Use the new convenience functioan instead of a constant series of steps.

diff --git a/org.glite.lb.server/src/lb_authz.c b/org.glite.lb.server/src/lb_authz.c
index cfe02f9..d9fe2aa 100644 (file)
--- a/org.glite.lb.server/src/lb_authz.c
+++ b/org.glite.lb.server/src/lb_authz.c
@@ -923,7 +923,6 @@ check_store_authz(edg_wll_Context ctx, edg_wll_Event *ev)
    const char *request = NULL;
    int ret;
    authz_action action;
-   struct _edg_wll_GssPrincipal_data princ;
 
    switch (ev->any.type) {
        case EDG_WLL_EVENT_REGJOB:
@@ -971,9 +970,7 @@ check_store_authz(edg_wll_Context ctx, edg_wll_Event *ev)
    if (policy_file == NULL)
         return 0;
 
-   princ.name = ctx->peerName;
-   princ.fqans = ctx->fqans;
-   ret = check_authz_policy(&ctx->authz_policy, &princ, action);
+   ret = check_authz_policy_ctx(ctx, action);
    if (ret == 1)
       return 0;
 

diff --git a/org.glite.lb.server/src/lb_html.c b/org.glite.lb.server/src/lb_html.c
index 7a32fb0..1711f59 100644 (file)
--- a/org.glite.lb.server/src/lb_html.c
+++ b/org.glite.lb.server/src/lb_html.c
@@ -537,11 +537,7 @@ int edg_wll_WSDLOutput(edg_wll_Context ctx UNUSED_VAR, char **message, char *fil
 int edg_wll_StatisticsToHTML(edg_wll_Context ctx, char **message) {
         char *out;
 
-        struct _edg_wll_GssPrincipal_data princ;
-        memset(&princ, 0, sizeof princ);
-        princ.name = ctx->peerName;
-        princ.fqans = ctx->fqans;
-        if (ctx->count_server_stats == 2 && !ctx->noAuth && !check_authz_policy(&ctx->authz_policy, &princ, ADMIN_ACCESS))  
+        if (ctx->count_server_stats == 2 && !ctx->noAuth && !check_authz_policy_ctx(ctx, ADMIN_ACCESS))  
         {
                 asprintf(&out,"<h2>LB Server Usage Statistics</h2>\n"
                         "Only superusers can view server usage statistics on this particular server.\n");

diff --git a/org.glite.lb.server/src/notification.c b/org.glite.lb.server/src/notification.c
index 7229817..5adf21b 100644 (file)
--- a/org.glite.lb.server/src/notification.c
+++ b/org.glite.lb.server/src/notification.c
@@ -86,8 +86,6 @@ int edg_wll_NotifNewServer(
        notif_stream_t  *arg = NULL;
        int npref, okpref;
        char   *msgpref;
-        struct _edg_wll_GssPrincipal_data princ;
-        memset(&princ, 0, sizeof princ);
 
 
        /*      Format notification ID
@@ -136,15 +134,13 @@ int edg_wll_NotifNewServer(
 
        /*      Check permissions
         */
-        princ.name = ctx->peerName;
-        princ.fqans = ctx->fqans;
-       if (!ctx->noAuth && check_authz_policy(&ctx->authz_policy, &princ, READ_ANONYMIZED))
+       if (!ctx->noAuth && check_authz_policy_ctx(ctx, READ_ANONYMIZED))
                for (i=0; conditions && conditions[i]; i++)
                        for (j=0; conditions[i][j].attr; j++)
                                if (conditions[i][j].attr == EDG_WLL_QUERY_ATTR_OWNER && 
                                        !edg_wll_gss_equal_subj(conditions[i][j].value.c, ctx->peerName) &&
-                                       !check_authz_policy(&ctx->authz_policy, &princ, ADMIN_ACCESS) &&
-                                       !check_authz_policy(&ctx->authz_policy, &princ, READ_ALL)) {
+                                       !check_authz_policy_ctx(ctx, ADMIN_ACCESS) &&
+                                       !check_authz_policy_ctx(ctx, READ_ALL)) {
                                                edg_wll_SetError(ctx, EPERM, "Forbidden subject. You are only authorized to register for anonymized notifications.");
                                                goto cleanup;
                                        }

diff --git a/org.glite.lb.server/src/srv_purge.c b/org.glite.lb.server/src/srv_purge.c
index 2ccc968..9df77ec 100644 (file)
--- a/org.glite.lb.server/src/srv_purge.c
+++ b/org.glite.lb.server/src/srv_purge.c
@@ -248,18 +248,13 @@ int edg_wll_PurgeServer(edg_wll_Context ctx,const edg_wll_PurgeRequest *request,
        struct timeval  tp;
        edg_wll_JobStat stat;
        purge_ctx_t prg;
-       struct _edg_wll_GssPrincipal_data princ;
 
        memset(&prg, 0, sizeof prg);
        prg.naffected_jobs = 0;
        prg.parse = 0;
        prg.dumpfile = -1;
 
-       memset(&princ, 0, sizeof princ);
-       princ.name = ctx->peerName;
-        princ.fqans = ctx->fqans;
-
-       if (!ctx->noAuth && !check_authz_policy(&ctx->authz_policy, &princ, PURGE)) {
+       if (!ctx->noAuth && !check_authz_policy_ctx(ctx, PURGE)) {
                edg_wll_SetError(ctx,EPERM,"only superusers may purge");
                goto abort;
        }

diff --git a/org.glite.lb.server/src/stats.c b/org.glite.lb.server/src/stats.c
index 2219232..58a43a2 100644 (file)
--- a/org.glite.lb.server/src/stats.c
+++ b/org.glite.lb.server/src/stats.c
@@ -547,15 +547,11 @@ static int findStat(
 )
 {
        edg_wll_JobStatCode later_state;
-       struct _edg_wll_GssPrincipal_data princ;
 
        edg_wll_ResetError(ctx);
-       memset(&princ, 0, sizeof princ);
-       princ.name = ctx->peerName;
-       princ.fqans = ctx->fqans;
        switch (ctx->count_statistics) {
                 case 0: return edg_wll_SetError(ctx,ENOSYS,NULL);
-                case 1: if (!ctx->noAuth && !check_authz_policy(&ctx->authz_policy, &princ, GET_STATISTICS))
+                case 1: if (!ctx->noAuth && !check_authz_policy_ctx(ctx, GET_STATISTICS))
                                return edg_wll_SetError(ctx, EPERM, NULL);
                 case 2: break;
                 default: abort();