<dd>
Enables access to video recording functions for the HTSP protocol (Showtime, XBMC etc.).
+ <dt><b>All DVR</b>
+ <dd>
+ Enable to access to DVR entries created by other users (read-only).
+
<dt><b>DVR Config Profile</b>
<dd>
If set, the user will only be able to use the DVR config profile
int first;
snprintf(buf, sizeof(buf),
- "%s:%s [%s%s%s%s%s%s%s], conn=%u, chmin=%llu, chmax=%llu%s",
+ "%s:%s [%c%c%c%c%c%c%c%c], conn=%u, chmin=%llu, chmax=%llu%s",
a->aa_representative ?: "<no-id>",
a->aa_username ?: "<no-user>",
- a->aa_rights & ACCESS_STREAMING ? "S" : "",
- a->aa_rights & ACCESS_ADVANCED_STREAMING ? "A" : "",
- a->aa_rights & ACCESS_HTSP_STREAMING ? "T" : "",
- a->aa_rights & ACCESS_WEB_INTERFACE ? "W" : "",
- a->aa_rights & ACCESS_RECORDER ? "R" : "",
- a->aa_rights & ACCESS_HTSP_RECORDER ? "E" : "",
- a->aa_rights & ACCESS_ADMIN ? "*" : "",
+ a->aa_rights & ACCESS_STREAMING ? 'S' : ' ',
+ a->aa_rights & ACCESS_ADVANCED_STREAMING ? 'A' : ' ',
+ a->aa_rights & ACCESS_HTSP_STREAMING ? 'T' : ' ',
+ a->aa_rights & ACCESS_WEB_INTERFACE ? 'W' : ' ',
+ a->aa_rights & ACCESS_RECORDER ? 'R' : ' ',
+ a->aa_rights & ACCESS_HTSP_RECORDER ? 'E' : ' ',
+ a->aa_rights & ACCESS_ALL_RECORDER ? 'L' : ' ',
+ a->aa_rights & ACCESS_ADMIN ? '*' : ' ',
a->aa_conn_limit,
(long long)a->aa_chmin, (long long)a->aa_chmax,
a->aa_match ? ", matched" : "");
r |= ACCESS_RECORDER;
if (ae->ae_htsp_dvr)
r |= ACCESS_HTSP_RECORDER;
+ if (ae->ae_all_dvr)
+ r |= ACCESS_ALL_RECORDER;
if (ae->ae_webui)
r |= ACCESS_WEB_INTERFACE;
if (ae->ae_admin)
TAILQ_INIT(&ae->ae_ipmasks);
if (conf) {
+ /* defaults */
ae->ae_htsp_streaming = 1;
ae->ae_htsp_dvr = 1;
+ ae->ae_all_dvr = 1;
idnode_load(&ae->ae_id, conf);
/* note password has PO_NOSAVE, thus it must be set manually */
if ((s = htsmsg_get_str(conf, "password")) != NULL)
.name = "HTSP DVR",
.off = offsetof(access_entry_t, ae_htsp_dvr),
},
+ {
+ .type = PT_BOOL,
+ .id = "all_dvr",
+ .name = "All DVR",
+ .off = offsetof(access_entry_t, ae_all_dvr),
+ },
{
.type = PT_STR,
.id = "dvr_config",
ae->ae_htsp_streaming = 1;
ae->ae_dvr = 1;
ae->ae_htsp_dvr = 1;
+ ae->ae_all_dvr = 1;
ae->ae_webui = 1;
ae->ae_admin = 1;
access_entry_update_rights(ae);
int ae_dvr;
int ae_htsp_dvr;
+ int ae_all_dvr;
struct dvr_config *ae_dvr_config;
LIST_ENTRY(access_entry) ae_dvr_config_link;
#define ACCESS_WEB_INTERFACE (1<<3)
#define ACCESS_RECORDER (1<<4)
#define ACCESS_HTSP_RECORDER (1<<5)
-#define ACCESS_ADMIN (1<<6)
+#define ACCESS_ALL_RECORDER (1<<6)
+#define ACCESS_ADMIN (1<<7)
#define ACCESS_OR (1<<30)
#define ACCESS_FULL \
(ACCESS_STREAMING | ACCESS_ADVANCED_STREAMING | \
- ACCESS_HTSP_STREAMING | ACCESS_HTSP_RECORDER | \
- ACCESS_WEB_INTERFACE | ACCESS_RECORDER | ACCESS_ADMIN)
+ ACCESS_HTSP_STREAMING | ACCESS_WEB_INTERFACE | \
+ ACCESS_RECORDER | ACCESS_HTSP_RECORDER | \
+ ACCESS_ALL_RECORDER | ACCESS_ADMIN)
/**
* Create a new ticket for the requested resource and generate a id for it
htsmsg_t *dvr_entry_class_config_name_list(void *o);
htsmsg_t *dvr_entry_class_duration_list(void *o, const char *not_set, int max, int step);
+static inline int dvr_entry_verify(dvr_entry_t *de, access_t *a, int readonly)
+{
+ if (!a->aa_username || !de->de_owner)
+ return -1;
+ if (readonly && !access_verify2(a, ACCESS_ALL_RECORDER))
+ return 0;
+ if (strcmp(de->de_owner, a->aa_username))
+ return -1;
+ return 0;
+}
+
/**
*
*/
void dvr_autorec_update(void);
+static inline int dvr_autorec_entry_verify(dvr_autorec_entry_t *dae, access_t *a)
+{
+ if (!a->aa_username || !dae->dae_owner)
+ return -1;
+ if (strcmp(dae->dae_owner, a->aa_username))
+ return -1;
+ return 0;
+}
+
/**
*
*/
void dvr_timerec_update(void);
+static inline int dvr_timerec_entry_verify(dvr_timerec_entry_t *dte, access_t *a)
+{
+ if (!a->aa_username || !dte->dte_owner)
+ return -1;
+ if (strcmp(dte->dte_owner, a->aa_username))
+ return -1;
+ return 0;
+}
+
/**
*
*/
autorec_entry_destroy((dvr_autorec_entry_t *)self, 1);
}
+static int
+dvr_autorec_entry_class_perm(idnode_t *self, access_t *a, htsmsg_t *msg_to_write)
+{
+ dvr_autorec_entry_t *dae = (dvr_autorec_entry_t *)self;
+
+ if (access_verify2(a, ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER))
+ return -1;
+ if (!access_verify2(a, ACCESS_ADMIN))
+ return 0;
+ if (dvr_autorec_entry_verify(dae, a))
+ return -1;
+ return 0;
+}
+
static const char *
dvr_autorec_entry_class_get_title (idnode_t *self)
{
.ic_save = dvr_autorec_entry_class_save,
.ic_get_title = dvr_autorec_entry_class_get_title,
.ic_delete = dvr_autorec_entry_class_delete,
+ .ic_perm = dvr_autorec_entry_class_perm,
.ic_properties = (const property_t[]) {
{
.type = PT_BOOL,
dvr_entry_cancel_delete((dvr_entry_t *)self);
}
+static int
+dvr_entry_class_perm(idnode_t *self, access_t *a, htsmsg_t *msg_to_write)
+{
+ dvr_entry_t *de = (dvr_entry_t *)self;
+
+ if (access_verify2(a, ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER))
+ return -1;
+ if (!access_verify2(a, ACCESS_ADMIN))
+ return 0;
+ if (dvr_entry_verify(de, a, msg_to_write == NULL ? 1 : 0))
+ return -1;
+ return 0;
+}
+
static const char *
dvr_entry_class_get_title (idnode_t *self)
{
.ic_class = "dvrentry",
.ic_caption = "DVR Entry",
.ic_event = "dvrentry",
- .ic_perm_def = ACCESS_RECORDER,
.ic_save = dvr_entry_class_save,
.ic_get_title = dvr_entry_class_get_title,
.ic_delete = dvr_entry_class_delete,
+ .ic_perm = dvr_entry_class_perm,
.ic_properties = (const property_t[]) {
{
.type = PT_TIME,
timerec_entry_destroy((dvr_timerec_entry_t *)self, 1);
}
+static int
+dvr_timerec_entry_class_perm(idnode_t *self, access_t *a, htsmsg_t *msg_to_write)
+{
+ dvr_timerec_entry_t *dte = (dvr_timerec_entry_t *)self;
+
+ if (access_verify2(a, ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER))
+ return -1;
+ if (!access_verify2(a, ACCESS_ADMIN))
+ return 0;
+ if (dvr_timerec_entry_verify(dte, a))
+ return -1;
+ return 0;
+}
+
static const char *
dvr_timerec_entry_class_get_title (idnode_t *self)
{
.ic_save = dvr_timerec_entry_class_save,
.ic_get_title = dvr_timerec_entry_class_get_title,
.ic_delete = dvr_timerec_entry_class_delete,
+ .ic_perm = dvr_timerec_entry_class_perm,
.ic_properties = (const property_t[]) {
{
.type = PT_BOOL,
htsmsg_add_str(out, "image", ee->image);
}
- if((de = dvr_entry_find_by_event(e)) != NULL) {
+ if((de = dvr_entry_find_by_event(e)) != NULL &&
+ !dvr_entry_verify(de, htsp->htsp_granted_access, 1)) {
htsmsg_add_u32(out, "dvrId", idnode_get_short_uuid(&de->de_id));
}
/* Send all autorecs */
TAILQ_FOREACH(dae, &autorec_entries, dae_link)
- htsp_send_message(htsp, htsp_build_autorecentry(dae, "autorecEntryAdd"), NULL);
+ if (!dvr_autorec_entry_verify(dae, htsp->htsp_granted_access))
+ htsp_send_message(htsp, htsp_build_autorecentry(dae, "autorecEntryAdd"), NULL);
/* Send all timerecs */
TAILQ_FOREACH(dte, &timerec_entries, dte_link)
- htsp_send_message(htsp, htsp_build_timerecentry(dte, "timerecEntryAdd"), NULL);
+ if (!dvr_timerec_entry_verify(dte, htsp->htsp_granted_access))
+ htsp_send_message(htsp, htsp_build_timerecentry(dte, "timerecEntryAdd"), NULL);
/* Send all DVR entries */
LIST_FOREACH(de, &dvrentries, de_global_link)
- if (htsp_user_access_channel(htsp,de->de_channel))
+ if (!dvr_entry_verify(de, htsp->htsp_granted_access, 1) &&
+ htsp_user_access_channel(htsp,de->de_channel))
htsp_send_message(htsp, htsp_build_dvrentry(de, "dvrEntryAdd"), NULL);
/* Send EPG updates */
if(htsmsg_get_u32(in, "id", &dvrEntryId))
return htsp_error("Missing argument 'id'");
- if( (de = dvr_entry_find_by_id(dvrEntryId)) == NULL)
+ if((de = dvr_entry_find_by_id(dvrEntryId)) == NULL)
return htsp_error("id not found");
+ if(dvr_entry_verify(de, htsp->htsp_granted_access, 1))
+ return htsp_error("User does not have access");
+
/* Check access */
if (!htsp_user_access_channel(htsp, de->de_channel))
return htsp_error("User does not have access");
if(htsmsg_get_u32(in, "id", &dvrEntryId))
return htsp_error("Missing argument 'id'");
- if( (de = dvr_entry_find_by_id(dvrEntryId)) == NULL)
+ if((de = dvr_entry_find_by_id(dvrEntryId)) == NULL)
return htsp_error("id not found");
+ if(dvr_entry_verify(de, htsp->htsp_granted_access, 0))
+ return htsp_error("User does not have access");
+
/* Check access */
if (!htsp_user_access_channel(htsp, de->de_channel))
return htsp_error("User does not have access");
if(htsmsg_get_u32(in, "id", &dvrEntryId))
return htsp_error("Missing argument 'id'");
- if( (de = dvr_entry_find_by_id(dvrEntryId)) == NULL)
+ if((de = dvr_entry_find_by_id(dvrEntryId)) == NULL)
return htsp_error("id not found");
+ if(dvr_entry_verify(de, htsp->htsp_granted_access, 0))
+ return htsp_error("User does not have access");
+
/* Check access */
if (!htsp_user_access_channel(htsp, de->de_channel))
return htsp_error("User does not have access");
if((dae = dvr_autorec_find_by_uuid(daeId)) == NULL)
return htsp_error("id not found");
+ if(dvr_autorec_entry_verify(dae, htsp->htsp_granted_access))
+ return htsp_error("User does not have access");
+
/* Check access */
if (!htsp_user_access_channel(htsp, dae->dae_channel))
return htsp_error("User does not have access");
if((dte = dvr_timerec_find_by_uuid(dteId)) == NULL)
return htsp_error("id not found");
+ if(dvr_timerec_entry_verify(dte, htsp->htsp_granted_access))
+ return htsp_error("User does not have access");
+
/* Check access */
if (!htsp_user_access_channel(htsp, dte->dte_channel))
return htsp_error("User does not have access");
if (htsmsg_get_u32(in, "id", &dvrEntryId))
return htsp_error("Missing argument 'id'");
- if( (de = dvr_entry_find_by_id(dvrEntryId)) == NULL)
+ if((de = dvr_entry_find_by_id(dvrEntryId)) == NULL)
return htsp_error("id not found");
+ if(dvr_entry_verify(de, htsp->htsp_granted_access, 1))
+ return htsp_error("User does not have access");
+
/* Check access */
if (!htsp_user_access_channel(htsp, de->de_channel))
return htsp_error("User does not have access");
if(de == NULL)
return htsp_error("DVR entry does not exist");
+ if (dvr_entry_verify(de, htsp->htsp_granted_access, 1))
+ return htsp_error("User does not have access");
+
if (!htsp_user_access_channel(htsp, de->de_channel))
return htsp_error("User does not have access");
htsp_connection_t *htsp;
LIST_FOREACH(htsp, &htsp_async_connections, htsp_async_link) {
if (htsp->htsp_async_mode & HTSP_ASYNC_ON &&
+ !dvr_entry_verify(de, htsp->htsp_granted_access, 1) &&
htsp_user_access_channel(htsp, de->de_channel)) {
htsmsg_t *m = msg ? htsmsg_copy(msg)
: htsp_build_dvrentry(de, method);
htsp_connection_t *htsp;
LIST_FOREACH(htsp, &htsp_async_connections, htsp_async_link) {
if (htsp->htsp_async_mode & HTSP_ASYNC_ON) {
- if (dae->dae_channel == NULL || htsp_user_access_channel(htsp, dae->dae_channel)) {
+ if ((dae->dae_channel == NULL || htsp_user_access_channel(htsp, dae->dae_channel)) &&
+ !dvr_autorec_entry_verify(dae, htsp->htsp_granted_access)) {
htsmsg_t *m = msg ? htsmsg_copy(msg)
: htsp_build_autorecentry(dae, method);
htsp_send_message(htsp, m, NULL);
htsp_connection_t *htsp;
LIST_FOREACH(htsp, &htsp_async_connections, htsp_async_link) {
if (htsp->htsp_async_mode & HTSP_ASYNC_ON) {
- if (dte->dte_channel == NULL || htsp_user_access_channel(htsp, dte->dte_channel)) {
+ if ((dte->dte_channel == NULL || htsp_user_access_channel(htsp, dte->dte_channel)) &&
+ !dvr_timerec_entry_verify(dte, htsp->htsp_granted_access)) {
htsmsg_t *m = msg ? htsmsg_copy(msg)
: htsp_build_timerecentry(dte, method);
htsp_send_message(htsp, m, NULL);
var list = 'enabled,username,password,prefix,' +
'webui,admin,' +
'streaming,adv_streaming,htsp_streaming,' +
- 'profile,conn_limit,dvr,htsp_dvr,dvr_config,' +
+ 'profile,conn_limit,dvr,htsp_dvr,all_dvr,dvr_config,' +
'channel_min,channel_max,channel_tag,comment';
tvheadend.idnode_grid(panel, {
htsp_streaming: { width: 200 },
dvr: { width: 150 },
htsp_dvr: { width: 150 },
+ all_dvr: { width: 150 },
webui: { width: 140 },
admin: { width: 100 },
conn_limit: { width: 160 },
if(http_access_verify(hc, ACCESS_RECORDER))
return HTTP_STATUS_UNAUTHORIZED;
+ if(dvr_entry_verify(de, hc->hc_access, 1))
+ return HTTP_STATUS_NOT_FOUND;
+
hostpath = http_get_hostpath(hc);
durration = dvr_entry_get_stop_time(de) - dvr_entry_get_start_time(de);
fsize = dvr_get_filesize(de);
pthread_mutex_unlock(&global_lock);
return HTTP_STATUS_NOT_FOUND;
}
+ if(dvr_entry_verify(de, hc->hc_access, 1)) {
+ pthread_mutex_unlock(&global_lock);
+ return HTTP_STATUS_NOT_FOUND;
+ }
fname = tvh_strdupa(de->de_filename);
content = muxer_container_type2mime(de->de_mc, 1);
projects / thirdparty / tvheadend.git / commitdiff
