diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2015-12-17 12:50:28 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2015-12-17 12:50:28 +0200 |
commit | 8334b598f85317eb4d44000f6ec580c54734b15d (patch) | |
tree | 04dd1b84443287aec625ab019b02fc170ae524a1 /ident | |
parent | 8426fc4411c9679a10863d7aa3ced077155e0016 (diff) | |
download | pies-8334b598f85317eb4d44000f6ec580c54734b15d.tar.gz pies-8334b598f85317eb4d44000f6ec580c54734b15d.tar.bz2 |
Implement user privileges
* src/pies.h (component): New members: list_acl and
adm_acl.
(control): Removed id_acl.
New members: adm_acl and usr_acl.
* src/pies.c (component_keywords): New keywords list-acl and
admin-acl. Removed identity-acl.
* ident/ident.c (pies_identity_user_name): New function.
* ident/identity.h (pies_identity_user_name): New proto.
* src/ctl.c (CTL_USER_STATE,CTL_ADMIN_STATE): New states.
(cmdtab): Mark administrative commands as valid in CTL_ADMIN_STATE
(ctlio_create): Assume CTL_ADMIN_STATE in the absense of identity
providers.
(auth_data): New struct.
(cmd_auth): Select appropriate state depending on the user permissions.
(list_matches): New function.
(eval_env): Keep the list of selected progs.
(count_prog): Removed.
(selector): New function.
(cmd_list): Rewrite to take into account access rights.
(cmd_start,cmd_stop)
(cmd_restart): Only allowed for users with administrative
privileges.
Diffstat (limited to 'ident')
-rw-r--r-- | ident/ident.c | 8 | ||||
-rw-r--r-- | ident/identity.h | 6 |
2 files changed, 11 insertions, 3 deletions
diff --git a/ident/ident.c b/ident/ident.c index 38ae1a8..dbf3f9b 100644 --- a/ident/ident.c +++ b/ident/ident.c @@ -41,6 +41,14 @@ pies_authenticate (pies_identity_provider_t pr, pies_identity_t id, return 1; } +char const * +pies_identity_user_name (pies_identity_t id) +{ + if (!id) + return NULL; + return id->username; +} + int pies_identity_is_user (pies_identity_t id, char * const * users) { diff --git a/ident/identity.h b/ident/identity.h index 0ee129d..8a9e2ab 100644 --- a/ident/identity.h +++ b/ident/identity.h @@ -20,12 +20,12 @@ typedef struct pies_identity_mechanism *pies_identity_mechanism_t; pies_identity_t pies_identity_create (char const *user); void pies_identity_destroy (pies_identity_t id); - -int pies_authenticate (pies_identity_provider_t pr, pies_identity_t id, - char const *passwd); int pies_identity_is_user (pies_identity_t id, char * const * users); int pies_identity_is_group_member (pies_identity_t id, char * const * groups); +char const *pies_identity_user_name (pies_identity_t p); +int pies_authenticate (pies_identity_provider_t pr, pies_identity_t id, + char const *passwd); char const *pies_identity_provider_name (pies_identity_provider_t p); int pies_identity_mechanism_register (pies_identity_mechanism_t mech); |