diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-21 00:27:09 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-21 00:27:09 +0200 |
| commit | fb2e02fdcbc30ecf05601c127eb31239b3419f85 (patch) | |
| tree | 3a07b585d34eaff2743b8286a3cadf451ae71d2b /database | |
| parent | c3b6b7fb50259997bccb116eb4d6c6e290326eae (diff) | |
| download | eurephia-fb2e02fdcbc30ecf05601c127eb31239b3419f85.tar.gz eurephia-fb2e02fdcbc30ecf05601c127eb31239b3419f85.tar.xz eurephia-fb2e02fdcbc30ecf05601c127eb31239b3419f85.zip | |
Unified eDBadminGetAdminAccess() and eDBadminEditAdminAccess() into eDBadminAccessLevel()
Diffstat (limited to 'database')
| -rw-r--r-- | database/eurephiadb.c | 3 | ||||
| -rw-r--r-- | database/eurephiadb_driver.h | 61 | ||||
| -rw-r--r-- | database/sqlite/administration.c | 64 | ||||
| -rw-r--r-- | database/sqlite/administration/useraccount.c | 101 |
4 files changed, 116 insertions, 113 deletions
diff --git a/database/eurephiadb.c b/database/eurephiadb.c index 8109675..e01b4f1 100644 --- a/database/eurephiadb.c +++ b/database/eurephiadb.c @@ -127,8 +127,7 @@ int eDBlink_init(eurephiaCTX *ctx, const char *dbdriver, const int minver) eDBadminUserCertsLink = eGetSym(ctx, ctx->eurephia_driver, "eDBadminUserCertsLink"); - eDBadminGetAdminAccess = eGetSym(ctx, ctx->eurephia_driver, "eDBadminGetAdminAccess"); - eDBadminEditAdminAccess = eGetSym(ctx, ctx->eurephia_driver, "eDBadminEditAdminAccess"); + eDBadminAccessLevel = eGetSym(ctx, ctx->eurephia_driver, "eDBadminAccessLevel"); eDBadminFirewallProfiles = eGetSym(ctx, ctx->eurephia_driver, "eDBadminFirewallProfiles"); diff --git a/database/eurephiadb_driver.h b/database/eurephiadb_driver.h index 2976a41..57b51e0 100644 --- a/database/eurephiadb_driver.h +++ b/database/eurephiadb_driver.h @@ -693,57 +693,50 @@ xmlDoc *(*eDBadminUserCertsLink) (eurephiaCTX *ctx, xmlDoc *usrcrt_xml); /** - * Retrieve a list over all users granted access to the administration utilities + * List, grant or revoke access to the administration utilities * * @version API version level 2 * @param ctx eurephiaCTX - * @param srch_xml XML document specifying the search query. - * - * Search XML document skeleton: - * @code - * <eurephia format="1"> - * <admin_access> - * <fieldMapping table="eurephia_adminaccess"> - * <{search field}>{search value}</{search field}> - * </fieldMapping> - * </admin_access> - * </eurephia> - * @endcode - * Valid field names are: uid, interface, access - * It can be several search field tags to narrow the search even more. - * - * @return Returns a valid XML document with the result on success, otherwise NULL. - * @see eurephiaXML_CreateDoc(), eurephiaXML_getRoot() - */ -xmlDoc *(*eDBadminGetAdminAccess) (eurephiaCTX *ctx, xmlDoc *srch_xml); - - -/** - * Add or delete access to the administration utilities - * - * @version API version level 2 - * @param ctx eurephiaCTX - * @param grant_xml XML document with the operation and information. + * @param qryxml XML document with the operation and information. * * XML format skeleton for grant_xml * @code * <eurephia format="1"> - * <edit_admin_access mode="{grant|revoke}"> + * <admin_access mode="{list|grant|revoke}"> * <fieldMapping table="eurephia_adminaccess"> * <uid>{user id}</uid> * <interface>{C|W}</uid> * <accesslevel>{access level string}</accesslevel> * </fieldMapping> - * </edit_admin_access> + * </admin_access> * </eurephia> * @endcode - * To grant access, all fields are needed. For bulk revokes, some fields can be skipped. + * To grant or revoke access, all fields are needed. For list mode, any given fields will narrow + * the database query. If no fields are given to list mode, all registered records will be returned. * The interface tag can have two valid values, C for console interface and W for web interface. * - * @return Returns 1 on success, otherwise 0 or -1 - * @see eurephiaXML_CreateDoc() + * XML format used for list mode: + * @code + * <eurephia format="1"> + * <admin_access_list> + * <user_access> + * <username uid="{uid}">{username}</username> + * <access_levels> + * <access interface="{interface}">{access level string}</access> + * ... (more access tags) + * ... + * </access_levels> + * </user_access> + * ... (another user_access tag) + * </admin_access_list> + * </eurephia> + * @endcode + * + * @return Returns a valid eurephia XML document with the result of success or failure. + * On fatal errors NULL is returned. + * @see eurephiaXML_CreateDoc(), eurephiaXML_getRoot() */ -int (*eDBadminEditAdminAccess) (eurephiaCTX *ctx, xmlDoc *grant_xml); +xmlDoc *(*eDBadminAccessLevel) (eurephiaCTX *ctx, xmlDoc *qryxml); /** diff --git a/database/sqlite/administration.c b/database/sqlite/administration.c index 73a3bdc..04dbe6e 100644 --- a/database/sqlite/administration.c +++ b/database/sqlite/administration.c @@ -63,9 +63,6 @@ #include "sqlite.h" -#define FMAP_ADMINACCESS /**< fieldmapping.h: Include declaration of tbl_sqlite_eurephiaadmacc */ -#include "fieldmapping.h" - #if (DRIVERAPIVERSION > 1) || defined(DOXYGEN) /* * API Version 2 functions @@ -384,65 +381,4 @@ int eDBadminLogout(eurephiaCTX *ctx, const char *sessionkey) { return 1; } - - -/** - * @copydoc eDBadminEditAdminAccess() - */ -int eDBadminEditAdminAccess(eurephiaCTX *ctx, xmlDoc *grant_xml) { - dbresult *res = NULL; - xmlNode *grant_n = NULL, *fmap_n = NULL; - eDBfieldMap *grant_m = NULL; - char *mode = NULL; - int rc = 0; - - DEBUG(ctx, 20, "Function call: eDBadminEditAdminAccess(ctx, xmlDoc)"); - assert( (ctx != NULL) && (grant_xml != NULL) ); - - if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) { - eurephia_log(ctx, LOG_CRITICAL, 0, - "eurephia admin function call attempted with wrong context type"); - return 0; - } - - grant_n = eurephiaXML_getRoot(ctx, grant_xml, "edit_admin_access", 1); - if( grant_n == NULL ) { - eurephia_log(ctx, LOG_ERROR, 0, "Could not find a valid XML for the user-certs link request"); - return 0; - } - mode = xmlGetAttrValue(grant_n->properties, "mode"); - if( mode == NULL ) { - eurephia_log(ctx, LOG_ERROR, 0, "Invalid edit admin access request (1)."); - return 0; - } - - fmap_n = xmlFindNode(grant_n, "fieldMapping"); - if( fmap_n == NULL ) { - eurephia_log(ctx, LOG_ERROR, 0, "Invalid edit admin access request (2)."); - return 0; - } - - grant_m = eDBxmlMapping(ctx, tbl_sqlite_eurephiaadmacc, NULL, fmap_n); - assert(grant_m != NULL); - - if( strcmp(mode, "grant") == 0 ) { - res = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO eurephia_adminaccess", - grant_m, NULL, NULL); - rc = res->last_insert_id; - } else if( strcmp(mode, "revoke") == 0 ) { - res = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM eurephia_adminaccess", - NULL, grant_m, NULL); - rc = 1; - } - - if( res == NULL ) { - eurephia_log(ctx, LOG_ERROR, 0, "Failed to update admin access"); - rc = -1; - } else { - sqlite_free_results(res); - } - eDBfreeMapping(grant_m); - - return rc; -} #endif diff --git a/database/sqlite/administration/useraccount.c b/database/sqlite/administration/useraccount.c index e867615..e7d1da7 100644 --- a/database/sqlite/administration/useraccount.c +++ b/database/sqlite/administration/useraccount.c @@ -556,18 +556,23 @@ int eDBadminDeleteUser(eurephiaCTX *ctx, const int uid, xmlDoc *userinfo) { /** - * @copydoc eDBadminGetAdminAccess() + * Internal function. Retrieves all administrator access levels granted. + * + * @param ctx eurephiaCTX + * @param fmap eDBfieldMap with field values to narrow the SQL query + * + * @return Returns an eurephia XML document on success or with a failure message. NULL is returned + * on fatal errors. */ -xmlDoc *eDBadminGetAdminAccess(eurephiaCTX *ctx, xmlDoc *srch_xml) { +xmlDoc *adminacclvl_Get(eurephiaCTX *ctx, eDBfieldMap *fmap) { dbresult *res = NULL; - eDBfieldMap *fmap = NULL; int last_uid = -1, i = 0; xmlDoc *doc = NULL; - xmlNode *root_n = NULL, *fieldmap_n = NULL, *rec_n = NULL, *acl_n = NULL, *tmp_n; + xmlNode *root_n = NULL, *rec_n = NULL, *acl_n = NULL, *tmp_n; - DEBUG(ctx, 20, "Function call: eDBadminGetAdminAccess(ctx, {xmlDoc})"); - assert( (ctx != NULL) && (srch_xml != NULL) ); + DEBUG(ctx, 21, "Function call: adminacclvl_Get(ctx, {fieldMapping})"); + assert( (ctx != NULL) && (fmap != NULL) ); if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) { eurephia_log(ctx, LOG_CRITICAL, 0, @@ -575,10 +580,6 @@ xmlDoc *eDBadminGetAdminAccess(eurephiaCTX *ctx, xmlDoc *srch_xml) { return 0; } - tmp_n = eurephiaXML_getRoot(ctx, srch_xml, "admin_access", 1); - fieldmap_n = xmlFindNode(tmp_n, "fieldMapping"); - fmap = eDBxmlMapping(ctx, tbl_sqlite_eurephiaadmacc, "eac", fieldmap_n); - // Query the database, find the user defined in the user map res = sqlite_query_mapped(ctx, SQL_SELECT, "SELECT eac.uid, username, interface, access" @@ -587,12 +588,11 @@ xmlDoc *eDBadminGetAdminAccess(eurephiaCTX *ctx, xmlDoc *srch_xml) { NULL, fmap, "uid, interface, access"); if( res == NULL ) { eurephia_log(ctx, LOG_ERROR, 0, "Error querying the database for a access levels"); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, + "Error querying the database for a access levels"); } - eDBfreeMapping(fmap); eurephiaXML_CreateDoc(ctx, 1, "admin_access_list", &doc, &root_n); - for( i = 0; i < sqlite_get_numtuples(res); i++ ) { if( last_uid != atoi_nullsafe(sqlite_get_value(res, i, 0)) ) { // Create a new block element when we get a new uid @@ -612,3 +612,78 @@ xmlDoc *eDBadminGetAdminAccess(eurephiaCTX *ctx, xmlDoc *srch_xml) { sqlite_free_results(res); return doc; } + +/** + * @copydoc eDBadminAccessLevel() + */ +xmlDoc *eDBadminAccessLevel(eurephiaCTX *ctx, xmlDoc *qryxml) { + dbresult *sqlres = NULL; + xmlDoc *res_d = NULL; + xmlNode *qry_n = NULL, *fmap_n = NULL; + eDBfieldMap *fmap_m = NULL; + char *mode = NULL; + + DEBUG(ctx, 20, "Function call: eDBadminAccessLevel(ctx, xmlDoc)"); + assert( (ctx != NULL) && (qryxml != NULL) ); + + if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) { + eurephia_log(ctx, LOG_CRITICAL, 0, + "eurephia admin function call attempted with wrong context type"); + return 0; + } + + qry_n = eurephiaXML_getRoot(ctx, qryxml, "admin_access", 1); + if( qry_n == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Could not find a valid XML for the user-certs link request"); + return 0; + } + mode = xmlGetAttrValue(qry_n->properties, "mode"); + if( mode == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Invalid edit admin access request (1)."); + return 0; + } + + fmap_n = xmlFindNode(qry_n, "fieldMapping"); + if( fmap_n == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Invalid edit admin access request (2)."); + return 0; + } + + fmap_m = eDBxmlMapping(ctx, tbl_sqlite_eurephiaadmacc, NULL, fmap_n); + assert(fmap_m != NULL); + + if( strcmp(mode, "grant") == 0 ) { + sqlres = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO eurephia_adminaccess", + fmap_m, NULL, NULL); + if( sqlres && (sqlite_get_affected_rows(sqlres) > 0) ) { + res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, + "Access level %s (%s) was granted to uid %s", + eDBmappingGetValue(fmap_m, FIELD_ACCESSLVL), + eDBmappingGetValue(fmap_m, FIELD_INTERFACE), + eDBmappingGetValue(fmap_m, FIELD_UID)); + } + } else if( strcmp(mode, "revoke") == 0 ) { + sqlres = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM eurephia_adminaccess", + NULL, fmap_m, NULL); + if( sqlres && (sqlite_get_affected_rows(sqlres) > 0) ) { + res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, + "Access level %s (%s) was revoked from uid %s", + eDBmappingGetValue(fmap_m, FIELD_ACCESSLVL), + eDBmappingGetValue(fmap_m, FIELD_INTERFACE), + eDBmappingGetValue(fmap_m, FIELD_UID)); + } + } else if( strcmp(mode, "list") == 0 ) { + res_d = adminacclvl_Get(ctx, fmap_m); + } + + if( res_d == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Failed to update admin access"); + res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, "Failed to complete %s operation", mode); + } + if( sqlres ) { + sqlite_free_results(sqlres); + } + eDBfreeMapping(fmap_m); + + return res_d; +} |