|
nfs-ganesha 1.4
|
00001 /* 00002 * vim:expandtab:shiftwidth=8:tabstop=8: 00003 */ 00004 00015 /* 00016 * Copyright CEA/DAM/DIF (2008) 00017 * contributeur : Philippe DENIEL philippe.deniel@cea.fr 00018 * Thomas LEIBOVICI thomas.leibovici@cea.fr 00019 * 00020 * 00021 * This program is free software; you can redistribute it and/or 00022 * modify it under the terms of the GNU Lesser General Public 00023 * License as published by the Free Software Foundation; either 00024 * version 3 of the License, or (at your option) any later version. 00025 * 00026 * This program is distributed in the hope that it will be useful, 00027 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00028 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00029 * Lesser General Public License for more details. 00030 * 00031 * You should have received a copy of the GNU Lesser General Public 00032 * License along with this library; if not, write to the Free Software 00033 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 00034 * 00035 * --------------------------------------- 00036 */ 00037 00038 #ifdef HAVE_CONFIG_H 00039 #include "config.h" 00040 #endif 00041 00042 #include "fsal.h" 00043 #include "fsal_internal.h" 00044 #include "fsal_convert.h" 00045 00078 fsal_status_t ZFSFSAL_test_access(fsal_op_context_t * p_context, /* IN */ 00079 fsal_accessflags_t access_type, /* IN */ 00080 fsal_attrib_list_t * object_attributes /* IN */ 00081 ) 00082 { 00083 fsal_accessflags_t missing_access; 00084 int is_grp; 00085 00086 /* sanity checks. */ 00087 00088 if(!object_attributes || !p_context) 00089 Return(ERR_FSAL_FAULT, 0, INDEX_FSAL_test_access); 00090 00091 /* If the FSAL_F_OK flag is set, returns ERR INVAL */ 00092 00093 if(access_type & FSAL_F_OK) 00094 Return(ERR_FSAL_INVAL, 0, INDEX_FSAL_test_access); 00095 00096 /* ----- here is a code sample for this function ---- */ 00097 00098 /* test root access */ 00099 00100 if(p_context->credential.user == 0) 00101 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00102 00103 /* unsatisfied permissions */ 00104 00105 missing_access = FSAL_MODE_MASK(access_type); /* only modes, no ACLs here */ 00106 00107 /* Test if file belongs to user. */ 00108 00109 if(p_context->credential.user == object_attributes->owner) 00110 { 00111 00112 if(object_attributes->mode & FSAL_MODE_RUSR) 00113 missing_access &= ~FSAL_R_OK; 00114 00115 if(object_attributes->mode & FSAL_MODE_WUSR) 00116 missing_access &= ~FSAL_W_OK; 00117 00118 if(object_attributes->mode & FSAL_MODE_XUSR) 00119 missing_access &= ~FSAL_X_OK; 00120 00121 if(missing_access == 0) 00122 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00123 else 00124 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_test_access); 00125 00126 } 00127 00128 /* Test if the file belongs to user's group. */ 00129 00130 is_grp = (p_context->credential.group == object_attributes->group); 00131 00132 if(!is_grp) 00133 { 00134 /* >> Test here if file belongs to user's alt groups << */ 00135 } 00136 00137 /* finally apply group rights */ 00138 00139 if(is_grp) 00140 { 00141 if(object_attributes->mode & FSAL_MODE_RGRP) 00142 missing_access &= ~FSAL_R_OK; 00143 00144 if(object_attributes->mode & FSAL_MODE_WGRP) 00145 missing_access &= ~FSAL_W_OK; 00146 00147 if(object_attributes->mode & FSAL_MODE_XGRP) 00148 missing_access &= ~FSAL_X_OK; 00149 00150 if(missing_access == 0) 00151 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00152 else 00153 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_test_access); 00154 00155 } 00156 00157 /* test other perms */ 00158 00159 if(object_attributes->mode & FSAL_MODE_ROTH) 00160 missing_access &= ~FSAL_R_OK; 00161 00162 if(object_attributes->mode & FSAL_MODE_WOTH) 00163 missing_access &= ~FSAL_W_OK; 00164 00165 if(object_attributes->mode & FSAL_MODE_XOTH) 00166 missing_access &= ~FSAL_X_OK; 00167 00170 if(missing_access == 0) 00171 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00172 else 00173 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_test_access); 00174 00175 }
1.7.3