DB_ACL_FILESET,
DB_ACL_RCLIENT,
DB_ACL_BCLIENT,
+ DB_ACL_RBCLIENT,
DB_ACL_PATH,
DB_ACL_LOG,
DB_ACL_LAST /* Keep last */
/* Used during the initialization, the UA code can call this function
* foreach kind of ACL
*/
- void set_acl(JCR *jcr, DB_ACL_t type, alist *l, alist *l2=NULL);
+ void set_acl(JCR *jcr, DB_ACL_t type, alist *l, alist *l2=NULL, alist *l3=NULL);
/* Get the SQL string that corresponds to the Console ACL for Pool, Job,
* Client, ...
return acl_where;
}
+/* Get the list of the JobId that are accessible for this console
+ * Usually, this function is called in a restore context
+ */
char *BDB::bdb_get_jobids(const char *jobids, POOLMEM **ret, bool append)
{
if (!ret || !*ret) {
bdb_lock();
/* Get optional filters for the SQL query */
const char *where = get_acls(DB_ACL_BIT(DB_ACL_JOB) |
- DB_ACL_BIT(DB_ACL_CLIENT) |
+ DB_ACL_BIT(DB_ACL_RCLIENT) | // Clients where we can restore
DB_ACL_BIT(DB_ACL_FILESET), false);
- const char *join = *where ? get_acl_join_filter(DB_ACL_BIT(DB_ACL_CLIENT) |
+ const char *join = *where ? get_acl_join_filter(DB_ACL_BIT(DB_ACL_RCLIENT) |
DB_ACL_BIT(DB_ACL_FILESET)) : "";
/* No filters, no need to run the query */
if (!*where && !*join) {
Mmsg(tmp, " JOIN Job USING (JobId) ");
pm_strcat(acl_join, tmp);
}
- if (tables & (DB_ACL_BIT(DB_ACL_CLIENT) | DB_ACL_BIT(DB_ACL_RCLIENT) | DB_ACL_BIT(DB_ACL_BCLIENT))) {
+ if (tables & (DB_ACL_BIT(DB_ACL_CLIENT) |
+ DB_ACL_BIT(DB_ACL_RCLIENT) |
+ DB_ACL_BIT(DB_ACL_BCLIENT) |
+ DB_ACL_BIT(DB_ACL_RBCLIENT)))
+ {
Mmsg(tmp, " JOIN Client USING (ClientId) ");
pm_strcat(acl_join, tmp);
}
}
/* Keep UAContext ACLs in our structure for further SQL queries */
-void BDB::set_acl(JCR *jcr, DB_ACL_t type, alist *list, alist *list2)
+void BDB::set_acl(JCR *jcr, DB_ACL_t type, alist *list, alist *list2, alist *list3)
{
const char *key=NULL;
const char *keyid=NULL;
return;
}
+ /* If the list is present, but we authorize everything */
+ if (list3 && list3->size() == 1 && strcasecmp((char*)list3->get(0), "*all*") == 0) {
+ return;
+ }
+
POOLMEM *tmp = get_pool_memory(PM_FNAME);
POOLMEM *where = get_pool_memory(PM_FNAME);
case DB_ACL_BCLIENT:
case DB_ACL_CLIENT:
case DB_ACL_RCLIENT:
+ case DB_ACL_RBCLIENT:
key = "Client.Name";
break;
merged_list->append(elt);
}
}
+ if (list3) {
+ foreach_alist(elt, list3) {
+ merged_list->append(elt);
+ }
+ }
escape_acl_list(jcr, key, &tmp, merged_list);
delete merged_list;
ua->db->set_acl(ua->jcr, DB_ACL_BCLIENT,
ua->cons->ACL_lists[Client_ACL],
ua->cons->ACL_lists[BackupClient_ACL]);
+
+ ua->db->set_acl(ua->jcr, DB_ACL_RBCLIENT,
+ ua->cons->ACL_lists[Client_ACL],
+ ua->cons->ACL_lists[BackupClient_ACL],
+ ua->cons->ACL_lists[RestoreClient_ACL]);
}
if (!ua->api) {
ua->send_msg(_("Using Catalog \"%s\"\n"), ua->catalog->name());
projects / thirdparty / bacula.git / commitdiff
