@@ -40,12 +40,12 @@
list : list areas $USER's can access
log : get listing of recent activity.
sauth list-area-user : list the users that can access the area.
sauth open --group : Open up an area. User needs to be the owner of the area to open it.
--code
- --retrieve|--publish
- sauth open --retrieve|--publish : update the binaries with the lates changes
+ --retrieve|--publish [--additional-grps ]
+ sauth update --retrieve|--publish : update the binaries with the lates changes
sauth grant --area : Grant permission to read or write to a area that is alrady opend up.
--expiration yyyy/mm/dd --retrieve|--publish
[--restrict ]
sauth read-shell : Open sretrieve shell for reading.
sauth write-shell : Open spublish shell for writing.
@@ -86,10 +86,11 @@
"CREATE TABLE IF NOT EXISTS areas
(id INTEGER PRIMARY KEY,
basepath TEXT NOT NULL,
code TEXT NOT NULL,
exe_name TEXT NOT NULL,
+ required_grps TEXT DEFAULT '' NOT NULL,
datetime TIMESTAMP DEFAULT (datetime('now','localtime'))
);"
"CREATE TABLE IF NOT EXISTS permissions
(id INTEGER PRIMARY KEY,
access_type TEXT NOT NULL,
@@ -209,14 +210,14 @@
(loop (read-line inp)))))
ret-val))
;check if a paths/codes are vaid and if area is alrady open
-(define (open-area group path code access-type)
+(define (open-area group path code access-type other-grps)
(let* ((exe-name (get-exe-name path group))
(path-obj (get-obj-by-path path))
- (code-obj (get-obj-by-code code)))
+ (code-obj (get-obj-by-code-no-grp-validation code)))
;(print path-obj)
(cond
((not (null? path-obj))
(if (equal? code (car path-obj))
(begin
@@ -244,12 +245,12 @@
(else
; (print (exe-exist exe-name access-type))
(if (not (exe-exist exe-name access-type))
(copy-exe access-type exe-name group))
(sauthorize:db-do (lambda (db)
- ;(print (conc "insert into areas (code, basepath, exe_name) values ('" code "', '" path "', '" exe-name "') "))
- (sauthorize:db-qry db (conc "insert into areas (code, basepath, exe_name) values ('" code "', '" path "', '" exe-name "') "))))))))
+ (print conc "insert into areas (code, basepath, exe_name, required_grps) values ('" code "', '" path "', '" exe-name "', '" other-grps "') ")
+ (sauthorize:db-qry db (conc "insert into areas (code, basepath, exe_name, required_grps) values ('" code "', '" path "', '" exe-name "', '" other-grps "') "))))))))
(define (user-has-open-perm user path access)
(let* ((has-access #f)
(eid (current-user-id)))
(cond
@@ -273,11 +274,11 @@
#f)
(else
(loop (car tal)(cdr tal))))))
;create executables with appropriate suids
-(define (sauthorize:open user path group code access-type)
+(define (sauthorize:open user path group code access-type other-groups)
(let* ((gpid (group-information group))
(req_grpid (if (equal? group "none")
group
(if (equal? gpid #f)
#f
@@ -295,11 +296,11 @@
(print "You can open areas owned by yourself. You do not have permissions to open path." path)
(exit 1)))
(if (user-has-open-perm user path access-type)
(begin
;(print "here")
- (open-area group path code access-type)
+ (open-area group path code access-type other-groups)
(sauthorize:grant user user code "2017/12/25" "read-admin" "")
(sauthorize:db-do (lambda (db)
(sauthorize:db-qry db (conc "INSERT INTO actions (cmd,user_id,area_id,action_type ) VALUES ('sauthorize open " path " --code " code " --group " group " --" access-type "'," (car (get-user user)) "," (car (get-area code)) ", 'open' )"))))
(print "Area has " path " been opened for " access-type ))))
@@ -452,13 +453,15 @@
(code-obj (get-obj-by-code area)))
(if (or (null? code-obj)
(not (exe-exist (cadr code-obj) "publish")))
(begin
(print "Area " area " is not open for writing!!")
- (exit 1)))
+ (exit 1)))
+ ;(print "hear")
(sauthorize:do-as-calling-user
(lambda ()
+ ; (print *exe-path* "/publish/" (cadr code-obj) action area cmd-args )
(run-cmd (conc *exe-path* "/publish/" (cadr code-obj) ) (append (list action area ) cmd-args))))))
((retrieve)
(if (< (length args) 2)
(begin
@@ -471,10 +474,11 @@
(if (or (null? code-obj)
(not (exe-exist (cadr code-obj) "retrieve")))
(begin
(print "Area " area " is not open for reading!!")
(exit 1)))
+ (print (conc *exe-path* "/retrieve/" (cadr code-obj) " " action " " area " " (string-join cmd-args)))
(sauthorize:do-as-calling-user
(lambda ()
(run-cmd (conc *exe-path* "/retrieve/" (cadr code-obj) ) (append (list action area ) cmd-args))))))
@@ -482,15 +486,17 @@
((open)
(if (< (length args) 6)
(begin
(print "sauthorize open cmd takes 6 arguments!! \n Useage: sauthorize open --group --code --retrieve|--publish")
(exit 1)))
- (let* ((remargs (args:get-args args '("--group" "--code") '() args:arg-hash 0))
+ (let* ((remargs (args:get-args args '("--group" "--code" "--additional-grps") '() args:arg-hash 0))
(path (car args))
(group (or (args:get-arg "--group") ""))
- (area (or (args:get-arg "--code") ""))
+ (area (or (args:get-arg "--code") ""))
+ (other-grps (or (args:get-arg "--additional-grps") ""))
(access-type (get-access-type remargs)))
+
(cond
((equal? path "")
(print "path not found!! Try \"sauthorize help\" for useage ")
(exit 1))
((equal? area "")
@@ -501,12 +507,12 @@
(exit 1))
((and (not (equal? access-type "publish"))
(not (equal? access-type "retrieve")))
(print "Access type can be eiter --retrieve or --publish !! Try \"sauthorize help\" for useage ")
(exit 1)))
-
- (sauthorize:open username path group area access-type)))
+ ; (print other-grps)
+ (sauthorize:open username path group area access-type other-grps)))
((update)
(if (< (length args) 2)
(begin
(print "sauthorize update cmd takes 2 arguments!! \n Useage: sauthorize update --retrieve|--publish")
(exit 1)))