tomasz.sowa/winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

added: parameter 'r' to priv function

Browse Source 
all directories and files can be changed


git-svn-id: svn://ttmath.org/publicrep/winix/trunk@586 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
Tomasz Sowa
2010-02-16 00:37:00 +00:00
parent a276fb6b79
commit 4fe3d4339f
16 changed files with 347 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

220
content/priv.cpp
View File

@@ -14,82 +14,182 @@
#include "../core/data.h"
void Content::PostFunPriv(Item & item)
bool Content::PrivCheckAccess()
{
try
// we do not check permissions here
// permissions depends on the user, group, and privileges
// but we cannot use parameter 'r' on files
// and only logged users can change permissions
if( !request.session->puser || (request.is_item && request.IsParam("r")) )
{
std::string * user = request.PostVar("user");
std::string * group = request.PostVar("group");
std::string * priv = request.PostVar("privileges");
if( !user || !group || !priv )
{
log << log3 << "Content: PostFunPriv: there is no some post variables" << logend;
// some kind of error to report?
// !! wstawic nowy kod bledu i rzucic wyjatek jego (usunac powyzszy wpis log takze)
return;
}
long user_id = data.users.GetUserId( *user );
long group_id = data.groups.GetGroupId( *group );
int privileges = strtol( priv->c_str() , 0, 8);
if( user_id==item.user_id && group_id==item.group_id && privileges==item.privileges )
{
log << log3 << "Content: PostFunPriv: nothing to change" << logend;
throw Error(Error::ok);
}
if( !request.CanChangeUser(item, user_id) )
throw Error(Error::cant_change_user);
if( !request.CanChangeGroup(item, group_id) )
throw Error(Error::cant_change_group);
if( !request.CanChangePrivileges(item, privileges) )
throw Error(Error::cant_change_privileges);
item.user_id = user_id;
item.group_id = group_id;
item.privileges = privileges;
request.session->done = Done::privileged_item;
request.session->done_status = db.EditPrivById(item, item.id);
}
catch(const Error & e)
{
request.session->done_status = e;
request.status = Error::permission_denied;
return false;
}
if( request.session->done_status == Error::ok )
{
request.session->item = item;
request.session->done_timer = 2;
RedirectTo(item);
}
else
{
log << log1 << "Content: PostFunPriv: Error: " << static_cast<int>(request.session->done_status) << logend;
}
request.status = request.session->done_status;
return true;
}
void Content::FunPriv(Item & item, long user_id, long group_id, int privileges)
{
if( user_id==item.user_id && group_id==item.group_id && privileges==item.privileges )
return;
if( !request.CanChangeUser(item, user_id) )
{
log << log3 << "Content: can't change the user" << logend;
return;
}
if( !request.CanChangeGroup(item, group_id) )
{
log << log3 << "Content: can't change the group" << logend;
return;
}
if( !request.CanChangePrivileges(item, privileges) )
{
log << log3 << "Content: can't change privileges" << logend;
return;
}
item.user_id = user_id;
item.group_id = group_id;
item.privileges = privileges;
request.session->done_status = db.EditPrivById(item, item.id);
}
void Content::PrivLog(const char * what, const std::string & url, long user, long group, int priv)
{
log << log3 << "Content: "
<< what << url
<< ", user: " << user
<< ", group: " << group
<< ", priv: " << priv
<< logend;
}
void Content::PrivFilesInDir(long parent_id)
{
request.item_table.clear();
db.GetItems(request.item_table, parent_id, Item::file, false, false, true);
std::vector<Item>::iterator i = request.item_table.begin();
for( ; i != request.item_table.end() ; ++i)
{
PrivLog("changed file: ", i->url, user_id_file, group_id_file, priv_file);
FunPriv(*i, user_id_file, group_id_file, priv_file);
}
}
// recurrence
void Content::PrivDir(long parent_id)
{
PrivFilesInDir(parent_id);
DirContainer::ParentIterator i = data.dirs.FindFirstParent(parent_id);
for( ; i != data.dirs.ParentEnd() ; i = data.dirs.NextParent(i) )
{
PrivLog("changed dir: ", i->second->url, user_id_dir, group_id_dir, priv_dir);
FunPriv(*(i->second), user_id_dir, group_id_dir, priv_dir);
PrivDir(i->second->id);
}
}
bool Content::ReadPriv(const char * user_in, const char * group_in, const char * priv_in,
long & user_id, long & group_id, int & priv)
{
std::string * user_str = request.PostVar(user_in);
std::string * group_str = request.PostVar(group_in);
std::string * priv_str = request.PostVar(priv_in);
if( !user_str || !group_str || !priv_str )
{
log << log1 << "Content: PostFunPriv: there is no some post variables" << logend;
return false;
}
user_id = data.users.GetUserId( *user_str );
group_id = data.groups.GetGroupId( *group_str );
priv = strtol( priv_str->c_str() , 0, 8);
return true;
}
void Content::PrivDir()
{
if( !ReadPriv("userfile", "groupfile", "privilegesfile", user_id_file, group_id_file, priv_file) )
return;
if( !ReadPriv("userdir", "groupdir", "privilegesdir", user_id_dir, group_id_dir, priv_dir) )
return;
if( request.IsPostVar("changecurrentdir") )
{
PrivLog("changed dir: ", request.dir_table.back()->url, user_id_dir, group_id_dir, priv_dir);
FunPriv(*request.dir_table.back(), user_id_dir, group_id_dir, priv_dir);
}
// go through all directories (recurrence)
PrivDir(request.dir_table.back()->id);
RedirectToLastDir();
}
// changing only one item (either a dir or file)
void Content::PrivOneItem()
{
if( !ReadPriv("user", "group", "privileges", user_id_file, group_id_file, priv_file) )
return;
if( request.is_item )
{
FunPriv(request.item, user_id_file, group_id_file, priv_file);
RedirectTo(request.item);
}
else
{
FunPriv(*request.dir_table.back(), user_id_file, group_id_file, priv_file);
RedirectToLastDir();
}
}
void Content::PostFunPriv()
{
if( request.is_item )
PostFunPriv( request.item );
if( !PrivCheckAccess() )
return;
if( request.IsParam("r") )
{
PrivDir();
}
else
PostFunPriv( *request.dir_table.back() );
{
PrivOneItem();
}
}
void Content::FunPriv()
{
// we do not check permissions here
// permissions depends on the user, group, and privileges
PrivCheckAccess();
}