Back to index

nordugrid-arc-nox  1.1.0~rc6
gacl.cpp
Go to the documentation of this file.
00001 #include <string>
00002 
00003 #include "gacl.h"
00004 
00005 
00006 static bool match_entity(Arc::XMLNode entity,Arc::XMLNode bag) {
00007   if(entity.Size() == 0) {
00008     std::string entity_content = entity;
00009     Arc::XMLNode be = bag[entity.Name()];
00010     for(;(bool)be;be=be[1]) {
00011       if(((std::string)be) == entity_content) return true;
00012     };
00013     return false;
00014   };
00015   Arc::XMLNode be = bag[entity.Name()];
00016   for(;(bool)be;be=be[1]) {
00017     bool passed = false;
00018     for(int n = 0;;++n) {
00019       Arc::XMLNode se = entity.Child(n);
00020       if(!se) { passed=true; break; };
00021       if(!match_entity(se,be)) break;
00022     };
00023     if(passed) return true;
00024   };
00025   return false;
00026 }
00027 
00028 int GACLEvaluate(Arc::XMLNode gacl,Arc::XMLNode subject) {
00029   if(!MatchXMLName(gacl,"gacl")) return GACL_PERM_NONE;
00030   int perm_allow = GACL_PERM_NONE;
00031   int perm_deny = GACL_PERM_NONE;
00032   Arc::XMLNode entry = gacl["entry"];
00033   for(;(bool)entry;entry=entry[1]) {
00034     if(match_entity(entry,subject)) {
00035       Arc::XMLNode allow = entry["allow"];
00036       if(allow) {
00037         if(allow["read"])  perm_allow=GACL_PERM_READ;
00038         if(allow["list"])  perm_allow=GACL_PERM_LIST;
00039         if(allow["write"]) perm_allow=GACL_PERM_WRITE;
00040         if(allow["admin"]) perm_allow=GACL_PERM_ADMIN;
00041       };
00042       Arc::XMLNode deny = entry["deny"];
00043       if(deny) {
00044         if(deny["read"])  perm_deny=GACL_PERM_READ;
00045         if(deny["list"])  perm_deny=GACL_PERM_LIST;
00046         if(deny["write"]) perm_deny=GACL_PERM_WRITE;
00047         if(deny["admin"]) perm_deny=GACL_PERM_ADMIN;
00048       };
00049     };
00050   };
00051   return perm_allow & (~perm_deny);
00052 }
00053     
00054