#include "../libdbuspolicy1-private.h"
-static ldp_xml_parser::NaivePolicyChecker policy_checker;
-
static const char* get_str(const char* const szstr) {
return (szstr != NULL) ? szstr : "";
}
int __internal_init(bool bus_type, const char* const config_name)
{
ldp_xml_parser::XmlParser p;
- p.registerAdapter(policy_checker.generateAdapter());
auto err = p.parsePolicy(bus_type, get_str(config_name));
return err.get();
}
using namespace ldp_xml_parser;
+ldp_xml_parser::NaivePolicyChecker policy_checker;
+
static void __log_item(const MatchItemSR& item)
{
char tmp[MAX_LOG_LINE];
std::cout << "checkpolicy for: " << i_str <<std::endl;
}
-DbAdapter& NaivePolicyChecker::generateAdapter() {
- if (!m_adapter)
- m_adapter = new DbAdapter (m_bus_db[0], m_bus_db[1]);
-
- return *m_adapter;
-}
NaivePolicyDb& NaivePolicyChecker::getPolicyDb(bool type) {
return m_bus_db[type];
return DecisionResult::DENY;
}
-NaivePolicyChecker::~NaivePolicyChecker() {
- delete m_adapter;
-}
-
return this->checkItemSR(bus_type, uid, gid, label, matcher, type);
}
+
Decision NaivePolicyChecker::checkPolicySR(const NaivePolicyDb::PolicySR& policy,
const MatchItemSR& item,
const char*& privilege)
/** Policy databases for system and session bus */
NaivePolicyDb m_bus_db[2];
- /** Adapter to policies database */
- DbAdapter* m_adapter;
-
/** Retrieves policy db
* \param[in] type Type of database (system/session bus)
* \return Returns reference to chosen bus policy db
gid_t gid,
const char* label,
const ItemOwn& item);
- public:
- ~NaivePolicyChecker();
- /** Generates adapter for db with policies
- * \ingroup Implementation
+ /** Provides db handle for parsing purposes
*/
- DbAdapter& generateAdapter();
+ inline NaivePolicyDb &db(bool sessionBus) { return m_bus_db[sessionBus]; }
+
+ friend class DbAdapter; // give adapters access to db()
+ public:
/** Checks ownership policy for given item
* \param[in] bus_type Bus type (system/session)
* \param[in] uid User id
ItemType type);
};
}
+
+extern ldp_xml_parser::NaivePolicyChecker policy_checker;
+
#endif
*/
#include "policy.hpp"
+#include "naive_policy_checker.hpp"
#include "naive_policy_db.hpp"
#include "tslog.hpp"
#include <cstdlib>
return message_decision[static_cast<std::size_t>(dec)];
}
-DbAdapter::DbAdapter(NaivePolicyDb& system, NaivePolicyDb& session)
- : __system_db(system), __session_db(session), __attr(false), __tag_state(NONE) {
+DbAdapter::DbAdapter() : __attr(false), __tag_state(NONE) {
}
-uid_t DbAdapter::convertToUid(const char* user) {
+static uid_t convertToUid(const char* user) {
long val = -1;
errno = 0;
val = std::strtol(user, NULL, 10);
return pwd->pw_uid;
}
-gid_t DbAdapter::convertToGid(const char* group) {
+static gid_t convertToGid(const char* group) {
long val = -1;
errno = 0;
val = std::strtol(group, NULL, 10);
updateDecision(v, policy_type, policy_type_value, t, attr);
xmlTraversal(bus, v.second, t, policy_type, policy_type_value, attr, level + 1);
}
- if (!pt.empty() && level > 1) {
- if (bus)
- __builder.generateItem(__session_db, policy_type, policy_type_value);
- else
- __builder.generateItem(__system_db, policy_type, policy_type_value);
- }
+ if (!pt.empty() && level > 1)
+ __builder.generateItem(policy_checker.db(bus), policy_type, policy_type_value);
}
}
POLICY,
ALLOW_DENY_CHECK
};
- NaivePolicyDb& __system_db;
- NaivePolicyDb& __session_db;
bool __attr;
state __tag_state;
ItemBuilder __builder;
bool attr = false,
int level = 0);
public:
- DbAdapter(NaivePolicyDb& system, NaivePolicyDb& session);
+ DbAdapter();
void updateDb(bool bus, boost::property_tree::ptree& xmlTree, std::vector<std::string>& incl_dirs);
- static uid_t convertToUid(const char* user);
- static gid_t convertToGid(const char* group);
};
}
#endif
ErrCode err = parse(bus, fname);
return err;
}
- /** Registers DBAdapter */
- void registerAdapter(DbAdapter& adapter) {
- __adapter = &adapter;
- }
private:
/** Vector containing parsed policy */
static std::set<std::string> __parsed;
- /** Adapter which allows to acces parsed policies */
- DbAdapter* __adapter;
+ /** Adapter which allows to access parsed policies */
+ DbAdapter __adapter;
/** Parses config file and all files included in it */
ErrCode parse(bool bus, std::string const &filename) {
boost::property_tree::ptree pt;
read_xml(filename, pt);
if (!pt.empty()) {
- __adapter->updateDb(bus, pt, incl_dirs);
+ __adapter.updateDb(bus, pt, incl_dirs);
}
} catch (const boost::property_tree::xml_parser::xml_parser_error& ex) {
ret.first = ErrCode::error(ex.what());