DVR(all): don't restrict save/delete/moveup/movedown/cancel operations only for admin...

author Jaroslav Kysela <perex@perex.cz>

Tue, 26 May 2015 09:08:20 +0000 (11:08 +0200)

committer Jaroslav Kysela <perex@perex.cz>

Tue, 26 May 2015 09:08:20 +0000 (11:08 +0200)
author Jaroslav Kysela <perex@perex.cz>
Tue, 26 May 2015 09:08:20 +0000 (11:08 +0200)
committer Jaroslav Kysela <perex@perex.cz>
Tue, 26 May 2015 09:08:20 +0000 (11:08 +0200)
diff --git a/src/api.h b/src/api.h

index e5b360d26b099e279c8aefd2653d160efd93c6a9..3f6e88cd356f7ecb263afb441b85cbd741c97d90 100644 (file)
--- a/src/api.h
+++ b/src/api.h
@@ -106,7 +106,8 @@ int api_idnode_load_by_class
    ( access_t *perm, void *opaque, const char *op, htsmsg_t *args, htsmsg_t **resp );
  
  int api_idnode_handler
-  ( access_t *perm, htsmsg_t *args, htsmsg_t **resp, void (*handler)(access_t *perm, idnode_t *in) );
+  ( access_t *perm, htsmsg_t *args, htsmsg_t **resp,
+    void (*handler)(access_t *perm, idnode_t *in), const char *op );
  
  /*
   * Service mapper
diff --git a/src/api/api_dvr.c b/src/api/api_dvr.c

index f07f4d08e316d08e82ec0bb710f1e197dbdae098..ee75c950f785129670eb0594bd477f8848e90fe1 100644 (file)
--- a/src/api/api_dvr.c
+++ b/src/api/api_dvr.c
@@ -236,7 +236,7 @@ static int
  api_dvr_entry_cancel
    ( access_t *perm, void *opaque, const char *op, htsmsg_t *args, htsmsg_t **resp )
  {
-  return api_idnode_handler(perm, args, resp, api_dvr_cancel);
+  return api_idnode_handler(perm, args, resp, api_dvr_cancel, "cancel");
  }
  
  static void
diff --git a/src/api/api_idnode.c b/src/api/api_idnode.c

index 6ccea928bcabecb52cef937174f4668a557433c9..32674a0e6362727306ad5c2a418afdf53a85e177 100644 (file)
--- a/src/api/api_idnode.c
+++ b/src/api/api_idnode.c
@@ -458,11 +458,12 @@ exit:
  int
  api_idnode_handler
    ( access_t *perm, htsmsg_t *args, htsmsg_t **resp,
-    void (*handler)(access_t *perm, idnode_t *in) )
+    void (*handler)(access_t *perm, idnode_t *in),
+    const char *op )
  {
    int err = 0;
    idnode_t *in;
-  htsmsg_t *uuids;
+  htsmsg_t *uuids, *msg;
    htsmsg_field_t *f;
    const char *uuid;
  
@@ -488,10 +489,18 @@ api_idnode_handler
    /* Single */
    } else {
      uuid = htsmsg_field_get_string(f);
-    if (!(in   = idnode_find(uuid, NULL, NULL)))
+    if (!(in   = idnode_find(uuid, NULL, NULL))) {
        err = ENOENT;
-    else
-      handler(perm, in);
+    } else {
+      msg = htsmsg_create_map();
+      htsmsg_add_str(msg, "__op__", op);
+      if (idnode_perm(in, perm, msg)) {
+        err = EPERM;
+      } else {
+        handler(perm, in);
+      }
+      htsmsg_destroy(msg);
+    }
    }
  
    pthread_mutex_unlock(&global_lock);
@@ -509,7 +518,7 @@ static int
  api_idnode_delete
    ( access_t *perm, void *opaque, const char *op, htsmsg_t *args, htsmsg_t **resp )
  {
-  return api_idnode_handler(perm, args, resp, api_idnode_delete_);
+  return api_idnode_handler(perm, args, resp, api_idnode_delete_, "delete");
  }
  
  static void
@@ -522,7 +531,7 @@ static int
  api_idnode_moveup
    ( access_t *perm, void *opaque, const char *op, htsmsg_t *args, htsmsg_t **resp )
  {
-  return api_idnode_handler(perm, args, resp, api_idnode_moveup_);
+  return api_idnode_handler(perm, args, resp, api_idnode_moveup_, "moveup");
  }
  
  static void
@@ -535,19 +544,22 @@ static int
  api_idnode_movedown
    ( access_t *perm, void *opaque, const char *op, htsmsg_t *args, htsmsg_t **resp )
  {
-  return api_idnode_handler(perm, args, resp, api_idnode_movedown_);
+  return api_idnode_handler(perm, args, resp, api_idnode_movedown_, "movedown");
  }
  
  void api_idnode_init ( void )
  {
+  /*
+   * note: permissions are verified using idnode_perm() calls
+   */
    static api_hook_t ah[] = {
      { "idnode/load",     ACCESS_ANONYMOUS, api_idnode_load,     NULL },
-    { "idnode/save",     ACCESS_ADMIN,     api_idnode_save,     NULL },
+    { "idnode/save",     ACCESS_ANONYMOUS, api_idnode_save,     NULL },
      { "idnode/tree",     ACCESS_ANONYMOUS, api_idnode_tree,     NULL },
      { "idnode/class",    ACCESS_ANONYMOUS, api_idnode_class,    NULL },
-    { "idnode/delete",   ACCESS_ADMIN,     api_idnode_delete,   NULL },
-    { "idnode/moveup",   ACCESS_ADMIN,     api_idnode_moveup,   NULL },
-    { "idnode/movedown", ACCESS_ADMIN,     api_idnode_movedown, NULL },
+    { "idnode/delete",   ACCESS_ANONYMOUS, api_idnode_delete,   NULL },
+    { "idnode/moveup",   ACCESS_ANONYMOUS, api_idnode_moveup,   NULL },
+    { "idnode/movedown", ACCESS_ANONYMOUS, api_idnode_movedown, NULL },
      { NULL },
    };
author	Jaroslav Kysela <perex@perex.cz>
	Tue, 26 May 2015 09:08:20 +0000 (11:08 +0200)
committer	Jaroslav Kysela <perex@perex.cz>
	Tue, 26 May 2015 09:08:20 +0000 (11:08 +0200)
src/api.h		patch \| blob \| blame \| history
src/api/api_dvr.c		patch \| blob \| blame \| history
src/api/api_idnode.c		patch \| blob \| blame \| history