/* Groups */
INSERT INTO groups ( /* 1 */
- name
+ name, parent
) VALUES (
- 'Default Debian i686'
+ 'Default Debian i686', 6
);
INSERT INTO groups ( /* 2 */
- name
+ name, parent
) VALUES (
- 'Default Debian x86_64'
+ 'Default Debian x86_64', 6
);
INSERT INTO groups ( /* 3 */
- name
+ name, parent
) VALUES (
- 'Default Ubuntu i686'
+ 'Default Ubuntu i686', 6
);
INSERT INTO groups ( /* 4 */
- name
+ name, parent
) VALUES (
- 'Default Ubuntu x86_64'
+ 'Default Ubuntu x86_64', 6
);
INSERT INTO groups ( /* 5 */
+ name, parent
+) VALUES (
+ 'Default Android', 7
+);
+
+INSERT INTO groups ( /* 6 */
+ name, parent
+) VALUES (
+ 'Default Linux', 7
+);
+
+INSERT INTO groups ( /* 7 */
name
) VALUES (
- 'Default Android'
+ 'Default'
);
/* Default Product Groups */
INSERT INTO enforcements (
policy, group_id, max_age
) VALUES (
- 1, 1, 86400
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 1, 2, 86400
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 1, 3, 86400
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 1, 4, 86400
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 1, 5, 86400
+ 1, 7, 86400
);
INSERT INTO enforcements (
INSERT INTO enforcements (
policy, group_id, max_age
) VALUES (
- 3, 1, 0
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 3, 2, 0
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 3, 3, 0
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 3, 4, 0
+ 3, 6, 0
);
INSERT INTO enforcements (
INSERT INTO enforcements (
policy, group_id, max_age
) VALUES (
- 8, 1, 60
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 8, 2, 60
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 8, 3, 60
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 8, 4, 60
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 8, 5, 60
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 9, 1, 60
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 9, 2, 60
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 9, 3, 60
-);
-
-INSERT INTO enforcements (
- policy, group_id, max_age
-) VALUES (
- 9, 4, 60
+ 8, 7, 60
);
INSERT INTO enforcements (
policy, group_id, max_age
) VALUES (
- 9, 5, 60
+ 9, 7, 60
);
INSERT INTO enforcements (
bool policy_start(database_t *db, int session_id)
{
enumerator_t *e;
- int id, gid, device_id, product_id, group_id = 0;
+ int id, gid, device_id, product_id, group_id = 0, parent;
int type, file, dir, arg_int, rec_fail, rec_noresult;
char *argument;
}
}
- /* if still no group membership found, leave */
- if (!group_id)
+ /* get iteratively enforcements for given group */
+ while (group_id)
{
- fprintf(stderr, "no group membership found\n");
- return TRUE;
- }
-
- /* get enforcements for given group */
- e = db->query(db,
- "SELECT e.id, "
- "p.type, p.argument, p.file, p.dir, p.rec_fail, p.rec_noresult "
- "FROM enforcements AS e JOIN policies as p ON e.policy = p.id "
- "WHERE e.group_id = ?", DB_INT, group_id,
- DB_INT, DB_INT, DB_TEXT, DB_INT, DB_INT, DB_INT, DB_INT);
- if (!e)
- {
- return FALSE;
- }
- while (e->enumerate(e, &id, &type, &argument, &file, &dir, &rec_fail,
- &rec_noresult))
- {
- /* determine arg_int */
- switch ((imv_workitem_type_t)type)
+ e = db->query(db,
+ "SELECT e.id, "
+ "p.type, p.argument, p.file, p.dir, p.rec_fail, p.rec_noresult "
+ "FROM enforcements AS e JOIN policies as p ON e.policy = p.id "
+ "WHERE e.group_id = ?", DB_INT, group_id,
+ DB_INT, DB_INT, DB_TEXT, DB_INT, DB_INT, DB_INT, DB_INT);
+ if (!e)
{
- case IMV_WORKITEM_FILE_REF_MEAS:
- case IMV_WORKITEM_FILE_MEAS:
- case IMV_WORKITEM_FILE_META:
- arg_int = file;
- break;
- case IMV_WORKITEM_DIR_REF_MEAS:
- case IMV_WORKITEM_DIR_MEAS:
- case IMV_WORKITEM_DIR_META:
- arg_int = dir;
- break;
- default:
- arg_int = 0;
+ return FALSE;
}
+ while (e->enumerate(e, &id, &type, &argument, &file, &dir,
+ &rec_fail, &rec_noresult))
+ {
+ /* determine arg_int */
+ switch ((imv_workitem_type_t)type)
+ {
+ case IMV_WORKITEM_FILE_REF_MEAS:
+ case IMV_WORKITEM_FILE_MEAS:
+ case IMV_WORKITEM_FILE_META:
+ arg_int = file;
+ break;
+ case IMV_WORKITEM_DIR_REF_MEAS:
+ case IMV_WORKITEM_DIR_MEAS:
+ case IMV_WORKITEM_DIR_META:
+ arg_int = dir;
+ break;
+ default:
+ arg_int = 0;
+ }
- /* insert a workitem */
- if (db->execute(db, NULL,
+ /* insert a workitem */
+ if (db->execute(db, NULL,
"INSERT INTO workitems (session, enforcement, type, arg_str, "
"arg_int, rec_fail, rec_noresult) VALUES (?, ?, ?, ?, ?, ?, ?)",
DB_INT, session_id, DB_INT, id, DB_INT, type, DB_TEXT, argument,
DB_INT, arg_int, DB_INT, rec_fail, DB_INT, rec_noresult) != 1)
+ {
+ e->destroy(e);
+ fprintf(stderr, "could not insert workitem\n");
+ return FALSE;
+ }
+ }
+ e->destroy(e);
+
+ e = db->query(db,
+ "SELECT parent FROM groups WHERE id = ?",
+ DB_INT, group_id, DB_INT);
+ if (!e)
{
- e->destroy(e);
- fprintf(stderr, "could not insert workitem\n");
return FALSE;
}
+ if (e->enumerate(e, &parent))
+ {
+ group_id = parent;
+ }
+ else
+ {
+ fprintf(stderr, "group information not found\n");
+ group_id = 0;
+ }
+ e->destroy(e);
}
- e->destroy(e);
return TRUE;
}
projects / thirdparty / strongswan.git / commitdiff
