt = element->Attribute("interrupt");
 	const char *ref = element->Attribute("ref");
 
+	/* Check permissions */
 	if (access) {
-		allowed = false; // err on the side of caution
-		if (shell->client_hooks->access_fn) {
-			// get the client to authenticate
-			allowed = shell->client_hooks->access_fn(shell,
-				access) ? true : false;
-		}
+		allowed = false;
+		if (shell->client_hooks->access_fn)
+			allowed = shell->client_hooks->access_fn(shell, access)
+				? true : false;
 	}
 	if (!allowed)
 		return;
@@ -260,11 +271,7 @@ process_command(clish_shell_t * shell, TiXmlElement * element, void *parent)
 		clish_ptype_t *tmp = NULL;
 
 		assert(args_help);
-		tmp = clish_shell_find_create_ptype(shell,
-			"internal_ARGS",
-			"Arguments", "[^\\]+",
-			CLISH_PTYPE_REGEXP,
-			CLISH_PTYPE_NONE);
+		tmp = clish_shell_find_ptype(shell, "internal_ARGS");
 		assert(tmp);
 		param = clish_param_new(args_name, args_help, tmp);
 		clish_command__set_args(cmd, param);
@@ -522,6 +529,17 @@ process_namespace(clish_shell_t * shell, TiXmlElement * element, void *parent)
 	const char *completion = element->Attribute("completion");
 	const char *context_help = element->Attribute("context_help");
 	const char *inherit = element->Attribute("inherit");
+	const char *access = element->Attribute("access");
+	bool allowed = true;
+
+	if (access) {
+		allowed = false;
+		if (shell->client_hooks->access_fn)
+			allowed = shell->client_hooks->access_fn(shell, access)
+				? true : false;
+	}
+	if (!allowed)
+		return;
 
 	assert(view);
 	clish_view_t *ref_view = clish_shell_find_create_view(shell,
@@ -687,7 +705,9 @@ int clish_shell_xml_read(clish_shell_t * shell, const char *filename)
 		}
 		ret = 0;
 	} else {
-		printf("Unable to open %s\n", filename);
+		printf("Unable to open %s (%s at line %d, col %d)\n",
+		        filename, doc.ErrorDesc(),
+		        doc.ErrorRow(), doc.ErrorCol());
 	}
 	return ret;
 }