[Cvs-nserver-commits] CVS: cvs-nserver/src acl.c,1.1.2.14,1.1.2.15

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Update of /cvsroot/cvs-nserver/cvs-nserver/src
In directory usw-pr-cvs1:/tmp/cvs-serv27907

Modified Files:
      Tag: NCLI-1-11-1
	acl.c 
Log Message:
Audit log branch access control


Index: acl.c
===================================================================
RCS file: /cvsroot/cvs-nserver/cvs-nserver/src/Attic/acl.c,v
retrieving revision 1.1.2.14
retrieving revision 1.1.2.15
diff -u -d -r1.1.2.14 -r1.1.2.15

--- acl.c	29 May 2002 05:09:48 -0000	1.1.2.14
+++ acl.c	30 May 2002 20:41:05 -0000	1.1.2.15
@@ -90,21 +90,37 @@
 		      dir_permission perm, char *perm_string)
 {
     DIR_ACL *dir_acl;
+    char* xbranch = "trunk";
+    int retval = 0;
 
     if (!server_active)
 	return 1;
 
-    dir_acl = get_dir_acl(dir, "trunk");
+    dir_acl = get_dir_acl(dir, xbranch);
     if (dir_acl == NULL)
 	error(1, 0, "Error getting directory ACL for %s: %s", dir, strerror(errno));
 
     if (dir_permission_granted(dir_acl, CVS_Username, perm) != perm) {
 	error(0, 0, "%s permission for %s denied for user %s",
 	      perm_string, filename, CVS_Username);
-	return 0;
+	goto out;
     }
 
-    return 1;
+    retval = 1;
+ out:
+    if (audit_log_active()) {
+	if (!start_audit_log_line("authz-dir")) {
+	    error(1, 0, "Out of memory");
+	}
+	append_audit_log_line(perm_string);
+	append_audit_log_line(dir);
+	append_audit_log_line(filename);
+	append_audit_log_line(xbranch);
+	append_audit_log_line(retval ? "granted" : "denied");
+	log_audit_event();
+    }
+
+    return retval;
 }
 
 #endif /* SERVER_SUPPORT */
@@ -225,7 +241,7 @@
     if (!store_branch_acls(dir_acl))
 	error(1, 0, "Error storing branch ACLs: %s", strerror(errno));
 
-    printf("Setting '%s' permissions for '%s' on file %s\n", 
+    error(0, 0, "Setting '%s' permissions for '%s' on file %s\n", 
 	   perm_string, username, relative_name);
 
     return 0;
@@ -258,11 +274,11 @@
 	if (perm == branch_perm_invalid)
 	    error(1, 0, "Invalid default file permissions '%s'", perm_string);
 
-	if (!set_default_file_acl(dir_acl, branch, username, perm))
+	if (set_default_file_acl(dir_acl, branch, username, perm) != perm)
 	    error(1, 0, "Error setting default file permission %s on directory %s",
 		  perm_string, relative_name);
 
-	printf("Setting default file permissions '%s' for '%s' on directory %s\n", 
+	error(0, 0, "Setting default file permissions '%s' for '%s' on directory %s\n", 
 	       perm_string, username, relative_name);
 
     } else {
@@ -275,7 +291,7 @@
 	    error(1, 0, "Error setting %s permissions on directory %s",
 		  perm_string, relative_name);
 
-	printf("Setting '%s' permissions for '%s' on directory %s\n", 
+	error(0, 0, "Setting '%s' permissions for '%s' on directory %s\n", 
 	       perm_string, username, relative_name);
 
     }



