|
nfs-ganesha 1.4
|
00001 /* 00002 * vim:expandtab:shiftwidth=8:tabstop=8: 00003 */ 00004 00015 /* 00016 * Copyright CEA/DAM/DIF (2008) 00017 * contributeur : Philippe DENIEL philippe.deniel@cea.fr 00018 * Thomas LEIBOVICI thomas.leibovici@cea.fr 00019 * 00020 * 00021 * This program is free software; you can redistribute it and/or 00022 * modify it under the terms of the GNU Lesser General Public 00023 * License as published by the Free Software Foundation; either 00024 * version 3 of the License, or (at your option) any later version. 00025 * 00026 * This program is distributed in the hope that it will be useful, 00027 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00028 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00029 * Lesser General Public License for more details. 00030 * 00031 * You should have received a copy of the GNU Lesser General Public 00032 * License along with this library; if not, write to the Free Software 00033 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 00034 * 00035 * --------------------------------------- 00036 */ 00037 00038 #ifdef HAVE_CONFIG_H 00039 #include "config.h" 00040 #endif 00041 00042 #include "fsal.h" 00043 #include "fsal_internal.h" 00044 #include "fsal_convert.h" 00045 00078 fsal_status_t FSAL_test_access(fsal_op_context_t * p_context, /* IN */ 00079 fsal_accessflags_t access_type, /* IN */ 00080 fsal_attrib_list_t * object_attributes /* IN */ 00081 ) 00082 { 00083 fsal_accessflags_t missing_access; 00084 gid_t grp; 00085 int is_grp; 00086 unsigned int i; 00087 00088 /* sanity checks. */ 00089 00090 if(!object_attributes || !p_context) 00091 Return(ERR_FSAL_FAULT, 0, INDEX_FSAL_test_access); 00092 00093 /* If the FSAL_F_OK flag is set, returns ERR INVAL */ 00094 00095 if(access_type & FSAL_F_OK) 00096 Return(ERR_FSAL_INVAL, 0, INDEX_FSAL_test_access); 00097 00098 /* ----- here is a code sample for this function ---- */ 00099 00100 /* test root access */ 00101 00102 if(p_context->credential.user == 0) 00103 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00104 00105 /* unsatisfied permissions */ 00106 00107 missing_access = FSAL_MODE_MASK(access_type); /* only modes, no ACLs here */ 00108 00109 /* Test if file belongs to user. */ 00110 00111 if(p_context->credential.user == object_attributes->owner) 00112 { 00113 00114 if(object_attributes->mode & FSAL_MODE_RUSR) 00115 missing_access &= ~FSAL_R_OK; 00116 00117 if(object_attributes->mode & FSAL_MODE_WUSR) 00118 missing_access &= ~FSAL_W_OK; 00119 00120 if(object_attributes->mode & FSAL_MODE_XUSR) 00121 missing_access &= ~FSAL_X_OK; 00122 00123 if(missing_access == 0) 00124 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00125 else 00126 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_test_access); 00127 00128 } 00129 00130 /* Test if the file belongs to user's group. */ 00131 00132 is_grp = (p_context->credential.group == object_attributes->group); 00133 00134 if(!is_grp) 00135 { 00136 /* >> Test here if file belongs to user's alt groups << */ 00137 } 00138 00139 /* finally apply group rights */ 00140 00141 if(is_grp) 00142 { 00143 if(object_attributes->mode & FSAL_MODE_RGRP) 00144 missing_access &= ~FSAL_R_OK; 00145 00146 if(object_attributes->mode & FSAL_MODE_WGRP) 00147 missing_access &= ~FSAL_W_OK; 00148 00149 if(object_attributes->mode & FSAL_MODE_XGRP) 00150 missing_access &= ~FSAL_X_OK; 00151 00152 if(missing_access == 0) 00153 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00154 else 00155 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_test_access); 00156 00157 } 00158 00159 /* test other perms */ 00160 00161 if(object_attributes->mode & FSAL_MODE_ROTH) 00162 missing_access &= ~FSAL_R_OK; 00163 00164 if(object_attributes->mode & FSAL_MODE_WOTH) 00165 missing_access &= ~FSAL_W_OK; 00166 00167 if(object_attributes->mode & FSAL_MODE_XOTH) 00168 missing_access &= ~FSAL_X_OK; 00169 00172 if(missing_access == 0) 00173 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00174 else 00175 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_test_access); 00176 00177 } 00178 00203 fsal_status_t FSAL_setattr_access(fsal_op_context_t * p_context, /* IN */ 00204 fsal_attrib_list_t * candidate_attributes, /* IN */ 00205 fsal_attrib_list_t * object_attributes /* IN */ 00206 ) 00207 { 00208 Return(ERR_FSAL_NOTSUPP, 0, INDEX_FSAL_setattr_access); 00209 } /* FSAL_test_setattr_access */ 00210 00228 fsal_status_t FSAL_rename_access(fsal_op_context_t * pcontext, /* IN */ 00229 fsal_attrib_list_t * pattrsrc, /* IN */ 00230 fsal_attrib_list_t * pattrdest) /* IN */ 00231 { 00232 Return(ERR_FSAL_NOTSUPP, 0, INDEX_FSAL_rename_access); 00233 } /* FSAL_rename_access */ 00234 00249 fsal_status_t FSAL_create_access(fsal_op_context_t * pcontext, /* IN */ 00250 fsal_attrib_list_t * pattr) /* IN */ 00251 { 00252 fsal_status_t fsal_status; 00253 00254 fsal_status = FSAL_test_access(pcontext, FSAL_W_OK, pattr); 00255 if(FSAL_IS_ERROR(fsal_status)) 00256 Return(fsal_status.major, fsal_status.minor, INDEX_FSAL_create_access); 00257 00258 /* If this point is reached, then access is granted */ 00259 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_create_access); 00260 } /* FSAL_create_access */ 00261 00276 fsal_status_t FSAL_unlink_access(fsal_op_context_t * pcontext, /* IN */ 00277 fsal_attrib_list_t * pattr) /* IN */ 00278 { 00279 fsal_status_t fsal_status; 00280 00281 fsal_status = FSAL_test_access(pcontext, FSAL_W_OK, pattr); 00282 if(FSAL_IS_ERROR(fsal_status)) 00283 Return(fsal_status.major, fsal_status.minor, INDEX_FSAL_unlink_access); 00284 00285 /* If this point is reached, then access is granted */ 00286 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_unlink_access); 00287 00288 } /* FSAL_unlink_access */ 00289 00305 fsal_status_t FSAL_merge_attrs(fsal_attrib_list_t * pinit_attr, 00306 fsal_attrib_list_t * pnew_attr, 00307 fsal_attrib_list_t * presult_attr) 00308 { 00309 if(pinit_attr == NULL || pnew_attr == NULL || presult_attr == NULL) 00310 Return(ERR_FSAL_INVAL, 0, INDEX_FSAL_merge_attrs); 00311 00312 /* The basis for the result attr is the fist argument */ 00313 *presult_attr = *pinit_attr; 00314 00315 /* Now deal with the attributes to be merged in this set of attributes */ 00316 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_MODE)) 00317 presult_attr->mode = pnew_attr->mode; 00318 00319 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_OWNER)) 00320 presult_attr->owner = pnew_attr->owner; 00321 00322 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_GROUP)) 00323 presult_attr->group = pnew_attr->group; 00324 00325 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_SIZE)) 00326 presult_attr->filesize = pnew_attr->filesize; 00327 00328 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_SPACEUSED)) 00329 presult_attr->spaceused = pnew_attr->spaceused; 00330 00331 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_ATIME)) 00332 { 00333 presult_attr->atime.seconds = pnew_attr->atime.seconds; 00334 presult_attr->atime.nseconds = pnew_attr->atime.nseconds; 00335 } 00336 00337 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_MTIME)) 00338 { 00339 presult_attr->mtime.seconds = pnew_attr->mtime.seconds; 00340 presult_attr->mtime.nseconds = pnew_attr->mtime.nseconds; 00341 } 00342 00343 /* Do not forget the ctime */ 00344 FSAL_SET_MASK(presult_attr->asked_attributes, FSAL_ATTR_CTIME); 00345 presult_attr->ctime.seconds = pnew_attr->ctime.seconds; 00346 presult_attr->ctime.nseconds = pnew_attr->ctime.nseconds; 00347 00348 /* Regular exit */ 00349 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_merge_attrs); 00350 } /* FSAL_merge_attrs */
1.7.3