extern char *whoami;
extern int dbms_errno, mr_errcode;
-EXEC SQL BEGIN DECLARE SECTION;
-extern char stmt_buf[];
-EXEC SQL END DECLARE SECTION;
-
EXEC SQL WHENEVER SQLERROR DO dbmserr();
if (!strcmp(q->shortname, "gual"))
{
EXEC SQL SELECT users_id INTO :id FROM users
- WHERE login LIKE :argv[0] AND users_id != 0;
+ WHERE login = :argv[0] AND users_id != 0;
}
else if (!strcmp(q->shortname, "gubl"))
{
EXEC SQL SELECT users_id INTO :id FROM users u
- WHERE u.login LIKE :argv[0] AND u.users_id != 0;
+ WHERE u.login = :argv[0] AND u.users_id != 0;
}
else if (!strcmp(q->shortname, "guau"))
{
* Inputs: argv[0] - list_id
* q - query name
* argv[2] - member ID (only for queries "amtl" and "dmfl")
- * argv[7] - group IID (only for query "ulis")
+ * argv[7] - group ID (only for query "ulis")
* cl - client name
*
* - check that client is a member of the access control list
{
EXEC SQL BEGIN DECLARE SECTION;
int list_id, acl_id, flags, gid, users_id;
- char acl_type[9], *newname;
+ char acl_type[LIST_ACL_TYPE_SIZE], name[LIST_NAME_SIZE], *newname;
EXEC SQL END DECLARE SECTION;
int status;
list_id = *(int *)argv[0];
- EXEC SQL SELECT acl_id, acl_type, gid, publicflg
- INTO :acl_id, :acl_type, :gid, :flags
+ EXEC SQL SELECT acl_id, acl_type, gid, publicflg, name
+ INTO :acl_id, :acl_type, :gid, :flags, :name
FROM list
WHERE list_id = :list_id;
newname = argv[1];
EXEC SQL SELECT users_id INTO :users_id FROM users
WHERE login = :newname;
- if ((sqlca.sqlcode != SQL_NO_MATCH) && (users_id != cl->users_id))
+ if ((sqlca.sqlcode != SQL_NO_MATCH) && strcmp(strtrim(name), newname) &&
+ (users_id != cl->users_id))
return MR_PERM;
}
{
EXEC SQL BEGIN DECLARE SECTION;
int list_id, acl_id, flags ;
- char acl_type[9];
+ char acl_type[LIST_ACL_TYPE_SIZE];
EXEC SQL END DECLARE SECTION;
int status;
{
EXEC SQL BEGIN DECLARE SECTION;
int acl_id, flags, rowcount;
- char acl_type[9], *listname;
+ char acl_type[LIST_ACL_TYPE_SIZE], *listname;
EXEC SQL END DECLARE SECTION;
int status;
{
EXEC SQL BEGIN DECLARE SECTION;
int acl_id;
- char *name, acl_type[9];
+ char *name, acl_type[LIST_ACL_TYPE_SIZE];
EXEC SQL END DECLARE SECTION;
int status;
char *c;
/* access_host - successful if owner of host, or subnet containing host
*/
-int host_access_level = 0; /* 1 for network, 2 for host */
-
int access_host(struct query *q, char *argv[], client *cl)
{
EXEC SQL BEGIN DECLARE SECTION;
int mid, sid, id;
- char mtype[9], stype[9];
+ char mtype[MACHINE_OWNER_TYPE_SIZE], stype[SUBNET_OWNER_TYPE_SIZE];
EXEC SQL END DECLARE SECTION;
int status;
+ if (q->type == RETRIEVE)
+ {
+ if (strcmp(argv[0], "*") || strcmp(argv[1], "*") ||
+ strcmp(argv[2], "*") || strcmp(argv[3], "*"))
+ return MR_SUCCESS;
+ else
+ return MR_PERM;
+ }
+
if (q->type == APPEND)
{
+ /* Non-query owner must set use to zero */
+ if (atoi(argv[6]) != 0)
+ return MR_PERM;
+
+ /* ... and start the hostname with a letter */
+ if (isdigit(argv[0][0]))
+ return MR_BAD_CHAR;
+
id = *(int *)argv[8];
EXEC SQL SELECT s.owner_type, s.owner_id
INTO :stype, :sid FROM subnet s
WHERE s.snet_id = :id;
mid = 0;
- }
- else if (q->type == RETRIEVE)
- {
- if (strcmp(argv[0], "*") || strcmp(argv[1], "*") ||
- strcmp(argv[2], "*") || strcmp(argv[3], "*"))
+
+ if (find_member(stype, sid, cl))
return MR_SUCCESS;
else
return MR_PERM;
}
- else
+ else /* q-type == UPDATE */
{
+ EXEC SQL BEGIN DECLARE SECTION;
+ int status, acomment, use, ocomment, snid;
+ char contact[MACHINE_CONTACT_SIZE], address[MACHINE_ADDRESS_SIZE];
+ char name[MACHINE_NAME_SIZE];
+ EXEC SQL END DECLARE SECTION;
+
id = *(int *)argv[0];
- EXEC SQL SELECT m.owner_type, m.owner_id, s.owner_type, s.owner_id
- INTO :mtype, :mid, :stype, :sid FROM machine m, subnet s
- WHERE m.mach_id = :id and s.snet_id = m.snet_id;
- }
- if (sqlca.sqlerrd[2] != 1)
- return MR_PERM;
+ EXEC SQL SELECT m.name, m.use, m.contact, m.status, m.address,
+ m.owner_type, m.owner_id, m.acomment, m.ocomment, m.snet_id,
+ s.owner_type, s.owner_id INTO :name, :use, :contact, :status,
+ :address, :mtype, :mid, :acomment, :ocomment, :snid, :stype, :sid
+ FROM machine m, subnet s
+ WHERE m.mach_id = :id AND s.snet_id = m.snet_id;
+ if (dbms_errno)
+ return mr_errcode;
+
+ /* non-query-owner cannot change use or ocomment */
+ if ((use != atoi(argv[7])) || (ocomment != *(int *)argv[14]))
+ return MR_PERM;
+
+ /* or rename to start with digit */
+ if (isdigit(argv[1][0]) && strcmp(strtrim(name), argv[1]))
+ return MR_BAD_CHAR;
+
+ if (!find_member(stype, sid, cl))
+ {
+ if (find_member(mtype, mid, cl))
+ {
+ /* host owner also cannot change contact, status, address,
+ owner, or acomment */
+ if (strcmp(argv[6], strtrim(contact)) ||
+ (status != atoi(argv[8])) ||
+ strcmp(argv[10], strtrim(address)) ||
+ strcmp(argv[11], strtrim(mtype)) ||
+ (mid != *(int *)argv[12]) || (acomment != *(int *)argv[13]))
+ return MR_PERM;
+ }
+ else
+ return MR_PERM;
+ }
+
+ /* If moving to a new subnet, make sure user is on acl there */
+ id = *(int *)argv[9];
+ if (id != snid)
+ {
+ EXEC SQL SELECT owner_type, owner_id INTO :stype, :sid
+ FROM subnet WHERE snet_id=:id;
+ if (!find_member(stype, sid, cl))
+ return MR_PERM;
+ }
- status = find_member(stype, sid, cl);
- if (status)
- {
- host_access_level = 1;
- return MR_SUCCESS;
- }
- status = find_member(mtype, mid, cl);
- if (status)
- {
- host_access_level = 2;
return MR_SUCCESS;
}
- else
- return MR_PERM;
}
{
EXEC SQL BEGIN DECLARE SECTION;
int cnt, id, mid, sid;
- char mtype[256], stype[256];
+ char mtype[MACHINE_OWNER_TYPE_SIZE], stype[SUBNET_OWNER_TYPE_SIZE];
EXEC SQL END DECLARE SECTION;
int status;
id = *(int *)argv[1];
+ if (q->type == APPEND && isdigit(argv[0][0]))
+ return MR_BAD_CHAR;
+
EXEC SQL SELECT count(name) INTO :cnt from hostalias WHERE mach_id = :id;
if (dbms_errno)
return mr_errcode;
andersk / moira.git / blobdiff