XRootD
XrdAccTest.cc File Reference
#include <unistd.h>
#include <cctype>
#include <cerrno>
#include <cstdlib>
#include <strings.h>
#include <cstdio>
#include <grp.h>
#include <arpa/inet.h>
#include <sys/param.h>
#include <sys/socket.h>
#include "XrdVersion.hh"
#include "XrdAcc/XrdAccAuthorize.hh"
#include "XrdAcc/XrdAccConfig.hh"
#include "XrdAcc/XrdAccGroups.hh"
#include "XrdAcc/XrdAccPrivs.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysHeaders.hh"
#include "XrdSys/XrdSysLogger.hh"
#include "XrdNet/XrdNetAddr.hh"
#include "XrdOuc/XrdOucEnv.hh"
#include "XrdOuc/XrdOucStream.hh"
+ Include dependency graph for XrdAccTest.cc:

Go to the source code of this file.

Classes

struct  optab_t
 

Functions

Access_Operation cmd2op (char *opname)
 
int DoIt (int argpnt, int argc, char **argv, bool singleshot)
 
int main (int argc, char **argv)
 
char * PrivsConvert (XrdAccPrivCaps &ctab, char *buff, int blen)
 
void SetID (char *&dest, char *val)
 
void Usage (const char *msg)
 
void ZapEntity ()
 

Variables

XrdAccAuthorizeAuthorize
 
int extra
 
XrdSysLogger myLogger
 
int opcnt = sizeof(optab)/sizeof(optab[0])
 
optab_t optab []
 

Class Documentation

◆ optab_t

struct optab_t

Definition at line 81 of file XrdAccTest.cc.

+ Collaboration diagram for optab_t:
Class Members
Access_Operation oper
const char * opname

Function Documentation

◆ cmd2op()

Access_Operation cmd2op ( char *  opname)

Definition at line 353 of file XrdAccTest.cc.

354 {
355  int i;
356  for (i = 0; i < opcnt; i++)
357  if (!strcmp(opname, optab[i].opname)) return optab[i].oper;
358  std::cerr << "testaccess: Invalid operation - " <<opname <<std::endl;
359  return AOP_Any;
360 }
@ AOP_Any
Special for getting privs.
Access_Operation oper
Definition: XrdAccTest.cc:81
optab_t optab[]
Definition: XrdAccTest.cc:82
int opcnt
Definition: XrdAccTest.cc:99

References AOP_Any, opcnt, optab_t::oper, and optab.

Referenced by DoIt().

+ Here is the caller graph for this function:

◆ DoIt()

int DoIt ( int  argpnt,
int  argc,
char **  argv,
bool  singleshot 
)

Definition at line 262 of file XrdAccTest.cc.

263 {
264 char *opc, *opv, *path, *result, buff[80];
265 Access_Operation cmd2op(char *opname);
266 void Usage(const char *);
267 Access_Operation optype;
268 XrdAccPrivCaps pargs;
269 XrdAccPrivs auth;
270 
271 // Get options (this may be interactive mode)
272 //
273  while(argpnt < argc && *argv[argpnt] == '-')
274  {opc = argv[argpnt++];
275  if (argpnt >= argc)
276  {sprintf(buff, "%s option value not specified.", opc);
277  Usage(buff);
278  }
279  opv = argv[argpnt++];
280  if (strlen(opc) != 2)
281  {sprintf(buff, "%s option is invalid.", opc);
282  Usage(buff);
283  }
284  switch(*(opc+1))
285  {case 'a': {size_t size = sizeof(Entity.prot)-1;
286  strncpy(Entity.prot, opv, size);
287  Entity.prot[size] = '\0';
288  }
289  v2 = true; break;
290  case 'e': Entity.ueid = atoi(opv); v2 = true; break;
291  case 'g': SetID(Entity.grps, opv); v2 = true; break;
292  case 'h': SetID(Entity.host, opv); v2 = true; break;
293  case 'o': SetID(Entity.vorg, opv); v2 = true; break;
294  case 'r': SetID(Entity.role, opv); v2 = true; break;
295  case 'u': SetID(Entity.name, opv); v2 = true; break;
296  default: sprintf(buff, "%s option is invalid.", opc);
297  Usage(buff);
298  break;
299  }
300  }
301 
302 // Make sure user and host specified if v1 version being used
303 //
304  if (!v2)
305  {if (argpnt >= argc) Usage("user not specified.");
306  Entity.name = argv[argpnt++];
307  if (argpnt >= argc) Usage("host not specified.");
308  Entity.host = argv[argpnt++];
309  }
310 
311 // Make sure op specified unless we are v2
312 //
313  if (argpnt >= argc)
314  {if (v2) return 0;
315  else Usage("operation not specified.");
316  }
317  if (!strcmp(argv[argpnt], "*"))
318  {ZapEntity();
319  return 0;
320  }
321  optype = cmd2op(argv[argpnt++]);
322 
323 // Make sure path specified
324 //
325  if (argpnt >= argc) Usage("path not specified.");
326 
327 // Set host, ignore errors
328 //
329  if (Entity.host) netAddr.Set(Entity.host, 0);
330 
331 // Process each path, as needed
332 //
333  while(argpnt < argc)
334  {path = argv[argpnt++];
335  auth = Authorize->Access((const XrdSecEntity *)&Entity,
336  (const char *)path,
337  optype);
338  if (optype != AOP_Any) result=(auth?(char *)"allowed":(char *)"denied");
339  else {pargs.pprivs = auth; pargs.nprivs = XrdAccPriv_None;
340  result = PrivsConvert(pargs, buff, sizeof(buff));
341  }
342  std::cout <<result <<": " <<path <<std::endl;
343  if (singleshot) return !auth;
344  }
345 
346 return 0;
347 }
Access_Operation
The following are supported operations.
XrdAccPrivs
Definition: XrdAccPrivs.hh:39
@ XrdAccPriv_None
Definition: XrdAccPrivs.hh:53
Access_Operation cmd2op(char *opname)
Definition: XrdAccTest.cc:353
void ZapEntity()
Definition: XrdAccTest.cc:133
void Usage(const char *msg)
Definition: XrdAccTest.cc:105
char * PrivsConvert(XrdAccPrivCaps &ctab, char *buff, int blen)
Definition: XrdAccTest.cc:366
void SetID(char *&dest, char *val)
Definition: XrdAccTest.cc:123
XrdAccAuthorize * Authorize
Definition: XrdAccTest.cc:61
virtual XrdAccPrivs Access(const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env=0)=0
XrdAccPrivs nprivs
Definition: XrdAccPrivs.hh:78
XrdAccPrivs pprivs
Definition: XrdAccPrivs.hh:77

References XrdAccAuthorize::Access(), AOP_Any, Authorize, cmd2op(), XrdAccPrivCaps::nprivs, XrdAccPrivCaps::pprivs, PrivsConvert(), SetID(), Usage(), XrdAccPriv_None, and ZapEntity().

Referenced by XrdPfc::IO::Detach(), main(), and XrdPfc::ResourceMonitor::perform_purge_check().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ main()

int main ( int  argc,
char **  argv 
)

Definition at line 152 of file XrdAccTest.cc.

153 {
154 static XrdVERSIONINFODEF(myVer, XrdAccTest, XrdVNUMBER, XrdVERSION);
155 extern int optind;
156 extern char *optarg;
158  const char *cfn,
159  const char *parm,
160  XrdVersionInfo &myVer);
161 int DoIt(int argpnt, int argc, char **argv, bool singleshot);
162 
163 const char *cfHost = "localhost", *cfProg = "xrootd";
164 char *p2l(XrdAccPrivs priv, char *buff, int blen);
165 char *argval[32], buff[255], tident[80], c;
166 int DoIt(int argnum, int argc, char **argv, int singleshot);
167 XrdOucStream Command;
168 const int maxargs = sizeof(argval)/sizeof(argval[0]);
169 char *at, *lp, *ConfigFN = (char *)"./acc.cf";
170 int argnum, rc = 0;
171 bool singleshot=false;
172 
173 // Print help if no args
174 //
175  if (argc == 1) Usage(0);
176  Entity.addrInfo = &netAddr;
177  sprintf(tident, "acctest.%d:0@localhost", getpid());
178  Entity.tident = tident;
179 
180 // Get all of the options.
181 //
182  while ((c=getopt(argc,argv,"a:c:de:g:h:o:r:u:s")) != (char)EOF)
183  { switch(c)
184  {
185  case 'a':
186  {size_t size = sizeof(Entity.prot)-1;
187  strncpy(Entity.prot, optarg, size);
188  Entity.prot[size] = '\0';
189  }
190  v2 = true; break;
191  case 'd': break;
192  case 'e': Entity.ueid = atoi(optarg); v2 = true; break;
193  case 'g': SetID(Entity.grps, optarg); v2 = true; break;
194  case 'h': SetID(Entity.host, optarg); v2 = true; break;
195  case 'o': SetID(Entity.vorg, optarg); v2 = true; break;
196  case 'r': SetID(Entity.role, optarg); v2 = true; break;
197  case 'u': SetID(Entity.name, optarg); v2 = true; break;
198  case 'c': ConfigFN = optarg; break;
199  case 's': singleshot = true; break;
200  default: sprintf(buff, "-%c option is invalid.", c);
201  Usage(buff);
202  }
203  }
204 
205 // Establish environment
206 //
207  if ((at = index(ConfigFN, '@')))
208  {*at++ = 0; if (*at) cfHost = at;}
209  sprintf(buff, "%s anon@%s", cfProg, cfHost);
210  XrdOucEnv::Export("XRDINSTANCE", buff);
211 
212 // Obtain the authorization object
213 //
214 if (!(Authorize = XrdAccDefaultAuthorizeObject(&myLogger, ConfigFN, 0, myVer)))
215  {std::cerr << "testaccess: Initialization failed." <<std::endl;
216  exit(2);
217  }
218 
219 // If command line options specified, process this
220 //
221  if (optind < argc) {rc = DoIt(optind, argc, argv, singleshot); exit(rc);}
222 
223 // Start accepting command from standard in until eof
224 //
225  bool dequote;
226  Command.Attach(0);
227  std::cerr << "Enter arguments: ";
228  while((lp = Command.GetLine()) && *lp)
229  {dequote = false;
230  char *xp = lp;
231  while(*xp)
232  {if (*xp == '\'')
233  {*xp++ = ' ';
234  dequote = true;
235  while(*xp)
236  {if (*xp == ' ') *xp = '\t';
237  else if (*xp == '\'') {*xp++ = ' '; break;}
238  xp++;
239  }
240  } else xp++;
241  }
242 
243  for (argnum=1;
244  argnum < maxargs && (argval[argnum]=Command.GetToken());
245  argnum++) {}
246  if (dequote)
247  {for (int i = 1; i < argnum; i++)
248  {char *ap = argval[i];
249  while(*ap) {if (*ap == '\t') *ap = ' '; ap++;}
250  }
251  }
252  Entity.ueid++;
253  rc |= DoIt(1, argnum, argval, singleshot=0);
254  std::cerr << "Enter arguments: ";
255  }
256 
257 // All done
258 //
259  exit(rc);
260 }
XrdAccAuthorize * XrdAccDefaultAuthorizeObject(XrdSysLogger *lp, const char *cfn, const char *parm, XrdVersionInfo &urVer)
Definition: XrdAccAccess.cc:64
int DoIt(int argpnt, int argc, char **argv, bool singleshot)
Definition: XrdAccTest.cc:262
XrdSysLogger myLogger
Definition: XrdAccTest.cc:65
#define tident
int optind
static int Export(const char *Var, const char *Val)
Definition: XrdOucEnv.cc:188
char * GetLine()
int Attach(int FileDescriptor, int bsz=2047)
char * GetToken(int lowcase=0)
XrdVERSIONINFODEF(myVersion, cmsclient, XrdVNUMBER, XrdVERSION)

References XrdOucStream::Attach(), Authorize, DoIt(), XrdOucEnv::Export(), XrdOucStream::GetLine(), XrdOucStream::GetToken(), myLogger, optind, SetID(), tident, Usage(), XrdAccDefaultAuthorizeObject(), and XrdCms::XrdVERSIONINFODEF().

+ Here is the call graph for this function:

◆ PrivsConvert()

char * PrivsConvert ( XrdAccPrivCaps ctab,
char *  buff,
int  blen 
)

Definition at line 366 of file XrdAccTest.cc.

367 {
368  int i=0, j, k=2, bmax = blen-1;
369  XrdAccPrivs privs;
370  static struct {XrdAccPrivs pcode; char plet;} p2l[] =
371  {{XrdAccPriv_Delete, 'd'},
372  {XrdAccPriv_Insert, 'i'},
373  {XrdAccPriv_Lock, 'k'},
374  {XrdAccPriv_Lookup, 'l'},
375  {XrdAccPriv_Rename, 'n'},
376  {XrdAccPriv_Read, 'r'},
377  {XrdAccPriv_Write, 'w'}
378  };
379  static int p2lnum = sizeof(p2l)/sizeof(p2l[0]);
380 
381  privs = ctab.pprivs;
382  while(k--)
383  {for (j = 0; j < p2lnum && i < bmax; j++)
384  if (privs & p2l[j].pcode) buff[i++] = p2l[j].plet;
385  if (i < bmax && ctab.nprivs != XrdAccPriv_None) buff[i++] = '-';
386  else break;
387  privs = ctab.nprivs;
388  }
389  buff[i] = '\0';
390  return buff;
391 }
@ XrdAccPriv_Insert
Definition: XrdAccPrivs.hh:44
@ XrdAccPriv_Lookup
Definition: XrdAccPrivs.hh:47
@ XrdAccPriv_Rename
Definition: XrdAccPrivs.hh:48
@ XrdAccPriv_Read
Definition: XrdAccPrivs.hh:49
@ XrdAccPriv_Lock
Definition: XrdAccPrivs.hh:45
@ XrdAccPriv_Write
Definition: XrdAccPrivs.hh:51
@ XrdAccPriv_Delete
Definition: XrdAccPrivs.hh:43

References XrdAccPrivCaps::nprivs, XrdAccPrivCaps::pprivs, XrdAccPriv_Delete, XrdAccPriv_Insert, XrdAccPriv_Lock, XrdAccPriv_Lookup, XrdAccPriv_None, XrdAccPriv_Read, XrdAccPriv_Rename, and XrdAccPriv_Write.

Referenced by DoIt().

+ Here is the caller graph for this function:

◆ SetID()

void SetID ( char *&  dest,
char *  val 
)

Definition at line 123 of file XrdAccTest.cc.

124 {
125  if (dest) free(dest);
126  dest = (strcmp(val, "none") ? strdup(val) : 0);
127 }

Referenced by DoIt(), and main().

+ Here is the caller graph for this function:

◆ Usage()

void Usage ( const char *  msg)

Definition at line 105 of file XrdAccTest.cc.

106 {
107  if (msg) std::cerr <<"xrdacctest: " <<msg <<std::endl;
108  std::cerr <<"Usage: xrdacctest [-c <cfn>] [<ids> | <user> <host>] <act>\n\n";
109  std::cerr <<"<ids>: -a <auth> -g <grp> -h <host> -o <org> -r <role> -u <user>\n";
110  std::cerr <<"<act>: <opc> <path> [<path> [...]]\n";
111  std::cerr <<"<opc>: cr - create mv - rename st - status lk - lock\n";
112  std::cerr <<" rd - read wr - write ls - readdir rm - remove\n";
113  std::cerr <<" ec - excl create ei - excl rename\n";
114  std::cerr <<" * - zap args ? - display privs\n";
115  std::cerr << std::flush;
116  exit(msg ? 1 : 0);
117 }

Referenced by XrdOssCache::Adjust(), XrdConfig::Configure(), XrdCmsConfig::Configure1(), DoIt(), XrdOssCache::Init(), main(), XrdCmsCluster::MonPerf(), and XrdOssCache::Scan().

+ Here is the caller graph for this function:

◆ ZapEntity()

void ZapEntity ( )

Definition at line 133 of file XrdAccTest.cc.

134 {
135  strncpy(Entity.prot, "host", sizeof(Entity.prot));
136  if (Entity.grps) free(Entity.grps);
137  Entity.grps = 0;
138  if (Entity.host) free(Entity.host);
139  Entity.host = 0;
140  if (Entity.vorg) free(Entity.vorg);
141  Entity.vorg = 0;
142  if (Entity.role) free(Entity.role);
143  Entity.role = 0;
144  if (Entity.name) free(Entity.name);
145  Entity.name = 0;
146 }

Referenced by DoIt().

+ Here is the caller graph for this function:

Variable Documentation

◆ Authorize

XrdAccAuthorize* Authorize

Definition at line 61 of file XrdAccTest.cc.

Referenced by DoIt(), main(), and XrdPssSys::P2DST().

◆ extra

int extra

Definition at line 63 of file XrdAccTest.cc.

Referenced by XrdZip::Extra::Extra().

◆ myLogger

XrdSysError eroute & myLogger

Definition at line 65 of file XrdAccTest.cc.

Referenced by main().

◆ opcnt

int opcnt = sizeof(optab)/sizeof(optab[0])

Definition at line 99 of file XrdAccTest.cc.

Referenced by cmd2op().

◆ optab

optab_t optab[]
Initial value:
=
{{"?", AOP_Any},
{"cm", AOP_Chmod},
{"co", AOP_Chown},
{"cr", AOP_Create},
{"ec", AOP_Excl_Create},
{"rm", AOP_Delete},
{"lk", AOP_Lock},
{"mk", AOP_Mkdir},
{"mv", AOP_Rename},
{"ei", AOP_Excl_Insert},
{"rd", AOP_Read},
{"ls", AOP_Readdir},
{"st", AOP_Stat},
{"wr", AOP_Update}
}
@ AOP_Delete
rm() or rmdir()
@ AOP_Mkdir
mkdir()
@ AOP_Update
open() r/w or append
@ AOP_Create
open() with create
@ AOP_Readdir
opendir()
@ AOP_Chmod
chmod()
@ AOP_Stat
exists(), stat()
@ AOP_Rename
mv() for source
@ AOP_Read
open() r/o, prepare()
@ AOP_Excl_Create
open() with O_EXCL|O_CREAT
@ AOP_Lock
n/a
@ AOP_Chown
chown()
@ AOP_Excl_Insert
mv() where destination doesn't exist.

Definition at line 82 of file XrdAccTest.cc.

Referenced by cmd2op().