}
#endif /* HAVE_AUTHORIZATION_H */
+
+ int name_result = 0; // 0=not matched, 1=matched
+
+
for (name = (char *)cupsArrayFirst(best->names);
- name;
- name = (char *)cupsArrayNext(best->names))
+ name;
+ name = (char *)cupsArrayNext(best->names))
{
- if (!_cups_strcasecmp(name, "@OWNER") && owner &&
- ((pw && !strcmp(pw->pw_name, ownername)) ||
- (!pw && type == CUPSD_AUTH_NONE && !_cups_strcasecmp(username, ownername))))
- return (HTTP_STATUS_OK);
- else if (!_cups_strcasecmp(name, "@SYSTEM"))
- {
- /* Do @SYSTEM later, when every other entry fails */
- continue;
- }
- else if (name[0] == '@')
- {
- if (cupsdCheckGroup(username, pw, name + 1))
- return (HTTP_STATUS_OK);
- }
- else if (pw && !strcmp(pw->pw_name, name))
- return (HTTP_STATUS_OK);
- else if (!pw && type == CUPSD_AUTH_NONE && !_cups_strcasecmp(username, name))
- return (HTTP_STATUS_OK);
+ if (!_cups_strcasecmp(name, "@SYSTEM"))
+ continue; // baad mein check hoga
+
+ if (!_cups_strcasecmp(name, "@OWNER") && owner &&
+ ((pw && !strcmp(pw->pw_name, ownername)) ||
+ (!pw && type == CUPSD_AUTH_NONE && !_cups_strcasecmp(username, ownername))))
+ {
+ name_result = 1;
+ }
+ else if (name[0] == '@')
+ {
+ if (cupsdCheckGroup(username, pw, name + 1))
+ name_result = 1;
+ }
+ else if (pw && !strcmp(pw->pw_name, name))
+ name_result = 1;
+ else if (!pw && type == CUPSD_AUTH_NONE && !_cups_strcasecmp(username, name))
+ name_result = 1;
}
+ // @SYSTEM check
for (name = (char *)cupsArrayFirst(best->names);
- name;
- name = (char *)cupsArrayNext(best->names))
+ name;
+ name = (char *)cupsArrayNext(best->names))
{
- if (!_cups_strcasecmp(name, "@SYSTEM"))
- {
- for (i = 0; i < NumSystemGroups; i ++)
- if (cupsdCheckGroup(username, pw, SystemGroups[i]) && check_admin_access(con))
- return (HTTP_STATUS_OK);
- }
+ if (!_cups_strcasecmp(name, "@SYSTEM"))
+ {
+ for (i = 0; i < NumSystemGroups; i ++)
+ {
+ if (cupsdCheckGroup(username, pw, SystemGroups[i]) && check_admin_access(con))
+ {
+ name_result = 1;
+ break;
+ }
+ }
+ }
+ }
+
+
+ if (best->satisfy == CUPSD_AUTH_SATISFY_ALL)
+ {
+ if (name_result)
+ return (HTTP_STATUS_OK);
+ else
+ return (HTTP_STATUS_FORBIDDEN);
+ }
+ else
+ {
+ if (name_result)
+ return (HTTP_STATUS_OK);
}
}
else
if (!_cups_strcasecmp(value, "valid-user") ||
!_cups_strcasecmp(value, "user"))
- loc->level = CUPSD_AUTH_USER;
+ {
+ // Only set level if not already set to USER
+ if (loc->level == CUPSD_AUTH_ANON)
+ loc->level = CUPSD_AUTH_USER;
+ }
else if (!_cups_strcasecmp(value, "group"))
- loc->level = CUPSD_AUTH_GROUP;
+ {
+ // Only upgrade to GROUP if no USER level set yet
+ if (loc->level == CUPSD_AUTH_ANON)
+ loc->level = CUPSD_AUTH_GROUP;
+ }
else
{
cupsdLogMessage(CUPSD_LOG_WARN, "Unknown Require type %s on line %d of %s.",
projects / thirdparty / cups.git / commitdiff
