From ac8cc7c6fb24913ab00b7bc8f0f5ab0f5dbf9955 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Ale=C5=A1=20K=C5=99enek?= <ljocha@ics.muni.cz>
Date: Thu, 9 Apr 2009 13:59:28 +0000
Subject: [PATCH] superuser authz for notifications

---
 org.glite.lb.server/src/bkindex.c     | 5 +++++
 org.glite.lb.server/src/bkserverd.c   | 4 ++--
 org.glite.lb.server/src/notif_match.c | 2 +-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/org.glite.lb.server/src/bkindex.c b/org.glite.lb.server/src/bkindex.c
index 741bf2f..434ed0c 100644
--- a/org.glite.lb.server/src/bkindex.c
+++ b/org.glite.lb.server/src/bkindex.c
@@ -392,3 +392,8 @@ edg_wll_ErrorCode edg_wll_RefreshIColumns(edg_wll_Context ctx, void *job_index_c
 	return edg_wll_Error(ctx, NULL, NULL);
 }
 
+int amIroot(const char *subj, char **fqans)
+{
+	/* XXX: fake implementation, should not be called from bkindex at all */
+	abort();
+}
diff --git a/org.glite.lb.server/src/bkserverd.c b/org.glite.lb.server/src/bkserverd.c
index c6b3667..a0d0be9 100644
--- a/org.glite.lb.server/src/bkserverd.c
+++ b/org.glite.lb.server/src/bkserverd.c
@@ -246,7 +246,7 @@ static int decrement_timeout(struct timeval *, struct timeval, struct timeval);
 static int add_root(char *);
 static int read_roots(const char *);
 static int asyn_gethostbyaddr(char **, const char *, int, int, struct timeval *);
-static int amIroot(const char *, char **);
+int amIroot(const char *, char **);
 static int parse_limits(char *, int *, int *, int *);
 static int check_mkdir(const char *);
 
@@ -1448,7 +1448,7 @@ static int read_roots(const char *file)
 	return 0;
 }
 
-static int amIroot(const char *subj, char **fqans)
+int amIroot(const char *subj, char **fqans)
 {
 	int	i;
 	char	**f;
diff --git a/org.glite.lb.server/src/notif_match.c b/org.glite.lb.server/src/notif_match.c
index 3dd6915..0eba450 100644
--- a/org.glite.lb.server/src/notif_match.c
+++ b/org.glite.lb.server/src/notif_match.c
@@ -160,7 +160,7 @@ static int notif_check_acl(edg_wll_Context ctx,const edg_wll_JobStat *stat,const
 	int		ret;
 
 	edg_wll_ResetError(ctx);
-	if (ctx->noAuth || strcmp(stat->owner,recip) == 0) return 1;
+	if (strcmp(stat->owner,recip) == 0 || amIroot(recip,NULL)) return 1;
 
 	if (stat->acl == NULL) return 0;
 
-- 
1.8.2.3