From: Daniel Kouřil <kouril@ics.muni.cz>
Date: Fri, 12 Mar 2010 14:17:13 +0000 (+0000)
Subject: Added authorization policy description and basic routines
X-Git-Tag: merge_20_2_dst~16
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=a721164fda88d9785d71952a1d098286fabb01d7;p=jra1mw.git

Added authorization policy description and basic routines
---

diff --git a/org.glite.lb.common/interface/authz.h b/org.glite.lb.common/interface/authz.h
index 6c67fa3..d90f37c 100644
--- a/org.glite.lb.common/interface/authz.h
+++ b/org.glite.lb.common/interface/authz.h
@@ -3,6 +3,8 @@
 
 #ident "$Header$"
 
+#include "context.h"
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -17,6 +19,26 @@ typedef struct _edg_wll_VomsGroups {
 	edg_wll_VomsGroup *val;
 } edg_wll_VomsGroups;
 
+typedef struct _edg_wll_authz_rule {
+	int action;
+	int attr_id;
+	char *attr_value;
+} _edg_wll_authz_rule;
+
+typedef struct _edg_wll_authz_policy {
+	struct _edg_wll_authz_rule *rules;
+	int num;
+} _edg_wll_authz_policy;
+
+typedef struct _edg_wll_authz_policy *edg_wll_authz_policy;
+
+int
+edg_wll_add_authz_rule(edg_wll_Context ctx,
+		       edg_wll_authz_policy policy,
+		       int action,
+		       int attr_id,
+		       char *attr_value);
+
 #ifdef __cplusplus 
 }
 #endif
diff --git a/org.glite.lb.common/interface/context-int.h b/org.glite.lb.common/interface/context-int.h
index 79852a9..54da37b 100644
--- a/org.glite.lb.common/interface/context-int.h
+++ b/org.glite.lb.common/interface/context-int.h
@@ -158,6 +158,7 @@ glite_lb_padded_struct(_edg_wll_Context,150,
 	char		**super_users;
 
 	time_t          rssTime;
+	_edg_wll_authz_policy	authz_policy;
 )
 
 /* to be used internally: set, update and and clear the error information in 
diff --git a/org.glite.lb.common/src/context.c b/org.glite.lb.common/src/context.c
index 32d56a9..d24a05a 100644
--- a/org.glite.lb.common/src/context.c
+++ b/org.glite.lb.common/src/context.c
@@ -145,6 +145,10 @@ void edg_wll_FreeContext(edg_wll_Context ctx)
 		free(ctx->fqans);
 		ctx->fqans = NULL;
 	}
+	if (ctx->authz_policy.num) {
+		for (i = 0; i < ctx->authz_policy.num; i++)
+			free((ctx->authz_policy.rules[i]).attr_value);
+	}
 	
 	if (ctx->jpreg_dir) free(ctx->jpreg_dir);
 	if (ctx->serverIdentity) free(ctx->serverIdentity);
@@ -567,3 +571,26 @@ int edg_wll_SetErrorGss(edg_wll_Context ctx, const char *desc, edg_wll_GssStatus
    free(err_msg);
    return ctx->errCode;
 }
+
+int
+edg_wll_add_authz_rule(edg_wll_Context ctx,
+		       edg_wll_authz_policy policy,
+		       int action,
+		       int attr_id,
+		       char *attr_value)
+{
+    struct _edg_wll_authz_rule *tmp = policy->rules;
+
+    tmp = realloc(tmp, (policy->num + 1) * sizeof(*tmp));
+    if (tmp == NULL)
+        return edg_wll_SetError(ctx, ENOMEM, NULL);;
+
+    tmp->action = action;
+    tmp->attr_id = attr_id;
+    tmp->attr_value = strdup(attr_value);
+
+    policy->rules = tmp;
+    policy->num++;
+    return 0;
+}
+