Revision 84f874bf src/acl/AclRule.cc

View differences:

src/acl/AclRule.cc
27 27
/* -------------------------------------------------------------------------- */
28 28
/* -------------------------------------------------------------------------- */
29 29

  
30
bool AclRule::malformed(string& error_str) const
31
{
32
    ostringstream oss;
33
    bool error = false;
34

  
35
    // Check user
36

  
37
    if ( (user & INDIVIDUAL_ID) != 0 && (user & GROUP_ID) != 0 )
38
    {
39
        error = true;
40
        oss << "[user] INDIVIDUAL (#) and GROUP (@) bits are exclusive";
41
    }
42

  
43
    if ( (user & INDIVIDUAL_ID) != 0 && (user & ALL_ID) != 0 )
44
    {
45
        if ( error )
46
        {
47
            oss << "; ";
48
        }
49

  
50
        error = true;
51
        oss << "[user] INDIVIDUAL (#) and ALL (*) bits are exclusive";
52
    }
53

  
54
    if ( (user & GROUP_ID) != 0 && (user & ALL_ID) != 0 )
55
    {
56
        if ( error )
57
        {
58
            oss << "; ";
59
        }
60

  
61
        error = true;
62
        oss << "[user] GROUP (@) and ALL (*) bits are exclusive";
63
    }
64

  
65
    if ( user_id() < 0 )
66
    {
67
        if ( error )
68
        {
69
            oss << "; ";
70
        }
71

  
72
        error = true;
73
        oss << "[user] ID cannot be negative";
74
    }
75

  
76
    if ( (user & ALL_ID) != 0 && user_id() != 0 )
77
    {
78
        if ( error )
79
        {
80
            oss << "; ";
81
        }
82

  
83
        error = true;
84
        oss << "when using the ALL bit, [user] ID must be 0";
85
    }
86

  
87
    // Check resource
88

  
89
    if ( (resource & INDIVIDUAL_ID) != 0 && (resource & GROUP_ID) != 0 )
90
    {
91
        if ( error )
92
        {
93
            oss << "; ";
94
        }
95

  
96
        error = true;
97
        oss << "[resource] INDIVIDUAL (#) and GROUP (@) bits are exclusive";
98
    }
99

  
100
    if ( (resource & INDIVIDUAL_ID) != 0 && (resource & ALL_ID) != 0 )
101
    {
102
        if ( error )
103
        {
104
            oss << "; ";
105
        }
106

  
107
        error = true;
108
        oss << "[resource] INDIVIDUAL (#) and ALL (*) bits are exclusive";
109
    }
110

  
111
    if ( (resource & GROUP_ID) != 0 && (resource & ALL_ID) != 0 )
112
    {
113
        if ( error )
114
        {
115
            oss << "; ";
116
        }
117

  
118
        error = true;
119
        oss << "[resource] GROUP (@) and ALL (*) bits are exclusive";
120
    }
121

  
122
    if ( resource_id() < 0 )
123
    {
124
        if ( error )
125
        {
126
            oss << "; ";
127
        }
128

  
129
        error = true;
130
        oss << "[resource] ID cannot be negative";
131
    }
132

  
133
    if ( (resource & ALL_ID) != 0 && resource_id() != 0 )
134
    {
135
        if ( error )
136
        {
137
            oss << "; ";
138
        }
139

  
140
        error = true;
141
        oss << "when using the ALL bit, [resource] ID must be 0";
142
    }
143

  
144
    if ( (resource & 0xFF000000000LL) == 0 )
145
    {
146
        if ( error )
147
        {
148
            oss << "; ";
149
        }
150

  
151
        error = true;
152
        oss << "[resource] type is missing";
153
    }
154

  
155
    if ( (resource & 0xFFFFF00000000000LL) != 0 )
156
    {
157
        if ( error )
158
        {
159
            oss << "; ";
160
        }
161

  
162
        error = true;
163
        oss << "wrong [resource] type";
164
    }
165

  
166
    if ( error )
167
    {
168
        error_str = oss.str();
169
    }
170

  
171
    return error;
172
}
173

  
174
/* -------------------------------------------------------------------------- */
175
/* -------------------------------------------------------------------------- */
176

  
30 177
void AclRule::build_str()
31 178
{
32 179
    ostringstream oss;
......
53 200
            AuthRequest::IMAGE,
54 201
            AuthRequest::USER,
55 202
            AuthRequest::TEMPLATE,
56
            AuthRequest::GROUP,
57
            AuthRequest::ACL
203
            AuthRequest::GROUP
58 204
    };
59 205

  
60 206
    bool prefix = false;
61 207

  
62
    for ( int i = 0; i < 8; i++ )
208
    for ( int i = 0; i < 7; i++ )
63 209
    {
64 210
        if ( (resource & objects[i]) != 0 )
65 211
        {

Also available in: Unified diff