Startseite Erkunden Hilfe
Anmelden
pkun
/
klish
1
0
Fork 1
Dateien Issues 0 Pull-Requests 0
Quellcode durchsuchen

access hook must return 0 on success

Serj Kalichev vor 9 Jahren
Ursprung
4c860a741f
Commit
eccc30b0fb
2 geänderte Dateien mit 12 neuen und 6 gelöschten Zeilen
Geteilte Ansicht Diff-Statistik anzeigen
  1. 4 2
      clish/shell/shell_startup.c
  2. 8 4
      plugins/clish/hook_access.c

+ 4 - 2
clish/shell/shell_startup.c
Datei anzeigen 

@@ -98,7 +98,7 @@ int clish_shell_prepare(clish_shell_t *this)
 
 		view; view = lub_bintree_iterator_next(&view_iter)) {
 
 		/* Check access rights for the VIEW */
 
 		if (access_fn && clish_view__get_access(view) &&
 
-			(access_fn(this, clish_view__get_access(view)) < 0)) {
 
+			access_fn(this, clish_view__get_access(view))) {
 
 			lub_bintree_remove(view_tree, view);
 
 			clish_view_delete(view);
 
 			continue;
 
@@ -126,7 +126,9 @@ int clish_shell_prepare(clish_shell_t *this)
 
 			clish_nspace__set_view(nspace, ref_view);
 
 			/* Check access rights for the NAMESPACE */
 
 			if (access_fn && clish_nspace__get_access(nspace) &&
 
-				(access_fn(this, clish_nspace__get_access(nspace)) < 0)) {
 
+				access_fn(this, clish_nspace__get_access(nspace))) {
 
+				fprintf(stderr, "Warning: Access denied. Remove NAMESPACE %s from %s VIEW\n",
 
+					clish_nspace__get_view_name(nspace), clish_view__get_name(view));
 
 				lub_list_del(nspace_tree, old_nspace_iter);
 
 				lub_list_node_free(old_nspace_iter);
 
 				clish_nspace_delete(nspace);

+ 8 - 4
plugins/clish/hook_access.c
Datei anzeigen 

@@ -25,9 +25,13 @@
 
 #include "clish/shell.h"
 
 
 /*--------------------------------------------------------- */
 
+/* Return values:
 
+ *    0 - access granted
 
+ *    !=0 - access denied
 
+ */
 
 CLISH_HOOK_ACCESS(clish_hook_access)
 
 {
 
-	bool_t allowed = BOOL_FALSE; /* assume the user is not allowed */
 
+	bool_t allowed = -1; /* assume the user is not allowed */
 
 #ifdef HAVE_GRP_H
 
 	int num_groups;
 
 	long ngroups_max;
 
@@ -52,7 +56,7 @@ CLISH_HOOK_ACCESS(clish_hook_access)
 
 		tmp_access; tmp_access = strtok_r(NULL, ":", &saveptr)) {
 
 		/* Check for the "*" wildcard */
 
 		if (0 == strcmp("*", tmp_access)) {
 
-			allowed = BOOL_TRUE;
 
+			allowed = 0;
 
 			break;
 
 		}
 
 		/* The internal loop goes trough the system group list */
 
@@ -62,13 +66,13 @@ CLISH_HOOK_ACCESS(clish_hook_access)
 
 				continue;
 
 			if (0 == strcmp(ptr->gr_name, tmp_access)) {
 
 				/* The current user is permitted to use this command */
 
-				allowed = BOOL_TRUE;
 
+				allowed = 0;
 
 				free(ptr);
 
 				break;
 
 			}
 
 			free(ptr);
 
 		}
 
-		if (BOOL_TRUE == allowed)
 
+		if (!allowed)
 
 			break;
 
 	}