DVR config: allow admin access (without DVR permissins) to the DVR config entries

2014-11-20 20:21:44 +01:00 · 2014-11-20 20:21:44 +01:00 · a6420f9713
commit a6420f9713
parent d0a6684f40
4 changed files with 12 additions and 5 deletions
--- a/src/access.c
+++ b/src/access.c
@ -331,7 +331,9 @@ access_verify(const char *username, const char *password,
      bits = 0;
  }

-  return (mask & bits) == mask ? 0 : -1;
+  return (mask & ACCESS_OR) ?
+         ((mask & bits) ? 0 : -1) :
+         ((mask & bits) == mask ? 0 : -1);
 }

 /*
--- a/src/access.h
+++ b/src/access.h
@ -116,6 +116,7 @@ typedef struct access_ticket {
 #define ACCESS_WEB_INTERFACE      (1<<2)
 #define ACCESS_RECORDER           (1<<3)
 #define ACCESS_ADMIN              (1<<4)
+#define ACCESS_OR                 (1<<30)

 #define ACCESS_FULL \
  (ACCESS_STREAMING | ACCESS_ADVANCED_STREAMING | \
@ -153,7 +154,9 @@ int access_verify(const char *username, const char *password,
 		  struct sockaddr *src, uint32_t mask);

 static inline int access_verify2(access_t *a, uint32_t mask)
-  { return (a->aa_rights & mask) == mask ? 0 : -1; }
+  { return (mask & ACCESS_OR) ?
+      ((a->aa_rights & mask) ? 0 : -1) :
+      ((a->aa_rights & mask) == mask ? 0 : -1); }

 int access_verify_list(htsmsg_t *list, const char *item);

--- a/src/api/api_dvr.c
+++ b/src/api/api_dvr.c
@ -351,8 +351,10 @@ api_dvr_timerec_create
 void api_dvr_init ( void )
 {
  static api_hook_t ah[] = {
-    { "dvr/config/class",          ACCESS_RECORDER, api_idnode_class, (void*)&dvr_config_class },
-    { "dvr/config/grid",           ACCESS_RECORDER, api_idnode_grid, api_dvr_config_grid },
+    { "dvr/config/class",          ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER,
+                                     api_idnode_class, (void*)&dvr_config_class },
+    { "dvr/config/grid",           ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER,
+                                     api_idnode_grid, api_dvr_config_grid },
    { "dvr/config/create",         ACCESS_ADMIN, api_dvr_config_create, NULL },

    { "dvr/entry/class",           ACCESS_RECORDER, api_idnode_class, (void*)&dvr_entry_class },
--- a/src/dvr/dvr_config.c
+++ b/src/dvr/dvr_config.c
@ -316,7 +316,7 @@ dvr_config_class_perm(idnode_t *self, access_t *a, htsmsg_t *msg_to_write)
  htsmsg_field_t *f;
  const char *uuid, *my_uuid;

-  if (access_verify2(a, ACCESS_RECORDER))
+  if (access_verify2(a, ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER))
    return -1;
  if (!access_verify2(a, ACCESS_ADMIN))
    return 0;