2 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 28 Access Control */
12 #include "acl/Checklist.h"
13 #include "acl/UserData.h"
14 #include "ConfigParser.h"
17 #include "sbuf/Algorithms.h"
21 ACLUserData::match(char const *user
)
23 debugs(28, 7, "user is " << user
<< ", case_insensitive is " << flags
.case_insensitive
);
25 if (user
== NULL
|| strcmp(user
, "-") == 0)
29 debugs(28, 7, "aclMatchUser: user REQUIRED and auth-info present.");
33 bool result
= (userDataNames
.find(SBuf(user
)) != userDataNames
.end());
34 debugs(28, 7, "returning " << result
);
39 ACLUserData::dump() const
44 sl
.push_back(SBuf("REQUIRED"));
48 if (flags
.case_insensitive
)
49 sl
.push_back(SBuf("-i"));
51 sl
.insert(sl
.end(), userDataNames
.begin(), userDataNames
.end());
53 debugs(28,5, "ACLUserData dump output: " <<
54 JoinContainerToSBuf(userDataNames
.begin(), userDataNames
.end(),
60 CaseSensitiveSBufCompare(const SBuf
&lhs
, const SBuf
&rhs
)
62 return (lhs
.cmp(rhs
) < 0);
66 CaseInsensitveSBufCompare(const SBuf
&lhs
, const SBuf
&rhs
)
68 return (lhs
.caseCmp(rhs
) < 0);
71 ACLUserData::ACLUserData() :
72 userDataNames(CaseSensitiveSBufCompare
)
74 flags
.case_insensitive
= false;
75 flags
.required
= false;
81 debugs(28, 2, "parsing user list");
84 if ((t
= ConfigParser::strtokFile())) {
86 debugs(28, 5, "first token is " << s
);
88 if (s
.cmp("-i",2) == 0) {
89 debugs(28, 5, "Going case-insensitive");
90 flags
.case_insensitive
= true;
91 // due to how the std::set API work, if we want to change
92 // the comparison function we have to create a new std::set
93 UserDataNames_t
newUdn(CaseInsensitveSBufCompare
);
94 newUdn
.insert(userDataNames
.begin(), userDataNames
.end());
95 swap(userDataNames
,newUdn
);
96 } else if (s
.cmp("REQUIRED") == 0) {
97 debugs(28, 5, "REQUIRED-type enabled");
98 flags
.required
= true;
100 if (flags
.case_insensitive
)
103 debugs(28, 6, "Adding user " << s
);
104 userDataNames
.insert(s
);
108 debugs(28, 3, "Case-insensitive-switch is " << flags
.case_insensitive
);
109 /* we might inherit from a previous declaration */
111 debugs(28, 4, "parsing following tokens");
113 while ((t
= ConfigParser::strtokFile())) {
115 debugs(28, 6, "Got token: " << s
);
117 if (flags
.case_insensitive
)
120 debugs(28, 6, "Adding user " << s
);
121 userDataNames
.insert(s
);
124 if (flags
.required
&& !userDataNames
.empty()) {
125 debugs(28, DBG_PARSE_NOTE(1), "WARNING: detected attempt to add usernames to an acl of type REQUIRED");
126 userDataNames
.clear();
129 debugs(28,4, "ACL contains " << userDataNames
.size() << " users");
133 ACLUserData::empty() const
135 debugs(28,6,"required: " << flags
.required
<< ", number of users: " << userDataNames
.size());
138 return userDataNames
.empty();
141 ACLData
<char const *> *
142 ACLUserData::clone() const
144 return new ACLUserData
;