]> andersk Git - moira.git/commitdiff
andersk / moira.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e45a151)
have access_list make sure people can't change their group IDs
authormar <mar>
Thu, 11 Aug 1988 22:45:36 +0000 (22:45 +0000)
committermar <mar>
Thu, 11 Aug 1988 22:45:36 +0000 (22:45 +0000)
server/qsupport.qc patch | blob | blame | history

diff --git a/server/qsupport.qc b/server/qsupport.qc
index 3b7bbe9973e9470c826dfa1983e66742f125cb73..c4171938b31fdc304be29a1d127fdd0488aafd77 100644 (file)
--- a/server/qsupport.qc
+++ b/server/qsupport.qc
@@ -69,7 +69,8 @@ access_login(q, argv, cl)
  * Inputs: argv[0] - list_id
  *         q - query name
  *         argv[2] - member ID (only for queries "amtl" and  "dmfl")
- *         cl - client name
+ *         argv[7] - group IID (only for query "ulis")
+ *          cl - client name
  *
  * - check that client is a member of the access control list
  * - OR, if the query is add_member_to_list or delete_member_from_list
@@ -81,14 +82,14 @@ access_list(q, argv, cl)
     char *argv[];
     client *cl;
 ##{
-##  int list_id, acl_id, flags, rowcount;
+##  int list_id, acl_id, flags, rowcount, gid;
 ##  char acl_type[9];
     char *client_type;
     int client_id, status;
 
     list_id = *(int *)argv[0];
 ##  repeat retrieve (acl_id = list.#acl_id, acl_type = list.#acl_type,
-##                  flags = list.#public) 
+##                  gid = list.#gid, flags = list.#public) 
 ##        where list.#list_id = @list_id
 ##  inquire_equel(rowcount = "rowcount")
     if (rowcount != 1)
@@ -102,6 +103,11 @@ access_list(q, argv, cl)
     if ((!strcmp("amtl", q->shortname) || !strcmp("dmfl", q->shortname)) &&
        (flags && !strcmp("USER", argv[1]))) {
        if (*(int *)argv[2] == client_id) return(SMS_SUCCESS);
+    /* if update_list, don't allow them to change the GID */
+    } else if (!strcmp("ulis", q->shortname)) {
+       if ((!strcmp(argv[7], UNIQUE_GID) && (gid != -1)) ||
+           (strcmp(argv[7], UNIQUE_GID) && (gid != atoi(argv[7]))))
+         return(SMS_PERM);
     }
 
     /* check for client in access control list */
@@ -206,7 +212,7 @@ access_member(q, argv, cl)
       return(access_visible_list(q, &argv[1], cl));
 
     if (!strcmp(argv[0], "USER") || !strcmp(argv[0], "RUSER")) {
-       if (!strcmp(cl->kname.name, argv[1]))
+       if (cl->users_id == *(int *)argv[1])
          return(SMS_SUCCESS);
     }
 
Moira, the Athena Service Management system
This page took 1.923206 seconds and 5 git commands to generate.