Commit f869bb20 authored by Per Cederqvist's avatar Per Cederqvist
Browse files

(do_create_conf): Call mark_conf_as_changed before checking that

	ACTPERS is allowed to create aux-items in the conference he is
	creating.
(is_supervisor): Removed the conf_c argument.
(is_strictly_supervisor): Removed the conf_c argument.  Use
	cached_conf_exists and cached_get_conf_supervisor and
	eliminate one expensive call to GET_C_STAT.
(change_name): Removed the victim_c argument from all calls to access_perm.
(delete_conf): Likewise.
(lookup_name): Likewise.
(lookup_z_name): Likewise.
(do_lookup): Likewise.
(get_conf_stat_old): Likewise.
(get_uconf_stat): Likewise.
(get_conf_stat_older): Likewise.
(set_presentation): Likewise.
(set_etc_motd): Likewise.
(set_conf_type): Likewise.
(set_garb_nice): Likewise.
(set_expire): Likewise.
(set_keep_commented): Likewise.
(modify_conf_info): Likewise.
(set_supervisor): Removed the conf_c argument from all calls to
is_strictly_supervisor and is_supervisor.
(set_permitted_submitters): Likewise.
(set_super_conf): Likewise.
parent da2ef875
/* /*
* $Id: conference.c,v 0.56 1999/07/02 00:14:01 byers Exp $ * $Id: conference.c,v 0.57 1999/07/05 07:02:36 ceder Exp $
* Copyright (C) 1991-1999 Lysator Academic Computer Association. * Copyright (C) 1991-1999 Lysator Academic Computer Association.
* *
* This file is part of the LysKOM server. * This file is part of the LysKOM server.
...@@ -35,7 +35,7 @@ ...@@ -35,7 +35,7 @@
static const char * static const char *
rcsid = "$Id: conference.c,v 0.56 1999/07/02 00:14:01 byers Exp $"; rcsid = "$Id: conference.c,v 0.57 1999/07/05 07:02:36 ceder Exp $";
#include "rcs.h" #include "rcs.h"
USE(rcsid); USE(rcsid);
...@@ -307,6 +307,10 @@ do_create_conf(String name, ...@@ -307,6 +307,10 @@ do_create_conf(String name,
conf_c->highest_aux = 0; conf_c->highest_aux = 0;
conf_c->expire = 0; conf_c->expire = 0;
/* Update small_conf_arr before conf_stat_check_add_aux_item_list
uses it to check that the user is allowed to add the aux-items. */
mark_conference_as_changed (conf_no);
prepare_aux_item_list(aux, creator); prepare_aux_item_list(aux, creator);
if (conf_stat_check_add_aux_item_list(conf_c, if (conf_stat_check_add_aux_item_list(conf_c,
conf_no, conf_no,
...@@ -332,39 +336,39 @@ do_create_conf(String name, ...@@ -332,39 +336,39 @@ do_create_conf(String name,
Bool Bool
is_supervisor(Conf_no conf, is_supervisor(Conf_no conf,
Conference *conf_c,
Pers_no viewer, Pers_no viewer,
Person *viewer_p) Person *viewer_p)
{ {
if (viewer == conf) /* A person is ALWAYS supervisor to */ if (viewer == conf) /* A person is ALWAYS supervisor to */
return TRUE; /* his/her own mailbox! */ return TRUE; /* his/her own mailbox! */
return is_strictly_supervisor(conf, conf_c, viewer, viewer_p); return is_strictly_supervisor(conf, viewer, viewer_p);
} }
Bool Bool
is_strictly_supervisor(Conf_no conf, is_strictly_supervisor(Conf_no conf,
Conference * conf_c, /* May be NULL */
Pers_no viewer, Pers_no viewer,
Person * viewer_p) /* May be NULL */ Person * viewer_p) /* May be NULL */
{ {
Conf_no supervisor;
if (viewer == 0) /* Not yet logged in. */ if (viewer == 0) /* Not yet logged in. */
return FALSE; return FALSE;
if ( conf_c == NULL ) /* Get conference if unknown to the caller */ if (!cached_conf_exists(conf))
GET_C_STAT( conf_c, conf, FALSE ); return FALSE;
if ( !conf_c->supervisor ) if ((supervisor = cached_get_conf_supervisor(conf)) == 0)
return FALSE; return FALSE;
if (viewer == conf_c->supervisor) if (viewer == supervisor)
return TRUE; return TRUE;
if ( viewer_p == NULL ) if (viewer_p == NULL)
GET_P_STAT(viewer_p, viewer, FALSE); GET_P_STAT(viewer_p, viewer, FALSE);
if ( locate_membership(conf_c->supervisor, viewer_p) != NULL) if (locate_membership(supervisor, viewer_p) != NULL)
return TRUE; return TRUE;
return FALSE; return FALSE;
...@@ -390,7 +394,7 @@ change_name (Conf_no conf_no, ...@@ -390,7 +394,7 @@ change_name (Conf_no conf_no,
CHK_LOGIN(FAILURE); CHK_LOGIN(FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
acc = access_perm(conf_no, conf_c, active_connection, unlimited); acc = access_perm(conf_no, active_connection, unlimited);
if ( acc <= none ) if ( acc <= none )
{ {
...@@ -562,7 +566,7 @@ delete_conf (Conf_no conf_no ) ...@@ -562,7 +566,7 @@ delete_conf (Conf_no conf_no )
CHK_LOGIN(FAILURE); CHK_LOGIN(FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
acc = access_perm(conf_no, conf_c, active_connection, unlimited); acc = access_perm(conf_no, active_connection, unlimited);
if ( acc != unlimited ) if ( acc != unlimited )
{ {
...@@ -610,7 +614,7 @@ lookup_name (const String name, ...@@ -610,7 +614,7 @@ lookup_name (const String name,
for ( i = result->no_of_conf_nos; i > 0; i-- ) for ( i = result->no_of_conf_nos; i > 0; i-- )
{ {
if (access_perm(*no, NULL, active_connection, read_protected) <= none) if (access_perm(*no, active_connection, read_protected) <= none)
--result->no_of_conf_nos; --result->no_of_conf_nos;
else else
{ {
...@@ -650,8 +654,7 @@ lookup_z_name (const String name, ...@@ -650,8 +654,7 @@ lookup_z_name (const String name,
restart_kom("Internal error detected in lookup_z_name"); restart_kom("Internal error detected in lookup_z_name");
if ((type->letter_box ? want_persons : want_confs) == 0 if ((type->letter_box ? want_persons : want_confs) == 0
|| access_perm(*no, NULL, active_connection, || access_perm(*no, active_connection, read_protected) <= none)
read_protected) <= none)
{ {
*no = 0; *no = 0;
n_filtered--; n_filtered--;
...@@ -725,8 +728,7 @@ do_lookup (Connection *conn, ...@@ -725,8 +728,7 @@ do_lookup (Connection *conn,
for (i = 0; i < raw_match.no_of_conf_nos; i++) for (i = 0; i < raw_match.no_of_conf_nos; i++)
{ {
if (raw_match.type_of_conf[i].letter_box == want_persons if (raw_match.type_of_conf[i].letter_box == want_persons
&& access_perm(raw_match.conf_nos[i], NULL, conn, && access_perm(raw_match.conf_nos[i], conn, read_protected) > none)
read_protected) > none)
{ {
result->conf_nos[result->no_of_confs++] = raw_match.conf_nos[i]; result->conf_nos[result->no_of_confs++] = raw_match.conf_nos[i];
if (result->no_of_confs > retsize) if (result->no_of_confs > retsize)
...@@ -788,7 +790,7 @@ get_conf_stat_old (Conf_no conf_no, ...@@ -788,7 +790,7 @@ get_conf_stat_old (Conf_no conf_no,
CHK_CONNECTION(FAILURE); CHK_CONNECTION(FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
acc = access_perm(conf_no, conf_c, active_connection, read_protected); acc = access_perm(conf_no, active_connection, read_protected);
if ( acc == error ) if ( acc == error )
return FAILURE; return FAILURE;
...@@ -819,7 +821,7 @@ get_uconf_stat (Conf_no conf_no, ...@@ -819,7 +821,7 @@ get_uconf_stat (Conf_no conf_no,
CHK_CONNECTION(FAILURE); CHK_CONNECTION(FAILURE);
conf_c = cached_get_small_conf_stat(conf_no); conf_c = cached_get_small_conf_stat(conf_no);
if (conf_c != NULL) if (conf_c != NULL)
acc = access_perm(conf_no, NULL, active_connection, read_protected); acc = access_perm(conf_no, active_connection, read_protected);
else else
acc = error; acc = error;
...@@ -848,7 +850,7 @@ get_conf_stat_older (Conf_no conf_no, ...@@ -848,7 +850,7 @@ get_conf_stat_older (Conf_no conf_no,
CHK_CONNECTION(FAILURE); CHK_CONNECTION(FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
acc = access_perm(conf_no, conf_c, active_connection, read_protected); acc = access_perm(conf_no, active_connection, read_protected);
if ( acc == error ) if ( acc == error )
return FAILURE; return FAILURE;
...@@ -901,7 +903,7 @@ set_presentation (Conf_no conf_no, ...@@ -901,7 +903,7 @@ set_presentation (Conf_no conf_no,
CHK_LOGIN(FAILURE); CHK_LOGIN(FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
acc = access_perm(conf_no, conf_c, active_connection, unlimited); acc = access_perm(conf_no, active_connection, unlimited);
if ( acc < unlimited ) if ( acc < unlimited )
{ {
...@@ -933,8 +935,7 @@ set_etc_motd( Conf_no conf_no, ...@@ -933,8 +935,7 @@ set_etc_motd( Conf_no conf_no,
CHK_LOGIN(FAILURE); CHK_LOGIN(FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
if ((acc = access_perm(conf_no, conf_c, active_connection, unlimited)) if ((acc = access_perm(conf_no, active_connection, unlimited)) < unlimited)
< unlimited)
{ {
err_stat = conf_no; err_stat = conf_no;
kom_errno = (acc <= none ) ? KOM_UNDEF_CONF : KOM_PERM; kom_errno = (acc <= none ) ? KOM_UNDEF_CONF : KOM_PERM;
...@@ -968,7 +969,7 @@ set_supervisor( Conf_no conf_no, ...@@ -968,7 +969,7 @@ set_supervisor( Conf_no conf_no,
if (new_super != 0) if (new_super != 0)
CHK_EXIST(new_super, FAILURE); CHK_EXIST(new_super, FAILURE);
if ( !is_strictly_supervisor(conf_no, conf_c, ACTPERS, ACT_P) && if ( !is_strictly_supervisor(conf_no, ACTPERS, ACT_P) &&
!ENA(wheel, 8) && /* OK -- in an RPC call */ !ENA(wheel, 8) && /* OK -- in an RPC call */
!ENA(admin, 6) ) /* OK -- in an RPC call */ !ENA(admin, 6) ) /* OK -- in an RPC call */
{ {
...@@ -1013,7 +1014,7 @@ set_permitted_submitters (Conf_no conf_no, ...@@ -1013,7 +1014,7 @@ set_permitted_submitters (Conf_no conf_no,
CHK_EXIST(new_perm_sub, FAILURE); CHK_EXIST(new_perm_sub, FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
if ( !is_supervisor(conf_no, conf_c, ACTPERS, ACT_P) && if ( !is_supervisor(conf_no, ACTPERS, ACT_P) &&
!ENA(wheel, 8) && /* OK -- In an RPC call */ !ENA(wheel, 8) && /* OK -- In an RPC call */
!ENA(admin, 6) ) /* OK -- In an RPC call */ !ENA(admin, 6) ) /* OK -- In an RPC call */
{ {
...@@ -1046,7 +1047,7 @@ set_super_conf (Conf_no conf_no, ...@@ -1046,7 +1047,7 @@ set_super_conf (Conf_no conf_no,
if (new_super_conf != 0) if (new_super_conf != 0)
CHK_EXIST(new_super_conf, FAILURE); CHK_EXIST(new_super_conf, FAILURE);
if ( !is_supervisor(conf_no, conf_c, ACTPERS, ACT_P) && if ( !is_supervisor(conf_no, ACTPERS, ACT_P) &&
!ENA(wheel, 8) && /* OK -- In an RPC call */ !ENA(wheel, 8) && /* OK -- In an RPC call */
!ENA(admin, 5) ) /* OK -- In an RPC call */ !ENA(admin, 5) ) /* OK -- In an RPC call */
{ {
...@@ -1093,7 +1094,7 @@ set_conf_type (Conf_no conf_no, ...@@ -1093,7 +1094,7 @@ set_conf_type (Conf_no conf_no,
return FAILURE; return FAILURE;
} }
acc = access_perm(conf_no, conf_c, active_connection, unlimited); acc = access_perm(conf_no, active_connection, unlimited);
/* /*
* Can't change type without privs * Can't change type without privs
...@@ -1161,7 +1162,7 @@ set_garb_nice( Conf_no conf_no, ...@@ -1161,7 +1162,7 @@ set_garb_nice( Conf_no conf_no,
CHK_LOGIN(FAILURE); CHK_LOGIN(FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
acc = access_perm(conf_no, conf_c, active_connection, unlimited); acc = access_perm(conf_no, active_connection, unlimited);
if ( acc < unlimited ) if ( acc < unlimited )
{ {
...@@ -1192,7 +1193,7 @@ set_expire( Conf_no conf_no, ...@@ -1192,7 +1193,7 @@ set_expire( Conf_no conf_no,
CHK_LOGIN(FAILURE); CHK_LOGIN(FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
acc = access_perm(conf_no, conf_c, active_connection, unlimited); acc = access_perm(conf_no, active_connection, unlimited);
if ( acc < unlimited ) if ( acc < unlimited )
{ {
...@@ -1223,7 +1224,7 @@ set_keep_commented(Conf_no conf_no, ...@@ -1223,7 +1224,7 @@ set_keep_commented(Conf_no conf_no,
CHK_LOGIN(FAILURE); CHK_LOGIN(FAILURE);
GET_C_STAT(conf_c, conf_no, FAILURE); GET_C_STAT(conf_c, conf_no, FAILURE);
acc = access_perm(conf_no, conf_c, active_connection, unlimited); acc = access_perm(conf_no, active_connection, unlimited);
if ( acc < unlimited ) if ( acc < unlimited )
{ {
...@@ -1384,7 +1385,7 @@ modify_conf_info(Conf_no conf_no, ...@@ -1384,7 +1385,7 @@ modify_conf_info(Conf_no conf_no,
} }
GET_C_STAT(conf, conf_no, FAILURE); GET_C_STAT(conf, conf_no, FAILURE);
if (access_perm(conf_no, conf, active_connection, read_protected) <= none) if (access_perm(conf_no, active_connection, read_protected) <= none)
{ {
err_stat = conf_no; err_stat = conf_no;
kom_errno = KOM_UNDEF_CONF; kom_errno = KOM_UNDEF_CONF;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment