#include <iostream>
#include <thread>
#include <mutex>
+#include <stdlib.h>
namespace _ldp_tslog
{
typedef std::ostream& (*t_ManFun)(std::ostream&);
namespace {
- static constexpr bool LOG_ENABLE = false;
- static constexpr bool LOG_VERBOSE = false;
+ static constexpr bool LOG_DEFAULT_ENABLE = false;
+ static constexpr bool LOG_DEFAULT_VERBOSE = false;
+ static const std::string LDP_ENV_VERBOSE_NAME = "LDP_VERBOSE";
+ static const std::string LDP_ENV_LOG_NAME = "LDP_LOG";
+
+ const bool get_log_env(const std::string& name) {
+ bool bret;
+ char* ldp_log_mode = getenv(name.c_str());
+ if(ldp_log_mode) {
+ const std::string slog(ldp_log_mode);
+ bret = (slog == "0") ? false : true;
+ } else {
+ bret = (name == LDP_ENV_LOG_NAME) ? LOG_DEFAULT_ENABLE : LOG_DEFAULT_VERBOSE;
+ }
+ return bret;
+ }
}
const bool get_verbose() {
- return LOG_VERBOSE;
+ return get_log_env(LDP_ENV_VERBOSE_NAME);
}
const bool get_enable() {
- return LOG_ENABLE;
+ return get_log_env(LDP_ENV_LOG_NAME);
}
class TsLog
virtual ~XmlAsyncParser() {
}
- ErrCode parse_policy(const std::string bus, const std::string fname, const std::chrono::milliseconds timeout) {
+ ErrCode parse_policy(const std::string bus,
+ const std::string fname,
+ const std::chrono::milliseconds timeout = std::chrono::milliseconds(std::numeric_limits<int32_t>::max())) {
set_policy_bus_filename(bus, fname);
m_xml_policy.init();
ErrCode err = parse(timeout);
key.m_bown = true;
key.m_path_content[Key::IDX_SERVICE] = data_str;
}
+ if(v.first == "own_prefix") {
+ key.m_bown = true;
+ key.m_path_content[Key::IDX_SERVICE] = data_str + "*";
+ }
if(field_has(v, "_destination")) {
key.m_path_content[Key::IDX_DEST] = data_str;
}
}
}
+ ErrCode service_leaf_found(const Leaf& leaf, const std::string& label, const std::vector<std::string>& idx_v) {
+ ErrCode err;
+ if(leaf.get_check()) {
+ verbose::tout << __func__
+ << ": cynara check needed for privilege " << leaf.get_privilege()
+ << ", weight " << leaf.get_weight()
+ << std::endl;
+
+ //cynara check
+ try {
+ bool br = _ldp_cynara::Cynara::check(label, leaf.get_privilege(), idx_v[Key::IDX_USER]);
+ err = ErrCode::ok(br);
+ } catch(const std::runtime_error& ex) {
+ err = ErrCode::error(ex.what());
+ }
+ } else {
+ err = ErrCode::ok(leaf.get_decision());
+ }
+
+ return err;
+ }
+
ErrCode index_decision_tree(const boost::property_tree::ptree& pt,
const std::vector<std::string>& idx_v,
const std::string& label,
}
if(found) {
- if(leaf_found.get_check()) {
- verbose::tout << __func__
- << ": cynara check needed for privilege " << leaf_found.get_privilege()
- << ", weight " << leaf_found.get_weight()
- << std::endl;
-
- //cynara check
- try {
- bool br = _ldp_cynara::Cynara::check(label, leaf_found.get_privilege(), idx_v[Key::IDX_USER]);
- err = ErrCode::ok(br);
- } catch(const std::runtime_error& ex) {
- err = ErrCode::error(ex.what());
- }
- } else {
- err = ErrCode::ok(leaf_found.get_decision());
- }
-
+ err = service_leaf_found(leaf_found, label, idx_v);
verbose::tout << __func__ << ": returning decision #" << err.get() << " " << err.get_str() << ", weight " << leaf_found.get_weight() << std::endl;
break;
}
}
ErrCode can_own_what(const std::string bus, const std::vector<std::string>& idx_v) {
- return can_do_action(bus, "OWN", idx_v);
+ ErrCode err;
+
+ //Evaluate own_prefix
+ std::vector<std::string> iv = idx_v;
+ const std::string srv = iv[iv.size() - 1];
+ const size_t srv_size = srv.size();
+ for(size_t n = 1; n <= srv_size; ++n) {
+ const std::string sub = srv.substr(0, n) + "*";
+ verbose::tout << "own_prefix: " << sub << std::endl;
+ iv.pop_back();
+ iv.push_back(sub);
+ err = can_do_action(bus, "OWN", iv);
+ if(err.is_ok()) {
+ break;
+ }
+ }
+
+ //Evaluate own
+ if(err.is_error()) {
+ err = can_do_action(bus, "OWN", idx_v);
+ }
+
+ return err;
}
void print_decision_trees() {
projects / platform / core / system / libdbuspolicy.git / commitdiff