Missing support for GET_STATISTICS auth section. Add access to statistics for WMS...

diff --git a/org.glite.lb.server/src/stats.c b/org.glite.lb.server/src/stats.c
index f9f5678..2219232 100644 (file)
--- a/org.glite.lb.server/src/stats.c
+++ b/org.glite.lb.server/src/stats.c
@@ -37,6 +37,7 @@ limitations under the License.
 #include "glite/jobid/strmd5.h"
 
 #include "stats.h"
+#include "authz_policy.h"
 
 #define GROUPS_HASHTABLE_SIZE 1000
 
@@ -546,11 +547,16 @@ static int findStat(
 )
 {
        edg_wll_JobStatCode later_state;
+       struct _edg_wll_GssPrincipal_data princ;
 
+       edg_wll_ResetError(ctx);
+       memset(&princ, 0, sizeof princ);
+       princ.name = ctx->peerName;
+       princ.fqans = ctx->fqans;
        switch (ctx->count_statistics) {
                 case 0: return edg_wll_SetError(ctx,ENOSYS,NULL);
-                case 1: if (!ctx->noAuth) return edg_wll_SetError(ctx,EPERM,NULL);
-                        break;
+                case 1: if (!ctx->noAuth && !check_authz_policy(&ctx->authz_policy, &princ, GET_STATISTICS))
+                               return edg_wll_SetError(ctx, EPERM, NULL);
                 case 2: break;
                 default: abort();
         }

diff --git a/org.glite.lb.yaim/config/functions/config_glite_lb.in b/org.glite.lb.yaim/config/functions/config_glite_lb.in
index 2b5c8da..8a02c45 100644 (file)
--- a/org.glite.lb.yaim/config/functions/config_glite_lb.in
+++ b/org.glite.lb.yaim/config/functions/config_glite_lb.in
@@ -113,6 +113,7 @@ EOF
                eval value=\"$`echo GLITE_LB_AUTHZ_$section`\"
                case "$section" in
                ADMIN_ACCESS) value="$value,$superusers" ;;
+               GET_STATISTICS) value="$value,$wms" ;;
                READ_ALL) value="$value,$wms,$rtm" ;;
                PURGE) value="$value,$wms" ;;
                LOG_WMS_EVENTS) value="$value,$wms" ;;