317 lines
6.0 KiB
C++
Executable File
317 lines
6.0 KiB
C++
Executable File
/*
|
|
* This file is a part of Winix
|
|
* and is not publicly distributed
|
|
*
|
|
* Copyright (c) 2010, Tomasz Sowa
|
|
* All rights reserved.
|
|
*
|
|
*/
|
|
|
|
#include "privchanger.h"
|
|
|
|
|
|
void PrivChanger::SetRequest(Request * prequest)
|
|
{
|
|
request = prequest;
|
|
}
|
|
|
|
|
|
void PrivChanger::SetSystem(System * psystem)
|
|
{
|
|
system = psystem;
|
|
}
|
|
|
|
void PrivChanger::SetDb(Db * pdb)
|
|
{
|
|
db = pdb;
|
|
}
|
|
|
|
|
|
bool PrivChanger::CheckAccess()
|
|
{
|
|
// we do not check permissions here
|
|
// permissions depends on the user, group, and privileges
|
|
// but we cannot use parameter 'r' on files
|
|
// and only logged users can change permissions
|
|
|
|
if( !request->session->puser || (request->is_item && request->IsParam("r")) )
|
|
{
|
|
request->status = WINIX_ERR_PERMISSION_DENIED;
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
|
|
|
|
bool PrivChanger::ChangeOwner(Item & item, long user_id, long group_id)
|
|
{
|
|
if( user_id!=item.user_id || group_id!=item.group_id )
|
|
{
|
|
if( !system->CanChangeUser(item, user_id) )
|
|
{
|
|
log << log3 << "Content: can't change the user" << logend;
|
|
return false;
|
|
}
|
|
|
|
if( !system->CanChangeGroup(item, group_id) )
|
|
{
|
|
log << log3 << "Content: can't change the group" << logend;
|
|
return false;
|
|
}
|
|
}
|
|
|
|
item.user_id = user_id;
|
|
item.group_id = group_id;
|
|
|
|
return true;
|
|
}
|
|
|
|
|
|
|
|
bool PrivChanger::ChangePrivileges(Item & item, int privileges)
|
|
{
|
|
if( privileges != item.privileges )
|
|
{
|
|
if( !system->CanChangePrivileges(item, privileges) )
|
|
{
|
|
log << log3 << "Content: can't change privileges" << logend;
|
|
return false;
|
|
}
|
|
}
|
|
|
|
item.privileges = privileges;
|
|
|
|
return true;
|
|
}
|
|
|
|
|
|
|
|
void PrivChanger::ChangePriv(Item & item, long user_id, long group_id, int privileges)
|
|
{
|
|
if( change_owner )
|
|
{
|
|
if( !ChangeOwner(item, user_id, group_id) )
|
|
return;
|
|
}
|
|
|
|
if( change_priv )
|
|
{
|
|
if( !ChangePrivileges(item, privileges) )
|
|
return;
|
|
}
|
|
|
|
request->status = db->EditPrivById(item, item.id);
|
|
}
|
|
|
|
|
|
|
|
void PrivChanger::PrivLogStart(const char * what, long user, long group, int priv)
|
|
{
|
|
log << log2 << what;
|
|
|
|
if( change_owner )
|
|
{
|
|
User * puser = system->users.GetUser(user);
|
|
Group * pgroup = system->groups.GetGroup(group);
|
|
|
|
log << "new user: ";
|
|
|
|
if( puser )
|
|
log << puser->name;
|
|
else
|
|
log << "id: " << user;
|
|
|
|
log << ", new group: ";
|
|
|
|
if( pgroup )
|
|
log << pgroup->name;
|
|
else
|
|
log << "id: " << group;
|
|
|
|
if( change_priv )
|
|
log << ", ";
|
|
}
|
|
|
|
if( change_priv )
|
|
{
|
|
char buf[30];
|
|
sprintf(buf, "0%o", priv);
|
|
log << "privileges: " << buf;
|
|
}
|
|
|
|
log << logend;
|
|
}
|
|
|
|
|
|
|
|
void PrivChanger::PrivLog(const char * what, long id, const std::string & url)
|
|
{
|
|
Item * root = 0;
|
|
|
|
if( id != -1 )
|
|
root = system->dirs.GetRootDir();
|
|
|
|
log << log3 << "Content: " << what;
|
|
|
|
if( root && root->id == id )
|
|
log << "(root)";
|
|
else
|
|
log << url;
|
|
|
|
log << logend;
|
|
}
|
|
|
|
|
|
void PrivChanger::PrivFilesInDir(long parent_id)
|
|
{
|
|
Db::ItemQuery iq;
|
|
|
|
iq.SetAll(false, false);
|
|
iq.sel_user_id = iq.sel_group_id = iq.sel_guest_name = iq.sel_privileges = true;
|
|
|
|
iq.WhereParentId(parent_id);
|
|
iq.WhereType(Item::file);
|
|
|
|
db->GetItems(request->item_tab, iq);
|
|
|
|
|
|
std::vector<Item>::iterator i = request->item_tab.begin();
|
|
|
|
for( ; i != request->item_tab.end() ; ++i)
|
|
{
|
|
PrivLog("changed file: ", -1, i->url);
|
|
ChangePriv(*i, user_id_file, group_id_file, priv_file);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
// recurrence
|
|
void PrivChanger::PrivDir(long parent_id)
|
|
{
|
|
PrivFilesInDir(parent_id);
|
|
|
|
|
|
DirContainer::ParentIterator i = system->dirs.FindFirstParent(parent_id);
|
|
|
|
for( ; i != system->dirs.ParentEnd() ; i = system->dirs.NextParent(i) )
|
|
{
|
|
PrivLog("changed dir: ", -1, i->second->url);
|
|
ChangePriv(*(i->second), user_id_dir, group_id_dir, priv_dir);
|
|
|
|
if( subdirectories )
|
|
PrivDir(i->second->id);
|
|
}
|
|
}
|
|
|
|
|
|
bool PrivChanger::ReadPriv(const char * user_in, const char * group_in, const char * priv_in,
|
|
long & user_id, long & group_id, int & priv)
|
|
{
|
|
std::string * user_str = request->PostVar(user_in);
|
|
std::string * group_str = request->PostVar(group_in);
|
|
std::string * priv_str = request->PostVar(priv_in);
|
|
|
|
if( change_owner && (!user_str || !group_str) )
|
|
{
|
|
log << log1 << "Content: PostFunPriv: there is no some post variables for changing the owner" << logend;
|
|
return false;
|
|
}
|
|
|
|
if( change_priv && !priv_str )
|
|
{
|
|
log << log1 << "Content: PostFunPriv: there is no some post variables for changing privileges" << logend;
|
|
return false;
|
|
}
|
|
|
|
if( change_owner )
|
|
{
|
|
user_id = system->users.GetUserId( *user_str );
|
|
group_id = system->groups.GetGroupId( *group_str );
|
|
}
|
|
|
|
if( change_priv )
|
|
priv = strtol( priv_str->c_str() , 0, 8);
|
|
|
|
return true;
|
|
}
|
|
|
|
|
|
void PrivChanger::PrivDir()
|
|
{
|
|
if( !ReadPriv("userfile", "groupfile", "privilegesfile", user_id_file, group_id_file, priv_file) )
|
|
return;
|
|
|
|
if( !ReadPriv("userdir", "groupdir", "privilegesdir", user_id_dir, group_id_dir, priv_dir) )
|
|
return;
|
|
|
|
PrivLogStart("Content: changes for files: ", user_id_file, group_id_file, priv_file);
|
|
PrivLogStart("Content: changes for dirs: ", user_id_dir, group_id_dir, priv_dir);
|
|
|
|
|
|
if( request->IsPostVar("changecurrentdir") )
|
|
{
|
|
Item & last_dir = *request->dir_tab.back();
|
|
PrivLog("changed dir: ", last_dir.id, last_dir.url);
|
|
ChangePriv(*request->dir_tab.back(), user_id_dir, group_id_dir, priv_dir);
|
|
}
|
|
|
|
|
|
subdirectories = request->IsPostVar("changesubdirs");
|
|
|
|
// go through all directories
|
|
PrivDir(request->dir_tab.back()->id);
|
|
|
|
system->RedirectToLastDir();
|
|
}
|
|
|
|
|
|
|
|
// changing only one item (either a dir or file)
|
|
void PrivChanger::PrivOneItem()
|
|
{
|
|
if( !ReadPriv("user", "group", "privileges", user_id_file, group_id_file, priv_file) )
|
|
return;
|
|
|
|
PrivLogStart("Content: changes: ", user_id_file, group_id_file, priv_file);
|
|
|
|
if( request->is_item )
|
|
{
|
|
ChangePriv(request->item, user_id_file, group_id_file, priv_file);
|
|
system->RedirectTo(request->item);
|
|
}
|
|
else
|
|
{
|
|
ChangePriv(*request->dir_tab.back(), user_id_file, group_id_file, priv_file);
|
|
system->RedirectToLastDir();
|
|
}
|
|
}
|
|
|
|
|
|
|
|
void PrivChanger::Change(bool change_owner_, bool change_priv_)
|
|
{
|
|
if( !CheckAccess() )
|
|
return;
|
|
|
|
change_owner = change_owner_;
|
|
change_priv = change_priv_;
|
|
|
|
if( request->IsParam("r") )
|
|
{
|
|
PrivDir();
|
|
}
|
|
else
|
|
{
|
|
PrivOneItem();
|
|
}
|
|
|
|
system->dirs.CheckRootDir();
|
|
}
|
|
|
|
|
|
|
|
|