irods  4.2.8
About: iRODS (the integrated Rule Oriented Data System) is a distributed data-management system for creating data grids, digital libraries, persistent archives, and real-time data systems.
  Fossies Dox: irods-4.2.8.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

icatGeneralMS.cpp
Go to the documentation of this file.
1 
6 #include "rcMisc.h"
8 #include "objMetaOpr.hpp"
9 #include "miscServerFunct.hpp"
10 #include "modAccessControl.h"
12 #include "rsModAccessControl.hpp"
13 #include "irods_re_structs.hpp"
14 
47 int
48 msiGetIcatTime( msParam_t* timeOutParam, msParam_t* typeInParam, ruleExecInfo_t* ) {
49  char *type;
50  char tStr0[TIME_LEN], tStr[TIME_LEN];
51 
52  type = ( char* )typeInParam->inOutStruct;
53 
54  if ( !strcmp( type, "icat" ) || !strcmp( type, "unix" ) ) {
55  getNowStr( tStr );
56  }
57  else { /* !strcmp(type,"human") */
58  getNowStr( tStr0 );
59  getLocalTimeFromRodsTime( tStr0, tStr );
60  }
61  fillStrInMsParam( timeOutParam, tStr );
62  return 0;
63 }
64 
96 int
98  std::string svc_role;
99  irods::error ret = get_catalog_service_role(svc_role);
100  if(!ret.ok()) {
101  irods::log(PASS(ret));
102  return ret.code();
103  }
104 
105  if (irods::CFG_SERVICE_ROLE_PROVIDER != svc_role) {
106  return SYS_NO_RCAT_SERVER_ERR;
107  }
108  rodsLog( LOG_NOTICE, "msiQuota/chlCalcUsageAndQuota called\n" );
109  return chlCalcUsageAndQuota( rei->rsComm );
110 }
111 
143 int msiSetResource( msParam_t* xrescName, ruleExecInfo_t *rei ) {
144  char *rescName;
145 
146  rescName = ( char * ) xrescName->inOutStruct;
147 
148  snprintf( rei->doi->rescName, sizeof( rei->doi->rescName ), "%s", rescName );
149  return 0;
150 }
151 
152 
182  if ( !strcmp( rei->doi->dataOwnerName, rei->uoic->userName ) &&
183  !strcmp( rei->doi->dataOwnerZone, rei->uoic->rodsZone ) ) {
184  return 0;
185  }
186  else {
187  return ACTION_FAILED_ERR;
188  }
189 
190 }
191 
222  char *perm;
223 
224  perm = ( char * ) xperm->inOutStruct;
225  if ( strstr( rei->doi->dataAccess, perm ) != NULL ) {
226  return 0;
227  }
228  else {
229  return ACTION_FAILED_ERR;
230  }
231 
232 }
233 
234 
266 int msiCheckAccess( msParam_t *inObjName, msParam_t * inOperation,
267  msParam_t * outResult, ruleExecInfo_t *rei ) {
268  char *objName, *oper;
269  char objType[MAX_NAME_LEN];
270  int i = 0;
271  char *user;
272  char *zone;
273 
274  RE_TEST_MACRO( " Calling msiCheckAccess" );
275 
276  if ( inObjName == NULL || inObjName->inOutStruct == NULL ||
277  inObjName->type == NULL || strcmp( inObjName->type, STR_MS_T ) != 0 ) {
278  return USER_PARAM_TYPE_ERR;
279  }
280 
281  if ( inOperation == NULL || inOperation->inOutStruct == NULL ||
282  inOperation->type == NULL || strcmp( inOperation->type, STR_MS_T ) != 0 ) {
283  return USER_PARAM_TYPE_ERR;
284  }
285 
286  if ( rei == NULL || rei->rsComm == NULL ) {
288  }
289 
290  if ( strlen( rei->rsComm->clientUser.userName ) == 0 ||
291  strlen( rei->rsComm->clientUser.rodsZone ) == 0 ) {
293  }
294 
295  oper = ( char * ) inOperation->inOutStruct;
296  objName = ( char * ) inObjName->inOutStruct;
297  user = rei->rsComm->clientUser.userName;
298  zone = rei->rsComm->clientUser.rodsZone;
299 
300  i = getObjType( rei->rsComm, objName, objType );
301  if ( i < 0 ) {
302  return i;
303  }
304 
305  i = checkPermissionByObjType( rei->rsComm, objName, objType, user, zone, oper );
306 
307  if ( i < 0 ) {
308  return i;
309  }
310  fillIntInMsParam( outResult, i );
311 
312  return 0;
313 
314 }
315 
316 
351 int
353  int status;
354  std::string svc_role;
355  irods::error ret = get_catalog_service_role(svc_role);
356  if(!ret.ok()) {
357  irods::log(PASS(ret));
358  return ret.code();
359  }
360 
361  if( irods::CFG_SERVICE_ROLE_PROVIDER == svc_role ) {
362  status = chlCommit( rei->rsComm );
363  } else if( irods::CFG_SERVICE_ROLE_CONSUMER == svc_role ) {
365  } else {
366  rodsLog(
367  LOG_ERROR,
368  "role not supported [%s]",
369  svc_role.c_str() );
371  }
372  return status;
373 }
374 
407 int
409  int status;
410  std::string svc_role;
411  irods::error ret = get_catalog_service_role(svc_role);
412  if(!ret.ok()) {
413  irods::log(PASS(ret));
414  return ret.code();
415  }
416 
417  if( irods::CFG_SERVICE_ROLE_PROVIDER == svc_role ) {
418  status = chlRollback( rei->rsComm );
419  } else if( irods::CFG_SERVICE_ROLE_CONSUMER == svc_role ) {
421  } else {
422  rodsLog(
423  LOG_ERROR,
424  "role not supported [%s]",
425  svc_role.c_str() );
427  }
428  return status;
429 }
430 
476 int msiSetACL( msParam_t *recursiveFlag, msParam_t *accessLevel, msParam_t *userName,
477  msParam_t *pathName, ruleExecInfo_t *rei ) {
478  char *acl, *path, *recursiveFlg, *user, uname[NAME_LEN], *zone;
479  int recFlg, rc;
480  modAccessControlInp_t modAccessControlInp;
481  rsComm_t *rsComm = 0; // JMC cppcheck - uninit var
482 
483  RE_TEST_MACRO( " Calling msiSetACL" )
484  /* the above line is needed for loop back testing using irule -i option */
485 
486  if ( recursiveFlag == NULL || accessLevel == NULL || userName == NULL ||
487  pathName == NULL ) {
488  rodsLogAndErrorMsg( LOG_ERROR, &rsComm->rError, rei->status,
489  "msiSetACL: one of the input parameter is NULL" );
491  }
492 
493  recFlg = 0; /* non recursive mode */
494  if ( strcmp( recursiveFlag->type, STR_MS_T ) == 0 ) {
495  recursiveFlg = ( char * ) recursiveFlag->inOutStruct;
496  if ( strcmp( recursiveFlg, "recursive" ) == 0 ) {
497  /* recursive mode */
498  recFlg = 1;
499  }
500  }
501  else {
502  rodsLogAndErrorMsg( LOG_ERROR, &rsComm->rError, rei->status,
503  "msiSetACL: Unsupported input recursiveFlag type %i",
504  recursiveFlag->type );
505  return USER_PARAM_TYPE_ERR;
506  }
507 
508  if ( strcmp( accessLevel->type, STR_MS_T ) == 0 ) {
509  acl = ( char * ) accessLevel->inOutStruct;
510  }
511  else {
512  rodsLogAndErrorMsg( LOG_ERROR, &rsComm->rError, rei->status,
513  "msiSetACL: Unsupported input accessLevel type %s",
514  accessLevel->type );
515  return USER_PARAM_TYPE_ERR;
516  }
517 
518  if ( strcmp( userName->type, STR_MS_T ) == 0 ) {
519  user = ( char * ) userName->inOutStruct;
520  }
521  else {
522  rodsLogAndErrorMsg( LOG_ERROR, &rsComm->rError, rei->status,
523  "msiSetACL: Unsupported input userName type %s",
524  userName->type );
525  return USER_PARAM_TYPE_ERR;
526  }
527 
528  if ( strcmp( pathName->type, STR_MS_T ) == 0 ) {
529  path = ( char * ) pathName->inOutStruct;
530  }
531  else {
532  rodsLogAndErrorMsg( LOG_ERROR, &rsComm->rError, rei->status,
533  "msiSetACL: Unsupported input pathName type %s",
534  pathName->type );
535  return USER_PARAM_TYPE_ERR;
536  }
537 
538  rsComm = rei->rsComm;
539  modAccessControlInp.recursiveFlag = recFlg;
540  modAccessControlInp.accessLevel = acl;
541  if ( strchr( user, '#' ) == NULL ) {
542  modAccessControlInp.userName = user;
543  modAccessControlInp.zone = rei->uoic->rodsZone;
544  }
545  else {
546  zone = strchr( user, '#' ) + 1;
547  memset( uname, '\0', NAME_LEN );
548  strncpy( uname, user, strlen( user ) - strlen( zone ) - 1 );
549  modAccessControlInp.userName = uname;
550  modAccessControlInp.zone = zone;
551  }
552  modAccessControlInp.path = path;
553  rc = rsModAccessControl( rsComm, &modAccessControlInp );
554  if ( rc < 0 ) {
555  rodsLog( LOG_NOTICE, "msiSetACL: ACL modifications has failed for user %s on object %s, error = %i\n", user, path, rc );
556  }
557 
558  return rc;
559 }
560 
591 int
593  int status;
594  std::string svc_role;
595  irods::error ret = get_catalog_service_role(svc_role);
596  if(!ret.ok()) {
597  irods::log(PASS(ret));
598  return ret.code();
599  }
600 
601  if( irods::CFG_SERVICE_ROLE_PROVIDER == svc_role ) {
602  rodsLog( LOG_NOTICE, "msiDeleteUnusedAVUs/chlDelUnusedAVUs called\n" );
603  status = chlDelUnusedAVUs( rei->rsComm );
604  } else if( irods::CFG_SERVICE_ROLE_CONSUMER == svc_role ) {
606  } else {
607  rodsLog(
608  LOG_ERROR,
609  "role not supported [%s]",
610  svc_role.c_str() );
612  }
613 
614  return status;
615 }
rodsLog
void rodsLog(int level, const char *formatStr,...)
Definition: rodsLog.cpp:86
NULL
#define NULL
Definition: rodsDef.h:70
rsComm_t
Definition: rcConnect.h:145
irods::CFG_SERVICE_ROLE_CONSUMER
const std::string CFG_SERVICE_ROLE_CONSUMER("consumer")
irods_configuration_keywords.hpp
SYS_INTERNAL_NULL_INPUT_ERR
@ SYS_INTERNAL_NULL_INPUT_ERR
Definition: rodsErrorTable.h:92
SYS_SERVICE_ROLE_NOT_SUPPORTED
@ SYS_SERVICE_ROLE_NOT_SUPPORTED
Definition: rodsErrorTable.h:217
checkPermissionByObjType
int checkPermissionByObjType(rsComm_t *rsComm, char *objName, char *objType, char *user, char *zone, char *oper)
Definition: objMetaOpr.cpp:602
userInfo_t::userName
char userName[64]
Definition: rodsUser.h:66
modAccessControlInp_t::userName
char * userName
Definition: modAccessControl.h:12
RuleExecInfo::status
int status
Definition: irods_re_structs.hpp:19
PASS
#define PASS(prev_error_)
Definition: irods_error.hpp:118
DataObjInfo::dataOwnerZone
char dataOwnerZone[64]
Definition: objInfo.h:139
modAccessControl.h
rcMisc.h
modAccessControlInp_t::accessLevel
char * accessLevel
Definition: modAccessControl.h:11
RuleExecInfo::doi
dataObjInfo_t * doi
Definition: irods_re_structs.hpp:28
getNowStr
void getNowStr(char *timeStr)
Definition: rcMisc.cpp:1590
chlCommit
int chlCommit(rsComm_t *rsComm)
Definition: icatHighLevelRoutines.cpp:1090
LOG_ERROR
#define LOG_ERROR
Definition: rodsLog.h:43
msiRollback
int msiRollback(ruleExecInfo_t *rei)
Definition: icatGeneralMS.cpp:408
modAccessControlInp_t
Definition: modAccessControl.h:9
msiCheckOwner
int msiCheckOwner(ruleExecInfo_t *rei)
Definition: icatGeneralMS.cpp:181
msiGetIcatTime
int msiGetIcatTime(msParam_t *timeOutParam, msParam_t *typeInParam, ruleExecInfo_t *)
Definition: icatGeneralMS.cpp:48
MsParam::type
char * type
Definition: msParam.h:78
STR_MS_T
#define STR_MS_T
Definition: msParam.h:21
RuleExecInfo::rsComm
rsComm_t * rsComm
Definition: irods_re_structs.hpp:22
chlDelUnusedAVUs
int chlDelUnusedAVUs(rsComm_t *rsComm)
Definition: icatHighLevelRoutines.cpp:3583
rsComm_t::rError
rError_t rError
Definition: rcConnect.h:158
irods::error::code
long long code() const
Definition: irods_error.cpp:194
msiCommit
int msiCommit(ruleExecInfo_t *rei)
Definition: icatGeneralMS.cpp:352
rodsLogAndErrorMsg
void rodsLogAndErrorMsg(int level, rError_t *myError, int status, const char *formatStr,...)
Definition: rodsLog.cpp:231
getLocalTimeFromRodsTime
int getLocalTimeFromRodsTime(const char *timeStrIn, char *timeStrOut)
Definition: rcMisc.cpp:1602
msiSetResource
int msiSetResource(msParam_t *xrescName, ruleExecInfo_t *rei)
Definition: icatGeneralMS.cpp:143
DataObjInfo::dataOwnerName
char dataOwnerName[64]
Definition: objInfo.h:138
modAccessControlInp_t::path
char * path
Definition: modAccessControl.h:14
TIME_LEN
#define TIME_LEN
Definition: rodsDef.h:54
msiQuota
int msiQuota(ruleExecInfo_t *rei)
Definition: icatGeneralMS.cpp:97
irods::CFG_SERVICE_ROLE_PROVIDER
const std::string CFG_SERVICE_ROLE_PROVIDER("provider")
MAX_NAME_LEN
#define MAX_NAME_LEN
Definition: rodsDef.h:61
chlCalcUsageAndQuota
int chlCalcUsageAndQuota(rsComm_t *rsComm)
Definition: icatHighLevelRoutines.cpp:3423
chlRollback
int chlRollback(rsComm_t *rsComm)
Definition: icatHighLevelRoutines.cpp:1039
SYS_NO_RCAT_SERVER_ERR
@ SYS_NO_RCAT_SERVER_ERR
Definition: rodsErrorTable.h:110
irods.pypyodbc.status
status
Definition: pypyodbc.py:467
getObjType
int getObjType(rsComm_t *rsComm, char *objName, char *objType)
Definition: objMetaOpr.cpp:285
userInfo_t::rodsZone
char rodsZone[64]
Definition: rodsUser.h:67
MsParam
Definition: msParam.h:76
msiDeleteUnusedAVUs
int msiDeleteUnusedAVUs(ruleExecInfo_t *rei)
Definition: icatGeneralMS.cpp:592
irods::log
void log(const error &)
Definition: irods_log.cpp:13
LOG_NOTICE
#define LOG_NOTICE
Definition: rodsLog.h:33
rsComm_t::clientUser
userInfo_t clientUser
Definition: rcConnect.h:153
irods::error
Definition: irods_error.hpp:23
miscServerFunct.hpp
USER_PARAM_TYPE_ERR
@ USER_PARAM_TYPE_ERR
Definition: rodsErrorTable.h:254
RuleExecInfo::uoic
userInfo_t * uoic
Definition: irods_re_structs.hpp:30
DataObjInfo::dataAccess
char dataAccess[64]
Definition: objInfo.h:152
get_catalog_service_role
irods::error get_catalog_service_role(std::string &_role)
Definition: miscServerFunct.cpp:3153
fillStrInMsParam
void fillStrInMsParam(msParam_t *msParam, const char *myStr)
Definition: msParam.cpp:278
DataObjInfo::rescName
char rescName[64]
Definition: objInfo.h:131
RuleExecInfo
Definition: irods_re_structs.hpp:18
irods_re_structs.hpp
ACTION_FAILED_ERR
@ ACTION_FAILED_ERR
Definition: rodsErrorTable.h:664
modAccessControlInp_t::recursiveFlag
int recursiveFlag
Definition: modAccessControl.h:10
RE_TEST_MACRO
#define RE_TEST_MACRO(msg)
Definition: reDefines.h:58
msiSetACL
int msiSetACL(msParam_t *recursiveFlag, msParam_t *accessLevel, msParam_t *userName, msParam_t *pathName, ruleExecInfo_t *rei)
Definition: icatGeneralMS.cpp:476
modAccessControlInp_t::zone
char * zone
Definition: modAccessControl.h:13
icatHighLevelRoutines.hpp
fillIntInMsParam
void fillIntInMsParam(msParam_t *msParam, const int myInt)
Definition: msParam.cpp:242
MsParam::inOutStruct
void * inOutStruct
Definition: msParam.h:80
NAME_LEN
#define NAME_LEN
Definition: rodsDef.h:55
irods::error::ok
bool ok()
Definition: irods_error.cpp:258
rsModAccessControl.hpp
type
int type
Definition: filesystem.cpp:103
rsModAccessControl
int rsModAccessControl(rsComm_t *rsComm, modAccessControlInp_t *modAccessControlInp)
Definition: rsModAccessControl.cpp:14
objMetaOpr.hpp
msiCheckAccess
int msiCheckAccess(msParam_t *inObjName, msParam_t *inOperation, msParam_t *outResult, ruleExecInfo_t *rei)
Definition: icatGeneralMS.cpp:266
msiCheckPermission
int msiCheckPermission(msParam_t *xperm, ruleExecInfo_t *rei)
Definition: icatGeneralMS.cpp:221