From a6420f9713668130ce4d52af4c594cccd649f3cb Mon Sep 17 00:00:00 2001
From: Jaroslav Kysela <perex@perex.cz>
Date: Thu, 20 Nov 2014 20:21:44 +0100
Subject: [PATCH] DVR config: allow admin access (without DVR permissins) to
 the DVR config entries

---
 src/access.c         | 4 +++-
 src/access.h         | 5 ++++-
 src/api/api_dvr.c    | 6 ++++--
 src/dvr/dvr_config.c | 2 +-
 4 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/src/access.c b/src/access.c
index f4e2c005..45fd6af2 100644
--- a/src/access.c
+++ b/src/access.c
@@ -331,7 +331,9 @@ access_verify(const char *username, const char *password,
       bits = 0;
   }
 
-  return (mask & bits) == mask ? 0 : -1;
+  return (mask & ACCESS_OR) ?
+         ((mask & bits) ? 0 : -1) :
+         ((mask & bits) == mask ? 0 : -1);
 }
 
 /*
diff --git a/src/access.h b/src/access.h
index 4e495e02..536bf5c0 100644
--- a/src/access.h
+++ b/src/access.h
@@ -116,6 +116,7 @@ typedef struct access_ticket {
 #define ACCESS_WEB_INTERFACE      (1<<2)
 #define ACCESS_RECORDER           (1<<3)
 #define ACCESS_ADMIN              (1<<4)
+#define ACCESS_OR                 (1<<30)
 
 #define ACCESS_FULL \
   (ACCESS_STREAMING | ACCESS_ADVANCED_STREAMING | \
@@ -153,7 +154,9 @@ int access_verify(const char *username, const char *password,
 		  struct sockaddr *src, uint32_t mask);
 
 static inline int access_verify2(access_t *a, uint32_t mask)
-  { return (a->aa_rights & mask) == mask ? 0 : -1; }
+  { return (mask & ACCESS_OR) ?
+      ((a->aa_rights & mask) ? 0 : -1) :
+      ((a->aa_rights & mask) == mask ? 0 : -1); }
 
 int access_verify_list(htsmsg_t *list, const char *item);
 
diff --git a/src/api/api_dvr.c b/src/api/api_dvr.c
index 716e4ea9..257bbd20 100644
--- a/src/api/api_dvr.c
+++ b/src/api/api_dvr.c
@@ -351,8 +351,10 @@ api_dvr_timerec_create
 void api_dvr_init ( void )
 {
   static api_hook_t ah[] = {
-    { "dvr/config/class",          ACCESS_RECORDER, api_idnode_class, (void*)&dvr_config_class },
-    { "dvr/config/grid",           ACCESS_RECORDER, api_idnode_grid, api_dvr_config_grid },
+    { "dvr/config/class",          ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER,
+                                     api_idnode_class, (void*)&dvr_config_class },
+    { "dvr/config/grid",           ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER,
+                                     api_idnode_grid, api_dvr_config_grid },
     { "dvr/config/create",         ACCESS_ADMIN, api_dvr_config_create, NULL },
 
     { "dvr/entry/class",           ACCESS_RECORDER, api_idnode_class, (void*)&dvr_entry_class },
diff --git a/src/dvr/dvr_config.c b/src/dvr/dvr_config.c
index 5923ab18..d1d2ccf3 100644
--- a/src/dvr/dvr_config.c
+++ b/src/dvr/dvr_config.c
@@ -316,7 +316,7 @@ dvr_config_class_perm(idnode_t *self, access_t *a, htsmsg_t *msg_to_write)
   htsmsg_field_t *f;
   const char *uuid, *my_uuid;
 
-  if (access_verify2(a, ACCESS_RECORDER))
+  if (access_verify2(a, ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER))
     return -1;
   if (!access_verify2(a, ACCESS_ADMIN))
     return 0;